[#505] create an atomic ACLs endpoint

[d-w-moore]

No test yet, will undraft when I have one.
Exercised now with this script:

# run as rods after 
# $ irm -fr b; itouch b
# $ iadmin mkzone twilight remote
# $ iadmin mkuser dan rodsuser
# $ iadmin mkuser charlie#twilight rodsuser

import irods
from irods.access import iRODSAccess
from irods.exception import iRODSException

s = irods.helpers.make_session()

try:
  pass
  s.acls._call_atomic_acl_api(
   "/tempZone/home/rods/b",
   iRODSAccess("write","","dan"),
   iRODSAccess("write","","public"),
   iRODSAccess("read","","charlie","twilight"),
 )
except iRODSException as exc:
  print(f'{exc!r}')
  e = exc
  print (e.server_msg.get_json_encoded_struct())
#except Exception as exc:
#  print(repr(exc))
else:
  print ('---> success')
  pass

[d-w-moore]

How would the team feel about my deprecating _iRODSAccess_pre_4_3_0, since we're now officially not supporting iRODS < 4.3.0 in PRC?

[korydraughn]

The leading underscore indicates that symbol is private to the implementation. If that's the case, no objections here.

[korydraughn]

Then again, if it's an implementation detail, then we don't have to deprecate it. We can just remove it.

[d-w-moore]

Ready for review. ACLOperation now created as part of an improved interface for atomic ACLs call.

[korydraughn]

Spotted this in the type checking workflow.

irods/manager/access_manager.py:54: error: Incompatible types in assignment (expression has type "list[Any]", target has type "str")  [assignment]

[korydraughn]

Looking good so far.

[d-w-moore]

Sorry for the forced push... just put some ruff changes through and added a structure that maps all permission keys to their respective codes - including all synonyms. It will help someone that say wants to do this:

sorted( [*ses.acls.get(object) , *my_ACLOperation_list ], 
               key= lambda acl:irods.access.all_permissions[acl.access_name] )

which would sort the whole list of retrieved permissions and new applicable ACLOperations together, ordering by increasing numeric permission code.

Yes, I know - very niche. But it affords the customer some pretty good flexibility.

[d-w-moore]

linters and tests are queued up.

Code is ready for final review, I think.

[alanking]

Looks like we're rounding the corner. Still see a couple unresolved comments

[d-w-moore]

I think it's ready for final eyes.... Squashing.

[korydraughn]

We're in the final stretch.

[korydraughn]

Does this do what's intended?

[d-w-moore]

I've tested it manually only. I wonder if a test is in order to make sure; wouldn't be that difficult.

[korydraughn]

A manual test is likely good enough, but if it's trivial to add a test, feel free to do so. Keep in mind that it's going to be removed in the next major release.

[d-w-moore]

I'm satisfied it works. A formal test is not necessary.

I've noticed however that because of this line, accessing the available_permissions property could invoke the deprecation message. Investigating....

[d-w-moore]

Hm . apparently importing it into the current module namespace is a way to circumvent the deprecations message. Direct use e.g. irods.access_iRODSAccess_pre_4_3_0 will however issue the deprecation warning.

[korydraughn]

Is the thing we're attempting to deprecate a thing which python supports as a deprecation target?

Getting the interpreter to tell the user about a less known symbol is probably overkill. What you think?

[d-w-moore]

I don't know. Would it be acceptable then to simply add a comment saying the class is deprecated?

[korydraughn]

If it's not easy to get python to report the deprecation in 99% of the cases, then a comment sounds perfectly reasonable to me.