openapi specs

Author: matusdrobuliak66

api/specs/web-server/_folders.py

@@ -63,6 +63,27 @@ async def list_folders(
     ...
 
 
+@router.get(
+    "/folders:search",
+    response_model=Envelope[list[FolderGet]],
+)
+async def list_folders_full_search(
+    params: Annotated[PageQueryParameters, Depends()],
+    order_by: Annotated[
+        Json,
+        Query(
+            description="Order by field (modified_at|name|description) and direction (asc|desc). The default sorting order is ascending.",
+            example='{"field": "name", "direction": "desc"}',
+        ),
+    ] = '{"field": "modified_at", "direction": "desc"}',
+    filters: Annotated[
+        Json | None,
+        Query(description=FolderFilters.schema_json(indent=1)),
+    ] = None,
+):
+    ...
+
+
 @router.get(
     "/folders/{folder_id}",
     response_model=Envelope[FolderGet],

packages/models-library/src/models_library/folders.py

@@ -4,6 +4,7 @@
 
 from pydantic import BaseModel, Field, PositiveInt, validator
 
+from .access_rights import AccessRights
 from .users import GroupID, UserID
 from .utils.enums import StrAutoEnum
 from .workspaces import WorkspaceID
@@ -66,3 +67,10 @@ class FolderDB(BaseModel):
 
     class Config:
         orm_mode = True
+
+
+class UserFolderAccessRightsDB(FolderDB):
+    my_access_rights: AccessRights
+
+    class Config:
+        orm_mode = True

services/web/server/src/simcore_service_webserver/api/v0/openapi.yaml

@@ -2690,6 +2690,70 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Envelope_FolderGet_'
+  /v0/folders:search:
+    get:
+      tags:
+      - folders
+      summary: List Folders Full Search
+      operationId: list_folders_full_search
+      parameters:
+      - description: Order by field (modified_at|name|description) and direction (asc|desc).
+          The default sorting order is ascending.
+        required: false
+        schema:
+          title: Order By
+          description: Order by field (modified_at|name|description) and direction
+            (asc|desc). The default sorting order is ascending.
+          default: '{"field": "modified_at", "direction": "desc"}'
+        example: '{"field": "name", "direction": "desc"}'
+        name: order_by
+        in: query
+      - description: "{\n \"title\": \"FolderFilters\",\n \"description\": \"Encoded\
+          \ as JSON. Each available filter can have its own logic (should be well\
+          \ documented)\\nInspired by Docker API https://docs.docker.com/engine/api/v1.43/#tag/Container/operation/ContainerList.\"\
+          ,\n \"type\": \"object\",\n \"properties\": {\n  \"trashed\": {\n   \"title\"\
+          : \"Trashed\",\n   \"description\": \"Set to true to list trashed, false\
+          \ to list non-trashed (default), None to list all\",\n   \"default\": false,\n\
+          \   \"type\": \"boolean\"\n  }\n }\n}"
+        required: false
+        schema:
+          title: Filters
+          type: string
+          description: "{\n \"title\": \"FolderFilters\",\n \"description\": \"Encoded\
+            \ as JSON. Each available filter can have its own logic (should be well\
+            \ documented)\\nInspired by Docker API https://docs.docker.com/engine/api/v1.43/#tag/Container/operation/ContainerList.\"\
+            ,\n \"type\": \"object\",\n \"properties\": {\n  \"trashed\": {\n   \"\
+            title\": \"Trashed\",\n   \"description\": \"Set to true to list trashed,\
+            \ false to list non-trashed (default), None to list all\",\n   \"default\"\
+            : false,\n   \"type\": \"boolean\"\n  }\n }\n}"
+          format: json-string
+        name: filters
+        in: query
+      - required: false
+        schema:
+          title: Limit
+          exclusiveMaximum: true
+          minimum: 1
+          type: integer
+          default: 20
+          maximum: 50
+        name: limit
+        in: query
+      - required: false
+        schema:
+          title: Offset
+          minimum: 0
+          type: integer
+          default: 0
+        name: offset
+        in: query
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Envelope_list_models_library.api_schemas_webserver.folders_v2.FolderGet__'
   /v0/folders/{folder_id}:
     get:
       tags:

services/web/server/src/simcore_service_webserver/folders/_folders_api.py

@@ -153,46 +153,65 @@ async def list_folders(
     limit: int,
     order_by: OrderBy,
 ) -> FolderGetPage:
-    workspace_is_private = True
-    user_folder_access_rights = AccessRights(read=True, write=True, delete=True)
+    # NOTE: Folder access rights for listing are checked within the listing DB function.
 
-    if workspace_id:
-        user_workspace_access_rights = await check_user_workspace_access(
-            app,
-            user_id=user_id,
-            workspace_id=workspace_id,
-            product_name=product_name,
-            permission="read",
-        )
-        workspace_is_private = False
-        user_folder_access_rights = user_workspace_access_rights.my_access_rights
-        _workspace_query = WorkspaceQuery(
-            workspace_scope=WorkspaceScope.SHARED, workspace_id=workspace_id
-        )
-    else:
-        _workspace_query = WorkspaceQuery(workspace_scope=WorkspaceScope.PRIVATE)
+    total_count, folders = await folders_db.list_(
+        app,
+        product_name=product_name,
+        user_id=user_id,
+        folder_query=(
+            FolderQuery(folder_scope=FolderScope.SPECIFIC, folder_id=folder_id)
+            if folder_id
+            else FolderQuery(folder_scope=FolderScope.ROOT)
+        ),
+        workspace_query=(
+            WorkspaceQuery(
+                workspace_scope=WorkspaceScope.SHARED, workspace_id=workspace_id
+            )
+            if workspace_id
+            else WorkspaceQuery(workspace_scope=WorkspaceScope.PRIVATE)
+        ),
+        filter_trashed=trashed,
+        offset=offset,
+        limit=limit,
+        order_by=order_by,
+    )
+    return FolderGetPage(
+        items=[
+            FolderGet(
+                folder_id=folder.folder_id,
+                parent_folder_id=folder.parent_folder_id,
+                name=folder.name,
+                created_at=folder.created,
+                modified_at=folder.modified,
+                trashed_at=folder.trashed_at,
+                owner=folder.created_by_gid,
+                workspace_id=folder.workspace_id,
+                my_access_rights=folder.my_access_rights,
+            )
+            for folder in folders
+        ],
+        total=total_count,
+    )
 
-    if folder_id:
-        # Check user access to folder
-        await folders_db.get_for_user_or_workspace(
-            app,
-            folder_id=folder_id,
-            product_name=product_name,
-            user_id=user_id if workspace_is_private else None,
-            workspace_id=workspace_id,
-        )
-        _folder_query = FolderQuery(
-            folder_scope=FolderScope.SPECIFIC, folder_id=folder_id
-        )
-    else:
-        _folder_query = FolderQuery(folder_scope=FolderScope.ROOT)
+
+async def list_folders_full_search(
+    app: web.Application,
+    user_id: UserID,
+    product_name: ProductName,
+    trashed: bool | None,
+    offset: NonNegativeInt,
+    limit: int,
+    order_by: OrderBy,
+) -> FolderGetPage:
+    # NOTE: Folder access rights for listing are checked within the listing DB function.
 
     total_count, folders = await folders_db.list_(
         app,
         product_name=product_name,
         user_id=user_id,
-        folder_query=_folder_query,
-        workspace_query=_workspace_query,
+        folder_query=FolderQuery(folder_scope=FolderScope.ALL),
+        workspace_query=WorkspaceQuery(workspace_scope=WorkspaceScope.ALL),
         filter_trashed=trashed,
         offset=offset,
         limit=limit,
@@ -209,7 +228,7 @@ async def list_folders(
                 trashed_at=folder.trashed_at,
                 owner=folder.created_by_gid,
                 workspace_id=folder.workspace_id,
-                my_access_rights=user_folder_access_rights,
+                my_access_rights=folder.my_access_rights,
             )
             for folder in folders
         ],

services/web/server/src/simcore_service_webserver/folders/_folders_db.py

@@ -10,7 +10,13 @@
 
 import sqlalchemy as sa
 from aiohttp import web
-from models_library.folders import FolderDB, FolderID, FolderQuery, FolderScope
+from models_library.folders import (
+    FolderDB,
+    FolderID,
+    FolderQuery,
+    FolderScope,
+    UserFolderAccessRightsDB,
+)
 from models_library.products import ProductName
 from models_library.projects import ProjectID
 from models_library.rest_ordering import OrderBy, OrderDirection
@@ -20,21 +26,17 @@
 from simcore_postgres_database.models.folders_v2 import folders_v2
 from simcore_postgres_database.models.projects import projects
 from simcore_postgres_database.models.projects_to_folders import projects_to_folders
-from simcore_postgres_database.models.workspaces_access_rights import (
-    workspaces_access_rights,
-)
 from simcore_postgres_database.utils_repos import (
     pass_or_acquire_connection,
     transaction_context,
 )
-from simcore_postgres_database.utils_sql import assemble_array_groups
 from sqlalchemy import func
 from sqlalchemy.ext.asyncio import AsyncConnection
 from sqlalchemy.orm import aliased
 from sqlalchemy.sql import ColumnElement, CompoundSelect, Select, asc, desc, select
 
 from ..db.plugin import get_asyncpg_engine
-from ..groups.api import list_all_user_groups
+from ..workspaces._workspaces_db import _create_my_access_rights_subquery
 from .errors import FolderAccessForbiddenError, FolderNotFoundError
 
 _logger = logging.getLogger(__name__)
@@ -63,6 +65,10 @@ def as_dict_exclude_unset(**params) -> dict[str, Any]:
     folders_v2.c.workspace_id,
 )
 
+# _SELECTION_ARGS_WITH_MY_ACCESS_RIGHTS = (
+#     _SELECTION_ARGS,
+# )
+
 
 async def create(
     app: web.Application,
@@ -114,32 +120,15 @@ async def list_(  # pylint: disable=too-many-arguments,too-many-branches
     limit: int,
     # order
     order_by: OrderBy,
-) -> tuple[int, list[FolderDB]]:
+) -> tuple[int, list[UserFolderAccessRightsDB]]:
     """
-    Assumptions -
-
     folder_query - Used to filter in which folder we want to list folders.
     trashed - If set to true, it returns folders **explicitly** trashed, if false then non-trashed folders.
     """
 
-    workspace_access_rights_subquery = (
-        sa.select(
-            workspaces_access_rights.c.workspace_id,
-            sa.func.jsonb_object_agg(
-                workspaces_access_rights.c.gid,
-                sa.func.jsonb_build_object(
-                    "read",
-                    workspaces_access_rights.c.read,
-                    "write",
-                    workspaces_access_rights.c.write,
-                    "delete",
-                    workspaces_access_rights.c.delete,
-                ),
-            )
-            .filter(workspaces_access_rights.c.read)
-            .label("access_rights"),
-        ).group_by(workspaces_access_rights.c.workspace_id)
-    ).subquery("workspace_access_rights_subquery")
+    workspace_access_rights_subquery = _create_my_access_rights_subquery(
+        user_id=user_id
+    )
 
     if workspace_query.workspace_scope is not WorkspaceScope.SHARED:
         assert workspace_query.workspace_scope in (  # nosec
@@ -148,7 +137,17 @@ async def list_(  # pylint: disable=too-many-arguments,too-many-branches
         )
 
         private_workspace_query = (
-            select(*_SELECTION_ARGS)
+            select(
+                *_SELECTION_ARGS,
+                func.json_build_object(
+                    "read",
+                    sa.text("true"),
+                    "write",
+                    sa.text("true"),
+                    "delete",
+                    sa.text("true"),
+                ).label("my_access_rights"),
+            )
             .select_from(folders_v2)
             .where(
                 (folders_v2.c.product_name == product_name)
@@ -163,11 +162,13 @@ async def list_(  # pylint: disable=too-many-arguments,too-many-branches
             WorkspaceScope.SHARED,
             WorkspaceScope.ALL,
         )
-        _user_groups = await list_all_user_groups(app, user_id=user_id)
-        _user_groups_ids = [group.gid for group in _user_groups]
+        # _user_groups = await list_all_user_groups(app, user_id=user_id)
+        # _user_groups_ids = [group.gid for group in _user_groups]
 
         shared_workspace_query = (
-            select(*_SELECTION_ARGS)
+            select(
+                *_SELECTION_ARGS, workspace_access_rights_subquery.c.my_access_rights
+            )
             .select_from(
                 folders_v2.join(
                     workspace_access_rights_subquery,
@@ -177,14 +178,7 @@ async def list_(  # pylint: disable=too-many-arguments,too-many-branches
             )
             .where(
                 (folders_v2.c.product_name == product_name)
-                & (
-                    folders_v2.c.user_id.is_(None)
-                    & (
-                        sa.text(
-                            f"jsonb_exists_any(workspace_access_rights_subquery.access_rights, {assemble_array_groups(_user_groups_ids)})"
-                        )
-                    )
-                )
+                & (folders_v2.c.user_id.is_(None))
             )
         )
     else:
@@ -245,7 +239,9 @@ async def list_(  # pylint: disable=too-many-arguments,too-many-branches
         total_count = await conn.scalar(count_query)
 
         result = await conn.stream(list_query)
-        folders: list[FolderDB] = [FolderDB.from_orm(row) async for row in result]
+        folders: list[UserFolderAccessRightsDB] = [
+            UserFolderAccessRightsDB.from_orm(row) async for row in result
+        ]
         return cast(int, total_count), folders