Is728/permissions server (#799)

Implements #728, mostly server side;

Extended security subsystem:
  - Implements Hierarchical Role Based control access model (HRBAM)
  - Extend roles: anonymous, guest, user, tester
  - Checked permissions for the following resources:
    -  /v*/project API
    -  /v*/me  (user) API
    -  /v*/storage  API
    -   /v*/nodes  API (not necessary)
    -  services related  /services, /running ... /computational/... (cleanup
 
Some changes in the following webserver subsystems:
- services
  - rest API specs to separated file api/specs/webserver/v0/openapi-services.yaml
  - Removed body from ``/computation/*``  calls. Operates on project uuid stored on the server side
- projects
  - fine-grained update permissions . See services/web/server/src/simcore_service_webserver/projects/projects_access.py]
- new creation and update workflows

Author: pcrespov

api/specs/director/v0/openapi.yaml

@@ -226,10 +226,6 @@ paths:
       responses:
         "204":
           description: Succesfully stopped and removed the service from the oSparc platform
-          content:
-            application/json:
-              schema:
-                $ref: '../../shared/schemas/response204.yaml#/components/schemas/Response204Enveloped'
         "400":
           description: Malformed function call, missing field
           content:

api/specs/shared/schemas/response204.yaml

@@ -6,12 +6,12 @@ components:
         - data
       properties:
         data:
-          $ref: '#/components/schemas/PipelineCreatedType'
+          $ref: '#/components/schemas/PipelineCreatedSchema'
         error:
           nullable: true
           default: null
-    
-    PipelineCreatedType:
+
+    PipelineCreatedSchema:
       type: object
       required:
         - pipeline_name

api/specs/webserver/v0/components/schemas/pipeline.yaml

@@ -42,6 +42,12 @@ paths:
     post:
       summary: Create new project
       operationId: create_projects
+      parameters:
+        - name: from_template
+          in: query
+          schema:
+            type: string
+          description: 'Option to create a project from existing template: from_template={template_uuid}'
       requestBody:
         content:
           application/json:

api/specs/webserver/v0/openapi-projects.yaml

@@ -0,0 +1,243 @@
+openapi: 3.0.0
+info:
+  title: services API
+  version: 0.1.0
+  description: 'Access to interactive and computational services'
+servers:
+  - description: API server
+    url: '/v0'
+paths:
+  /services:
+    get:
+      description: Lists available services in catalog
+      operationId: services_get
+      parameters:
+        - $ref: './openapi-services.yaml#/components/parameters/ServiceType'
+      responses:
+        "200":
+          description: Returns list of services in catalog
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/services.yaml#/components/schemas/ServicesEnveloped'
+        "401":
+          $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+        default:
+          $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+  /running_interactive_services:
+    post:
+      description: Starts an interactive service in the oSparc platform and returns its entrypoint
+      operationId: running_interactive_services_post
+      parameters:
+        - $ref: './openapi-services.yaml#/components/parameters/ProjectIdQuery'
+        - $ref: './openapi-services.yaml#/components/parameters/ServiceKey'
+        - $ref: './openapi-services.yaml#/components/parameters/ServiceVersion'
+        - $ref: './openapi-services.yaml#/components/parameters/AssignmentUuid'
+      responses:
+        "201":
+          description: Succesfully created the service in the oSparc platform. Returns the location where the service runs.
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/running_service.yaml#/components/schemas/RunningServiceEnveloped'
+        "400":
+          description: Malformed function call, missing field
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "401":
+          description: Unauthorized access
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "404":
+          description: Service not found
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "409":
+          description: A service with the same uuid already exists
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        default:
+          $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+    delete:
+      description: Stops and removes all user interactive services from the platform
+      operationId: running_interactive_services_delete_all
+      responses:
+          "204":
+            description: Succesfully stopped and removed the service from the oSparc platform
+            content:
+              application/json:
+                schema:
+                  $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+          default:
+            $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+  /running_interactive_services/{service_uuid}:
+    get:
+      description: Succesfully returns if a service with the defined uuid is up and running
+      operationId: running_interactive_services_get
+      parameters:
+        - $ref: './openapi-services.yaml#/components/parameters/ServiceUuid'
+      responses:
+        "204":
+          description: OK service exists and runs
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "400":
+          description: Malformed function call, missing field
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "404":
+          description: Service not found
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        default:
+          $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+    delete:
+      description: Stops and removes an interactive service from the oSparc platform
+      operationId: running_interactive_services_delete
+      parameters:
+        - $ref: './openapi-services.yaml#/components/parameters/ServiceUuid'
+      responses:
+        "204":
+          description: Succesfully stopped and removed the service from the oSparc platform
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "400":
+          description: Malformed function call, missing field
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        "404":
+          description: Service not found
+          content:
+            application/json:
+              schema:
+                $ref: '../../shared/schemas/error.yaml#/components/schemas/ErrorEnveloped'
+        default:
+          $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+
+  /computation/pipeline/{project_id}:
+      put:
+        description: "Update a pipeline using workbench section from given project"
+        operationId: update_pipeline
+        parameters:
+          - $ref: './openapi-services.yaml#/components/parameters/ProjectId'
+        responses:
+          "204":
+            description: Succesfully updated the pipeline
+          default:
+            $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+  /computation/pipeline/{project_id}/start:
+    post:
+      description: Starts a pipeline of a given project
+      operationId: start_pipeline
+      parameters:
+        - $ref: './openapi-services.yaml#/components/parameters/ProjectId'
+      responses:
+        "200":
+          description: Succesffully started the pipeline
+          content:
+            application/json:
+              schema:
+                $ref: './components/schemas/pipeline.yaml#/components/schemas/PipelineCreatedEnveloped'
+        default:
+          $ref: './openapi.yaml#/components/responses/DefaultErrorResponse'
+
+  # PROJECT SERVICES -----------------------------------------------------------------
+components:
+  parameters:
+    ProjectId:
+      in: path
+      name: project_id
+      required: true
+      description: the uuid of the project
+      schema:
+        type: string
+        # format: uuid
+        example: 123e4567-e89b-12d3-a456-426655440000
+
+    ProjectIdQuery:
+      in: query
+      name: project_id
+      required: true
+      description: the uuid of the project
+      schema:
+        type: string
+        # format: uuid
+        example: 123e4567-e89b-12d3-a456-426655440000
+
+    AssignmentUuid:
+      in: query
+      name: service_uuid
+      description: The uuid to assign the service with
+      required: true
+      schema:
+        type: string
+        # format: uuid
+        example: 123e4567-e89b-12d3-a456-426655440000
+
+    ServiceKey:
+      in: query
+      name: service_key
+      description: The key (url) of the service
+      required: true
+      schema:
+        type: string
+        # format: url
+        example: simcore/services/dynamic/3d-viewer
+
+    ServiceType:
+      in: query
+      name: service_type
+      description: |
+        The service type:
+          * computational - a computational service
+          * interactive - an interactive service
+      required: false
+      schema:
+        type: string
+        enum:
+          - computational
+          - interactive
+        example: computational
+
+    ServiceUuid:
+      in: path
+      name: service_uuid
+      description: The uuid of the service
+      required: true
+      schema:
+        type: string
+        # format: uuid
+        example: 123e4567-e89b-12d3-a456-426655440000
+
+    ServiceVersion:
+      in: query
+      name: service_tag
+      description: The tag/version of the service
+      required: false
+      schema:
+        type: string
+        example: "1.4"

api/specs/webserver/v0/openapi-services.yaml

@@ -86,15 +86,11 @@ paths:
       summary: Updates token
       operationId: update_token
       responses:
-        '200':
-          description: got detailed token
-          content:
-            application/json:
-              schema:
-                $ref: './components/schemas/me.yaml#/TokenEnveloped'
+        '204':
+          description: token has been successfully updated
     delete:
       summary: Delete token
       operationId: delete_token
       responses:
         '204':
-          description: project has been successfully deleted
+          description: token has been successfully deleted