Allow fetching duke-ds-project permissions #170
Conversation
TODO: Handle 404 when no permission is found.
|
I am having second thoughts about these changes in relation to performance. |
|
Do you think we might want to add caching in some form? There might be a simple Django or DRF plugin that solves this handily for these DukeDS API responses that don’t change every second. And there’s always redis or memcached. Probably a good idea for user listing too. |
I worry about timely cache invalidation if we cache project permissions. One thought was to turn this around and check permissions at the point the try to proceed with a delivery. A user sees all projects and can select them and then we show them a warning like I looked to see what the DukeDS portal does: It fetches permissions for each project individually. Perhaps I could look at paging the data? |
One thing that occurs to me on reflection is that neither method is a great experience for the user. If we filter out the non-deliverable ones, users might be confused about why they're seeing more projects listed in the DDS web portal vs the datadelivery UI. But if we include all of their projects in the listing, we have to communicate which ones cannot be delivered and why. If we don't deliver this feedback until late in the process, that can be frustrating. So perhaps the best tradeoff for now is to allow them to pick any of their projects, then check the permission and deliver feedback before proceeding to the next step? |
This was too slow to fetch a reasonable list of projects. As an alternative added here is a new duke-ds-project-permissions endpoint. This endpoint requires at least project_id query parameter due to the underlying DukeDS API.
|
I removed the The underlying DukeDS API requires a project_id: https://api.dataservice.duke.edu/apiexplorer#!/projects/getApiV1ProjectsProjectIdPermissions The underlying DukeDS API doesn't return a unique ID. |
Also includes exception if missing required project_id query param for the duke-ds-project-permissions list api.
This is to have access to data_service.get_project_permissions.
The DukeDS api only returns non-deleted when listing projects. However if a user fetches a project directly it can return a deleted project. This will allow users to tell if a project that is used in a transfer has been deleted.
johnbradley
changed the title
d4s2_api_v2/api.py
Outdated
| dds_util = DDSUtil(self.request.user) | ||
| project_id = self.request.query_params.get('project') | ||
| user_id = self.request.query_params.get('user') | ||
| # a project id is required due to the underlying implementation of DukeDS API |
There was a problem hiding this comment.
If this endpoint, when un-filtered, returned all of the user's projects+permissions, then I think a project_id query parameter makes sense (as a filter on that list). But since this requires that parameter - and it's a specific ID and not a search term, it doesn't seem like query parameters are the best fit.
Perhaps it would make more sense to list project permissions via a detail route under the single project endpoint (/duke-ds-projects/:id/permissions/), as DukeDS does?
There was a problem hiding this comment.
I was trying to make it fit in with the other ember models. I think I can use and adapter to make it work with this approach in ember.
Changes add query parameter is_deliverable to the
/api/v2/duke-ds-projects/endpoint.Also returns
is_deliverablein the payload for duke-ds-project.Fixes #169