Merge pull request #1712 from PnX-SI/hotfixes

Release 2.9.2
PnX-SI · Feb 15, 2022 · d20ff21 · d20ff21
2 parents 7af2c82 + 91c22cd
commit d20ff21
Show file tree

Hide file tree

Showing 13 changed files with 828 additions and 89 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-2.9.1
+2.9.2
diff --git a/backend/geonature/app.py b/backend/geonature/app.py
@@ -149,6 +149,7 @@ def load_current_user():
                 ('geonature.core.auth.routes:routes', '/gn_auth'),
                 ('geonature.core.gn_monitoring.routes:routes', '/gn_monitoring'),
                 ('geonature.core.gn_profiles.routes:routes', '/gn_profiles'),
+                ('geonature.core.sensitivity.routes:routes', None),
             ]:
         module_name, blueprint_name = blueprint_path.split(':')
         blueprint = getattr(import_module(module_name), blueprint_name)

diff --git a/backend/geonature/core/auth/routes.py b/backend/geonature/core/auth/routes.py
@@ -3,8 +3,6 @@
 """
 
 import datetime
-from pypnusershub.db.models import User
-from pypnusershub.schemas import UserSchema
 import xmltodict
 import logging
 from copy import copy
@@ -24,9 +22,11 @@
 from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
 from utils_flask_sqla.response import json_resp
 
+from pypnusershub.db.models import User, Organisme
 from pypnusershub.routes import insert_or_update_organism, insert_or_update_role
 from geonature.utils import utilsrequests
 from geonature.utils.errors import CasAuthentificationError
+from geonature.utils.env import db
 
 
 routes = Blueprint("gn_auth", __name__, template_folder="templates")
@@ -69,10 +69,9 @@ def loginCas():
                 raise CasAuthentificationError(
                     "Error with the inpn authentification service", status_code=500
                 )
-
             info_user = response.json()
-            organism_id = info_user["codeOrganisme"]
             user = insert_user_and_org(info_user)
+            db.session.commit()
 
             # creation de la Response
             response = make_response(redirect(current_app.config["URL_APPLICATION"]))
@@ -85,10 +84,18 @@ def loginCas():
             response.set_cookie("token", token, expires=cookie_exp)
 
             # User cookie
+            organism_id = info_user["codeOrganisme"]
+            if not organism_id:
+                organism_id = (
+                    Organisme.query
+                    .filter_by(nom_organisme='Autre')
+                    .one()
+                    .id_organisme
+                )
             current_user = {
                 "user_login": user["identifiant"],
                 "id_role": user["id_role"],
-                "id_organisme": organism_id if organism_id else -1,
+                "id_organisme": organism_id,
             }
             response.set_cookie("current_user", str(current_user), expires=cookie_exp)
             return response
@@ -153,31 +160,24 @@ def insert_user_and_org(info_user):
     if organism_id:
         organism = {"id_organisme": organism_id, "nom_organisme": organism_name}
         insert_or_update_organism(organism)
-    if not current_app.config["CAS"]["USERS_CAN_SEE_ORGANISM_DATA"] or organism_id is None:
-        # group socle 1
-        group_id = current_app.config["BDD"]["ID_USER_SOCLE_1"]
-    else:
-        # group socle 2
-        group_id = current_app.config["BDD"]["ID_USER_SOCLE_2"]
-
-    group = User.query.get(group_id)
-    group_as_dict = UserSchema(exclude=["nom_complet"]).dump(group)
-    user = {
+    user_info = {
         "id_role": user_id,
         "identifiant": user_login,
         "nom_role": info_user["nom"],
         "prenom_role": info_user["prenom"],
         "id_organisme": organism_id,
         "email": info_user["email"],
         "active": True,
-        "groups": [group_as_dict]
     }
-    try:
-        insert_or_update_role(user)
-    except Exception as e:
-        log.info(e)
-        log.error(e)
-        raise CasAuthentificationError(
-            "Error insering user in GeoNature", status_code=500
-        )
-    return user
+    user_info = insert_or_update_role(user_info)
+    user = User.query.get(user_id)
+    if not user.groups:
+        if not current_app.config["CAS"]["USERS_CAN_SEE_ORGANISM_DATA"] or organism_id is None:
+            # group socle 1
+            group_id = current_app.config["BDD"]["ID_USER_SOCLE_1"]
+        else:
+            # group socle 2
+            group_id = current_app.config["BDD"]["ID_USER_SOCLE_2"]
+        group = User.query.get(group_id)
+        user.groups.append(group)
+    return user_info
diff --git a/backend/geonature/core/sensitivity/routes.py b/backend/geonature/core/sensitivity/routes.py
@@ -0,0 +1,14 @@
+import click
+from flask import Blueprint, current_app
+
+from geonature.utils.env import db
+
+
+routes = Blueprint("sensitivity", __name__)
+
+
+@routes.cli.command()
+def update_synthese():
+    count = db.session.execute("SELECT gn_synthese.update_sensitivity()").scalar()
+    db.session.commit()
+    click.echo(f"Sensitivity updated for {count} rows")
diff --git a/backend/geonature/core/users/routes.py b/backend/geonature/core/users/routes.py
@@ -35,6 +35,22 @@
 s = requests.Session()
 
 
+user_fields = {
+    'id_role',
+    'identifiant',
+    'nom_role',
+    'prenom_role',
+    'nom_complet',
+    'id_organisme',
+    'groupe',
+    'active',
+}
+organism_fields = {
+    'id_organisme',
+    'uuid_organisme',
+    'nom_organisme',
+}
+
 # configuration of post_request actions for registrations
 REGISTER_POST_ACTION_FCT.update({
     "create_temp_user": validate_temp_user,
@@ -103,6 +119,7 @@ def getListes():
 
 
 @routes.route("/role/<int:id_role>", methods=["GET"])
+@permissions.login_required
 @json_resp
 def get_role(id_role):
     """
@@ -113,12 +130,13 @@ def get_role(id_role):
     :param id_role: the id user
     :type id_role: int
     """
-    user = DB.session.query(User).filter_by(id_role=id_role).one()
-    return user.as_dict()
+    user = User.query.get_or_404(id_role)
+    return user.as_dict(fields=user_fields)
 
 
 
 @routes.route("/roles", methods=["GET"])
+@permissions.login_required
 @json_resp
 def get_roles():
     """
@@ -127,7 +145,7 @@ def get_roles():
     .. :quickref: User;
     """
     params = request.args.to_dict()
-    q = DB.session.query(User)
+    q = User.query
     if "group" in params:
         q = q.filter(User.groupe == params["group"])
     if "orderby" in params:
@@ -136,10 +154,11 @@ def get_roles():
             q = q.order_by(order_col)
         except AttributeError:
             log.error("the attribute to order on does not exist")
-    return [user.as_dict() for user in q.all()]
+    return [user.as_dict(fields=user_fields) for user in q.all()]
 
 
 @routes.route("/organisms", methods=["GET"])
+@permissions.login_required
 @json_resp
 def get_organismes():
     """
@@ -148,20 +167,20 @@ def get_organismes():
         .. :quickref: User;
     """
     params = request.args.to_dict()
-    q = DB.session.query(BibOrganismes)
+    q = BibOrganismes.query
     if "orderby" in params:
         try:
             order_col = getattr(BibOrganismes.__table__.columns, params.pop("orderby"))
             q = q.order_by(order_col)
         except AttributeError:
             log.error("the attribute to order on does not exist")
-    return [organism.as_dict() for organism in q.all()]
+    return [organism.as_dict(fields=organism_fields) for organism in q.all()]
 
 
 @routes.route("/organisms_dataset_actor", methods=["GET"])
-@permissions.check_cruved_scope("R", True)
+@permissions.login_required
 @json_resp
-def get_organismes_jdd(info_role):
+def get_organismes_jdd():
     """
     Get all organisms and the JDD where there are actor and where
     the current user hase autorization with its cruved
@@ -183,7 +202,7 @@ def get_organismes_jdd(info_role):
             q = q.order_by(order_col)
         except AttributeError:
             log.error("the attribute to order on does not exist")
-    return [organism.as_dict() for organism in q.all()]
+    return [organism.as_dict(fields=organism_fields) for organism in q.all()]
 
 
 #########################

diff --git a/backend/geonature/migrations/versions/61e46813d621_update_synthese_sensitivity.py b/backend/geonature/migrations/versions/61e46813d621_update_synthese_sensitivity.py
@@ -0,0 +1,69 @@
+"""Update synthese sensitivity
+
+Revision ID: 61e46813d621
+Revises: dde31e76ce45
+Create Date: 2022-02-15 15:23:08.732729
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '61e46813d621'
+down_revision = 'dde31e76ce45'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    op.execute("""
+    CREATE OR REPLACE FUNCTION gn_synthese.update_sensitivity()
+        RETURNS int4
+        LANGUAGE plpgsql
+    AS $function$
+        DECLARE
+            affected_rows_count int;
+        BEGIN
+            WITH cte AS (
+                SELECT 
+                    id_synthese,
+                    id_nomenclature_sensitivity AS old_sensitivity,
+                    gn_sensitivity.get_id_nomenclature_sensitivity(
+                      date_min::date,
+                      taxonomie.find_cdref(cd_nom),
+                      the_geom_local,
+                      jsonb_build_object(
+                        'STATUT_BIO', id_nomenclature_bio_status,
+                        'OCC_COMPORTEMENT', id_nomenclature_behaviour
+                      )
+                    ) AS new_sensitivity
+                FROM
+                    gn_synthese.synthese
+                WHERE
+                    id_nomenclature_sensitivity != ref_nomenclatures.get_id_nomenclature('SENSIBILITE', '0') -- non sensible
+                OR
+                    taxonomie.find_cdref(cd_nom) IN (SELECT DISTINCT cd_ref FROM gn_sensitivity.t_sensitivity_rules_cd_ref)
+            )
+            UPDATE
+                gn_synthese.synthese s
+            SET
+                id_nomenclature_sensitivity = new_sensitivity
+            FROM
+                cte
+            WHERE
+                    s.id_synthese = cte.id_synthese
+                AND
+                    old_sensitivity != new_sensitivity;
+            GET DIAGNOSTICS affected_rows_count = ROW_COUNT;
+            RETURN affected_rows_count;
+        END;
+    $function$
+    ;
+    """)
+
+
+def downgrade():
+    op.execute("""
+    DROP FUNCTION gn_synthese.update_sensitivity;
+    """)