cr-connect-workflow/crc/api/approval.py

import csv
import io
import json
import pickle
from base64 import b64decode
from datetime import datetime

from flask import g, make_response

from crc import db, session
from crc.api.common import ApiError
from crc.models.approval import Approval, ApprovalModel, ApprovalSchema, ApprovalStatus
from crc.models.workflow import WorkflowModel
from crc.services.approval_service import ApprovalService
from crc.services.ldap_service import LdapService


# Returns counts of approvals in each status group assigned to the given user.
# The goal is to return results as quickly as possible.
def get_approval_counts(as_user=None):
    uid = as_user or g.user.uid

    db_user_approvals = db.session.query(ApprovalModel)\
        .filter_by(approver_uid=uid)\
        .filter(ApprovalModel.status != ApprovalStatus.CANCELED.name)\
        .all()

    study_ids = [a.study_id for a in db_user_approvals]

    db_other_approvals = db.session.query(ApprovalModel)\
        .filter(ApprovalModel.study_id.in_(study_ids))\
        .filter(ApprovalModel.approver_uid != uid)\
        .filter(ApprovalModel.status != ApprovalStatus.CANCELED.name)\
        .all()

    # Make a dict of the other approvals where the key is the study id and the value is the approval
    # TODO: This won't work if there are more than 2 approvals with the same study_id
    other_approvals = {}
    for approval in db_other_approvals:
        other_approvals[approval.study_id] = approval

    counts = {}
    for name, value in ApprovalStatus.__members__.items():
        counts[name] = 0

    for approval in db_user_approvals:
        # Check if another approval has the same study id
        if approval.study_id in other_approvals:
            other_approval = other_approvals[approval.study_id]

            # Other approval takes precedence over this one
            if other_approval.id < approval.id:
                if other_approval.status == ApprovalStatus.PENDING.name:
                    counts[ApprovalStatus.AWAITING.name] += 1
                elif other_approval.status == ApprovalStatus.DECLINED.name:
                    counts[ApprovalStatus.DECLINED.name] += 1
                elif other_approval.status == ApprovalStatus.CANCELED.name:
                    counts[ApprovalStatus.CANCELED.name] += 1
                elif other_approval.status == ApprovalStatus.APPROVED.name:
                    counts[approval.status] += 1
            else:
                counts[approval.status] += 1
        else:
            counts[approval.status] += 1

    return counts


def get_all_approvals(status=None):
    approvals = ApprovalService.get_all_approvals(include_cancelled=status is True)
    results = ApprovalSchema(many=True).dump(approvals)
    return results


def get_approvals(status=None, as_user=None):
    #status = ApprovalStatus.PENDING.value
    user = g.user.uid
    if as_user:
        user = as_user
    approvals = ApprovalService.get_approvals_per_user(user, status,
                                                       include_cancelled=False)
    results = ApprovalSchema(many=True).dump(approvals)
    return results


def get_approvals_for_study(study_id=None):
    db_approvals = ApprovalService.get_approvals_for_study(study_id)
    approvals = [Approval.from_model(approval_model) for approval_model in db_approvals]
    results = ApprovalSchema(many=True).dump(approvals)
    return results


def get_health_attesting_csv(all_approvals=True):
    records = ApprovalService.get_health_attesting_records(all_approvals)
    si = io.StringIO()
    cw = csv.writer(si)
    cw.writerows(records)
    output = make_response(si.getvalue())
    output.headers["Content-Disposition"] = "attachment; filename=health_attesting.csv"
    output.headers["Content-type"] = "text/csv"
    return output


# ----- Begin descent into madness ---- #
def get_csv():
    """A damn lie, it's a json file. A huge bit of a one-off for RRT, but 3 weeks of midnight work can convince a
    man to do just about anything"""
    approvals = ApprovalService.get_all_approvals(include_cancelled=False)
    output = []
    errors = []
    for approval in approvals:
        try:
            if approval.status != ApprovalStatus.APPROVED.value:
                continue
            for related_approval in approval.related_approvals:
                if related_approval.status != ApprovalStatus.APPROVED.value:
                    continue
            workflow = db.session.query(WorkflowModel).filter(WorkflowModel.id == approval.workflow_id).first()
            data = json.loads(workflow.bpmn_workflow_json)
            last_task = find_task(data['last_task']['__uuid__'], data['task_tree'])
            personnel = extract_value(last_task, 'personnel')
            training_val = extract_value(last_task, 'RequiredTraining')
            pi_supervisor = extract_value(last_task, 'PISupervisor')['value']
            review_complete = 'AllRequiredTraining' in training_val
            pi_uid = workflow.study.primary_investigator_id
            pi_details = LdapService.user_info(pi_uid)
            details = []
            details.append(pi_details)
            for person in personnel:
                uid = person['PersonnelComputingID']['value']
                details.append(LdapService.user_info(uid))

            for person in details:
                record = {
                    "study_id": approval.study_id,
                    "pi_uid": pi_details.uid,
                    "pi": pi_details.display_name,
                    "name": person.display_name,
                    "uid": person.uid,
                    "email": person.email_address,
                    "supervisor": "",
                    "review_complete": review_complete,
                }
                # We only know the PI's supervisor.
                if person.uid == pi_details.uid:
                    record["supervisor"] = pi_supervisor

                output.append(record)

        except Exception as e:
            errors.append("Error pulling data for workflow #%i: %s" % (approval.workflow_id, str(e)))
    return {"results": output, "errors": errors }


def extract_value(task, key):
    if key in task['data']:
        return pickle.loads(b64decode(task['data'][key]['__bytes__']))
    else:
        return ""


def find_task(uuid, task):
    if task['id']['__uuid__'] == uuid:
        return task
    for child in task['children']:
        task = find_task(uuid, child)
        if task:
            return task
# ----- come back to the world of the living ---- #


def update_approval(approval_id, body):
    if approval_id is None:
        raise ApiError('unknown_approval', 'Please provide a valid Approval ID.')

    approval_model = session.query(ApprovalModel).get(approval_id)
    if approval_model is None:
        raise ApiError('unknown_approval', 'The approval "' + str(approval_id) + '" is not recognized.')

    if approval_model.approver_uid != g.user.uid:
        raise ApiError("not_your_approval", "You may not modify this approval. It belongs to another user.")

    approval_model.status = body['status']
    approval_model.message = body['message']
    approval_model.date_approved = datetime.now()
    session.add(approval_model)
    session.commit()

    # Called only to send emails
    approver = body['approver']['uid']
    ApprovalService.update_approval(approval_id, approver)

    result = ApprovalSchema().dump(approval_model)
    return result
Enable CSV download 2020-06-22 15:24:58 +00:00			`import csv`
			`import io`
Don't overwrite the approval, just allow minor changes. 2020-06-02 23:36:06 +00:00			`import json`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`import pickle`
			`from base64 import b64decode`
For the main approval endpoints - we now group the approvals by study. So you get one record back for each study, but it may have other approvals along with it as "related_approvals". We now cache the LDAP records - so we look in our own database for the record before calling out to ldap for the details when given a straight up computing id like dhf8r. Added "date_approved" to the approval model. And moved the approver and primary investigator into real associated models to make it easier to dump. Fixed a problem with the validation that was causing it to throw incorrect errors on valid workflows. Getting it to behave a little more like the front end behaves, and respecting the read-only fields. But it was mainly to do with always returning all the data with each form submission. 2020-06-02 22:17:00 +00:00			`from datetime import datetime`

Enable CSV download 2020-06-22 15:24:58 +00:00			`from flask import g, make_response`
Tweaks to approvals 2020-06-02 01:45:09 +00:00
Do not process or return cancelled approvals via the API. 2020-06-03 20:50:47 +00:00			`from crc import db, session`
			`from crc.api.common import ApiError`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`from crc.models.approval import Approval, ApprovalModel, ApprovalSchema, ApprovalStatus`
			`from crc.models.workflow import WorkflowModel`
Making working endpoints for approvals 2020-05-24 05:53:48 +00:00			`from crc.services.approval_service import ApprovalService`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`from crc.services.ldap_service import LdapService`
Building out the boilerplate code to make pushing forward on this a little friendlier. There is an approval api file, and approval model file and an approval test file. 2020-05-22 22:25:00 +00:00

Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00			`# Returns counts of approvals in each status group assigned to the given user.`
			`# The goal is to return results as quickly as possible.`
			`def get_approval_counts(as_user=None):`
			`uid = as_user or g.user.uid`

			`db_user_approvals = db.session.query(ApprovalModel)\`
			`.filter_by(approver_uid=uid)\`
			`.filter(ApprovalModel.status != ApprovalStatus.CANCELED.name)\`
			`.all()`

			`study_ids = [a.study_id for a in db_user_approvals]`

			`db_other_approvals = db.session.query(ApprovalModel)\`
			`.filter(ApprovalModel.study_id.in_(study_ids))\`
			`.filter(ApprovalModel.approver_uid != uid)\`
			`.filter(ApprovalModel.status != ApprovalStatus.CANCELED.name)\`
			`.all()`

			`# Make a dict of the other approvals where the key is the study id and the value is the approval`
			`# TODO: This won't work if there are more than 2 approvals with the same study_id`
			`other_approvals = {}`
			`for approval in db_other_approvals:`
			`other_approvals[approval.study_id] = approval`

			`counts = {}`
Fixes bug where approvals counts were off by 1. Tests CSV export and all approvals endpoints with lots of records. 2020-06-11 21:15:44 +00:00			`for name, value in ApprovalStatus.__members__.items():`
			`counts[name] = 0`
Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00
			`for approval in db_user_approvals:`
			`# Check if another approval has the same study id`
			`if approval.study_id in other_approvals:`
			`other_approval = other_approvals[approval.study_id]`

			`# Other approval takes precedence over this one`
			`if other_approval.id < approval.id:`
			`if other_approval.status == ApprovalStatus.PENDING.name:`
			`counts[ApprovalStatus.AWAITING.name] += 1`
			`elif other_approval.status == ApprovalStatus.DECLINED.name:`
			`counts[ApprovalStatus.DECLINED.name] += 1`
			`elif other_approval.status == ApprovalStatus.CANCELED.name:`
			`counts[ApprovalStatus.CANCELED.name] += 1`
			`elif other_approval.status == ApprovalStatus.APPROVED.name:`
			`counts[approval.status] += 1`
Fixes bug where approvals counts were off by 1. Tests CSV export and all approvals endpoints with lots of records. 2020-06-11 21:15:44 +00:00			`else:`
			`counts[approval.status] += 1`
Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00			`else:`
			`counts[approval.status] += 1`

			`return counts`


Adds back an endpoint that returns all approvals across all statuses or users 2020-06-08 02:38:21 +00:00			`def get_all_approvals(status=None):`
			`approvals = ApprovalService.get_all_approvals(include_cancelled=status is True)`
			`results = ApprovalSchema(many=True).dump(approvals)`
			`return results`


Allow setting the type of approvals you want back, by status. Some very minor performance enhancements, that will add up on the Approvers page. 2020-06-05 21:49:55 +00:00			`def get_approvals(status=None, as_user=None):`
			`#status = ApprovalStatus.PENDING.value`
			`user = g.user.uid`
			`if as_user:`
			`user = as_user`
			`approvals = ApprovalService.get_approvals_per_user(user, status,`
			`include_cancelled=False)`
Making working endpoints for approvals 2020-05-24 05:53:48 +00:00			`results = ApprovalSchema(many=True).dump(approvals)`
			`return results`
Building out the boilerplate code to make pushing forward on this a little friendlier. There is an approval api file, and approval model file and an approval test file. 2020-05-22 22:25:00 +00:00
Adds approvals to study schema. Adds approvals endpoint 2020-06-01 02:46:17 +00:00
			`def get_approvals_for_study(study_id=None):`
			`db_approvals = ApprovalService.get_approvals_for_study(study_id)`
Trying to fix LDAP issues on production. Changing LDAP to static only methods, caching the connection and calling bind before all connection requests. Also assuring we don't load the documents.xls file over and over again. 2020-06-04 18:59:36 +00:00			`approvals = [Approval.from_model(approval_model) for approval_model in db_approvals]`
Adds approvals to study schema. Adds approvals endpoint 2020-06-01 02:46:17 +00:00			`results = ApprovalSchema(many=True).dump(approvals)`
			`return results`


Enable CSV download 2020-06-22 15:24:58 +00:00			`def get_health_attesting_csv(all_approvals=True):`
			`records = ApprovalService.get_health_attesting_records(all_approvals)`
			`si = io.StringIO()`
			`cw = csv.writer(si)`
			`cw.writerows(records)`
			`output = make_response(si.getvalue())`
			`output.headers["Content-Disposition"] = "attachment; filename=health_attesting.csv"`
			`output.headers["Content-type"] = "text/csv"`
			`return output`


Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00			`# ----- Begin descent into madness ---- #`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`def get_csv():`
Some additional cleanup - when a file is "archived" it is no longer returned for any endpoints about files, but it is directly accessible via id, in the event some request is made for it at a later date. 2020-06-04 13:49:42 +00:00			`"""A damn lie, it's a json file. A huge bit of a one-off for RRT, but 3 weeks of midnight work can convince a`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`man to do just about anything"""`
When you can't delete a file, mark it as archived. Don't include archived files in new approval requests. 2020-06-03 21:34:27 +00:00			`approvals = ApprovalService.get_all_approvals(include_cancelled=False)`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`output = []`
			`errors = []`
			`for approval in approvals:`
			`try:`
			`if approval.status != ApprovalStatus.APPROVED.value:`
			`continue`
			`for related_approval in approval.related_approvals:`
			`if related_approval.status != ApprovalStatus.APPROVED.value:`
			`continue`
			`workflow = db.session.query(WorkflowModel).filter(WorkflowModel.id == approval.workflow_id).first()`
Adding more details to the csv output, and assuring we don't miss people with outstanding approvals that were cancelled. 2020-06-03 11:58:48 +00:00			`data = json.loads(workflow.bpmn_workflow_json)`
			`last_task = find_task(data['last_task']['__uuid__'], data['task_tree'])`
			`personnel = extract_value(last_task, 'personnel')`
			`training_val = extract_value(last_task, 'RequiredTraining')`
BE VERY CAREFUL where you create a new LdapService() - construction is expensive. Adding a few more details to the "csv" endpoint for RRT. 2020-06-04 14:33:17 +00:00			`pi_supervisor = extract_value(last_task, 'PISupervisor')['value']`
Adding more details to the csv output, and assuring we don't miss people with outstanding approvals that were cancelled. 2020-06-03 11:58:48 +00:00			`review_complete = 'AllRequiredTraining' in training_val`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`pi_uid = workflow.study.primary_investigator_id`
Trying to fix LDAP issues on production. Changing LDAP to static only methods, caching the connection and calling bind before all connection requests. Also assuring we don't load the documents.xls file over and over again. 2020-06-04 18:59:36 +00:00			`pi_details = LdapService.user_info(pi_uid)`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`details = []`
			`details.append(pi_details)`
			`for person in personnel:`
			`uid = person['PersonnelComputingID']['value']`
Trying to fix LDAP issues on production. Changing LDAP to static only methods, caching the connection and calling bind before all connection requests. Also assuring we don't load the documents.xls file over and over again. 2020-06-04 18:59:36 +00:00			`details.append(LdapService.user_info(uid))`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00
			`for person in details:`
BE VERY CAREFUL where you create a new LdapService() - construction is expensive. Adding a few more details to the "csv" endpoint for RRT. 2020-06-04 14:33:17 +00:00			`record = {`
Adding more details to the csv output, and assuring we don't miss people with outstanding approvals that were cancelled. 2020-06-03 11:58:48 +00:00			`"study_id": approval.study_id,`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`"pi_uid": pi_details.uid,`
			`"pi": pi_details.display_name,`
			`"name": person.display_name,`
BE VERY CAREFUL where you create a new LdapService() - construction is expensive. Adding a few more details to the "csv" endpoint for RRT. 2020-06-04 14:33:17 +00:00			`"uid": person.uid,`
Adding more details to the csv output, and assuring we don't miss people with outstanding approvals that were cancelled. 2020-06-03 11:58:48 +00:00			`"email": person.email_address,`
BE VERY CAREFUL where you create a new LdapService() - construction is expensive. Adding a few more details to the "csv" endpoint for RRT. 2020-06-04 14:33:17 +00:00			`"supervisor": "",`
Adding more details to the csv output, and assuring we don't miss people with outstanding approvals that were cancelled. 2020-06-03 11:58:48 +00:00			`"review_complete": review_complete,`
BE VERY CAREFUL where you create a new LdapService() - construction is expensive. Adding a few more details to the "csv" endpoint for RRT. 2020-06-04 14:33:17 +00:00			`}`
			`# We only know the PI's supervisor.`
			`if person.uid == pi_details.uid:`
			`record["supervisor"] = pi_supervisor`

			`output.append(record)`

Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`except Exception as e:`
			`errors.append("Error pulling data for workflow #%i: %s" % (approval.workflow_id, str(e)))`
			`return {"results": output, "errors": errors }`

Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00
Adding more details to the csv output, and assuring we don't miss people with outstanding approvals that were cancelled. 2020-06-03 11:58:48 +00:00			`def extract_value(task, key):`
			`if key in task['data']:`
			`return pickle.loads(b64decode(task['data'][key]['__bytes__']))`
			`else:`
			`return ""`
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00
Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00
Doing everything I can imagine to get a CSV dump out tomorrow. 2020-06-03 02:01:49 +00:00			`def find_task(uuid, task):`
			`if task['id']['__uuid__'] == uuid:`
			`return task`
			`for child in task['children']:`
			`task = find_task(uuid, child)`
			`if task:`
			`return task`
			`# ----- come back to the world of the living ---- #`

Adds endpoint to quickly get counts of approvals in each status group for a user 2020-06-06 02:19:37 +00:00
Making working endpoints for approvals 2020-05-24 05:53:48 +00:00			`def update_approval(approval_id, body):`
			`if approval_id is None:`
			`raise ApiError('unknown_approval', 'Please provide a valid Approval ID.')`

Using full approval payload to update record 2020-05-25 21:40:24 +00:00			`approval_model = session.query(ApprovalModel).get(approval_id)`
			`if approval_model is None:`
Making working endpoints for approvals 2020-05-24 05:53:48 +00:00			`raise ApiError('unknown_approval', 'The approval "' + str(approval_id) + '" is not recognized.')`

I completely missed pushing up my changes last night before handing back over to Carlos. Sorry about that. Added checks to assure the approver matches g.uid of the current user - otherwise don't modify the approval record. 2020-06-02 11:43:19 +00:00			`if approval_model.approver_uid != g.user.uid:`
			`raise ApiError("not_your_approval", "You may not modify this approval. It belongs to another user.")`

Don't overwrite the approval, just allow minor changes. 2020-06-02 23:36:06 +00:00			`approval_model.status = body['status']`
			`approval_model.message = body['message']`
For the main approval endpoints - we now group the approvals by study. So you get one record back for each study, but it may have other approvals along with it as "related_approvals". We now cache the LDAP records - so we look in our own database for the record before calling out to ldap for the details when given a straight up computing id like dhf8r. Added "date_approved" to the approval model. And moved the approver and primary investigator into real associated models to make it easier to dump. Fixed a problem with the validation that was causing it to throw incorrect errors on valid workflows. Getting it to behave a little more like the front end behaves, and respecting the read-only fields. But it was mainly to do with always returning all the data with each form submission. 2020-06-02 22:17:00 +00:00			`approval_model.date_approved = datetime.now()`
Don't overwrite the approval, just allow minor changes. 2020-06-02 23:36:06 +00:00			`session.add(approval_model)`
Using full approval payload to update record 2020-05-25 21:40:24 +00:00			`session.commit()`

Approve/deny fixes 2020-06-05 19:39:52 +00:00			`# Called only to send emails`
			`approver = body['approver']['uid']`
			`ApprovalService.update_approval(approval_id, approver)`

Don't overwrite the approval, just allow minor changes. 2020-06-02 23:36:06 +00:00			`result = ApprovalSchema().dump(approval_model)`
Making working endpoints for approvals 2020-05-24 05:53:48 +00:00			`return result`