23.07

api/scripts/method_specific/POST_api_objects_publish.py

@@ -29,7 +29,16 @@
     any_failed = False
     results = {}
     for publish_object in bulk_request:
-        results = parse_bco(publish_object["contents"], results)
+        try:
+            results = parse_bco(publish_object["contents"], results)
+        except KeyError as error:
+            returning.append(
+                db_utils().messages(parameters={"errors": str(error)})[
+                    "400_non_publishable_object"
+                ]
+            )
+            any_failed = True
+            continue
         object_key = publish_object["contents"]["object_id"]
         if results[object_key]["number_of_errors"] > 0:
             returning.append(
@@ -47,6 +56,7 @@
             if "publish_" + prefix in px_perms:
                 if "object_id" in publish_object:
                     accession = publish_object["object_id"].split("/")[-2]
+                    version = publish_object["object_id"].split("/")[-1]
                     object_num = int(
                         publish_object["object_id"].split("_")[1].split("/")[0]
                     )
@@ -57,9 +67,10 @@
                         + "/"
                         + publish_object["contents"]["provenance_domain"]["version"]
                     )
-                    if BCO.objects.filter(object_id__contains=accession).exists():
+                    if BCO.objects.filter(object_id__contains=accession+'/'+version).exists():
+                        # import pdb; pdb.set_trace()
                         returning.append(
-                            db_utils().messages(parameters={"object_id": accession})[
+                            db_utils().messages(parameters={"object_id": accession+'/'+version})[
                                 "409_object_conflict"
                             ]
                         )
@@ -167,6 +178,6 @@
             any_failed = True
 
     if any_failed:
         return Response(status=status.HTTP_207_MULTI_STATUS, data=returning)
 
     return Response(status=status.HTTP_200_OK, data=returning)

api/scripts/utilities/JsonUtils.py

@@ -78,12 +78,12 @@ def validate(schema, json_object, results):
     return results
 
 
-def parse_bco(bco, results):
+def parse_bco(bco: dict, results: dict):
     """BCO Parsing for Validation
 
     Parameters
     ----------
-    bco : JSON
+    bco : dict
         The BCO JSON to be processed for validation.
     results : dict
         A dictionary to be populated with the BCO validation results

authentication/apis.py

@@ -5,9 +5,11 @@
 from drf_yasg import openapi
 from drf_yasg.utils import swagger_auto_schema
 from rest_framework import status, serializers
+from rest_framework.authtoken.models import Token
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
+from api.scripts.utilities.UserUtils import UserUtils
 from authentication.selectors import check_user_email, get_user_info
 from authentication.services import validate_token, create_bcodb, send_bcodb, validate_auth_service
 from authentication.models import Authentication
@@ -134,27 +136,39 @@ def post(self, request):
         """
         result = validate_auth_service(request.data)
 
-        if result is not 1:
+        if result != 1:
             return Response(status=status.HTTP_400_BAD_REQUEST, data=result)
         try: 
             auth_object = Authentication.objects.get(username=request.user.username)
 
             if request.data in auth_object.auth_service:
-                return Response(status=status.HTTP_409_CONFLICT, data={"message": "That object already exists for this account."})
+                return Response(
+                    status=status.HTTP_409_CONFLICT,
+                    data={"message": "That object already exists for this account."}
+                )
             auth_object.auth_service.append(request.data)
             auth_object.save()
-            return Response(status=status.HTTP_200_OK, data={"message": "Authentication added to existing object"})
+            return Response(
+                status=status.HTTP_200_OK,
+                data={"message": "Authentication added to existing object"}
+            )
 
         except Authentication.DoesNotExist:
             auth_object = Authentication.objects.create(
                 username=request.user,
                 auth_service=[request.data]
                 )
             print('status=status.HTTP_201_CREATED')
-            return Response(status=status.HTTP_201_CREATED, data={"message": "Authentication object added to account"})
+            return Response(
+                status=status.HTTP_201_CREATED,
+                data={"message": "Authentication object added to account"}
+            )
 
         except Exception as err:
-            return Response(status=status.HTTP_400_BAD_REQUEST, data={"message": err})
+            return Response(
+                status=status.HTTP_400_BAD_REQUEST,
+                data={"message": err}
+            )
 
 class RemoveAuthenticationApi(APIView):
     """
@@ -204,12 +218,16 @@ class RemoveAuthenticationApi(APIView):
         },
         tags=["Authentication"],
     )
+
     def post(self, request):
         """"""
+
         result = validate_auth_service(request.data)
-
-        if result is not 1:
-            return Response(status=status.HTTP_400_BAD_REQUEST, data=result)
+        if result != 1:
+            return Response(
+                status=status.HTTP_400_BAD_REQUEST,
+                data=result
+            )
         try:
             auth_object = Authentication.objects.get(username=request.user.username)
         except Authentication.DoesNotExist:
@@ -224,4 +242,49 @@ def post(self, request):
             )
         auth_object.auth_service.remove(request.data)
         auth_object.save()
-        return Response(status=status.HTTP_200_OK, data={"message": "Authentication object removed."})
+        return Response(
+            status=status.HTTP_200_OK,
+            data={"message": "Authentication object removed."}
+        )
+
+class ResetTokenApi(APIView):
+    """Reset Token
+    -----------------------------
+    Resets the user's token and returns the new one.
+    """
+
+    permission_classes = [IsAuthenticated,]
+
+    # schema = openapi.Schema()
+
+    auth = [
+        openapi.Parameter(
+            "Authorization",
+            openapi.IN_HEADER,
+            description="Authorization Token",
+            type=openapi.TYPE_STRING,
+        )
+    ]
+
+    @swagger_auto_schema(
+        manual_parameters=auth,
+        responses={
+            200: "Token reset is successful.",
+            400: "Bad request.",
+        },
+        tags=["Authentication"],
+    )
+
+    def post(self, request):
+        try:
+            token = Token.objects.get(user=request.user)
+            token.delete()
+            Token.objects.create(user=request.user)            
+            return Response(
+                status=status.HTTP_200_OK,
+                data=UserUtils().get_user_info(username=request.user)
+            )
+
+        except Exception as error:
+            return Response(status=status.HTTP_400_BAD_REQUEST, data={"message": f"{error}"})
+

authentication/services.py

@@ -39,10 +39,12 @@ def authenticate(self, request):
                     user = authenticate_orcid(unverified_payload, token)
                 if unverified_payload['iss'] == 'accounts.google.com':
                     user = authenticate_google(token)
-                if unverified_payload['iss'] in ['http://localhost:8080', 'https://test.portal.biochemistry.gwu.edu/', 'https://biocomputeobject.org/']:
+                if unverified_payload['iss'] in ['http://localhost:8080', 'https://test.portal.biochemistry.gwu.edu', 'https://biocomputeobject.org']:
                     user = authenticate_portal(unverified_payload, token)
-
-                return (user, token)
+                try:
+                    return (user, token)
+                except UnboundLocalError as exp:
+                    raise exceptions.AuthenticationFailed("Authentication failed. Token issuer not found. Please contact the site admin")
 
             if type == 'Token' or type == 'TOKEN':
                 pass

authentication/urls.py

@@ -1,10 +1,11 @@
 # authentication/urls.py
 
 from django.urls import path
-from authentication.apis import RegisterBcodbAPI, AddAuthenticationApi, RemoveAuthenticationApi
+from authentication.apis import RegisterBcodbAPI, AddAuthenticationApi, RemoveAuthenticationApi, ResetTokenApi
 
 urlpatterns = [
     path("auth/register/", RegisterBcodbAPI.as_view()),
     path("auth/add/", AddAuthenticationApi.as_view()),
-    path("auth/remove/", RemoveAuthenticationApi.as_view())
+    path("auth/remove/", RemoveAuthenticationApi.as_view()),
+    path("auth/reset_token/", ResetTokenApi.as_view())
 ]