udata 10.4.2.dev35475__py2.py3-none-any.whl → 10.4.3__py2.py3-none-any.whl

udata/__init__.py

@@ -4,5 +4,5 @@
 udata
 """
 
-__version__ = "10.4.2.dev"
+__version__ = "10.4.3"
 __description__ = "Open data portal"

udata/api_fields.py

@@ -341,6 +341,9 @@ def generate_fields(**kwargs) -> Callable:
                 continue  # Do not override if the attribute is also callable like for Extras
 
             method = getattr(cls, method_name)
+            if isinstance(method, property):
+                method = method.fget
+
             if not callable(method):
                 continue
 
@@ -356,7 +359,16 @@ def generate_fields(**kwargs) -> Callable:
                 """
                 return lambda o: method(o)
 
-            read_fields[method_name] = restx_fields.String(
+            nested_fields: dict | None = additional_field_info.get("nested_fields")
+            if nested_fields is None:
+                # If there is no `nested_fields` convert the object to the string representation.
+                field_constructor = restx_fields.String
+            else:
+
+                def field_constructor(**kwargs):
+                    return restx_fields.Nested(nested_fields, **kwargs)
+
+            read_fields[method_name] = field_constructor(
                 attribute=make_lambda(method), **{"readonly": True, **additional_field_info}
             )
             if additional_field_info.get("show_as_ref", False):
@@ -505,7 +517,6 @@ def patch(obj, request) -> type:
         field = obj.__write_fields__.get(key)
         if field is not None and not field.readonly:
             model_attribute = getattr(obj.__class__, key)
-
             if hasattr(model_attribute, "from_input"):
                 value = model_attribute.from_input(value)
             elif isinstance(model_attribute, mongoengine.fields.ListField) and isinstance(
@@ -531,6 +542,20 @@ def patch(obj, request) -> type:
                     value["id"],
                     document_type=db.resolve_model(value["class"]),
                 )
+            elif value and isinstance(
+                model_attribute,
+                mongoengine.fields.EmbeddedDocumentField,
+            ):
+                embedded_field = model_attribute.document_type()
+                value = embedded_field._from_son(value)
+            elif value and isinstance(
+                model_attribute,
+                mongoengine.fields.EmbeddedDocumentListField,
+            ):
+                embedded_field = model_attribute.field.document_type()
+                # MongoEngine BaseDocument has a `from_json` method for string and a private `_from_son`
+                # but there is no public `from_son` to use
+                value = [embedded_field._from_son(embedded_value) for embedded_value in value]
 
             info = getattr(model_attribute, "__additional_field_info__", {})
 

udata/commands/fixtures.py

@@ -54,16 +54,25 @@ UNWANTED_KEYS: dict[str, list[str]] = {
         "badges",
         "spatial",
         "quality",
+        "permissions",
     ],
     "resource": ["latest", "preview_url", "last_modified"],
     "organization": ["class", "page", "uri", "logo_thumbnail"],
-    "reuse": ["datasets", "image_thumbnail", "page", "uri", "owner"],
+    "reuse": [
+        "datasets",
+        "image_thumbnail",
+        "page",
+        "uri",
+        "owner",
+        "permissions",
+    ],
     "community": [
         "dataset",
         "owner",
         "latest",
         "last_modified",
         "preview_url",
+        "permissions",
     ],
     "discussion": ["subject", "url", "class", "permissions"],
     "discussion_message": ["permissions"],
@@ -75,6 +84,7 @@ UNWANTED_KEYS: dict[str, list[str]] = {
         "owner",
         "self_api_url",
         "self_web_url",
+        "permissions",
     ],
 }
 

udata/core/dataservices/api.py

@@ -9,7 +9,7 @@ from flask_login import current_user
 
 from udata.api import API, api, fields
 from udata.api_fields import patch
-from udata.core.dataservices.permissions import OwnablePermission
+from udata.core.dataservices.constants import DATASERVICE_ACCESS_TYPE_RESTRICTED
 from udata.core.dataset.models import Dataset
 from udata.core.followers.api import FollowAPI
 from udata.core.site.models import current_site
@@ -18,7 +18,6 @@ from udata.i18n import gettext as _
 from udata.rdf import RDF_EXTENSIONS, graph_response, negociate_content
 
 from .models import Dataservice
-from .permissions import DataserviceEditPermission
 from .rdf import dataservice_to_rdf
 
 ns = api.namespace("dataservices", "Dataservices related operations (beta)")
@@ -49,7 +48,8 @@ class DataservicesAPI(API):
         dataservice = patch(Dataservice(), request)
         if not dataservice.owner and not dataservice.organization:
             dataservice.owner = current_user._get_current_object()
-
+        if dataservice.access_type != DATASERVICE_ACCESS_TYPE_RESTRICTED:
+            dataservice.access_audiences = []
         dataservice.save()
         return dataservice, 201
 
@@ -97,7 +97,7 @@ class DataserviceAPI(API):
     @api.doc("get_dataservice")
     @api.marshal_with(Dataservice.__read_fields__)
     def get(self, dataservice):
-        if not OwnablePermission(dataservice).can():
+        if not dataservice.permissions["edit"].can():
             if dataservice.private:
                 api.abort(404)
             elif dataservice.deleted_at:
@@ -115,10 +115,12 @@ class DataserviceAPI(API):
         ):
             api.abort(410, "dataservice has been deleted")
 
-        OwnablePermission(dataservice).test()
+        dataservice.permissions["edit"].test()
 
         patch(dataservice, request)
         dataservice.metadata_modified_at = datetime.utcnow()
+        if dataservice.access_type != DATASERVICE_ACCESS_TYPE_RESTRICTED:
+            dataservice.access_audiences = []
 
         dataservice.save()
         return dataservice
@@ -130,7 +132,7 @@ class DataserviceAPI(API):
         if dataservice.deleted_at:
             api.abort(410, "dataservice has been deleted")
 
-        OwnablePermission(dataservice).test()
+        dataservice.permissions["delete"].test()
         dataservice.deleted_at = datetime.utcnow()
         dataservice.metadata_modified_at = datetime.utcnow()
         dataservice.save()
@@ -163,7 +165,7 @@ class DataserviceDatasetsAPI(API):
         if dataservice.deleted_at:
             api.abort(410, "Dataservice has been deleted")
 
-        OwnablePermission(dataservice).test()
+        dataservice.permissions["edit"].test()
 
         data = request.json
 
@@ -199,7 +201,7 @@ class DataserviceDatasetAPI(API):
         if dataservice.deleted_at:
             api.abort(410, "Dataservice has been deleted")
 
-        OwnablePermission(dataservice).test()
+        dataservice.permissions["edit"].test()
 
         if dataset not in dataservice.datasets:
             api.abort(404, "Dataset not found in dataservice")
@@ -228,8 +230,8 @@ class DataserviceRdfAPI(API):
 @api.response(410, "Dataservice has been deleted")
 class DataserviceRdfFormatAPI(API):
     @api.doc("rdf_dataservice_format")
-    def get(self, dataservice, format):
-        if not DataserviceEditPermission(dataservice).can():
+    def get(self, dataservice: Dataservice, format):
+        if not dataservice.permissions["edit"].can():
             if dataservice.private:
                 api.abort(404)
             elif dataservice.deleted_at:

udata/core/dataservices/apiv2.py

@@ -2,14 +2,17 @@ from flask import request
 
 from udata import search
 from udata.api import API, apiv2
-from udata.core.dataservices.models import Dataservice, HarvestMetadata
+from udata.core.dataservices.models import AccessAudience, Dataservice, HarvestMetadata
 from udata.utils import multi_to_dict
 
+from .models import dataservice_permissions_fields
 from .search import DataserviceSearch
 
+apiv2.inherit("DataservicePermissions", dataservice_permissions_fields)
 apiv2.inherit("DataservicePage", Dataservice.__page_fields__)
 apiv2.inherit("Dataservice (read)", Dataservice.__read_fields__)
 apiv2.inherit("HarvestMetadata (read)", HarvestMetadata.__read_fields__)
+apiv2.inherit("AccessAudience (read)", AccessAudience.__read_fields__)
 
 ns = apiv2.namespace("dataservices", "Dataservice related operations")
 

udata/core/dataservices/constants.py

@@ -9,3 +9,22 @@ DATASERVICE_ACCESS_TYPES = [
     DATASERVICE_ACCESS_TYPE_OPEN_WITH_ACCOUNT,
     DATASERVICE_ACCESS_TYPE_RESTRICTED,
 ]
+
+DATASERVICE_ACCESS_AUDIENCE_ADMINISTRATION = "local_authority_and_administration"
+DATASERVICE_ACCESS_AUDIENCE_COMPANY = "company_and_association"
+DATASERVICE_ACCESS_AUDIENCE_PRIVATE = "private"
+
+DATASERVICE_ACCESS_AUDIENCE_TYPES = [
+    DATASERVICE_ACCESS_AUDIENCE_ADMINISTRATION,
+    DATASERVICE_ACCESS_AUDIENCE_COMPANY,
+    DATASERVICE_ACCESS_AUDIENCE_PRIVATE,
+]
+
+DATASERVICE_ACCESS_AUDIENCE_YES = "yes"
+DATASERVICE_ACCESS_AUDIENCE_NO = "no"
+DATASERVICE_ACCESS_AUDIENCE_UNDER_CONDITIONS = "under_condition"
+DATASERVICE_ACCESS_AUDIENCE_CONDITIONS = [
+    DATASERVICE_ACCESS_AUDIENCE_YES,
+    DATASERVICE_ACCESS_AUDIENCE_NO,
+    DATASERVICE_ACCESS_AUDIENCE_UNDER_CONDITIONS,
+]

udata/core/dataservices/models.py

@@ -7,14 +7,22 @@ from mongoengine.signals import post_save
 
 import udata.core.contact_point.api_fields as contact_api_fields
 import udata.core.dataset.api_fields as datasets_api_fields
+from udata.api import api, fields
 from udata.api_fields import field, function_field, generate_fields
 from udata.core.activity.models import Auditable
-from udata.core.dataservices.constants import DATASERVICE_ACCESS_TYPES, DATASERVICE_FORMATS
+from udata.core.dataservices.constants import (
+    DATASERVICE_ACCESS_AUDIENCE_CONDITIONS,
+    DATASERVICE_ACCESS_AUDIENCE_TYPES,
+    DATASERVICE_ACCESS_TYPES,
+    DATASERVICE_FORMATS,
+)
 from udata.core.dataset.models import Dataset
+from udata.core.metrics.helpers import get_stock_metrics
 from udata.core.metrics.models import WithMetrics
 from udata.core.owned import Owned, OwnedQuerySet
 from udata.i18n import lazy_gettext as _
 from udata.models import Discussion, Follow, db
+from udata.mongo.errors import FieldValidationError
 from udata.uris import endpoint_for
 
 # "frequency"
@@ -27,6 +35,15 @@ from udata.uris import endpoint_for
 # "temporal_coverage"
 
 
+dataservice_permissions_fields = api.model(
+    "DataservicePermissions",
+    {
+        "delete": fields.Permission(),
+        "edit": fields.Permission(),
+    },
+)
+
+
 class DataserviceQuerySet(OwnedQuerySet):
     def visible(self):
         return self(archived_at=None, deleted_at=None, private=False)
@@ -98,6 +115,21 @@ class HarvestMetadata(db.EmbeddedDocument):
     archived_reason = field(db.StringField())
 
 
+@generate_fields()
+class AccessAudience(db.EmbeddedDocument):
+    role = field(db.StringField(choices=DATASERVICE_ACCESS_AUDIENCE_TYPES), filterable={})
+    condition = field(db.StringField(choices=DATASERVICE_ACCESS_AUDIENCE_CONDITIONS), filterable={})
+
+
+def check_only_one_condition_per_role(access_audiences, **_kwargs):
+    roles = set(e["role"] for e in access_audiences)
+    if len(roles) != len(access_audiences):
+        raise FieldValidationError(
+            _("You can only set one condition for a given access audience role"),
+            field="access_audiences",
+        )
+
+
 @generate_fields(
     searchable=True,
     additional_filters={"organization_badge": "organization.badges"},
@@ -158,6 +190,11 @@ class Dataservice(Auditable, WithMetrics, Owned, db.Document):
     availability_url = field(db.URLField())
 
     access_type = field(db.StringField(choices=DATASERVICE_ACCESS_TYPES), filterable={})
+    access_audiences = field(
+        db.EmbeddedDocumentListField(AccessAudience),
+        checks=[check_only_one_condition_per_role],
+    )
+
     authorization_request_url = field(db.URLField())
 
     format = field(db.StringField(choices=DATASERVICE_FORMATS))
@@ -252,6 +289,7 @@ class Dataservice(Auditable, WithMetrics, Owned, db.Document):
     __metrics_keys__ = [
         "discussions",
         "followers",
+        "followers_by_months",
         "views",
     ]
 
@@ -259,12 +297,27 @@ class Dataservice(Auditable, WithMetrics, Owned, db.Document):
     def is_hidden(self):
         return self.private or self.deleted_at or self.archived_at
 
+    @property
+    @function_field(
+        nested_fields=dataservice_permissions_fields,
+    )
+    def permissions(self):
+        from .permissions import DataserviceEditPermission
+
+        return {
+            "delete": DataserviceEditPermission(self),
+            "edit": DataserviceEditPermission(self),
+        }
+
     def count_discussions(self):
         self.metrics["discussions"] = Discussion.objects(subject=self, closed=None).count()
         self.save(signal_kwargs={"ignores": ["post_save"]})
 
     def count_followers(self):
         self.metrics["followers"] = Follow.objects(until=None).followers(self).count()
+        self.metrics["followers_by_months"] = get_stock_metrics(
+            Follow.objects(following=self), date_label="since"
+        )
         self.save(signal_kwargs={"ignores": ["post_save"]})
 
 

udata/core/dataset/api.py

@@ -39,6 +39,7 @@ from udata.core.badges.fields import badge_fields
 from udata.core.dataservices.models import Dataservice
 from udata.core.dataset.models import CHECKSUM_TYPES
 from udata.core.followers.api import FollowAPI
+from udata.core.followers.models import Follow
 from udata.core.organization.models import Organization
 from udata.core.reuse.models import Reuse
 from udata.core.site.models import current_site
@@ -84,7 +85,6 @@ from .models import (
     ResourceSchema,
     get_resource,
 )
-from .permissions import DatasetEditPermission, ResourceEditPermission
 from .rdf import dataset_to_rdf
 
 DEFAULT_SORTING = "-created_at_internal"
@@ -122,6 +122,12 @@ class DatasetApiParser(ModelApiParser):
             location="args",
         )
         self.parser.add_argument("owner", type=str, location="args")
+        self.parser.add_argument(
+            "followed_by",
+            type=str,
+            location="args",
+            help="(beta, subject to change/be removed)",
+        )
         self.parser.add_argument("format", type=str, location="args")
         self.parser.add_argument("schema", type=str, location="args")
         self.parser.add_argument("schema_version", type=str, location="args")
@@ -183,6 +189,16 @@ class DatasetApiParser(ModelApiParser):
             if not ObjectId.is_valid(args["owner"]):
                 api.abort(400, "Owner arg must be an identifier")
             datasets = datasets.filter(owner=args["owner"])
+        if args.get("followed_by"):
+            if not ObjectId.is_valid(args["followed_by"]):
+                api.abort(400, "`followed_by` arg must be an identifier")
+            ids = [
+                f.following.id
+                for f in Follow.objects(follower=args["followed_by"]).filter(
+                    __raw__={"following._cls": Dataset._class_name}
+                )
+            ]
+            datasets = datasets.filter(id__in=ids)
         if args.get("format"):
             datasets = datasets.filter(resources__format=args["format"])
         if args.get("schema"):
@@ -342,9 +358,9 @@ class DatasetsAtomFeedAPI(API):
 class DatasetAPI(API):
     @api.doc("get_dataset")
     @api.marshal_with(dataset_fields)
-    def get(self, dataset):
+    def get(self, dataset: Dataset):
         """Get a dataset given its identifier"""
-        if not DatasetEditPermission(dataset).can():
+        if not dataset.permissions["edit"].can():
             if dataset.private:
                 api.abort(404)
             elif dataset.deleted:
@@ -356,12 +372,12 @@ class DatasetAPI(API):
     @api.expect(dataset_fields)
     @api.marshal_with(dataset_fields)
     @api.response(400, errors.VALIDATION_ERROR)
-    def put(self, dataset):
+    def put(self, dataset: Dataset):
         """Update a dataset given its identifier"""
         request_deleted = request.json.get("deleted", True)
         if dataset.deleted and request_deleted is not None:
             api.abort(410, "Dataset has been deleted")
-        DatasetEditPermission(dataset).test()
+        dataset.permissions["edit"].test()
         dataset.last_modified_internal = datetime.utcnow()
         form = api.validate(DatasetForm, dataset)
 
@@ -374,7 +390,7 @@ class DatasetAPI(API):
         """Delete a dataset given its identifier"""
         if dataset.deleted:
             api.abort(410, "Dataset has been deleted")
-        DatasetEditPermission(dataset).test()
+        dataset.permissions["delete"].test()
         dataset.deleted = datetime.utcnow()
         dataset.last_modified_internal = datetime.utcnow()
         dataset.save()
@@ -420,7 +436,7 @@ class DatasetRdfAPI(API):
 class DatasetRdfFormatAPI(API):
     @api.doc("rdf_dataset_format")
     def get(self, dataset, format):
-        if not DatasetEditPermission(dataset).can():
+        if not dataset.permissions["edit"].can():
             if dataset.private:
                 api.abort(404)
             elif dataset.deleted:
@@ -479,7 +495,7 @@ class ResourcesAPI(API):
     @api.marshal_with(resource_fields, code=201)
     def post(self, dataset):
         """Create a new resource for a given dataset"""
-        ResourceEditPermission(dataset).test()
+        dataset.permissions["edit_resources"].test()
         form = api.validate(ResourceFormWithoutId)
         resource = Resource()
 
@@ -487,8 +503,6 @@ class ResourcesAPI(API):
             api.abort(400, "This endpoint only supports remote resources")
         form.populate_obj(resource)
         dataset.add_resource(resource)
-        dataset.last_modified_internal = datetime.utcnow()
-        dataset.save()
         return resource, 201
 
     @api.secure
@@ -497,7 +511,7 @@ class ResourcesAPI(API):
     @api.marshal_list_with(resource_fields)
     def put(self, dataset):
         """Reorder resources"""
-        ResourceEditPermission(dataset).test()
+        dataset.permissions["edit_resources"].test()
         resources = request.json
         if len(dataset.resources) != len(resources):
             api.abort(
@@ -551,12 +565,10 @@ class UploadNewDatasetResource(UploadMixin, API):
     @api.marshal_with(upload_fields, code=201)
     def post(self, dataset):
         """Upload a file for a new dataset resource"""
-        ResourceEditPermission(dataset).test()
+        dataset.permissions["edit_resources"].test()
         infos = self.handle_upload(dataset)
         resource = Resource(**infos)
         dataset.add_resource(resource)
-        dataset.last_modified_internal = datetime.utcnow()
-        dataset.save()
         return resource, 201
 
 
@@ -602,15 +614,13 @@ class UploadDatasetResource(ResourceMixin, UploadMixin, API):
     @api.marshal_with(upload_fields)
     def post(self, dataset, rid):
         """Upload a file related to a given resource on a given dataset"""
-        ResourceEditPermission(dataset).test()
+        dataset.permissions["edit_resources"].test()
         resource = self.get_resource_or_404(dataset, rid)
         fs_filename_to_remove = resource.fs_filename
         infos = self.handle_upload(dataset)
         for k, v in infos.items():
             resource[k] = v
         dataset.update_resource(resource)
-        dataset.last_modified_internal = datetime.utcnow()
-        dataset.save()
         if fs_filename_to_remove is not None:
             storages.resources.delete(fs_filename_to_remove)
         return resource
@@ -631,7 +641,7 @@ class ReuploadCommunityResource(ResourceMixin, UploadMixin, API):
     @api.marshal_with(upload_community_fields)
     def post(self, community):
         """Update the file related to a given community resource"""
-        ResourceEditPermission(community).test()
+        community.permissions["edit"].test()
         fs_filename_to_remove = community.fs_filename
         infos = self.handle_upload(community.dataset)
         community.update(**infos)
@@ -648,7 +658,7 @@ class ResourceAPI(ResourceMixin, API):
     @api.marshal_with(resource_fields)
     def get(self, dataset, rid):
         """Get a resource given its identifier"""
-        if not DatasetEditPermission(dataset).can():
+        if not dataset.permissions["edit"].can():
             if dataset.private:
                 api.abort(404)
             elif dataset.deleted:
@@ -662,7 +672,7 @@ class ResourceAPI(ResourceMixin, API):
     @api.marshal_with(resource_fields)
     def put(self, dataset, rid):
         """Update a given resource on a given dataset"""
-        ResourceEditPermission(dataset).test()
+        dataset.permissions["edit_resources"].test()
         resource = self.get_resource_or_404(dataset, rid)
         form = api.validate(ResourceFormWithoutId, resource)
 
@@ -683,19 +693,15 @@ class ResourceAPI(ResourceMixin, API):
         form.populate_obj(resource)
         resource.last_modified_internal = datetime.utcnow()
         dataset.update_resource(resource)
-        dataset.last_modified_internal = datetime.utcnow()
-        dataset.save()
         return resource
 
     @api.secure
     @api.doc("delete_resource")
     def delete(self, dataset, rid):
         """Delete a given resource on a given dataset"""
-        ResourceEditPermission(dataset).test()
+        dataset.permissions["edit_resources"].test()
         resource = self.get_resource_or_404(dataset, rid)
         dataset.remove_resource(resource)
-        dataset.last_modified_internal = datetime.utcnow()
-        dataset.save()
         return "", 204
 
 
@@ -751,7 +757,7 @@ class CommunityResourceAPI(API):
     @api.marshal_with(community_resource_fields)
     def put(self, community):
         """Update a given community resource"""
-        ResourceEditPermission(community).test()
+        community.permissions["edit"].test()
         form = api.validate(CommunityResourceForm, community)
         if community.filetype == "file":
             form._fields.get("url").data = community.url
@@ -766,7 +772,7 @@ class CommunityResourceAPI(API):
     @api.doc("delete_community_resource")
     def delete(self, community):
         """Delete a given community resource"""
-        ResourceEditPermission(community).test()
+        community.permissions["delete"].test()
         # Deletes community resource's file from file storage
         if community.fs_filename is not None:
             storages.resources.delete(community.fs_filename)

udata/core/dataset/api_fields.py

@@ -220,6 +220,15 @@ dataset_ref_fields = api.inherit(
     },
 )
 
+
+community_resource_permissions_fields = api.model(
+    "DatasetPermissions",
+    {
+        "delete": fields.Permission(),
+        "edit": fields.Permission(),
+    },
+)
+
 community_resource_fields = api.inherit(
     "CommunityResource",
     resource_fields,
@@ -233,6 +242,7 @@ community_resource_fields = api.inherit(
         "owner": fields.Nested(
             user_ref_fields, allow_null=True, description="The user information"
         ),
+        "permissions": fields.Nested(community_resource_permissions_fields),
     },
 )
 
@@ -285,6 +295,7 @@ DEFAULT_MASK = ",".join(
         "internal",
         "contact_points",
         "featured",
+        "permissions",
     )
 )
 
@@ -300,6 +311,15 @@ dataset_internal_fields = api.model(
     },
 )
 
+dataset_permissions_fields = api.model(
+    "DatasetPermissions",
+    {
+        "delete": fields.Permission(),
+        "edit": fields.Permission(),
+        "edit_resources": fields.Permission(),
+    },
+)
+
 dataset_fields = api.model(
     "Dataset",
     {
@@ -401,6 +421,7 @@ dataset_fields = api.model(
         "contact_points": fields.List(
             fields.Nested(contact_point_fields, description="The dataset contact points"),
         ),
+        "permissions": fields.Nested(dataset_permissions_fields),
     },
     mask=DEFAULT_MASK,
 )