foca issues

Implement client for default permission endpoints

2

Currently, we have kept the default permission endpoints as fixed paths. Instead, we should probably focus on adding a client for the default API, and for that, we know the...

kushagra189

priority: medium

type: feature

type: maintenance

workload: days

Self assigning owner permissions for a given resource

1

Currently, we need to manually set permissions for a given resource. However, if the user has himself created a resource, he should have access to permission management for that given...

kushagra189

priority: medium

status flag: discuss

type flag: required by specs

type: feature

type: maintenance

workload: days

Feature enhancement ft. access control

1

This issue is being created to cumulate all the subsequent pending issues with access control feature enhancement with the intent to track them all together. New issues, if required must...

kushagra189

priority: high

status: in progress

type flag: meta

type: maintenance

workload: days

Test FOCA in apps that don't yet rely on them

Replace boilerplate code with FOCA and test functionality in the following apps: - [ ] [**cwl-WES**](https://github.com/elixir-cloud-aai/cwl-WES) (elixir-cloud-aai/cwl-WES#153) - [x] [**proWES**](https://github.com/elixir-cloud-aai/proWES) (elixir-cloud-aai/proWES#10) - [x] [**proTES**](https://github.com/elixir-cloud-aai/proTES) (elixir-cloud-aai/proTES#55) Note that this is a...

uniqueg

priority: medium

type flag: meta

type: testing

workload: weeks

feat(utils): secure "generate_id" function

Guard function against code injection, see https://github.com/elixir-cloud-aai/drs-filer/issues/54 Remove `eval` and instead require callers to provide a literal string of allowed chars to `charset`, e.g., `0123456789ABCDEF`.

uniqueg

priority: medium

type: security

workload: minutes

feat: simplify exceptions handling API

2

The [`ExceptionConfig()` model/API](https://github.com/elixir-cloud-aai/foca/blob/f8699377c862d3d5479652207ec5f0419bf987a6/foca/models/config.py#L192-L440) is unnecessarily complicated. Simplify with a focus on usability.

uniqueg

priority: low

type flag: spec change

workload: hours

build: upgrade Werkzeug & Flask

See security vulnerability for `Werkzeug` here: https://github.com/advisories/GHSA-2g68-c3qc-8985 Upgrade `Werkzeug` and, while we are at it, also upgrade Flask, each to the latest version.

uniqueg

priority: high

type: maintenance

workload: hours

ci: enforce code style with Black

2

Use [Black](https://black.readthedocs.io/en/stable/) to auto-format code and include check in CI workflow.

uniqueg

priority: low

type: ci / cd

workload: minutes

ci: check code style with Pylint

Use [Pylint](https://pylint.org//) to refactor code and include check in CI workflow.

uniqueg

priority: low

type: ci / cd

workload: hours

ci: check docstrings style with flake8-docstrings

Use [`flake8-docstrings`](https://black.readthedocs.io/en/stable/) (and potentially [`flake8-docstrings-complete`](https://pypi.org/project/flake8-docstrings-complete/)) for implementing best docstring practices and include check in CI workflow.

uniqueg

priority: low

type: ci / cd

workload: hours

foca
foca copied to clipboard

Metadata

Implement client for default permission endpoints

Self assigning owner permissions for a given resource

Feature enhancement ft. access control

Test FOCA in apps that don't yet rely on them

feat(utils): secure "generate_id" function

feat: simplify exceptions handling API

build: upgrade Werkzeug & Flask

ci: enforce code style with Black

ci: check code style with Pylint

ci: check docstrings style with flake8-docstrings

← Metadata

Owner

Metadata

foca foca copied to clipboard

Metadata

← Metadata

Owner

Metadata

foca
foca copied to clipboard