def package_purge(self, context, data_dict): if not authz.Authorizer().is_sysadmin(unicode(context['user'])): raise NotAuthorized if 'id' not in data_dict: raise NotFound package = context['model'].Package.get(data_dict['id']) package.purge() package = context['model'].Session.flush() result = self.engine.execute( select( [self.package_table.c.nid], or_(self.package_table.c.id == data_dict['id'], self.package_table.c.name == data_dict['id']))).fetchone() if not result: raise NotFound nid = result['nid'] url = urlparse.urljoin(self.base_url, 'services/package/%s.json' % (nid)) req = urllib2.Request(url) req.get_method = lambda: 'DELETE' f = urllib2.urlopen(req, None, 3) try: drupal_info = f.read() finally: f.close() package = context['model'].Session.commit()
def setup_template_variables(self, context, data_dict): from pylons import config authz_fn = logic.get_action('group_list_authz') c.groups_authz = authz_fn(context, data_dict) data_dict.update({'available_only': True}) c.groups_available = authz_fn(context, data_dict) c.licences = [('', '')] + base.model.Package.get_license_options() c.is_sysadmin = authz.Authorizer().is_sysadmin(c.user) if c.pkg: c.related_count = c.pkg.related_count ## This is messy as auths take domain object not data_dict context_pkg = context.get('package', None) pkg = context_pkg or c.pkg if pkg: try: if not context_pkg: context['package'] = pkg logic.check_access('package_change_state', context) c.auth_for_change_state = True except logic.NotAuthorized: c.auth_for_change_state = False
def _run(self): if not self.query.terms: return q = authz.Authorizer().authorized_query(username, model.Group) for term in self.query.terms: q = query.filter(model.Group.name.contains(term.lower())) self._db_query(q)
def setup_class(self): model.repo.init_db() self.authorizer = authz.Authorizer() self.admin_role = model.Role.ADMIN self.editor_role = model.Role.EDITOR self.reader_role = model.Role.READER model.repo.new_revision() anna = model.Package(name=u'annakarenina') war = model.Package(name=u'warandpeace') mradmin = model.User(name=u'mradmin') mreditor = model.User(name=u'mreditor') mrreader = model.User(name=u'mrreader') tester = model.User(name=u'tester') anauthzgroup = model.AuthorizationGroup(name=u'anauthzgroup') for obj in [ anna, war, mradmin, mreditor, mrreader, tester, anauthzgroup ]: model.Session.add(obj) model.repo.commit_and_remove() anna = model.Package.by_name(u'annakarenina') tester = model.User.by_name(u'tester') model.add_user_to_role(tester, self.admin_role, anna) self.context = unicode(model.Package.__name__) ra1 = model.RoleAction( role=self.admin_role, context=self.context, action=model.Action.EDIT, ) ra2 = model.RoleAction( role=self.editor_role, context=self.context, action=model.Action.EDIT, ) ra3 = model.RoleAction( role=self.reader_role, context=self.context, action=model.Action.READ, ) for obj in [ra1, ra2, ra3]: model.Session.add(obj) model.repo.commit_and_remove() mradmin = model.User.by_name(u'mradmin') mreditor = model.User.by_name(u'mreditor') mrreader = model.User.by_name(u'mrreader') model.add_user_to_role(mradmin, self.admin_role, anna) model.add_user_to_role(mreditor, self.editor_role, anna) model.add_user_to_role(mrreader, self.reader_role, anna) model.repo.commit_and_remove() self.mradmin = model.User.by_name(u'mradmin') self.mreditor = model.User.by_name(u'mreditor') self.mrreader = model.User.by_name(u'mrreader') self.war = model.Package.by_name(u'warandpeace') self.anna = model.Package.by_name(u'annakarenina')
def test_05_author_is_new_package_admin(self): user = self.mrloggedin # make new package assert not model.Package.by_name(u'annakarenina') offset = url_for(controller='package', action='new') res = self.app.get(offset, extra_environ={'REMOTE_USER': user.name.encode('utf8')}) assert 'New - Data Packages' in res fv = res.forms['package-edit'] prefix = '' fv[prefix + 'name'] = u'annakarenina' res = fv.submit('save', extra_environ={'REMOTE_USER': user.name.encode('utf8')}) # check user is admin pkg = model.Package.by_name(u'annakarenina') assert pkg roles = authz.Authorizer().get_roles(user.name, pkg) assert model.Role.ADMIN in roles, roles roles = authz.Authorizer().get_roles(u'someoneelse', pkg) assert not model.Role.ADMIN in roles, roles
def setup_class(self): model.Session.remove() model.repo.init_db() model.repo.new_revision() p1 = model.Package(name=u'annakarenina') p2 = model.Package(name=u'warandpeace') p3 = model.Package(name=u'test0') mradmin = model.User(name=u'tester') for obj in (p1, p2, p3, mradmin): model.Session.add(obj) self.authorizer = authz.Authorizer() model.repo.commit_and_remove()
def setup_class(self): CreateTestData.create() model.repo.new_revision() self.authorizer = authz.Authorizer() pkg = model.Package(name=u'testpkg') joeadmin = model.User.by_name(u'joeadmin') assert joeadmin model.setup_default_user_roles(pkg, [joeadmin]) model.repo.commit_and_remove() self.pkg = model.Package.by_name(u'testpkg') self.joeadmin = model.User.by_name(u'joeadmin') self.logged_in = model.User.by_name(model.PSEUDO_USER__LOGGED_IN) self.visitor = model.User.by_name(model.PSEUDO_USER__VISITOR)
def setup_template_variables(self, context, data_dict): c.is_sysadmin = authz.Authorizer().is_sysadmin(c.user) ## This is messy as auths take domain object not data_dict context_group = context.get('group', None) group = context_group or c.group if group: try: if not context_group: context['group'] = group logic.check_access('group_change_state', context) c.auth_for_change_state = True except logic.NotAuthorized: c.auth_for_change_state = False
def index(self): if not self.authorizer.am_authorized(c, model.Action.SITE_READ, model.System): abort(401, _('Not authorized to see this page')) query = authz.Authorizer().authorized_query(c.user, model.Group) query = query.order_by(model.Group.name.asc()) query = query.order_by(model.Group.title.asc()) c.page = Page( collection=query, page=request.params.get('page', 1), items_per_page=20 ) return render('group/index.html')
def setup_template_variables(self, context, data_dict): from pylons import config data_dict.update({'available_only': True}) c.groups_available = c.userobj and \ c.userobj.get_groups('organization') or [] c.licences = [('', '')] + base.model.Package.get_license_options() c.is_sysadmin = authz.Authorizer().is_sysadmin(c.user) ## This is messy as auths take domain object not data_dict context_pkg = context.get('package', None) pkg = context_pkg or c.pkg if pkg: try: if not context_pkg: context['package'] = pkg check_access('package_change_state', context) c.auth_for_change_state = True except NotAuthorized: c.auth_for_change_state = False
def setup_class(self): model.Session.remove() CreateTestData.create() model.Session.remove() self.authorizer = authz.Authorizer() self.admin_role = model.Role.ADMIN self.editor_role = model.Role.EDITOR self.reader_role = model.Role.READER john = model.User(name=u'john') model.Session.add(john) # setup annakarenina with default roles anna = model.Package.by_name(u'annakarenina') model.clear_user_roles(anna) annakarenina_creator = model.User(name=u'annakarenina_creator') model.Session.add(annakarenina_creator) model.repo.commit_and_remove() model.setup_default_user_roles(anna, [annakarenina_creator]) model.repo.commit_and_remove() # setup warandpeace with no roles war = model.Package.by_name(u'warandpeace') model.clear_user_roles(war) # setup restricted package - visitors can't change restricted = model.Package(name=u'restricted') vrestricted = model.Package(name=u'vrestricted') mreditor = model.User(name=u'mreditor') mrreader = model.User(name=u'mrreader') self.mrsysadmin = u'mrsysadmin' mrsysadmin = model.User(name=self.mrsysadmin) model.repo.new_revision() model.Session.add_all( [restricted, vrestricted, mreditor, mrreader, mrsysadmin]) model.repo.commit_and_remove() visitor_roles = [] logged_in_roles = [model.Role.EDITOR, model.Role.READER] logged_in_roles_v = [] restricted = model.Package.by_name(u'restricted') vrestricted = model.Package.by_name(u'vrestricted') model.setup_user_roles(restricted, visitor_roles, logged_in_roles) model.setup_user_roles(vrestricted, visitor_roles, logged_in_roles_v) model.repo.commit_and_remove() mreditor = model.User.by_name(u'mreditor') model.add_user_to_role(mreditor, model.Role.EDITOR, restricted) mrsysadmin = model.User.by_name(u'mrsysadmin') model.add_user_to_role(mrsysadmin, model.Role.ADMIN, model.System()) model.repo.commit_and_remove() self.mreditor = model.User.by_name(u'mreditor') self.mrreader = model.User.by_name(u'mrreader') self.annakarenina_creator = model.User.by_name(u'annakarenina_creator') self.logged_in = model.User.by_name(model.PSEUDO_USER__LOGGED_IN) self.visitor = model.User.by_name(model.PSEUDO_USER__VISITOR) self.john = model.User.by_name(u'john') self.war = model.Package.by_name(u'warandpeace') self.anna = model.Package.by_name(u'annakarenina') self.restricted = model.Package.by_name(u'restricted') self.vrestricted = model.Package.by_name(u'vrestricted')
def migrate_data(self, context, data_dict): if not authz.Authorizer().is_sysadmin(unicode(context['user'])): raise NotAuthorized model.Session.remove() model.Session().connection conn_ckan = model.Session.connection() conn_drupal = self.engine.connect() #package packages = conn_ckan.execute( select([model.package_revision_table], and_( model.package_revision_table.c.current == True, model.package_revision_table.c.state.in_( ['active', 'deleted'])))).fetchall() package_inserts = [] for package in packages: insert = {} for column in self.package_table.c: if column in package: insert[column.name] = package[column.name] package_inserts.append(insert) conn_drupal.execute(self.package_table.insert(), package_inserts) print 'packages done' #resources resources = conn_ckan.execute( select([ model.resource_revision_table, model.resource_group_table.c.package_id ], and_( model.resource_revision_table.c.current == True, model.resource_revision_table.c.state.in_( ['active', 'deleted']), model.resource_group_table.c.id == model.resource_revision_table.c.resource_group_id, ))).fetchall() resource_inserts = [] for resource in resources: insert = {} for column in self.resource_table.c: if column in resource: insert[column.name] = resource[column.name] insert['extras'] = json.dumps(insert['extras']) resource_inserts.append(insert) conn_drupal.execute(self.resource_table.insert(), resource_inserts) print 'resources done' #extras extras = conn_ckan.execute( select([model.extra_revision_table], and_( model.extra_revision_table.c.current == True, model.extra_revision_table.c.state.in_( ['active', 'deleted'])))).fetchall() package_extra_inserts = [] for extra in extras: insert = {} for column in self.package_extra_table.c: if column in extra: insert[column.name] = extra[column.name] insert['value'] = json.dumps(insert['value']) package_extra_inserts.append(insert) conn_drupal.execute(self.package_extra_table.insert(), package_extra_inserts) print 'extras done' #tags tags = conn_ckan.execute( select([model.package_tag_revision_table, model.tag_table.c.name], and_( model.package_tag_revision_table.c.current == True, model.package_tag_revision_table.c.state.in_( ['active', 'deleted']), model.tag_table.c.id == model.package_tag_revision_table.c.tag_id))).fetchall() tag_inserts = [] for tag in tags: tag_inserts.append({ 'name': tag['name'], 'id': tag['id'], 'package_id': tag['package_id'] }) conn_drupal.execute(self.tag_table.insert(), tag_inserts) print 'tags done' ## get nodes packages = conn_drupal.execute(select( [self.package_table], )).fetchall() for num, package in enumerate(packages): print num data_dict = {} for column in self.package_table.c: data_dict[column.name] = package[column.name] url = urlparse.urljoin(self.base_url, 'services/package.json') data_dict['body'] = data_dict.get('notes', '') if not data_dict['title']: data_dict['title'] = data_dict['name'] tags = conn_drupal.execute( select( [self.tag_table.c.name], self.tag_table.c.package_id == package['id'])).fetchall() data_dict['tags'] = [{'name': tag[0]} for tag in tags] data = json.dumps({'data': data_dict}) req = urllib2.Request(url, data, {'Content-type': 'application/json'}) f = urllib2.urlopen(req, None, 3) try: drupal_info = json.loads(f.read()) finally: f.close() nid = drupal_info['nid'] update = {'nid': nid} conn_drupal.execute(self.package_table.update().where( self.package_table.c.id == data_dict['id']).values(nid=nid)) conn_drupal.execute( 'update ckan_resource set nid = (select nid from ckan_package where ckan_resource.package_id = ckan_package.id);' ) conn_drupal.execute( 'update ckan_package_extra set nid = (select nid from ckan_package where ckan_package_extra.package_id = ckan_package.id);' ) conn_drupal.execute( 'update ckan_tag set nid = (select nid from ckan_package where ckan_tag.package_id = ckan_package.id);' ) print 'finished migration'
class BaseController(WSGIController): repo = model.repo authorizer = authz.Authorizer() log = logging.getLogger(__name__) def __before__(self, action, **params): c.__version__ = ckan.__version__ self._identify_user() i18n.handle_request(request, c) def _identify_user(self): # see if it was proxied first c.remote_addr = request.environ.get('HTTP_X_FORWARDED_FOR', '') if not c.remote_addr: c.remote_addr = request.environ.get('REMOTE_ADDR', 'Unknown IP Address') # what is different between session['user'] and environ['REMOTE_USER'] c.user = request.environ.get('REMOTE_USER', '') if c.user: c.user = c.user.decode('utf8') c.userobj = model.User.by_name(c.user) else: c.userobj = self._get_user_for_apikey() if c.userobj is not None: c.user = c.userobj.name if c.user: c.author = c.user else: c.author = c.remote_addr c.author = unicode(c.author) def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] try: return WSGIController.__call__(self, environ, start_response) finally: model.Session.remove() def __after__(self, action, **params): return def _get_user(self, reference): return model.User.by_name(reference) def _get_pkg(self, reference): return model.Package.get(reference) def _get_group(self, reference): return model.Group.get(reference) def _get_tag(self, reference): return model.Tag.get(reference) @classmethod def _get_request_data(cls): '''Returns a dictionary, extracted from a request. The request data is in POST data and formatted as a dictionary that has been JSON-encoded. If there is no data, None or "" is returned. ValueError will be raised if the data is not a JSON-formatted dict. ''' cls.log.debug('Retrieving request params: %r' % request.params) cls.log.debug('Retrieving request POST: %r' % request.POST) request_data = None if request.POST: try: request_data = request.POST.keys() except Exception, inst: msg = _("Could not find the POST data: %r : %s") % \ (request.POST, inst) raise ValueError, msg request_data = request_data[0] else:
class BaseController(WSGIController): repo = model.repo authorizer = authz.Authorizer() log = logging.getLogger(__name__) def __before__(self, action, **params): c.__version__ = ckan.__version__ self._identify_user() i18n.handle_request(request, c) def _identify_user(self): ''' Identifies the user using two methods: a) If he has logged into the web interface then repoze.who will set REMOTE_USER. b) For API calls he may set a header with his API key. If the user is identified then: c.user = user name (unicode) c.userobj = user object c.author = user name otherwise: c.user = None c.userobj = None c.author = user\'s IP address (unicode) ''' # see if it was proxied first c.remote_addr = request.environ.get('HTTP_X_FORWARDED_FOR', '') if not c.remote_addr: c.remote_addr = request.environ.get('REMOTE_ADDR', 'Unknown IP Address') # environ['REMOTE_USER'] is set by repoze.who if it authenticates a user's # cookie or OpenID. But repoze.who doesn't check the user (still) # exists in our database - we need to do that here. (Another way would # be with an userid_checker, but that would mean another db access. # See: http://docs.repoze.org/who/1.0/narr.html#module-repoze.who.plugins.sql ) c.user = request.environ.get('REMOTE_USER', '') if c.user: c.user = c.user.decode('utf8') c.userobj = model.User.by_name(c.user) if c.userobj is None: # This occurs when you are logged in, clean db # and then restart i.e. only really for testers. There is no # user object, so even though repoze thinks you are logged in # and your cookie has ckan_display_name, we need to force user # to logout and login again to get the User object. c.user = None self.log.warn('Logout to login') else: c.userobj = self._get_user_for_apikey() if c.userobj is not None: c.user = c.userobj.name if c.user: c.author = c.user else: c.author = c.remote_addr c.author = unicode(c.author) def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] try: res = WSGIController.__call__(self, environ, start_response) finally: model.Session.remove() # Clean out any old cookies as they may contain api keys etc # This also improves the cachability of our pages as cookies # prevent proxy servers from caching content unless they have # been configured to ignore them. for cookie in request.cookies: if cookie.startswith('ckan') and cookie not in ['ckan']: response.delete_cookie(cookie) # Remove the ckan session cookie if not used e.g. logged out elif cookie == 'ckan' and not c.user: # Check session for valid data (including flash messages) # (DGU also uses session for a shopping basket-type behaviour) is_valid_cookie_data = False for key, value in session.items(): if not key.startswith('_') and value: is_valid_cookie_data = True break if not is_valid_cookie_data: if session.id: if not session.get('lang'): self.log.debug( 'No session data any more - deleting session') self.log.debug('Session: %r', session.items()) session.delete() else: response.delete_cookie(cookie) self.log.debug( 'No session data any more - deleting session cookie' ) # Remove auth_tkt repoze.who cookie if user not logged in. elif cookie == 'auth_tkt' and not session.id: response.delete_cookie(cookie) return res def __after__(self, action, **params): self._set_cors() def _set_cors(self): response.headers['Access-Control-Allow-Origin'] = "*" response.headers[ 'Access-Control-Allow-Methods'] = "POST, PUT, GET, DELETE, OPTIONS" response.headers[ 'Access-Control-Allow-Headers'] = "X-CKAN-API-KEY, Authorization, Content-Type" def _get_user(self, reference): return model.User.by_name(reference) def _get_pkg(self, reference): return model.Package.get(reference) def _get_group(self, reference): return model.Group.get(reference) def _get_tag(self, reference): return model.Tag.get(reference) @classmethod def _get_request_data(cls, try_url_params=False): '''Returns a dictionary, extracted from a request. If there is no data, None or "" is returned. ValueError will be raised if the data is not a JSON-formatted dict. The data is retrieved as a JSON-encoded dictionary from the request body. Or, if the `try_url_params` argument is True and the request is a GET request, then an attempt is made to read the data from the url parameters of the request. try_url_params If try_url_params is False, then the data_dict is read from the request body. If try_url_params is True and the request is a GET request then the data is read from the url parameters. The resulting dict will only be 1 level deep, with the url-param fields being the keys. If a single key has more than one value specified, then the value will be a list of strings, otherwise just a string. This function is only used by the API, so no strings need to be translated. TODO: If this is only used by the API, then perhaps it should be moved to the api controller class? ''' cls.log.debug('Retrieving request params: %r' % request.params) cls.log.debug('Retrieving request POST: %r' % request.POST) cls.log.debug('Retrieving request GET: %r' % request.GET) request_data = None if request.POST: try: keys = request.POST.keys() # Parsing breaks if there is a = in the value, so for now # we will check if the data is actually all in a single key if keys and request.POST[keys[0]] in [u'1', u'']: request_data = keys[0] else: request_data = urllib.unquote_plus(request.body) except Exception, inst: msg = "Could not find the POST data: %r : %s" % \ (request.POST, inst) raise ValueError, msg elif try_url_params and request.GET: return request.GET.mixed()
class BaseController(WSGIController): repo = model.repo authorizer = authz.Authorizer() log = logging.getLogger(__name__) def __before__(self, action, **params): c.__version__ = ckan.__version__ self._identify_user() i18n.handle_request(request, c) def _identify_user(self): ''' Identifies the user using two methods: a) If he has logged into the web interface then repoze.who will set REMOTE_USER. b) For API calls he may set a header with his API key. If the user is identified then: c.user = user name (unicode) c.author = user name otherwise: c.user = None c.author = user\'s IP address (unicode) ''' # see if it was proxied first c.remote_addr = request.environ.get('HTTP_X_FORWARDED_FOR', '') if not c.remote_addr: c.remote_addr = request.environ.get('REMOTE_ADDR', 'Unknown IP Address') # what is different between session['user'] and environ['REMOTE_USER'] c.user = request.environ.get('REMOTE_USER', '') if c.user: c.user = c.user.decode('utf8') c.userobj = model.User.by_name(c.user) if c.userobj is None: # This occurs when you are logged in, clean db # and then restart i.e. only really for testers. There is no # user object, so even though repoze thinks you are logged in # and your cookie has ckan_display_name, we need to force user # to logout and login again to get the User object. c.user = None else: c.userobj = self._get_user_for_apikey() if c.userobj is not None: c.user = c.userobj.name if c.user: c.author = c.user else: c.author = c.remote_addr c.author = unicode(c.author) def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] # Clean out any old cookies as they may contain api keys etc # This also improves the cachability of our pages as cookies # prevent proxy servers from caching content unless they have # been configured to ignore them. for cookie in request.cookies: if cookie.startswith('ckan') and cookie not in ['ckan']: response.delete_cookie(cookie) # Remove the ckan session cookie if not used e.g. logged out elif cookie == 'ckan' and not c.user and not h.are_there_flash_messages( ): if session.id: if not session.get('lang'): session.delete() else: response.delete_cookie(cookie) # Remove auth_tkt repoze.who cookie if user not logged in. elif cookie == 'auth_tkt' and not session.id: response.delete_cookie(cookie) try: return WSGIController.__call__(self, environ, start_response) finally: model.Session.remove() def __after__(self, action, **params): self._set_cors() def _set_cors(self): response.headers['Access-Control-Allow-Origin'] = "*" response.headers[ 'Access-Control-Allow-Methods'] = "POST, PUT, GET, DELETE" response.headers[ 'Access-Control-Allow-Headers'] = "X-CKAN-API-KEY, Content-Type" def _get_user(self, reference): return model.User.by_name(reference) def _get_pkg(self, reference): return model.Package.get(reference) def _get_group(self, reference): return model.Group.get(reference) def _get_tag(self, reference): return model.Tag.get(reference) @classmethod def _get_request_data(cls): '''Returns a dictionary, extracted from a request. The request data is in POST data and formatted as a dictionary that has been JSON-encoded. If there is no data, None or "" is returned. ValueError will be raised if the data is not a JSON-formatted dict. This function is only used by the API, so no strings need to be translated. ''' cls.log.debug('Retrieving request params: %r' % request.params) cls.log.debug('Retrieving request POST: %r' % request.POST) request_data = None if request.POST: try: keys = request.POST.keys() # Parsing breaks if there is a = in the value, so for now # we will check if the data is actually all in a single key if keys and request.POST[keys[0]] in [u'1', u'']: request_data = keys[0] else: request_data = urllib.unquote_plus(request.body) except Exception, inst: msg = "Could not find the POST data: %r : %s" % \ (request.POST, inst) raise ValueError, msg else:
class BaseController(WSGIController): repo = model.repo authorizer = authz.Authorizer() log = logging.getLogger(__name__) def __before__(self, action, **params): c.__version__ = ckan.__version__ self._identify_user() i18n.handle_request(request, c) def _identify_user(self): # see if it was proxied first c.remote_addr = request.environ.get('HTTP_X_FORWARDED_FOR', '') if not c.remote_addr: c.remote_addr = request.environ.get('REMOTE_ADDR', 'Unknown IP Address') # what is different between session['user'] and environ['REMOTE_USER'] c.user = request.environ.get('REMOTE_USER', '') if c.user: c.user = c.user.decode('utf8') c.userobj = model.User.by_name(c.user) if c.userobj is None: # This occurs when you are logged in with openid, clean db # and then restart i.e. only really for testers. There is no # user object, so even though repoze thinks you are logged in # and your cookie has ckan_display_name, we need to force user # to login again to get the User object. c.user = None else: c.userobj = self._get_user_for_apikey() if c.userobj is not None: c.user = c.userobj.name if c.user: c.author = c.user else: c.author = c.remote_addr c.author = unicode(c.author) def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] try: return WSGIController.__call__(self, environ, start_response) finally: model.Session.remove() def __after__(self, action, **params): self._set_cors() def _set_cors(self): response.headers['Access-Control-Allow-Origin'] = "*" response.headers['Access-Control-Allow-Methods'] = "POST, PUT, GET, DELETE" response.headers['Access-Control-Allow-Headers'] = "X-CKAN-API-KEY, Content-Type" def _get_user(self, reference): return model.User.by_name(reference) def _get_pkg(self, reference): return model.Package.get(reference) def _get_group(self, reference): return model.Group.get(reference) def _get_tag(self, reference): return model.Tag.get(reference) @classmethod def _get_request_data(cls): '''Returns a dictionary, extracted from a request. The request data is in POST data and formatted as a dictionary that has been JSON-encoded. If there is no data, None or "" is returned. ValueError will be raised if the data is not a JSON-formatted dict. This function is only used by the API, so no strings need to be translated. ''' cls.log.debug('Retrieving request params: %r' % request.params) cls.log.debug('Retrieving request POST: %r' % request.POST) request_data = None if request.POST: try: request_data = request.POST.keys() except Exception, inst: msg = "Could not find the POST data: %r : %s" % \ (request.POST, inst) raise ValueError, msg request_data = request_data[0] else:
def setup_template_variables(self, context, data_dict): data_dict.update({'available_only': True}) toolkit.c.groups_available = toolkit.c.userobj and \ toolkit.c.userobj.get_groups('organization') or [] toolkit.c.licences = [('', '') ] + base.model.Package.get_license_options() toolkit.c.is_sysadmin = authz.Authorizer().is_sysadmin(toolkit.c.user) ## This is messy as auths take domain object not data_dict context_pkg = context.get('package', None) pkg = context_pkg or toolkit.c.pkg if pkg: try: if not context_pkg: context['package'] = pkg logic.check_access('package_change_state', context) toolkit.c.auth_for_change_state = True except logic.NotAuthorized: toolkit.c.auth_for_change_state = False #Get MetroPulse fields and add them to the form here = os.path.dirname(__file__) rootdir = os.path.dirname(os.path.dirname(here)) if 'cmap_data_family' in toolkit.c.pkg_dict: data_family = toolkit.c.pkg_dict['cmap_data_family'] else: data_family = '' if 'cmap_data_category' in toolkit.c.pkg_dict: data_cat = toolkit.c.pkg_dict['cmap_data_category'] else: data_cat = '' if 'cmap_data_subcategory' in toolkit.c.pkg_dict: data_subcat = toolkit.c.pkg_dict['cmap_data_subcategory'] else: data_subcat = '' geogLevelsFile = open( os.path.join(rootdir, 'MetroPulseGeogLevels.xml'), 'r') geogLevelsXml = geogLevelsFile.read() fieldsFile = open(os.path.join(rootdir, 'MetroPulseFields.xml'), 'r') fieldsXml = fieldsFile.read() geogLevelsList = metropulse.getFilteredChildren( geogLevelsXml, "geoglevels", ('id', 'name')) toolkit.c.cmap_geog_levels = geogLevelsList dataFamilyList = metropulse.getFilteredChildren( fieldsXml, "data", ('id', 'caption')) toolkit.c.cmap_data_families = dataFamilyList # attributeRegEx regular expression narrows future values to ones # that are children of current values (makes sure selections make sense together) attributeRegEx = {'id': data_family} dataCatList = metropulse.getFilteredChildren(fieldsXml, "datafamily", ('id', 'caption'), attributeRegEx) toolkit.c.cmap_data_categories = dataCatList attributeRegEx = {'id': data_cat} dataSubcatList = metropulse.getFilteredChildren( fieldsXml, "datacat", ('id', 'caption'), attributeRegEx) toolkit.c.cmap_data_subcategories = dataSubcatList attributeRegEx = {'id': data_subcat} dataFieldList = metropulse.getFilteredChildren(fieldsXml, "datasubcat", ('id', 'caption'), attributeRegEx) toolkit.c.cmap_data_fields = dataFieldList
def _run(self): q = authz.Authorizer().authorized_query(self.options.get('username'), model.Package) make_like = lambda x, y: x.ilike(u'%' + unicode(y) + u'%') q = q.filter( model.package_search_table.c.package_id == model.Package.id) all_terms = '' if self.query.query != '*:*': # Full search by general terms (and field specific terms but not by field) terms_set = set(self.query.terms) terms_set.update(self.query.fields.values()) all_terms = u' '.join(map(unicode, terms_set)) if len(all_terms.strip()): q = q.filter( u'package_search.search_vector @@ plainto_tsquery(:terms)') q = q.params(terms=all_terms) # Filter by field specific terms for field, terms in self.query.fields.items(): if field == 'tags': q = self._filter_by_tag(q, terms) continue elif field == 'groups': q = self._filter_by_group(q, terms) continue if isinstance(terms, basestring): terms = terms.split() if field in model.package_table.c: model_attr = getattr(model.Package, field) for term in terms: q = q.filter(make_like(model_attr, term)) else: q = self._filter_by_extra(q, field, terms) # Filter for options if self.options.filter_by_downloadable: q = q.join('resource_groups_all', 'resources_all', aliased=True) q = q.filter( sqlalchemy.and_( model.Resource.state == model.State.ACTIVE, model.ResourceGroup.package_id == model.Package.id)) if self.options.filter_by_openness: q = q.filter(model.Package.license_id.in_(self.open_licenses)) order_by = self.options.order_by if order_by is not None: if order_by == 'rank': q = q.add_column( sqlalchemy.func.ts_rank_cd( sqlalchemy.text('package_search.search_vector'), sqlalchemy.func.plainto_tsquery(all_terms))) q = q.order_by(sqlalchemy.text('ts_rank_cd_1 DESC')) elif hasattr(model.Package, order_by): q = q.order_by(getattr(model.Package, order_by)) else: # TODO extras raise NotImplemented q = q.distinct() self._db_query(q)