fix: resolve issues with initdev command

[holtgrewe]

Summary by CodeRabbit

• New Features

  • Introduced a password reset option during user creation via the command-line interface.
  • Enhanced logic for import job creation based on existing cases.

• Bug Fixes

  • Updated identifiers in the YAML template for family members to ensure consistency across sections.

These updates improve user management and maintain data integrity within the application.

[coderabbitai]

Walkthrough

The changes in this pull request involve modifications to a YAML template and enhancements to the user creation process in the initdev.py file. In the YAML file, identifiers for family members are updated from {{ data_case }} to {{ case_name }} across various sections, maintaining the overall structure. In initdev.py, a new command-line argument --reset-password is introduced, allowing password resets for created users, and the logic for creating import jobs is refined to check for existing cases.

Changes

File	Change Summary
backend/varfish/users/management/commands/data/Case_1.grch37.yaml.tpl	Updated familyId identifiers from {{ data_case }} to {{ case_name }} in pedigree and files sections for all family members. Retained comments for optional BAM entries.
backend/varfish/users/management/commands/initdev.py	Added --reset-password argument to Command class. Updated _handle and _create_user methods to utilize reset_password. Enhanced _create_import_job to check case existence.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Command
    participant ImportJob

    User->>Command: run command with --reset-password
    Command->>Command: _handle()
    Command->>Command: _create_user()
    alt User exists
        Command->>Command: reset_password=True
    else New user
        Command->>Command: create user
    end
    Command->>ImportJob: _create_import_job()
    alt Case exists
        ImportJob->>Command: ACTION_UPDATE
    else No case
        ImportJob->>Command: ACTION_CREATE
    end

Loading

🐇 "In the garden where changes bloom,
New names for families chase the gloom.
With passwords reset, a fresh start,
Import jobs now play their part.
Hops of joy, let's celebrate,
For every change, we elevate!" 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

deps-report 🔍

Commit scanned: 1891fb5
ℹ️ Python version 3.10 is used by your project but the latest version is 3.13.

Vulnerable dependencies

4 dependencies have vulnerabilities 😱

Dependency	Advisory	Versions impacted
djangorestframework (transitive)	Affected versions of the package djangorestframework are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with tags.	<3.15.2
jinja2 (transitive)	In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.	>=0
setuptools (transitive)	Affected versions of Setuptools allow for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.	<70.0.0
sqlalchemy	Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints. sqlalchemy/sqlalchemy#8563	<2.0.0b1

Outdated dependencies

55 outdated dependencies found (including 20 outdated major versions)😢

Dependency	Installed version	Latest version
alabaster (transitive)	0.7.16	1.0.0
argon2-cffi (transitive)	21.3.0	23.1.0
billiard (transitive)	3.6.4.0	4.2.1
crispy-bootstrap4 (transitive)	2022.1	2024.10
django	3.2.25	5.1.2
django-model-utils (transitive)	4.3.1	5.0.0
django-rest-knox (transitive)	4.2.0	5.0.2
django-sodar-core	0.13.4	1.0.2
jsonschema-specifications (transitive)	2023.12.1	2024.10.1
markupsafe (transitive)	2.1.5	3.0.2
mistune (transitive)	2.0.5	3.0.2
packaging (transitive)	23.2	24.1
pillow (transitive)	10.4.0	11.0.0
protobuf	3.20.3	5.28.3
setuptools (transitive)	67.6.1	75.2.0
sphinx (transitive)	6.2.1	8.1.3
sphinx-rtd-theme (transitive)	1.2.2	3.0.1
sqlalchemy	1.4.54	2.0.36
unidecode (transitive)	0.4.21	1.3.8
xmlschema (transitive)	2.5.1	3.4.2

Dependency	Installed version	Latest version
anyio (transitive)	4.6.0	4.6.2.post1
botocore (transitive)	1.35.36	1.35.47
celery (transitive)	5.2.7	5.4.0
charset-normalizer (transitive)	3.3.2	3.4.0
clinvar-this	0.18.2	0.18.3
coverage (dev,transitive)	7.6.1	7.6.4
cryptography (transitive)	43.0.1	43.0.3
django-autocomplete-light (transitive)	3.9.4	3.11.0
django-crispy-forms (transitive)	2.0	2.3
django-db-file-storage (transitive)	0.5.5	0.5.6.1
django-debug-toolbar	4.3.0	4.4.6
django-environ (transitive)	0.10.0	0.11.2
django-iconify (transitive)	0.1.1	0.4
django-plugins-bihealth	0.4.0	0.5.2
django-postgres-copy	2.3.7	2.7.6
djangorestframework (transitive)	3.14.0	3.15.2
docutils (transitive)	0.18.1	0.21.2
drf-keyed-list-bihealth	0.1.1	0.2.1
faker	30.6.0	30.8.0
frozenlist (transitive)	1.4.1	1.5.0
markdown (transitive)	3.4.1	3.7
mypy-protobuf (dev)	3.3.0	3.6.0
psutil	6.0.0	6.1.0
psycopg2 (transitive)	2.9.9	2.9.10
psycopg2-binary (transitive)	2.9.9	2.9.10
pydantic-core (transitive)	2.23.4	2.25.0
requests-http-signature	0.2.0	0.7.1
rich	13.9.2	13.9.3
rules (transitive)	3.3	3.5
trio (dev,transitive)	0.26.2	0.27.0
types-psycopg2 (dev,transitive)	2.9.21.20240819	2.9.21.20241019
versioneer (transitive)	0.28	0.29
wheel (transitive)	0.40.0	0.44.0
xmltodict (transitive)	0.13.0	0.14.2
yarl (transitive)	1.15.5	1.16.0

_Logs

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (3)

backend/varfish/users/management/commands/data/Case_1.grch37.yaml.tpl (1)

Template variables need to be synchronized in Case_1.grch37.yaml.tpl

The verification confirms that there is indeed an inconsistency in the template variables:

• {{ case_name }} is used for familyId in the pedigree section
• {{ data_case }} is still used in multiple places:
  • File paths: file://{{ data_path }}/{{ data_case }}.grch37.gatk_hc.vcf.gz
  • Individual identifiers: {{ data_case }}_index, {{ data_case }}_father, {{ data_case }}_mother

These inconsistencies should be resolved by using the same template variable throughout the file to ensure proper template rendering.

🔗 Analysis chain

Line range hint 143-160: Template variable inconsistency detected.

While the pedigree section has been updated to use {{ case_name }}, other sections still use {{ data_case }}. This inconsistency could lead to errors.

Let's verify all occurrences of both variables:

---

Let me fix the regex pattern for the search.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for remaining instances of data_case and case_name
echo "Occurrences of data_case:"
rg "{{ data_case }}" -A 1
echo -e "\nOccurrences of case_name:"
rg "{{ case_name }}" -A 1

Length of output: 365

---

Script:

#!/bin/bash
# Search for remaining instances of data_case and case_name with escaped curly braces
echo "Occurrences of data_case:"
rg "\{\{ data_case \}\}" -A 1
echo -e "\nOccurrences of case_name:"
rg "\{\{ case_name \}\}" -A 1

Length of output: 2743

backend/varfish/users/management/commands/initdev.py (2)

412-413: Consider enhancing error handling for case existence check.

The case existence check could benefit from additional error handling. Consider adding validation to ensure the case being updated matches the expected schema version.

 # Check whether the case already exists.
-case_exists = Case.objects.filter(project=project, name=case_name).exists()
+try:
+    case = Case.objects.get(project=project, name=case_name)
+    case_exists = True
+    if case.case_version != 2:
+        raise CommandError(f"Existing case {case_name} has incompatible version {case.case_version}")
+except Case.DoesNotExist:
+    case_exists = False

---

438-442: Enhance success message to reflect the action type.

The success message could be more informative by indicating whether the job was created for updating or creating a case.

-        self.stderr.write(self.style.SUCCESS("Created import job."))
+        action_type = "update" if case_exists else "create"
+        self.stderr.write(self.style.SUCCESS(f"Created import job to {action_type} case {case_name}."))

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 7fea8c7 and 1891fb5.

📒 Files selected for processing (2)

• backend/varfish/users/management/commands/data/Case_1.grch37.yaml.tpl (1 hunks)
• backend/varfish/users/management/commands/initdev.py (8 hunks)

🔇 Additional comments (4)

backend/varfish/users/management/commands/data/Case_1.grch37.yaml.tpl (1)

Line range hint 1-180: Inconsistent genome build versions detected.

The file contains mixed references to genome builds:

• Filename indicates grch37
• File attributes specify grch38 in multiple locations
• Final VCF section specifies grch37

This inconsistency could cause issues with data processing and analysis.

Let's verify all genome build references:

backend/varfish/users/management/commands/initdev.py (3)

91-91: LGTM: Well-documented command line argument addition.

The --reset-password flag is appropriately implemented as a boolean option with a clear help message.

---

124-124: LGTM: Consistent propagation of reset_password parameter.

The reset_password parameter is correctly propagated to all user creation calls with appropriate type annotation.

Also applies to: 134-140

---

221-229: Consider adding password complexity requirements.

While using UUID for password generation is secure, consider implementing password complexity requirements for production environments. This could be important if these development accounts are ever used in staging environments.

Let's check if there are any password-related settings or middleware in the project:

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91%. Comparing base (7fea8c7) to head (1891fb5).
Report is 1 commits behind head on main.

Additional details and impacted files

@@          Coverage Diff          @@
##            main   #2051   +/-   ##
=====================================
  Coverage     91%     91%           
=====================================
  Files        675     675           
  Lines      38433   38433           
=====================================
  Hits       35086   35086           
  Misses      3347    3347