upgrade to python-irodsclient v2.1.0 (#2007)

.github/workflows/build.yml

@@ -43,6 +43,8 @@ jobs:
           IRODS_ICAT_DBPASS: postgres
           IRODS_ZONE_NAME: sodarZone
           NO_WAIT: 1
+        options: >-
+          --hostname "irods"
         ports:
           - 4488:1247
     env:
@@ -78,6 +80,10 @@ jobs:
         run: python manage.py geticons
       - name: Run collectstatic
         run: python manage.py collectstatic --noinput
+      # NOTE: Workaround for python-irodsclient>1.1.9 redirect issue
+      - name: Add irods to /etc/hosts
+        run: |
+          sudo echo "127.0.0.1 irods" | sudo tee -a /etc/hosts
       - name: Run Django tests
         run: |
           coverage run --rcfile=.coveragerc manage.py test -v 2 --settings=config.settings.test

CHANGELOG.rst

@@ -31,6 +31,8 @@ Changed
     - Unify base test class naming (#2001)
     - Update ``Dockerfile`` for v1.0 upgrades (#2003, #2004)
     - Upgrade to iRODS v4.3.3 in CI (#1815)
+    - Upgrade to python-irodsclient v2.1.0 (#2007)
+    - Upgrade minimum supported iRODS version to v4.3.3 (#1815, #2007)
 - **Irodsinfo**
     - Update REST API versioning (#1936)
 - **Landingzones**
@@ -50,6 +52,7 @@ Removed
 - **General**
     - Python v3.8 support (#1922)
     - Postgres <v12 support (#1922)
+    - iRODS <v4.3 support (#1815, #2007)
 
 
 v0.15.1 (2024-09-12)

docs_manual/source/dev_install.rst

@@ -314,3 +314,28 @@ Navigate to SODAR
 Now you should have all the required components running for developing SODAR.
 Use your web browser to open http://127.0.0.1:8000 and you should see your local
 SODAR development site.
+
+
+Run SODAR Tests
+===============
+
+You can run the SODAR Django server tests using the following command:
+
+.. code-block:: bash
+
+    $ make test
+
+In addition to unit tests, this will run tests against the test iRODS server
+running in the Docker Compose network.
+
+.. note::
+
+    If some tests connecting to iRODS fail with
+    ``irods.exception.NetworkException``, you may need to add the line
+    ``127.0.0.1 irods-test`` into your ``/etc/hosts`` file.
+
+For testing the Sample Sheets Vue app, run the following command:
+
+.. code-block:: bash
+
+    $ make test_samplesheets_vue

docs_manual/source/sodar_release_notes.rst

@@ -11,20 +11,23 @@ list of changes in current and previous releases, see the
 v1.0.0 (WIP)
 ============
 
-Release for SODAR Core v1.0 upgrade and feature updates.
+Release for SODAR Core v1.0 upgrade, iRODS v4.3 upgrade and feature updates.
 
 - Add opt-out settings for iRODS data request and zone status update emails
 - Add REST API list view pagination
 - Add Python v3.11 support
+- Update minimum supported iRODS version to v4.3.3
 - Update REST API versioning
 - Update REST API views for OpenAPI support
 - Upgrade to Postgres v16
+- Upgrade to python-irodsclient v2.1.0
 - Upgrade to SODAR Core v1.0.2
 - SODAR Core v1.0 updates: OIDC auth support, new REST API versioning,
   owner/delegate remote sync controls, etc
 - Upgrade to Django v4.2
 - Remove Python v3.8 support
 - Remove Postgres <12 support
+- Remove iRODS <4.3 support
 
 Migration Guide
 ---------------
@@ -39,6 +42,10 @@ PostgreSQL Version Support
     your iRODS server. The CUBI iRODS v4.2 Docker image does not support
     Postgres >11. See the latest dev version of sodar-docker-compose for more
     information.
+iRODS Version Support
+    The minimum supported version of iRODS from this version onwards is v4.3.3.
+    Please upgrade the iRODS servers used in your SODAR installation. If using
+    sodar-docker-compose, see upgrading instructions in the repository.
 REST API Versioning Changes
     REST API versioning has changed in SODAR Core v1.0 and SODAR Server v1.0.
     Accept header versioning is now specific to each Django app providing their

irodsbackend/views.py

@@ -81,15 +81,13 @@ def _check_collection_perm(self, path, user, irods):
             coll = irods.collections.get(path)
         except Exception:
             return False
-        # perms = irods.acls.get(coll)  # 2.0+
-        perms = irods.permissions.get(coll)
+        perms = irods.acls.get(coll)
         perm_users = [p.user_name for p in perms]
         if user.username in perm_users:
             return True
         # In python-irodsclient v2.0+, acls don't return users based on group
         # membership. Instead, we need to check against project user group and
         # then verify membership.
-        '''
         group_name = self.irods_backend.get_user_group_name(self.project)
         try:
             group = irods.groups.get(group_name)
@@ -99,7 +97,6 @@ def _check_collection_perm(self, path, user, irods):
             m.name for m in group.members
         ]:
             return True
-        '''
         return False
 
     def dispatch(self, request, *args, **kwargs):

requirements/base.txt

@@ -91,7 +91,7 @@ altamisa==0.2.9
 # -e git+https://github.com/bihealth/altamisa.git@f6de23aa6073d446f7c49ede0af7fa8729992209#egg=altamisa
 
 # Python iRODS client
-python-irodsclient==1.1.8
+python-irodsclient==2.1.0
 
 # XML generating
 lxml==4.9.1

taskflowbackend/plugins.py

@@ -230,7 +230,7 @@ def revert_project_modify(
             try:
                 irods.user_groups.get(group_name)
                 logger.debug('Removing user group: {}'.format(group_name))
-                irods.user_groups.remove(group_name)
+                irods.users.remove(group_name)
             except UserGroupDoesNotExist:
                 pass
 

taskflowbackend/tasks/irods_tasks.py

@@ -60,8 +60,7 @@ def execute_set_access(
         else:
             target = self.irods.collections.get(path)
             recursive = recursive
-        # target_access = self.irods.acls.get(target=target)  # 2.0+
-        target_access = self.irods.permissions.get(target=target)
+        target_access = self.irods.acls.get(target=target)
 
         user_access = next(
             (x for x in target_access if x.user_name == user_name), None
@@ -86,8 +85,7 @@ def execute_set_access(
                 user_name=user_name,
                 user_zone=self.irods.zone,
             )
-            # self.irods.acls.set(acl, recursive=recursive)  # 2.0+
-            self.irods.permissions.set(acl, recursive=recursive)
+            self.irods.acls.set(acl, recursive=recursive)
             self.data_modified = True  # Access was modified
 
     def revert_set_access(
@@ -113,8 +111,7 @@ def revert_set_access(
                 user_zone=self.irods.zone,
             )
             recursive = False if obj_target else recursive
-            # self.irods.acls.set(acl, recursive=recursive)  # 2.0+
-            self.irods.permissions.set(acl, recursive=recursive)
+            self.irods.acls.set(acl, recursive=recursive)
 
 
 # Base Task --------------------------------------------------------------------
@@ -340,7 +337,7 @@ def execute(self, name, *args, **kwargs):
     def revert(self, name, *args, **kwargs):
         if self.data_modified:
             # NOTE: Not group_name
-            self.irods.user_groups.remove(user_name=name)
+            self.irods.users.remove(user_name=name)
 
 
 # TODO: Improve this once inherit is properly implemented in python client
@@ -356,8 +353,7 @@ def execute(self, path, inherit=True, *args, **kwargs):
             user_name='',
             user_zone=self.irods.zone,
         )
-        # self.irods.acls.set(acl, recursive=True)  # 2.0+
-        self.irods.permissions.set(acl, recursive=True)
+        self.irods.acls.set(acl, recursive=True)
 
     def revert(self, path, inherit=True, *args, **kwargs):
         # TODO: Add checks for inheritance status prior to execute
@@ -774,8 +770,7 @@ def execute(
                     ),
                 )
             try:
-                # target_access = self.irods.acls.get(target=target)  # 2.0+
-                target_access = self.irods.permissions.get(target=target)
+                target_access = self.irods.acls.get(target=target)
             except Exception as ex:
                 self._raise_irods_exception(
                     ex,
@@ -808,8 +803,7 @@ def execute(
                     user_zone=self.irods.zone,
                 )
                 try:
-                    # self.irods.acls.set(acl, recursive=False)  # 2.0+
-                    self.irods.permissions.set(acl, recursive=False)
+                    self.irods.acls.set(acl, recursive=False)
                 except Exception as ex:
                     self._raise_irods_exception(
                         ex,
@@ -849,8 +843,7 @@ def revert(
                 user_name=user_name,
                 user_zone=self.irods.zone,
             )
-            # self.irods.acls.set(acl, recursive=False)  # 2.0+
-            self.irods.permissions.set(acl, recursive=False)
+            self.irods.acls.set(acl, recursive=False)
 
 
 class BatchCalculateChecksumTask(IrodsBaseTask):

taskflowbackend/tests/base.py

@@ -131,8 +131,7 @@ def assert_irods_access(self, user_name, target, expected):
                 target = self.irods.collections.get(target)
             except CollectionDoesNotExist:
                 target = self.irods.data_objects.get(target)
-        # access_list = self.irods.acls.get(target=target)  # 2.0+
-        access_list = self.irods.permissions.get(target=target)
+        access_list = self.irods.acls.get(target=target)
         access = next(
             (x for x in access_list if x.user_name == user_name), None
         )
@@ -222,12 +221,11 @@ def clear_irods_test_data(cls):
                     )
             except Exception:
                 pass  # This is OK, the root just wasn't there
-                # Remove created user groups and users
 
-            # NOTE: user_groups.remove does both
+            # Remove created user groups and users
             for g in irods.query(UserGroup).all():
                 if g[UserGroup.name] not in permanent_users:
-                    irods.user_groups.remove(user_name=g[UserGroup.name])
+                    irods.users.remove(user_name=g[UserGroup.name])
                     logger.debug('Removed user: {}'.format(g[UserGroup.name]))
 
             # Remove all tickets

taskflowbackend/tests/test_tasks.py

@@ -85,8 +85,7 @@ def get_test_coll(self):
         return self.irods.collections.get(self.test_coll_path)
 
     def get_user_access(self, target, user_name):
-        # target_access = self.irods.acls.get(target=target)  # 2.0+
-        target_access = self.irods.permissions.get(target=target)
+        target_access = self.irods.acls.get(target=target)
         return next(
             (x for x in target_access if x.user_name == user_name), None
         )