forked from openml/server-api
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetups.py
More file actions
68 lines (53 loc) · 2.27 KB
/
setups.py
File metadata and controls
68 lines (53 loc) · 2.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
from http import HTTPStatus
from typing import Annotated, Any
from fastapi import APIRouter, Body, Depends, HTTPException
from sqlalchemy import Connection
import database.setups
from database.users import User, UserGroup
from routers.dependencies import expdb_connection, fetch_user
from routers.types import SystemString64
router = APIRouter(prefix="/setup", tags=["setups"])
def create_authentication_failed_error() -> HTTPException:
return HTTPException(
status_code=HTTPStatus.PRECONDITION_FAILED,
detail={"code": "103", "message": "Authentication failed"},
)
def create_tag_exists_error(setup_id: int, tag: str) -> HTTPException:
return HTTPException(
# Changed from INTERNAL_SERVER_ERROR (500) to CONFLICT (409)
status_code=HTTPStatus.CONFLICT,
detail={
"code": "473",
"message": "Entity already tagged by this tag.",
"additional_information": f"id={setup_id}; tag={tag}",
},
)
@router.post("/tag")
def tag_setup(
setup_id: Annotated[int, Body()],
tag: Annotated[str, Body(..., embed=False), SystemString64],
user: Annotated[User | None, Depends(fetch_user)] = None,
expdb_db: Annotated[Connection, Depends(expdb_connection)] = None,
) -> dict[str, dict[str, Any]]:
# 1. AUTHENTICATE FIRST
if user is None:
raise create_authentication_failed_error()
# 2. VERIFY EXISTENCE
setup = database.setups.get(setup_id, expdb_db)
if not setup:
raise HTTPException(status_code=HTTPStatus.NOT_FOUND, detail="Setup not found")
# 3. VERIFY OWNERSHIP / PERMISSIONS
# (Fixes the crash by not looking for a Dataset 'visibility' column)
is_admin = UserGroup.ADMIN in user.groups
is_owner = getattr(setup, "uploader", None) == user.user_id
if not (is_admin or is_owner):
raise HTTPException(status_code=HTTPStatus.FORBIDDEN, detail="No access granted")
# 4. CHECK IF TAG EXISTS
tags = database.setups.get_tags_for(setup_id, expdb_db)
if tag.casefold() in [t.casefold() for t in tags]:
raise create_tag_exists_error(setup_id, tag)
# 5. APPLY THE TAG
database.setups.tag(setup_id, tag, user_id=user.user_id, connection=expdb_db)
return {
"setup_tag": {"id": str(setup_id), "tag": [*tags, tag]},
}