feat(sensor): only allow admins to patch (#790)

* feat(sensor): only allow admins to patch

Signed-off-by: GustaafL <guus@seita.nl>

* docs(sensor): adds comment that only admins can patch sensors

Signed-off-by: GustaafL <guus@seita.nl>

* warn admins in docstring of consequences when descriptive data for sensor changes with existing belief data

Signed-off-by: Nicolas Höning <nicolas@seita.nl>

---------

Signed-off-by: GustaafL <guus@seita.nl>
Signed-off-by: Nicolas Höning <nicolas@seita.nl>
Co-authored-by: Nicolas Höning <nicolas@seita.nl>

flexmeasures/api/v3_0/sensors.py

@@ -596,22 +596,24 @@ def post(self, sensor_data: dict):
 
     @route("/<id>", methods=["PATCH"])
     @use_args(partial_sensor_schema)
-    @use_kwargs({"db_sensor": SensorIdField(data_key="id")}, location="path")
-    @permission_required_for_context("update", ctx_arg_name="db_sensor")
+    @use_kwargs({"sensor": SensorIdField(data_key="id")}, location="path")
+    @permission_required_for_context("update", ctx_arg_name="sensor")
     @as_json
-    def patch(self, sensor_data: dict, id: int, db_sensor: Sensor):
+    def patch(self, sensor_data: dict, id: int, sensor: Sensor):
         """Update a sensor given its identifier.
 
         .. :quickref: Sensor; Update a sensor
 
-        This endpoint sets data for an existing sensor.
-        Any subset of sensor fields can be sent.
+        This endpoint updates the descriptive data of an existing sensor.
 
-        The following fields are not allowed to be updated:
+        Any subset of sensor fields can be sent.
+        However, the following fields are not allowed to be updated:
         - id
         - generic_asset_id
         - entity_address
 
+        Only admin users have rights to update the sensor fields. Be aware that changing unit, event resolution and knowledge horizon should currently only be done on sensors without existing belief data (to avoid a serious mismatch), or if you really know what you are doing.
+
         **Example request**
 
         .. sourcecode:: json
@@ -646,10 +648,10 @@ def patch(self, sensor_data: dict, id: int, db_sensor: Sensor):
         :status 422: UNPROCESSABLE_ENTITY
         """
         for k, v in sensor_data.items():
-            setattr(db_sensor, k, v)
-        db.session.add(db_sensor)
+            setattr(sensor, k, v)
+        db.session.add(sensor)
         db.session.commit()
-        return sensor_schema.dump(db_sensor), 200
+        return sensor_schema.dump(sensor), 200
 
     @route("/<id>", methods=["DELETE"])
     @use_kwargs({"sensor": SensorIdField(data_key="id")}, location="path")

flexmeasures/api/v3_0/tests/test_sensors_api.py

@@ -155,10 +155,9 @@ def test_patch_sensor_for_excluded_attribute(
     assert response.json["message"]["json"][attribute] == ["Unknown field."]
 
 
-def test_patch_sensor_from_unrelated_account(client, setup_api_test_data):
-    """Try to change the name of a sensor that is in an account the user does not
-    have access to"""
-    headers = make_headers_for("test_prosumer_user_2@seita.nl", client)
+def test_patch_sensor_non_admin(client, setup_api_test_data):
+    """Try to change the name of a sensor with a non admin account"""
+    headers = make_headers_for("test_supplier_user_4@seita.nl", client)
 
     sensor = Sensor.query.filter(Sensor.name == "some temperature sensor").one_or_none()
 

flexmeasures/data/models/time_series.py

@@ -102,7 +102,10 @@ def __acl__(self):
             "read": f"account:{self.generic_asset.account_id}"
             if self.generic_asset.account_id is not None
             else EVERY_LOGGED_IN_USER,
-            "update": f"account:{self.generic_asset.account_id}",
+            "update": (
+                f"account:{self.generic_asset.account_id}",
+                "role:account-admin",
+            ),
             "delete": (
                 f"account:{self.generic_asset.account_id}",
                 "role:account-admin",