From ee158a1c0d0e8ec3b7573466571bcb53ccc7b4a6 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Thu, 7 Nov 2024 13:26:22 -0500
Subject: [PATCH 1/7] trying to fix bad input in build-and-push-image

---
 .github/workflows/build_image_from_dev.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build_image_from_dev.yml b/.github/workflows/build_image_from_dev.yml
index 3353147d..d7ffc601 100644
--- a/.github/workflows/build_image_from_dev.yml
+++ b/.github/workflows/build_image_from_dev.yml
@@ -100,7 +100,7 @@ jobs:
         uses: docker/build-push-action@v6
         with:
           context: .
-          ref: dev
+          # ref: dev
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}

From 237b17711bc1a1d1c1241dba8de424484e4445a8 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Thu, 7 Nov 2024 13:33:22 -0500
Subject: [PATCH 2/7] remove commented line

---
 .github/workflows/build_image_from_dev.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/build_image_from_dev.yml b/.github/workflows/build_image_from_dev.yml
index d7ffc601..cad49f36 100644
--- a/.github/workflows/build_image_from_dev.yml
+++ b/.github/workflows/build_image_from_dev.yml
@@ -100,7 +100,6 @@ jobs:
         uses: docker/build-push-action@v6
         with:
           context: .
-          # ref: dev
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}

From 59b562c9e18d63b8fdd6955f94bad84e56c51102 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Wed, 13 Nov 2024 10:47:05 -0500
Subject: [PATCH 3/7] missed a file

---
 crc/scripts/get_top_level_data.py | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 crc/scripts/get_top_level_data.py

diff --git a/crc/scripts/get_top_level_data.py b/crc/scripts/get_top_level_data.py
new file mode 100644
index 00000000..147342c7
--- /dev/null
+++ b/crc/scripts/get_top_level_data.py
@@ -0,0 +1,26 @@
+from crc import session
+from crc.api.common import ApiError
+from crc.models.study import StudyModel
+from crc.scripts.script import Script
+from crc.services.workflow_processor import WorkflowProcessor
+from crc.services.workflow_spec_service import WorkflowSpecService
+
+
+class GetTopLevelData(Script):
+
+    def get_description(self):
+        return """This is my description"""
+
+    def do_task_validate_only(self, task, study_id, workflow_id, *args, **kwargs):
+        return self.do_task(task, study_id, workflow_id, *args, **kwargs)
+
+    def do_task(self, task, study_id, workflow_id, *args, **kwargs):
+        spec_service = WorkflowSpecService()
+        study_model = session.query(StudyModel).filter(StudyModel.id == study_id).first()
+
+        try:
+            master_workflow_results = WorkflowProcessor.run_master_spec(spec_service.master_spec, study_model)
+        except Exception as e:
+            raise ApiError("error_running_master_spec", f"Error running master spec: {str(e)}")
+
+        return master_workflow_results

From b08cb4a5df8fa1ec991d56deeee3eaa8dd5a98c3 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Wed, 13 Nov 2024 11:02:28 -0500
Subject: [PATCH 4/7] another one

---
 crc/scripts/add_admin_user.py | 44 +++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 crc/scripts/add_admin_user.py

diff --git a/crc/scripts/add_admin_user.py b/crc/scripts/add_admin_user.py
new file mode 100644
index 00000000..7520f0c8
--- /dev/null
+++ b/crc/scripts/add_admin_user.py
@@ -0,0 +1,44 @@
+from crc import app, db
+from crc.api.common import ApiError
+from crc.models.study import StudyAssociated
+from crc.scripts.script import Script
+from crc.services.ldap_service import LdapService
+
+from sqlalchemy import text
+
+
+class AddAdminUser(Script):
+    scripts = {}
+
+    def get_description(self):
+        return """Add a user to the study_associated_user table (for all studies)"""
+
+    def do_task_validate_only(self, task, study_id, workflow_id, *args, **kwargs):
+        return self.do_task(task, study_id, workflow_id, *args, **kwargs)
+
+    def do_task(self, task, study_id, workflow_id, *args, **kwargs):
+        associated_user = kwargs.get('associated_user', None)
+        associated_group = kwargs.get('associated_group', None)
+        scripts = self.generate_augmented_list(task, study_id, workflow_id)
+        self.scripts = scripts
+        try:
+            ldap_user = self.scripts['ldap'](associated_user)
+        except ApiError as ae:
+            return {"error": str(ae), 'message': f"User {associated_user} not found in LDAP"}
+
+        if 'uid' in ldap_user and ldap_user['uid'] == associated_user:
+            # study_associated = StudyAssociated()
+
+            # using 'lje5u' because they are in both CTO and CTO Finance groups
+            # sql_string = f"select study_id, '{associated_user}', 'CTO', false, true from study_associated_user where uid='lje5u' and role='{associated_group}'"
+
+            sql_string = """insert into study_associated_user
+            (study_id, uid, role, send_email, access)
+            select study_id, '%s', 'CTO', false, true 
+            from study_associated_user 
+            where uid='lje5u' and role='%s'""" % (associated_user, associated_group)
+
+            sql = text(sql_string)
+            result = db.engine.execute(sql)
+            print(result.rowcount)
+            return {"message": f"User {associated_user} added to {associated_group} group"}

From 9e007c15ba0764140d69a81cce48efff616fbea2 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Wed, 13 Nov 2024 11:12:48 -0500
Subject: [PATCH 5/7] added superuser group

---
 config/default.py  | 1 +
 crc/models/user.py | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/config/default.py b/config/default.py
index 1b707176..f681e624 100644
--- a/config/default.py
+++ b/config/default.py
@@ -27,6 +27,7 @@
 PRODUCTION = (environ.get('PRODUCTION', default="false") == "true")
 TEST_UID = environ.get('TEST_UID', default="dhf8r")
 ADMIN_UIDS = re.split(r',\s*', environ.get('ADMIN_UIDS', default="dhf8r,kcm4zc,cah3us"))
+SUPERUSER_UIDS = re.split(r',\s*', environ.get('ADMIN_UIDS', default="dhf8r,kcm4zc,cah3us"))
 DEFAULT_UID = environ.get('DEFAULT_UID', default="dhf8r")
 
 # Sentry flag
diff --git a/crc/models/user.py b/crc/models/user.py
index ec51245b..98a7fcd1 100644
--- a/crc/models/user.py
+++ b/crc/models/user.py
@@ -20,6 +20,11 @@ def is_admin(self):
         # may change in the future.
         return self.uid in app.config['ADMIN_UIDS']
 
+    def is_superuser(self):
+        # Currently superuser abilities are set in the configuration, but this
+        # may change in the future.
+        return self.uid in app.config['SUPERUSER_UIDS']
+
     def encode_auth_token(self):
         """
         Generates the Auth Token
@@ -60,6 +65,7 @@ class Meta:
         include_relationships = True
     uid = fields.String()
     is_admin = fields.Method('get_is_admin', dump_only=True)
+    is_superuser = fields.Method('get_is_superuser', dump_only=True)
     ldap_info = fields.Nested(LdapSchema)
     impersonator = fields.Nested('self', many=False, allow_none=True)
 
@@ -67,6 +73,9 @@ class Meta:
     def get_is_admin(user):
         return user.is_admin()
 
+    def get_is_superuser(self, user):
+        return user.is_superuser()
+
 
 class AdminSessionModel(db.Model):
     __tablename__ = 'admin_session'

From 43f7152d41e5117c7517a8f4d2a10dfc591370c2 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Wed, 13 Nov 2024 11:34:43 -0500
Subject: [PATCH 6/7] static method issue

---
 crc/models/user.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crc/models/user.py b/crc/models/user.py
index 98a7fcd1..ed19c987 100644
--- a/crc/models/user.py
+++ b/crc/models/user.py
@@ -73,7 +73,8 @@ class Meta:
     def get_is_admin(user):
         return user.is_admin()
 
-    def get_is_superuser(self, user):
+    @staticmethod
+    def get_is_superuser(user):
         return user.is_superuser()
 
 

From 56a3d46450b168bcb43a3f77a7b46b45bd76b3b7 Mon Sep 17 00:00:00 2001
From: mike cullerton <webstuff@bakednotfried.com>
Date: Wed, 13 Nov 2024 11:46:17 -0500
Subject: [PATCH 7/7] fixed typo

---
 config/default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/default.py b/config/default.py
index f681e624..f1a6b075 100644
--- a/config/default.py
+++ b/config/default.py
@@ -27,7 +27,7 @@
 PRODUCTION = (environ.get('PRODUCTION', default="false") == "true")
 TEST_UID = environ.get('TEST_UID', default="dhf8r")
 ADMIN_UIDS = re.split(r',\s*', environ.get('ADMIN_UIDS', default="dhf8r,kcm4zc,cah3us"))
-SUPERUSER_UIDS = re.split(r',\s*', environ.get('ADMIN_UIDS', default="dhf8r,kcm4zc,cah3us"))
+SUPERUSER_UIDS = re.split(r',\s*', environ.get('SUPERUSER_UIDS', default="dhf8r,kcm4zc,cah3us"))
 DEFAULT_UID = environ.get('DEFAULT_UID', default="dhf8r")
 
 # Sentry flag