Add the association table for the permissions between a user and a bucket.

Removed the custom HexColumn as it resolves to a simple VARCHAR. Make 'public' column of bucket table not nullable anymore. Closes #1

Add the association table for the permissions between a user and a bucket.
ce99c9fa · Daniel Göbel · 2bf785d5 · ce99c9fa · ce99c9fa · ce99c9fa
Verified Commit ce99c9fa authored 2 years ago by Daniel Göbel
--- a/ProxyAPI/alembic/env.py
+++ b/ProxyAPI/alembic/env.py
@@ -24,21 +24,22 @@ if config.config_file_name is not None:
 # for 'autogenerate' support
 target_metadata = Base.metadata

+
 # other values from the config, defined by the needs of env.py,
 # can be acquired:
 # my_important_option = config.get_main_option("my_important_option")
 # ... etc.


-def get_url():
+def get_url() -> str:
    return str(AnyUrl.build(
-            scheme="mysql+aiomysql",
-            password=os.getenv("DB_PASSWORD", ""),
-            user=os.getenv("DB_USER", ""),
-            port=os.getenv("DB_PORT", "3306"),
-            host=os.getenv("DB_HOST", "localhost"),
-            path=f"/{os.getenv('DB_DATABASE', '')}",
-        ))
+        scheme="mysql+aiomysql",
+        password=os.getenv("DB_PASSWORD", ""),
+        user=os.getenv("DB_USER", ""),
+        port=os.getenv("DB_PORT", "3306"),
+        host=os.getenv("DB_HOST", "localhost"),
+        path=f"/{os.getenv('DB_DATABASE', '')}",
+    ))


 def run_migrations_offline():

--- a/ProxyAPI/alembic/versions/5521b5759004_create_user_and_bucket_table.py
+++ b/ProxyAPI/alembic/versions/5521b5759004_create_user_and_bucket_table.py
@@ -8,7 +8,6 @@ Create Date: 2022-05-03 14:01:22.154984
 from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import mysql
-from app.db.hex_column import HexColumn

 # revision identifiers, used by Alembic.
 revision = '5521b5759004'
@@ -20,19 +19,19 @@ depends_on = None
 def upgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.create_table('user',
-    sa.Column('aaiid', HexColumn(length=64), nullable=False),
-    sa.Column('name', sa.String(length=256), nullable=False),
-    sa.PrimaryKeyConstraint('aaiid')
-    )
+                    sa.Column('aaiid', sa.String(length=64), nullable=False),
+                    sa.Column('name', sa.String(length=256), nullable=False),
+                    sa.PrimaryKeyConstraint('aaiid')
+                    )
    op.create_index(op.f('ix_user_aaiid'), 'user', ['aaiid'], unique=False)
    op.create_table('bucket',
-    sa.Column('name', sa.String(length=256), nullable=False),
-    sa.Column('description', mysql.TEXT(), nullable=False),
-    sa.Column('public', sa.Boolean(), server_default='0', nullable=True),
-    sa.Column('owner_id', HexColumn(length=64), nullable=True),
-    sa.ForeignKeyConstraint(['owner_id'], ['user.aaiid'], ),
-    sa.PrimaryKeyConstraint('name')
-    )
+                    sa.Column('name', sa.String(length=256), nullable=False),
+                    sa.Column('description', mysql.TEXT(), nullable=False),
+                    sa.Column('public', sa.Boolean(), server_default='0', nullable=True),
+                    sa.Column('owner_id', sa.String(length=64), nullable=True),
+                    sa.ForeignKeyConstraint(['owner_id'], ['user.aaiid'], ),
+                    sa.PrimaryKeyConstraint('name')
+                    )
    op.create_index(op.f('ix_bucket_name'), 'bucket', ['name'], unique=False)
    # ### end Alembic commands ###


--- a/ProxyAPI/alembic/versions/cafa1e01b782_create_permission_table.py
+++ b/ProxyAPI/alembic/versions/cafa1e01b782_create_permission_table.py
+"""Create Permission table
+
+Revision ID: cafa1e01b782
+Revises: 5521b5759004
+Create Date: 2022-05-04 11:41:54.470870
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import mysql
+
+# revision identifiers, used by Alembic.
+revision = 'cafa1e01b782'
+down_revision = '5521b5759004'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('bucketpermission',
+                    sa.Column('user_id', sa.String(length=64), nullable=False),
+                    sa.Column('bucket_name', sa.String(length=256), nullable=False),
+                    sa.Column('from', mysql.TIMESTAMP(), nullable=True),
+                    sa.Column('to', mysql.TIMESTAMP(), nullable=True),
+                    sa.Column('file_prefix', sa.String(length=512), nullable=True),
+                    sa.Column('permissions', mysql.ENUM('READ', 'WRITE', 'READWRITE'), nullable=False),
+                    sa.ForeignKeyConstraint(['bucket_name'], ['bucket.name'], ),
+                    sa.ForeignKeyConstraint(['user_id'], ['user.aaiid'], ),
+                    sa.PrimaryKeyConstraint('user_id', 'bucket_name')
+                    )
+    op.alter_column('bucket', 'public',
+                    existing_type=mysql.TINYINT(display_width=1),
+                    nullable=False,
+                    existing_server_default=sa.text("'0'"))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.alter_column('bucket', 'public',
+                    existing_type=mysql.TINYINT(display_width=1),
+                    nullable=True,
+                    existing_server_default=sa.text("'0'"))
+    op.drop_table('bucketpermission')
+    # ### end Alembic commands ###
--- a/ProxyAPI/app/db/base.py
+++ b/ProxyAPI/app/db/base.py
@@ -3,3 +3,4 @@
 from app.db.base_class import Base  # noqa
 from app.models.bucket import Bucket  # noqa
 from app.models.user import User  # noqa
+from app.models.bucket_permission import BucketPermission  # noqa
--- a/ProxyAPI/app/db/hex_column.py
+++ b/ProxyAPI/app/db/hex_column.py
-from sqlalchemy import func
-from sqlalchemy.types import VARCHAR
-
-
-class HexColumn(VARCHAR):
-
-    def bind_expression(self, bindvalue):
-        # convert the bind's type from String to HEX encoded
-        return func.HEX(bindvalue)
-
-    def column_expression(self, col):
-        # convert select value from HEX encoded to String
-        return func.UNHEX(col)
--- a/ProxyAPI/app/models/bucket.py
+++ b/ProxyAPI/app/models/bucket.py
 from typing import TYPE_CHECKING
 from app.db.base_class import Base
 from sqlalchemy import Column, String, Boolean, ForeignKey
-from app.db.hex_column import HexColumn
 from sqlalchemy.orm import relationship
 from sqlalchemy.dialects.mysql import TEXT

 if TYPE_CHECKING:
-    from .user import User
+    from .user import User  # noqa
+    from .bucket_permission import BucketPermission  # noqa


 class Bucket(Base):
    __tablename__: str = "bucket"
    name = Column(String(256), primary_key=True, index=True)
    description = Column(TEXT, nullable=False)
-    public = Column(Boolean(), default=False, server_default="0")
-    owner_id = Column(HexColumn(64), ForeignKey("user.aaiid"), nullable=True)
+    public = Column(Boolean(), default=False, server_default="0", nullable=False)
+    owner_id = Column(ForeignKey("user.aaiid"), nullable=True)
    owner = relationship("User", back_populates="buckets")
+    permissions = relationship("BucketPermission", back_populates="bucket")
--- a/ProxyAPI/app/models/bucket_permission.py
+++ b/ProxyAPI/app/models/bucket_permission.py
+from typing import TYPE_CHECKING
+from app.db.base_class import Base
+from sqlalchemy import Column, String, ForeignKey
+from sqlalchemy.dialects.mysql import TIMESTAMP, ENUM
+from sqlalchemy.orm import relationship
+from enum import IntEnum, auto, unique
+
+if TYPE_CHECKING:
+    from .user import User  # noqa
+    from .bucket import Bucket  # noqa
+
+
+@unique
+class PermissionEnum(IntEnum):
+    READ: int = auto()
+    WRITE: int = auto()
+    READWRITE: int = auto()
+
+
+class BucketPermission(Base):
+    __tablename__: str = "bucketpermission"
+    user_id = Column(ForeignKey("user.aaiid"), primary_key=True)
+    bucket_name = Column(ForeignKey("bucket.name"), primary_key=True)
+    from_ = Column("from", TIMESTAMP, nullable=True)
+    to = Column(TIMESTAMP, nullable=True)
+    file_prefix = Column(String(512), nullable=True)
+    permissions = Column(ENUM(PermissionEnum), default=PermissionEnum.READ, nullable=False)
+    grantee = relationship("User", back_populates="permissions")
+    bucket = relationship("Bucket", back_populates="permissions")
--- a/ProxyAPI/app/models/user.py
+++ b/ProxyAPI/app/models/user.py
 from typing import TYPE_CHECKING
 from app.db.base_class import Base
 from sqlalchemy import Column, String
-from app.db.hex_column import HexColumn
 from sqlalchemy.orm import relationship

 if TYPE_CHECKING:
-    from .bucket import Bucket
+    from .bucket import Bucket  # noqa
+    from .bucket_permission import BucketPermission  # noqa


 class User(Base):
    __tablename__: str = "user"
-    aaiid = Column(HexColumn(64), primary_key=True, index=True)
+    aaiid = Column(String(64), primary_key=True, index=True)
    name = Column(String(256), nullable=False)
    buckets = relationship("Bucket", back_populates="owner")
+    permissions = relationship("BucketPermission", back_populates="grantee")