Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit c4a0e6d

Browse filesBrowse files
engelkeengelke
authored
New healthcare (GoogleCloudPlatform#2089)
* dicom_stores tests pass (when discovery_url is active) * Get/Set IAM policies for fhir_stores * Updated test * IAM operations on fhir_stores complete * IAM policy get/set for hl7v2 stores * IAM get/set for dicom stores * IAM get/set policy for datasets * Added list_resource_history * Added get_resource_history * Added delete_resource_purge * Added conditional_update_resource * Added conditional_delete_resource * Added conditional_patch_resource * Added fhir resource import and export * Added execute_bundle * Dicomweb search instances * Cleaning up FHIR resources * All dicom tests running and passing * No longer skipping datasets tests * All fhir tests running and passing * All hl7v2 tests running and passing * Fix lint issues * More lint issues * Removed trailing whitespace. * Fixing lint errors * Fixed API version * A new lint error appears * Lint * Fixed API version
1 parent eb8bb45 commit c4a0e6d
Copy full SHA for c4a0e6d
Expand file treeCollapse file tree

18 files changed

+1290
-108
lines changed

‎healthcare/api-client/datasets/datasets.py

Copy file name to clipboardExpand all lines: healthcare/api-client/datasets/datasets.py
+106-2Lines changed: 106 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,15 +25,15 @@ def get_client(service_account_json, api_key):
2525
"""Returns an authorized API client by discovering the Healthcare API and
2626
creating a service object using the service account credentials JSON."""
2727
api_scopes = ['https://www.googleapis.com/auth/cloud-platform']
28-
api_version = 'v1alpha2'
28+
api_version = 'v1beta1'
2929
discovery_api = 'https://healthcare.googleapis.com/$discovery/rest'
3030
service_name = 'healthcare'
3131

3232
credentials = service_account.Credentials.from_service_account_file(
3333
service_account_json)
3434
scoped_credentials = credentials.with_scopes(api_scopes)
3535

36-
discovery_url = '{}?labels=CHC_ALPHA&version={}&key={}'.format(
36+
discovery_url = '{}?labels=CHC_BETA&version={}&key={}'.format(
3737
discovery_api, api_version, api_key)
3838

3939
return discovery.build(
@@ -237,6 +237,80 @@ def deidentify_dataset(
237237
# [END healthcare_deidentify_dataset]
238238

239239

240+
# [START healthcare_dataset_get_iam_policy]
241+
def get_dataset_iam_policy(
242+
service_account_json,
243+
api_key,
244+
project_id,
245+
cloud_region,
246+
dataset_id):
247+
"""Gets the IAM policy for the specified dataset."""
248+
client = get_client(service_account_json, api_key)
249+
dataset_name = 'projects/{}/locations/{}/datasets/{}'.format(
250+
project_id, cloud_region, dataset_id)
251+
252+
request = client.projects().locations().datasets().getIamPolicy(
253+
resource=dataset_name)
254+
response = request.execute()
255+
256+
print('etag: {}'.format(response.get('name')))
257+
return response
258+
# [END healthcare_dataset_get_iam_policy]
259+
260+
261+
# [START healthcare_dataset_set_iam_policy]
262+
def set_dataset_iam_policy(
263+
service_account_json,
264+
api_key,
265+
project_id,
266+
cloud_region,
267+
dataset_id,
268+
member,
269+
role,
270+
etag=None):
271+
"""Sets the IAM policy for the specified dataset.
272+
273+
A single member will be assigned a single role. A member can be any of:
274+
275+
- allUsers, that is, anyone
276+
- allAuthenticatedUsers, anyone authenticated with a Google account
277+
- user:email, as in 'user:somebody@example.com'
278+
- group:email, as in 'group:admins@example.com'
279+
- domain:domainname, as in 'domain:example.com'
280+
- serviceAccount:email,
281+
as in 'serviceAccount:my-other-app@appspot.gserviceaccount.com'
282+
283+
A role can be any IAM role, such as 'roles/viewer', 'roles/owner',
284+
or 'roles/editor'
285+
"""
286+
client = get_client(service_account_json, api_key)
287+
dataset_name = 'projects/{}/locations/{}/datasets/{}'.format(
288+
project_id, cloud_region, dataset_id)
289+
290+
policy = {
291+
"bindings": [
292+
{
293+
"role": role,
294+
"members": [
295+
member
296+
]
297+
}
298+
]
299+
}
300+
301+
if etag is not None:
302+
policy['etag'] = etag
303+
304+
request = client.projects().locations().datasets().setIamPolicy(
305+
resource=dataset_name, body={'policy': policy})
306+
response = request.execute()
307+
308+
print('etag: {}'.format(response.get('name')))
309+
print('bindings: {}'.format(response.get('bindings')))
310+
return response
311+
# [END healthcare_dataset_set_iam_policy]
312+
313+
240314
def parse_command_line_args():
241315
"""Parses command line arguments."""
242316

@@ -286,13 +360,25 @@ def parse_command_line_args():
286360
help='The data to keeplist, for example "PatientID" '
287361
'or "StudyInstanceUID"')
288362

363+
parser.add_argument(
364+
'--member',
365+
default=None,
366+
help='Member to add to IAM policy (e.g. "domain:example.com")')
367+
368+
parser.add_argument(
369+
'--role',
370+
default=None,
371+
help='IAM Role to give to member (e.g. "roles/viewer")')
372+
289373
command = parser.add_subparsers(dest='command')
290374

291375
command.add_parser('create-dataset', help=create_dataset.__doc__)
292376
command.add_parser('delete-dataset', help=delete_dataset.__doc__)
293377
command.add_parser('get-dataset', help=get_dataset.__doc__)
294378
command.add_parser('list-datasets', help=list_datasets.__doc__)
295379
command.add_parser('patch-dataset', help=patch_dataset.__doc__)
380+
command.add_parser('get_iam_policy', help=get_dataset_iam_policy.__doc__)
381+
command.add_parser('set_iam_policy', help=set_dataset_iam_policy.__doc__)
296382

297383
command.add_parser('deidentify-dataset', help=deidentify_dataset.__doc__)
298384

@@ -356,6 +442,24 @@ def run_command(args):
356442
args.destination_dataset_id,
357443
args.keeplist_tags)
358444

445+
elif args.command == 'get_iam_policy':
446+
get_dataset_iam_policy(
447+
args.service_account_json,
448+
args.api_key,
449+
args.project_id,
450+
args.cloud_region,
451+
args.dataset_id)
452+
453+
elif args.command == 'set_iam_policy':
454+
set_dataset_iam_policy(
455+
args.service_account_json,
456+
args.api_key,
457+
args.project_id,
458+
args.cloud_region,
459+
args.dataset_id,
460+
args.member,
461+
args.role)
462+
359463

360464
def main():
361465
args = parse_command_line_args()

‎healthcare/api-client/datasets/datasets_test.py

Copy file name to clipboardExpand all lines: healthcare/api-client/datasets/datasets_test.py
+41-4Lines changed: 41 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,6 @@
1313
# limitations under the License.
1414

1515
import os
16-
import pytest
1716
import time
1817

1918
import datasets
@@ -29,7 +28,6 @@
2928
time_zone = 'UTC'
3029

3130

32-
@pytest.mark.skip(reason='disable until API whitelisted / enabled')
3331
def test_CRUD_dataset(capsys):
3432
datasets.create_dataset(
3533
service_account_json,
@@ -57,7 +55,6 @@ def test_CRUD_dataset(capsys):
5755
assert 'Deleted dataset' in out
5856

5957

60-
@pytest.mark.skip(reason='disable until API whitelisted / enabled')
6158
def test_patch_dataset(capsys):
6259
datasets.create_dataset(
6360
service_account_json,
@@ -84,7 +81,6 @@ def test_patch_dataset(capsys):
8481
assert 'UTC' in out
8582

8683

87-
@pytest.mark.skip(reason='disable until API whitelisted / enabled')
8884
def test_deidentify_dataset(capsys):
8985
datasets.create_dataset(
9086
service_account_json,
@@ -116,3 +112,44 @@ def test_deidentify_dataset(capsys):
116112

117113
# Check that de-identify worked
118114
assert 'De-identified data written to' in out
115+
116+
117+
def test_get_set_dataset_iam_policy(capsys):
118+
datasets.create_dataset(
119+
service_account_json,
120+
api_key,
121+
project_id,
122+
cloud_region,
123+
dataset_id)
124+
125+
get_response = datasets.get_dataset_iam_policy(
126+
service_account_json,
127+
api_key,
128+
project_id,
129+
cloud_region,
130+
dataset_id)
131+
132+
set_response = datasets.set_dataset_iam_policy(
133+
service_account_json,
134+
api_key,
135+
project_id,
136+
cloud_region,
137+
dataset_id,
138+
'serviceAccount:python-docs-samples-tests@appspot.gserviceaccount.com',
139+
'roles/viewer')
140+
141+
# Clean up
142+
datasets.delete_dataset(
143+
service_account_json,
144+
api_key,
145+
project_id,
146+
cloud_region,
147+
dataset_id)
148+
149+
out, _ = capsys.readouterr()
150+
151+
assert 'etag' in get_response
152+
assert 'bindings' in set_response
153+
assert len(set_response['bindings']) == 1
154+
assert 'python-docs-samples-tests' in str(set_response['bindings'])
155+
assert 'roles/viewer' in str(set_response['bindings'])

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.