Feature: Add the slices CRUD endpoints #87
Conversation
|
should slice creation/update be restricted to users with administrative privileges? |
it can be done with wildcard subdomains. |
For now, I added a security check on each of the slice write operations. That prevents no admin users from editing them. error 403, "Access denied" unless current_user && current_user.admin? |
syphax-bouazzouni
changed the title
|
@syphax-bouazzouni, thanks for adding security check. |
|
it would also be a good idea to restrict the use of underscores (_) in the slice names. |
Added here 6dc238d
|
Codecov Report
@@ Coverage Diff @@
## master #87 +/- ##
==========================================
+ Coverage 71.84% 71.85% +0.01%
==========================================
Files 52 52
Lines 2845 2878 +33
==========================================
+ Hits 2044 2068 +24
- Misses 801 810 +9
Flags with carried forward coverage won't be shown. Click here to find out more.
|
…pr/add-slice-get-endpoint
syphax-bouazzouni
force-pushed
the
pr/add-slice-get-endpoint
branch
from
57a527f
to
8489f2b
Compare
|
@syphax-bouazzouni, Looks great! |
|
@syphax-bouazzouni, we want to merge this PR, but it contains a dependency on a specific branch of We definitely don't want to add this dependency to our codebase. This PR doesn't make it clear what functionality/code exactly it requires from that |
|
If we merge the PR ncbo/ontologies_linked_data#176, can we then remove the dependency on ontoportal-lirmm, or are there other changes that need to be merged first? |
Yes, this change in the Gemfile, was just to pass the tests. |
…-acronym-validator Merging in order to fulfill a dependency required by ncbo/ontologies_api#87
…onward (#4) * fix get a submission metrics * Auto stash before merge of "upstream" and "upstream/master" * add the slice get endpoint * add the slices create endpoint * add the slices delete endpoint * add the slices update endpoint * Add caching for analytics for 24 hours. * Fix for #97. Check for ontology existence before brining attributes * Handle edge case for submission downloads which do not have UploadFilePath set Fixes #98 * Gemfile.lock update * Add GH workflow for capistrano deployments * Update Gemfile.lock * fix ability to run deployment manually * Fix for deprecation notice of Rack::Attack.throttled_response Update configuration to closely match rack attack documentation in order to address deprecation notice: [DEPRECATION] Rack::Attack.throttled_response is deprecated. Please use Rack::Attack.throttled_responder instead * Update version of actions/checkout to address deprecation notices * Fix: Documentation rendering (#107) * Auto stash before merge of "upstream" and "upstream/master" * fix haml gem version * Update Gemfile * Restore branch specifier to master * Update capistrano sample config to include setting which branch to deploy from * Gemfile.lock update * Gemfile.lock update * Gemfile.lock update * Gemfile.lock update * Make sure ontology is present when accessing submissions. Fixes an internal server error when accessing submission for non-existent/deleted ontology * Remove owlapi_wrapper.jar file. It is included elsewhere * Add health checks for docker services and add more config file options * Remove wait-for-it * Add health check to AG service * Add GH workflow for publishing docker images * Add missing redis port number * Restore branch specifier to develop * Set mgrep port to 55556 * add arm64 platform * bump up version of solr-ut * Fix ncbo#116 - pinned redis-store to 1.9.1 until #358 gets resolved - fixed deprecation notices "warning: calling URI.open via Kernel#open is deprecated, call URI.open directly or use URI#open" * Restore branch specifier to master * fix for wrongly replaced string * Delete fix_purls.rb fix_purls.rb moved to a rake task under ncbo_cron project * Remove google analytics depenencies since those needed only in ncbo_cron * bump up major version of oj and faraday * remove search_index.rb script * lock gem rack-cache to 1.13.0 see ncbo#118 * remove depenency on redis-activesupport rack-attack can work with redis directly so there is no need to use redis-activesupport which is no longer being actively developed * unpin redis-store solves: ncbo#105 ncbo#106 * use redis-store from forked repo containing redis 5 compat fixes this should be reverted back to original after redis 5 copatibilty issues are resolved * use patched version of agraph v7.3.1 * unpin faraday gem * Gemfile.lock update * fixed an issue with the GA4 Analytics migration * fixed an issue with the GA4 Analytics migration * reduce request limit for resource intensive api calls (#121) * Announce deployments in NewRelic (#124) * Record deployments to NewRelic https://docs.newrelic.com/docs/apm/agents/ruby-agent/features/record-deployments-ruby-agent/ * add newrelic to deployment group github actions deployment doesn't install default group so capistrano fails to find newrelic recepies unless we add it to the deployment group * add rubocop * Gemfile update, goo version including goo#138 and goo#139 * Gemfile.lock update * Gemfile.lock update * Gemfile.lock update * update slice write operation to check if user is admin * Gemfile.lock update * fixed an accidental commit of docker compose file * fixed Gemfile after merging from master * Gemfile.lock update * update Gemfile.lock * Gemfile.lock update * redis-store gem with redis 5 compatibility fix * Gemfile.lock update * make the check_access helper use filter_access if the object is a list * add test for submissions access check with two ontologies private and pubic * check access of ontologies in /ontologies/:acronym/submissions endpoint * Set gem branch specifier to develop * reset branch specifier to master * add the slice get endpoint * add the slices create endpoint * add the slices delete endpoint * add the slices update endpoint * update slice write operation to check if user is admin * add slices creation & deletion unit tests * Gemfile.lock update * Gemfile.lock update * Merged #87 from master * fixed Gemfile after merge * Gemfile.lock update * update Gemfile.lock * Add configurable option for github org where code is deployed from * Gemfile update * Gemfile update * check existance of acroym before fetching details fixes #129 * extract slice tests helper to the parent class for reusability * add a test for the creation of an admin user * enforce the security of admin user creation * enforce user deletion security to be admin only * Gemfile.lock update * update Gemfile.lock * Gemfile update * implemented the first pass at bmir-radx/radx-project#37 * set bundler version to be comptatible with ruby 2.7 * Gemfile.lock update * implemented #127 - Add API call to trigger ontology pull from remote location * Gemfile.lock * implemented a test for #127 - Add API call to trigger ontology pull from remote location * Gemfile.lock update * implemented a test for #127 - Add API call to trigger ontology pull from remote location * implemented a test for #127 - Add API call to trigger ontology pull from remote location * Gemfile.lock update * use agraph v8.0.0 * Gemfile.lock update * Gemfile.lock update --------- Co-authored-by: Alex Skrenchuk <alexskr@stanford.edu> Co-authored-by: mdorf <mdorf@stanford.edu> Co-authored-by: Jennifer Vendetti <vendetti@stanford.edu>
Forked from #19
This PR adds the following endpoints :
POST https://data.bioontology.org/sclicesGET https://data.bioontology.org/sclices/:slice_idPOST https://data.bioontology.org/sclices/:slice_idDELETE https://data.bioontology.org/sclices/:slice_idOur long-term vision behind slices can be found here; In brief gives the possibility the users to create their slices, with their ontologies, colors, and logo, .... Making Ontoportal a sort a Portal provider for people that don't want or don't have the resources to deploy there own instances (and with portal federation, everything will be also connected).
The biggest blocker here, about the slice features is that we can't can't dynamically create a DSN configuration for each of the slices created by a user.