Conversation
|
How would the team feel about my deprecating |
|
The leading underscore indicates that symbol is private to the implementation. If that's the case, no objections here. |
|
Then again, if it's an implementation detail, then we don't have to deprecate it. We can just remove it. |
|
Ready for review. |
|
Spotted this in the type checking workflow. |
korydraughn
left a comment
korydraughn
left a comment
There was a problem hiding this comment.
Looking good so far.
irods/access.py
Outdated
| def __lt__(self, other): | ||
| return ( | ||
| self.access_name < other.access_name | ||
| and self.user_name < other.user_name | ||
| and self.user_zone < other.user_zone | ||
| ) and iRODSPath(self.path) < iRODSPath(other.path) |
There was a problem hiding this comment.
How does this affect the Access class?
Do users need to know about this?
There was a problem hiding this comment.
Thanks for drawing my attention to it, as it was improperly defined.
Yes, it maybe should have a comment at least.
It mainly just gives the class a defined sorting order. Now, if someone attempts pretty-printing a mixed list of these items, they'll get something the eye is somewhat able to follow, although I guess if the two formats were more consistent and the permissions were in order it could be better.... Currently though , you can see they are sortable and end up alphabetical by permission, with the path being last in sort order and not significant for items not having a 'path' member.
>>> from pprint import pp; from irods.access import iRODSAccess,ACLOperation
>>> pp(sorted([ACLOperation('read_metadata','dan'),iRODSAccess('read_metadata','/t','bob'),ACLOperation('read','alice'),
iRODSAccess('write','/t','alice'),ACLOperation('own','rods')]))
[<ACLOperation: access_name='own' user_name='rods' user_zone=''>,
<ACLOperation: access_name='read' user_name='alice' user_zone=''>,
<iRODSAccess read_metadata /t bob >,
<ACLOperation: access_name='read_metadata' user_name='dan' user_zone=''>,
<iRODSAccess write /t alice >]
| return hash((self.access_name, iRODSPath(self.path), self.user_name, self.user_zone)) | ||
|
|
||
| def copy(self, decanonicalize=False): | ||
| def copy(self, decanonicalize=False, implied_zone=''): |
There was a problem hiding this comment.
What is implied_zone?
Do we expect users of the PRC to ever use this parameter?
There was a problem hiding this comment.
It's useful for comparison purposes if you can tell __eq__ that a null length zone field implies the current zone name.
| return f"<iRODSAccess {access_name} {self.path} {self.user_name}{user_type_hint} {self.user_zone}>" | ||
|
|
||
|
|
||
| class ACLOperation(iRODSAccess): |
There was a problem hiding this comment.
What is the reason behind inheriting from iRODSAccess?
Are there benefits to tying these types together?
There was a problem hiding this comment.
The benefits are basically that we can test equality and therefore in operator should work when mixing types up and down the inheritance hierarchy. So:
ACLOperation('own','bob') in [iRODSAccess('own','/my/object/path','bob')]
is True. This is leveraged in the test to affirm that the ACLOperations just atomically set are included in the list of iRODSAccess objects returned by session.acls.get.
I think the only other benefit is code reuse.
irods/test/access_test.py
Outdated
| user2 = ses.users.create("rod_serling_505#twilight", "rodsuser") | ||
| user3 = ses.users.create("local_test_user_505", "rodsuser") | ||
| group = ses.groups.create("test_group_505") | ||
| ses.acls._call_atomic_acl_api( |
There was a problem hiding this comment.
Is _call_atomic_acl_api a temporary thing?
I ask because of the leading underscore and use of call.
There was a problem hiding this comment.
It seems like this is more or less based on the design for applying atomic metadata. Is that right?
That would make the _call_atomic_acl_api method make sense. Why is there no user-facing method, though? For atomic metadata, we have _call_atomic_metadata_api, but there is also apply_atomic_operations for client consumption. Shouldn't there be an apply_atomic_operations for the AccessManager in order for this to be analogous to the MetadataManager?
There was a problem hiding this comment.
You are right. I think just a rename will be enough, so _call_atomic_metadata_api should become apply_atomic_operations.
There was a problem hiding this comment.
atomic_apply_acl_operations so that it aligns with the API name?
There was a problem hiding this comment.
that's fine. a little bit redundant maybe since it'll be called as:
session.acls.atomic_apply_acl_operationsbut I think that's ok.
| a4:=ACLOperation("read", group.name), | ||
| ) | ||
|
|
||
| normalize = lambda access: access.copy(decanonicalize=True, implied_zone=ses.zone) |
There was a problem hiding this comment.
What does this line do?
There was a problem hiding this comment.
This is used to "flatten" iRODSAccess and ACLOperations to render common values into the appropriate fields to satisfy eq , ie. allow them to be "de facto equal" for test's purposes when they should be considered equivalent. THus we can effectively satisfy, for instance:
normalize( iRODSAccess('read', '/some/path','bob') )== normalize( ACLOperation('read_object','bob','tempZone'))
Co-authored-by: Kory Draughn <korydraughn@ymail.com>
irods/test/access_test.py
Outdated
| user2 = ses.users.create("rod_serling_505#twilight", "rodsuser") | ||
| user3 = ses.users.create("local_test_user_505", "rodsuser") | ||
| group = ses.groups.create("test_group_505") | ||
| ses.acls._call_atomic_acl_api( |
There was a problem hiding this comment.
It seems like this is more or less based on the design for applying atomic metadata. Is that right?
That would make the _call_atomic_acl_api method make sense. Why is there no user-facing method, though? For atomic metadata, we have _call_atomic_metadata_api, but there is also apply_atomic_operations for client consumption. Shouldn't there be an apply_atomic_operations for the AccessManager in order for this to be analogous to the MetadataManager?
irods/access.py
Outdated
| def __lt__(self, other): | ||
| return ( | ||
| self.access_name < other.access_name | ||
| and self.user_name < other.user_name | ||
| and self.user_zone < other.user_zone | ||
| ) and iRODSPath(self.path) < iRODSPath(other.path) |
There was a problem hiding this comment.
Thanks for drawing my attention to it, as it was improperly defined.
Yes, it maybe should have a comment at least.
It mainly just gives the class a defined sorting order. Now, if someone attempts pretty-printing a mixed list of these items, they'll get something the eye is somewhat able to follow, although I guess if the two formats were more consistent and the permissions were in order it could be better.... Currently though , you can see they are sortable and end up alphabetical by permission, with the path being last in sort order and not significant for items not having a 'path' member.
>>> from pprint import pp; from irods.access import iRODSAccess,ACLOperation
>>> pp(sorted([ACLOperation('read_metadata','dan'),iRODSAccess('read_metadata','/t','bob'),ACLOperation('read','alice'),
iRODSAccess('write','/t','alice'),ACLOperation('own','rods')]))
[<ACLOperation: access_name='own' user_name='rods' user_zone=''>,
<ACLOperation: access_name='read' user_name='alice' user_zone=''>,
<iRODSAccess read_metadata /t bob >,
<ACLOperation: access_name='read_metadata' user_name='dan' user_zone=''>,
<iRODSAccess write /t alice >]
3 participants
No test yet, will undraft when I have one.
Exercised now with this script: