Skip to content

Add create-by audit for scenario creation (again) #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add create-by audit for scenario creation (again) #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion api/src/api/app/apis/scenarios_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,15 @@
response_model_by_alias=True,
)
async def create_scenario(
request: Request,
scenario: Scenario = Body(None, description="")
) -> ID:
"""Create a new scenario to be simulated."""
return await controller.create_scenario(scenario)
return await controller.create_scenario(
scenario,
request.state.user.userId if request.state.user else None,
request.state.realm if request.state.realm else None
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, the LHA/Org IDs need to be mapped to the county codes.

IIRC, Mariama/Jonas mentioned that this mapping already exists. Maybe @JonasGilg can point us to it?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/DLR-SC/ESID/blob/develop/assets/lk_germany_reduced_list.json

)


@router.delete(
Expand Down
4 changes: 3 additions & 1 deletion api/src/api/app/controller/scenario_controller.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,11 +62,13 @@ class ScenarioController:
async def create_scenario(
self,
scenario: Optional[Scenario],
userId: Optional[str],
orgId: Optional[str]
) -> ID:
"""Create a new scenario to be simulated."""
if not scenario:
raise HTTPException(status_code=500, detail="No scenario provided")
return scenario_create(scenario)
return scenario_create(scenario, userId, orgId)


async def delete_scenario(
Expand Down
2 changes: 2 additions & 0 deletions api/src/api/app/db/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@ class Scenario(SQLModel, table=True):
timestampSubmitted: Optional[datetime] = Field(default=None, nullable=True)
timestampSimulated: Optional[datetime] = Field(default=None, nullable=True)

userId: Optional[str] = Field(default=None, nullable=True) # Created by user
orgId: Optional[str] = Field(default=None, nullable=True) # Created by user's LHA/Organization
Comment on lines +31 to +32
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this is the DB model this should probably be a UUID.

Suggested change
userId: Optional[str] = Field(default=None, nullable=True) # Created by user
orgId: Optional[str] = Field(default=None, nullable=True) # Created by user's LHA/Organization
CreatorUserId: Optional[uuid.UUID] = Field(default=None, nullable=True)
CreatorOrgId: Optional[uuid.UUID] = Field(default=None, nullable=True)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

User IDs from Keycloak are UUIDs but Org IDs are just strings.


class ParameterDefinition(SQLModel, table=True):
id: Optional[uuid.UUID] = Field(default_factory=uuid.uuid4, primary_key=True, nullable=False)
Expand Down
4 changes: 3 additions & 1 deletion api/src/api/app/db/tasks.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -412,7 +412,7 @@ def parameter_definition_delete(id: StrictStr) -> None:


## Scenarios ##
def scenario_create(scenario: Scenario) -> ID:
def scenario_create(scenario: Scenario, userId: Optional[str], orgId: Optional[str]) -> ID:
scenario_obj = db.Scenario(
name=scenario.name,
description=scenario.description,
Expand All @@ -423,6 +423,8 @@ def scenario_create(scenario: Scenario) -> ID:
percentiles=','.join([str(perc) for perc in scenario.percentiles]) if scenario.percentiles else '50',
timestampSubmitted=datetime.now(),
timestampSimulated=None,
userId=userId,
orgId=orgId
)
with next(get_session()) as session:
nested_dict = lambda: defaultdict(nested_dict)
Expand Down
2 changes: 1 addition & 1 deletion api/src/api/app/middlewares/authentication_middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ async def dispatch(self, request, call_next):
# async def get_user(request: Request):
# return request.state.user
request.state.user = user

request.state.realm = realm
# (Optional) role check can be added
# if ['admin'] not in user.role:
# raise HTTPException(
Expand Down