delete /remotes, add /sites and /roles

nimsapi.py

@@ -51,7 +51,8 @@ class NIMSAPI(nimsapiutil.NIMSRequestHandler):
             Resource                                            | Description
             :---------------------------------------------------|:-----------------------
             nimsapi/login                                       | user login
-            [(nimsapi/remotes)]                                 | list of remote instances
+            [(nimsapi/sites)]                                   | local and remote sites
+            [(nimsapi/roles)]                                   | user roles
             nimsapi/upload                                      | upload
             nimsapi/download                                    | download
             [(nimsapi/log)]                                     | log messages
@@ -119,11 +120,17 @@ class NIMSAPI(nimsapiutil.NIMSRequestHandler):
         log.debug(self.uid + ' has logged in')
         return self.app.db.users.find_and_modify({'_id': self.uid}, {'$inc': {'logins': 1}}, fields=['firstname', 'lastname', 'superuser'])
 
-    def remotes(self):
-        """Return the list of all remote sites."""
+    def sites(self):
+        """Return local and remote sites."""
         if self.request.method == 'OPTIONS':
             return self.options()
-        return [r['_id'] for r in self.app.db.remotes.find()]
+        return dict(local={'_id': app.config['site_id'], 'name': app.config['site_name']}, remotes=list(self.app.db.remotes.find(None, ['name'])))
+
+    def roles(self):
+        """Return the list of user roles."""
+        if self.request.method == 'OPTIONS':
+            return self.options()
+        return nimsapiutil.ROLES
 
     def upload(self):
         if self.request.method == 'OPTIONS':
@@ -182,7 +189,8 @@ routes = [
     webapp2.Route(r'/nimsapi',                                          NIMSAPI),
     webapp2_extras.routes.PathPrefixRoute(r'/nimsapi', [
         webapp2.Route(r'/login',                                        NIMSAPI, handler_method='login', methods=['OPTIONS', 'GET', 'POST']),
-        webapp2.Route(r'/remotes',                                      NIMSAPI, handler_method='remotes', methods=['OPTIONS', 'GET']),
+        webapp2.Route(r'/sites',                                        NIMSAPI, handler_method='sites', methods=['OPTIONS', 'GET']),
+        webapp2.Route(r'/roles',                                        NIMSAPI, handler_method='roles', methods=['OPTIONS', 'GET']),
         webapp2.Route(r'/upload',                                       NIMSAPI, handler_method='upload', methods=['OPTIONS', 'PUT']),
         webapp2.Route(r'/download',                                     NIMSAPI, handler_method='download', methods=['OPTIONS', 'GET']),
         webapp2.Route(r'/log',                                          NIMSAPI, handler_method='log', methods=['OPTIONS', 'GET']),

nimsapiutil.py

@@ -14,12 +14,32 @@ import Crypto.Hash.SHA
 import Crypto.PublicKey.RSA
 import Crypto.Signature.PKCS1_v1_5
 
-INTEGER_ROLES = {
-        'anon-read':  0,
-        'read-only':  1,
-        'read-write': 2,
-        'admin':      3,
-        }
+ROLES = [
+        {
+            'rid': 'anon-read',
+            'name': 'Anonymized',
+            'sort': 0,
+            'public': True,
+            },
+        {
+            'rid': 'read-only',
+            'name': 'Read-Only',
+            'sort': 1,
+            'public': True,
+            },
+        {
+            'rid': 'read-write',
+            'name': 'Read-Write',
+            'sort': 2,
+            },
+        {
+            'rid': 'admin',
+            'name': 'Admin',
+            'sort': 3,
+            },
+        ]
+
+INTEGER_ROLES = {r['rid']: r['sort'] for r in ROLES}
 
 
 class NIMSRequestHandler(webapp2.RequestHandler):
@@ -181,6 +201,11 @@ class NIMSRequestHandler(webapp2.RequestHandler):
                 self.abort(403, self.uid + ' does not have at least ' + min_role + ' permissions on this Collection')
             if coll['permissions'][0]['role'] != 'admin': # if not admin, mask permissions of other users
                 collection['permissions'] = coll['permissions']
+        for i, perm in enumerate(collection['permissions']):
+            if perm['uid'] == '@public':
+                collection['public'] = perm['role']
+                collection['permissions'].pop(i)
+                break
         return collection
 
     def get_experiment(self, xid, min_role=None):
@@ -195,6 +220,11 @@ class NIMSRequestHandler(webapp2.RequestHandler):
                 self.abort(403, self.uid + ' does not have at least ' + min_role + ' permissions on this Experiment')
             if exp['permissions'][0]['role'] != 'admin': # if not admin, mask permissions of other users
                 experiment['permissions'] = exp['permissions']
+        for i, perm in enumerate(experiment['permissions']):
+            if perm['uid'] == '@public':
+                experiment['public'] = perm['role']
+                experiment['permissions'].pop(i)
+                break
         return experiment
 
     def get_session(self, sid, min_role=None):

users.py

@@ -178,7 +178,7 @@ class Groups(nimsapiutil.NIMSRequestHandler):
 
     def get(self):
         """Return the list of Groups."""
-        return list(self.app.db.groups.find({}, []))
+        return list(self.app.db.groups.find(None, ['name']))
 
     def put(self):
         """Update many Groups."""