fractal-server 2.16.5__py3-none-any.whl → 2.17.0a0__py3-none-any.whl

fractal_server/app/routes/api/v2/task_group_lifecycle.py

@@ -5,7 +5,6 @@ from fastapi import HTTPException
 from fastapi import Response
 from fastapi import status
 
-from ...aux.validate_user_settings import validate_user_settings
 from ._aux_functions_task_lifecycle import check_no_ongoing_activity
 from ._aux_functions_task_lifecycle import check_no_related_workflowtask
 from ._aux_functions_task_lifecycle import check_no_submitted_job
@@ -15,15 +14,16 @@ from fractal_server.app.db import get_async_db
 from fractal_server.app.models import UserOAuth
 from fractal_server.app.models.v2 import TaskGroupActivityV2
 from fractal_server.app.routes.auth import current_active_user
+from fractal_server.app.routes.aux.validate_user_profile import (
+    validate_user_profile,
+)
+from fractal_server.app.schemas.v2 import ResourceType
 from fractal_server.app.schemas.v2 import TaskGroupActivityActionV2
 from fractal_server.app.schemas.v2 import TaskGroupActivityStatusV2
 from fractal_server.app.schemas.v2 import TaskGroupActivityV2Read
 from fractal_server.app.schemas.v2 import TaskGroupReadV2
 from fractal_server.app.schemas.v2 import TaskGroupV2OriginEnum
-from fractal_server.config import get_settings
 from fractal_server.logger import set_logger
-from fractal_server.ssh._fabric import SSHConfig
-from fractal_server.syringe import Inject
 from fractal_server.tasks.v2.local import deactivate_local
 from fractal_server.tasks.v2.local import deactivate_local_pixi
 from fractal_server.tasks.v2.local import delete_local
@@ -56,6 +56,10 @@ async def deactivate_task_group(
     """
     Deactivate task-group venv
     """
+
+    # Get validated resource and profile
+    resource, profile = await validate_user_profile(user=user, db=db)
+
     # Check access
     task_group = await _get_task_group_full_access(
         task_group_id=task_group_id,
@@ -116,41 +120,23 @@ async def deactivate_task_group(
     await db.commit()
 
     # Submit background task
-    settings = Inject(get_settings)
-    if settings.FRACTAL_RUNNER_BACKEND == "slurm_ssh":
-        # Validate user settings (backend-specific)
-        user_settings = await validate_user_settings(
-            user=user, backend=settings.FRACTAL_RUNNER_BACKEND, db=db
-        )
-
-        # User appropriate FractalSSH object
-        ssh_config = SSHConfig(
-            user=user_settings.ssh_username,
-            host=user_settings.ssh_host,
-            key_path=user_settings.ssh_private_key_path,
-        )
+    if resource.type == ResourceType.SLURM_SSH:
         if task_group.origin == TaskGroupV2OriginEnum.PIXI:
             deactivate_function = deactivate_ssh_pixi
         else:
             deactivate_function = deactivate_ssh
-        background_tasks.add_task(
-            deactivate_function,
-            task_group_id=task_group.id,
-            task_group_activity_id=task_group_activity.id,
-            ssh_config=ssh_config,
-            tasks_base_dir=user_settings.ssh_tasks_dir,
-        )
-
     else:
         if task_group.origin == TaskGroupV2OriginEnum.PIXI:
             deactivate_function = deactivate_local_pixi
         else:
             deactivate_function = deactivate_local
-        background_tasks.add_task(
-            deactivate_function,
-            task_group_id=task_group.id,
-            task_group_activity_id=task_group_activity.id,
-        )
+    background_tasks.add_task(
+        deactivate_function,
+        task_group_id=task_group.id,
+        task_group_activity_id=task_group_activity.id,
+        resource=resource,
+        profile=profile,
+    )
 
     logger.debug(
         "Task group deactivation endpoint: start deactivate "
@@ -174,6 +160,8 @@ async def reactivate_task_group(
     """
     Deactivate task-group venv
     """
+    # Get validated resource and profile
+    resource, profile = await validate_user_profile(user=user, db=db)
 
     # Check access
     task_group = await _get_task_group_full_access(
@@ -242,42 +230,23 @@ async def reactivate_task_group(
     await db.commit()
 
     # Submit background task
-    settings = Inject(get_settings)
-    if settings.FRACTAL_RUNNER_BACKEND == "slurm_ssh":
-        # Validate user settings (backend-specific)
-        user_settings = await validate_user_settings(
-            user=user, backend=settings.FRACTAL_RUNNER_BACKEND, db=db
-        )
-
-        # Use appropriate SSH credentials
-        ssh_config = SSHConfig(
-            user=user_settings.ssh_username,
-            host=user_settings.ssh_host,
-            key_path=user_settings.ssh_private_key_path,
-        )
-
+    if resource.type == ResourceType.SLURM_SSH:
         if task_group.origin == TaskGroupV2OriginEnum.PIXI:
             reactivate_function = reactivate_ssh_pixi
         else:
             reactivate_function = reactivate_ssh
-        background_tasks.add_task(
-            reactivate_function,
-            task_group_id=task_group.id,
-            task_group_activity_id=task_group_activity.id,
-            ssh_config=ssh_config,
-            tasks_base_dir=user_settings.ssh_tasks_dir,
-        )
-
     else:
         if task_group.origin == TaskGroupV2OriginEnum.PIXI:
             reactivate_function = reactivate_local_pixi
         else:
             reactivate_function = reactivate_local
-        background_tasks.add_task(
-            reactivate_function,
-            task_group_id=task_group.id,
-            task_group_activity_id=task_group_activity.id,
-        )
+    background_tasks.add_task(
+        reactivate_function,
+        task_group_id=task_group.id,
+        task_group_activity_id=task_group_activity.id,
+        resource=resource,
+        profile=profile,
+    )
     logger.debug(
         "Task group reactivation endpoint: start reactivate "
         "and return task_group_activity"
@@ -300,6 +269,8 @@ async def delete_task_group(
     """
     Deletion of task-group from db and file system
     """
+    # Get validated resource and profile
+    resource, profile = await validate_user_profile(user=user, db=db)
 
     task_group = await _get_task_group_full_access(
         task_group_id=task_group_id,
@@ -321,32 +292,18 @@ async def delete_task_group(
     db.add(task_group_activity)
     await db.commit()
 
-    settings = Inject(get_settings)
-    if settings.FRACTAL_RUNNER_BACKEND == "slurm_ssh":
-        # Validate user settings (backend-specific)
-        user_settings = await validate_user_settings(
-            user=user, backend=settings.FRACTAL_RUNNER_BACKEND, db=db
-        )
-        # User appropriate FractalSSH object
-        ssh_config = SSHConfig(
-            user=user_settings.ssh_username,
-            host=user_settings.ssh_host,
-            key_path=user_settings.ssh_private_key_path,
-        )
-
-        background_tasks.add_task(
-            delete_ssh,
-            task_group_id=task_group.id,
-            task_group_activity_id=task_group_activity.id,
-            ssh_config=ssh_config,
-            tasks_base_dir=user_settings.ssh_tasks_dir,
-        )
+    if resource.type == ResourceType.SLURM_SSH:
+        delete_function = delete_ssh
     else:
-        background_tasks.add_task(
-            delete_local,
-            task_group_id=task_group.id,
-            task_group_activity_id=task_group_activity.id,
-        )
+        delete_function = delete_local
+
+    background_tasks.add_task(
+        delete_function,
+        task_group_id=task_group.id,
+        task_group_activity_id=task_group_activity.id,
+        resource=resource,
+        profile=profile,
+    )
 
     response.status_code = status.HTTP_202_ACCEPTED
     return task_group_activity

fractal_server/app/routes/api/v2/workflow_import.py

@@ -149,7 +149,7 @@ async def _get_task_by_taskimport(
 
     # Filter task groups by version
     final_matching_task_groups = list(
-        filter(lambda tg: tg.version == version, task_groups_list)
+        filter(lambda tg: tg.version == version, matching_task_groups)
     )
 
     if len(final_matching_task_groups) < 1:
@@ -167,10 +167,11 @@ async def _get_task_by_taskimport(
     else:
         logger.info(
             "[_get_task_by_taskimport] "
-            "Found many task groups, after filtering by version."
+            f"Found {len(final_matching_task_groups)} task groups, "
+            "after filtering by version."
         )
         final_task_group = await _disambiguate_task_groups(
-            matching_task_groups=matching_task_groups,
+            matching_task_groups=final_matching_task_groups,
             user_id=user_id,
             db=db,
             default_group_id=default_group_id,

fractal_server/app/routes/auth/_aux_auth.py

@@ -22,7 +22,7 @@ async def _get_single_user_with_groups(
     """
     Enrich a user object by filling its `group_ids_names` attribute.
 
-    Arguments:
+    Args:
         user: The current `UserOAuth` object
         db: Async db session
 
@@ -75,7 +75,7 @@ async def _get_single_usergroup_with_user_ids(
     """
     Get a group, and construct its `user_ids` list.
 
-    Arguments:
+    Args:
         group_id:
         db:
 
@@ -98,7 +98,7 @@ async def _user_or_404(user_id: int, db: AsyncSession) -> UserOAuth:
     """
     Get a user from db, or raise a 404 HTTP exception if missing.
 
-    Arguments:
+    Args:
         user_id: ID of the user
         db: Async db session
     """

fractal_server/app/routes/auth/current_user.py

@@ -9,19 +9,26 @@ from fastapi_users import schemas
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlmodel import select
 
-from . import current_active_user
-from ...db import get_async_db
-from ...schemas.user import UserRead
-from ...schemas.user import UserUpdate
-from ...schemas.user import UserUpdateStrict
-from ..aux.validate_user_settings import verify_user_has_settings
-from ._aux_auth import _get_single_user_with_groups
+from fractal_server.app.db import get_async_db
 from fractal_server.app.models import LinkUserGroup
+from fractal_server.app.models import Profile
+from fractal_server.app.models import Resource
 from fractal_server.app.models import UserGroup
 from fractal_server.app.models import UserOAuth
 from fractal_server.app.models import UserSettings
+from fractal_server.app.routes.auth import current_active_user
+from fractal_server.app.routes.auth._aux_auth import (
+    _get_single_user_with_groups,
+)
+from fractal_server.app.routes.aux.validate_user_settings import (
+    verify_user_has_settings,
+)
+from fractal_server.app.schemas import UserProfileInfo
 from fractal_server.app.schemas import UserSettingsReadStrict
 from fractal_server.app.schemas import UserSettingsUpdateStrict
+from fractal_server.app.schemas.user import UserRead
+from fractal_server.app.schemas.user import UserUpdate
+from fractal_server.app.schemas.user import UserUpdateStrict
 from fractal_server.app.security import get_user_manager
 from fractal_server.app.security import UserManager
 from fractal_server.config import get_settings
@@ -110,6 +117,37 @@ async def patch_current_user_settings(
     return current_user_settings
 
 
+@router_current_user.get(
+    "/current-user/profile-info/",
+    response_model=UserProfileInfo,
+)
+async def get_current_user_profile_info(
+    current_user: UserOAuth = Depends(current_active_user),
+    db: AsyncSession = Depends(get_async_db),
+) -> UserProfileInfo:
+    stm = (
+        select(Resource, Profile)
+        .join(UserOAuth)
+        .where(Resource.id == Profile.resource_id)
+        .where(Profile.id == UserOAuth.profile_id)
+        .where(UserOAuth.id == current_user.id)
+    )
+    res = await db.execute(stm)
+    db_data = res.one_or_none()
+    if db_data is None:
+        response_data = dict(has_profile=False)
+    else:
+        resource, profile = db_data
+        response_data = dict(
+            has_profile=True,
+            resource_name=resource.name,
+            profile_name=profile.name,
+            username=profile.username,
+        )
+
+    return response_data
+
+
 @router_current_user.get(
     "/current-user/allowed-viewer-paths/", response_model=list[str]
 )

fractal_server/app/routes/auth/oauth.py

@@ -15,7 +15,7 @@ router_oauth = APIRouter()
 # environment variables (e.g. by setting OAUTH_FOO_CLIENT_ID and
 # OAUTH_FOO_CLIENT_SECRET), this list is empty
 
-# FIXME:Dependency injection should be wrapped within a function call to make
+# Note: dependency injection should be wrapped within a function call to make
 # it truly lazy. This function could then be called on startup of the FastAPI
 # app (cf. fractal_server.main)
 settings = Inject(get_settings)

fractal_server/app/routes/auth/users.py

@@ -24,6 +24,7 @@ from fractal_server.app.models import LinkUserGroup
 from fractal_server.app.models import UserGroup
 from fractal_server.app.models import UserOAuth
 from fractal_server.app.models import UserSettings
+from fractal_server.app.models.v2 import Profile
 from fractal_server.app.routes.auth._aux_auth import _user_or_404
 from fractal_server.app.schemas import UserSettingsRead
 from fractal_server.app.schemas import UserSettingsUpdate
@@ -67,6 +68,14 @@ async def patch_user(
     # Check that user exists
     user_to_patch = await _user_or_404(user_id, db)
 
+    if user_update.profile_id is not None:
+        profile = await db.get(Profile, user_update.profile_id)
+        if profile is None:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=f"Profile {user_update.profile_id} not found.",
+            )
+
     # Modify user attributes
     try:
         user = await user_manager.update(

fractal_server/app/routes/aux/_runner.py

@@ -3,10 +3,11 @@ from fastapi import status
 
 from ....config import get_settings
 from ....syringe import Inject
+from fractal_server.app.schemas.v2 import ResourceType
 
 
 def _backend_supports_shutdown(backend: str) -> bool:
-    if backend in ["slurm", "slurm_ssh"]:
+    if backend in [ResourceType.SLURM_SUDO, ResourceType.SLURM_SSH]:
         return True
     else:
         return False

fractal_server/app/routes/aux/validate_user_profile.py

@@ -0,0 +1,62 @@
+from fastapi import HTTPException
+from fastapi import status
+from pydantic import ValidationError
+
+from fractal_server.app.db import AsyncSession
+from fractal_server.app.models import Profile
+from fractal_server.app.models import Resource
+from fractal_server.app.models import UserOAuth
+from fractal_server.app.schemas.v2.profile import validate_profile_data
+from fractal_server.app.schemas.v2.resource import validate_resource_data
+from fractal_server.logger import set_logger
+
+logger = set_logger(__name__)
+
+
+async def user_has_profile_or_422(*, user: UserOAuth) -> None:
+    if user.profile_id is None:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_CONTENT,
+            detail=(
+                f"User {user.email} is not associated to a computational "
+                "profile. Please contact an admin."
+            ),
+        )
+
+
+async def validate_user_profile(
+    *,
+    user: UserOAuth,
+    db: AsyncSession,
+) -> tuple[Resource, Profile]:
+    """
+    Validate profile and resource associated to a given user.
+
+    Note: this only returns non-db-bound objects.
+    """
+    await user_has_profile_or_422(user=user)
+    profile = await db.get(Profile, user.profile_id)
+    resource = await db.get(Resource, profile.resource_id)
+    try:
+        validate_resource_data(
+            resource.model_dump(exclude={"id", "timestamp_created"}),
+        )
+        validate_profile_data(
+            profile.model_dump(exclude={"resource_id", "id"}),
+        )
+        db.expunge(resource)
+        db.expunge(profile)
+
+        return resource, profile
+
+    except ValidationError as e:
+        error_msg = (
+            "User resource/profile are not valid for "
+            f"resource type '{resource.type}'. "
+            f"Original error: {str(e)}"
+        )
+        logger.warning(error_msg)
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_CONTENT,
+            detail=error_msg,
+        )

fractal_server/app/routes/aux/validate_user_settings.py

@@ -5,10 +5,12 @@ from pydantic import ValidationError
 from fractal_server.app.db import AsyncSession
 from fractal_server.app.models import UserOAuth
 from fractal_server.app.models import UserSettings
+from fractal_server.app.schemas.v2 import ResourceType
 from fractal_server.app.user_settings import SlurmSshUserSettings
 from fractal_server.app.user_settings import SlurmSudoUserSettings
 from fractal_server.logger import set_logger
 
+
 logger = set_logger(__name__)
 
 
@@ -19,7 +21,7 @@ def verify_user_has_settings(user: UserOAuth) -> None:
     NOTE: This check will become useless when we make the foreign-key column
     required, but for the moment (as of v2.6.0) we have to keep it in place.
 
-    Arguments:
+    Args:
         user: The user to be checked.
     """
     if user.user_settings_id is None:
@@ -35,7 +37,7 @@ async def validate_user_settings(
     """
     Get a UserSettings object and validate it based on a given Fractal backend.
 
-    Arguments:
+    Args:
         user: The user whose settings we should validate.
         backend: The value of `FRACTAL_RUNNER_BACKEND`
         db: An async DB session
@@ -48,13 +50,14 @@ async def validate_user_settings(
 
     user_settings = await db.get(UserSettings, user.user_settings_id)
 
-    if backend == "slurm_ssh":
-        UserSettingsValidationModel = SlurmSshUserSettings
-    elif backend == "slurm":
-        UserSettingsValidationModel = SlurmSudoUserSettings
-    else:
-        # For other backends, we don't validate anything
-        return user_settings
+    match backend:
+        case ResourceType.SLURM_SSH:
+            UserSettingsValidationModel = SlurmSshUserSettings
+        case ResourceType.SLURM_SUDO:
+            UserSettingsValidationModel = SlurmSudoUserSettings
+        case _:
+            # For other backends, we don't validate anything
+            return user_settings
 
     try:
         UserSettingsValidationModel(**user_settings.model_dump())

fractal_server/app/schemas/user.py

@@ -7,13 +7,6 @@ from pydantic import Field
 from fractal_server.types import ListUniqueNonNegativeInt
 from fractal_server.types import NonEmptyStr
 
-__all__ = (
-    "UserRead",
-    "UserUpdate",
-    "UserUpdateGroups",
-    "UserCreate",
-)
-
 
 class OAuthAccountRead(BaseModel):
     """
@@ -36,12 +29,14 @@ class UserRead(schemas.BaseUser[int]):
     Schema for `User` read from database.
 
     Attributes:
-        username:
+        group_ids_names:
+        oauth_accounts:
+        profile_id:
     """
 
-    username: str | None = None
     group_ids_names: list[tuple[int, str]] | None = None
     oauth_accounts: list[OAuthAccountRead]
+    profile_id: int | None = None
 
 
 class UserUpdate(schemas.BaseUserUpdate):
@@ -49,16 +44,21 @@ class UserUpdate(schemas.BaseUserUpdate):
     Schema for `User` update.
 
     Attributes:
-        username:
+        password:
+        email:
+        is_active:
+        is_superuser:
+        is_verified:
+        profile_id:
     """
 
     model_config = ConfigDict(extra="forbid")
-    username: NonEmptyStr = None
     password: NonEmptyStr = None
     email: EmailStr = None
     is_active: bool = None
     is_superuser: bool = None
     is_verified: bool = None
+    profile_id: int | None = None
 
 
 class UserUpdateStrict(BaseModel):
@@ -76,10 +76,10 @@ class UserCreate(schemas.BaseUserCreate):
     Schema for `User` creation.
 
     Attributes:
-        username:
+        profile_id:
     """
 
-    username: NonEmptyStr = None
+    profile_id: int | None = None
 
 
 class UserUpdateGroups(BaseModel):
@@ -91,3 +91,10 @@ class UserUpdateGroups(BaseModel):
     model_config = ConfigDict(extra="forbid")
 
     group_ids: ListUniqueNonNegativeInt = Field(min_length=1)
+
+
+class UserProfileInfo(BaseModel):
+    has_profile: bool
+    resource_name: str | None = None
+    profile_name: str | None = None
+    username: str | None = None

fractal_server/app/schemas/user_settings.py

@@ -24,8 +24,6 @@ class UserSettingsRead(BaseModel):
     ssh_host: str | None = None
     ssh_username: str | None = None
     ssh_private_key_path: str | None = None
-    ssh_tasks_dir: str | None = None
-    ssh_jobs_dir: str | None = None
     slurm_user: str | None = None
     slurm_accounts: list[str]
     project_dir: str | None = None
@@ -48,8 +46,6 @@ class UserSettingsUpdate(BaseModel):
     ssh_host: NonEmptyStr | None = None
     ssh_username: NonEmptyStr | None = None
     ssh_private_key_path: AbsolutePathStr | None = None
-    ssh_tasks_dir: AbsolutePathStr | None = None
-    ssh_jobs_dir: AbsolutePathStr | None = None
     slurm_user: NonEmptyStr | None = None
     slurm_accounts: ListUniqueNonEmptyString | None = None
     project_dir: AbsolutePathStr | None = None

fractal_server/app/schemas/v2/__init__.py

@@ -22,9 +22,20 @@ from .job import JobStatusTypeV2  # noqa F401
 from .job import JobUpdateV2  # noqa F401
 from .manifest import ManifestV2  # noqa F401
 from .manifest import TaskManifestV2  # noqa F401
+from .profile import ProfileCreate  # noqa F401
+from .profile import ProfileRead  # noqa F401
+from .profile import ValidProfileLocal  # noqa F401
+from .profile import ValidProfileSlurmSSH  # noqa F401
+from .profile import ValidProfileSlurmSudo  # noqa F401
 from .project import ProjectCreateV2  # noqa F401
 from .project import ProjectReadV2  # noqa F401
 from .project import ProjectUpdateV2  # noqa F401
+from .resource import ResourceCreate  # noqa F401
+from .resource import ResourceRead  # noqa F401
+from .resource import ResourceType  # noqa F401
+from .resource import ValidResourceLocal  # noqa F401
+from .resource import ValidResourceSlurmSSH  # noqa F401
+from .resource import ValidResourceSlurmSudo  # noqa F401
 from .status_legacy import WorkflowTaskStatusTypeV2  # noqa F401
 from .task import TaskCreateV2  # noqa F401
 from .task import TaskExportV2  # noqa F401

fractal_server/app/schemas/v2/profile.py

@@ -0,0 +1,72 @@
+from typing import Annotated
+from typing import Any
+
+from pydantic import BaseModel
+from pydantic import Discriminator
+from pydantic import Tag
+from pydantic import validate_call
+
+from .resource import ResourceType
+from fractal_server.types import AbsolutePathStr
+from fractal_server.types import NonEmptyStr
+
+
+class ValidProfileLocal(BaseModel):
+    name: NonEmptyStr
+    resource_type: ResourceType
+    username: None = None
+    ssh_key_path: None = None
+    jobs_remote_dir: None = None
+    tasks_remote_dir: None = None
+
+
+class ValidProfileSlurmSudo(BaseModel):
+    name: NonEmptyStr
+    resource_type: ResourceType
+    username: NonEmptyStr
+    ssh_key_path: None = None
+    jobs_remote_dir: None = None
+    tasks_remote_dir: None = None
+
+
+class ValidProfileSlurmSSH(BaseModel):
+    name: NonEmptyStr
+    resource_type: ResourceType
+    username: NonEmptyStr
+    ssh_key_path: AbsolutePathStr
+    jobs_remote_dir: AbsolutePathStr
+    tasks_remote_dir: AbsolutePathStr
+
+
+def get_discriminator_value(v: Any) -> str:
+    # See https://github.com/fastapi/fastapi/discussions/12941
+    if isinstance(v, dict):
+        return v.get("resource_type", None)
+    return getattr(v, "resource_type", None)
+
+
+ProfileCreate = Annotated[
+    Annotated[ValidProfileLocal, Tag(ResourceType.LOCAL)]
+    | Annotated[ValidProfileSlurmSudo, Tag(ResourceType.SLURM_SUDO)]
+    | Annotated[ValidProfileSlurmSSH, Tag(ResourceType.SLURM_SSH)],
+    Discriminator(get_discriminator_value),
+]
+
+
+class ProfileRead(BaseModel):
+    id: int
+    name: str
+    resource_id: int
+    resource_type: str
+    username: str | None = None
+    ssh_key_path: str | None = None
+    jobs_remote_dir: str | None = None
+    tasks_remote_dir: str | None = None
+
+
+@validate_call
+def validate_profile_data(_data: ProfileCreate):
+    """
+    We use `@validate_call` because `ProfileCreate` is a `Union` type and it
+    cannot be instantiated directly.
+    """