Working on adding new user to the database

conda-incubator · peytondmurray · Oct 28, 2024 · Nov 2, 2024 · Nov 2, 2024 · Nov 5, 2024
commit 26060e1c84522b04c7914abefeaf194fac9df5c1
diff --git a/conda-store-server/conda_store_server/_internal/orm.py b/conda-store-server/conda_store_server/_internal/orm.py
@@ -828,16 +828,6 @@ class Role(Base):
     name = Column(Enum(schema.Role), default=schema.BuildStatus.QUEUED)
 
 
-class User(Base):
-    """User which contains permissions to namespaces and environments."""
-
-    __tablename__ = "user"
-
-    id = Column(Integer, primary_key=True)
-    name = Column(Unicode, unique=True)
-    permissions = relationship("UserPermission", back_populates="user")
-
-
 class UserPermission(Base):
     """The permissions a User has for an namespace/environment.
 
@@ -850,7 +840,17 @@ class UserPermission(Base):
     __tablename__ = "userpermission"
 
     id = Column(Integer, primary_key=True)
-    user_id = ForeignKey("user.id")
-    namespace_id = ForeignKey("namespace.id")
+    namespace_id = Column(Integer, ForeignKey("namespace.id"))
     role_id = Column(Integer, ForeignKey("role.id"))
     role = relationship(Role)
+
+
+class User(Base):
+    """User which contains permissions to namespaces and environments."""
+
+    __tablename__ = "user"
+
+    id = Column(Integer, primary_key=True)
+    name = Column(Unicode, unique=True)
+    permissions = relationship(UserPermission)
+    permissions_id = Column(Integer, ForeignKey('userpermission.id'))
diff --git a/conda-store-server/conda_store_server/_internal/schema.py b/conda-store-server/conda_store_server/_internal/schema.py
@@ -830,8 +830,3 @@ class APIPutSetting(APIResponse):
 # GET /api/v1/usage/
 class APIGetUsage(APIResponse):
     data: Dict[str, Dict[str, Any]]
-
-
-# PUT /api/v1/user/
-class APIPutUser(APIAckResponse):
-    pass
diff --git a/conda-store-server/conda_store_server/_internal/server/views/api.py b/conda-store-server/conda_store_server/_internal/server/views/api.py
@@ -248,6 +248,10 @@ async def api_post_token(
             detail="Requested expiration of token is greater than current permissions",
         )
 
+
+    with conda_store.get_db() as db:
+
+
     return {
         "status": "ok",
         "data": {"token": auth.authentication.encrypt_token(new_entity)},
@@ -1486,14 +1490,3 @@ async def api_put_settings(
             "data": None,
             "message": f"global setting keys {list(data.keys())} updated",
         }
-
-
-@router_api.put(
-    "/user/",
-    response_model=schema.APIPutUser,
-)
-async def api_put_user(
-    request: Request,
-    auth: Authentication = Depends(dependencies.get_auth),
-):
-    auth.authenticate_request(request)
diff --git a/conda-store-server/conda_store_server/api.py b/conda-store-server/conda_store_server/api.py
@@ -4,7 +4,8 @@
 from __future__ import annotations
 
 import re
-from typing import Any, Dict, List, Union
+import uuid
+from typing import Any, Dict, List, Optional, Union
 
 from sqlalchemy import distinct, func, null, or_
 from sqlalchemy.orm import Query, aliased, session
@@ -823,3 +824,20 @@ def set_kvstore_key_values(db, prefix: str, d: Dict[str, Any], update: bool = Tr
         elif update:
             record.value = value
             db.commit()
+
+
+def set_new_user(
+    db: session.Session,
+    token: schema.AuthenticationToken,
+    username: Optional[str] = None,
+):
+    # Parse the token into a set of namespace/environment permissions
+    user_permissions = []
+
+    # Add the user with the given permissions
+    db.add(
+        orm.User(
+            name=username if username else uuid.uuid4(),
+            permissions=user_permissions,
+        )
+    )
diff --git a/conda-store-server/conda_store_server/server/auth.py b/conda-store-server/conda_store_server/server/auth.py
@@ -572,7 +572,29 @@ def post_logout_method(self, request: Request, next: Optional[str] = None):
         response.set_cookie(self.cookie_name, "", domain=self.cookie_domain, expires=0)
         return response
 
-    def authenticate_request(self, request: Request, require=False):
+    def authenticate_request(
+        self,
+        request: Request,
+        require: bool = False
+    ) -> Optional[schema.AuthenticationToken]:
+        """Authenticate a request.
+
+        Parameters
+        ----------
+        request : Request
+            Web request to authenticate
+        require : bool
+            Require that there be a token in either the request's 'Authorization'
+            header or in the request cookies. If such a token exists, it must be able to
+            be decrypted or parsed as a valid schema.AuthenticationToken; if no token
+            exists or the token isn't valid, a 401 will be returned if this argument is
+            True.
+
+        Returns
+        -------
+        Optional[schema.AuthenticationToken]
+            User authentication token (if present), else None
+        """
         if hasattr(request.state, "entity"):
             pass  # only authenticate once
         elif request.cookies.get(self.cookie_name):