Commit d9376c80 authored by HERBERT Ryan's avatar HERBERT Ryan
Browse files

VidjilAuth process/upload sample_set

Added methods to check permissions for processing and uploading for a
specific sample_set. These differ from their 'patient' or 'run'
counterparts because they also check permissions for the associated runs
and patients, in the same way modification permissions are checked
parent 64b261ba
......@@ -275,6 +275,24 @@ class VidjilAuth(Auth):
return self.get_permission(PermissionEnum.run.value, object_of_action, id, user=user)\
or self.is_admin(user)
def can_process_sample_set(self, id, user = None):
'''
Returns if the user can process results for a sample_set
'''
sample_set = self.db.sample_set[id]
perm = self.get_permission(PermissionEnum.run.value, 'sample_set', id, user) \
or self.is_admin(user)
if perm:
return True
query = db(db[sample_set.sample_type].sample_set_id == sample_set.id).select()
for row in query:
if self.can_process_file(sample_set.sample_type, row.id, user):
return True
return False
def can_upload_file(self, object_of_action, id=0, user = None):
'''
Returns True iff the current user can upload a sequence file
......@@ -284,6 +302,24 @@ class VidjilAuth(Auth):
return self.get_permission(PermissionEnum.upload.value, object_of_action, id, user=user)\
or self.is_admin(user)
def can_upload_sample_set(self, id, user = None):
'''
Returns if the user can upload files for a sample_set
'''
sample_set = db.sample_set[id]
perm = self.get_permission(PermissionEnum.upload.value, 'sample_set', id, user) \
or self.is_admin(user)
if perm:
return True
query = db(db[sample_set.sample_type].sample_set_id == sample_set.id).select()
for row in query:
if self.can_upload_file(sample_set.sample_type, row.id, user):
return True
return False
def can_use_config(self, config_id, user = None):
'''
Returns True iff the current user can view
......
......@@ -251,10 +251,24 @@ class VidjilauthModel(unittest.TestCase):
result = auth.can_process_file()
self.assertFalse(result, "User %d should not be able to process files" % (auth.user_id))
result = auth.can_process_file(user_id_sec)
self.assertTrue(result, "User %d should be able to process files" % user_id_sec)
def testCanProcessSampleSet(self):
result = auth.can_process_sample_set(sample_set_id_sec)
self.assertFalse(result,
"User %d should not be able to process files for sample_set %d" % (auth.user_id, sample_set_id_sec))
result = auth.can_process_sample_set(sample_set_id_ter)
self.assertTrue(result,
"User %d should be able to process files for sample_set %d" % (auth.user_id, sample_set_id_ter))
result = auth.can_process_sample_set(sample_set_id, user_id_sec)
self.assertTrue(result,
"User %d should be able to process files for sample_set %d" % (user_id_sec, sample_set_id))
result = auth.can_process_file(user_id)
result = auth.can_process_sample_set(sample_set_id_ter, user_id_sec)
self.assertFalse(result,
"User %d should not be able to process files for sample_set %d" % (user_id_sec, sample_set_id_ter))
result = auth.can_process_sample_set(sample_set_id, user_id)
self.assertTrue(result,
"User %d is a member of admin group and is missing permissions to process files" % user_id)
......@@ -271,8 +285,16 @@ class VidjilauthModel(unittest.TestCase):
self.assertTrue(result,
"User %d is a member of admin group and is missing permissions to upload files" % user_id)
def testCanUploadSampleSet(self):
result = auth.can_upload_sample_set(sample_set_id_sec)
self.assertFalse(result,
"User %d should not have permission to upload files for sample_set %d" % (auth.user_id, sample_set_id_sec))
result = auth.can_upload_sample_set(sample_set_id, user_id_sec)
self.assertTrue(result,
"User %d should be able to upload files for sample_set %d" % (user_id_sec, sample_set_id))
result = auth.can_upload_file(user_id)
result = auth.can_upload_sample_set(sample_set_id, user_id)
self.assertTrue(result,
"User %d is a member of admin group and is missing permissions to upload files" % user_id)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment