diff --git a/nimsapi.py b/nimsapi.py
index 1074f79e11d028d6060426ea1b0f3265e8a6e585..ae52f73e162aed2f82bac25ada230bd043a28753 100755
--- a/nimsapi.py
+++ b/nimsapi.py
@@ -51,7 +51,8 @@ class NIMSAPI(nimsapiutil.NIMSRequestHandler):
Resource | Description
:---------------------------------------------------|:-----------------------
nimsapi/login | user login
- [(nimsapi/remotes)] | list of remote instances
+ [(nimsapi/sites)] | local and remote sites
+ [(nimsapi/roles)] | user roles
nimsapi/upload | upload
nimsapi/download | download
[(nimsapi/log)] | log messages
@@ -119,11 +120,17 @@ class NIMSAPI(nimsapiutil.NIMSRequestHandler):
log.debug(self.uid + ' has logged in')
return self.app.db.users.find_and_modify({'_id': self.uid}, {'$inc': {'logins': 1}}, fields=['firstname', 'lastname', 'superuser'])
- def remotes(self):
- """Return the list of all remote sites."""
+ def sites(self):
+ """Return local and remote sites."""
if self.request.method == 'OPTIONS':
return self.options()
- return [r['_id'] for r in self.app.db.remotes.find()]
+ return dict(local={'_id': app.config['site_id'], 'name': app.config['site_name']}, remotes=list(self.app.db.remotes.find(None, ['name'])))
+
+ def roles(self):
+ """Return the list of user roles."""
+ if self.request.method == 'OPTIONS':
+ return self.options()
+ return nimsapiutil.ROLES
def upload(self):
if self.request.method == 'OPTIONS':
@@ -182,7 +189,8 @@ routes = [
webapp2.Route(r'/nimsapi', NIMSAPI),
webapp2_extras.routes.PathPrefixRoute(r'/nimsapi', [
webapp2.Route(r'/login', NIMSAPI, handler_method='login', methods=['OPTIONS', 'GET', 'POST']),
- webapp2.Route(r'/remotes', NIMSAPI, handler_method='remotes', methods=['OPTIONS', 'GET']),
+ webapp2.Route(r'/sites', NIMSAPI, handler_method='sites', methods=['OPTIONS', 'GET']),
+ webapp2.Route(r'/roles', NIMSAPI, handler_method='roles', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/upload', NIMSAPI, handler_method='upload', methods=['OPTIONS', 'PUT']),
webapp2.Route(r'/download', NIMSAPI, handler_method='download', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/log', NIMSAPI, handler_method='log', methods=['OPTIONS', 'GET']),
diff --git a/nimsapiutil.py b/nimsapiutil.py
index 5cb852559f4209f5b72b98b5ae7fdeb06475c8cd..b851121325bfd6d5f4057b22fec5c1fa1c11ba1b 100644
--- a/nimsapiutil.py
+++ b/nimsapiutil.py
@@ -14,12 +14,32 @@ import Crypto.Hash.SHA
import Crypto.PublicKey.RSA
import Crypto.Signature.PKCS1_v1_5
-INTEGER_ROLES = {
- 'anon-read': 0,
- 'read-only': 1,
- 'read-write': 2,
- 'admin': 3,
- }
+ROLES = [
+ {
+ 'rid': 'anon-read',
+ 'name': 'Anonymized',
+ 'sort': 0,
+ 'public': True,
+ },
+ {
+ 'rid': 'read-only',
+ 'name': 'Read-Only',
+ 'sort': 1,
+ 'public': True,
+ },
+ {
+ 'rid': 'read-write',
+ 'name': 'Read-Write',
+ 'sort': 2,
+ },
+ {
+ 'rid': 'admin',
+ 'name': 'Admin',
+ 'sort': 3,
+ },
+ ]
+
+INTEGER_ROLES = {r['rid']: r['sort'] for r in ROLES}
class NIMSRequestHandler(webapp2.RequestHandler):
@@ -181,6 +201,11 @@ class NIMSRequestHandler(webapp2.RequestHandler):
self.abort(403, self.uid + ' does not have at least ' + min_role + ' permissions on this Collection')
if coll['permissions'][0]['role'] != 'admin': # if not admin, mask permissions of other users
collection['permissions'] = coll['permissions']
+ for i, perm in enumerate(collection['permissions']):
+ if perm['uid'] == '@public':
+ collection['public'] = perm['role']
+ collection['permissions'].pop(i)
+ break
return collection
def get_experiment(self, xid, min_role=None):
@@ -195,6 +220,11 @@ class NIMSRequestHandler(webapp2.RequestHandler):
self.abort(403, self.uid + ' does not have at least ' + min_role + ' permissions on this Experiment')
if exp['permissions'][0]['role'] != 'admin': # if not admin, mask permissions of other users
experiment['permissions'] = exp['permissions']
+ for i, perm in enumerate(experiment['permissions']):
+ if perm['uid'] == '@public':
+ experiment['public'] = perm['role']
+ experiment['permissions'].pop(i)
+ break
return experiment
def get_session(self, sid, min_role=None):
diff --git a/users.py b/users.py
index 932bb0ba6620079b92c2ab6f46f81d0dad65f443..a1643a306f2e88dcfd419567636662cd7d03a856 100644
--- a/users.py
+++ b/users.py
@@ -178,7 +178,7 @@ class Groups(nimsapiutil.NIMSRequestHandler):
def get(self):
"""Return the list of Groups."""
- return list(self.app.db.groups.find({}, []))
+ return list(self.app.db.groups.find(None, ['name']))
def put(self):
"""Update many Groups."""