cornflow 1.2.0a1__tar.gz → 1.2.0a2__tar.gz

{cornflow-1.2.0a1/cornflow.egg-info → cornflow-1.2.0a2}/PKG-INFO

@@ -1,7 +1,7 @@
 Metadata-Version: 2.2
 Name: cornflow
-Version: 1.2.0a1
-Summary: Cornflow is an open source multi-solver optimization server with a REST API built using flask.
+Version: 1.2.0a2
+Summary: cornflow is an open source multi-solver optimization server with a REST API built using flask.
 Home-page: https://github.com/baobabsoluciones/cornflow
 Author: baobab soluciones
 Author-email: cornflow@baobabsoluciones.es
@@ -12,8 +12,9 @@ Classifier: Development Status :: 5 - Production/Stable
 Requires-Python: >=3.9
 Requires-Dist: alembic==1.9.2
 Requires-Dist: apispec<=6.3.0
+Requires-Dist: cachetools==5.3.3
 Requires-Dist: click<=8.1.7
-Requires-Dist: cornflow-client==1.2.0a1
+Requires-Dist: cornflow-client>=1.2.0
 Requires-Dist: cryptography<=42.0.5
 Requires-Dist: disposable-email-domains>=0.0.86
 Requires-Dist: Flask==2.3.2
@@ -40,7 +41,6 @@ Requires-Dist: requests<=2.32.3
 Requires-Dist: SQLAlchemy==1.3.21
 Requires-Dist: webargs<=8.3.0
 Requires-Dist: Werkzeug==3.0.6
-Requires-Dist: cachetools==5.3.3
 Dynamic: author
 Dynamic: author-email
 Dynamic: classifier
@@ -50,7 +50,7 @@ Dynamic: requires-dist
 Dynamic: requires-python
 Dynamic: summary
 
-Cornflow
+cornflow
 =========
 
 .. image:: https://github.com/baobabsoluciones/cornflow/workflows/build/badge.svg?style=svg
@@ -70,13 +70,13 @@ Cornflow
 
 .. image:: https://img.shields.io/badge/License-Apache2.0-blue
 
-Cornflow is an open source multi-solver optimization server with a REST API built using `flask <https://flask.palletsprojects.com>`_, `airflow <https://airflow.apache.org/>`_ and `pulp <https://coin-or.github.io/pulp/>`_.
+cornflow is an open source multi-solver optimization server with a REST API built using `flask <https://flask.palletsprojects.com>`_, `airflow <https://airflow.apache.org/>`_ and `pulp <https://coin-or.github.io/pulp/>`_.
 
-While most deployment servers are based on the solving technique (MIP, CP, NLP, etc.), Cornflow focuses on the optimization problems themselves. However, it does not impose any constraint on the type of problem and solution method to use.
+While most deployment servers are based on the solving technique (MIP, CP, NLP, etc.), cornflow focuses on the optimization problems themselves. However, it does not impose any constraint on the type of problem and solution method to use.
 
-With Cornflow you can deploy a Traveling Salesman Problem solver next to a Knapsack solver or a Nurse Rostering Problem solver. As long as you describe the input and output data, you can upload any solution method for any problem and then use it with any data you want.
+With cornflow you can deploy a Traveling Salesman Problem solver next to a Knapsack solver or a Nurse Rostering Problem solver. As long as you describe the input and output data, you can upload any solution method for any problem and then use it with any data you want.
 
-Cornflow helps you formalize your problem by proposing development guidelines. It also provides a range of functionalities around your deployed solution method, namely:
+cornflow helps you formalize your problem by proposing development guidelines. It also provides a range of functionalities around your deployed solution method, namely:
 
 * storage of users, instances, solutions and solution logs.
 * deployment and maintenance of models, solvers and algorithms.
@@ -92,9 +92,9 @@ Cornflow helps you formalize your problem by proposing development guidelines. I
 Installation instructions
 -------------------------------
 
-Cornflow is tested with Ubuntu 20.04, python >= 3.8 and git.
+cornflow is tested with Ubuntu 20.04, python >= 3.8 and git.
 
-Download the Cornflow project and install requirements::
+Download the cornflow project and install requirements::
 
     python3 -m venv venv
     venv/bin/pip3 install cornflow
@@ -110,7 +110,7 @@ initialize the sqlite database::
     flask create_admin_user  -u cornflow -e cornflow_admin@admin.com -p cornflow_admin_password
 
 
-activate the virtual environment and run Cornflow::
+activate the virtual environment and run cornflow::
 
     source venv/bin/activate
     export FLASK_APP=cornflow.app
@@ -121,7 +121,7 @@ activate the virtual environment and run Cornflow::
     export AIRFLOW_PWD=airflow_pwd
     flask run
 
-**Cornflow needs a running installation of Airflow to operate and more configuration**. Check `the installation docs <https://baobabsoluciones.github.io/cornflow/main/install.html>`_ for more details on installing airflow, configuring the application and initializing the database.
+**cornflow needs a running installation of Airflow to operate and more configuration**. Check `the installation docs <https://baobabsoluciones.github.io/cornflow/main/install.html>`_ for more details on installing airflow, configuring the application and initializing the database.
 
 Using cornflow to solve a PuLP model
 ---------------------------------------

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/README.rst

@@ -1,4 +1,4 @@
-Cornflow
+cornflow
 =========
 
 .. image:: https://github.com/baobabsoluciones/cornflow/workflows/build/badge.svg?style=svg
@@ -18,13 +18,13 @@ Cornflow
 
 .. image:: https://img.shields.io/badge/License-Apache2.0-blue
 
-Cornflow is an open source multi-solver optimization server with a REST API built using `flask <https://flask.palletsprojects.com>`_, `airflow <https://airflow.apache.org/>`_ and `pulp <https://coin-or.github.io/pulp/>`_.
+cornflow is an open source multi-solver optimization server with a REST API built using `flask <https://flask.palletsprojects.com>`_, `airflow <https://airflow.apache.org/>`_ and `pulp <https://coin-or.github.io/pulp/>`_.
 
-While most deployment servers are based on the solving technique (MIP, CP, NLP, etc.), Cornflow focuses on the optimization problems themselves. However, it does not impose any constraint on the type of problem and solution method to use.
+While most deployment servers are based on the solving technique (MIP, CP, NLP, etc.), cornflow focuses on the optimization problems themselves. However, it does not impose any constraint on the type of problem and solution method to use.
 
-With Cornflow you can deploy a Traveling Salesman Problem solver next to a Knapsack solver or a Nurse Rostering Problem solver. As long as you describe the input and output data, you can upload any solution method for any problem and then use it with any data you want.
+With cornflow you can deploy a Traveling Salesman Problem solver next to a Knapsack solver or a Nurse Rostering Problem solver. As long as you describe the input and output data, you can upload any solution method for any problem and then use it with any data you want.
 
-Cornflow helps you formalize your problem by proposing development guidelines. It also provides a range of functionalities around your deployed solution method, namely:
+cornflow helps you formalize your problem by proposing development guidelines. It also provides a range of functionalities around your deployed solution method, namely:
 
 * storage of users, instances, solutions and solution logs.
 * deployment and maintenance of models, solvers and algorithms.
@@ -40,9 +40,9 @@ Cornflow helps you formalize your problem by proposing development guidelines. I
 Installation instructions
 -------------------------------
 
-Cornflow is tested with Ubuntu 20.04, python >= 3.8 and git.
+cornflow is tested with Ubuntu 20.04, python >= 3.8 and git.
 
-Download the Cornflow project and install requirements::
+Download the cornflow project and install requirements::
 
     python3 -m venv venv
     venv/bin/pip3 install cornflow
@@ -58,7 +58,7 @@ initialize the sqlite database::
     flask create_admin_user  -u cornflow -e cornflow_admin@admin.com -p cornflow_admin_password
 
 
-activate the virtual environment and run Cornflow::
+activate the virtual environment and run cornflow::
 
     source venv/bin/activate
     export FLASK_APP=cornflow.app
@@ -69,7 +69,7 @@ activate the virtual environment and run Cornflow::
     export AIRFLOW_PWD=airflow_pwd
     flask run
 
-**Cornflow needs a running installation of Airflow to operate and more configuration**. Check `the installation docs <https://baobabsoluciones.github.io/cornflow/main/install.html>`_ for more details on installing airflow, configuring the application and initializing the database.
+**cornflow needs a running installation of Airflow to operate and more configuration**. Check `the installation docs <https://baobabsoluciones.github.io/cornflow/main/install.html>`_ for more details on installing airflow, configuring the application and initializing the database.
 
 Using cornflow to solve a PuLP model
 ---------------------------------------

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/airflow_config/airflow_local_settings.py

@@ -19,5 +19,5 @@ STATE_COLORS = {
 from airflow.www.utils import UIAlert
 
 DASHBOARD_UIALERTS = [
-    UIAlert("Welcome! This is the backend of your Cornflow environment. Airflow™ is a platform created by the community to programmatically author, schedule and monitor workflows."),
+    UIAlert("Welcome! This is the backend of your cornflow environment. Airflow™ is a platform created by the community to programmatically author, schedule and monitor workflows."),
 ]

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/cornflow/cli/migrations.py

@@ -3,7 +3,7 @@ import os.path
 
 import click
 from cornflow.shared import db
-from flask_migrate import Migrate, migrate, upgrade, init
+from flask_migrate import Migrate, migrate, upgrade, downgrade, init
 
 from .utils import get_app
 
@@ -28,7 +28,27 @@ def migrate_migrations():
 
 
 @migrations.command(name="upgrade", help="Apply migrations")
-def upgrade_migrations():
+@click.option(
+    "-r", "--revision", type=str, help="The revision to upgrade to", default="head"
+)
+def upgrade_migrations(revision="head"):
+    app = get_app()
+    external = int(os.getenv("EXTERNAL_APP", 0))
+    if external == 0:
+        path = "./cornflow/migrations"
+    else:
+        path = f"./{os.getenv('EXTERNAL_APP_MODULE', 'external_app')}/migrations"
+
+    with app.app_context():
+        migration_client = Migrate(app=app, db=db, directory=path)
+        upgrade(revision=revision)
+
+
+@migrations.command(name="downgrade", help="Downgrade migrations")
+@click.option(
+    "-r", "--revision", type=str, help="The revision to downgrade to", default="-1"
+)
+def downgrade_migrations(revision="-1"):
     app = get_app()
     external = int(os.getenv("EXTERNAL_APP", 0))
     if external == 0:
@@ -38,7 +58,7 @@ def upgrade_migrations():
 
     with app.app_context():
         migration_client = Migrate(app=app, db=db, directory=path)
-        upgrade()
+        downgrade(revision=revision)
 
 
 @migrations.command(

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/cornflow/cli/service.py

@@ -6,6 +6,7 @@ from logging import error
 
 
 import click
+from .utils import get_db_conn
 import cornflow
 from cornflow.app import create_app
 from cornflow.commands import (
@@ -56,15 +57,8 @@ def init_cornflow_service():
     os.environ["SECRET_KEY"] = os.getenv("FERNET_KEY", Fernet.generate_key().decode())
 
     # Cornflow db defaults
-    cornflow_db_host = os.getenv("CORNFLOW_DB_HOST", "cornflow_db")
-    cornflow_db_port = os.getenv("CORNFLOW_DB_PORT", "5432")
-    cornflow_db_user = os.getenv("CORNFLOW_DB_USER", "cornflow")
-    cornflow_db_password = os.getenv("CORNFLOW_DB_PASSWORD", "cornflow")
-    cornflow_db = os.getenv("CORNFLOW_DB", "cornflow")
-    cornflow_db_conn = os.getenv(
-        "cornflow_db_conn",
-        f"postgresql://{cornflow_db_user}:{cornflow_db_password}@{cornflow_db_host}:{cornflow_db_port}/{cornflow_db}",
-    )
+    os.environ["DEFAULT_POSTGRES"] = "1"
+    cornflow_db_conn = get_db_conn()
     os.environ["DATABASE_URL"] = cornflow_db_conn
 
     # Platform auth config and service users

cornflow-1.2.0a2/cornflow/cli/utils.py

@@ -0,0 +1,41 @@
+import os
+import sys
+from importlib import import_module
+import warnings
+
+
+def get_app():
+    env = os.getenv("FLASK_ENV", "development")
+    data_conn = get_db_conn()
+    if env == "production":
+        warnings.filterwarnings("ignore")
+    external = int(os.getenv("EXTERNAL_APP", 0))
+    if external == 0:
+        from cornflow.app import create_app
+    else:
+        sys.path.append("./")
+        external_app = os.getenv("EXTERNAL_APP_MODULE", "external_app")
+        external_module = import_module(external_app)
+        create_app = external_module.create_wsgi_app
+
+    if data_conn is None:
+        app = create_app(env)
+    else:
+        app = create_app(env, data_conn)
+
+    return app
+
+
+def get_db_conn():
+    if int(os.getenv("DEFAULT_POSTGRES", 0)) == 0:
+        return os.getenv("DATABASE_URL", "sqlite:///cornflow.db")
+    else:
+        cornflow_db_host = os.getenv("CORNFLOW_DB_HOST", "cornflow_db")
+        cornflow_db_port = os.getenv("CORNFLOW_DB_PORT", "5432")
+        cornflow_db_user = os.getenv("CORNFLOW_DB_USER", "cornflow")
+        cornflow_db_password = os.getenv("CORNFLOW_DB_PASSWORD", "cornflow")
+        cornflow_db = os.getenv("CORNFLOW_DB", "cornflow")
+        return os.getenv(
+            "cornflow_db_conn",
+            f"postgresql://{cornflow_db_user}:{cornflow_db_password}@{cornflow_db_host}:{cornflow_db_port}/{cornflow_db}",
+        )

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/cornflow/config.py

@@ -65,7 +65,7 @@ class DefaultConfig(object):
 
     # APISPEC:
     APISPEC_SPEC = APISpec(
-        title="Cornflow API docs",
+        title="cornflow API docs",
         version="v1",
         plugins=[MarshmallowPlugin()],
         openapi_version="2.0.0",

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/cornflow/endpoints/__init__.py

@@ -3,8 +3,9 @@ Initialization file for the endpoints module
 All references to endpoints should be imported from here
 The login resource gets created on app startup as it depends on configuration
 """
+
 from .action import ActionListEndpoint
-from .alarms import AlarmsEndpoint
+from .alarms import AlarmsEndpoint, AlarmDetailEndpoint
 from .apiview import ApiViewListEndpoint
 from .case import (
     CaseEndpoint,
@@ -225,6 +226,11 @@ alarms_resources = [
         urls="/alarms/",
         endpoint="alarms",
     ),
+    dict(
+        resource=AlarmDetailEndpoint,
+        urls="/alarms/<int:idx>/",
+        endpoint="alarms-detail",
+    ),
     dict(
         resource=MainAlarmsEndpoint,
         urls="/main-alarms/",

cornflow-1.2.0a2/cornflow/endpoints/alarms.py

@@ -0,0 +1,123 @@
+# Imports from libraries
+from flask import current_app
+from flask_apispec import doc, marshal_with, use_kwargs
+
+# Import from internal modules
+from cornflow.endpoints.meta_resource import BaseMetaResource
+from cornflow.models import AlarmsModel
+from cornflow.schemas.alarms import (
+    AlarmEditRequest,
+    AlarmsResponse,
+    AlarmsPostRequest,
+    QueryFiltersAlarms,
+)
+from cornflow.shared.authentication import Auth, authenticate
+from cornflow.shared.exceptions import AirflowError, ObjectDoesNotExist, InvalidData
+from cornflow.shared.const import SERVICE_ROLE
+
+
+class AlarmsEndpoint(BaseMetaResource):
+    """
+    Endpoint used to manage the table alarms.
+    Available methods: [get, post]
+    """
+
+    def __init__(self):
+        super().__init__()
+        self.data_model = AlarmsModel
+        self.unique = ["id"]
+
+    @doc(
+        description="Get list of all the elements in the table",
+        tags=["None"],
+    )
+    @authenticate(auth_class=Auth())
+    @marshal_with(AlarmsResponse(many=True))
+    @use_kwargs(QueryFiltersAlarms, location="query")
+    def get(self, **kwargs):
+        """
+        API method to get all the rows of the table.
+        It requires authentication to be passed in the form of a token that has to be linked to
+        an existing session (login) made by a user.
+        :return: A list of objects with the data, and an integer with the HTTP status code.
+        :rtype: Tuple(dict, integer)
+        """
+        return self.get_list(**kwargs)
+
+    @doc(
+        description="Add a new row to the table",
+        tags=["None"],
+    )
+    @authenticate(auth_class=Auth())
+    @marshal_with(AlarmsResponse)
+    @use_kwargs(AlarmsPostRequest, location="json")
+    def post(self, **kwargs):
+        """
+        API method to add a row to the table.
+        It requires authentication to be passed in the form of a token that has to be linked to
+        an existing session (login) made by a user.
+        :return: An object with the data for the created row,
+        and an integer with the HTTP status code.
+        :rtype: Tuple(dict, integer)
+        """
+        return self.post_list(data=kwargs)
+
+
+class AlarmDetailEndpointBase(BaseMetaResource):
+    """
+    Endpoint used to get the information of a certain alarm. But not the data!
+    """
+
+    def __init__(self):
+        super().__init__()
+        self.data_model = AlarmsModel
+        self.unique = ["id"]
+
+
+class AlarmDetailEndpoint(AlarmDetailEndpointBase):
+    @doc(description="Get details of an alarm", tags=["None"], inherit=False)
+    @authenticate(auth_class=Auth())
+    @marshal_with(AlarmsResponse)
+    @BaseMetaResource.get_data_or_404
+    def get(self, idx):
+        """
+        API method to get an execution created by the user and its related info.
+        It requires authentication to be passed in the form of a token that has to be linked to
+        an existing session (login) made by a user.
+
+        :param str idx: ID of the execution.
+        :return: A dictionary with a message (error if authentication failed, or the execution does not exist or
+          the data of the execution) and an integer with the HTTP status code.
+        :rtype: Tuple(dict, integer)
+        """
+        current_app.logger.info(
+            f"User {self.get_user()} gets details of execution {idx}"
+        )
+        return self.get_detail(idx=idx)
+
+    @doc(description="Edit an execution", tags=["Executions"], inherit=False)
+    @authenticate(auth_class=Auth())
+    @use_kwargs(AlarmEditRequest, location="json")
+    def put(self, idx, **data):
+        """
+        Edit an existing alarm
+
+        :param string idx: ID of the alarm.
+        :return: A dictionary with a message (error if authentication failed, or the alarm does not exist or
+          a message) and an integer with the HTTP status code.
+        :rtype: Tuple(dict, integer)
+        """
+        current_app.logger.info(f"User {self.get_user()} edits alarm {idx}")
+        return self.put_detail(data, track_user=False, idx=idx)
+
+    @doc(description="Disable an alarm", tags=["None"])
+    @authenticate(auth_class=Auth())
+    def delete(self, idx):
+        """
+        :param int alarm_id: Alarm id.
+        :return:
+        :rtype: Tuple(dict, integer)
+        """
+
+        current_app.logger.info(f"Alarm {idx} was disabled by user {self.get_user()}")
+        return self.disable_detail(idx=idx)

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/cornflow/endpoints/login.py

@@ -2,15 +2,16 @@
 External endpoint for the user to log in to the cornflow webserver
 """
 
+from datetime import datetime, timezone, timedelta
+
 # Partial imports
 from flask import current_app, request
 from flask_apispec import use_kwargs, doc
 from sqlalchemy.exc import IntegrityError, DBAPIError
-from datetime import datetime, timedelta
 
 # Import from internal modules
 from cornflow.endpoints.meta_resource import BaseMetaResource
-from cornflow.models import UserModel, UserRoleModel
+from cornflow.models import UserModel, UserRoleModel, PermissionsDAG
 from cornflow.schemas.user import LoginEndpointRequest, LoginOpenAuthRequest
 from cornflow.shared import db
 from cornflow.shared.authentication import Auth, LDAPBase
@@ -51,22 +52,35 @@ class LoginBaseEndpoint(BaseMetaResource):
         if auth_type == AUTH_DB:
             user = self.auth_db_authenticate(**kwargs)
             response.update({"change_password": check_last_password_change(user)})
-            current_app.logger.info(f"User {user.id} logged in successfully using database authentication")
+            current_app.logger.info(
+                f"User {user.id} logged in successfully using database authentication"
+            )
         elif auth_type == AUTH_LDAP:
             user = self.auth_ldap_authenticate(**kwargs)
-            current_app.logger.info(f"User {user.id} logged in successfully using LDAP authentication")
+            current_app.logger.info(
+                f"User {user.id} logged in successfully using LDAP authentication"
+            )
         elif auth_type == AUTH_OID:
-            if (kwargs.get('username') and kwargs.get('password')):
+            if kwargs.get("username") and kwargs.get("password"):
                 if not current_app.config.get("SERVICE_USER_ALLOW_PASSWORD_LOGIN", 0):
-                    raise InvalidUsage("Must provide a token in Authorization header. Cannot log in with username and password", 400)
-                user = self.auth_oid_authenticate(username=kwargs['username'], password=kwargs['password'])
-                current_app.logger.info(f"Service user {user.id} logged in successfully using password")
+                    raise InvalidUsage(
+                        "Must provide a token in Authorization header. Cannot log in with username and password",
+                        400,
+                    )
+                user = self.auth_oid_authenticate(
+                    username=kwargs["username"], password=kwargs["password"]
+                )
+                current_app.logger.info(
+                    f"Service user {user.id} logged in successfully using password"
+                )
                 token = self.auth_class.generate_token(user.id)
             else:
                 token = self.auth_class().get_token_from_header(request.headers)
                 user = self.auth_oid_authenticate(token=token)
-                current_app.logger.info(f"User {user.id} logged in successfully using OpenID authentication")
-            
+                current_app.logger.info(
+                    f"User {user.id} logged in successfully using OpenID authentication"
+                )
+
             response.update({"token": token, "id": user.id})
             return response, 200
         else:
@@ -147,7 +161,9 @@ class LoginBaseEndpoint(BaseMetaResource):
 
         return user
 
-    def auth_oid_authenticate(self, token: str = None, username: str = None, password: str = None):
+    def auth_oid_authenticate(
+        self, token: str = None, username: str = None, password: str = None
+    ):
         """
         Method in charge of performing the authentication using OpenID Connect tokens.
         Supports any OIDC provider configured via provider_url.
@@ -158,33 +174,22 @@ class LoginBaseEndpoint(BaseMetaResource):
         :return: the user object, or it raises an error if it has not been possible to log in
         :rtype: :class:`UserModel`
         """
-        print("[auth_oid_authenticate] Starting OpenID authentication")
         if token:
-            print("[auth_oid_authenticate] Authenticating with token")
+
             decoded_token = self.auth_class().decode_token(token)
-            print(f"[auth_oid_authenticate] Token decoded successfully: {decoded_token}")
-
-            username = decoded_token.get('username')
-            if not username:
-                print("[auth_oid_authenticate] Missing username in token claims")
-                raise InvalidCredentials(
-                    "Invalid token: missing username claim",
-                    log_txt="Token validation failed: missing username claim",
-                    status_code=400
-                )
 
-            print(f"[auth_oid_authenticate] Looking up user: {username}")
+            username = decoded_token.get("sub")
+
             user = self.data_model.get_one_object(username=username)
 
             if not user:
-                print(f"[auth_oid_authenticate] Creating new user: {username}")
                 current_app.logger.info(
                     f"OpenID user {username} does not exist and is created"
                 )
 
-                email = decoded_token.get('email', f"{username}@cornflow.org")
-                first_name = decoded_token.get('given_name', '')
-                last_name = decoded_token.get('family_name', '')
+                email = decoded_token.get("email", f"{username}@cornflow.org")
+                first_name = decoded_token.get("given_name", "")
+                last_name = decoded_token.get("family_name", "")
 
                 data = {
                     "username": username,
@@ -203,13 +208,12 @@ class LoginBaseEndpoint(BaseMetaResource):
                     }
                 )
                 user_role.save()
+                if int(current_app.config["OPEN_DEPLOYMENT"]) == 1:
+                    PermissionsDAG.add_all_permissions_to_user(user.id)
 
             return user
 
-        elif (
-            username
-            and password
-        ):
+        elif username and password:
             user = self.auth_db_authenticate(username, password)
             if user.is_service_user():
                 return user
@@ -221,17 +225,34 @@ class LoginBaseEndpoint(BaseMetaResource):
 def check_last_password_change(user):
     """
     Check if the user needs to change their password based on the password rotation time.
-    
+
     :param user: The user object to check
     :return: True if password needs to be changed, False otherwise
     :rtype: bool
     """
     if user.pwd_last_change:
-        if (
-            user.pwd_last_change
-            + timedelta(days=int(current_app.config["PWD_ROTATION_TIME"]))
-            < datetime.utcnow()
-        ):
+        # Handle the case where pwd_last_change is already a datetime object
+        if isinstance(user.pwd_last_change, datetime):
+            # If it's a naive datetime (no timezone info), make it timezone-aware
+            if user.pwd_last_change.tzinfo is None:
+                last_change = user.pwd_last_change.replace(tzinfo=timezone.utc)
+            else:
+                # Already timezone-aware
+                last_change = user.pwd_last_change
+        else:
+            # It's a timestamp (integer), convert to datetime
+            last_change = datetime.fromtimestamp(user.pwd_last_change, timezone.utc)
+
+        # Get current time with UTC timezone for proper comparison
+        current_time = datetime.now(timezone.utc)
+
+        # Calculate the expiration time based on the password rotation setting
+        expiration_time = last_change + timedelta(
+            days=int(current_app.config["PWD_ROTATION_TIME"])
+        )
+
+        # Compare the timezone-aware datetimes
+        if expiration_time < current_time:
             return True
     return False
 

{cornflow-1.2.0a1 → cornflow-1.2.0a2}/cornflow/endpoints/meta_resource.py

@@ -13,6 +13,7 @@ from cornflow.shared.const import ALL_DEFAULT_ROLES
 from cornflow.shared.exceptions import InvalidUsage, ObjectDoesNotExist, NoPermission
 
 
+
 class BaseMetaResource(Resource, MethodResource):
     """
     The base resource from all methods inherit from.
@@ -175,11 +176,18 @@ class BaseMetaResource(Resource, MethodResource):
     METHODS USED FOR ACTIVATING / DISABLING RECORDS IN CASE WE DO NOT WANT TO DELETE THEM STRAIGHT AWAY
     """
 
-    def disable_detail(self):
+    def disable_detail(self, idx):
         """
-        Method not implemented yet
+        Method to DISABLE an object from the database
+
+        :param idx: the idx which identifies the object
+        :return: the object and a status code.
         """
-        raise NotImplemented
+        row = self.data_model.query.get(idx)
+        if row is None:
+            raise ObjectDoesNotExist(f"Object with id {idx} not found.")
+        row.disable()
+        return {"message": "Object marked as disabled"}, 200
 
     def activate_detail(self, **kwargs):
         """