New endpoints

spiffworkflow-backend/bin/recreate_db

@@ -44,9 +44,9 @@ if [[ "${1:-}" == "clean" ]]; then
 
   if [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-mysql}" == "sqlite" ]]; then
     rm -f ./src/instance/*.sqlite3
-  elif [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-mysql}" == "mysql" ]]; then
-    mysql -h "$database_host" -uroot -e "DROP DATABASE IF EXISTS spiffworkflow_backend_local_development"
-    mysql -h "$database_host" -uroot -e "DROP DATABASE IF EXISTS spiffworkflow_backend_unit_testing"
+#  elif [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-mysql}" == "mysql" ]]; then
+#    mysql -h "$database_host" -uroot -e "DROP DATABASE IF EXISTS spiffworkflow_backend_local_development"
+#    mysql -h "$database_host" -uroot -e "DROP DATABASE IF EXISTS spiffworkflow_backend_unit_testing"
   elif [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-}" == "postgres" ]]; then
     # TODO: check to see if the db already exists and we can connect to it. also actually clean it up.
     # start postgres in background with one db
@@ -79,11 +79,11 @@ else
   tasks="$tasks upgrade"
 fi
 
-if [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-mysql}" == "mysql" ]]; then
-  mysql -h "$database_host" -uroot -e "CREATE DATABASE IF NOT EXISTS spiffworkflow_backend_local_development"
-  mysql -h "$database_host" -uroot -e "CREATE DATABASE IF NOT EXISTS spiffworkflow_backend_unit_testing"
-fi
-
+#if [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-mysql}" == "mysql" ]]; then
+#  mysql -h "$database_host" -uroot -e "CREATE DATABASE IF NOT EXISTS spiffworkflow_backend_local_development"
+#  mysql -h "$database_host" -uroot -e "CREATE DATABASE IF NOT EXISTS spiffworkflow_backend_unit_testing"
+#fi
+echo "$tasks"
 for task in $tasks; do
   SPIFFWORKFLOW_BACKEND_ENV=local_development FLASK_APP=src/spiffworkflow_backend poetry run flask db "$task"
 done

spiffworkflow-backend/db-docker-compose.yml

@@ -0,0 +1,23 @@
+version: "3.7"
+
+services:
+  spiffdb:
+    image: postgres:11
+    restart: unless-stopped
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: postgres
+    ports:
+      - "1111:5432"
+    volumes:
+      - db-data:/var/lib/postgresql/data1
+    networks:
+      - forms-flow-spiff-network
+
+networks:
+  forms-flow-spiff-network:
+    driver: 'bridge'
+volumes:
+  db-data:
+    driver: local

spiffworkflow-backend/migrations/alembic.ini

@@ -1,6 +1,7 @@
 # A generic, single database configuration.
 
 [alembic]
+script_location = migrations
 # template used to generate migration files
 # file_template = %%(rev)s_%%(slug)s
 

spiffworkflow-backend/migrations/versions/1801292017d5_.py

@@ -0,0 +1,46 @@
+"""empty message
+
+Revision ID: 1801292017d5
+Revises: c8f64c8333d2
+Create Date: 2024-06-18 14:19:22.985449
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '1801292017d5'
+down_revision = 'c8f64c8333d2'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('process_model_info',
+    sa.Column('process_id', sa.Integer(), nullable=False),
+    sa.Column('id', sa.String(), nullable=True),
+    sa.Column('display_name', sa.String(), nullable=True),
+    sa.Column('description', sa.String(), nullable=True),
+    sa.Column('is_executable', sa.Boolean(), nullable=True),
+    sa.Column('fault_or_suspend_on_exception', sa.String(), nullable=True),
+    sa.Column('process_group', sa.String(), nullable=True),
+    sa.Column('content', sa.LargeBinary(), nullable=True),
+    sa.Column('type', sa.String(), nullable=True),
+    sa.Column('bpmn_version_control_identifier', sa.String(), nullable=True),
+    sa.PrimaryKeyConstraint('process_id')
+    )
+    # with op.batch_alter_table('task', schema=None) as batch_op:
+    #     batch_op.drop_constraint('guid', type_='unique')
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    # with op.batch_alter_table('task', schema=None) as batch_op:
+    #     batch_op.create_unique_constraint('guid', ['guid'])
+
+    op.drop_table('process_model_info')
+    # ### end Alembic commands ###

spiffworkflow-backend/migrations/versions/384e2bbda36b_.py

@@ -0,0 +1,40 @@
+"""empty message
+
+Revision ID: 384e2bbda36b
+Revises: 1801292017d5
+Create Date: 2024-06-20 13:46:51.568998
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '384e2bbda36b'
+down_revision = '1801292017d5'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('process_model_info', schema=None) as batch_op:
+        batch_op.alter_column('content',
+               existing_type=sa.TEXT(),
+               type_=sa.LargeBinary(),
+               existing_nullable=True,
+                              postgresql_using="content::bytea")
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+
+    with op.batch_alter_table('process_model_info', schema=None) as batch_op:
+        batch_op.alter_column('content',
+               existing_type=sa.LargeBinary(),
+               type_=sa.TEXT(),
+               existing_nullable=True)
+
+    # ### end Alembic commands ###

spiffworkflow-backend/migrations/versions/c8f64c8333d2_.py

@@ -0,0 +1,34 @@
+"""empty message
+
+Revision ID: c8f64c8333d2
+Revises: ffef09e6ddf1
+Create Date: 2024-06-14 16:41:02.361125
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'c8f64c8333d2'
+down_revision = 'ffef09e6ddf1'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # Add default permissions mappings for formsflow
+    op.execute("""
+        WITH upsert AS (
+            SELECT 1 FROM permission_target WHERE uri = '/*'
+        )
+        INSERT INTO permission_target (uri)
+        SELECT '/*'
+        WHERE NOT EXISTS (SELECT 1 FROM upsert);
+    """)
+    # Change Process group and process models to work with database rather than disk
+
+
+
+def downgrade():
+    pass

spiffworkflow-backend/migrations/versions/da22d9039670_.py

@@ -0,0 +1,40 @@
+"""empty message
+
+Revision ID: da22d9039670
+Revises: 384e2bbda36b
+Create Date: 2024-09-17 15:13:48.384925
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'da22d9039670'
+down_revision = '384e2bbda36b'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('human_task_user', schema=None) as batch_op:
+        batch_op.add_column(sa.Column('ended_at_in_seconds', sa.Integer(), nullable=True))
+        batch_op.add_column(sa.Column('created_at_in_seconds', sa.Integer(), nullable=True))
+
+    # with op.batch_alter_table('task', schema=None) as batch_op:
+    #     batch_op.drop_constraint('guid', type_='unique')
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    # with op.batch_alter_table('task', schema=None) as batch_op:
+    #     batch_op.create_unique_constraint('guid', ['guid'])
+
+    with op.batch_alter_table('human_task_user', schema=None) as batch_op:
+        batch_op.drop_column('created_at_in_seconds')
+        batch_op.drop_column('ended_at_in_seconds')
+
+    # ### end Alembic commands ###

spiffworkflow-backend/migrations/versions/f31dfbe97509_formsflow_role_mappings.py

@@ -0,0 +1,115 @@
+"""formsflow_role_mappings
+
+Revision ID: f31dfbe97509
+Revises: da22d9039670
+Create Date: 2024-10-23 13:56:41.952250
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+# revision identifiers, used by Alembic.
+revision = 'f31dfbe97509'
+down_revision = 'da22d9039670'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # Step 1: Check and insert into Group table
+    permission_targets = {}
+    groups = {}
+    for target_uri in ['/*', '/task-filters', '/task-filters/*', '/task/*', '/key/*', '/process-definition/*',
+                       '/process-definition', '/deployment/create']:
+        permission_target_id = op.get_bind().execute(sa.text(f"""
+                INSERT INTO permission_target (uri)
+                SELECT '{target_uri}' 
+                WHERE NOT EXISTS (SELECT id FROM permission_target WHERE uri = '{target_uri}')
+                RETURNING id;
+            """)).fetchone()
+
+        if permission_target_id is None:
+            permission_target_id = op.get_bind().execute(sa.text(f"""
+                    SELECT id FROM permission_target WHERE uri = '{target_uri}';
+                """)).fetchone()
+
+        permission_targets[target_uri] = permission_target_id[0]
+
+    for group in ['camunda-admin', 'view_filters', 'view_tasks', 'manage_tasks', 'create_submissions', 'view_designs',
+                  'create_designs']:
+        group_id = op.get_bind().execute(sa.text(f"""
+                        INSERT INTO "group" (identifier)
+                        SELECT '{group}' 
+                        WHERE NOT EXISTS (SELECT id FROM "group" WHERE identifier = '{group}')
+                        RETURNING id;
+                    """)).fetchone()
+
+        if group_id is None:
+            group_id = op.get_bind().execute(sa.text(f"""
+                            SELECT id FROM "group" WHERE identifier = '{group}';
+                        """)).fetchone()
+        group_id = group_id[0]
+        groups[group] = {"id": group_id}
+
+        # INSERT Into principal
+        principal_id = op.get_bind().execute(sa.text(f"""
+                                INSERT INTO principal (group_id)
+                                SELECT {group_id}
+                                WHERE NOT EXISTS (SELECT id FROM principal WHERE group_id = :group_id)
+                                RETURNING id;
+                            """), {'group_id': group_id}).fetchone()
+
+        if principal_id is None:
+            principal_id = op.get_bind().execute(sa.text(f"""
+                                    SELECT id FROM principal WHERE group_id = :group_id
+
+                                """), {'group_id': group_id}).fetchone()
+        groups[group].update({"principal_id": principal_id[0]})
+
+    # Insert into permission_assignment
+    for permission_target_uri in permission_targets.keys():
+        if permission_target_uri == '/*':
+            # Allowed for all reads and create for camunda-admin
+            for grant_type in ['read', 'create']:
+                principal_id = groups['camunda-admin'].get("principal_id")
+                _insert_into_permission_assignment(grant_type, permission_targets[permission_target_uri], principal_id)
+
+        elif permission_target_uri in ["/task-filters", "/task-filters/*", "/task/*"]:
+            # Allowed for all reads and create for view_tasks
+            for grant_type in ['read', 'create']:
+                principal_id = groups['view_tasks'].get("principal_id")
+                _insert_into_permission_assignment(grant_type, permission_targets[permission_target_uri], principal_id)
+        elif permission_target_uri in ["/key/*"]:
+            # Allowed for all reads and create for create_submissions
+            for grant_type in ['read', 'create']:
+                principal_id = groups['create_submissions'].get("principal_id")
+                _insert_into_permission_assignment(grant_type, permission_targets[permission_target_uri], principal_id)
+        elif permission_target_uri in ["/process-definition/*", "/process-definition"]:
+            # Allowed for all reads and create for view_designs
+            for grant_type in ['read', 'create']:
+                principal_id = groups['view_designs'].get("principal_id")
+                _insert_into_permission_assignment(grant_type, permission_targets[permission_target_uri], principal_id)
+        elif permission_target_uri in ["/deployment/create"]:
+            # Allowed for all reads and create for create_designs
+            for grant_type in ['read', 'create']:
+                principal_id = groups['create_designs'].get("principal_id")
+                _insert_into_permission_assignment(grant_type, permission_targets[permission_target_uri], principal_id)
+
+
+def _insert_into_permission_assignment(grant_type, permission_target_id, principal_id):
+    permission_assignment = op.get_bind().execute(sa.text(f"""
+                                            SELECT id FROM permission_assignment 
+                                            WHERE principal_id = {principal_id} 
+                                            AND permission_target_id = {permission_target_id}
+                                            AND grant_type = 'permit'
+                                            AND permission = '{grant_type}';
+                                        """)).fetchone()
+    if not permission_assignment:
+        op.get_bind().execute(sa.text(f"""INSERT INTO permission_assignment 
+                                                (principal_id, permission_target_id, grant_type, permission)
+                                                VALUES ({principal_id}, {permission_target_id}, 'permit', '{grant_type}');
+                                            """))
+
+
+def downgrade():
+    pass

spiffworkflow-backend/src/spiffworkflow_backend/__init__.py

@@ -91,7 +91,7 @@ def create_app() -> flask.app.Flask:
     ]
     CORS(app, origins=origins_re, max_age=3600, supports_credentials=True)
 
-    connexion_app.add_api("api.yml", base_path=V1_API_PATH_PREFIX)
+    connexion_app.add_api("api.yml", base_path=V1_API_PATH_PREFIX, pythonic_params=False)
 
     app.json = MyJSONEncoder(app)