anvil_consortium_manager.anvil_audit module

Classes handling auditing of information in the Django database against AnVIL.

class anvil_consortium_manager.anvil_audit.AccountAuditResults

Bases: anvil_consortium_manager.anvil_audit.AnVILAuditResults

Class to hold audit results for Account.

The elements of the set returned by get_verified() and the keys of the dictionary returned by get_errors() should all be Account model instances.

ERROR_NOT_IN_ANVIL = 'Not in AnVIL': Error when the Account does not exist in AnVIL.

allowed_errors = 'Not in AnVIL'

class anvil_consortium_manager.anvil_audit.AnVILAuditResults

Bases: abc.ABC

Abstract base class to store audit results from AnVIL.

add_error(model_instance, error)

Add an error for a Django model instance.

Parameters

model_instance (obj) – The Django model instance that had a detected error.
error (str) – The error that was detected.

Raises

ValueError – If the error is not in the allowed_errors attribute of the class.

add_not_in_app(record)

Add a record that is on ANVIL but is not in the app.

Parameters: record (str) – An identifier for the record that is not in the app. For example, for ManagedGroups, this will be the name of the group on AnVIL.

add_verified(model_instance)

Add a Django model instance that has been verified against AnVIL.

Parameters: model_instance (obj) – The Django model instance that was verified.
Raises: ValueError – If the Django model instance being added has an error recorded in the errors attribute.

abstract property allowed_errors: List specifying the list of allowed errors for this audit result class.

get_errors()

Return the errors that were recorded in the audit.

Returns

A dictionary of errors.

The keys of the dictionary are the Django model instances that had errors. The value for a given element is a list of the errors that were detected for that instance.

Return type

dict

get_not_in_app()

Return records that are on AnVIL but not in the app.

Returns: The records that exist on AnVIL but not in the app.
Return type: set

get_verified()

Return a set of the verified records.

Returns: The set of Django model instances that were verified against AnVIL.
Return type: set

ok()

Check if the audit results are ok.

Returns: An indicator of whether all audited records were successfully verified.
Return type: bool

to_json(include_verified=True, include_errors=True, include_not_in_app=True): Return a dictionary representation of the audit results.

class anvil_consortium_manager.anvil_audit.BillingProjectAuditResults

Bases: anvil_consortium_manager.anvil_audit.AnVILAuditResults

Class to hold audit results for BillingProject.

The elements of the set returned by get_verified() and the keys of the dictionary returned by get_errors() should all be BillingProject model instances.

ERROR_NOT_IN_ANVIL = 'Not in AnVIL': Error when a BillingProject in the app does not exist in AnVIL.

allowed_errors = 'Not in AnVIL'

class anvil_consortium_manager.anvil_audit.ManagedGroupAuditResults

Bases: anvil_consortium_manager.anvil_audit.AnVILAuditResults

Class to hold audit results for :class:`~anviL_consortium_manager.models.ManagedGroup`s.

The elements of the set returned by get_verified() and the keys of the dictionary returned by get_errors() should are be ManagedGroup model instances.

ERROR_DIFFERENT_ROLE = 'App has a different role in this group': Error when the service account running the app has a different role on AnVIL.

ERROR_GROUP_MEMBERSHIP = 'Group membership does not match in AnVIL': Error when a ManagedGroup has a different record of membership in the app compared to on AnVIL.

ERROR_NOT_IN_ANVIL = 'Not in AnVIL': Error when a ManagedGroup in the app does not exist in AnVIL.

allowed_errors = ('Not in AnVIL', 'App has a different role in this group', 'Group membership does not match in AnVIL')

class anvil_consortium_manager.anvil_audit.ManagedGroupMembershipAuditResults

Bases: anvil_consortium_manager.anvil_audit.AnVILAuditResults

Class to hold audit results for the membership of a model instance of ManagedGroup.

The elements of the set returned by get_verified() and the keys of the dictionary returned by get_errors() should all be ManagedGroupMembership model instances.

ERROR_ACCOUNT_ADMIN_NOT_IN_ANVIL = 'Account not an admin in AnVIL': Error when an Account is an admin of a ManagedGroup on the app, but not in AnVIL.

ERROR_ACCOUNT_MEMBER_NOT_IN_ANVIL = 'Account not a member in AnVIL': Error when an Account is a member of a ManagedGroup on the app, but not in AnVIL.

ERROR_GROUP_ADMIN_NOT_IN_ANVIL = 'Group not an admin in AnVIL': Error when a ManagedGroup is an admin of another ManagedGroup on the app, but not in AnVIL.

ERROR_GROUP_MEMBER_NOT_IN_ANVIL = 'Group not a member in AnVIL': Error when an ManagedGroup is a member of another ManagedGroup on the app, but not in AnVIL.

allowed_errors = ('Account not an admin in AnVIL', 'Account not a member in AnVIL', 'Group not an admin in AnVIL', 'Group not a member in AnVIL')

class anvil_consortium_manager.anvil_audit.WorkspaceAuditResults

Bases: anvil_consortium_manager.anvil_audit.AnVILAuditResults

Class to hold audit results for Workspace.

The elements of the set returned by get_verified() and the keys of the dictionary returned by get_errors() should all be Workspace model instances.

ERROR_DIFFERENT_AUTH_DOMAINS = 'Has different auth domains on AnVIL': Error when the Workspace has different auth domains in the app and on AnVIL.

ERROR_DIFFERENT_LOCK = 'Workspace lock status does not match on AnVIL': Error when the workspace.is_locked status does not match the lock status on AnVIL.

ERROR_NOT_IN_ANVIL = 'Not in AnVIL': Error when a Workspace in the app does not exist on AnVIL.

ERROR_NOT_OWNER_ON_ANVIL = 'Not an owner on AnVIL': Error when the service account running the app is not an owner of the Workspace on AnVIL.

ERROR_WORKSPACE_SHARING = 'Workspace sharing does not match on AnVIL': Error when a Workspace is shared with different ManagedGroups in the app and on AnVIL.

allowed_errors = ('Not in AnVIL', 'Not an owner on AnVIL', 'Has different auth domains on AnVIL', 'Workspace sharing does not match on AnVIL', 'Workspace lock status does not match on AnVIL')

class anvil_consortium_manager.anvil_audit.WorkspaceGroupSharingAuditResults

Bases: anvil_consortium_manager.anvil_audit.AnVILAuditResults

Class to hold audit results for group sharing to :class:`~anviL_consortium_manager.models.Workspace`s.

The elements of the set returned by get_verified() and the keys of the dictionary returned by get_errors() should all be WorkspaceGroupSharing model instances.

ERROR_DIFFERENT_ACCESS = 'Different access level in AnVIL': Error when a ManagedGroup has a different access level for workspace in the app and on AnVIL.

ERROR_DIFFERENT_CAN_COMPUTE = 'can_compute value does not match in AnVIL': Error when the can_compute value for a ManagedGroup does not match what’s on AnVIL.

ERROR_DIFFERENT_CAN_SHARE = 'can_share value does not match in AnVIL': Error when the can_share value for a ManagedGroup does not match what’s on AnVIL.

ERROR_NOT_SHARED_IN_ANVIL = 'Not shared in AnVIL': Error when a ManagedGroup has access to a workspace in the app but not on AnVIL.

allowed_errors = ('Not shared in AnVIL', 'Different access level in AnVIL', 'can_share value does not match in AnVIL', 'can_compute value does not match in AnVIL')