diff --git a/app/queries/common.py b/app/queries/common.py index 8023e16dd..9b92e3ea5 100644 --- a/app/queries/common.py +++ b/app/queries/common.py @@ -7,7 +7,7 @@ from sqlalchemy.sql import operators from app.db.auth import ( - constrain_to_readable_entities_by_project, + constrain_to_readable_entities_by_context, constrain_to_writable_entities, ) from app.db.model import Activity, Identifiable @@ -69,9 +69,9 @@ def router_read_one[T: BaseModel, I: Identifiable]( if user_context and ( id_model_class := get_declaring_class(db_model_class, "authorized_project_id") ): - query = constrain_to_readable_entities_by_project( + query = constrain_to_readable_entities_by_context( query=query, - project_id=user_context.project_id, + user_context=user_context, db_model_class=id_model_class, ) if apply_operations: @@ -269,7 +269,7 @@ def router_read_many[T: BaseModel, I: Identifiable]( # noqa: PLR0913 *, db: Session, db_model_class: type[I], - authorized_project_id: uuid.UUID | None, + user_context: UserContext | None, with_search: Search[I] | None, with_in_brain_region: InBrainRegionQuery | None, facets: WithFacets | None, @@ -289,7 +289,7 @@ def router_read_many[T: BaseModel, I: Identifiable]( # noqa: PLR0913 Args: db: database session. db_model_class: database model class. - authorized_project_id: project id for filtering the resources. + user_context: user context for filtering readable resources. with_search: search query (str). with_in_brain_region: enable family queries based on BrainRegion facets: facet query (bool). @@ -311,12 +311,14 @@ def router_read_many[T: BaseModel, I: Identifiable]( # noqa: PLR0913 """ filter_query = sa.select(db_model_class) - if check_authorized_project and ( - id_model_class := get_declaring_class(db_model_class, "authorized_project_id") + if ( + user_context + and check_authorized_project + and (id_model_class := get_declaring_class(db_model_class, "authorized_project_id")) ): - filter_query = constrain_to_readable_entities_by_project( + filter_query = constrain_to_readable_entities_by_context( query=filter_query, - project_id=authorized_project_id, + user_context=user_context, db_model_class=id_model_class, ) diff --git a/app/queries/entity.py b/app/queries/entity.py index 284444071..bff3ee727 100644 --- a/app/queries/entity.py +++ b/app/queries/entity.py @@ -13,11 +13,11 @@ from app.schemas.auth import UserContext -def get_accessible_entity[T: Entity]( +def get_readable_entity_by_project[T: Entity]( db: Session, db_model_class: type[T], entity_id: uuid.UUID, - user_context: UserContext, + project_id: uuid.UUID, ) -> T: """Return a specific entity by type and id, readable by the given project. @@ -25,23 +25,23 @@ def get_accessible_entity[T: Entity]( db: db session. db_model_class: Entity subclass. entity_id: id of the entity. - user_context: UserContext + project_id: The project id Returns: the selected entity if it's public or owned by project_id, or raises NoResultFound if the entity doesn't exist, or it's forbidden. """ query = sa.select(db_model_class).where(db_model_class.id == entity_id) - query = constrain_to_readable_entities_by_context(query=query, user_context=user_context) + query = constrain_to_readable_entities_by_project(query=query, project_id=project_id) with ensure_result(f"Entity {db_model_class.__name__} {entity_id} not found or forbidden"): return db.execute(query).scalar_one() -def get_readable_entity[T: Entity]( +def get_readable_entity_by_context[T: Entity]( db: Session, db_model_class: type[T], + user_context: UserContext, entity_id: uuid.UUID, - project_id: uuid.UUID | None, ) -> T: """Return a specific entity by type and id, readable by the given project. @@ -49,14 +49,14 @@ def get_readable_entity[T: Entity]( db: db session. db_model_class: Entity subclass. entity_id: id of the entity. - project_id: optional project id owning the entity. + user_context: The user context Returns: the selected entity if it's public or owned by project_id, or raises NoResultFound if the entity doesn't exist, or it's forbidden. """ query = sa.select(db_model_class).where(db_model_class.id == entity_id) - query = constrain_to_readable_entities_by_project(query=query, project_id=project_id) + query = constrain_to_readable_entities_by_context(query=query, user_context=user_context) with ensure_result(f"Entity {db_model_class.__name__} {entity_id} not found or forbidden"): return db.execute(query).scalar_one() diff --git a/app/service/admin.py b/app/service/admin.py index dcd911034..802d66f7a 100644 --- a/app/service/admin.py +++ b/app/service/admin.py @@ -69,7 +69,7 @@ def get_entity_assets( return router_read_many( db=repos.db, db_model_class=db_model_class, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/analysis_notebook_environment.py b/app/service/analysis_notebook_environment.py index 0f4c6a968..fbe2ef761 100644 --- a/app/service/analysis_notebook_environment.py +++ b/app/service/analysis_notebook_environment.py @@ -172,7 +172,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=AnalysisNotebookEnvironmentRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/analysis_notebook_execution.py b/app/service/analysis_notebook_execution.py index 2330ad2b7..4c5ab14bb 100644 --- a/app/service/analysis_notebook_execution.py +++ b/app/service/analysis_notebook_execution.py @@ -141,7 +141,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=AnalysisNotebookExecutionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/analysis_notebook_result.py b/app/service/analysis_notebook_result.py index a5d41387b..610fb5980 100644 --- a/app/service/analysis_notebook_result.py +++ b/app/service/analysis_notebook_result.py @@ -170,7 +170,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=AnalysisNotebookResultRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/analysis_notebook_template.py b/app/service/analysis_notebook_template.py index 5fcbdb359..5f3abd731 100644 --- a/app/service/analysis_notebook_template.py +++ b/app/service/analysis_notebook_template.py @@ -173,7 +173,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=AnalysisNotebookTemplateRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/asset.py b/app/service/asset.py index 2a2601ca3..9b8a884fd 100644 --- a/app/service/asset.py +++ b/app/service/asset.py @@ -66,7 +66,7 @@ def get_entity_assets( """Return the list of assets associated with a specific entity.""" db_model_class = Asset entity_type = entity_route_to_type(entity_route) - _ = entity_service.get_readable_entity( + _ = entity_service.get_readable_entity_by_context( repos, user_context=user_context, entity_type=entity_type, @@ -81,7 +81,7 @@ def get_entity_assets( return router_read_many( db=repos.db, db_model_class=db_model_class, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=None, with_in_brain_region=None, facets=None, @@ -104,7 +104,7 @@ def get_entity_asset( asset_id: uuid.UUID, ) -> AssetRead: """Return an asset associated with a specific entity.""" - _ = entity_service.get_readable_entity( + _ = entity_service.get_readable_entity_by_context( repos, user_context=user_context, entity_type=entity_type, diff --git a/app/service/brain_atlas.py b/app/service/brain_atlas.py index ef1eb796d..172fe823f 100644 --- a/app/service/brain_atlas.py +++ b/app/service/brain_atlas.py @@ -62,7 +62,7 @@ def _read_many( return app.queries.common.router_read_many( db=db, db_model_class=BrainAtlas, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=None, with_in_brain_region=None, facets=None, @@ -204,7 +204,7 @@ def read_many_region( return app.queries.common.router_read_many( db=db, db_model_class=BrainAtlasRegion, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/brain_atlas_region.py b/app/service/brain_atlas_region.py index 648a2596a..8e19d3cbc 100644 --- a/app/service/brain_atlas_region.py +++ b/app/service/brain_atlas_region.py @@ -172,7 +172,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=BrainAtlasRegionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/brain_region.py b/app/service/brain_region.py index 04b4f493b..52e8f5137 100644 --- a/app/service/brain_region.py +++ b/app/service/brain_region.py @@ -56,7 +56,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=db_model_class, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/brain_region_hierarchy.py b/app/service/brain_region_hierarchy.py index 3ce3c7762..64ab30a19 100644 --- a/app/service/brain_region_hierarchy.py +++ b/app/service/brain_region_hierarchy.py @@ -57,7 +57,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=db_model_class, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=facets, diff --git a/app/service/calibration.py b/app/service/calibration.py index 39f107fd6..b7dbae9d4 100644 --- a/app/service/calibration.py +++ b/app/service/calibration.py @@ -139,7 +139,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CalibrationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/cell_composition.py b/app/service/cell_composition.py index 350f1de73..2cd29817c 100644 --- a/app/service/cell_composition.py +++ b/app/service/cell_composition.py @@ -179,7 +179,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CellCompositionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, name_to_facet_query_params=name_to_facet_query_params, check_authorized_project=check_authorized_project, diff --git a/app/service/cell_morphology.py b/app/service/cell_morphology.py index f990b2231..824905309 100644 --- a/app/service/cell_morphology.py +++ b/app/service/cell_morphology.py @@ -229,7 +229,7 @@ def _read_many( return router_read_many( db=db, db_model_class=CellMorphology, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=with_search, with_in_brain_region=in_brain_region, facets=with_facets, diff --git a/app/service/cell_morphology_protocol.py b/app/service/cell_morphology_protocol.py index be71c30a5..2ae00dc7e 100644 --- a/app/service/cell_morphology_protocol.py +++ b/app/service/cell_morphology_protocol.py @@ -133,7 +133,7 @@ def _read_many( return router_read_many( db=db, db_model_class=CellMorphologyProtocol, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=None, with_in_brain_region=None, facets=with_facets, diff --git a/app/service/circuit.py b/app/service/circuit.py index 3be0401dd..6b1532f58 100644 --- a/app/service/circuit.py +++ b/app/service/circuit.py @@ -197,7 +197,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CircuitRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/circuit_extraction_campaign.py b/app/service/circuit_extraction_campaign.py index bd41c420a..a5ef0219c 100644 --- a/app/service/circuit_extraction_campaign.py +++ b/app/service/circuit_extraction_campaign.py @@ -174,7 +174,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CircuitExtractionCampaignRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/circuit_extraction_config.py b/app/service/circuit_extraction_config.py index 438394412..87370be19 100644 --- a/app/service/circuit_extraction_config.py +++ b/app/service/circuit_extraction_config.py @@ -180,7 +180,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CircuitExtractionConfigRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/circuit_extraction_config_generation.py b/app/service/circuit_extraction_config_generation.py index 94d4eefd8..7dbb5b7ca 100644 --- a/app/service/circuit_extraction_config_generation.py +++ b/app/service/circuit_extraction_config_generation.py @@ -136,7 +136,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CircuitExtractionConfigGenerationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/circuit_extraction_execution.py b/app/service/circuit_extraction_execution.py index ae3d7e384..b34a74b76 100644 --- a/app/service/circuit_extraction_execution.py +++ b/app/service/circuit_extraction_execution.py @@ -139,7 +139,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=CircuitExtractionExecutionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/consortium.py b/app/service/consortium.py index 217f4956a..08ed446b6 100644 --- a/app/service/consortium.py +++ b/app/service/consortium.py @@ -53,7 +53,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=Consortium, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/contribution.py b/app/service/contribution.py index 15b77613b..21aa32998 100644 --- a/app/service/contribution.py +++ b/app/service/contribution.py @@ -8,7 +8,7 @@ import app.queries.common from app.db.auth import ( constrain_entity_query_to_project, - constrain_to_readable_entities_by_project, + constrain_to_readable_entities_by_context, constrain_to_writable_entities, ) from app.db.model import Agent, Contribution, Entity, Person @@ -79,8 +79,8 @@ def _read_many( aliases=aliases, ) if check_authorized_project: - filter_query = lambda q: constrain_to_readable_entities_by_project( - query=_load(q), project_id=user_context.project_id + filter_query = lambda q: constrain_to_readable_entities_by_context( + query=_load(q), user_context=user_context ) else: filter_query = _load @@ -98,7 +98,7 @@ def _read_many( response_schema_class=ContributionRead, name_to_facet_query_params=name_to_facet_query_params, filter_model=filter_model, - authorized_project_id=user_context.project_id, + user_context=None, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) @@ -145,8 +145,8 @@ def read_one( db_model_class=Contribution, user_context=None, response_schema_class=ContributionRead, - apply_operations=lambda q: constrain_to_readable_entities_by_project( - query=_load(q), project_id=user_context.project_id + apply_operations=lambda q: constrain_to_readable_entities_by_context( + query=_load(q), user_context=user_context ), ) diff --git a/app/service/derivation.py b/app/service/derivation.py index ca4579610..cb2a6014d 100644 --- a/app/service/derivation.py +++ b/app/service/derivation.py @@ -2,7 +2,7 @@ import uuid from http import HTTPStatus -from typing import TYPE_CHECKING, cast +from typing import TYPE_CHECKING import sqlalchemy as sa from sqlalchemy.orm import aliased, joinedload, raiseload @@ -27,7 +27,11 @@ router_read_one, router_update_one, ) -from app.queries.entity import get_accessible_entity, get_writable_entity +from app.queries.entity import ( + get_readable_entity_by_context, + get_readable_entity_by_project, + get_writable_entity, +) from app.queries.factory import query_params_factory from app.queries.utils import is_user_authorized_for_deletion from app.routers.types import EntityRoute @@ -44,7 +48,6 @@ if TYPE_CHECKING: from app.filters.base import Aliases - from app.schemas.auth import UserContext def _load(query: sa.Select): @@ -98,7 +101,7 @@ def apply_filter_query_operations(q): return router_read_many( db=db, db_model_class=Derivation, - authorized_project_id=user_context.project_id, + user_context=None, # Already filtered above with_search=None, with_in_brain_region=None, facets=None, @@ -253,7 +256,7 @@ def _read_many_from_entity( # ensure that the requested entity is readable if check_authorized_project: - _ = get_accessible_entity( + _ = get_readable_entity_by_context( db, db_model_class=generated_db_model_class, entity_id=entity_id, @@ -275,7 +278,7 @@ def _read_many_from_entity( return router_read_many( db=db, db_model_class=used_db_model_class, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=None, with_in_brain_region=None, facets=None, @@ -349,11 +352,11 @@ def create_one( See also https://github.com/openbraininstitute/entitycore/issues/427 """ - _used_entity = get_accessible_entity( + _used_entity = get_readable_entity_by_project( db, Entity, json_model.used_id, - user_context=cast("UserContext", user_context), + project_id=user_context.project_id, ) _generated_entity = get_writable_entity( db, diff --git a/app/service/electrical_cell_recording.py b/app/service/electrical_cell_recording.py index 48f99c2bc..c6b933535 100644 --- a/app/service/electrical_cell_recording.py +++ b/app/service/electrical_cell_recording.py @@ -170,7 +170,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ElectricalCellRecordingRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/electrical_recording_stimulus.py b/app/service/electrical_recording_stimulus.py index aefa5f954..74d63eeb2 100644 --- a/app/service/electrical_recording_stimulus.py +++ b/app/service/electrical_recording_stimulus.py @@ -153,7 +153,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ElectricalRecordingStimulusRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/em_cell_mesh.py b/app/service/em_cell_mesh.py index 6d498a71e..09477fa11 100644 --- a/app/service/em_cell_mesh.py +++ b/app/service/em_cell_mesh.py @@ -130,7 +130,7 @@ def _read_many( return router_read_many( db=db, db_model_class=EMCellMesh, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=with_search, with_in_brain_region=in_brain_region, facets=facets, diff --git a/app/service/em_dense_reconstruction_dataset.py b/app/service/em_dense_reconstruction_dataset.py index d6b6099ad..f1bb470f6 100644 --- a/app/service/em_dense_reconstruction_dataset.py +++ b/app/service/em_dense_reconstruction_dataset.py @@ -90,7 +90,7 @@ def _read_many( return router_read_many( db=db, db_model_class=EMDenseReconstructionDataset, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=with_search, with_in_brain_region=in_brain_region, facets=facets, diff --git a/app/service/emodel.py b/app/service/emodel.py index 0152120ed..d472fbe4f 100644 --- a/app/service/emodel.py +++ b/app/service/emodel.py @@ -197,7 +197,7 @@ def _read_many( return router_read_many( db=db, db_model_class=EModel, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=with_search, with_in_brain_region=in_brain_region, facets=facets, diff --git a/app/service/entity.py b/app/service/entity.py index 002e1bdbe..29e9fd9c2 100644 --- a/app/service/entity.py +++ b/app/service/entity.py @@ -19,7 +19,7 @@ from app.schemas.entity import EntityCountRead, EntityRead -def get_readable_entity( +def get_readable_entity_by_context( repos: RepositoryGroup, *, user_context: UserContext, @@ -27,11 +27,11 @@ def get_readable_entity( entity_id: uuid.UUID, ) -> Entity: db_model_class = ENTITY_TYPE_TO_CLASS[entity_type] - return app.queries.entity.get_readable_entity( + return app.queries.entity.get_readable_entity_by_context( db=repos.db, db_model_class=db_model_class, entity_id=entity_id, - project_id=user_context.project_id, + user_context=user_context, ) diff --git a/app/service/etype.py b/app/service/etype.py index 3ae936e55..9500980c7 100644 --- a/app/service/etype.py +++ b/app/service/etype.py @@ -25,7 +25,7 @@ def read_many( return router_read_many( db=db, db_model_class=ETypeClass, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/etype_classification.py b/app/service/etype_classification.py index ac83e856e..e68c39108 100644 --- a/app/service/etype_classification.py +++ b/app/service/etype_classification.py @@ -145,7 +145,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ETypeClassificationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, with_in_brain_region=None, check_authorized_project=check_authorized_project, diff --git a/app/service/experimental_bouton_density.py b/app/service/experimental_bouton_density.py index 87ca74d9a..2639eeecd 100644 --- a/app/service/experimental_bouton_density.py +++ b/app/service/experimental_bouton_density.py @@ -134,7 +134,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ExperimentalBoutonDensityRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/experimental_neuron_density.py b/app/service/experimental_neuron_density.py index 185cba062..af7060855 100644 --- a/app/service/experimental_neuron_density.py +++ b/app/service/experimental_neuron_density.py @@ -125,7 +125,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ExperimentalNeuronDensityRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/experimental_synapses_per_connection.py b/app/service/experimental_synapses_per_connection.py index 530d3a646..f4d349fb2 100644 --- a/app/service/experimental_synapses_per_connection.py +++ b/app/service/experimental_synapses_per_connection.py @@ -149,7 +149,7 @@ def _read_many( apply_data_query_operations=_load, pagination_request=pagination_request, response_schema_class=ExperimentalSynapsesPerConnectionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/external_url.py b/app/service/external_url.py index 2aed517ea..ebc2fc6d9 100644 --- a/app/service/external_url.py +++ b/app/service/external_url.py @@ -116,7 +116,7 @@ def read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ExternalUrlRead, - authorized_project_id=None, + user_context=None, filter_joins=filter_joins, ) diff --git a/app/service/ion_channel.py b/app/service/ion_channel.py index 4c26e4203..5dce02e52 100644 --- a/app/service/ion_channel.py +++ b/app/service/ion_channel.py @@ -124,7 +124,7 @@ def read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=IonChannelRead, - authorized_project_id=None, + user_context=None, filter_joins=filter_joins, ) diff --git a/app/service/ion_channel_model.py b/app/service/ion_channel_model.py index 243285327..ffbfe7150 100644 --- a/app/service/ion_channel_model.py +++ b/app/service/ion_channel_model.py @@ -108,7 +108,7 @@ def _read_many( return router_read_many( db=db, db_model_class=IonChannelModel, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=with_search, with_in_brain_region=in_brain_region, facets=facets, diff --git a/app/service/ion_channel_modeling_campaign.py b/app/service/ion_channel_modeling_campaign.py index 822231625..b94e80fb3 100644 --- a/app/service/ion_channel_modeling_campaign.py +++ b/app/service/ion_channel_modeling_campaign.py @@ -180,7 +180,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=IonChannelModelingCampaignRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/ion_channel_modeling_config.py b/app/service/ion_channel_modeling_config.py index d1b8ce8ee..117bf2c57 100644 --- a/app/service/ion_channel_modeling_config.py +++ b/app/service/ion_channel_modeling_config.py @@ -175,7 +175,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=IonChannelModelingConfigRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/ion_channel_modeling_config_generation.py b/app/service/ion_channel_modeling_config_generation.py index c800f2e5c..37ffc3216 100644 --- a/app/service/ion_channel_modeling_config_generation.py +++ b/app/service/ion_channel_modeling_config_generation.py @@ -136,7 +136,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=IonChannelModelingConfigGenerationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/ion_channel_modeling_execution.py b/app/service/ion_channel_modeling_execution.py index 986c350b5..648989f92 100644 --- a/app/service/ion_channel_modeling_execution.py +++ b/app/service/ion_channel_modeling_execution.py @@ -139,7 +139,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=IonChannelModelingExecutionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/ion_channel_recording.py b/app/service/ion_channel_recording.py index 2fcee1de0..da442b954 100644 --- a/app/service/ion_channel_recording.py +++ b/app/service/ion_channel_recording.py @@ -170,7 +170,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=IonChannelRecordingRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/license.py b/app/service/license.py index 7fbd07c30..8533681c0 100644 --- a/app/service/license.py +++ b/app/service/license.py @@ -23,7 +23,7 @@ def read_many( return router_read_many( db=db, db_model_class=License, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/measurement_annotation.py b/app/service/measurement_annotation.py index 6f7db26df..4d2bb4772 100644 --- a/app/service/measurement_annotation.py +++ b/app/service/measurement_annotation.py @@ -13,7 +13,7 @@ from app.db.auth import ( constrain_entity_query_to_project, - constrain_to_readable_entities_by_project, + constrain_to_readable_entities_by_context, constrain_to_writable_entities, ) from app.db.model import ( @@ -105,9 +105,9 @@ def read_many( filter_model: MeasurementAnnotationFilterDep, pagination_request: PaginationQuery, ) -> ListResponse[MeasurementAnnotationRead]: - apply_filter_query_operations = lambda q: constrain_to_readable_entities_by_project( + apply_filter_query_operations = lambda q: constrain_to_readable_entities_by_context( query=q.join(Entity, Entity.id == MeasurementAnnotation.entity_id), - project_id=user_context.project_id, + user_context=user_context, ) facet_keys = [] filter_keys = [ @@ -124,7 +124,7 @@ def read_many( return router_read_many( db=db, db_model_class=MeasurementAnnotation, - authorized_project_id=None, # validated with apply_filter_query_operations + user_context=None, # validated with apply_filter_query_operations with_search=None, with_in_brain_region=None, facets=None, @@ -163,7 +163,7 @@ def admin_read_many( return router_read_many( db=db, db_model_class=MeasurementAnnotation, - authorized_project_id=None, # validated with apply_filter_query_operations + user_context=None, # validated with apply_filter_query_operations with_search=None, with_in_brain_region=None, facets=None, @@ -185,7 +185,7 @@ def read_one( ) -> MeasurementAnnotationRead: def apply_operations(q): q = q.join(Entity, Entity.id == MeasurementAnnotation.entity_id) - q = constrain_to_readable_entities_by_project(query=q, project_id=user_context.project_id) + q = constrain_to_readable_entities_by_context(query=q, user_context=user_context) return _load_from_db(q=q) return router_read_one( diff --git a/app/service/measurement_label.py b/app/service/measurement_label.py index b40d892ca..09f5a11ca 100644 --- a/app/service/measurement_label.py +++ b/app/service/measurement_label.py @@ -95,7 +95,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=MeasurementLabel, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/memodel.py b/app/service/memodel.py index fd1715199..2b80550da 100644 --- a/app/service/memodel.py +++ b/app/service/memodel.py @@ -211,7 +211,7 @@ def _read_many( return router_read_many( db=db, db_model_class=MEModel, - authorized_project_id=user_context.project_id, + user_context=user_context, with_search=search, with_in_brain_region=in_brain_region, facets=facets, diff --git a/app/service/memodel_calibration_result.py b/app/service/memodel_calibration_result.py index 2c148c28e..01758d92e 100644 --- a/app/service/memodel_calibration_result.py +++ b/app/service/memodel_calibration_result.py @@ -159,7 +159,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=MEModelCalibrationResultRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/mtype.py b/app/service/mtype.py index 7a9c68975..7f416949c 100644 --- a/app/service/mtype.py +++ b/app/service/mtype.py @@ -25,7 +25,7 @@ def read_many( return router_read_many( db=db, db_model_class=MTypeClass, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/mtype_classification.py b/app/service/mtype_classification.py index 3ea74c7f4..e689041bd 100644 --- a/app/service/mtype_classification.py +++ b/app/service/mtype_classification.py @@ -146,7 +146,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=MTypeClassificationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, with_in_brain_region=None, check_authorized_project=check_authorized_project, diff --git a/app/service/organization.py b/app/service/organization.py index 8b45be474..0a0d970ec 100644 --- a/app/service/organization.py +++ b/app/service/organization.py @@ -53,7 +53,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=Organization, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/person.py b/app/service/person.py index 1816f0af6..c555ee031 100644 --- a/app/service/person.py +++ b/app/service/person.py @@ -64,7 +64,7 @@ def read_many( return router_read_many( db=db, db_model_class=Person, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/publication.py b/app/service/publication.py index b5618c24d..1f43d6b87 100644 --- a/app/service/publication.py +++ b/app/service/publication.py @@ -117,7 +117,7 @@ def read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=PublicationRead, - authorized_project_id=None, + user_context=None, filter_joins=filter_joins, ) diff --git a/app/service/role.py b/app/service/role.py index 8af7b7031..f65af321c 100644 --- a/app/service/role.py +++ b/app/service/role.py @@ -23,7 +23,7 @@ def read_many( return router_read_many( db=db, db_model_class=Role, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/scientific_artifact_external_url_link.py b/app/service/scientific_artifact_external_url_link.py index a3f2d51a0..414806acc 100644 --- a/app/service/scientific_artifact_external_url_link.py +++ b/app/service/scientific_artifact_external_url_link.py @@ -5,7 +5,7 @@ from sqlalchemy.orm import aliased, joinedload, raiseload from app.db.auth import ( - constrain_to_readable_entities_by_project, + constrain_to_readable_entities_by_context, ) from app.db.model import ( ExternalUrl, @@ -146,9 +146,9 @@ def _read_many( ) if check_authorized_project: - filter_query = lambda q: constrain_to_readable_entities_by_project( + filter_query = lambda q: constrain_to_readable_entities_by_context( query=base_join_query(q), - project_id=user_context.project_id, + user_context=user_context, db_model_class=scientific_artifact_alias, ) else: @@ -167,7 +167,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ScientificArtifactExternalUrlLinkRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/scientific_artifact_publication_link.py b/app/service/scientific_artifact_publication_link.py index 1ed783d88..124c53a69 100644 --- a/app/service/scientific_artifact_publication_link.py +++ b/app/service/scientific_artifact_publication_link.py @@ -5,7 +5,7 @@ from sqlalchemy.orm import aliased, joinedload, raiseload from app.db.auth import ( - constrain_to_readable_entities_by_project, + constrain_to_readable_entities_by_context, ) from app.db.model import ( Person, @@ -146,9 +146,9 @@ def _read_many( ) if check_authorized_project: - filter_query = lambda q: constrain_to_readable_entities_by_project( + filter_query = lambda q: constrain_to_readable_entities_by_context( query=base_join_query(q), - project_id=user_context.project_id, + user_context=user_context, db_model_class=scientific_artifact_alias, ) else: @@ -167,7 +167,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ScientificArtifactPublicationLinkRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, ) diff --git a/app/service/simulatable_extracellular_recording_array.py b/app/service/simulatable_extracellular_recording_array.py index 787e8e852..b4e78d954 100644 --- a/app/service/simulatable_extracellular_recording_array.py +++ b/app/service/simulatable_extracellular_recording_array.py @@ -181,7 +181,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SimulatableExtracellularRecordingArrayRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/simulation.py b/app/service/simulation.py index 1e3cfb28c..8b52040dd 100644 --- a/app/service/simulation.py +++ b/app/service/simulation.py @@ -179,7 +179,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SimulationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/simulation_campaign.py b/app/service/simulation_campaign.py index 3dbe357ad..c47532bc3 100644 --- a/app/service/simulation_campaign.py +++ b/app/service/simulation_campaign.py @@ -187,7 +187,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SimulationCampaignRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/simulation_execution.py b/app/service/simulation_execution.py index 2a937b2ba..129de7d13 100644 --- a/app/service/simulation_execution.py +++ b/app/service/simulation_execution.py @@ -139,7 +139,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SimulationExecutionRead, - authorized_project_id=user_context.project_id, + user_context=user_context, check_authorized_project=check_authorized_project, filter_joins=filter_joins, ) diff --git a/app/service/simulation_generation.py b/app/service/simulation_generation.py index bbdfe5772..f898ab0ea 100644 --- a/app/service/simulation_generation.py +++ b/app/service/simulation_generation.py @@ -134,7 +134,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SimulationGenerationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/simulation_result.py b/app/service/simulation_result.py index 31126b19e..d0fd1298b 100644 --- a/app/service/simulation_result.py +++ b/app/service/simulation_result.py @@ -174,7 +174,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SimulationResultRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/single_neuron_simulation.py b/app/service/single_neuron_simulation.py index 0257c27b8..10129197a 100644 --- a/app/service/single_neuron_simulation.py +++ b/app/service/single_neuron_simulation.py @@ -178,7 +178,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SingleNeuronSimulationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/single_neuron_synaptome.py b/app/service/single_neuron_synaptome.py index ea5991ffb..7ef58b732 100644 --- a/app/service/single_neuron_synaptome.py +++ b/app/service/single_neuron_synaptome.py @@ -182,7 +182,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SingleNeuronSynaptomeRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/single_neuron_synaptome_simulation.py b/app/service/single_neuron_synaptome_simulation.py index 4e0052c32..234b3c2ec 100644 --- a/app/service/single_neuron_synaptome_simulation.py +++ b/app/service/single_neuron_synaptome_simulation.py @@ -193,7 +193,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SingleNeuronSynaptomeSimulationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/skeletonization_campaign.py b/app/service/skeletonization_campaign.py index 52438d79d..2fc2ad971 100644 --- a/app/service/skeletonization_campaign.py +++ b/app/service/skeletonization_campaign.py @@ -183,7 +183,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ReadSchema, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/skeletonization_config.py b/app/service/skeletonization_config.py index 1260869a4..451b3d816 100644 --- a/app/service/skeletonization_config.py +++ b/app/service/skeletonization_config.py @@ -182,7 +182,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ReadSchema, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/skeletonization_config_generation.py b/app/service/skeletonization_config_generation.py index 6fa5e5243..0de1e80c4 100644 --- a/app/service/skeletonization_config_generation.py +++ b/app/service/skeletonization_config_generation.py @@ -148,7 +148,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ReadSchema, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/skeletonization_execution.py b/app/service/skeletonization_execution.py index 031b01b67..cf98c8be6 100644 --- a/app/service/skeletonization_execution.py +++ b/app/service/skeletonization_execution.py @@ -147,7 +147,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ReadSchema, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/species.py b/app/service/species.py index 23c5af3d4..d8e63ff84 100644 --- a/app/service/species.py +++ b/app/service/species.py @@ -102,7 +102,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=Species, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/strain.py b/app/service/strain.py index 9304ec8a8..9cd0dfcaa 100644 --- a/app/service/strain.py +++ b/app/service/strain.py @@ -60,7 +60,7 @@ def read_many( return app.queries.common.router_read_many( db=db, db_model_class=Strain, - authorized_project_id=None, + user_context=None, with_search=None, with_in_brain_region=None, facets=None, diff --git a/app/service/subject.py b/app/service/subject.py index 0ceedc3fb..d1040bb00 100644 --- a/app/service/subject.py +++ b/app/service/subject.py @@ -158,7 +158,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=SubjectRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/task_activity.py b/app/service/task_activity.py index fb04236cb..b798525c6 100644 --- a/app/service/task_activity.py +++ b/app/service/task_activity.py @@ -147,7 +147,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ReadSchema, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/task_config.py b/app/service/task_config.py index cb68c230e..31fd1edb7 100644 --- a/app/service/task_config.py +++ b/app/service/task_config.py @@ -183,7 +183,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ReadSchema, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/validation.py b/app/service/validation.py index aadf4ba85..ca1b818e0 100644 --- a/app/service/validation.py +++ b/app/service/validation.py @@ -139,7 +139,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ValidationRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, ) diff --git a/app/service/validation_result.py b/app/service/validation_result.py index d9226d48c..784a0e2a7 100644 --- a/app/service/validation_result.py +++ b/app/service/validation_result.py @@ -163,7 +163,7 @@ def _read_many( aliases=aliases, pagination_request=pagination_request, response_schema_class=ValidationResultRead, - authorized_project_id=user_context.project_id, + user_context=user_context, filter_joins=filter_joins, check_authorized_project=check_authorized_project, )