The highest tagged major version is
Documentation
¶
Overview ¶
Permission constants and helper functions for defining routes. These should match the permissions defined in Auth0 JWT tokens that come in with requests
Index ¶
- Constants
- func CheckAndUpdatePublicDataset(fs fileaccess.FileAccess, configBucket string, datasetID string, ...) (bool, error)
- func CheckIsObjectInPublicSet(publicObjectsList []string, objectID string) (bool, error)
- func CheckIsObjectPublic(fs fileaccess.FileAccess, configBucket string, objectType PublicObjectEnumType, ...) (bool, error)
- func CheckIsPublicDataset(fs fileaccess.FileAccess, configBucket string, datasetID string) (bool, error)
- func CheckIsPublicDatasetWithSharedObjects(fs fileaccess.FileAccess, configBucket string, datasetID string) (bool, error)
- func GetAccessibleGroups(permissions map[string]bool) map[string]bool
- func UserCanAccessDataset(userInfo pixlUser.UserInfo, summary datasetModel.SummaryFileData, ...) error
- func UserCanAccessDatasetWithSummaryDownload(fs fileaccess.FileAccess, userInfo pixlUser.UserInfo, dataBucket string, ...) (datasetModel.SummaryFileData, error)
- type DatasetAuthInfo
- type DatasetsAuth
- type PublicObjectEnumType
- type PublicObjectsAuth
Constants ¶
const PermBlessQuantification = "write:bless-quant"
Quantification "blessing" - marking it as the correct one to use
const PermCreateQuantification = "write:quantification"
Quantification creation
const PermDownloadPiquant = "download:piquant"
Downloading PIQUANT builds - not fully finished, likely only serving linux binaries if our build system still creates them
const PermEditDiffractionPeaks = "write:diffraction-peaks"
Editing diffraction peaks (manually creating new ones, or marking detected ones as deleted)
const PermExportMap = "export:map"
Ability to export various data
const PermPublic = "public"
Public endpoints, mainly for getting the API version
const PermPublishQuantification = "write:publish-quant"
Quantification publishing - to PDS
const PermReadDataAnalysis = "read:data-analysis"
Reading ROI, element set, annotation, expressions, modules, tags, quantifications, RGB mixes
const PermReadDiffractionPeaks = "read:diffraction-peaks"
Reading diffraction peaks DB that's created along with a dataset
const PermReadLogs = "read:logs"
Reading logs and log level of API
const PermReadPIXLISESettings = "read:pixlise-settings"
Reading current view state, collections, workspaces
const PermReadPiquantConfig = "read:piquant-config"
Reading piquant detector config and piquant config files
const PermReadPiquantJobs = "read:piquant-jobs"
Reads all piquant jobs - admin level
const PermReadUserRoles = "read:user-roles"
User role access - reading user listing, role listing and user/role individual gets
const PermReadUserSettings = "read:user-settings"
Get users own config and data collection agreement
const PermSuperAdmin = "access:super-admin"
Super Admin - not a real permission and mainly used to bypass tests
const PermTestEndpoints = "write:test-endpoints"
Ability to call test endpoints (admin feature)
const PermWriteDataAnalysis = "write:data-analysis"
Write/delete/edit ROI, element set, annotation, expressions, modules, tags, quantifications, RGB mixes
const PermWriteDataset = "write:dataset"
Allows editing custom fields/images on dataset, or creating new ones (using zipped MSA files, etc)
const PermWriteLogLevel = "write:log-level"
Changing API log level (admin feature really!)
const PermWriteMetrics = "write:metrics"
For saving metrics - aka user tracking info, UI behaviours, for research purposes
const PermWritePIXLISESettings = "write:pixlise-settings"
Writing current view state, collections, workspaces
const PermWritePiquantConfig = "write:piquant-config"
Writing piquant config (for spectroscopists who know what they're doing with piquant)
Sharing annotations (of spectrum chart)
Sharing element sets
Sharing expressions
Sharing quantifications
Sharing ROI
const PermWriteUserRoles = "write:user-roles"
Writing/deleting user roles, and editing users in bulk
const PermWriteUserSettings = "write:user-settings"
Writing users own config and data collection agreement
Variables ¶
This section is empty.
Functions ¶
func CheckAndUpdatePublicDataset ¶ added in v3.4.1
func CheckAndUpdatePublicDataset(fs fileaccess.FileAccess, configBucket string, datasetID string, datasetsAuth DatasetsAuth) (bool, error)
func CheckIsObjectInPublicSet ¶ added in v3.4.1
func CheckIsObjectPublic ¶ added in v3.4.1
func CheckIsObjectPublic(fs fileaccess.FileAccess, configBucket string, objectType PublicObjectEnumType, objectID string) (bool, error)
func CheckIsPublicDataset ¶ added in v3.4.1
func CheckIsPublicDataset(fs fileaccess.FileAccess, configBucket string, datasetID string) (bool, error)
Check if the dataset CAN be public
func CheckIsPublicDatasetWithSharedObjects ¶ added in v3.4.1
func CheckIsPublicDatasetWithSharedObjects(fs fileaccess.FileAccess, configBucket string, datasetID string) (bool, error)
Check if the dataset is both public and has shared objects in it
func GetAccessibleGroups ¶
Get all groups that are accessible by the list of permissions provided. This means basically returning what's after access: in each permission
func UserCanAccessDataset ¶
func UserCanAccessDataset(userInfo pixlUser.UserInfo, summary datasetModel.SummaryFileData, fs fileaccess.FileAccess, configBucket string) error
Returns nil if user CAN access it, otherwise a api.StatusError with the right HTTP error code
func UserCanAccessDatasetWithSummaryDownload ¶
func UserCanAccessDatasetWithSummaryDownload(fs fileaccess.FileAccess, userInfo pixlUser.UserInfo, dataBucket string, configBucket string, datasetID string) (datasetModel.SummaryFileData, error)
Checking if the user can access a given dataset - use this if you don't already have summary info downloaded
Types ¶
type DatasetAuthInfo ¶ added in v3.4.1
type DatasetAuthInfo struct {
DatasetID string `json:"dataset_id"`
Public bool `json:"public"`
PublicReleaseUTCTimeSec int64 `json:"public_release_utc_time_sec"`
Sol string `json:"sol"`
}
DatasetAuthInfo - Structure of dataset auth JSON files This is used to check whether an individual dataset CAN be public or not
type DatasetsAuth ¶ added in v3.4.1
type DatasetsAuth map[string]DatasetAuthInfo
DatasetsAuth - Structure of dataset auth JSON files This is used to check the public status of all datasets
func ReadDatasetsAuth ¶ added in v3.4.1
func ReadDatasetsAuth(fs fileaccess.FileAccess, configBucket string, s3Path string) (DatasetsAuth, error)
type PublicObjectEnumType ¶ added in v3.4.1
type PublicObjectEnumType int64
These enums keep track of the different types of objects that can be public
const ( PublicObjectDataset PublicObjectEnumType = iota PublicObjectROI PublicObjectExpression PublicObjectModule PublicObjectRGBMix PublicObjectQuantification PublicObjectCollection PublicObjectWorkspace )
type PublicObjectsAuth ¶ added in v3.4.1
type PublicObjectsAuth struct {
Datasets []string // This is a list of all datasets that are public AND have public objects in them
ROIs []string
Expressions []string
Modules []string
RGBMixes []string
Quantifications []string
Collections []string
Workspaces []string
}
This is a list of all the objects that are publicly accessible. This is used to determine whether a user has access to an object or not. If the object is not in this list, then the user must have access to it in order to see it.
func GetPublicObjectsAuth ¶ added in v3.4.1
func GetPublicObjectsAuth(fs fileaccess.FileAccess, configBucket string, isPublicUser bool) (PublicObjectsAuth, error)
func ReadPublicObjectsAuth ¶ added in v3.4.1
func ReadPublicObjectsAuth(fs fileaccess.FileAccess, configBucket string, s3Path string) (PublicObjectsAuth, error)
Source Files