Merge branch 'master' into 7846-require-parent-info-when-running-function

Author: bisgaard-itis

api/specs/web-server/_users.py

@@ -4,31 +4,23 @@
 # pylint: disable=too-many-arguments
 
 
-from enum import Enum
 from typing import Annotated
 
-from _common import as_query
 from fastapi import APIRouter, Depends, status
 from models_library.api_schemas_webserver.users import (
+    MyFunctionPermissionsGet,
     MyPermissionGet,
     MyProfileGet,
     MyProfilePatch,
     MyTokenCreate,
     MyTokenGet,
-    UserAccountApprove,
-    UserAccountGet,
-    UserAccountReject,
-    UserAccountSearchQueryParams,
     UserGet,
-    UsersAccountListQueryParams,
     UsersSearch,
 )
 from models_library.api_schemas_webserver.users_preferences import PatchRequestBody
 from models_library.generics import Envelope
-from models_library.rest_pagination import Page
 from models_library.user_preferences import PreferenceIdentifier
 from simcore_service_webserver._meta import API_VTAG
-from simcore_service_webserver.users._common.schemas import PreRegisteredUserGet
 from simcore_service_webserver.users._notifications import (
     UserNotification,
     UserNotificationCreate,
@@ -128,6 +120,13 @@ async def mark_notification_as_read(
 async def list_user_permissions(): ...
 
 
+@router.get(
+    "/me/function-permissions",
+    response_model=Envelope[MyFunctionPermissionsGet],
+)
+async def list_user_functions_permissions(): ...
+
+
 #
 # USERS public
 #
@@ -139,56 +138,3 @@ async def list_user_permissions(): ...
     description="Search among users who are publicly visible to the caller (i.e., me) based on their privacy settings.",
 )
 async def search_users(_body: UsersSearch): ...
-
-
-#
-# USERS admin
-#
-
-_extra_tags: list[str | Enum] = ["admin"]
-
-
-@router.get(
-    "/admin/user-accounts",
-    response_model=Page[UserAccountGet],
-    tags=_extra_tags,
-)
-async def list_users_accounts(
-    _query: Annotated[as_query(UsersAccountListQueryParams), Depends()],
-): ...
-
-
-@router.post(
-    "/admin/user-accounts:approve",
-    status_code=status.HTTP_204_NO_CONTENT,
-    tags=_extra_tags,
-)
-async def approve_user_account(_body: UserAccountApprove): ...
-
-
-@router.post(
-    "/admin/user-accounts:reject",
-    status_code=status.HTTP_204_NO_CONTENT,
-    tags=_extra_tags,
-)
-async def reject_user_account(_body: UserAccountReject): ...
-
-
-@router.get(
-    "/admin/user-accounts:search",
-    response_model=Envelope[list[UserAccountGet]],
-    tags=_extra_tags,
-)
-async def search_user_accounts(
-    _query: Annotated[UserAccountSearchQueryParams, Depends()],
-):
-    # NOTE: see `Search` in `Common Custom Methods` in https://cloud.google.com/apis/design/custom_methods
-    ...
-
-
-@router.post(
-    "/admin/user-accounts:pre-register",
-    response_model=Envelope[UserAccountGet],
-    tags=_extra_tags,
-)
-async def pre_register_user_account(_body: PreRegisteredUserGet): ...

api/specs/web-server/_users_admin.py

@@ -0,0 +1,72 @@
+# pylint: disable=redefined-outer-name
+# pylint: disable=unused-argument
+# pylint: disable=unused-variable
+# pylint: disable=too-many-arguments
+
+
+from enum import Enum
+from typing import Annotated
+
+from _common import as_query
+from fastapi import APIRouter, Depends, status
+from models_library.api_schemas_webserver.users import (
+    UserAccountApprove,
+    UserAccountGet,
+    UserAccountReject,
+    UserAccountSearchQueryParams,
+    UsersAccountListQueryParams,
+)
+from models_library.generics import Envelope
+from models_library.rest_pagination import Page
+from simcore_service_webserver._meta import API_VTAG
+from simcore_service_webserver.users._common.schemas import PreRegisteredUserGet
+
+router = APIRouter(prefix=f"/{API_VTAG}", tags=["users"])
+
+_extra_tags: list[str | Enum] = ["admin"]
+
+
+@router.get(
+    "/admin/user-accounts",
+    response_model=Page[UserAccountGet],
+    tags=_extra_tags,
+)
+async def list_users_accounts(
+    _query: Annotated[as_query(UsersAccountListQueryParams), Depends()],
+): ...
+
+
+@router.post(
+    "/admin/user-accounts:approve",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=_extra_tags,
+)
+async def approve_user_account(_body: UserAccountApprove): ...
+
+
+@router.post(
+    "/admin/user-accounts:reject",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=_extra_tags,
+)
+async def reject_user_account(_body: UserAccountReject): ...
+
+
+@router.get(
+    "/admin/user-accounts:search",
+    response_model=Envelope[list[UserAccountGet]],
+    tags=_extra_tags,
+)
+async def search_user_accounts(
+    _query: Annotated[UserAccountSearchQueryParams, Depends()],
+):
+    # NOTE: see `Search` in `Common Custom Methods` in https://cloud.google.com/apis/design/custom_methods
+    ...
+
+
+@router.post(
+    "/admin/user-accounts:pre-register",
+    response_model=Envelope[UserAccountGet],
+    tags=_extra_tags,
+)
+async def pre_register_user_account(_body: PreRegisteredUserGet): ...

api/specs/web-server/openapi.py

@@ -26,6 +26,7 @@
         "_tags_groups",  # after _tags
         "_products",
         "_users",
+        "_users_admin",  # after _users
         "_wallets",
         # add-ons ---
         "_activity",

packages/models-library/src/models_library/api_schemas_webserver/users.py

@@ -377,3 +377,7 @@ class MyPermissionGet(OutputSchema):
     @classmethod
     def from_domain_model(cls, permission: UserPermission) -> Self:
         return cls(name=permission.name, allowed=permission.allowed)
+
+
+class MyFunctionPermissionsGet(OutputSchema):
+    write_functions: bool

services/api-server/src/simcore_service_api_server/services_http/webserver.py

@@ -3,8 +3,9 @@
 import logging
 import urllib.parse
 from dataclasses import dataclass
+from datetime import timedelta
 from functools import partial
-from typing import Any, Self
+from typing import Any, Final, Self
 from uuid import UUID
 
 import httpx
@@ -94,6 +95,8 @@
 
 _exception_mapper = partial(service_exception_mapper, service_name="Webserver")
 
+_POLL_TIMEOUT: Final[timedelta] = timedelta(minutes=10)
+
 _JOB_STATUS_MAP = {
     status.HTTP_402_PAYMENT_REQUIRED: PaymentRequiredError,
     status.HTTP_404_NOT_FOUND: JobNotFoundError,
@@ -251,7 +254,7 @@ async def _wait_for_long_running_task_results(self, lrt_response: httpx.Response
         # GET task status now until done
         async for attempt in AsyncRetrying(
             wait=wait_fixed(0.5),
-            stop=stop_after_delay(60),
+            stop=stop_after_delay(_POLL_TIMEOUT),
             reraise=True,
             retry=retry_if_exception_type(TryAgain),
             before_sleep=before_sleep_log(_logger, logging.INFO),

services/static-webserver/client/source/class/osparc/auth/ui/RequestAccount.js

@@ -158,6 +158,9 @@ qx.Class.define("osparc.auth.ui.RequestAccount", {
         case "s4ldesktopacad": {
           const application = new qx.ui.form.SelectBox();
           [{
+            id: "other",
+            label: "Other"
+          }, {
             id: "Antenna_Design_for_Wireless_Communication",
             label: "Antenna Design for Wireless Communication"
           }, {
@@ -284,6 +287,9 @@ qx.Class.define("osparc.auth.ui.RequestAccount", {
           break;
         default:
           hearOptions = [{
+            id: "Other",
+            label: "Other"
+          }, {
             id: "Search_Engine",
             label: "Search Engine"
           }, {
@@ -295,9 +301,6 @@ qx.Class.define("osparc.auth.ui.RequestAccount", {
           }, {
             id: "Social_Media",
             label: "Social Media"
-          }, {
-            id: "Other",
-            label: "Other"
           }];
           break;
       }

services/web/server/VERSION

@@ -1 +1 @@
-0.68.1
+0.69.0

services/web/server/setup.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.68.1
+current_version = 0.69.0
 commit = True
 message = services/webserver api version: {current_version} → {new_version}
 tag = False

services/web/server/src/simcore_service_webserver/api/v0/openapi.yaml

@@ -2,7 +2,7 @@ openapi: 3.1.0
 info:
   title: simcore-service-webserver
   description: Main service with an interface (http-API & websockets) to the web front-end
-  version: 0.68.1
+  version: 0.69.0
 servers:
 - url: ''
   description: webserver
@@ -1352,6 +1352,19 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Envelope_list_MyPermissionGet__'
+  /v0/me/function-permissions:
+    get:
+      tags:
+      - users
+      summary: List User Functions Permissions
+      operationId: list_user_functions_permissions
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Envelope_MyFunctionPermissionsGet_'
   /v0/users:search:
     post:
       tags:
@@ -10213,6 +10226,19 @@ components:
           title: Error
       type: object
       title: Envelope[LoginNextPage]
+    Envelope_MyFunctionPermissionsGet_:
+      properties:
+        data:
+          anyOf:
+          - $ref: '#/components/schemas/MyFunctionPermissionsGet'
+          - type: 'null'
+        error:
+          anyOf:
+          - {}
+          - type: 'null'
+          title: Error
+      type: object
+      title: Envelope[MyFunctionPermissionsGet]
     Envelope_MyGroupsGet_:
       properties:
         data:
@@ -12642,6 +12668,15 @@ components:
       required:
       - color
       title: MarkerUI
+    MyFunctionPermissionsGet:
+      properties:
+        writeFunctions:
+          type: boolean
+          title: Writefunctions
+      type: object
+      required:
+      - writeFunctions
+      title: MyFunctionPermissionsGet
     MyGroupsGet:
       properties:
         me:

services/web/server/src/simcore_service_webserver/functions/_controller/_functions_rest.py

@@ -5,6 +5,7 @@
     RegisteredFunction,
     RegisteredFunctionGet,
 )
+from models_library.api_schemas_webserver.users import MyFunctionPermissionsGet
 from pydantic import TypeAdapter
 from servicelib.aiohttp import status
 from servicelib.aiohttp.requests_validation import (
@@ -100,3 +101,29 @@ async def delete_function(request: web.Request) -> web.Response:
     )
 
     return web.json_response(status=status.HTTP_204_NO_CONTENT)
+
+
+#
+# /me/* endpoints
+#
+
+
+@routes.get(f"/{VTAG}/me/function-permissions", name="list_user_functions_permissions")
+@login_required
+@handle_rest_requests_exceptions
+async def list_user_functions_permissions(request: web.Request) -> web.Response:
+    req_ctx = AuthenticatedRequestContext.model_validate(request)
+
+    function_permissions = (
+        await _functions_service.get_functions_user_api_access_rights(
+            app=request.app,
+            user_id=req_ctx.user_id,
+            product_name=req_ctx.product_name,
+        )
+    )
+
+    assert function_permissions.user_id == req_ctx.user_id  # nosec
+
+    return envelope_json_response(
+        MyFunctionPermissionsGet(write_functions=function_permissions.write_functions)
+    )