geovisio 2.9.0__py3-none-any.whl → 2.11.0__py3-none-any.whl

geovisio/utils/users.py

@@ -0,0 +1,18 @@
+import logging
+from geovisio.utils.auth import Account
+
+
+def delete_user_data(conn, account: Account):
+    """Delete all the pictures of a user
+
+    Note that the database changes will be done synchronously but the picture deletion will be an asynchronous task,
+    so some background workers need to be run in order for the pictures deletion to be effective.
+    """
+    with conn.transaction(), conn.cursor() as cursor:
+        logging.info(f"Deleting pictures of account {account.name} ({account.id})")
+        # Note: deleting a picture's row add a new `delete` async task to the queue, to delete the associated files
+        nb_deleted_pics = cursor.execute("DELETE FROM pictures WHERE account_id = %s", [account.id]).rowcount
+        cursor.execute("DELETE FROM upload_sets WHERE account_id = %s", [account.id])
+        cursor.execute("UPDATE sequences SET status = 'deleted' WHERE account_id = %s", [account.id])
+        logging.info(f"Deleted {nb_deleted_pics} pictures from account {account.name} ({account.id})")
+        return nb_deleted_pics

geovisio/utils/website.py

@@ -14,7 +14,7 @@ class Website:
     """Website associated to the API.
     This wrapper will define the routes we expect from the website.
 
-    We should limit the interraction from the api to the website, but for some flow (especially auth flows), it's can be useful to redirect to website's page
+    We should limit the interaction from the api to the website, but for some flow (especially auth flows), it's can be useful to redirect to website's page
 
     If the url is:
     * set to `false`, there is no associated website

geovisio/web/annotations.py

@@ -1,11 +1,17 @@
 from typing import List, Optional
 from geovisio.utils import auth, db
-from geovisio.utils.annotations import AnnotationCreationParameter, creation_annotation, get_annotation, update_annotation
+from geovisio.utils.annotations import (
+    AnnotationCreationParameter,
+    creation_annotation,
+    get_annotation,
+    update_annotation,
+    InputAnnotationShape,
+    delete_annotation,
+)
 from geovisio.utils.tags import SemanticTagUpdate
-from geovisio.web.utils import accountIdOrDefault
 from geovisio.utils.params import validation_error
 from geovisio import errors
-from pydantic import BaseModel, ValidationError
+from pydantic import BaseModel, ValidationError, Field
 from uuid import UUID
 from flask import Blueprint, current_app, request, url_for
 from flask_babel import gettext as _
@@ -14,86 +20,144 @@ from flask_babel import gettext as _
 bp = Blueprint("annotations", __name__, url_prefix="/api")
 
 
-@bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>/annotations", methods=["POST"])
+class AnnotationPostParameter(BaseModel):
+    shape: InputAnnotationShape
+    """Shape defining the annotation.
+The annotation shape is either a full geojson geometry or only a bounding box (4 floats).
+
+The coordinates should be given in pixel, starting from the bottom left of the picture.
+
+Note that the API will always output geometry as geojson geometry (thus will transform the bbox into a polygon).
+"""
+
+    semantics: List[SemanticTagUpdate] = Field(default_factory=list)
+    """Semantic tags associated to the annotation"""
+
+
+@bp.route("/pictures/<uuid:itemId>/annotations", methods=["POST"])
 @auth.login_required()
-def postAnnotation(collectionId, itemId, account):
+def postAnnotationNonStacAlias(itemId, account):
     """Create an annotation on a picture.
 
     The geometry can be provided as a bounding box (a list of 4 integers, minx, miny, maxx, maxy) or as a geojson geometry.
     All coordinates must be in pixel, starting from the top left of the picture.
 
     If an annotation already exists on the picture with the same shape, it will be used.
-        ---
-        tags:
-            - Editing
-            - Semantics
-        parameters:
-            - name: collectionId
-              in: path
-              description: ID of collection to retrieve
-              required: true
-              schema:
-                type: string
-            - name: itemId
-              in: path
-              description: ID of item to retrieve
-              required: true
-              schema:
-                type: string
-        requestBody:
+
+    The is an alias to the `/api/collections/<collectionId>/items/<itemId>/annotations` endpoint (but you don't need to know the collection ID here).
+    ---
+    tags:
+        - Editing
+        - Semantics
+    parameters:
+        - name: itemId
+          in: path
+          description: ID of item to retrieve
+          required: true
+          schema:
+              type: string
+    requestBody:
+        content:
+            application/json:
+                schema:
+                    $ref: '#/components/schemas/GeoVisioPostAnnotation'
+    security:
+        - bearerToken: []
+        - cookieAuth: []
+    responses:
+        200:
+            description: the annotation metadata
             content:
                 application/json:
                     schema:
-                        $ref: '#/components/schemas/GeoVisioPostAnnotation'
-        security:
-            - bearerToken: []
-            - cookieAuth: []
-        responses:
-            200:
-                description: the annotation metadata
-                content:
-                    application/json:
-                        schema:
-                            $ref: '#/components/schemas/GeoVisioAnnotation'
+                        $ref: '#/components/schemas/GeoVisioAnnotation'
     """
 
-    account_id = UUID(accountIdOrDefault(account))
-
+    account_id = account.id
     pic = db.fetchone(
         current_app,
-        "SELECT 1 FROM sequences_pictures WHERE seq_id = %(seq)s AND pic_id = %(pic)s",
-        {"seq": collectionId, "pic": itemId},
+        "SELECT 1 FROM pictures WHERE id = %(pic)s",
+        {"pic": itemId},
     )
     if not pic:
         raise errors.InvalidAPIUsage(_("Picture %(p)s wasn't found in database", p=itemId), status_code=404)
 
     if request.is_json and request.json is not None:
         try:
-            params = AnnotationCreationParameter(**request.json, account_id=account_id, picture_id=itemId)
+            post_params = AnnotationPostParameter(**request.json, account_id=account_id, picture_id=itemId)
         except ValidationError as ve:
             raise errors.InvalidAPIUsage(_("Impossible to create an annotation"), payload=validation_error(ve))
     else:
         raise errors.InvalidAPIUsage(_("Parameter for creating an annotation should be a valid JSON"), status_code=415)
 
-    annotation = creation_annotation(params)
-
-    return (
-        annotation.model_dump_json(exclude_none=True),
-        200,
-        {
-            "Content-Type": "application/json",
-            "Access-Control-Expose-Headers": "Location",  # Needed for allowing web browsers access Location header
-            "Location": url_for(
-                "annotations.getAnnotation", _external=True, annotationId=annotation.id, collectionId=collectionId, itemId=itemId
-            ),
-        },
+    creation_params = AnnotationCreationParameter(
+        account_id=account_id, picture_id=itemId, shape=post_params.shape, semantics=post_params.semantics
     )
 
+    with db.conn(current_app) as conn:
+        annotation = creation_annotation(creation_params, conn)
+
+        return (
+            annotation.model_dump_json(exclude_none=True),
+            200,
+            {
+                "Content-Type": "application/json",
+                "Access-Control-Expose-Headers": "Location",  # Needed for allowing web browsers access Location header
+                "Location": url_for("annotations.getAnnotationById", _external=True, annotationId=annotation.id),
+            },
+        )
+
+
+@bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>/annotations", methods=["POST"])
+@auth.login_required()
+def postAnnotation(collectionId, itemId, account):
+    """Create an annotation on a picture.
+
+    The geometry can be provided as a bounding box (a list of 4 integers, minx, miny, maxx, maxy) or as a geojson geometry.
+    All coordinates must be in pixel, starting from the top left of the picture.
+
+    If an annotation already exists on the picture with the same shape, it will be used.
+    ---
+    tags:
+        - Editing
+        - Semantics
+    parameters:
+        - name: collectionId
+          in: path
+          description: ID of collection to retrieve
+          required: true
+          schema:
+              type: string
+        - name: itemId
+          in: path
+          description: ID of item to retrieve
+          required: true
+          schema:
+              type: string
+    requestBody:
+        content:
+            application/json:
+                schema:
+                    $ref: '#/components/schemas/GeoVisioPostAnnotation'
+    security:
+        - bearerToken: []
+        - cookieAuth: []
+    responses:
+        200:
+            description: the annotation metadata
+            content:
+                application/json:
+                    schema:
+                        $ref: '#/components/schemas/GeoVisioAnnotation'
+    """
+    return postAnnotationNonStacAlias(itemId=itemId, account=account)
+
 
 @bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>/annotations/<uuid:annotationId>", methods=["GET"])
 def getAnnotation(collectionId, itemId, annotationId):
     """Get an annotation
 
+    Note that this is the same route as `/api/annotations/<uuid:annotationId>` but you need to know the picture's and collection's IDs.
     ---
     tags:
         - Semantics
@@ -103,19 +167,19 @@ def getAnnotation(collectionId, itemId, annotationId):
           description: ID of collection
           required: true
           schema:
-            type: string
+              type: string
         - name: itemId
           in: path
           description: ID of item
           required: true
           schema:
-            type: string
+              type: string
         - name: annotationId
           in: path
           description: ID of annotation
           required: true
           schema:
-            type: string
+              type: string
     security:
         - bearerToken: []
         - cookieAuth: []
@@ -136,6 +200,41 @@ def getAnnotation(collectionId, itemId, annotationId):
         return annotation.model_dump_json(exclude_none=True), 200, {"Content-Type": "application/json"}
 
 
+@bp.route("/annotations/<uuid:annotationId>", methods=["GET"])
+def getAnnotationById(annotationId):
+    """Get an annotation.
+
+    This is the same route as `/api/collections/<uuid:collectionId>/items/<uuid:itemId>/annotations/<uuid:annotationId>` but you don't need to know the picture's and collection's IDs.
+
+    ---
+    tags:
+        - Semantics
+    parameters:
+        - name: annotationId
+          in: path
+          description: ID of annotation
+          required: true
+          schema:
+              type: string
+    security:
+        - bearerToken: []
+        - cookieAuth: []
+    responses:
+        200:
+            description: the annotation metadata
+            content:
+                application/json:
+                    schema:
+                        $ref: '#/components/schemas/GeoVisioAnnotation'
+    """
+    with db.conn(current_app) as conn:
+        annotation = get_annotation(conn, annotationId)
+        if not annotation:
+            raise errors.InvalidAPIUsage(_("Annotation %(p)s not found", p=annotationId), status_code=404)
+
+        return annotation.model_dump_json(exclude_none=True), 200, {"Content-Type": "application/json"}
+
+
 class AnnotationPatchParameter(BaseModel):
     """Parameters used to update an annotation"""
 
@@ -152,12 +251,70 @@ class AnnotationPatchParameter(BaseModel):
     """
 
 
+@bp.route("/annotations/<uuid:annotationId>", methods=["PATCH"])
+@auth.login_required()
+def patchAnnotationNonStacAlias(annotationId, account):
+    """Patch an annotation
+
+    Note that if the annotation has no associated tags anymore, it will be deleted.
+
+    Note that is an alias to the `/api/collections/<collectionId>/items/<itemId>/annotations/<annotationId>` endpoint (but you don't need to know the collection/item ID here).
+    ---
+    tags:
+        - Semantics
+    parameters:
+        - name: annotationId
+          in: path
+          description: ID of annotation
+          required: true
+          schema:
+              type: string
+    requestBody:
+        content:
+            application/json:
+                schema:
+                    $ref: '#/components/schemas/GeoVisioPatchAnnotation'
+    security:
+        - bearerToken: []
+        - cookieAuth: []
+    responses:
+        200:
+            description: the annotation metadata
+            content:
+                application/json:
+                    schema:
+                        $ref: '#/components/schemas/GeoVisioAnnotation'
+        204:
+            description: The annotation was empty, it has been correctly deleted
+    """
+    if request.is_json and request.json is not None:
+        try:
+            params = AnnotationPatchParameter(**request.json)
+        except ValidationError as ve:
+            raise errors.InvalidAPIUsage(_("Impossible to patch annotation, invalid parameters"), payload=validation_error(ve))
+    else:
+        raise errors.InvalidAPIUsage(_("Parameter for updating an annotation should be a valid JSON"), status_code=415)
+
+    with db.conn(current_app) as conn:
+
+        annotation = get_annotation(conn, annotationId)
+        if not annotation:
+            raise errors.InvalidAPIUsage(_("Annotation %(p)s not found", p=annotationId), status_code=404)
+
+        a = update_annotation(annotation, params.semantics, account.id)
+        if a is None:
+            return "", 204
+        return a.model_dump_json(exclude_none=True), 200, {"Content-Type": "application/json"}
+
+
 @bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>/annotations/<uuid:annotationId>", methods=["PATCH"])
 @auth.login_required()
 def patchAnnotation(collectionId, itemId, annotationId, account):
     """Patch an annotation
 
     Note that if the annotation has no associated tags anymore, it will be deleted.
+
+    Note that is the an alias to the `/api/annotations/<annotationId>` endpoint (but you need to know the collection/item ID here).
     ---
     tags:
         - Semantics
@@ -167,19 +324,19 @@ def patchAnnotation(collectionId, itemId, annotationId, account):
           description: ID of collection
           required: true
           schema:
-            type: string
+              type: string
         - name: itemId
           in: path
           description: ID of item
           required: true
           schema:
-            type: string
+              type: string
         - name: annotationId
           in: path
           description: ID of annotation
           required: true
           schema:
-            type: string
+              type: string
     security:
         - bearerToken: []
         - cookieAuth: []
@@ -193,21 +350,98 @@ def patchAnnotation(collectionId, itemId, annotationId, account):
         204:
             description: The annotation was empty, it has been correctly deleted
     """
-    if request.is_json and request.json is not None:
-        try:
-            params = AnnotationPatchParameter(**request.json)
-        except ValidationError as ve:
-            raise errors.InvalidAPIUsage(_("Impossible to patch annotation, invalid parameters"), payload=validation_error(ve))
-    else:
-        raise errors.InvalidAPIUsage(_("Parameter for updating an annotation should be a valid JSON"), status_code=415)
+    return patchAnnotationNonStacAlias(annotationId=annotationId, account=account)
+
+
+@bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>/annotations/<uuid:annotationId>", methods=["DELETE"])
+@auth.login_required()
+def deleteAnnotation(collectionId, itemId, annotationId, account):
+    """Delete an annotation
 
+    It is mandatory to be authenticated to delete an annotation, but anyone can delete do it. The changes are tracked in the history.
+
+    Note that this is the same route as `DELETE /api/annotations/<uuid:annotationId>` but you need to know the picture's and collection's IDs.
+    ---
+    tags:
+        - Semantics
+    parameters:
+        - name: collectionId
+          in: path
+          description: ID of collection
+          required: true
+          schema:
+              type: string
+        - name: itemId
+          in: path
+          description: ID of item
+          required: true
+          schema:
+              type: string
+        - name: annotationId
+          in: path
+          description: ID of annotation
+          required: true
+          schema:
+              type: string
+    security:
+        - bearerToken: []
+        - cookieAuth: []
+    responses:
+        204:
+            description: The Annotation has been correctly deleted
+    """
     with db.conn(current_app) as conn:
 
         annotation = get_annotation(conn, annotationId)
         if not annotation or annotation.picture_id != itemId:
-            raise errors.InvalidAPIUsage(_("Annotation %(p)s not found", p=itemId), status_code=404)
+            raise errors.InvalidAPIUsage(_("Annotation %(p)s not found", p=annotationId), status_code=404)
 
-        a = update_annotation(annotation, params.semantics, account.id)
-        if a is None:
-            return "", 204
-        return a.model_dump_json(exclude_none=True), 200, {"Content-Type": "application/json"}
+        delete_annotation(conn, annotation)
+
+    return "", 204
+
+
+@bp.route("/annotations/<uuid:annotationId>", methods=["DELETE"])
+@auth.login_required()
+def deleteAnnotationNonStacAlias(annotationId, account):
+    """Delete an annotation.
+
+    It is mandatory to be authenticated to delete an annotation, but anyone can delete do it. The changes are tracked in the history.
+
+    The is an alias to the `DELETE /api/collections/<collectionId>/items/<itemId>/annotations/<annotationId>` endpoint (but you don't need to know the collection/item ID here).
+    ---
+    tags:
+        - Semantics
+    parameters:
+        - name: collectionId
+          in: path
+          description: ID of collection
+          required: true
+          schema:
+              type: string
+        - name: itemId
+          in: path
+          description: ID of item
+          required: true
+          schema:
+              type: string
+        - name: annotationId
+          in: path
+          description: ID of annotation
+          required: true
+          schema:
+              type: string
+    security:
+        - bearerToken: []
+        - cookieAuth: []
+    responses:
+        204:
+            description: The Annotation has been correctly deleted
+    """
+    with db.conn(current_app) as conn:
+        annotation = get_annotation(conn, annotationId)
+        if not annotation:
+            raise errors.InvalidAPIUsage(_("Annotation %(p)s not found", p=annotationId), status_code=404)
+        delete_annotation(conn, annotation, account.id)
+
+    return "", 204

geovisio/web/auth.py

@@ -112,7 +112,7 @@ def auth():
 def logout():
     """Log out from geovisio
     * If the OAuth Provider is keycloak, this will redirect to a keycloak confirmation page,
-            and uppon confirmation keycloak will call post_logout_redirect that will invalidate the session
+            and upon confirmation keycloak will call post_logout_redirect that will invalidate the session
     * If the OAuth Provider is not keycloak, this will invalidate the session
     ---
     tags: