Merge pull request #21 from ScilifelabDataCentre/develop

Merge for release of 0.2.0
ScilifelabDataCentre · Jun 5, 2020 · a500f47 · a500f47
2 parents 0132d27 + fd2d9bb
commit a500f47
Show file tree

Hide file tree

Showing 73 changed files with 1,537 additions and 610 deletions.
diff --git a/.github/workflows/dockerhub-dev.yml b/.github/workflows/dockerhub-dev.yml
@@ -0,0 +1,29 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches:
+      - develop
+
+jobs:
+  build:
+    if: github.repository == 'ScilifelabDataCentre/Data-Tracker'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Publish backend to Docker Hub
+        uses: elgohr/Publish-Docker-Github-Action@master
+        with:
+          name: scilifelabdatacentre/data-tracker-backend
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          dockerfile: k8s/Dockerfile-backend
+          tags: "dev"
+      - name: Publish frontend to Docker Hub
+        uses: elgohr/Publish-Docker-Github-Action@master
+        with:
+          name: scilifelabdatacentre/data-tracker-frontend
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          dockerfile: k8s/Dockerfile-frontend
+          tags: "dev"
diff --git a/.github/workflows/dockerhub-latest.yml b/.github/workflows/dockerhub-latest.yml
@@ -0,0 +1,29 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    if: github.repository == 'ScilifelabDataCentre/Data-Tracker'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Publish backend to Docker Hub
+        uses: elgohr/Publish-Docker-Github-Action@master
+        with:
+          name: scilifelabdatacentre/covid-portal-backend
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          dockerfile: k8s/Dockerfile-backend
+          tags: "latest"
+      - name: Publish frontend to Docker Hub
+        uses: elgohr/Publish-Docker-Github-Action@master
+        with:
+          name: scilifelabdatacentre/covid-portal-frontend
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          dockerfile: k8s/Dockerfile-frontend
+          tags: "latest"
diff --git a/backend/app.py b/backend/app.py
@@ -67,6 +67,7 @@ def error_bad_request(_):
     """Make sure a simple 400 is returned instead of an html page."""
     return flask.Response(status=400)
 
+
 @app.errorhandler(401)
 def error_unauthorized(_):
     """Make sure a simple 401 is returned instead of an html page."""

diff --git a/backend/dataset.py b/backend/dataset.py
@@ -145,7 +145,7 @@ def update_dataset(identifier):
     order = flask.g.db['orders'].find_one({'datasets': ds_uuid})
     if not user.has_permission('DATA_MANAGEMENT') and \
        order['creator'] != flask.g.current_user['_id'] and \
-           order['receiver'] != flask.g.current_user['_id']:
+       order['receiver'] != flask.g.current_user['_id']:
         flask.abort(status=403)
 
     try:

diff --git a/backend/developer.py b/backend/developer.py
@@ -95,7 +95,6 @@ def list_config():
     return flask.jsonify(config)
 
 
-
 @blueprint.route('/quit')
 def stop_server():
     """Shutdown the flask server."""

diff --git a/backend/requirements.txt b/backend/requirements.txt
@@ -1,8 +1,8 @@
-Click==7.0
-Flask==1.1.1
+Click==7.1.2
+Flask==1.1.2
 itsdangerous==1.1.0
-Jinja2==2.11.1
+Jinja2==2.11.2
 MarkupSafe==1.1.1
 pymongo==3.10.1
 PyYAML==5.3.1
-Werkzeug==1.0.0
+Werkzeug==1.0.1
diff --git a/backend/tests/test_users.py b/backend/tests/test_users.py
@@ -1,5 +1,6 @@
 """Tests for dataset requests."""
 import json
+import re
 import requests
 import uuid
 
@@ -284,3 +285,149 @@ def test_update_user_bad(use_db):
         else:
             assert response.code == 403
         assert not response.data
+
+
+
+def test_add_user(use_db):
+    """Add a user."""
+    db = use_db
+
+    indata = {'auth_id': 'user@added'}
+    responses = make_request_all_roles(f'/api/user/',
+                                       ret_json=True,
+                                       method='POST',
+                                       data=indata)
+    for response in responses:
+        if response.role in ('users', 'root'):
+            assert response.code == 200
+            assert '_id' in response.data
+            new_user_info = db['users'].find_one({'_id': uuid.UUID(response.data['_id'])})
+            assert indata['auth_id'] == new_user_info['auth_id']
+        elif response.role == 'no-login':
+            assert response.code == 401
+            assert not response.data
+        else:
+            assert response.code == 403
+            assert not response.data
+
+    indata = {'affiliation': 'Added University',
+              'auth_id': 'user2@added',
+              'name': 'Added name',
+              'email': '[email protected]',
+              'permissions': ['ORDERS_SELF']}
+    session = requests.session()
+    as_user(session, USERS['root'])
+    response = make_request(session,
+                            f'/api/user/',
+                            ret_json=True,
+                            method='POST',
+                            data=indata)
+    assert response.code == 200
+    assert '_id' in response.data
+    new_user_info = db['users'].find_one({'_id': uuid.UUID(response.data['_id'])})
+    for key in indata:
+        assert new_user_info[key] == indata[key]
+
+
+def test_delete_user(use_db):
+    """Test deleting users (added when testing to add users)"""
+    db = use_db
+
+    re_users = re.compile('@added')
+    users = list(db['users'].find({'auth_id': re_users}, {'_id': 1}))
+
+    session = requests.Session()
+    i = 0
+    while i < len(users):
+        for role in USERS:
+            as_user(session, USERS[role])
+            response = make_request(session,
+                                    f'/api/user/{users[i]["_id"]}/',
+                                    method='DELETE')
+            if role in ('users', 'root'):
+                assert response.code == 200
+                assert not response.data
+                assert not db['users'].find_one({'_id': users[i]['_id']})
+                assert db['logs'].find_one({'data._id': users[i]['_id'],
+                                            'action': 'delete',
+                                            'data_type': 'user'})
+                i += 1
+                if i >= len(users):
+                    break
+            elif role == 'no-login':
+                assert response.code == 401
+                assert not response.data
+            else:
+                assert response.code == 403
+                assert not response.data
+
+
+def test_key_login():
+    """Test API key login for all users"""
+    session = requests.Session()
+    as_user(session, None)
+    for i, userid in enumerate(USERS):
+        response = make_request(session,
+                                '/api/user/login/apikey/',
+                                data = {'api-user': USERS[userid],
+                                        'api-key': str(i-1)},
+                                method='POST')
+        if userid == 'no-login':
+            assert response.code == 401
+            assert not response.data
+        else:
+            assert response.code == 200
+            assert not response.data
+
+            response = make_request(session,
+                                    '/api/developer/loginhello')
+            assert response.code == 200
+            assert response.data == {'test': 'success'}
+
+
+def test_key_reset(use_db):
+    """Test generation of new API keys"""
+    db = use_db
+
+    mod_user = {'auth_id': '--facility 18--'}
+    mod_user_info = db.users.find_one(mod_user)
+
+    session = requests.Session()
+    for i, userid in enumerate(USERS):
+        as_user(session, USERS[userid])
+        response = make_request(session,
+                                '/api/user/me/apikey/',
+                                method='POST')
+        if userid == 'no-login':
+            assert response.code == 401
+            assert not response.data
+            continue
+
+        assert response.code == 200
+        new_key = response.data['key']
+        response = make_request(session,
+                                '/api/user/login/apikey/',
+                                data = {'api-user': USERS[userid],
+                                        'api-key': new_key},
+                                method='POST')
+        assert response.code == 200
+        assert not response.data
+        db.users.update_one({'auth_id': userid}, {'$set': {'api_salt': 'abc',
+                                                           'api_key': str(i-1)}})
+
+        response = make_request(session,
+                                f'/api/user/{mod_user_info["_id"]}/apikey/',
+                                method='POST')
+        if userid not in ('users', 'root'):
+            assert response.code == 403
+            assert not response.data
+        else:
+            assert response.code == 200
+            new_key = response.data['key']
+            response = make_request(session,
+                                    '/api/user/login/apikey/',
+                                    data = {'api-user': mod_user['auth_id'],
+                                            'api-key': new_key},
+                                    method='POST')
+            assert response.code == 200
+            assert not response.data