Merge remote-tracking branch 'upstream/master' into pr-osparc-reroute…

…-get-project-inactivity

.codecov.yml

@@ -10,10 +10,10 @@ flag_management:
     statuses:
     - type: project
       target: auto
-      threshold: 1%
+      threshold: 5%
     - type: patch
       target: auto
-      threshold: 1%
+      threshold: 5%
 
 
 component_management:
@@ -22,7 +22,7 @@ component_management:
     statuses:
       - type: project
         target: auto
-        threshold: 1%
+        threshold: 5%
         branches:
           - "!master"
   individual_components:
@@ -116,12 +116,12 @@ coverage:
     project:
       default:
         informational: true
-        threshold: 1%
+        threshold: 5%
 
     patch:
       default:
         informational: true
-        threshold: 1%
+        threshold: 5%
 
 comment:
   layout: "header,diff,flags,components,footer"

.github/workflows/ci-testing-deploy.yml

@@ -772,7 +772,7 @@ jobs:
         if: ${{ !cancelled() }}
         run: ./ci/github/unit-testing/catalog.bash test
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -879,7 +879,7 @@ jobs:
         if: ${{ !cancelled() }}
         run: ./ci/github/unit-testing/datcore-adapter.bash test
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -930,7 +930,7 @@ jobs:
         if: ${{ !cancelled() }}
         run: ./ci/github/unit-testing/director.bash test
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -981,7 +981,7 @@ jobs:
         if: ${{ !cancelled() }}
         run: ./ci/github/unit-testing/director-v2.bash test
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -1910,7 +1910,7 @@ jobs:
       - name: test
         run: ./ci/github/integration-testing/webserver.bash test 01
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -1974,7 +1974,7 @@ jobs:
       - name: test
         run: ./ci/github/integration-testing/webserver.bash test 02
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -2038,7 +2038,7 @@ jobs:
       - name: test
         run: ./ci/github/integration-testing/director-v2.bash test 01
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -2111,7 +2111,7 @@ jobs:
       - name: test
         run: ./ci/github/integration-testing/director-v2.bash test 02
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -2177,7 +2177,7 @@ jobs:
       - name: test
         run: ./ci/github/integration-testing/dynamic-sidecar.bash test 01
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -2241,7 +2241,7 @@ jobs:
       - name: test
         run: ./ci/github/integration-testing/simcore-sdk.bash test
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -2330,7 +2330,7 @@ jobs:
       - name: test
         run: ./ci/github/system-testing/public-api.bash test
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs
@@ -2395,7 +2395,7 @@ jobs:
           name: ${{ github.job }}_services_settings_schemas
           path: ./services/**/settings-schema.json
       - name: upload failed tests logs
-        if: ${{ !cancelled() }}
+        if: ${{ failure() }}
         uses: actions/upload-artifact@v4
         with:
           name: ${{ github.job }}_docker_logs

api/specs/web-server/_users.py

@@ -7,27 +7,27 @@
 from typing import Annotated
 
 from fastapi import APIRouter, Depends, status
-from models_library.api_schemas_webserver.users import MyProfileGet, MyProfilePatch
+from models_library.api_schemas_webserver.users import (
+    MyPermissionGet,
+    MyProfileGet,
+    MyProfilePatch,
+    MyTokenCreate,
+    MyTokenGet,
+    UserGet,
+    UsersSearchQueryParams,
+)
 from models_library.api_schemas_webserver.users_preferences import PatchRequestBody
 from models_library.generics import Envelope
 from models_library.user_preferences import PreferenceIdentifier
 from simcore_service_webserver._meta import API_VTAG
-from simcore_service_webserver.users._handlers import PreUserProfile, _SearchQueryParams
+from simcore_service_webserver.users._common.schemas import PreRegisteredUserGet
 from simcore_service_webserver.users._notifications import (
     UserNotification,
     UserNotificationCreate,
     UserNotificationPatch,
 )
-from simcore_service_webserver.users._notifications_handlers import (
-    _NotificationPathParams,
-)
-from simcore_service_webserver.users._schemas import UserProfile
-from simcore_service_webserver.users._tokens_handlers import _TokenPathParams
-from simcore_service_webserver.users.schemas import (
-    PermissionGet,
-    ThirdPartyToken,
-    TokenCreate,
-)
+from simcore_service_webserver.users._notifications_rest import _NotificationPathParams
+from simcore_service_webserver.users._tokens_rest import _TokenPathParams
 
 router = APIRouter(prefix=f"/{API_VTAG}", tags=["user"])
 
@@ -63,32 +63,32 @@ async def replace_my_profile(_profile: MyProfilePatch):
     status_code=status.HTTP_204_NO_CONTENT,
 )
 async def set_frontend_preference(
-    preference_id: PreferenceIdentifier,  # noqa: ARG001
-    body_item: PatchRequestBody,  # noqa: ARG001
+    preference_id: PreferenceIdentifier,
+    body_item: PatchRequestBody,
 ):
     ...
 
 
 @router.get(
     "/me/tokens",
-    response_model=Envelope[list[ThirdPartyToken]],
+    response_model=Envelope[list[MyTokenGet]],
 )
 async def list_tokens():
     ...
 
 
 @router.post(
     "/me/tokens",
-    response_model=Envelope[ThirdPartyToken],
+    response_model=Envelope[MyTokenGet],
     status_code=status.HTTP_201_CREATED,
 )
-async def create_token(_token: TokenCreate):
+async def create_token(_token: MyTokenCreate):
     ...
 
 
 @router.get(
     "/me/tokens/{service}",
-    response_model=Envelope[ThirdPartyToken],
+    response_model=Envelope[MyTokenGet],
 )
 async def get_token(_params: Annotated[_TokenPathParams, Depends()]):
     ...
@@ -131,30 +131,30 @@ async def mark_notification_as_read(
 
 @router.get(
     "/me/permissions",
-    response_model=Envelope[list[PermissionGet]],
+    response_model=Envelope[list[MyPermissionGet]],
 )
 async def list_user_permissions():
     ...
 
 
 @router.get(
     "/users:search",
-    response_model=Envelope[list[UserProfile]],
+    response_model=Envelope[list[UserGet]],
     tags=[
         "po",
     ],
 )
-async def search_users(_params: Annotated[_SearchQueryParams, Depends()]):
+async def search_users(_params: Annotated[UsersSearchQueryParams, Depends()]):
     # NOTE: see `Search` in `Common Custom Methods` in https://cloud.google.com/apis/design/custom_methods
     ...
 
 
 @router.post(
     "/users:pre-register",
-    response_model=Envelope[UserProfile],
+    response_model=Envelope[UserGet],
     tags=[
         "po",
     ],
 )
-async def pre_register_user(_body: PreUserProfile):
+async def pre_register_user(_body: PreRegisteredUserGet):
     ...

packages/pytest-simcore/src/pytest_simcore/helpers/dict_tools.py → packages/common-library/src/common_library/dict_tools.py

@@ -1,9 +1,17 @@
-""" Utils to operate with dicts """
+""" A collection of free functions to manipulate dicts
+"""
 
-from copy import deepcopy
-from typing import Any, Mapping
+from collections.abc import Mapping
+from copy import copy, deepcopy
+from typing import Any
 
-ConfigDict = dict[str, Any]
+
+def remap_keys(data: dict, rename: dict[str, str]) -> dict[str, Any]:
+    """A new dict that renames the keys of a dict while keeping the values unchanged
+
+    NOTE: Does not support renaming of nested keys
+    """
+    return {rename.get(k, k): v for k, v in data.items()}
 
 
 def get_from_dict(obj: Mapping[str, Any], dotted_key: str, default=None) -> Any:
@@ -28,10 +36,10 @@ def copy_from_dict(
     #
 
     if include is None:
-        return deepcopy(data) if deep else data.copy()
+        return deepcopy(data) if deep else copy(data)
 
     if include == ...:
-        return deepcopy(data) if deep else data.copy()
+        return deepcopy(data) if deep else copy(data)
 
     if isinstance(include, set):
         return {key: data[key] for key in include}
@@ -46,7 +54,7 @@ def copy_from_dict(
 
 def update_dict(obj: dict, **updates):
     for key, update_value in updates.items():
-        if callable(update_value):
-            update_value = update_value(obj[key])
-        obj.update({key: update_value})
+        obj.update(
+            {key: update_value(obj[key]) if callable(update_value) else update_value}
+        )
     return obj

packages/common-library/src/common_library/users_enums.py

@@ -0,0 +1,59 @@
+from enum import Enum
+from functools import total_ordering
+
+_USER_ROLE_TO_LEVEL = {
+    "ANONYMOUS": 0,
+    "GUEST": 10,
+    "USER": 20,
+    "TESTER": 30,
+    "PRODUCT_OWNER": 40,
+    "ADMIN": 100,
+}
+
+
+@total_ordering
+class UserRole(Enum):
+    """SORTED enumeration of user roles
+
+    A role defines a set of privileges the user can perform
+    Roles are sorted from lower to highest privileges
+    USER is the role assigned by default A user with a higher/lower role is denoted super/infra user
+
+    ANONYMOUS : The user is not logged in
+    GUEST     : Temporary user with very limited access. Main used for demos and for a limited amount of time
+    USER      : Registered user. Basic permissions to use the platform [default]
+    TESTER    : Upgraded user. First level of super-user with privileges to test the framework.
+                Can use everything but does not have an effect in other users or actual data
+    ADMIN     : Framework admin.
+
+    See security_access.py
+    """
+
+    ANONYMOUS = "ANONYMOUS"
+    GUEST = "GUEST"
+    USER = "USER"
+    TESTER = "TESTER"
+    PRODUCT_OWNER = "PRODUCT_OWNER"
+    ADMIN = "ADMIN"
+
+    @property
+    def privilege_level(self) -> int:
+        return _USER_ROLE_TO_LEVEL[self.name]
+
+    def __lt__(self, other: "UserRole") -> bool:
+        if self.__class__ is other.__class__:
+            return self.privilege_level < other.privilege_level
+        return NotImplemented
+
+
+class UserStatus(str, Enum):
+    # This is a transition state. The user is registered but not confirmed. NOTE that state is optional depending on LOGIN_REGISTRATION_CONFIRMATION_REQUIRED
+    CONFIRMATION_PENDING = "CONFIRMATION_PENDING"
+    # This user can now operate the platform
+    ACTIVE = "ACTIVE"
+    # This user is inactive because it expired after a trial period
+    EXPIRED = "EXPIRED"
+    # This user is inactive because he has been a bad boy
+    BANNED = "BANNED"
+    # This user is inactive because it was marked for deletion
+    DELETED = "DELETED"