delete /remotes, add /sites and /roles

60da5c51 · Gunnar Schaefer · b8fa3237 · 60da5c51 · 60da5c51 · 60da5c51
Commit 60da5c51 authored 10 years ago by Gunnar Schaefer
--- a/nimsapi.py
+++ b/nimsapi.py
@@ -51,7 +51,8 @@ class NIMSAPI(nimsapiutil.NIMSRequestHandler):
            Resource                                            | Description
            :---------------------------------------------------|:-----------------------
            nimsapi/login                                       | user login
-            [(nimsapi/remotes)]                                 | list of remote instances
+            [(nimsapi/sites)]                                   | local and remote sites
+            [(nimsapi/roles)]                                   | user roles
            nimsapi/upload                                      | upload
            nimsapi/download                                    | download
            [(nimsapi/log)]                                     | log messages
@@ -119,11 +120,17 @@ class NIMSAPI(nimsapiutil.NIMSRequestHandler):
        log.debug(self.uid + ' has logged in')
        return self.app.db.users.find_and_modify({'_id': self.uid}, {'$inc': {'logins': 1}}, fields=['firstname', 'lastname', 'superuser'])

-    def remotes(self):
-        """Return the list of all remote sites."""
+    def sites(self):
+        """Return local and remote sites."""
        if self.request.method == 'OPTIONS':
            return self.options()
-        return [r['_id'] for r in self.app.db.remotes.find()]
+        return dict(local={'_id': app.config['site_id'], 'name': app.config['site_name']}, remotes=list(self.app.db.remotes.find(None, ['name'])))
+
+    def roles(self):
+        """Return the list of user roles."""
+        if self.request.method == 'OPTIONS':
+            return self.options()
+        return nimsapiutil.ROLES

    def upload(self):
        if self.request.method == 'OPTIONS':
@@ -182,7 +189,8 @@ routes = [
    webapp2.Route(r'/nimsapi',                                          NIMSAPI),
    webapp2_extras.routes.PathPrefixRoute(r'/nimsapi', [
        webapp2.Route(r'/login',                                        NIMSAPI, handler_method='login', methods=['OPTIONS', 'GET', 'POST']),
-        webapp2.Route(r'/remotes',                                      NIMSAPI, handler_method='remotes', methods=['OPTIONS', 'GET']),
+        webapp2.Route(r'/sites',                                        NIMSAPI, handler_method='sites', methods=['OPTIONS', 'GET']),
+        webapp2.Route(r'/roles',                                        NIMSAPI, handler_method='roles', methods=['OPTIONS', 'GET']),
        webapp2.Route(r'/upload',                                       NIMSAPI, handler_method='upload', methods=['OPTIONS', 'PUT']),
        webapp2.Route(r'/download',                                     NIMSAPI, handler_method='download', methods=['OPTIONS', 'GET']),
        webapp2.Route(r'/log',                                          NIMSAPI, handler_method='log', methods=['OPTIONS', 'GET']),

--- a/nimsapiutil.py
+++ b/nimsapiutil.py
@@ -14,12 +14,32 @@ import Crypto.Hash.SHA
 import Crypto.PublicKey.RSA
 import Crypto.Signature.PKCS1_v1_5

-INTEGER_ROLES = {
-        'anon-read':  0,
-        'read-only':  1,
-        'read-write': 2,
-        'admin':      3,
-        }
+ROLES = [
+        {
+            'rid': 'anon-read',
+            'name': 'Anonymized',
+            'sort': 0,
+            'public': True,
+            },
+        {
+            'rid': 'read-only',
+            'name': 'Read-Only',
+            'sort': 1,
+            'public': True,
+            },
+        {
+            'rid': 'read-write',
+            'name': 'Read-Write',
+            'sort': 2,
+            },
+        {
+            'rid': 'admin',
+            'name': 'Admin',
+            'sort': 3,
+            },
+        ]
+
+INTEGER_ROLES = {r['rid']: r['sort'] for r in ROLES}


 class NIMSRequestHandler(webapp2.RequestHandler):
@@ -181,6 +201,11 @@ class NIMSRequestHandler(webapp2.RequestHandler):
                self.abort(403, self.uid + ' does not have at least ' + min_role + ' permissions on this Collection')
            if coll['permissions'][0]['role'] != 'admin': # if not admin, mask permissions of other users
                collection['permissions'] = coll['permissions']
+        for i, perm in enumerate(collection['permissions']):
+            if perm['uid'] == '@public':
+                collection['public'] = perm['role']
+                collection['permissions'].pop(i)
+                break
        return collection

    def get_experiment(self, xid, min_role=None):
@@ -195,6 +220,11 @@ class NIMSRequestHandler(webapp2.RequestHandler):
                self.abort(403, self.uid + ' does not have at least ' + min_role + ' permissions on this Experiment')
            if exp['permissions'][0]['role'] != 'admin': # if not admin, mask permissions of other users
                experiment['permissions'] = exp['permissions']
+        for i, perm in enumerate(experiment['permissions']):
+            if perm['uid'] == '@public':
+                experiment['public'] = perm['role']
+                experiment['permissions'].pop(i)
+                break
        return experiment

    def get_session(self, sid, min_role=None):

--- a/users.py
+++ b/users.py
@@ -178,7 +178,7 @@ class Groups(nimsapiutil.NIMSRequestHandler):

    def get(self):
        """Return the list of Groups."""
-        return list(self.app.db.groups.find({}, []))
+        return list(self.app.db.groups.find(None, ['name']))

    def put(self):
        """Update many Groups."""