[Feature Branch] Analysis Discussion Section - Phase 1

backend/src/core/phenotips_importer.py

@@ -42,6 +42,8 @@ def import_phenotips_json(self, phenotips_json_data):
 
         analysis_data = self.import_analysis_data(phenotips_json_data, phenotips_variants, phenotips_json_data["genes"])
 
+        analysis_data['discussions'] = []
+        analysis_data['supporting_evidence_files'] = []
         analysis_data['timeline'] = []
         return analysis_data
 

backend/src/models/analysis.py

@@ -80,6 +80,7 @@ class Analysis(BaseAnalysis):
 
     genomic_units: List[GenomicUnit] = []
     sections: List[Section] = []
+    discussions: List = []
     supporting_evidence_files: List = []
 
     def units_to_annotate(self):
@@ -105,3 +106,29 @@ def units_to_annotate(self):
                     })
 
         return units
+
+    def find_discussion_post(self, discussion_post_id):
+        """
+        Finds a specific discussion post in an analysis by the discussion post id otherwise returns none
+        if no discussion with that post id in the analysis.
+        """
+        for discussion in self.discussions:
+            if discussion['post_id'] == discussion_post_id:
+                return discussion
+
+        return None
+
+    def find_authored_discussion_post(self, discussion_post_id, client_id):
+        """
+        Finds a discussion post from a user that authored the post in an analysis otherwise returns none if the post
+        was found, but the user did not author the post
+        """
+        discussion_post = self.find_discussion_post(discussion_post_id)
+
+        if discussion_post is None:
+            raise ValueError(f"Post '{discussion_post_id}' does not exist.")
+
+        if discussion_post['author_id'] == client_id:
+            return discussion_post
+
+        return None

backend/src/models/user.py

@@ -14,11 +14,11 @@ class User(BaseModel):
     full_name: Optional[str] = None
     disabled: Optional[bool] = None
     scope: Optional[str] = None
+    client_id: str
 
 
 class AccessUserAPI(User):
     """ This extends the user class to include the user's credentials for API access """
-    client_id: str
     client_secret: Optional[str] = None
 
 

backend/src/repository/analysis_collection.py

@@ -486,3 +486,39 @@ def remove_section_supporting_evidence(self, analysis_name: str, section_name: s
         return_field = {"header": section_name, "field": field_name}
 
         return return_field
+
+    def add_discussion_post(self, analysis_name: str, discussion_post: object):
+        """ Appends a new discussion post to an analysis """
+
+        updated_document = self.collection.find_one_and_update({"name": analysis_name},
+                                                               {"$push": {"discussions": discussion_post}},
+                                                               return_document=ReturnDocument.AFTER)
+
+        updated_document.pop("_id", None)
+
+        return updated_document['discussions']
+
+    def updated_discussion_post(self, discussion_post_id: str, discussion_content: str, analysis_name: str):
+        """ Edits a discussion post from an analysis to update the discussion post's content """
+
+        updated_document = self.collection.find_one_and_update({"name": analysis_name}, {
+            "$set": {"discussions.$[item].content": discussion_content}
+        },
+                                                               array_filters=[{"item.post_id": discussion_post_id}],
+                                                               return_document=ReturnDocument.AFTER)
+
+        updated_document.pop("_id", None)
+
+        return updated_document['discussions']
+
+    def delete_discussion_post(self, discussion_post_id: str, analysis_name: str):
+        """ Removes a discussion post from an analysis """
+
+        updated_document = self.collection.find_one_and_update({"name": analysis_name}, {
+            "$pull": {"discussions": {"post_id": discussion_post_id}}
+        },
+                                                               return_document=ReturnDocument.AFTER)
+
+        updated_document.pop("_id", None)
+
+        return updated_document['discussions']

backend/src/routers/analysis_discussion_router.py

@@ -0,0 +1,139 @@
+# pylint: disable=too-many-arguments
+# Due to adding scope checks, it's adding too many arguments (7/6) to functions, so diabling this for now.
+# Need to refactor later.
+""" Analysis endpoint routes that provide an interface to interact with an Analysis' discussions """
+from datetime import datetime, timezone
+import logging
+from uuid import uuid4
+
+from fastapi import (APIRouter, Depends, Form, Security, HTTPException, status)
+
+from ..dependencies import database
+from ..models.user import VerifyUser
+from ..models.analysis import Analysis
+from ..security.security import get_current_user
+
+logger = logging.getLogger(__name__)
+
+router = APIRouter(tags=["analysis"], dependencies=[Depends(database)])
+
+
+@router.get("/{analysis_name}/discussions")
+def get_analysis_discussions(analysis_name: str, repositories=Depends(database)):
+    """ Returns a list of discussion posts for a given analysis """
+    logger.info("Retrieving the analysis '%s' discussions ", analysis_name)
+
+    found_analysis = repositories['analysis'].find_by_name(analysis_name)
+
+    if not found_analysis:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail=f"Analysis '{analysis_name}' does not exist.'"
+        )
+
+    analysis = Analysis(**found_analysis)
+
+    return analysis.discussions
+
+
+@router.post("/{analysis_name}/discussions")
+def add_analysis_discussion(
+    analysis_name: str,
+    discussion_content: str = Form(...),
+    repositories=Depends(database),
+    client_id: VerifyUser = Security(get_current_user)
+):
+    """ Adds a new analysis topic """
+    logger.info("Adding the analysis '%s' from user '%s'", analysis_name, client_id)
+    logger.info("The message: %s", discussion_content)
+
+    found_analysis = repositories['analysis'].find_by_name(analysis_name)
+
+    if not found_analysis:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail=f"Analysis '{analysis_name}' does not exist.'"
+        )
+
+    analysis = Analysis(**found_analysis)
+    current_user = repositories["user"].find_by_client_id(client_id)
+
+    new_discussion_post = {
+        "post_id": str(uuid4()),
+        "author_id": client_id,
+        "author_fullname": current_user["full_name"],
+        "publish_timestamp": datetime.now(timezone.utc),
+        "content": discussion_content,
+        "attachments": [],
+        "thread": [],
+    }
+
+    return repositories['analysis'].add_discussion_post(analysis.name, new_discussion_post)
+
+
+@router.put("/{analysis_name}/discussions/{discussion_post_id}")
+def update_analysis_discussion_post(
+    analysis_name: str,
+    discussion_post_id: str,
+    discussion_content: str = Form(...),
+    repositories=Depends(database),
+    client_id: VerifyUser = Security(get_current_user)
+):
+    """ Updates a discussion post's content in an analysis by the discussion post id """
+    logger.info(
+        "Editing post '%s' by user '%s' from the analysis '%s' with new content: '%s'", discussion_post_id, client_id,
+        analysis_name, discussion_content
+    )
+
+    found_analysis = repositories['analysis'].find_by_name(analysis_name)
+
+    if not found_analysis:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Analysis '{analysis_name}' does not exist. Unable to update discussion post.'"
+        )
+
+    analysis = Analysis(**found_analysis)
+
+    try:
+        valid_post = analysis.find_authored_discussion_post(discussion_post_id, client_id)
+    except ValueError as e:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=str(e)) from e
+
+    if not valid_post:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="User cannot update post they did not author."
+        )
+
+    return repositories['analysis'].updated_discussion_post(valid_post['post_id'], discussion_content, analysis.name)
+
+
+@router.delete("/{analysis_name}/discussions/{discussion_post_id}")
+def delete_analysis_discussion(
+    analysis_name: str,
+    discussion_post_id: str,
+    repositories=Depends(database),
+    client_id: VerifyUser = Security(get_current_user)
+):
+    """ Deletes a discussion post in an analysis by the discussion post id """
+    logger.info("Deleting post %s by user '%s' from the analysis '%s'", discussion_post_id, client_id, analysis_name)
+
+    found_analysis = repositories['analysis'].find_by_name(analysis_name)
+
+    if not found_analysis:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Analysis '{analysis_name}' does not exist. Unable to delete discussion post.'"
+        )
+
+    analysis = Analysis(**found_analysis)
+
+    try:
+        valid_post = analysis.find_authored_discussion_post(discussion_post_id, client_id)
+    except ValueError as e:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=str(e)) from e
+
+    if not valid_post:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="User cannot delete post they did not author."
+        )
+
+    return repositories['analysis'].delete_discussion_post(valid_post['post_id'], analysis.name)

backend/src/routers/analysis_router.py

@@ -21,10 +21,12 @@
 from ..models.phenotips_json import BasePhenotips
 from ..models.user import VerifyUser
 from ..security.security import get_authorization, get_current_user
+from . import analysis_discussion_router
 
 logger = logging.getLogger(__name__)
 
 router = APIRouter(prefix="/analysis", tags=["analysis"], dependencies=[Depends(database)])
+router.include_router(analysis_discussion_router.router)
 
 
 @router.get("/", response_model=List[Analysis])

backend/tests/fixtures/analysis-CPAM0002.json

@@ -222,6 +222,7 @@
       ]
     }
   ],
+  "discussions":[],
   "supporting_evidence_files": [
     {
       "name": "test.txt", 

backend/tests/fixtures/empty-pedigree.json

@@ -216,6 +216,7 @@
             ]
         }
     ],
+    "discussions":[],
     "supporting_evidence_files": [
         {
             "name": "test.txt",

backend/tests/integration/conftest.py

@@ -74,7 +74,7 @@ def mock_current_user():
 @pytest.fixture(name="mock_user")
 def test_auth_user():
     """A mocked user that can be used to generate an OAuth2 access token"""
-    return {"sub": "johndoe", "scopes": ["read", "write"]}
+    return {"sub": "johndoe-client-id", "scopes": ["read", "write"]}
 
 
 @pytest.fixture(name="mock_access_token")