diff --git a/api/api.py b/api/api.py index fb1d76337..7fe32e2b9 100644 --- a/api/api.py +++ b/api/api.py @@ -13,7 +13,7 @@ from .handlers.reporthandler import ReportHandler from .handlers.resolvehandler import ResolveHandler from .handlers.roothandler import RootHandler -from .handlers.savedsearchhandler import SavedSearchHandler +from .handlers.savesearchhandler import SaveSearchHandler from .handlers.schemahandler import SchemaHandler from .handlers.userhandler import UserHandler from .jobs.handlers import BatchHandler, JobsHandler, JobHandler, GearsHandler, GearHandler, RulesHandler, RuleHandler @@ -110,10 +110,10 @@ def prefix(path, routes): route('/dataexplorer/index/fields', DataExplorerHandler, h='index_field_names', m=['POST']), # Search Saving - route('/savesearch', SavedSearchHandler, m=['POST']), - route('/savesearch', SavedSearchHandler, h='get_all', m=['GET']), - route('/savesearch/', SavedSearchHandler, m=['GET','DELETE']), - route('/savesearch/', SavedSearchHandler, h='replace_search', m=['POST']), + route('/savesearches', SaveSearchHandler, m=['POST']), + route('/savesearches', SaveSearchHandler, h='get_all', m=['GET']), + route('/savesearches/', SaveSearchHandler, m=['GET','DELETE']), + route('/savesearches/', SaveSearchHandler, h='replace_search', m=['POST']), # Users @@ -235,7 +235,7 @@ def prefix(path, routes): # Collections / Projects - prefix('/', [ + prefix('/', [ prefix('/', [ route('/', PermissionsListHandler, m=['POST']), route('//<_id:{uid}>', PermissionsListHandler, m=['GET', 'PUT', 'DELETE']), diff --git a/api/config.py b/api/config.py index 96d9947be..ed4c42041 100644 --- a/api/config.py +++ b/api/config.py @@ -228,6 +228,7 @@ def initialize_db(): # TODO review all indexes db.users.create_index('api_key.key') db.projects.create_index([('gid', 1), ('name', 1)]) + db.savesearches.create_index('creator') db.sessions.create_index('project') db.sessions.create_index('uid') db.sessions.create_index('created') diff --git a/api/dao/containerstorage.py b/api/dao/containerstorage.py index 14566b861..c4c24e05c 100644 --- a/api/dao/containerstorage.py +++ b/api/dao/containerstorage.py @@ -406,7 +406,7 @@ def inflate_job_info(self, analysis): class SearchStorage(ContainerStorage): def __init__(self): - super(SearchStorage, self).__init__('searches', use_object_id=True) + super(SearchStorage, self).__init__('savesearches', use_object_id=True) def replace_el(self, search): self.delete_el(search['_id']) diff --git a/api/dao/containerutil.py b/api/dao/containerutil.py index e7198a990..ab32a38c3 100644 --- a/api/dao/containerutil.py +++ b/api/dao/containerutil.py @@ -14,6 +14,7 @@ 'acquisition': 'acquisitions', 'collection': 'collections', 'analysis': 'analyses', + 'savesearch': 'savesearches', } PLURAL_TO_SINGULAR = {p: s for s, p in SINGULAR_TO_PLURAL.iteritems()} diff --git a/api/handlers/listhandler.py b/api/handlers/listhandler.py index 5da8dd754..b9a42f4db 100644 --- a/api/handlers/listhandler.py +++ b/api/handlers/listhandler.py @@ -82,6 +82,7 @@ def initialize_list_configurations(): 'acquisitions': copy.deepcopy(container_default_configurations), 'collections': copy.deepcopy(container_default_configurations), 'analyses': copy.deepcopy(container_default_configurations), + 'savesearches': copy.deepcopy(container_default_configurations), } # preload the Storage instances for all configurations for cont_name, cont_config in list_container_configurations.iteritems(): diff --git a/api/handlers/savedsearchhandler.py b/api/handlers/savesearchhandler.py similarity index 83% rename from api/handlers/savedsearchhandler.py rename to api/handlers/savesearchhandler.py index 64ed62ea6..a64344729 100644 --- a/api/handlers/savedsearchhandler.py +++ b/api/handlers/savesearchhandler.py @@ -11,16 +11,17 @@ log = config.log storage = SearchStorage() -class SavedSearchHandler(base.RequestHandler): +class SaveSearchHandler(base.RequestHandler): def __init__(self, request=None, response=None): - super(SavedSearchHandler, self).__init__(request, response) + super(SaveSearchHandler, self).__init__(request, response) @require_login def post(self): payload = self.request.json_body validators.validate_data(payload, 'search-input.json', 'input', 'POST') payload['permissions'] = [{"_id": self.uid, "access": "admin"}] + payload['creator'] = self.uid result = storage.create_el(payload) if result.acknowledged: if result.inserted_id: @@ -49,10 +50,7 @@ def delete(self, sid): def replace_search(self, sid): payload = self.request.json_body - if payload.get('_id'): - del(payload['_id']) - if payload.get('permissions'): - del(payload['permissions']) + payload = self._scrub_replace(payload) validators.validate_data(payload, 'search-input.json', 'input', 'POST') payload['_id'] = bson.ObjectId(sid) search = storage.get_container(sid) @@ -64,3 +62,15 @@ def replace_search(self, sid): if result.inserted_id: return {'_id': result.inserted_id} return {"hi" : "bye"} + + def _scrub_replace(self, payload): + ''' + Function to turn a search returned from a GET to a legal post/replace + ''' + if payload.get('_id'): + del(payload['_id']) + if payload.get('permissions'): + del(payload['permissions']) + if payload.get('creator'): + del(payload['creator']) + return payload diff --git a/raml/api.raml b/raml/api.raml index 8ade5bf47..94a5e2361 100644 --- a/raml/api.raml +++ b/raml/api.raml @@ -55,4 +55,4 @@ resourceTypes: /acquisitions: !include resources/acquisitions.raml /projects: !include resources/projects.raml /report: !include resources/report.raml -/savesearch: !include resources/savesearch.raml +/savesearches: !include resources/savesearch.raml diff --git a/raml/schemas/definitions/search.json b/raml/schemas/definitions/search.json index aa34ae937..6f98cba15 100644 --- a/raml/schemas/definitions/search.json +++ b/raml/schemas/definitions/search.json @@ -32,7 +32,7 @@ "properties": { "_id": {"$ref":"../definitions/objectid.json#"}, "label": {"$ref": "../definitions/container.json#/definitions/label"}, - "uid": {"$ref":"../definitions/container.json#/definitions/uid"}, + "creator": {"$ref":"../definitions/container.json#/definitions/uid"}, "created": {"$ref":"../definitions/created-modified.json#/definitions/created"}, "modified": {"$ref":"../definitions/created-modified.json#/definitions/modified"}, "permissions": { diff --git a/test/integration_tests/abao/abao_test_hooks.js b/test/integration_tests/abao/abao_test_hooks.js index 99814b096..b39380ccd 100644 --- a/test/integration_tests/abao/abao_test_hooks.js +++ b/test/integration_tests/abao/abao_test_hooks.js @@ -1464,7 +1464,7 @@ hooks.before("GET /devices/{DeviceId} -> 404", function(test, done) { }); // Save Search Tests -hooks.before("POST /savesearch -> 200", function(test, done) { +hooks.before("POST /savesearches -> 200", function(test, done) { test.request.body = { "label": "Lable", "search": { @@ -1473,26 +1473,26 @@ hooks.before("POST /savesearch -> 200", function(test, done) { }; done(); }) -hooks.after("POST /savesearch -> 200", function(test, done) { +hooks.after("POST /savesearches -> 200", function(test, done) { search_id = test.response.body['_id']; done(); }) -hooks.before("POST /savesearch -> 400", function(test, done) { +hooks.before("POST /savesearches -> 400", function(test, done) { test.request.body = { "not-label": "Label" }; done(); }) -hooks.before("GET /savesearch/{SearchId} -> 200", function(test, done) { +hooks.before("GET /savesearches/{SearchId} -> 200", function(test, done) { test.request.params = { SearchId: search_id }; done(); }) -hooks.before("POST /savesearch/{SearchId} -> 200", function(test, done) { +hooks.before("POST /savesearches/{SearchId} -> 200", function(test, done) { test.request.params = { SearchId: search_id }; @@ -1506,7 +1506,7 @@ hooks.before("POST /savesearch/{SearchId} -> 200", function(test, done) { done(); }) -hooks.before("POST /savesearch/{SearchId} -> 400", function(test, done) { +hooks.before("POST /savesearches/{SearchId} -> 400", function(test, done) { test.request.params = { SearchId: search_id }; @@ -1516,7 +1516,7 @@ hooks.before("POST /savesearch/{SearchId} -> 400", function(test, done) { done(); }) -hooks.before("DELETE /savesearch/{SearchId} -> 200", function(test, done) { +hooks.before("DELETE /savesearches/{SearchId} -> 200", function(test, done) { test.request.params = { SearchId: search_id }; diff --git a/test/integration_tests/python/test_savedsearch.py b/test/integration_tests/python/test_savedsearch.py index 31843eb97..97b4320f3 100644 --- a/test/integration_tests/python/test_savedsearch.py +++ b/test/integration_tests/python/test_savedsearch.py @@ -2,48 +2,69 @@ def test_search_saving(as_admin, data_builder): # Try posting a malformed search - r = as_admin.post('/savesearch', json={"not-label":"random-string"}) + r = as_admin.post('/savesearches', json={"not-label":"random-string"}) assert r.status_code == 400 # Try getting a non-existent saved search - r = as_admin.get('/savesearch/000000000000000000000000') + r = as_admin.get('/savesearches/000000000000000000000000') assert r.status_code == 404 # Save a search - r = as_admin.post('/savesearch', json={'label': 'search1', 'search': {'return_type': 'session'}}) + r = as_admin.post('/savesearches', json={'label': 'search1', 'search': {'return_type': 'session'}}) assert r.ok search = r.json()['_id'] # Get all searched user has access to - r = as_admin.get('/savesearch') + r = as_admin.get('/savesearches') assert r.ok # Get the saved search by id - r = as_admin.get('/savesearch/' + search) + r = as_admin.get('/savesearches/' + search) assert r.ok assert r.json()['label'] == 'search1' # Malformed search replace payload = {'label': 'good-label', 'search' : { 'not-return-type' : 'not-container'}} - r = as_admin.post('/savesearch/' + search, json=payload) + r = as_admin.post('/savesearches/' + search, json=payload) assert r.status_code == 400 # Replace search - r = as_admin.get('/savesearch/' + search) + r = as_admin.get('/savesearches/' + search) assert r.ok assert r.json()['label'] == 'search1' payload = r.json() payload['label'] = 'newSearch' - r = as_admin.post('/savesearch/' + search, json=payload) + r = as_admin.post('/savesearches/' + search, json=payload) assert r.ok assert r.json()['_id'] == search - r = as_admin.get('/savesearch/' + search) + r = as_admin.get('/savesearches/' + search) assert r.ok assert r.json()['label'] == 'newSearch' + # Add permission to search + r = as_admin.post('/savesearches/' + search + '/permissions', json={'access': 'admin', '_id': 'user@user.com'}) + assert r.ok + r = as_admin.get('/savesearches/' + search) + assert r.ok + assert r.json()['permissions'][1]['_id'] == 'user@user.com' + + # Modify permission + r = as_admin.put('/savesearches/' + search + '/permissions/user@user.com', json={'access': 'ro'}) + assert r.ok + r = as_admin.get('/savesearches/' + search) + assert r.ok + assert r.json()['permissions'][1]['access'] == 'ro' + + # Remove permission + r = as_admin.delete('/savesearches/' + search + '/permissions/user@user.com') + assert r.ok + r = as_admin.get('/savesearches/' + search) + assert r.ok + assert len(r.json()['permissions']) == 1 + # Delete saved search - r = as_admin.delete('/savesearch/' + search) + r = as_admin.delete('/savesearches/' + search) assert r.ok - r = as_admin.get('/savesearch') + r = as_admin.get('/savesearches') assert r.ok assert len(r.json()) == 0