Add superuser

HFragnaud · HFragnaud · commit b6cd7f9a8c0b · 2018-06-06T09:28:46.000+02:00
diff --git a/model_validation_api/urls.py b/model_validation_api/urls.py
@@ -23,7 +23,7 @@
                     IsCollabMemberRest,
                     Results,
                     CollabAppID,
-
+                    IsSuperUserRest,
                     )
 
 # from django.contrib.auth.decorators import login_required
@@ -45,6 +45,10 @@
     url(r'^appidrest/$',
          AppIDRest.as_view(),
         ),
+     url(r'^issuperuser/$',
+         IsSuperUserRest.as_view(),
+        ),
+        
     # url(r'^notificationrest/$',
     #     NotificationRest.as_view(),
     #     ), 
diff --git a/model_validation_api/views.py b/model_validation_api/views.py
@@ -618,10 +618,12 @@ def put(self, request, format=None):
              
             if param_web_app==True:
                 original_instance = ScientificModelInstance.objects.get(id=instance.get('id'))
-                #check if version is editable
-                if not _are_model_instance_editable(instance):
-                    return Response("This version is no longer editable as there is at least one result associated with it.", status=status.HTTP_400_BAD_REQUEST)
-    
+                #check if version is editable - only if you are not super user
+                if not is_authorised(request,settings.ADMIN_COLLAB_ID):
+                    if not _are_model_instance_editable(instance):
+                        return Response("This version is no longer editable as there is at least one result associated with it.", status=status.HTTP_400_BAD_REQUEST)
+                
+                
                 #check if versions are unique
                 if not _are_model_instance_version_unique(instance) :
                     return Response("Oh no... The specified version name already exists for this model. Please, give me a new name", status=status.HTTP_400_BAD_REQUEST)
@@ -669,8 +671,9 @@ def put(self, request, format=None):
                 return HttpResponseForbidden()
     
             #check if version is editable
-            if not _are_model_instance_editable(instance):
-                return Response("This version is no longer editable as there is at least one result associated with it.", status=status.HTTP_400_BAD_REQUEST)
+            if not is_authorised(request, settings.ADMIN_COLLAB_ID):
+                if not _are_model_instance_editable(instance):
+                    return Response("This version is no longer editable as there is at least one result associated with it.", status=status.HTTP_400_BAD_REQUEST)
                 
             #check if versions are unique
             if not _are_model_instance_version_unique(instance) :
@@ -1978,6 +1981,21 @@ def get(self, request, format=None, **kwargs):
         })
 
 
+class IsSuperUserRest (APIView):
+    """
+    Class to check if user is an admin
+    """
+    def get(self, request, format=None, **kwargs):
+        """
+        :param app_id: id of the application
+        :type app_id: int
+        :return: bool: is_member
+        """
+    
+        is_superuser = is_authorised(request, settings.ADMIN_COLLAB_ID)
+        return Response({
+            'is_superuser':  is_superuser,
+        })
 
 """
 Model of table model_validation_api_validationtestresult
diff --git a/validation_service/app/js/controller.js b/validation_service/app/js/controller.js
@@ -1415,9 +1415,10 @@ ModelCatalogApp.controller('ModelCatalogDetailCtrl', ['$scope', '$rootScope', '$
     }
 ]);
 
-ModelCatalogApp.controller('ModelCatalogEditCtrl', ['$scope', '$rootScope', '$http', '$location', '$state', '$stateParams', 'ScientificModelRest', 'ScientificModelInstanceRest', 'ScientificModelImageRest', 'CollabParameters', 'Context', 'ScientificModelAliasRest', 'AreVersionsEditableRest', 'DataHandler', 'clbStorage',
+ModelCatalogApp.controller('ModelCatalogEditCtrl', ['$scope', '$rootScope', '$http', '$location', '$state', '$stateParams', 'ScientificModelRest', 'ScientificModelInstanceRest', 'ScientificModelImageRest', 'CollabParameters', 'Context', 'ScientificModelAliasRest', 'AreVersionsEditableRest', 'DataHandler', 'clbStorage', 'IsSuperUserRest',
+
+    function($scope, $rootScope, $http, $location, $state, $stateParams, ScientificModelRest, ScientificModelInstanceRest, ScientificModelImageRest, CollabParameters, Context, ScientificModelAliasRest, AreVersionsEditableRest, DataHandler, clbStorage, IsSuperUserRest) {
 
-    function($scope, $rootScope, $http, $location, $state, $stateParams, ScientificModelRest, ScientificModelInstanceRest, ScientificModelImageRest, CollabParameters, Context, ScientificModelAliasRest, AreVersionsEditableRest, DataHandler, clbStorage) {
 
         $scope.change_collab_url_to_real_url = function() {
             //COULD BE IN A SERVICE
@@ -1523,7 +1524,6 @@ ModelCatalogApp.controller('ModelCatalogEditCtrl', ['$scope', '$rootScope', '$ht
             return array.indexOf(value) > -1;
         }
 
-
         Context.setService().then(function() {
 
             $scope.Context = Context;
@@ -1534,6 +1534,8 @@ ModelCatalogApp.controller('ModelCatalogEditCtrl', ['$scope', '$rootScope', '$ht
             //     $scope.models = data
             //     $scope.$apply()
             // });
+            $scope.isSuperUser = IsSuperUserRest.get({ app_id: $scope.app_id })
+
 
             CollabParameters.setService($scope.ctx).then(function() {
 
diff --git a/validation_service/app/js/model.js b/validation_service/app/js/model.js
@@ -194,4 +194,12 @@ ApiCommunicationServices.factory('collabAppID', ['$resource',
             get: { method: 'GET', params: { format: 'json', ctx: 'ctx' }, isArray: false },
         });
     }
+]);
+
+ApiCommunicationServices.factory('IsSuperUserRest', ['$resource',
+    function($resource) {
+        return $resource('issuperuser/', {}, {
+            get: { method: 'GET', params: { format: 'json', ctx: 'ctx' }, isArray: false },
+        });
+    }
 ]);
diff --git a/validation_service/app/templates/model_catalog/model-catalog-edit.tpl.html b/validation_service/app/templates/model_catalog/model-catalog-edit.tpl.html
@@ -230,6 +230,7 @@ <h2>
                             <td><input type="text" ng-model=model_instance.code_format /></td>
                             <td><button ng-if="isInArray(model_instance.id, version_is_editable)" type="submit" class="btn btn-primary" ng-click=saveModelInstance(model_instance)>Save changes</button>
                                 <button ng-if="!isInArray(model_instance.id, version_is_editable)" type="" class="btn btn-danger">Not editable</button></td>
+                            <td><button ng-if="isSuperUser.is_superuser" type="submit" class="btn btn-primary" ng-click=saveModelInstance(model_instance)>SuperUser Edit</button></td>
                         </tr>
                     </tbody>
                 </table>
diff --git a/validation_service/validation_service/settings.py b/validation_service/validation_service/settings.py
@@ -170,7 +170,7 @@
 HBP_ENV_URL = 'https://collab.humanbrainproject.eu/config.json'
 HBP_IDENTITY_SERVICE_URL = 'https://services.humanbrainproject.eu/idm/v1/api'
 HBP_STORAGE_SERVICE_URL = 'https://services.humanbrainproject.eu/storage/v1/api/entity/'
-
+ADMIN_COLLAB_ID = "13947"
 
 
 # SECURITY WARNING: keep the secret key used in production secret!
