Applying correct PermissionEnum

There were several places in the code where strings were still used to
determine, add or remove permissions. These have now all been replaced
with the correct Element from PermissionEnum

server/web2py/applications/vidjil/controllers/config.py

@@ -15,7 +15,7 @@ def index():
         return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
     
 
-    query = db((auth.vidjil_accessible_query('read', db.config) | auth.vidjil_accessible_query('admin', db.config) ) ).select(orderby=~db.config.name)
+    query = db((auth.vidjil_accessible_query(PermissionEnum.read_config.value, db.config) | auth.vidjil_accessible_query(PermissionEnum.admin_config.value, db.config) ) ).select(orderby=~db.config.name)
 
     return dict(message=T('Configs'),
                query=query,
@@ -52,7 +52,7 @@ def add_form():
                 break
 
         db.auth_permission.insert(group_id=user_group,
-                                name='create',
+                                name=PermissionEnum.create_config.value,
                                 table_name='config',
                                 record_id=config_id)
 

server/web2py/applications/vidjil/controllers/default.py

@@ -85,18 +85,18 @@ def init_db(force=False):
 
         ## permission
         ## system admin have admin/read/create rights on all patients, groups and configs
-        auth.add_permission(id_admin_group, 'admin', db.patient, 0)
-        auth.add_permission(id_admin_group, 'admin', db.auth_group, 0)
-        auth.add_permission(id_admin_group, 'admin', db.config, 0)
-        auth.add_permission(id_admin_group, 'admin', db.pre_process, 0)
-        auth.add_permission(id_admin_group, 'read', db.patient, 0)
-        auth.add_permission(id_admin_group, 'read', db.auth_group, 0)
-        auth.add_permission(id_admin_group, 'read', db.config, 0)
-        auth.add_permission(id_admin_group, 'read', db.pre_process, 0)
-        auth.add_permission(id_admin_group, 'create', db.patient, 0)
-        auth.add_permission(id_admin_group, 'create', db.auth_group, 0)
-        auth.add_permission(id_admin_group, 'create', db.config, 0)
-        auth.add_permission(id_admin_group, 'create', db.pre_process, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.admin.value, db.sample_set, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.admin_group.value, db.auth_group, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.admin_config.value, db.config, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.admin_pre_process.value, db.pre_process, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.read.value, db.sample_set, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.read_group.value, db.auth_group, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.read_config.value, db.config, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.read_pre_process.value, db.pre_process, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.create.value, db.sample_set, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.create_group.value, db.auth_group, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.create_config.value, db.config, 0)
+        auth.add_permission(id_admin_group, PermissionEnum.create_pre_process.value, db.pre_process, 0)
         auth.add_permission(id_admin_group, 'impersonate', db.auth_user, 0)
 
 def init_from_csv():

server/web2py/applications/vidjil/controllers/file.py

@@ -48,7 +48,7 @@ def add():
 			))
 			
         query_patient = db(
-            auth.vidjil_accessible_query('admin', db.patient)
+            auth.vidjil_accessible_query(PermissionEnum.admin.value, db.patient)
         ).select(
             db.patient.ALL,
             orderby = ~db.patient.id
@@ -65,7 +65,7 @@ def add():
                 patient = birth+name+id
             
         query_run = db(
-            auth.vidjil_accessible_query('admin', db.run)
+            auth.vidjil_accessible_query(PermissionEnum.admin.value, db.run)
         ).select(
             db.run.ALL,
             orderby = ~db.run.id
@@ -208,7 +208,7 @@ def edit():
 			))
 			
         query_patient = db(
-            auth.vidjil_accessible_query('admin', db.patient)
+            auth.vidjil_accessible_query(PermissionEnum.admin.value, db.patient)
         ).select(
             db.patient.ALL,
             orderby = ~db.patient.id
@@ -225,7 +225,7 @@ def edit():
                 patient = birth+name+id
             
         query_run = db(
-            auth.vidjil_accessible_query('admin', db.run)
+            auth.vidjil_accessible_query(PermissionEnum.admin.value, db.run)
         ).select(
             db.run.ALL,
             orderby = ~db.run.id

server/web2py/applications/vidjil/controllers/group.py

@@ -51,7 +51,7 @@ def add_form():
             if len(parent_list) > 0:
                 for parent in parent_list:
                     db.group_assoc.insert(first_group_id=parent.first_group_id, second_group_id=id)
-                    auth.add_permission(parent.first_group_id, PermissionEnum.group_admin.value, id)
+                    auth.add_permission(parent.first_group_id, PermissionEnum.admin_group.value, id)
             else:
                 db.group_assoc.insert(first_group_id=group_parent, second_group_id=id)
                 auth.add_permission(group_parent, PermissionEnum.admin_group.value, id)
@@ -110,7 +110,7 @@ def remove_permission():
         error += "missing user_id, "
 
     if error=="":
-        auth.del_permission(auth.user_group(request.vars["user_id"]), 'admin', db.auth_group, request.vars["group_id"])
+        auth.del_permission(auth.user_group(request.vars["user_id"]), PermissionEnum.admin_group.value, db.auth_group, request.vars["group_id"])
 
     res = {"redirect" : "group/permission" ,
            "args" : { "id" : request.vars["group_id"]} }
@@ -120,7 +120,7 @@ def remove_permission():
 ## give admin right to a group member
 ## need ["group_id", "user_id"]
 def change_permission():
-    auth.add_permission(auth.user_group(request.vars["user_id"]), 'admin', db.auth_group, request.vars["group_id"])
+    auth.add_permission(auth.user_group(request.vars["user_id"]), PermissionEnum.admin_group.value, db.auth_group, request.vars["group_id"])
 
     res = {"redirect" : "group/permission" , "args" : { "id" : request.vars["group_id"]} }
     log.info(res)

server/web2py/applications/vidjil/controllers/patient.py

@@ -134,13 +134,14 @@ def index():
     
     ##retrieve patient list 
     query = db(
-        auth.vidjil_accessible_query('read', db.patient)
+        auth.vidjil_accessible_query(PermissionEnum.read.value, db.patient)
     ).select(
         db.patient.ALL,
         orderby = ~db.patient.id
     )
 
-    auth.load_permissions('admin', 'patient')
+    auth.load_permissions(PermissionEnum.admin.value, 'patient')
+    auth.load_permissions(PermissionEnum.anon.value, 'patient')
     result = {}
     
     for i, row in enumerate(query) :
@@ -190,7 +191,7 @@ def index():
     query3 = db(
         (db.patient.sample_set_id == db.fused_file.sample_set_id) &
         (db.fused_file.config_id == db.config.id) &
-        (auth.vidjil_accessible_query('read', db.config) | auth.vidjil_accessible_query('admin', db.config) )
+        (auth.vidjil_accessible_query(PermissionEnum.read_config.value, db.config) | auth.vidjil_accessible_query(PermissionEnum.admin_config.value, db.config) )
     ).select(
         db.patient.id, db.config.name, db.config.id, db.fused_file.fused_file
     )
@@ -203,7 +204,7 @@ def index():
     query4 = db(
         ((db.patient.id == db.auth_permission.record_id) | (db.auth_permission.record_id == 0)) &
         (db.auth_permission.table_name == 'patient') &
-        (db.auth_permission.name == 'read') &
+        (db.auth_permission.name == PermissionEnum.access.value) &
         (db.auth_group.id == db.auth_permission.group_id)
     ).select(
         db.patient.id, db.auth_group.role
@@ -311,9 +312,7 @@ def add_form():
             admin_group = db(db.auth_group.role=='admin').select().first().id
             
             #patient creator automaticaly has all rights 
-            #auth.add_permission(user_group, 'admin', db.patient, id)
-            auth.add_permission(user_group, 'access', db.patient, id)
-            #auth.add_permission(user_group, 'anon', db.patient, id)
+            auth.add_permission(user_group, PermissionEnum.access.value, db.patient, id)
             
             patient_name = request.vars["first_name"] + ' ' + request.vars["last_name"]
 

server/web2py/applications/vidjil/controllers/pre_process.py

@@ -13,7 +13,7 @@ def index():
         res = {"redirect" : "default/user/login"}
         return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
 
-    query = db((auth.vidjil_accessible_query('read', db.pre_process) | auth.vidjil_accessible_query('admin', db.pre_process) ) ).select(orderby=~db.pre_process.name)
+    query = db((auth.vidjil_accessible_query(PermissionEnum.read_pre_process.value, db.pre_process) | auth.vidjil_accessible_query(PermissionEnum.admin_pre_process.value, db.pre_process) ) ).select(orderby=~db.pre_process.name)
 
     return dict(message=T('Pre-process list'),
                query=query,
@@ -39,7 +39,7 @@ def add_form():
                         command=request.vars['pre_process_command']
                         )
 
-	auth.add_permission(auth.user_group(), 'read', db.pre_process, pre_proc_id)
+	auth.add_permission(auth.user_group(), PermissionEnum.read_pre_process.value, db.pre_process, pre_proc_id)
 
         res = {"redirect": "pre_process/index",
                "message": "pre_process '%s' added" % request.vars['pre_process_name']}

server/web2py/applications/vidjil/controllers/run.py

@@ -26,13 +26,13 @@ def index():
     
     ##retrieve run list 
     query_run = db(
-        auth.vidjil_accessible_query('read', db.run)
+        auth.vidjil_accessible_query(PermissionEnum.read.value, db.run)
     ).select(
         db.run.ALL,
         orderby = ~db.run.id
     )
 
-    auth.load_permissions('admin', 'run')
+    auth.load_permissions(PermissionEnum.admin.value, 'run')
     result = {}
     
     for i, row in enumerate(query_run) :
@@ -85,7 +85,7 @@ def index():
     query3 = db(
         (db.run.sample_set_id == db.fused_file.sample_set_id) &
         (db.fused_file.config_id == db.config.id) &
-        (auth.vidjil_accessible_query('read', db.config) | auth.vidjil_accessible_query('admin', db.config) )
+        (auth.vidjil_accessible_query(PermissionEnum.read_config.value, db.config) | auth.vidjil_accessible_query(PermissionEnum.admin_config.value, db.config) )
     ).select(
         db.run.id, db.config.name, db.config.id, db.fused_file.fused_file
     )
@@ -99,7 +99,7 @@ def index():
     query4 = db(
         ((db.run.id == db.auth_permission.record_id) | (db.auth_permission.record_id == 0)) &
         (db.auth_permission.table_name == 'patient') &
-        (db.auth_permission.name == 'read') &
+        (db.auth_permission.name == PermissionEnum.read.value) &
         (db.auth_group.id == db.auth_permission.group_id)
     ).select(
         db.run.id, db.auth_group.role

server/web2py/applications/vidjil/controllers/sample_set.py

@@ -28,10 +28,10 @@ def next_sample_set():
             
             go_next = int(request.vars['next'])
             if go_next > 0:
-                res = db((db[sample_type].id > current_id) & (auth.vidjil_accessible_query('read', db[sample_type]))).select(
+                res = db((db[sample_type].id > current_id) & (auth.vidjil_accessible_query(PermissionEnum.read.value, db[sample_type]))).select(
                     db[sample_type].id, db[sample_type].sample_set_id, orderby=db[sample_type].id, limitby=(0,1))
             else:
-                res = db((db[sample_type].id < current_id) & (auth.vidjil_accessible_query('read', db[sample_type]))).select(
+                res = db((db[sample_type].id < current_id) & (auth.vidjil_accessible_query(PermissionEnum.read.value, db[sample_type]))).select(
                     db[sample_type].id, db[sample_type].sample_set_id, orderby=~db[sample_type].id, limitby=(0,1))
             if (len(res) > 0):
                 request.vars["id"] = str(res[0].sample_set_id)
@@ -204,7 +204,7 @@ def custom():
         
     myGroupBy = None
     if request.vars["id"] and auth.can_view_sample_set(request.vars["id"]):
-        q = ((auth.vidjil_accessible_query('read', db.config))
+        q = ((auth.vidjil_accessible_query(PermissionEnum.read_config.value, db.config))
                 & (db.sample_set.id == request.vars["id"])
                 & (db.sample_set.id == db.patient.sample_set_id)
                 & (db.sample_set_membership.sample_set_id == db.sample_set.id)
@@ -215,8 +215,8 @@ def custom():
             )
         
     else:
-        q = ((auth.vidjil_accessible_query('read', db.patient))
-                & (auth.vidjil_accessible_query('read', db.config))
+        q = ((auth.vidjil_accessible_query(PermissionEnum.read.value, db.patient))
+                & (auth.vidjil_accessible_query(PermissionEnum.read_config.value, db.config))
                 & (db.sample_set.id == db.patient.sample_set_id)
                 & (db.sample_set_membership.sample_set_id == db.sample_set.id)
                 & (db.sequence_file.id == db.sample_set_membership.sequence_file_id)

server/web2py/applications/vidjil/models/VidjilAuth.py

@@ -11,8 +11,13 @@ class PermissionEnum(Enum):
     run = 'run'
     admin_config = 'admin'
     read_config = 'read'
+    create_config = 'create'
     admin_group = 'admin'
     read_group = 'read'
+    create_group = 'create'
+    admin_pre_process = 'admin'
+    read_pre_process = 'read'
+    create_preprocess = 'create'
     anon = 'anon'
 
 class VidjilAuth(Auth):