cornflow 1.2.3a2__py3-none-any.whl → 1.2.3a3__py3-none-any.whl

cornflow/commands/permissions.py

@@ -38,13 +38,15 @@ def register_base_permissions_command(external_app: str = None, verbose: bool =
         (perm.role_id, perm.action_id, perm.api_view_id) for perm in permissions_in_db
     ]
     resources_names = [resource["endpoint"] for resource in resources_to_register]
-    roles_in_db = [role.name for role in RoleModel.get_all_objects()]
+    roles_in_db = [role.id for role in RoleModel.get_all_objects()]
     # Check which roles are not in ROLES_MAP
-    roles_not_in_map = [role for role in roles_in_db if role not in ROLES_MAP.keys()]
+    roles_not_in_map = [
+        role_id for role_id in roles_in_db if role_id not in ROLES_MAP.keys()
+    ]
     complete_base_assignation = BASE_PERMISSION_ASSIGNATION.copy()
     if len(roles_not_in_map) > 0:
         # We add to the complete_base_assignation the roles that are not in ROLES_MAP
-        for role in roles_not_in_map:
+        for role_id in roles_not_in_map:
             for action in [
                 GET_ACTION,
                 PATCH_ACTION,
@@ -52,7 +54,7 @@ def register_base_permissions_command(external_app: str = None, verbose: bool =
                 PUT_ACTION,
                 DELETE_ACTION,
             ]:
-                complete_base_assignation.append((role, action))
+                complete_base_assignation.append((role_id, action))
 
     # Create base permissions
     permissions_in_app = [

cornflow/shared/const.py

@@ -1,7 +1,7 @@
 """
 In this file we import the values for different constants on cornflow server
 """
-CORNFLOW_VERSION = "1.2.3a2"
+CORNFLOW_VERSION = "1.2.3a3"
 INTERNAL_TOKEN_ISSUER = "cornflow"
 
 # endpoints responses for health check

cornflow/tests/unit/test_commands.py

@@ -587,12 +587,13 @@ class TestCommands(TestCase):
 
     def test_custom_role_permissions_are_preserved(self):
         """
-        Test that permissions for custom roles (not in ROLES_MAP) are preserved
-        during permission synchronization.
+        Test that custom roles (not in ROLES_MAP) are automatically detected
+        and assigned complete permissions during synchronization.
 
-        This test verifies that when permissions are synchronized, only permissions
-        for roles defined in ROLES_MAP are subject to deletion, while custom roles
-        added manually to the database are preserved.
+        This test verifies that when permissions are synchronized:
+        1. Custom roles in the database are automatically detected
+        2. They are assigned all actions (GET, PATCH, POST, PUT, DELETE)
+        3. These permissions are created for all endpoints where the role has access
         """
         # First, initialize the access system normally
         self.runner.invoke(access_init)
@@ -608,36 +609,81 @@ class TestCommands(TestCase):
         custom_role = RoleModel({"id": custom_role_id, "name": "custom_role"})
         custom_role.save()
 
-        # Create a permission for this custom role
-        from cornflow.shared.const import GET_ACTION
+        # Temporarily add the custom role to ExampleDataListEndpoint ROLES_WITH_ACCESS
+        from cornflow.endpoints.example_data import ExampleDataListEndpoint
 
-        custom_permission = PermissionViewRoleModel(
-            {"role_id": custom_role_id, "action_id": GET_ACTION, "api_view_id": view.id}
-        )
-        custom_permission.save()
+        original_roles = ExampleDataListEndpoint.ROLES_WITH_ACCESS.copy()
+        ExampleDataListEndpoint.ROLES_WITH_ACCESS = original_roles + [custom_role_id]
 
-        # Verify the custom permission exists
-        custom_perms_before = PermissionViewRoleModel.query.filter_by(
-            role_id=custom_role_id, action_id=GET_ACTION, api_view_id=view.id
-        ).all()
-        self.assertEqual(
-            1, len(custom_perms_before), "Custom permission should exist before sync"
-        )
+        try:
+            # Count permissions before synchronization
+            perms_before = PermissionViewRoleModel.query.filter_by(
+                role_id=custom_role_id, api_view_id=view.id
+            ).count()
+            self.assertEqual(
+                0, perms_before, "No custom permissions should exist initially"
+            )
 
-        # Run permission synchronization (this would previously delete custom role permissions)
-        self.runner.invoke(register_base_assignations, ["-v"])
+            # Run permission synchronization - this should auto-detect the custom role
+            self.runner.invoke(register_base_assignations, ["-v"])
 
-        # Verify the custom permission still exists after synchronization
-        custom_perms_after = PermissionViewRoleModel.query.filter_by(
-            role_id=custom_role_id, action_id=GET_ACTION, api_view_id=view.id
-        ).all()
-        self.assertEqual(
-            1,
-            len(custom_perms_after),
-            "Custom role permission should be preserved after synchronization. "
-            "Permissions should only be deleted for roles defined in ROLES_MAP.",
-        )
+            # Verify that ALL actions have been assigned to the custom role
+            from cornflow.shared.const import (
+                GET_ACTION,
+                PATCH_ACTION,
+                POST_ACTION,
+                PUT_ACTION,
+                DELETE_ACTION,
+            )
 
-        # Clean up
-        custom_permission.delete()
-        custom_role.delete()
+            expected_actions = [
+                GET_ACTION,
+                PATCH_ACTION,
+                POST_ACTION,
+                PUT_ACTION,
+                DELETE_ACTION,
+            ]
+
+            for action in expected_actions:
+                permission = PermissionViewRoleModel.query.filter_by(
+                    role_id=custom_role_id, action_id=action, api_view_id=view.id
+                ).first()
+                self.assertIsNotNone(
+                    permission,
+                    f"Custom role should have permission for action {action}. "
+                    f"The system should auto-detect custom roles and assign complete permissions.",
+                )
+
+            # Verify total count of permissions for custom role
+            total_perms = PermissionViewRoleModel.query.filter_by(
+                role_id=custom_role_id, api_view_id=view.id
+            ).count()
+            self.assertEqual(
+                len(expected_actions),
+                total_perms,
+                f"Custom role should have {len(expected_actions)} permissions (all actions)",
+            )
+
+            # Test that running sync again doesn't duplicate permissions
+            self.runner.invoke(register_base_assignations, ["-v"])
+
+            total_perms_after_second_sync = PermissionViewRoleModel.query.filter_by(
+                role_id=custom_role_id, api_view_id=view.id
+            ).count()
+            self.assertEqual(
+                len(expected_actions),
+                total_perms_after_second_sync,
+                "Permissions should not be duplicated on subsequent syncs",
+            )
+
+        finally:
+            # Clean up
+            # Delete permissions first (due to foreign key constraints)
+            permissions_to_delete = PermissionViewRoleModel.query.filter_by(
+                role_id=custom_role_id
+            ).all()
+            for perm in permissions_to_delete:
+                perm.delete()
+            custom_role.delete()
+            # Restore original ROLES_WITH_ACCESS
+            ExampleDataListEndpoint.ROLES_WITH_ACCESS = original_roles

{cornflow-1.2.3a2.dist-info → cornflow-1.2.3a3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cornflow
-Version: 1.2.3a2
+Version: 1.2.3a3
 Summary: cornflow is an open source multi-solver optimization server with a REST API built using flask.
 Home-page: https://github.com/baobabsoluciones/cornflow
 Author: baobab soluciones

{cornflow-1.2.3a2.dist-info → cornflow-1.2.3a3.dist-info}/RECORD

@@ -32,7 +32,7 @@ cornflow/commands/access.py,sha256=NTZJFF9la8TDuMcD_ISQtJTj-wtM2p1dddokQJHtkj0,7
 cornflow/commands/actions.py,sha256=4AwgAmyI6VeaugkISvTlNGrIzMMU_-ZB3MhwDD_CIEA,1544
 cornflow/commands/cleanup.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cornflow/commands/dag.py,sha256=AtagFGnB_ucfO0qUawDgd4iRoBCVc-RiOs08DqXSwXM,3786
-cornflow/commands/permissions.py,sha256=xrAVNjipabc1SWt3TApRdoVsHjtfmpEPnC6vXmmhLWs,7412
+cornflow/commands/permissions.py,sha256=f6UMB1dj4KBXhrCXalcOdiQlDUldbbmslI6yTrK-_VM,7439
 cornflow/commands/roles.py,sha256=Oux-UkswkQ74zqaMEJYIEsZpQZGBcGaSahVzx9feAHU,1516
 cornflow/commands/schemas.py,sha256=40dZSJ2nEqBa7Crb6DbFmnclT5e8ljAIjscOgHr9lhk,1970
 cornflow/commands/users.py,sha256=2YTbNYY5kZL6ujxGP4fyYgqtv5uuVGdkLR31n7OFFaE,2477
@@ -119,7 +119,7 @@ cornflow/schemas/user_role.py,sha256=e5y6RgdZZtLqD-h2B3sa5WokI5-pT78tWw85IG34I74
 cornflow/schemas/view.py,sha256=ctq9Y1TmjrWdyOqgDYeEx7qbbuNLKfSiNOlFTlXmpaw,429
 cornflow/shared/__init__.py,sha256=1ahcBwWOsSjGI4FEm77JBQjitBdBszOncKcEMjzwGYE,29
 cornflow/shared/compress.py,sha256=pohQaGs1xbH8CN6URIH6BAHA--pFq7Hmjz8oI3c3B5c,1347
-cornflow/shared/const.py,sha256=iyD9RFf0z7NyGvZJtNGLIAbsxYYcG3IpRbke72pl-7A,3555
+cornflow/shared/const.py,sha256=06VjXJ1MxSc7MrmWMZD95N0VCLjiNqXIE3o1a-xd9n0,3555
 cornflow/shared/email.py,sha256=QNDDMv86LZObkevSCyUbLQeR2UD3zWScPIr82NDzYHQ,3437
 cornflow/shared/exceptions.py,sha256=E82488IiwTXCv8iwrnGvkTonhJcwbeE5ARO4Zsmhl2c,6966
 cornflow/shared/licenses.py,sha256=Lc71Jw2NxVTFWtoXdQ9wJX_o3BDfYg1xVoehDXvnCkQ,1328
@@ -148,7 +148,7 @@ cornflow/tests/unit/test_apiview.py,sha256=03M1GsQRVK7zqmslhOJXr4lLDLY2gMAgg86nk
 cornflow/tests/unit/test_application.py,sha256=ZVmTQDUOkPRxHqt6mWU9G_lQ3jJNMJR0cx7IkLMFGrU,1715
 cornflow/tests/unit/test_cases.py,sha256=Ez9dxlZL-SUf9DW9b_A_qPowHqUZ-TA73DMOzeBeLIU,37718
 cornflow/tests/unit/test_cli.py,sha256=E2w-Lzgx_k__0mYwlbg2z80_z9nwPZKI0CbgyGmpQRY,18775
-cornflow/tests/unit/test_commands.py,sha256=EcaZh1DsA3HgHx5NhpIJKcnUn8KDcnyk2QajhwGs6Yk,21063
+cornflow/tests/unit/test_commands.py,sha256=JaV_RX9VNaYj_3_QKHZmxct5irfA9GnQLKmpO002P1Y,23002
 cornflow/tests/unit/test_dags.py,sha256=XsOi5bBJQdQz3DmYAVJf1myoAsRyBBdmku-xBr0Bku0,13386
 cornflow/tests/unit/test_data_checks.py,sha256=6s50d1iuRTUcAYn14oEcRS39ZZ6E9ussU4YpkpYhtC4,8612
 cornflow/tests/unit/test_example_data.py,sha256=D-Tgnqw7NZlnBXaDcUU0reNhAca5JlJP2Sdn3KdS4Sw,4127
@@ -169,8 +169,8 @@ cornflow/tests/unit/test_tables.py,sha256=SW_K8LRLwR1nB0uH8CPQCjeN8Gei-TasAgkOin
 cornflow/tests/unit/test_token.py,sha256=PZ11b46UCQpCESsRiAPhpgWkGAsAwKCVNxVQai_kxXM,4199
 cornflow/tests/unit/test_users.py,sha256=N5tcF5nSncD0F_ZlBxGuS87p6kNS4hUzRLr3_AcnK-o,22802
 cornflow/tests/unit/tools.py,sha256=ag3sWv2WLi498R1GL5AOUnXqSsszD3UugzLZLC5NqAw,585
-cornflow-1.2.3a2.dist-info/METADATA,sha256=FFezXKR-SO1Jiu61BODNGQ8Bkva4mCNw02isDt9XwEc,9529
-cornflow-1.2.3a2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-cornflow-1.2.3a2.dist-info/entry_points.txt,sha256=q9cPKAFBsmHkERCqQ2JcOTM-tVBLHTl-DGxwCXowAWM,46
-cornflow-1.2.3a2.dist-info/top_level.txt,sha256=Qj9kLFJW1PLb-ZV2s_aCkQ-Wi5W6KC6fFR-LTBrx-rU,24
-cornflow-1.2.3a2.dist-info/RECORD,,
+cornflow-1.2.3a3.dist-info/METADATA,sha256=lwa0AelaIIcefbhB5bES98yk1h4R_r5p17FzhqvIpdE,9529
+cornflow-1.2.3a3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+cornflow-1.2.3a3.dist-info/entry_points.txt,sha256=q9cPKAFBsmHkERCqQ2JcOTM-tVBLHTl-DGxwCXowAWM,46
+cornflow-1.2.3a3.dist-info/top_level.txt,sha256=Qj9kLFJW1PLb-ZV2s_aCkQ-Wi5W6KC6fFR-LTBrx-rU,24
+cornflow-1.2.3a3.dist-info/RECORD,,