Skip to content
Snippets Groups Projects
Commit 56557c11 authored by LouisGendron's avatar LouisGendron
Browse files

Add access to api_token to staff user via graphQL

parent 645aefa0
1 merge request!100Resolve "Allow staff to access user api token with graphql"
......@@ -10,7 +10,7 @@ from graphene_django.types import DjangoObjectType
from graphene_django.views import GraphQLView
from graphene_django.forms.mutation import DjangoModelFormMutation
from portal.models import DataFile, DataSet, Lab, Profile, ShareGroup
from portal.models import DataFile, DataSet, Lab, Profile, ProfileToken, ShareGroup
from portal.views import TokenLoginMixin
from portal.forms import DataSetForm
......@@ -39,6 +39,12 @@ class ProfileType(DjangoObjectType):
fields = ['id', 'accountname', 'unix_username', 'user', 'labs']
class ProfileTokenType(DjangoObjectType):
class Meta:
model = ProfileToken
fields = ['id', 'user', 'api_token']
class UserType(DjangoObjectType):
class Meta:
model = get_user_model()
......@@ -72,9 +78,7 @@ class Query(graphene.ObjectType):
file_hash=graphene.String(),
in_id_list=graphene.List(graphene.String)
)
datasets = graphene.List(DataSetType,
in_id_list=graphene.List(graphene.String)
)
datasets = graphene.List(DataSetType, in_id_list=graphene.List(graphene.String))
lab = graphene.Field(LabType, name=graphene.String(), dbid=graphene.ID())
labs = graphene.List(
LabType,
......@@ -84,6 +88,10 @@ class Query(graphene.ObjectType):
ProfileType,
in_email_list=graphene.List(graphene.String)
)
profiles_token = graphene.List(
ProfileTokenType,
in_email_list=graphene.List(graphene.String)
)
sharegroups = graphene.List(
ShareGroupType,
in_name_list=graphene.List(graphene.String)
......@@ -93,7 +101,7 @@ class Query(graphene.ObjectType):
id = kwargs.get('id')
dbid = kwargs.get('dbid')
qs = DataFile.objects.accessible_to_profile(info.context.user.profile)
if id is not None:
return qs.filter(iric_data_id=id).first()
elif dbid is not None:
......@@ -181,6 +189,16 @@ class Query(graphene.ObjectType):
return qs.distinct()
def resolve_profiles_token(self, info, **kwargs):
email_list = kwargs.get('in_email_list')
qs = ProfileToken.objects.none()
if info.context.user.is_staff:
qs = ProfileToken.objects.all()
if email_list:
qs = qs.filter(user__email__in=email_list)
return qs.distinct()
def resolve_sharegroups(self, info, **kwargs):
name_list = kwargs.get('in_name_list')
qs = ShareGroup.objects.all()
......@@ -198,7 +216,7 @@ class DataSetMutation(DjangoModelFormMutation):
class Meta:
form_class = DataSetForm
return_field_name = 'dataset'
@classmethod
def get_form_kwargs(cls, root, info, **input) -> dict:
kwargs = super().get_form_kwargs(root, info, **input)
......@@ -206,7 +224,7 @@ class DataSetMutation(DjangoModelFormMutation):
if 'read_only' not in kwargs['data'] and 'instance' not in kwargs.keys():
kwargs['data']['read_only'] = True
return kwargs
@classmethod
def perform_mutate(cls, form, info):
object = form.save(commit=False)
......
# Generated by Django 2.2.17 on 2023-02-17 13:29
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('portal', '0030_auto_20230201_1554'),
]
operations = [
migrations.CreateModel(
name='ProfileToken',
fields=[
],
options={
'proxy': True,
'indexes': [],
'constraints': [],
},
bases=('portal.profile',),
),
]
......@@ -70,6 +70,11 @@ class Profile(models.Model):
return binascii.hexlify(os.urandom(32)).decode()
class ProfileToken(Profile):
class Meta:
proxy = True
class Institution(models.Model):
class Meta:
unique_together = (('abbr', 'name'))
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment