Beispiel #1
0
def login():
    """
    UserName Password Login

    :return file: Either the homepage or the loginpage
    """
    if g.user is not None and g.user.is_authenticated():
        return redirect(url_for('home'))
    error = None
    form = LoginForm(request.form)
    if request.method == 'POST':
        if form.validate_on_submit():
            user = dbSession.query(User).filter(User.username == request.form['username']).first()
            if user is not None and user.sso == "none":
                password, salt = user.password.split(':')
                if password == hashlib.sha256(salt.encode() + request.form['password'].encode()).hexdigest():
                    session['remember_me'] = form.remember_me.data
                    login_user(user)
                    dbSession.remove()
                    return redirect(request.args.get('next') or url_for('home'))
                else:
                    error = 'Invalid password'
            else:
                error = 'Invalid username'
    dbSession.remove()
    return render_template('login.html', form=form, error=error)
Beispiel #2
0
def rest_delete_container(bucket_id):
    """
    Deletes specified container

    :param int bucket_id: The bucket to delete
    :return file: 200 Page
    """
    # 1. check if logged in user is owner of bucket
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    if int(g.user.get_id()) != bucket_id:
        return "403"  # Forbidden
    # ATT: all files in bucket must be deleted in db # can be replaced via bulkrequest, but this needs more attention, because errors are made easily and db could be out of synch [foreign keys and so on]!

    files_in_bucket = dbSession.query(Userfile).filter(Userfile.folder == bucket_id)
    for content in files_in_bucket:
        connectors = dbSession.query(UserUserfile).filter(UserUserfile.userfile_id == content.id)
        for connect in connectors:
            dbSession.delete(connect)
        dbSession.delete(content)
    user = dbSession.query(User).filter(User.id == bucket_id).first()
    dbSession.delete(user)
    dbSession.commit()
    storageinterface.delete_container(bucket_id)
    dbSession.remove()
    return "200"
Beispiel #3
0
def shutdown_session(exception=None):
    """
    Shuts down the database session

    :param Exception exception: Won't get used here
    """
    dbSession.remove()
Beispiel #4
0
def shutdown_session(exception=None):
    """
    Shuts down the database session

    :param Exception exception: Won't get used here
    """
    dbSession.remove()
Beispiel #5
0
def rest_delete_container(bucket_id):
    """
    Deletes specified container

    :param int bucket_id: The bucket to delete
    :return file: 200 Page
    """
    # 1. check if logged in user is owner of bucket
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    if int(g.user.get_id()) != bucket_id:
        return "403"  # Forbidden
    # ATT: all files in bucket must be deleted in db # can be replaced via bulkrequest, but this needs more attention, because errors are made easily and db could be out of synch [foreign keys and so on]!

    files_in_bucket = dbSession.query(Userfile).filter(
        Userfile.folder == bucket_id)
    for content in files_in_bucket:
        connectors = dbSession.query(UserUserfile).filter(
            UserUserfile.userfile_id == content.id)
        for connect in connectors:
            dbSession.delete(connect)
        dbSession.delete(content)
    user = dbSession.query(User).filter(User.id == bucket_id).first()
    dbSession.delete(user)
    dbSession.commit()
    storageinterface.delete_container(bucket_id)
    dbSession.remove()
    return "200"
Beispiel #6
0
def login():
    """
    UserName Password Login

    :return file: Either the homepage or the loginpage
    """
    if g.user is not None and g.user.is_authenticated():
        return redirect(url_for('home'))
    error = None
    form = LoginForm(request.form)
    if request.method == 'POST':
        if form.validate_on_submit():
            user = dbSession.query(User).filter(
                User.username == request.form['username']).first()
            if user is not None and user.sso == "none":
                password, salt = user.password.split(':')
                if password == hashlib.sha256(
                        salt.encode() +
                        request.form['password'].encode()).hexdigest():
                    session['remember_me'] = form.remember_me.data
                    login_user(user)
                    dbSession.remove()
                    return redirect(
                        request.args.get('next') or url_for('home'))
                else:
                    error = 'Invalid password'
            else:
                error = 'Invalid username'
    dbSession.remove()
    return render_template('login.html', form=form, error=error)
Beispiel #7
0
def rest_syncdb_share_file_permission():
    name_file_owner = request.json['name_file_owner']
    share_username = request.json['username']
    permission = request.json['permission']
    file_name = request.json['file_name']

    etcd_client = init_etcd_connection()
    commit_key = '/setPermission/' + share_username + '_' + file_name + '/' + 'commit'

    async_commit_queue = Queue()
    async_commit_data = FuncThread(listen_commit_status, etcd_client,
                                   commit_key, async_commit_queue)
    async_commit_data.daemon = True
    async_commit_data.start()

    key_path = 'setPermission/' + share_username + '_' + file_name + '/' + 'ack_' + cloudplatform

    print ">>>>>>>>> REST API >>>>>>>>>>>>>>"
    print "key: " + key_path
    etcd_client.write(key_path, 2)
    print ">>>>> REST API: wrote to etcd..."
    print ">>>>>>>>> REST API >>>>>>>>>>>>>>"

    async_commit_data.join()
    commit_res = async_commit_queue.get()
    print ">>>> commit result: " + commit_res

    if commit_res == "1":

        user_file_owner = dbSession.query(User).filter(
            User.username == name_file_owner).first()
        print "got owner: " + str(user_file_owner.id)
        user = dbSession.query(User).filter(
            User.username == share_username).first()
        print "shared user: "******"userfile" + str(userfile.id)

        useruserfile = dbSession.query(UserUserfile).filter(
            UserUserfile.user_id == user.id,
            UserUserfile.userfile_id == userfile.id).first()
        print "useruserfile"
        if useruserfile is not None:
            print "entry available"
            useruserfile.permission = permission
            dbSession.commit()
        else:
            print("set useruserfile")
            useruserfile = UserUserfile(userfile, user, permission)
            dbSession.add(useruserfile)
            dbSession.commit()

        etcd_client.write(key_path, 3)

    dbSession.remove()

    return "200"
Beispiel #8
0
def load_user(id):
    """
    Function for LoginManager to get a user with specific id

    :param string/int id: the id of the user to load
    """
    user = dbSession.query(User).filter(User.id == int(id)).first()
    dbSession.remove()
    return user
Beispiel #9
0
def load_user(id):
    """
    Function for LoginManager to get a user with specific id

    :param string/int id: the id of the user to load
    """
    user = dbSession.query(User).filter(User.id == int(id)).first()
    dbSession.remove()
    return user
Beispiel #10
0
def rest_syncdb_share_file_permission():
    name_file_owner = request.json['name_file_owner']
    share_username = request.json['username']
    permission = request.json['permission']
    file_name = request.json['file_name']

    etcd_client = init_etcd_connection()
    commit_key = '/setPermission/' + share_username + '_' + file_name + '/' + 'commit'

    async_commit_queue = Queue()
    async_commit_data = FuncThread(listen_commit_status, etcd_client, commit_key, async_commit_queue)
    async_commit_data.daemon = True
    async_commit_data.start()


    key_path = 'setPermission/' + share_username + '_' + file_name + '/' + 'ack_' + cloudplatform

    print ">>>>>>>>> REST API >>>>>>>>>>>>>>"
    print "key: " + key_path
    etcd_client.write(key_path, 2)
    print ">>>>> REST API: wrote to etcd..."
    print ">>>>>>>>> REST API >>>>>>>>>>>>>>"

    async_commit_data.join()
    commit_res = async_commit_queue.get()
    print ">>>> commit result: " + commit_res



    if commit_res == "1":

        user_file_owner = dbSession.query(User).filter(User.username == name_file_owner).first()
        print "got owner: " + str(user_file_owner.id)
        user = dbSession.query(User).filter(User.username == share_username).first()
        print "shared user: "******"userfile" + str(userfile.id)
        
        useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user.id,
                                                        UserUserfile.userfile_id == userfile.id).first()
        print "useruserfile"
        if useruserfile is not None:
            print "entry available"
            useruserfile.permission = permission
            dbSession.commit()
        else:
            print("set useruserfile")
            useruserfile = UserUserfile(userfile, user, permission)
            dbSession.add(useruserfile)
            dbSession.commit()
            
        etcd_client.write(key_path, 3)

    dbSession.remove()
        
    return "200"
Beispiel #11
0
def register():
    """
    UserName Password Register

    :return file: either the register page or the homepage
    """
    if g.user is not None and g.user.is_authenticated():
        return redirect(url_for('home'))
    form = RegisterForm()
    error = None
    if form.validate_on_submit():
        # generate randomness
        salt = uuid.uuid4().hex
        # hashing password
        user = dbSession.query(User).filter(
            User.username == request.form['username']).first()
        email = dbSession.query(User).filter(
            User.email == request.form['email']).first()
        if user is not None:
            error = 'username is already taken'
        elif email is not None:
            error = 'email was already used'
        else:
            user_string = "registerUser/" + form.username.data + '/'
            password = hashlib.sha256(
                salt.encode() +
                form.password.data.encode()).hexdigest() + ':' + salt
            data = {
                'username': form.username.data,
                'email': form.email.data,
                'password': password,
                'sso': 'none'
            }
            rest_url = '/storage/api/v1.0/syncdb/registeruser'

            # call synchronization between cloud dbs
            res_db_sync = db_cloud_sync(user_string, rest_url, data)
            print "register: res_db_sync: " + str(res_db_sync)

            if res_db_sync == -1:
                error == '+++++ registration fails, please try it again'
            else:
                print "+++++ sending was successfull"

                # login new user
                dbSession_new = scoped_session(
                    sessionmaker(autocommit=False, bind=dbEngine))
                user = dbSession_new.query(User).filter(
                    User.username == request.form['username']).first()

                login_user(user)
                dbSession.remove()
                return redirect(url_for('home'))
    dbSession.remove()
    return render_template('register.html', form=form, error=error)
Beispiel #12
0
def google_authorized(resp):
    """
    Function that gets called by Google oauth after a login

    :param resp: the response by google
    :return file: Homepage or fail page
    """
    next_url = request.args.get('next') or url_for('home')
    if resp is None:
        # The user likely denied the request
        # TODO: excalate error to user: '******'
        return redirect(next_url)

    try:
        session['oauth_token'] = (resp['access_token'], '')
    except:
        return "400"

    user_data = google.get('/userinfo/v2/me').data
    user = dbSession.query(User).filter(
        User.email == user_data['email']).first()

    if user is None:

        user_string = "registerUser/" + user_data['id'] + '/'

        rest_url = '/storage/api/v1.0/syncdb/registeruser'

        data = {
            'username': user_data['id'],
            'email': user_data['email'],
            'password': "******",
            'sso': 'google'
        }

        res_db_sync = db_cloud_sync(user_string, rest_url, data)

        if res_db_sync == -1:
            error = '+++++ registration fails, please try it again'
            print error
        else:
            print "+++++ sending was successfull"

            # login new user
            dbSession_new = scoped_session(
                sessionmaker(autocommit=False, bind=dbEngine))
            user = dbSession_new.query(User).filter(
                User.email == user_data['email']).first()
            login_user(user)

    else:
        login_user(user)
    dbSession.remove()
    return redirect(next_url)
Beispiel #13
0
def google_authorized(resp):
    """
    Function that gets called by Google oauth after a login

    :param resp: the response by google
    :return file: Homepage or fail page
    """
    next_url = request.args.get('next') or url_for('home')
    if resp is None:
        # The user likely denied the request
        # TODO: excalate error to user: '******'
        return redirect(next_url)
    
    try: 
        session['oauth_token'] = (resp['access_token'], '') 
    except: 
        return "400"
    
    user_data = google.get('/userinfo/v2/me').data
    user = dbSession.query(User).filter(User.email == user_data['email']).first()

    if user is None:

        user_string = "registerUser/" + user_data['id'] + '/'

        rest_url = '/storage/api/v1.0/syncdb/registeruser'

        data = {
            'username': user_data['id'],
            'email': user_data['email'],
            'password': "******",
            'sso': 'google'
        }

        res_db_sync = db_cloud_sync(user_string, rest_url, data)

        if res_db_sync == -1:
            error = '+++++ registration fails, please try it again'
            print error
        else:
            print "+++++ sending was successfull"

            # login new user
            dbSession_new = scoped_session(sessionmaker(autocommit=False, bind=dbEngine))
            user = dbSession_new.query(User).filter(User.email == user_data['email']).first()
            login_user(user)

    else:
        login_user(user)
    dbSession.remove()
    return redirect(next_url)
Beispiel #14
0
def rest_syncdb_register_user():
    new_username = request.json['username']
    new_email = request.json['email']
    new_password = request.json['password']
    new_sso = request.json['sso']

    user = dbSession.query(User).filter(User.username == new_username).first()
    email = dbSession.query(User).filter(User.email == new_email).first()

    etcd_client = init_etcd_connection()
    commit_key = "/registerUser/" + new_username + '/' + 'commit'

    async_commit_queue = Queue()
    async_commit_data = FuncThread(listen_commit_status, etcd_client, commit_key, async_commit_queue)
    async_commit_data.daemon = True
    async_commit_data.start()

    if user is not None:
        user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform
        etcd_client.write(user_key, 1)
    elif email is not None:
        user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform
        etcd_client.write(user_key, 1)
    else:
        user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform

        print ">>>>>>>>> REST API >>>>>>>>>>>>>>"
        print "user_key: " + user_key
        etcd_client.write(user_key, 2)
        print ">>>>> REST API: wrote to etcd..."
        print ">>>>>>>>> REST API >>>>>>>>>>>>>>"

    async_commit_data.join()
    commit_res = async_commit_queue.get()
    print ">>>> commit result: " + commit_res

    if commit_res == "1":
        user = User(
            username=new_username,
            email=new_email,
            password=new_password,
            sso=new_sso
        )
        # save new user in database
        dbSession.add(user)
        dbSession.commit()
        # create container/bucket for the new registered user
        storageinterface.create_container(user.get_id())
        etcd_client.write(user_key, 3)
    dbSession.remove()
    return "200"
Beispiel #15
0
def rest_syncfile_save_file_tmp(user_email, file_name):
    print "rest_syncfile_save_file_tmp: ..."
    if request.method == 'POST':
        # set tmp suffix for saving the file only temporary
        file_name += "_tmp"

        # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles
        userfile = dbSession.query(Userfile).filter(
            Userfile.name == file_name).first()
        user = dbSession.query(User).filter(User.email == user_email).first()
        user_id = user.get_id()
        print("-------------> found user with email : " + user_email +
              " and bucket id : " + user_id)
        if userfile is None:
            if user is None:
                return "403"  # Forbidden
            userfile = Userfile(user_id, file_name)
            useruserfile = UserUserfile(userfile, user, 6)
            dbSession.add(userfile)
            dbSession.add(useruserfile)
            dbSession.commit()

        # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles
        else:
            useruserfile = dbSession.query(UserUserfile).filter(
                UserUserfile.user_id == user_id,
                UserUserfile.userfile_id == userfile.id).first()
            if useruserfile is None or useruserfile.permission < 6:
                print("return 403")
                dbSession.remove()
                return '403'  # redirect(url_for('403'))  # No permission found or permission not sufficient

        content = request.json['content']
        print("-------------------------------------------------------------")
        print(
            "Received an external POST in order to save following file temporarily"
        )
        print("content: " + content)
        print("user email: " + user_email)
        print("bucketid: " + str(user_id))
        print("file_name: " + file_name)
        print("-------------------------------------------------------------")

        response = "500"
        if storageinterface.upload_from_text(user_id, file_name, content):
            response = "200"
            file_string = "saveFile_tmp/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform
            etcd_client = init_etcd_connection()
            etcd_client.write(file_string, 2)
        dbSession.remove()
    return response
Beispiel #16
0
def rest_syncdb_register_user():
    new_username = request.json['username']
    new_email = request.json['email']
    new_password = request.json['password']
    new_sso = request.json['sso']

    user = dbSession.query(User).filter(User.username == new_username).first()
    email = dbSession.query(User).filter(User.email == new_email).first()

    etcd_client = init_etcd_connection()
    commit_key = "/registerUser/" + new_username + '/' + 'commit'

    async_commit_queue = Queue()
    async_commit_data = FuncThread(listen_commit_status, etcd_client,
                                   commit_key, async_commit_queue)
    async_commit_data.daemon = True
    async_commit_data.start()

    if user is not None:
        user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform
        etcd_client.write(user_key, 1)
    elif email is not None:
        user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform
        etcd_client.write(user_key, 1)
    else:
        user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform

        print ">>>>>>>>> REST API >>>>>>>>>>>>>>"
        print "user_key: " + user_key
        etcd_client.write(user_key, 2)
        print ">>>>> REST API: wrote to etcd..."
        print ">>>>>>>>> REST API >>>>>>>>>>>>>>"

    async_commit_data.join()
    commit_res = async_commit_queue.get()
    print ">>>> commit result: " + commit_res

    if commit_res == "1":
        user = User(username=new_username,
                    email=new_email,
                    password=new_password,
                    sso=new_sso)
        # save new user in database
        dbSession.add(user)
        dbSession.commit()
        # create container/bucket for the new registered user
        storageinterface.create_container(user.get_id())
        etcd_client.write(user_key, 3)
    dbSession.remove()
    return "200"
Beispiel #17
0
def register():
    """
    UserName Password Register

    :return file: either the register page or the homepage
    """
    if g.user is not None and g.user.is_authenticated():
        return redirect(url_for('home'))
    form = RegisterForm()
    error = None
    if form.validate_on_submit():
        # generate randomness
        salt = uuid.uuid4().hex
        # hashing password
        user = dbSession.query(User).filter(User.username == request.form['username']).first()
        email = dbSession.query(User).filter(User.email == request.form['email']).first()
        if user is not None:
            error = 'username is already taken'
        elif email is not None:
            error = 'email was already used'
        else:
            user_string = "registerUser/" + form.username.data + '/'
            password = hashlib.sha256(
                    salt.encode() + form.password.data.encode()).hexdigest() + ':' + salt
            data = {
                    'username': form.username.data,
                    'email': form.email.data,
                    'password': password,
                    'sso': 'none'
            }
            rest_url = '/storage/api/v1.0/syncdb/registeruser'

            # call synchronization between cloud dbs
            res_db_sync = db_cloud_sync(user_string, rest_url, data)
            print "register: res_db_sync: " + str(res_db_sync)

            if res_db_sync == -1:
                error == '+++++ registration fails, please try it again'
            else:
                print "+++++ sending was successfull"

                # login new user
                dbSession_new = scoped_session(sessionmaker(autocommit=False, bind=dbEngine))
                user = dbSession_new.query(User).filter(User.username == request.form['username']).first()

                login_user(user)
                dbSession.remove()
                return redirect(url_for('home'))
    dbSession.remove()
    return render_template('register.html', form=form, error=error)
Beispiel #18
0
def rest_syncfile_save_file_tmp(user_email, file_name):
    print "rest_syncfile_save_file_tmp: ..."
    if request.method == 'POST':
        # set tmp suffix for saving the file only temporary
        file_name += "_tmp"

        # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles
        userfile = dbSession.query(Userfile).filter(Userfile.name == file_name).first()
        user = dbSession.query(User).filter(User.email == user_email).first()
        user_id = user.get_id()
        print("-------------> found user with email : " + user_email + " and bucket id : " + user_id)
        if userfile is None:
            if user is None:
                return "403"  # Forbidden
            userfile = Userfile(user_id, file_name)
            useruserfile = UserUserfile(userfile, user, 6)
            dbSession.add(userfile)
            dbSession.add(useruserfile)
            dbSession.commit()

        # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles
        else:
            useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user_id,
                                                                UserUserfile.userfile_id == userfile.id).first()
            if useruserfile is None or useruserfile.permission < 6:
                print("return 403")
                dbSession.remove()
                return '403'  # redirect(url_for('403'))  # No permission found or permission not sufficient

        content = request.json['content']
        print("-------------------------------------------------------------")
        print("Received an external POST in order to save following file temporarily")
        print("content: " + content)
        print("user email: " + user_email)
        print("bucketid: " + str(user_id))
        print("file_name: " + file_name)
        print("-------------------------------------------------------------")

        response = "500"
        if storageinterface.upload_from_text(user_id, file_name, content):
            response = "200"
            file_string = "saveFile_tmp/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform
            etcd_client = init_etcd_connection()
            etcd_client.write(file_string, 2)
        dbSession.remove()
    return response
Beispiel #19
0
def rest_delete_file(bucket_id, file_name):
    """
    Deletes file in container

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """
    # 1 check auth.
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    # 2 only owner is allowed to delete
    if int(g.user.get_id()) != bucket_id:
        return "403"
    # 3 check if this combination really exists
    elements = dbSession.query(Userfile).filter((Userfile.folder == bucket_id), (Userfile.name == file_name)).first()
    if elements is None:
        dbSession.remove()
        return "404"
    # 4 try a delete-atempt
    # ATT [here an exception can lead to desynchronized states]
    if storageinterface.file_exists(bucket_id, file_name):
        storageinterface.delete_file(bucket_id, file_name)
        # no cascade possible, therfore we must remove the foreign-key there manually
        references = dbSession.query(UserUserfile).filter(UserUserfile.userfile_id == elements.id)
        for ref in references:
            dbSession.delete(ref)
        dbSession.delete(elements)
        dbSession.commit()
        dbSession.remove()
        return "200"
    dbSession.remove()
    return "500"  # something went wrong
Beispiel #20
0
def rest_download_file_to_text(bucket_id, file_name):
    """
    Returns specified file in container as text

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return string: The file as a string
    """
    # 1 check if user is auth
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized

    userfile = dbSession.query(UserUserfile, Userfile).filter(
        UserUserfile.userfile_id == Userfile.id, Userfile.name == file_name,
        UserUserfile.user_id == g.user.get_id(),
        Userfile.folder == bucket_id).first()

    if userfile is None:
        dbSession.remove()
        return "404"  # Not found
    if int(userfile.UserUserfile.permission) < 4:
        dbSession.remove()
        return "403"

    value = storageinterface.download_file_to_text(bucket_id, file_name)

    if value is None:  # FIXME wat do in this case?
        print('Database out of synch with storage!')
        value = ""
    dbSession.remove()
    return value
Beispiel #21
0
def rest_download_file_to_text(bucket_id, file_name):
    """
    Returns specified file in container as text

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return string: The file as a string
    """
    # 1 check if user is auth
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized

    userfile = dbSession.query(UserUserfile, Userfile).filter(UserUserfile.userfile_id == Userfile.id,
                                                              Userfile.name == file_name,
                                                              UserUserfile.user_id == g.user.get_id(),
                                                              Userfile.folder == bucket_id).first()

    if userfile is None:
        dbSession.remove()
        return "404"  # Not found
    if int(userfile.UserUserfile.permission) < 4:
        dbSession.remove()
        return "403"

    value = storageinterface.download_file_to_text(bucket_id, file_name)

    if value is None:  # FIXME wat do in this case?
        print('Database out of synch with storage!')
        value = ""
    dbSession.remove()
    return value
Beispiel #22
0
def rest_delete_file(bucket_id, file_name):
    """
    Deletes file in container

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """
    # 1 check auth.
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    # 2 only owner is allowed to delete
    if int(g.user.get_id()) != bucket_id:
        return "403"
    # 3 check if this combination really exists
    elements = dbSession.query(Userfile).filter(
        (Userfile.folder == bucket_id), (Userfile.name == file_name)).first()
    if elements is None:
        dbSession.remove()
        return "404"
    # 4 try a delete-atempt
    # ATT [here an exception can lead to desynchronized states]
    if storageinterface.file_exists(bucket_id, file_name):
        storageinterface.delete_file(bucket_id, file_name)
        # no cascade possible, therfore we must remove the foreign-key there manually
        references = dbSession.query(UserUserfile).filter(
            UserUserfile.userfile_id == elements.id)
        for ref in references:
            dbSession.delete(ref)
        dbSession.delete(elements)
        dbSession.commit()
        dbSession.remove()
        return "200"
    dbSession.remove()
    return "500"  # something went wrong
Beispiel #23
0
def rest_list_files(bucket_id):
    """
    Lists files in container

    :param int bucket_id: The bucket to list
    :return string: Json object containing the list of files
    """
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized

    if int(g.user.get_id()) != bucket_id:
        return "403"

    # gets every file of g.user
    files = dbSession.query(Userfile.name).filter(Userfile.folder == g.user.get_id()).order_by(Userfile.name)
    data = []
    for _iter_ in files:
        data.append(_iter_[0])
    json_string = json.dumps(data)
    # print(json_string)
    dbSession.remove()
    return json_string
Beispiel #24
0
def rest_share_list_files_read():
    """
    Lists files with permission >0

    :return string: json with all files with permission > 0
    """
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
        # 1: gets every file with permission > 4 for g.user
        # Sample-SQL-command
        # SELECT user.username, user_userfile.permission,userfile.id,userfile.folder,userfile.name FROM user_userfile,userfile JOIN user ON user.id = userfile.folder WHERE user_userfile.userfile_id = userfile.id AND user_userfile.user_id = g.user.get_id() ;
    files = dbSession.query(UserUserfile, Userfile, User).filter(User.id == Userfile.folder,
                                                                 UserUserfile.userfile_id == Userfile.id,
                                                                 UserUserfile.user_id == g.user.get_id(),
                                                                 UserUserfile.permission >= 4)
    # 2 create json with data
    data = []
    for _iter_ in files:
        data.append([_iter_.User.username, _iter_.Userfile.name, _iter_.User.id])
    json_string = json.dumps(data)
    dbSession.remove()
    return json_string
Beispiel #25
0
def rest_share_list_files_read():
    """
    Lists files with permission >0

    :return string: json with all files with permission > 0
    """
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
        # 1: gets every file with permission > 4 for g.user
        # Sample-SQL-command
        # SELECT user.username, user_userfile.permission,userfile.id,userfile.folder,userfile.name FROM user_userfile,userfile JOIN user ON user.id = userfile.folder WHERE user_userfile.userfile_id = userfile.id AND user_userfile.user_id = g.user.get_id() ;
    files = dbSession.query(UserUserfile, Userfile, User).filter(
        User.id == Userfile.folder, UserUserfile.userfile_id == Userfile.id,
        UserUserfile.user_id == g.user.get_id(), UserUserfile.permission >= 4)
    # 2 create json with data
    data = []
    for _iter_ in files:
        data.append(
            [_iter_.User.username, _iter_.Userfile.name, _iter_.User.id])
    json_string = json.dumps(data)
    dbSession.remove()
    return json_string
Beispiel #26
0
def rest_list_files(bucket_id):
    """
    Lists files in container

    :param int bucket_id: The bucket to list
    :return string: Json object containing the list of files
    """
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized

    if int(g.user.get_id()) != bucket_id:
        return "403"

    # gets every file of g.user
    files = dbSession.query(Userfile.name).filter(
        Userfile.folder == g.user.get_id()).order_by(Userfile.name)
    data = []
    for _iter_ in files:
        data.append(_iter_[0])
    json_string = json.dumps(data)
    # print(json_string)
    dbSession.remove()
    return json_string
Beispiel #27
0
def rest_overwrite_file_from_text(bucket_id, file_name):
    """
    Uploads text to file in container

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """
    # 1 check auth.
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    # 2 check if this file really exists
    element = dbSession.query(Userfile).filter(
        (Userfile.folder == bucket_id), (Userfile.name == file_name)).first()
    if element is None:
        dbSession.remove()
        return "404"
    print(element.name)
    # 3 get this file again, just to check with right permissions
    file_ = dbSession.query(UserUserfile, Userfile).filter(
        UserUserfile.userfile_id == Userfile.id,
        UserUserfile.user_id == g.user.get_id(),
        or_(UserUserfile.permission == 2, UserUserfile.permission == 6),
        Userfile.folder == bucket_id, Userfile.name == file_name).first()
    if file_ is None:
        dbSession.remove()
        return '403'  # because file exists, this means user has no right to manipulate
    print(file_.Userfile.name)
    # 4 send new element
    content = request.json['content']
    response = "200"
    if not storageinterface.upload_from_text(bucket_id, file_name, content):
        response = "500"
    print(response)
    dbSession.remove()
    return response
Beispiel #28
0
def rest_overwrite_file_from_text(bucket_id, file_name):
    """
    Uploads text to file in container

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """
    # 1 check auth.
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    # 2 check if this file really exists
    element = dbSession.query(Userfile).filter((Userfile.folder == bucket_id), (Userfile.name == file_name)).first()
    if element is None:
        dbSession.remove()
        return "404"
    print(element.name)
    # 3 get this file again, just to check with right permissions
    file_ = dbSession.query(UserUserfile, Userfile).filter(UserUserfile.userfile_id == Userfile.id,
                                                           UserUserfile.user_id == g.user.get_id(),
                                                           or_(UserUserfile.permission == 2,
                                                               UserUserfile.permission == 6),
                                                           Userfile.folder == bucket_id,
                                                           Userfile.name == file_name).first()
    if file_ is None:
        dbSession.remove()
        return '403'  # because file exists, this means user has no right to manipulate
    print(file_.Userfile.name)
    # 4 send new element
    content = request.json['content']
    response = "200"
    if not storageinterface.upload_from_text(bucket_id, file_name, content):
        response = "500"
    print(response)
    dbSession.remove()
    return response
Beispiel #29
0
def rest_share_file(bucket_id, file_name):
    """
    Sets permission for file in db

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """

    print "rest_share_file: ..."
    username = request.json['username']
    permission = request.json['permission']


    print "username: "******"permission: " + permission
    print "bucket id: " + str(bucket_id)
    print "filename: " + file_name

    # 1. check if logged in user is owner of file_name
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    # 2. check if Owner of bucket is changing permissions
    if int(g.user.get_id()) != bucket_id:
        return "403"  # Forbidden
    # 3. check if file in table Userfile exists
    userfile = dbSession.query(Userfile).filter(Userfile.folder == bucket_id, Userfile.name == file_name).first()
    if userfile is None:
        dbSession.remove()
        return "404"  # Not found
    # 4. check if user_id in table User exists
    print("check user")
    user = dbSession.query(User).filter(User.username == username).first()
    if user is None:
        dbSession.remove()
        return "404"  # Not found
    # 5. check if permission allready exists in table UserUserfile

    #user_file_owner
    user_file_owner = dbSession.query(User).filter(User.id == bucket_id).first()

    data = {
        'name_file_owner': user_file_owner.username,
        'permission': permission,
        'bucket_id': bucket_id,
        'file_name': file_name,
        'username': username
    }

    print "Username Owner: " + user_file_owner.username
    print "file_name: " + file_name
    print "username: "******"503"
    else:
        ret_val = "200"

    dbSession.remove()
    return ret_val
Beispiel #30
0
def rest_upload_from_text(bucket_id, file_name):
    """
    Uploads text to new file in container

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized

    # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles
    userfile = dbSession.query(Userfile).filter(
        Userfile.name == file_name).first()
    user = dbSession.query(User).filter(User.id == bucket_id).first()
    if userfile is None:
        if user is None:
            dbSession.remove()
            return "403"  # Forbidden
            # userfile = Userfile(bucket_id, file_name)
            # useruserfile = UserUserfile(userfile, user, 6)
            # dbSession.add(userfile)
            # dbSession.add(useruserfile)
            # dbSession.commit()

    # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles
    else:
        useruserfile = dbSession.query(UserUserfile).filter(
            UserUserfile.user_id == user.id,
            UserUserfile.userfile_id == userfile.id).first()
        if useruserfile is None or useruserfile.permission < 6:
            dbSession.remove()
            return '403'  # redirect(url_for('403'))  # No permission found or permission not sufficient

    content = request.json['content']
    etcd_client = init_etcd_connection()
    file_string = "saveFile/" + str(user.id) + '_' + file_name + '/'
    # file_string = "saveFile/" + file_name + '/' # 150706 lars - zur besseren Unterscheidung der Dateien.

    async_ready_queue = Queue()
    thread_listen_ready_list = []
    thread_counter_clouds = 0
    for hoster in cloud_hoster:
        if cloud_hoster[hoster][1] is not None:
            hoster_string_ready = "/" + file_string + "ack_" + hoster
            pros = FuncThread(listen_ready_ack, etcd_client,
                              hoster_string_ready, hoster, async_ready_queue)
            pros.daemon = True
            pros.start()
            thread_listen_ready_list.append(pros)
            thread_counter_clouds += 1
    try:
        etcd_client.write(file_string, "", dir=True)
    except EtcdNotFile:
        for p in thread_listen_ready_list:
            p.terminate()
            print("terminate")
    else:
        # wait for all listen_ack processes
        for p in thread_listen_ready_list:
            p.join()

        etcd_cloud_hoster = cloud_hoster
        # evaluate results from queue
        for i in range(0, thread_counter_clouds):
            result = async_ready_queue.get()
            for r in result:
                if result[r][0]:
                    etcd_cloud_hoster[r][0] = True

        print "+++++ saveFile: ack listener finished..."

        data = {'content': content}
        email = current_user.email
        # create file string with _tmp suffix
        file_string_tmp = "saveFile_tmp/" + email + '_' + file_name + '_tmp/'
        async_receive_queue = Queue()
        thread_listen_receive_list = []
        thread_counter_clouds = 0
        for hoster in etcd_cloud_hoster:
            if etcd_cloud_hoster[hoster][1]:
                hoster_string_ready = "/" + file_string_tmp + "ack_" + hoster
                pros = FuncThread(listen_ack_etcd, etcd_client,
                                  hoster_string_ready, hoster,
                                  async_receive_queue, "2")
                pros.daemon = True
                pros.start()
                thread_listen_receive_list.append(pros)
                thread_counter_clouds = thread_counter_clouds + 1

        async_send_data = FuncThread(
            send_sync_data, etcd_cloud_hoster, data,
            '/storage/api/v1.0/syncfile/savefile_tmp/' + email + '/' +
            file_name)
        async_send_data.daemon = True
        async_send_data.start()
        print "+++++ send save file temp data to clouds"
        # wait for all listen_ack processes
        for p in thread_listen_ready_list:
            p.join()

        etcd_cloud_hoster = cloud_hoster
        # evaluate results from queue
        for i in range(0, thread_counter_clouds):
            result = async_receive_queue.get()
            for r in result:
                if result[r][0]:
                    etcd_cloud_hoster[r][0] = True
        print "++++++++ all clouds have saved the file temporarily"

        file_string = "saveFile/" + email + '_' + file_name + '/'
        async_receive_queue = Queue()
        thread_listen_receive_list = []
        thread_counter_clouds = 0
        for hoster in etcd_cloud_hoster:
            if etcd_cloud_hoster[hoster][1]:
                hoster_string_ready = "/" + file_string + "ack_" + hoster
                pros = FuncThread(listen_ack_etcd, etcd_client,
                                  hoster_string_ready, hoster,
                                  async_receive_queue, "3")
                pros.daemon = True
                pros.start()
                thread_listen_receive_list.append(pros)
                thread_counter_clouds = thread_counter_clouds + 1

        async_send_data = FuncThread(
            send_sync_data, etcd_cloud_hoster, data,
            '/storage/api/v1.0/syncfile/savefile/' + email + '/' + file_name)
        async_send_data.daemon = True
        async_send_data.start()
        print "+++++ send save file data to clouds"
        # wait for all listen_ack processes
        for p in thread_listen_ready_list:
            p.join()

        etcd_cloud_hoster = cloud_hoster
        # evaluate results from queue
        for i in range(0, thread_counter_clouds):
            result = async_receive_queue.get()
            for r in result:
                if result[r][0]:
                    etcd_cloud_hoster[r][0] = True
        print "++++++++ all clouds have saved the file"

    response = "200"
    # if not storageinterface.upload_from_text(bucket_id, file_name, content):
    # response = "500"
    dbSession.remove()
    return response
Beispiel #31
0
def rest_syncfile_save_file(user_email, file_name):
    print "rest_syncfile_save_file: ..."
    if request.method == 'POST':
        # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles
        userfile = dbSession.query(Userfile).filter(Userfile.name == file_name).first()
        user = dbSession.query(User).filter(User.email == user_email).first()
        user_id = user.get_id()
        print("-------------> found user with email : " + user_email + " and bucket id : " + user_id)
        if userfile is None:
            if user is None:
                return "403"  # Forbidden
            userfile = Userfile(user_id, file_name)
            useruserfile = UserUserfile(userfile, user, 6)
            dbSession.add(userfile)
            dbSession.add(useruserfile)
            dbSession.commit()

        # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles
        else:
            useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user.id,
                                                                UserUserfile.userfile_id == userfile.id).first()
            if useruserfile is None or useruserfile.permission < 6:
                print("return 403")
                dbSession.remove()
                return '403'  # redirect(url_for('403'))  # No permission found or permission not sufficient

        file_name_tmp = file_name+"_tmp"
        tmp_value = ""
        elements = dbSession.query(Userfile).filter((Userfile.folder == user_id), (Userfile.name == file_name_tmp)).first()
        if elements is None:
            dbSession.remove()
            return "404"
        if storageinterface.file_exists(user_id, file_name_tmp):
            # get tmp file that was saved before

            # get value of tmp file
            tmp_value = storageinterface.download_file_to_text(user_id, file_name_tmp)

            # delete tmp file
            storageinterface.delete_file(user_id, file_name_tmp)
            # no cascade possible, therfore we must remove the foreign-key there manually
            references = dbSession.query(UserUserfile).filter(UserUserfile.userfile_id == elements.id)
            for ref in references:
                dbSession.delete(ref)
            dbSession.delete(elements)
            dbSession.commit()
            dbSession.remove()
        
        #tmp_value = unicode(tmp_value,"utf-8")

        print("-------------------------------------------------------------")
        print("Received an external POST in order to save following file")
        print("content: " + tmp_value)
        print("user email: " + user_email)
        print("file_name: " + file_name)
        print("-------------------------------------------------------------")

        response = "500"
        if storageinterface.upload_from_text(user_id, file_name, tmp_value):
            response = "200"
            file_string = "saveFile/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform
            etcd_client = init_etcd_connection()
            etcd_client.write(file_string, 3)
        dbSession.remove()
    return response
Beispiel #32
0
def rest_upload_from_text(bucket_id, file_name):
    """
    Uploads text to new file in container

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized

    # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles
    userfile = dbSession.query(Userfile).filter(Userfile.name == file_name).first()
    user = dbSession.query(User).filter(User.id == bucket_id).first()
    if userfile is None:
        if user is None:
            dbSession.remove()
            return "403"  # Forbidden
            # userfile = Userfile(bucket_id, file_name)
            # useruserfile = UserUserfile(userfile, user, 6)
            # dbSession.add(userfile)
            # dbSession.add(useruserfile)
            # dbSession.commit()

    # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles
    else:
        useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user.id,
                                                            UserUserfile.userfile_id == userfile.id).first()
        if useruserfile is None or useruserfile.permission < 6:
            dbSession.remove()
            return '403'  # redirect(url_for('403'))  # No permission found or permission not sufficient

    content = request.json['content']
    etcd_client = init_etcd_connection()
    file_string = "saveFile/" + str(user.id) + '_' + file_name + '/'
    # file_string = "saveFile/" + file_name + '/' # 150706 lars - zur besseren Unterscheidung der Dateien.

    async_ready_queue = Queue()
    thread_listen_ready_list = []
    thread_counter_clouds = 0
    for hoster in cloud_hoster:
        if cloud_hoster[hoster][1] is not None:
            hoster_string_ready = "/" + file_string + "ack_" + hoster
            pros = FuncThread(listen_ready_ack, etcd_client, hoster_string_ready, hoster, async_ready_queue)
            pros.daemon = True
            pros.start()
            thread_listen_ready_list.append(pros)
            thread_counter_clouds += 1
    try:
        etcd_client.write(file_string, "", dir=True)
    except EtcdNotFile:
        for p in thread_listen_ready_list:
            p.terminate()
            print("terminate")
    else:
        # wait for all listen_ack processes
        for p in thread_listen_ready_list:
            p.join()

        etcd_cloud_hoster = cloud_hoster
        # evaluate results from queue
        for i in range(0, thread_counter_clouds):
            result = async_ready_queue.get()
            for r in result:
                if result[r][0]:
                    etcd_cloud_hoster[r][0] = True

        print "+++++ saveFile: ack listener finished..."

        data = {
            'content': content
        }
        email = current_user.email
        # create file string with _tmp suffix
        file_string_tmp = "saveFile_tmp/" + email + '_' + file_name + '_tmp/'
        async_receive_queue = Queue()
        thread_listen_receive_list = []
        thread_counter_clouds = 0
        for hoster in etcd_cloud_hoster:
            if etcd_cloud_hoster[hoster][1]:
                hoster_string_ready = "/" + file_string_tmp + "ack_" + hoster
                pros = FuncThread(listen_ack_etcd, etcd_client, hoster_string_ready, hoster,
                                  async_receive_queue, "2")
                pros.daemon = True
                pros.start()
                thread_listen_receive_list.append(pros)
                thread_counter_clouds = thread_counter_clouds + 1

        async_send_data = FuncThread(send_sync_data, etcd_cloud_hoster, data,
                                     '/storage/api/v1.0/syncfile/savefile_tmp/' + email + '/' + file_name)
        async_send_data.daemon = True
        async_send_data.start()
        print "+++++ send save file temp data to clouds"
        # wait for all listen_ack processes
        for p in thread_listen_ready_list:
            p.join()

        etcd_cloud_hoster = cloud_hoster
        # evaluate results from queue
        for i in range(0, thread_counter_clouds):
            result = async_receive_queue.get()
            for r in result:
                if result[r][0]:
                    etcd_cloud_hoster[r][0] = True
        print"++++++++ all clouds have saved the file temporarily"

        file_string = "saveFile/" + email + '_' + file_name + '/'
        async_receive_queue = Queue()
        thread_listen_receive_list = []
        thread_counter_clouds = 0
        for hoster in etcd_cloud_hoster:
            if etcd_cloud_hoster[hoster][1]:
                hoster_string_ready = "/" + file_string + "ack_" + hoster
                pros = FuncThread(listen_ack_etcd, etcd_client, hoster_string_ready, hoster,
                                  async_receive_queue, "3")
                pros.daemon = True
                pros.start()
                thread_listen_receive_list.append(pros)
                thread_counter_clouds = thread_counter_clouds + 1

        async_send_data = FuncThread(send_sync_data, etcd_cloud_hoster, data,
                                     '/storage/api/v1.0/syncfile/savefile/' + email + '/' + file_name)
        async_send_data.daemon = True
        async_send_data.start()
        print "+++++ send save file data to clouds"
        # wait for all listen_ack processes
        for p in thread_listen_ready_list:
            p.join()

        etcd_cloud_hoster = cloud_hoster
        # evaluate results from queue
        for i in range(0, thread_counter_clouds):
            result = async_receive_queue.get()
            for r in result:
                if result[r][0]:
                    etcd_cloud_hoster[r][0] = True
        print"++++++++ all clouds have saved the file"


    response = "200"
    # if not storageinterface.upload_from_text(bucket_id, file_name, content):
    # response = "500"
    dbSession.remove()
    return response
Beispiel #33
0
def rest_share_file(bucket_id, file_name):
    """
    Sets permission for file in db

    :param int bucket_id: The bucket in which the file is in
    :param string file_name: The name of the file
    :return file: a status response
    """

    print "rest_share_file: ..."
    username = request.json['username']
    permission = request.json['permission']

    print "username: "******"permission: " + permission
    print "bucket id: " + str(bucket_id)
    print "filename: " + file_name

    # 1. check if logged in user is owner of file_name
    if g.user is None or not g.user.is_authenticated():
        return "401"  # Unauthorized
    # 2. check if Owner of bucket is changing permissions
    if int(g.user.get_id()) != bucket_id:
        return "403"  # Forbidden
    # 3. check if file in table Userfile exists
    userfile = dbSession.query(Userfile).filter(
        Userfile.folder == bucket_id, Userfile.name == file_name).first()
    if userfile is None:
        dbSession.remove()
        return "404"  # Not found
    # 4. check if user_id in table User exists
    print("check user")
    user = dbSession.query(User).filter(User.username == username).first()
    if user is None:
        dbSession.remove()
        return "404"  # Not found
    # 5. check if permission allready exists in table UserUserfile

    #user_file_owner
    user_file_owner = dbSession.query(User).filter(
        User.id == bucket_id).first()

    data = {
        'name_file_owner': user_file_owner.username,
        'permission': permission,
        'bucket_id': bucket_id,
        'file_name': file_name,
        'username': username
    }

    print "Username Owner: " + user_file_owner.username
    print "file_name: " + file_name
    print "username: "******"503"
    else:
        ret_val = "200"

    dbSession.remove()
    return ret_val
Beispiel #34
0
def rest_syncfile_save_file(user_email, file_name):
    print "rest_syncfile_save_file: ..."
    if request.method == 'POST':
        # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles
        userfile = dbSession.query(Userfile).filter(
            Userfile.name == file_name).first()
        user = dbSession.query(User).filter(User.email == user_email).first()
        user_id = user.get_id()
        print("-------------> found user with email : " + user_email +
              " and bucket id : " + user_id)
        if userfile is None:
            if user is None:
                return "403"  # Forbidden
            userfile = Userfile(user_id, file_name)
            useruserfile = UserUserfile(userfile, user, 6)
            dbSession.add(userfile)
            dbSession.add(useruserfile)
            dbSession.commit()

        # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles
        else:
            useruserfile = dbSession.query(UserUserfile).filter(
                UserUserfile.user_id == user.id,
                UserUserfile.userfile_id == userfile.id).first()
            if useruserfile is None or useruserfile.permission < 6:
                print("return 403")
                dbSession.remove()
                return '403'  # redirect(url_for('403'))  # No permission found or permission not sufficient

        file_name_tmp = file_name + "_tmp"
        tmp_value = ""
        elements = dbSession.query(Userfile).filter(
            (Userfile.folder == user_id),
            (Userfile.name == file_name_tmp)).first()
        if elements is None:
            dbSession.remove()
            return "404"
        if storageinterface.file_exists(user_id, file_name_tmp):
            # get tmp file that was saved before

            # get value of tmp file
            tmp_value = storageinterface.download_file_to_text(
                user_id, file_name_tmp)

            # delete tmp file
            storageinterface.delete_file(user_id, file_name_tmp)
            # no cascade possible, therfore we must remove the foreign-key there manually
            references = dbSession.query(UserUserfile).filter(
                UserUserfile.userfile_id == elements.id)
            for ref in references:
                dbSession.delete(ref)
            dbSession.delete(elements)
            dbSession.commit()
            dbSession.remove()

        #tmp_value = unicode(tmp_value,"utf-8")

        print("-------------------------------------------------------------")
        print("Received an external POST in order to save following file")
        print("content: " + tmp_value)
        print("user email: " + user_email)
        print("file_name: " + file_name)
        print("-------------------------------------------------------------")

        response = "500"
        if storageinterface.upload_from_text(user_id, file_name, tmp_value):
            response = "200"
            file_string = "saveFile/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform
            etcd_client = init_etcd_connection()
            etcd_client.write(file_string, 3)
        dbSession.remove()
    return response