genetic_forensic_portal.app.client package

This package contains clients that retrieve data and authentication/authorization information for the genetic forensic portal.

Right now, of course, these clients are largely simulating these interactions, but the idea is that they would be able to interact with the actual services once they exist.

If the portal needs to call other services in the future, they would be added here.

Current clients: - gf_api_client: A client that interacts with the genetic forensic API (but since one does not currently exist, it simulates these interactions but provides canned data). - keycloak_client: A client that interacts with a local Keycloak instance to make auth decisions.

Subpackages

Submodules

genetic_forensic_portal.app.client.gf_api_client module

This module contains the client-side logic for interfacing with a (currently non-existent) Genetic Forensic API.

The functions in this module are placeholders for the real API calls that will be made in the future. They are designed to mimic the behavior of the real API calls, but with hard-coded responses. These modules have been designed in such a way that the real API calls can be easily swapped in when they are available. These functions also hook into a local client to check for user permissions before “calling” the API.

genetic_forensic_portal.app.client.gf_api_client.get_all_analyses(sample_id)

Fetches all types of analyses for a given sample ID.

Parameters:

sample_id (str) – The UUID of the sample.

Returns:

An object containing results from all analysis types.

Return type:

GetAnalysesResponse

genetic_forensic_portal.app.client.gf_api_client.get_analysis_status(sample_id)

Retrieves the status of the analysis based on the given UUID.

Parameters:

sample_id (str) – The UUID of the analysis to retrieve the status for.

Returns:

The human-readable status of the analysis.

Return type:

str

genetic_forensic_portal.app.client.gf_api_client.get_familial_analysis(sample_id)

Retrieves the familial analysis for a sample

Parameters:

sample_id (str) – The sample ID to get the familial analysis for

Return type:

DataFrame

genetic_forensic_portal.app.client.gf_api_client.get_scat_analysis(sample_id)

Gets the SCAT analysis for a sample

Parameters:

sample_id (str) – The sample ID to get the SCAT analysis for

Return type:

str

genetic_forensic_portal.app.client.gf_api_client.get_scat_analysis_data(sample_id)

Gets the SCAT analysis data for a sample

Parameters:

sample_id (str) – The sample ID to get the SCAT analysis data for

Return type:

str

genetic_forensic_portal.app.client.gf_api_client.get_voronoi_analysis(sample_id)

Gets the Voronoi analysis for a sample

Parameters:

sample_id (str) – The sample ID to get the Voronoi analysis for

Return type:

str

genetic_forensic_portal.app.client.gf_api_client.get_voronoi_analysis_data(sample_id)

Gets the Voronoi analysis data for a sample

Parameters:

sample_id (str) – The sample ID to get the Voronoi analysis for

Return type:

str

genetic_forensic_portal.app.client.gf_api_client.list_all_analyses()

Lists UUIDs for all analyses

Returns:

A list of all analyses

Return type:

list[str]

genetic_forensic_portal.app.client.gf_api_client.list_analyses(next_token=0)

Lists UUIDs for all SCAT analyses

Returns:

A list of all SCAT analyses with indications of pagination

Return type:

ListAnalysesResponse

Parameters:

next_token (int)

genetic_forensic_portal.app.client.gf_api_client.upload_sample_analysis(data, metadata=None)

Uploads a sample analysis from the web portal to the API

Parameters:

  • data (bytes) – The data to upload

  • metadata (str | None) – The metadata to upload

Return type:

str

genetic_forensic_portal.app.client.keycloak_client module

This module contains real methods to log into a locally running Keycloak server and, using the returned token, get the roles of a user.

It also contains mock methods to simulate authorization decisions based on the roles of a user and the permissions of a resource. A chart of the permissions simulated herein can be found in the <project root>/docs/test-users.md file.

Basically, authentication (authN) is real, authorization (authZ) is mocked.

Before going to production, this module should be replaced with a real and robust authN/authZ system.

genetic_forensic_portal.app.client.keycloak_client.check_create_access(user, roles)

Check if a user has access to create a resource.

Parameters:

  • user (str) – the user requesting access

  • roles (list[str]) – the roles of the user

Return type:

bool

genetic_forensic_portal.app.client.keycloak_client.check_download_access(user, roles, analysis_id)

Check if a user has access to download a specific resource.

Parameters:

  • user (str) – the user requesting access

  • roles (list[str]) – the roles of the user

  • analysis_id (str) – the analysis_id of the resource

Return type:

bool

genetic_forensic_portal.app.client.keycloak_client.check_list_all_access(user, roles)

Check if a user has access to list all resources.

Parameters:

  • user (str) – the user requesting access

  • roles (list[str]) – the roles of the user

Return type:

bool

genetic_forensic_portal.app.client.keycloak_client.check_resource_access(user, roles, action, analysis_id)

Check if a user has access to a specific action on a specific resource.

Returns False if no permissions have been specified for the user, action, and resource.

Parameters:

  • user (str) – the user requesting access

  • roles (list[str]) – the roles of the user

  • action (Action) – the action the user is trying to perform

  • analysis_id (str) – the analysis_id of the resource

Returns:

the computed auth decision for this user, action, and analysis_id

Return type:

bool

genetic_forensic_portal.app.client.keycloak_client.check_user_access(user, roles, action)

Check if a user has access to a specific action.

Returns None if the user has not been explicitly allowed or denied the action. Ultimate auth decisions can change based on the absence of those explicit allows/denies, which is why it’s a type we can return.

Parameters:

  • user (str) – the user requesting access

  • roles (list[str]) – the roles of the user

  • action (Action) – the action the user is trying to perform

Returns:

the computed auth decision for this user and action

Return type:

bool | None

genetic_forensic_portal.app.client.keycloak_client.check_view_access(user, roles, analysis_id)

Check if a user has access to view a specific resource.

Parameters:

  • user (str) – the user requesting access

  • roles (list[str]) – the roles of the user

  • analysis_id (str) – the analysis_id of the resource

Return type:

bool

genetic_forensic_portal.app.client.keycloak_client.get_user_roles(token)

Get the roles of a user

Parameters:

token (dict) – user’s token previously obtained by calling login_user

Return type:

Any

genetic_forensic_portal.app.client.keycloak_client.login_user(username, password)

Log in a user and return the token

Parameters:

  • username (str) – username of the user

  • password (str) – password of the user

Return type:

Any

genetic_forensic_portal.app.client.keycloak_client.logout_user(token)

Logs out a user

Parameters:

token (dict) – user’s token previously obtained by calling login_user

Return type:

None

genetic_forensic_portal.app.client.keycloak_client.update_auth_cache(analysis_id, user, action, decision)

Updates a (simulated) local cache that maps user, action, and analysis_id to a boolean access decision.

This allows us to avoid calling the “auth server” multiple times for the same user, action, and analysis_id.

Parameters:

  • analysis_id (str) – the analysis_id of the resource

  • user (str) – the user requesting access

  • action (Action) – the action the user is trying to perform

  • decision (bool) – the computed auth decision for this analysis_id, user, and action

Return type:

None