Merge changes with upstream

6 files changed, 81 insertions, 7 deletions

diff --git a/web-server/opendc/models/experiment.py b/web-server/opendc/models/experiment.py
new file mode 100644
index 00000000..ac606d64
--- /dev/null
+++ b/web-server/opendc/models/experiment.py
@@ -0,0 +1,24 @@
+from opendc.models.model import Model
+from opendc.models.user import User
+from opendc.util.exceptions import ClientError
+from opendc.util.rest import Response
+
+
+class Experiment(Model):
+    """Model representing a Experiment."""
+
+    collection_name = 'experiments'
+
+    def check_user_access(self, google_id, edit_access):
+        """Raises an error if the user with given [google_id] has insufficient access.
+
+        Checks access on the parent simulation.
+
+        :param google_id: The Google ID of the user.
+        :param edit_access: True when edit access should be checked, otherwise view access.
+        """
+        user = User.from_google_id(google_id)
+        authorizations = list(
+            filter(lambda x: str(x['simulationId']) == str(self.obj['simulationId']), user.obj['authorizations']))
+        if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
+            raise ClientError(Response(403, "Forbidden from retrieving/editing experiment."))
diff --git a/web-server/opendc/models/model.py b/web-server/opendc/models/model.py
index b2fd1844..1935638f 100644
--- a/web-server/opendc/models/model.py
+++ b/web-server/opendc/models/model.py
@@ -4,31 +4,44 @@ from opendc.util.rest import Response
 
 
 class Model:
+    """Base class for all models."""
+
     collection_name = '<specified in subclasses>'
 
     @classmethod
     def from_id(cls, _id):
-        return cls(DB.fetch_one({'_id': _id}, Model.collection_name))
+        """Fetches the document with given ID from the collection."""
+        return cls(DB.fetch_one({'_id': _id}, cls.collection_name))
 
     @classmethod
     def get_all(cls):
-        return cls(DB.fetch_all({}, Model.collection_name))
+        """Fetches all documents from the collection."""
+        return cls(DB.fetch_all({}, cls.collection_name))
 
     def __init__(self, obj):
         self.obj = obj
 
+    def get_id(self):
+        """Returns the ID of the enclosed object."""
+        return self.obj['_id']
+
     def check_exists(self):
+        """Raises an error if the enclosed object does not exist."""
         if self.obj is None:
             raise ClientError(Response(404, 'Not found.'))
 
     def set_property(self, key, value):
+        """Sets the given property on the enclosed object."""
         self.obj[key] = value
 
     def insert(self):
+        """Inserts the enclosed object and updates the internal reference to the newly inserted object."""
         self.obj = DB.insert(self.obj, self.collection_name)
 
     def update(self):
-        self.obj = DB.update(self.obj['_id'], self.obj, self.collection_name)
+        """Updates the enclosed object and updates the internal reference to the newly inserted object."""
+        self.obj = DB.update(self.get_id(), self.obj, self.collection_name)
 
     def delete(self):
-        self.obj = DB.delete_one({'_id': self.obj['_id']}, self.collection_name)
+        """Deletes the enclosed object in the database."""
+        DB.delete_one({'_id': self.get_id()}, self.collection_name)
diff --git a/web-server/opendc/models/simulation.py b/web-server/opendc/models/simulation.py
index 5cd3d49e..dbe1e800 100644
--- a/web-server/opendc/models/simulation.py
+++ b/web-server/opendc/models/simulation.py
@@ -1,15 +1,31 @@
 from opendc.models.model import Model
 from opendc.models.user import User
+from opendc.util.database import DB
 from opendc.util.exceptions import ClientError
 from opendc.util.rest import Response
 
 
 class Simulation(Model):
+    """Model representing a Simulation."""
+
     collection_name = 'simulations'
 
     def check_user_access(self, google_id, edit_access):
+        """Raises an error if the user with given [google_id] has insufficient access.
+
+        :param google_id: The Google ID of the user.
+        :param edit_access: True when edit access should be checked, otherwise view access.
+        """
         user = User.from_google_id(google_id)
         authorizations = list(
-            filter(lambda x: str(x['simulationId']) == str(self.obj['_id']), user.obj['authorizations']))
+            filter(lambda x: str(x['simulationId']) == str(self.get_id()), user.obj['authorizations']))
         if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
             raise ClientError(Response(403, "Forbidden from retrieving simulation."))
+
+    def get_all_authorizations(self):
+        """Get all user IDs having access to this simulation."""
+        return [
+            user['_id'] for user in DB.fetch_all({'authorizations': {
+                'simulationId': self.get_id()
+            }}, User.collection_name)
+        ]
diff --git a/web-server/opendc/models/topology.py b/web-server/opendc/models/topology.py
index 37b4c5c8..1c717221 100644
--- a/web-server/opendc/models/topology.py
+++ b/web-server/opendc/models/topology.py
@@ -5,11 +5,20 @@ from opendc.util.rest import Response
 
 
 class Topology(Model):
+    """Model representing a Simulation."""
+
     collection_name = 'topologies'
 
     def check_user_access(self, google_id, edit_access):
+        """Raises an error if the user with given [google_id] has insufficient access.
+
+        Checks access on the parent simulation.
+
+        :param google_id: The Google ID of the user.
+        :param edit_access: True when edit access should be checked, otherwise view access.
+        """
         user = User.from_google_id(google_id)
-        authorizations = list(filter(lambda x: str(x['topologyId']) == str(self.obj['_id']),
-                                     user.obj['authorizations']))
+        authorizations = list(
+            filter(lambda x: str(x['simulationId']) == str(self.obj['simulationId']), user.obj['authorizations']))
         if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
             raise ClientError(Response(403, "Forbidden from retrieving topology."))
diff --git a/web-server/opendc/models/trace.py b/web-server/opendc/models/trace.py
index c18f8ea2..2f6e4926 100644
--- a/web-server/opendc/models/trace.py
+++ b/web-server/opendc/models/trace.py
@@ -2,4 +2,6 @@ from opendc.models.model import Model
 
 
 class Trace(Model):
+    """Model representing a Trace."""
+
     collection_name = 'traces'
diff --git a/web-server/opendc/models/user.py b/web-server/opendc/models/user.py
index cd314457..8e8ff945 100644
--- a/web-server/opendc/models/user.py
+++ b/web-server/opendc/models/user.py
@@ -5,21 +5,31 @@ from opendc.util.rest import Response
 
 
 class User(Model):
+    """Model representing a User."""
+
     collection_name = 'users'
 
     @classmethod
     def from_email(cls, email):
+        """Fetches the user with given email from the collection."""
         return User(DB.fetch_one({'email': email}, User.collection_name))
 
     @classmethod
     def from_google_id(cls, google_id):
+        """Fetches the user with given Google ID from the collection."""
         return User(DB.fetch_one({'googleId': google_id}, User.collection_name))
 
     def check_correct_user(self, request_google_id):
+        """Raises an error if a user tries to modify another user.
+
+        :param request_google_id:
+        """
         if request_google_id is not None and self.obj['googleId'] != request_google_id:
             raise ClientError(Response(403, f'Forbidden from editing user with ID {self.obj["_id"]}.'))
 
     def check_already_exists(self):
+        """Checks if the user already exists in the database."""
+
         existing_user = DB.fetch_one({'googleId': self.obj['googleId']}, self.collection_name)
 
         if existing_user is not None: