[WIP] Update to spec

.env_template

@@ -8,7 +8,6 @@ API_PORT=3000
 # Settings for the BigchainDB node that the API server should connect to
 BDB_NODE_HOST=
 BDB_NODE_PORT=
-BDB_NODE_API_PATH=
 
 ##### Docker settings #####
 # Externally exposed port for accessing BigchainDB's API

.travis.yml

@@ -18,7 +18,7 @@ install:
 
 before_script:
   - rethinkdb --daemon
-  - bigchaindb -y configure
+  - bigchaindb -y configure rethinkdb
   # Start BigchainDB in the background and ignore any output
   - bigchaindb start >/dev/null 2>&1 &
 

README.md

@@ -140,7 +140,7 @@ The API server can be configured with a number of environment variables [see
 ### Create Users
 
 This call will not store any data on the running instance of BigchainDB.
-It simply generates a verifying and signing key-pair that can be used in a
+It simply generates a public/private key-pair that can be used in a
 POST-manifestation call.
 
 ```
@@ -151,17 +151,17 @@ PAYLOAD: None
 
 RETURNS:
 {
-    "verifyingKey": "<base58 string>",
-    "signingKey": "<base58 string>",
+    "publicKey": "<base58 string>",
+    "privateKey": "<base58 string>",
 }
 ```
 
 
 ### Register a Manifestation
 
 In order to register the manifestation on BigchainDB as transactions on a
-specific copyright holder's name, the copyright holder's `verifyingKey` and
-`signingKey` must be provided here.
+specific copyright holder's name, the copyright holder's `publicKey` and
+`privateKey` must be provided here.
 
 Note that the attributes shown for `manifestation` and `work` can be much more
 diverse; for this, see the COALA IP models definition (not yet publicly
@@ -179,8 +179,8 @@ PAYLOAD:
         "url": "<URI pointing to a media blob>"
     },
     "copyrightHolder": {
-        "verifyingKey": "<base58 string>",
-        "signingKey": "<base58 string>"
+        "publicKey": "<base58 string>",
+        "privateKey": "<base58 string>"
     },
     "work": {
         "name": "The Lord of the Rings Triology",
@@ -193,7 +193,7 @@ RETURNS:
 {
     "work": {
         "@id": "<Relative URI with the ID of the entity on BigchainDB>",
-        "@type": "CreativeWork",
+        "@type": "AbstractWork",
         "name": "The Lord of the Rings Trilogy",
         "author": "J. R. R. Tolkien"
     },
@@ -203,8 +203,7 @@ RETURNS:
         "name": "The Fellowship of the Ring",
         "manifestationOfWork": "<URI pointing to the Work's transaction ../<txid>",
         "datePublished": "29-07-1954",
-        "url": "<URI pointing to a media blob>",
-        "isManifestation": true
+        "url": "<URI pointing to a media blob>"
     },
     "copyright": {
         "@id": "<Relative URI with the ID of the entity on BigchainDB>",
@@ -265,8 +264,8 @@ part of the new Right's chain of provenance.
 Note that the attributes for the `right` may be much more diverse; see the COALA
 IP models definition (not yet publicly available yet).
 
-Also see transferring a Right on how to transfer a registered Right to new
-holders.
+Also see [transferring a Right](#transfer-a-right) on how to transfer a
+registered Right to new holders.
 
 ```
 POST /api/v1/rights/
@@ -278,18 +277,18 @@ PAYLOAD:
         "license": "<Legal license text or URI pointing to a license document>"
     },
     "currentHolder": {
-        "verifyingKey": "<base58 string>",
-        "signingKey": "<base58 string>"
+        "publicKey": "<base58 string>",
+        "privateKey": "<base58 string>"
     },
-    "sourceRightId": "<ID of an existing Right that allows for the creation of this new Right>"
+    "sourceRightId": "<ID of an existing Right that allows for the creation of this new Right; must be held by the user specified in `currentHolder`>"
 }
 
 RETURNS:
 {
     "right": {
         "@id": "<Relative URI with the ID of the entity on BigchainDB>",
         "@type": "Right",
-        "allowedBy": <The sourceRightId>,
+        "source": "<sourceRightId>",
         "license": "<Legal license text or URI pointing to a license document>",
     }
 }
@@ -298,3 +297,48 @@ RETURNS:
 To check if your POST was successful, follow the steps in [registering a
 manifestation](#was-my-post-to-manifestations-successful) and use the returned
 Right's data instead.
+
+
+### Transfer a Right
+
+You may only transfer a Right that you are currently holding. RightsAssignment
+entities are automatically created for each transfer and may include additional,
+arbitrary attributes if a `rightsAssignment` dict is given in the payload.
+
+```
+POST /api/v1/rights/transfer
+HEADERS {"Content-Type": "application/json"}
+
+PAYLOAD:
+{
+    "rightId": "<ID of an existing Right to transfer; must be held by the user specified in `currentHolder`>",
+    "rightsAssignment": {
+        ...
+    },
+    "currentHolder": {
+        "publicKey": "<base58 string>",
+        "privateKey": "<base58 string>"
+    },
+    "to": {
+        "publicKey": "<base58 string>",
+        "privateKey": null
+    }
+}
+
+RETURNS:
+{
+    "rightsAssignment": {
+        "@id": "<currently empty>",
+        "@type": "RightsTransferAction",
+        ... (provided `rightsAssignment`)
+    }
+}
+```
+
+Note that the `to` field in the payload may avoid specifying the new holder's
+private details (i.e. `signingKey`), but should still provide the keys needed to
+conform to the [user model](#create-users).
+
+To check if your POST was successful, follow the steps in [registering a
+manifestation](#was-my-post-to-manifestations-successful) and use the returned
+Right's data instead.

compose/api/Dockerfile

@@ -1,6 +1,6 @@
 FROM python:3.5
 
-RUN apt-get update && apt-get install -y vim
+RUN apt-get update
 
 RUN mkdir -p /usr/src/app
 WORKDIR /usr/src/app
@@ -9,4 +9,4 @@ RUN pip install --upgrade pip
 
 COPY . /usr/src/app/
 
-RUN pip install --no-cache-dir --process-dependency-links -e .
+RUN pip install --no-cache-dir --process-dependency-links -r requirements_dev.txt

compose/bigchaindb/Dockerfile

@@ -5,4 +5,4 @@ WORKDIR /usr/src/app
 RUN pip install --upgrade pip
 
 RUN pip install bigchaindb
-RUN bigchaindb -y configure
+RUN bigchaindb -y configure rethinkdb

dependency_links.txt

@@ -0,0 +1,4 @@
+--process-dependency-links
+
+git+https://github.com/bigchaindb/pycoalaip.git@check-rights-holder-consistent#egg=coalaip
+git+https://github.com/bigchaindb/pycoalaip-bigchaindb.git@add-is-same-user#egg=coalaip-bigchaindb

docker-compose.yml

@@ -14,8 +14,8 @@ services:
       - .env
     environment:
       API_HOST: api
-      BDB_NODE_HOST: "${BDB_NODE_HOST}"
-      BDB_NODE_PORT: "${BDB_NODE_PORT}"
+      BDB_NODE_HOST: bigchaindb
+      BDB_NODE_PORT: 9984
     ports:
       - "${API_PORT}:3000"
     command: python web/server.py

requirements_dev.txt

@@ -1,5 +1,7 @@
-pip==8.1.2
+pip==9.0.1
 bumpversion==0.5.3
 wheel==0.29.0
 
+-r dependency_links.txt
+
 -e .[dev]

setup.py

@@ -4,10 +4,9 @@
 from setuptools import setup, find_packages
 
 install_requires = [
-    'coalaip>=0.0.1.dev3',
-    'coalaip-bigchaindb>=0.0.1.dev3',
-    'bigchaindb==0.8.0',
-    'bigchaindb-driver==0.1.2',
+    'coalaip==0.0.1.dev3',
+    'coalaip-bigchaindb==0.0.1.dev3',
+    'bigchaindb~=0.9.0',
     'flask>=0.11.1',
     'flask-restful>=0.3.5',
     'gunicorn>=19.6.0',

tests/conftest.py

@@ -11,5 +11,65 @@ def app():
 
 
 @pytest.fixture
-def user(client):
+def alice(client):
     return client.post(url_for('user_views.userapi')).json
+
+
+@pytest.fixture
+def bob(client):
+    return client.post(url_for('user_views.userapi')).json
+
+
+@pytest.fixture
+def carly(client):
+    return client.post(url_for('user_views.userapi')).json
+
+
+@pytest.fixture
+def created_manifestation_resp(client, alice):
+    import json
+    from time import sleep
+    payload = {
+        'manifestation': {
+            'name': 'The Fellowship of the Ring',
+            'datePublished': '29-07-1954',
+            'url': 'http://localhost/lordoftherings.txt',
+        },
+        'copyrightHolder': alice,
+        'work': {
+            'name': 'The Lord of the Rings Triology',
+            'author': 'J. R. R. Tolkien',
+        },
+    }
+
+    resp = client.post(url_for('manifestation_views.manifestationapi'),
+                       data=json.dumps(payload),
+                       headers={'Content-Type': 'application/json'})
+
+    # Sleep for a bit to let the transaction become valid
+    sleep(3)
+    return resp.json
+
+
+@pytest.fixture
+def created_derived_right(client, alice, created_manifestation_resp):
+    import json
+    from time import sleep
+
+    copyright_id = created_manifestation_resp['copyright']['@id']
+    copyright_id = copyright_id.split('../rights/')[1]
+    payload = {
+        'currentHolder': alice,
+        'right': {
+            'license': 'http://www.ascribe.io/terms',
+        },
+        'sourceRightId': copyright_id,
+    }
+
+    resp = client.post(url_for('right_views.rightapi'),
+                       data=json.dumps(payload),
+                       headers={'Content-Type': 'application/json'})
+
+    # Sleep for a bit to let the transaction become valid
+    sleep(3)
+    return resp.json['right']