I have been looking at the aiida-restapi package for a while, and it looks quite interesting. However, I had some questions that I did not find an answer to in the documentation and I was wondering if someone here knew.
It seems like there is some authentication, procedure, I was wondering is this related to the database password/user in the aiida profile? Or is it something else? Could one use for example AD groups to handle the authentication?
I was also wondering about the GraphQL interface, I assume that one can get all the same information that is available with the querybuilder, does this include download of files? For example arrays, or does one access these differently?
I see that it is possible to control processes via this interface also, can one add security based on roles to this? I know it is possible by modifying the dependencies on the endpoints, but I wanted to see if this is something that already exists or something that one would need to add up.
Hi @JPchico , as far as I am aware, there is no real authentication implemented. There is just a shim currently that simply reads from a local text file. This is just for development purposes and is not ready for production whatsoever.
I also am not sure whether repository files can be downloaded. I am tempted to say no as I remember working on implementing this feature for ArrayData in the past but I don’t think I ever finalized this.
Hi @sphuber, okay that is good to know. I think that the per endpoint authorization would be nice, as I can see use cases where one can want GET access to several users but POST to only a subset.
The download is also very useful, implementing it in the base fastapi endpoints should not be too horrible, I have no idea how one would do that with GraphQL to be honest. I can take a look at this, since I think that the fastapi interface with the automatic OpenAPI documentation makes it much easier to use. I just need to try to understand how you are accessing data since it is not completely clear to me what is going on there.
How to deal with files has been a long-standing open question. Both when creating a new node as well as when downloading files from existing nodes. The current package has an endpoint to create a node that uploads a file through a multi-part form, but it is way too specific as it accepts just a single file:
I have been working on an AEP that proposes to define a schema for all ORM entities in AiiDA that is programmatically introspectable.
I have implemented it in this PR and have used it to implement a new web API that allows to easily upload and download files as base64 encoded strings of their byte content. You can see in this comment what it looks like in action. It’s a work in progress but I think it looks promising to be able to write a fully-fledged web API to an AiiDA instance.
Okay so you are making pydantinc models for the nodes which is quite nice as it would make it much easier to understand how things are related. In the current implementation I remember that one needed to add the download formats to the node itself as a method. I guess that in this way it would be simpler to get it.