Spaces:
Sleeping
Sleeping
File size: 6,357 Bytes
7f46969 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
"""Shared functions for the Trackio UI."""
import os
import gradio as gr
import huggingface_hub as hf
try:
import trackio.utils as utils
from trackio.sqlite_storage import SQLiteStorage
except ImportError:
import utils
from sqlite_storage import SQLiteStorage
HfApi = hf.HfApi()
def get_project_info() -> str | None:
dataset_id = os.environ.get("TRACKIO_DATASET_ID")
space_id = utils.get_space()
if utils.persistent_storage_enabled():
return "✨ Persistent Storage is enabled, logs are stored directly in this Space."
if dataset_id:
sync_status = utils.get_sync_status(SQLiteStorage.get_scheduler())
upgrade_message = f"New changes are synced every 5 min <span class='info-container'><input type='checkbox' class='info-checkbox' id='upgrade-info'><label for='upgrade-info' class='info-icon'>ⓘ</label><span class='info-expandable'> To avoid losing data between syncs, <a href='https://huggingface.co/spaces/{space_id}/settings' class='accent-link'>click here</a> to open this Space's settings and add Persistent Storage. Make sure data is synced prior to enabling.</span></span>"
if sync_status is not None:
info = f"↻ Backed up {sync_status} min ago to <a href='https://huggingface.co/datasets/{dataset_id}' target='_blank' class='accent-link'>{dataset_id}</a> | {upgrade_message}"
else:
info = f"↻ Not backed up yet to <a href='https://huggingface.co/datasets/{dataset_id}' target='_blank' class='accent-link'>{dataset_id}</a> | {upgrade_message}"
return info
return None
def get_projects(request: gr.Request):
projects = SQLiteStorage.get_projects()
if project := request.query_params.get("project"):
interactive = False
else:
interactive = True
if selected_project := request.query_params.get("selected_project"):
project = selected_project
else:
project = projects[0] if projects else None
return gr.Dropdown(
label="Project",
choices=projects,
value=project,
allow_custom_value=True,
interactive=interactive,
info=get_project_info(),
)
def update_navbar_value(project_dd, request: gr.Request):
write_token = None
if hasattr(request, "query_params") and request.query_params:
write_token = request.query_params.get("write_token")
metrics_url = f"?selected_project={project_dd}"
runs_url = f"runs?selected_project={project_dd}"
if write_token:
metrics_url += f"&write_token={write_token}"
runs_url += f"&write_token={write_token}"
return gr.Navbar(
value=[
("Metrics", metrics_url),
("Runs", runs_url),
]
)
def check_hf_token_has_write_access(hf_token: str | None) -> None:
"""
Checks to see if the provided hf_token is valid and has write access to the Space
that Trackio is running in. If the hf_token is valid or if Trackio is not running
on a Space, this function does nothing. Otherwise, it raises a PermissionError.
"""
if os.getenv("SYSTEM") == "spaces": # if we are running in Spaces
# check auth token passed in
if hf_token is None:
raise PermissionError(
"Expected a HF_TOKEN to be provided when logging to a Space"
)
who = HfApi.whoami(hf_token)
owner_name = os.getenv("SPACE_AUTHOR_NAME")
repo_name = os.getenv("SPACE_REPO_NAME")
# make sure the token user is either the author of the space,
# or is a member of an org that is the author.
orgs = [o["name"] for o in who["orgs"]]
if owner_name != who["name"] and owner_name not in orgs:
raise PermissionError(
"Expected the provided hf_token to be the user owner of the space, or be a member of the org owner of the space"
)
# reject fine-grained tokens without specific repo access
access_token = who["auth"]["accessToken"]
if access_token["role"] == "fineGrained":
matched = False
for item in access_token["fineGrained"]["scoped"]:
if (
item["entity"]["type"] == "space"
and item["entity"]["name"] == f"{owner_name}/{repo_name}"
and "repo.write" in item["permissions"]
):
matched = True
break
if (
(
item["entity"]["type"] == "user"
or item["entity"]["type"] == "org"
)
and item["entity"]["name"] == owner_name
and "repo.write" in item["permissions"]
):
matched = True
break
if not matched:
raise PermissionError(
"Expected the provided hf_token with fine grained permissions to provide write access to the space"
)
# reject read-only tokens
elif access_token["role"] != "write":
raise PermissionError(
"Expected the provided hf_token to provide write permissions"
)
def check_oauth_token_has_write_access(oauth_token: str | None) -> None:
"""
Checks to see if the oauth token provided via Gradio's OAuth is valid and has write access
to the Space that Trackio is running in. If the oauth token is valid or if Trackio is not running
on a Space, this function does nothing. Otherwise, it raises a PermissionError.
"""
if not os.getenv("SYSTEM") == "spaces":
return
if oauth_token is None:
raise PermissionError(
"Expected an oauth to be provided when logging to a Space"
)
who = HfApi.whoami(oauth_token)
user_name = who["name"]
owner_name = os.getenv("SPACE_AUTHOR_NAME")
if user_name == owner_name:
return
# check if user is a member of an org that owns the space with write permissions
for org in who["orgs"]:
if org["name"] == owner_name and org["roleInOrg"] == "write":
return
raise PermissionError(
"Expected the oauth token to be the user owner of the space, or be a member of the org owner of the space"
)
|