add require auth and require eula for orca (#20)

Author: jacobfilik

database/tables.sql

@@ -5,7 +5,7 @@ SET role webconexsadmin;
 CREATE TABLE person (
 	id INTEGER PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
 	identifier TEXT NOT NULL,
-    admin BOOLEAN NOT NULL DEFAULT FALSE,
+    accepted_orca_eula BOOLEAN NOT NULL DEFAULT FALSE,
 	UNIQUE (identifier)
 );
 

web-conexs-api/src/web_conexs_api/auth.py

@@ -8,7 +8,8 @@
 )
 from fastapi.security.http import HTTPAuthorizationCredentials, HTTPBearer
 
-get_bearer_token = HTTPBearer(auto_error=True)
+# False so we dont get a 403 when it should be a 401
+get_bearer_token = HTTPBearer(auto_error=False)
 
 oidc_user_info_endpoint = os.environ.get("OIDC_USER_INFO_ENDPOINT")
 oidc_id_key = os.environ.get("OIDC_ID_KEY", "id")

web-conexs-api/src/web_conexs_api/crud.py

@@ -12,6 +12,7 @@
     build_fdmnes_inputfile,
     build_orca_input_file,
     build_qe_inputfile,
+    fdmnes_molecule_to_crystal,
 )
 from .models.models import (
     CrystalStructure,
@@ -176,6 +177,11 @@ def submit_orca_simulation(
 ) -> OrcaSimulation:
     person = get_or_create_person(session, user_id)
 
+    if not person.accepted_orca_eula:
+        raise HTTPException(
+            status_code=403, detail="User has not accepted the Orca EULA"
+        )
+
     smodel = {
         "person_id": person.id,
         "simulation_type_id": 1,
@@ -234,19 +240,28 @@ def get_fdmnes_simulation(session, id, user_id) -> FdmnesSimulation:
 def get_orca_jobfile(session, id, user_id):
     orca_simulation = get_orca_simulation(session, id, user_id)
     structure = get_molecular_structure(
-        session, orca_simulation.crystal_structure_id, user_id
+        session, orca_simulation.molecular_structure_id, user_id
     )
 
     return build_orca_input_file(orca_simulation, structure)
 
 
 def get_fdmnes_jobfile(session, id, user_id):
     fdmnes_simulation = get_fdmnes_simulation(session, id, user_id)
-    structure = get_crystal_structure(
-        session, fdmnes_simulation.crystal_structure_id, user_id
-    )
 
-    return build_fdmnes_inputfile(fdmnes_simulation, structure)
+    if fdmnes_simulation.crystal_structure_id is not None:
+        structure = get_crystal_structure(
+            session, fdmnes_simulation.crystal_structure_id, user_id
+        )
+        crystalIsMolecule = False
+    else:
+        molecule = get_molecular_structure(
+            session, fdmnes_simulation.molecular_structure_id, user_id
+        )
+        structure = fdmnes_molecule_to_crystal(molecule)
+        crystalIsMolecule = True
+
+    return build_fdmnes_inputfile(fdmnes_simulation, structure, crystalIsMolecule)
 
 
 def get_fdmnes_output(session, id, user_id):
@@ -341,6 +356,18 @@ def get_orca_xas(session, id, user_id):
     return output
 
 
+def accept_orca_eula(session, user_id):
+    person = get_user(session, user_id)
+
+    person.accepted_orca_eula = True
+
+    session.add(person)
+    session.commit()
+    session.refresh(person)
+
+    return person
+
+
 def get_user(session, user_id):
     statement = select(Person).where(Person.identifier == user_id)
     person = session.exec(statement).first()

web-conexs-api/src/web_conexs_api/models/models.py

@@ -7,12 +7,12 @@
 
 class PersonInput(SQLModel):
     identifier: str = Field(index=True, unique=True)
+    accepted_orca_eula: bool = False
 
 
 class Person(PersonInput, table=True):
     __tablename__: str = "person"
     id: int | None = Field(primary_key=True, default=None)
-    admin: bool = False
 
 
 class SimulationType(SQLModel, table=True):

web-conexs-api/src/web_conexs_api/routers/qe.py

@@ -35,7 +35,7 @@ def get_qe_jobfile_endpoint(
     session: Session = Depends(get_session),
     user_id: str = Depends(get_current_user),
 ) -> str:
-    return PlainTextResponse(get_qe_jobfile(session, id, user_id))
+    return PlainTextResponse(get_qe_jobfile(session, id, user_id)[0])
 
 
 @router.get("/api/qe/{id}/output")

web-conexs-api/src/web_conexs_api/routers/user.py

@@ -2,7 +2,7 @@
 from sqlmodel import Session
 
 from ..auth import get_current_user
-from ..crud import get_user
+from ..crud import accept_orca_eula, get_user
 from ..database import get_session
 
 router = APIRouter()
@@ -13,3 +13,10 @@ async def check(
     session: Session = Depends(get_session), user_id: str = Depends(get_current_user)
 ):
     return get_user(session, user_id)
+
+
+@router.patch("/api/user")
+async def accept_orca_eula_patch(
+    session: Session = Depends(get_session), user_id: str = Depends(get_current_user)
+):
+    return accept_orca_eula(session, user_id)

web-conexs-api/tests/test_simulation_route.py

@@ -31,9 +31,7 @@ def get_session_override():
 
         response = client.get("/api/simulations/")
 
-        print(response)
-
-        assert response.status_code == 403
+        assert response.status_code == 401
 
         headers = headers
         response = client.get("/api/simulations/", headers=headers)

web-conexs-client/src/App.tsx

@@ -18,6 +18,8 @@ import {
   Footer,
 } from "@diamondlightsource/sci-react-ui";
 import QeSubmitPage from "./components/qe/QESubmitPage";
+import OrcaEulaPage from "./components/orca/OrcaEulaPage";
+import RequireAuth from "./components/RequireAuth";
 
 const queryClient = new QueryClient();
 
@@ -31,23 +33,86 @@ function App() {
             <Header />
             <Routes>
               <Route path="/" element={<WelcomePage />} />
-              <Route path="/molecules" element={<MoleculePage />} />
-              <Route path="/createmolecule" element={<CreateMoleculePage />} />
-              <Route path="/crystals" element={<CrystalPage />} />
-              <Route path="/createcrystal" element={<CreateCystalPage />} />
-              <Route path="/simulations" element={<SimulationReviewPage />} />
-              <Route path="/orca" element={<OrcaSubmitPage />} />
+              <Route
+                path="/molecules"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <MoleculePage />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/createmolecule"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <CreateMoleculePage />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/crystals"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <CrystalPage />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/createcrystal"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <CreateCystalPage />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/simulations"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <SimulationReviewPage />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/orca"
+                element={
+                  <RequireAuth requireOrcaEULA={true}>
+                    <OrcaSubmitPage />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/orcaeula"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <OrcaEulaPage />
+                  </RequireAuth>
+                }
+              ></Route>
               <Route
                 path="/fdmnescrystal"
-                element={<FdmnesSubmitPage key={"crystal"} isCrystal={true} />}
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <FdmnesSubmitPage key={"crystal"} isCrystal={true} />
+                  </RequireAuth>
+                }
               />
               <Route
                 path="/fdmnesmolecule"
                 element={
-                  <FdmnesSubmitPage key={"molecule"} isCrystal={false} />
+                  <RequireAuth requireOrcaEULA={false}>
+                    <FdmnesSubmitPage key={"molecule"} isCrystal={false} />
+                  </RequireAuth>
+                }
+              />
+              <Route
+                path="/qe"
+                element={
+                  <RequireAuth requireOrcaEULA={false}>
+                    <QeSubmitPage />
+                  </RequireAuth>
                 }
               />
-              <Route path="/qe" element={<QeSubmitPage />} />
             </Routes>
             <Footer copyright="Diamond Light Source" logo={null} />
           </Stack>

web-conexs-client/src/UserContext.tsx

@@ -3,19 +3,34 @@ import { Person } from "./models";
 import { useQuery } from "@tanstack/react-query";
 import { getUser } from "./queryfunctions";
 
-const UserContext = createContext<Person | null>(null);
+const UserContext = createContext<Person | null | undefined>(null);
 
 function UserProvider(props: { children: React.ReactNode }) {
   const { children } = props;
   const query = useQuery({
     queryKey: ["user"],
     queryFn: getUser,
+    retry: (failureCount, error) => {
+      if ("status" in error && error.status == 401) {
+        //dont retry 401
+        return false;
+      }
+
+      return failureCount < 2;
+    },
   });
 
+  //undefined if pending
+  let response = undefined;
+
+  if (query.isError) {
+    response = null;
+  } else {
+    response = query.data;
+  }
+
   return (
-    <UserContext.Provider value={query.data ? query.data : null}>
-      {children}
-    </UserContext.Provider>
+    <UserContext.Provider value={response}>{children}</UserContext.Provider>
   );
 }
 

web-conexs-client/src/components/Header.tsx

@@ -27,7 +27,11 @@ export default function Header() {
             color="white"
             onLogin={handleLogin}
             onLogout={handleLogout}
-            user={user == null ? null : { fedid: user.identifier }}
+            user={
+              user == null || user == undefined
+                ? null
+                : { fedid: user.identifier }
+            }
           />
           <ColourSchemeButton />
         </>