Merge remote-tracking branch 'origin/main' into notebook_entities_v2

* origin/main:
  Add update endpoints for service admins (#355)
  Add read endpoints for service admins (#354)
  Validate types in SimulationExecutionFilter and ElectricalRecordingStimulusFilter (#369)

Author: GianlucaFicarelli

app/db/utils.py

@@ -76,8 +76,10 @@ def load_db_model_from_pydantic[I: DeclarativeBase](
     created_by_id: uuid.UUID | None,
     updated_by_id: uuid.UUID | None,
     ignore_attributes: set[str] | None = None,
+    *,
+    exclude_defaults: bool = False,
 ) -> I:
-    data = json_model.model_dump(by_alias=True)
+    data = json_model.model_dump(by_alias=True, exclude_defaults=exclude_defaults)
 
     if created_by_id or updated_by_id:
         data["created_by_id"] = created_by_id

app/filters/electrical_recording_stimulus.py

@@ -2,6 +2,7 @@
 from typing import Annotated
 
 from app.db.model import ElectricalRecordingStimulus
+from app.db.types import ElectricalRecordingStimulusShape, ElectricalRecordingStimulusType
 from app.dependencies.filter import FilterDepends
 from app.filters.base import CustomFilter
 from app.filters.common import (
@@ -13,8 +14,8 @@
 class ElectricalRecordingStimulusFilter(EntityFilterMixin, NameFilterMixin, CustomFilter):
     order_by: list[str] = ["-creation_date"]  # noqa: RUF012
 
-    shape: str | None = None
-    injection_type: str | None = None
+    shape: ElectricalRecordingStimulusShape | None = None
+    injection_type: ElectricalRecordingStimulusType | None = None
 
     recording_id: uuid.UUID | None = None
     recording_id__in: list[uuid.UUID] | None = None

app/filters/simulation_execution.py

@@ -1,6 +1,7 @@
 from typing import Annotated
 
 from app.db.model import SimulationExecution
+from app.db.types import SimulationExecutionStatus
 from app.dependencies.filter import FilterDepends
 from app.filters.activity import ActivityFilterMixin
 from app.filters.base import CustomFilter
@@ -9,7 +10,7 @@
 class SimulationExecutionFilter(CustomFilter, ActivityFilterMixin):
     order_by: list[str] = ["-creation_date"]  # noqa: RUF012
 
-    status: str | None = None
+    status: SimulationExecutionStatus | None = None
 
     class Constants(CustomFilter.Constants):
         model = SimulationExecution

app/queries/common.py

@@ -31,6 +31,7 @@
 from app.schemas.activity import ActivityCreate, ActivityUpdate
 from app.schemas.auth import UserContext, UserContextWithProjectId, UserProfile
 from app.schemas.types import ListResponse, PaginationResponse
+from app.schemas.utils import NOT_SET
 from app.utils.uuid import create_uuid
 
 
@@ -354,15 +355,17 @@ def router_update_one[T: BaseModel, I: Identifiable](
     id_: uuid.UUID,
     db: Session,
     db_model_class: type[I],
-    user_context: UserContext,
+    user_context: UserContext | None,
     json_model: BaseModel,
     response_schema_class: type[T],
     apply_operations: ApplyOperations | None = None,
 ):
     query = (
         sa.select(db_model_class).where(db_model_class.id == id_).with_for_update(of=db_model_class)
     )
-    if id_model_class := get_declaring_class(db_model_class, "authorized_project_id"):
+    if user_context and (
+        id_model_class := get_declaring_class(db_model_class, "authorized_project_id")
+    ):
         query = constrain_to_private_entities(query, user_context, db_model_class=id_model_class)
     if apply_operations:
         query = apply_operations(query)
@@ -427,13 +430,15 @@ def router_update_activity_one[T: BaseModel, I: Activity](
     id_: uuid.UUID,
     db: Session,
     db_model_class: type[I],
-    user_context: UserContext | UserContextWithProjectId,
+    user_context: UserContext | UserContextWithProjectId | None,
     json_model: ActivityUpdate,
     response_schema_class: type[T],
     apply_operations: ApplyOperations | None = None,
 ) -> T:
     query = sa.select(db_model_class).where(db_model_class.id == id_)
-    if id_model_class := get_declaring_class(db_model_class, "authorized_project_id"):
+    if user_context and (
+        id_model_class := get_declaring_class(db_model_class, "authorized_project_id")
+    ):
         query = constrain_to_accessible_entities(
             query, user_context.project_id, db_model_class=id_model_class
         )
@@ -446,21 +451,24 @@ def router_update_activity_one[T: BaseModel, I: Activity](
     update_data = json_model.model_dump(
         exclude_unset=True,
         exclude_none=True,
-        exclude_defaults=True,
         exclude={"used_ids", "generated_ids"},
+        exclude_defaults=True,  # ignore NOT_SET default values
     )
 
     for key, value in update_data.items():
         setattr(obj, key, value)
 
-    if generated_ids := json_model.generated_ids:
+    # ignore NOT_SET values
+    generated_ids = json_model.generated_ids if json_model.generated_ids != NOT_SET else []
+
+    if generated_ids:
         if obj.generated:
             raise HTTPException(
                 status_code=404,
                 detail="It is forbidden to update generated_ids if they exist.",
             )
 
-        if (
+        if user_context and (
             unaccessible_entities := db.execute(
                 select_unauthorized_entities(generated_ids, user_context.project_id)
             )

app/repository/asset.py

@@ -18,6 +18,8 @@ def get_entity_asset(
         entity_type: EntityType,
         entity_id: uuid.UUID,
         asset_id: uuid.UUID,
+        *,
+        include_deleted: bool = False,
     ) -> Asset:
         """Return a single asset, or raise an error."""
         query = (
@@ -26,10 +28,13 @@ def get_entity_asset(
             .where(
                 Asset.entity_id == entity_id,
                 Asset.id == asset_id,
-                Asset.status != AssetStatus.DELETED,
                 Entity.type == entity_type.name,
             )
         )
+        # See: https://github.com/openbraininstitute/entitycore/issues/358
+        if not include_deleted:
+            query = query.where(Asset.status != AssetStatus.DELETED)
+
         return self.db.execute(query).scalar_one()
 
     def create_entity_asset(self, entity_id: uuid.UUID, asset: AssetCreate) -> Asset:

app/routers/admin.py

@@ -3,13 +3,16 @@
 from fastapi import APIRouter
 
 from app.db.utils import RESOURCE_TYPE_TO_CLASS
+from app.dependencies.common import PaginationQuery
 from app.dependencies.db import RepoGroupDep, SessionDep
 from app.dependencies.s3 import StorageClientFactoryDep
+from app.filters.asset import AssetFilterDep
 from app.queries.common import router_delete_one
 from app.schemas.asset import (
     AssetRead,
 )
-from app.service import asset as asset_service
+from app.schemas.types import ListResponse
+from app.service import admin as admin_service, asset as asset_service
 from app.utils.routers import EntityRoute, ResourceRoute, entity_route_to_type, route_to_type
 
 router = APIRouter(
@@ -33,6 +36,39 @@ def delete_one(
     )
 
 
+@router.get("/{entity_route}/{entity_id}/assets/{asset_id}")
+def get_entity_asset(
+    repos: RepoGroupDep,
+    entity_route: EntityRoute,
+    entity_id: uuid.UUID,
+    asset_id: uuid.UUID,
+) -> AssetRead:
+    """Return an asset associated with a specific entity."""
+    return admin_service.get_entity_asset(
+        repos=repos,
+        entity_type=entity_route_to_type(entity_route),
+        entity_id=entity_id,
+        asset_id=asset_id,
+    )
+
+
+@router.get("/{entity_route}/{entity_id}/assets")
+def get_entity_assets(
+    repos: RepoGroupDep,
+    entity_route: EntityRoute,
+    entity_id: uuid.UUID,
+    pagination_request: PaginationQuery,
+    filter_model: AssetFilterDep,
+) -> ListResponse[AssetRead]:
+    return admin_service.get_entity_assets(
+        repos=repos,
+        entity_route=entity_route,
+        entity_id=entity_id,
+        pagination_request=pagination_request,
+        filter_model=filter_model,
+    )
+
+
 @router.delete("/{entity_route}/{entity_id}/assets/{asset_id}")
 def delete_entity_asset(
     repos: RepoGroupDep,

app/routers/brain_atlas.py

@@ -1,10 +1,13 @@
 from fastapi import APIRouter
 
 import app.service.brain_atlas
+from app.routers.admin import router as admin_router
+
+ROUTE = "brain-atlas"
 
 router = APIRouter(
-    prefix="/brain-atlas",
-    tags=["brain-atlas"],
+    prefix=f"/{ROUTE}",
+    tags=[ROUTE],
 )
 
 read_many = router.get("")(app.service.brain_atlas.read_many)
@@ -13,3 +16,5 @@
 read_one_region = router.get("/{atlas_id}/regions/{atlas_region_id}")(
     app.service.brain_atlas.read_one_region
 )
+
+admin_read_one = admin_router.get(f"/{ROUTE}/{{atlas_id}}")(app.service.brain_atlas.admin_read_one)

app/routers/brain_region.py

@@ -1,11 +1,21 @@
 from fastapi import APIRouter
 
 import app.service.brain_region
+from app.routers.admin import router as admin_router
+
+ROUTE = "brain-region"
 
 router = APIRouter(
-    prefix="/brain-region",
-    tags=["brain-region"],
+    prefix=f"/{ROUTE}",
+    tags=[ROUTE],
 )
 
 read_many = router.get("")(app.service.brain_region.read_many)
 read_one = router.get("/{id_}")(app.service.brain_region.read_one)
+create_one = router.post("")(app.service.brain_region.create_one)
+update_one = router.patch("/{id_}")(app.service.brain_region.update_one)
+
+admin_read_one = admin_router.get(f"/{ROUTE}/{{id_}}")(app.service.brain_region.admin_read_one)
+admin_update_one = admin_router.patch(f"/{ROUTE}/{{id_}}")(
+    app.service.brain_region.admin_update_one
+)

app/routers/calibration.py

@@ -1,14 +1,20 @@
 from fastapi import APIRouter
 
 import app.service.calibration
+from app.routers.admin import router as admin_router
+
+ROUTE = "calibration"
 
 router = APIRouter(
-    prefix="/calibration",
-    tags=["calibration"],
+    prefix=f"/{ROUTE}",
+    tags=[ROUTE],
 )
 
 read_many = router.get("")(app.service.calibration.read_many)
 read_one = router.get("/{id_}")(app.service.calibration.read_one)
 create_one = router.post("")(app.service.calibration.create_one)
 delete_one = router.delete("/{id_}")(app.service.calibration.delete_one)
 update_one = router.patch("/{id_}")(app.service.calibration.update_one)
+
+admin_read_one = admin_router.get(f"/{ROUTE}/{{id_}}")(app.service.calibration.admin_read_one)
+admin_update_one = admin_router.patch(f"/{ROUTE}/{{id_}}")(app.service.calibration.admin_update_one)

app/routers/cell_composition.py

@@ -1,11 +1,16 @@
 from fastapi import APIRouter
 
 import app.service.cell_composition
+from app.routers.admin import router as admin_router
+
+ROUTE = "cell-composition"
 
 router = APIRouter(
-    prefix="/cell-composition",
-    tags=["cell-composition"],
+    prefix=f"/{ROUTE}",
+    tags=[ROUTE],
 )
 
 read_one = router.get("/{id_}")(app.service.cell_composition.read_one)
 read_many = router.get("")(app.service.cell_composition.read_many)
+
+admin_read_one = admin_router.get(f"/{ROUTE}/{{id_}}")(app.service.cell_composition.admin_read_one)