refactor(restapi): add EntityType enum to encapsulate entity constants

This commit introduces an EntityType enum that encapsulates constants associated with Dioptra
Entities. Entities are top level Dioptra concepts such as Resources and ResourceSnapshots (as well
as specific Resource types such as Queue), and Users, Groups, and Tags. The EntityType enum replaces
the scattered throughout the controller and service layers.

As part of this refactor new errors are introduced, as existing errors such as
EntityDoesNotExistError were being over used for objects that are not Entities.

A new helper function, get_resource_type, is added to the repository utilities to assist with
retrieving the EntityType from a db_table_name string.

Normalize raw and mixed resource lookup failures to use resource and add a draft-specific base
resource not found error.

Add a dedicated mlflow run not found handler and cover the artifact registration regression with a
focused test.

Co-authored-by: Keith Manville <kmanville@mitre.org>
Co-authored-by: James K. Glasbrenner <jglasbrenner@mitre.org>

Author: 3 people

src/dioptra/restapi/db/repository/drafts.py

@@ -51,16 +51,19 @@
     get_resource_snapshot_id,
     get_user_id,
 )
+from dioptra.restapi.db.repository.utils.common import get_resource_type
 from dioptra.restapi.errors import (
     DraftAlreadyExistsError,
     DraftBaseInvalidError,
+    DraftBaseResourceDoesNotExistError,
     DraftDoesNotExistError,
     DraftModificationRequiredError,
     DraftSnapshotIdInvalidError,
     DraftTargetOwnerMismatch,
     EntityDeletedError,
     EntityDoesNotExistError,
 )
+from dioptra.restapi.v1.entity_types import EntityType
 
 
 class DraftType(enum.Enum):
@@ -86,13 +89,14 @@ def create_draft_resource(
         Raises:
             DraftAlreadyExistsError: if the draft already exists
             EntityDoesNotExistError: if the draft creator or target owner does
-                not exist, or if the payload's base_resource_id refers to a
-                resource which does not exist
+                not exist
             EntityDeletedError: if the draft creator or target owner is deleted,
                 or if the payload's base_resource_id refers to a deleted
                 resource
             UserNotInGroupError: if the draft creator user is not a member of
                 the draft target owner group
+            DraftBaseResourceDoesNotExistError: if the payload's
+                base_resource_id refers to a resource which does not exist
             DraftBaseInvalidError: if the payload's base_resource_id refers
                 to a resource of a type which is not legal to be a parent
                 of the draft's resource type
@@ -134,20 +138,21 @@ def create_draft_resource(
 
             if result:
                 is_deleted, parent_resource_type, child_resource_type = result
+                parent_entity_type = EntityType.get_from_db_table_name(
+                    parent_resource_type
+                )
+
                 if is_deleted:
-                    raise EntityDeletedError(parent_resource_type, base_resource_id)
+                    raise EntityDeletedError(parent_entity_type, base_resource_id)
 
                 if not child_resource_type:
                     raise DraftBaseInvalidError(
                         base_resource_id,
-                        parent_resource_type,
-                        draft.resource_type,
+                        parent_entity_type,
+                        get_resource_type(draft),
                     )
             else:
-                raise EntityDoesNotExistError(
-                    None,
-                    resource_id=base_resource_id,
-                )
+                raise DraftBaseResourceDoesNotExistError(base_resource_id)
 
         # TODO: verify that the draft payload is for a draft resource, not a
         # draft modification?  Any other sanity checks necessary?
@@ -197,9 +202,11 @@ def create_draft_modification(
 
         resource_obj = self.get_resource(resource_id, DeletionPolicy.ANY)
         if not resource_obj:
-            raise EntityDoesNotExistError(None, resource_id=resource_id)
+            raise EntityDoesNotExistError(EntityType.RESOURCE, resource_id=resource_id)
         elif resource_obj.is_deleted:
-            raise EntityDeletedError(None, resource_id, resource_id=resource_id)
+            raise EntityDeletedError(
+                EntityType.RESOURCE, resource_id, resource_id=resource_id
+            )
 
         assert_snapshot_exists(self._session, resource_snapshot_id)
 

src/dioptra/restapi/db/repository/groups.py

@@ -50,6 +50,7 @@
     UserIsManagerError,
     UserNeedsAGroupError,
 )
+from dioptra.restapi.v1.entity_types import EntityType
 
 GROUP_CREATOR_MANAGER_PERMISSIONS: Final[dict[str, bool]] = {
     "owner": True,
@@ -105,7 +106,9 @@ def create(self, group) -> None:
         if group.name is not None and dupe_group:
             # Assume this name uniqueness constraint applies with respect to
             # all groups, not just non-deleted groups.
-            raise EntityExistsError("group", dupe_group.group_id, name=group.name)
+            raise EntityExistsError(
+                EntityType.GROUP, dupe_group.group_id, name=group.name
+            )
 
         # Because we may be creating a new user, we need to check things
         # similarly to UserRepository.create().  We can't just invoke that
@@ -118,7 +121,7 @@ def create(self, group) -> None:
         elif user_exists_result is ExistenceResult.DELETED:
             # Should probably enforce this until instructed otherwise
             raise EntityDeletedError(
-                "user",
+                EntityType.USER,
                 group.creator.user_id,
                 user_id=group.creator.user_id,
             )
@@ -150,7 +153,7 @@ def delete(self, group: Group) -> None:
 
         exists_result = group_exists(self.session, group)
         if exists_result is ExistenceResult.DOES_NOT_EXIST:
-            raise EntityDoesNotExistError("group", group_id=group.group_id)
+            raise EntityDoesNotExistError(EntityType.GROUP, group_id=group.group_id)
 
         if exists_result is ExistenceResult.EXISTS:
             lock = GroupLock(GroupLockTypes.DELETE, group)
@@ -214,7 +217,7 @@ def get_one(
         else:
             existence_result = ExistenceResult.EXISTS
 
-        assert_exists(deletion_policy, existence_result, "group", group_id)
+        assert_exists(deletion_policy, existence_result, EntityType.GROUP, group_id)
 
         # The above assert_exists() function would have raised an exception,
         # so group can't be none here.
@@ -601,3 +604,5 @@ def _apply_deletion_policy(
         stmt = stmt.where(Group.is_deleted == True)  # noqa: E712
 
     return stmt
+
+    return stmt

src/dioptra/restapi/db/repository/users.py

@@ -42,6 +42,7 @@
     user_exists,
 )
 from dioptra.restapi.errors import EntityDoesNotExistError
+from dioptra.restapi.v1.entity_types import EntityType
 
 
 class UserRepository:
@@ -121,7 +122,7 @@ def delete(self, user: User) -> None:
 
         exists_result = user_exists(self.session, user)
         if exists_result is ExistenceResult.DOES_NOT_EXIST:
-            raise EntityDoesNotExistError("user", user_id=user.user_id)
+            raise EntityDoesNotExistError(EntityType.USER, user_id=user.user_id)
 
         elif exists_result is ExistenceResult.EXISTS:
             lock = UserLock(UserLockTypes.DELETE, user)
@@ -181,7 +182,7 @@ def get_one(
         else:
             existence_result = ExistenceResult.EXISTS
 
-        assert_exists(deletion_policy, existence_result, "user", user_id)
+        assert_exists(deletion_policy, existence_result, EntityType.USER, user_id)
 
         # The above assert_exists() function would have raised an exception,
         # so user can't be none here.
@@ -411,3 +412,4 @@ def _apply_deletion_policy(
         stmt = stmt.where(User.is_deleted == True)  # noqa: E712
 
     return stmt
+    return stmt