Beispiel #1
0
    def manage_showcase_admins(self):
        '''
        A ckan-admin page to list and add showcase admin users.
        '''
        context = {'model': model, 'session': model.Session,
                   'user': c.user or c.author}

        try:
            check_access('sysadmin', context, {})
        except NotAuthorized:
            abort(401, _('User not authorized to view page'))

        # We're trying to add a user to the showcase admins list.
        if request.method == 'POST' and request.params['username']:
            username = request.params['username']
            try:
                get_action('ckanext_showcase_admin_add')(
                    data_dict={'username': username})
            except NotAuthorized:
                abort(401, _('Unauthorized to perform that action'))
            except NotFound:
                h.flash_error(_("User '{user_name}' not found.").format(
                    user_name=username))
            except ValidationError as e:
                h.flash_notice(e.error_summary)
            else:
                h.flash_success(_("The user is now a Showcase Admin"))

            return redirect(h.url_for(
                controller='ckanext.showcase.controller:ShowcaseController',
                action='manage_showcase_admins'))

        c.showcase_admins = get_action('ckanext_showcase_admin_list')()

        return render('admin/manage_showcase_admins.html')
 def request_new_organization(self):
     context = {'model': model, 'session': model.Session,
                    'user': c.user or c.author}
     try:
         tk.check_access('hdx_send_new_org_request',context)
     except logic.NotAuthorized:
         base.abort(401, _('Unauthorized to send a new org request'))
         
     errors = {}
     error_summary = {}
     data = {'from': request.params.get('from','')}
     from_url = ''
     if 'save' in request.params:
         try:
             data = self._process_new_org_request()
             self._validate_new_org_request_field(data)
             
             tk.get_action('hdx_send_new_org_request')(context, data)
             
             #from_url = data.get('from','')
             data.clear()
             h.flash_success(_('Request sent successfully'))
         except hdx_mail.NoRecipientException, e:
             h.flash_error(_(str(e)))
         except logic.ValidationError, e:
             errors = e.error_dict
             error_summary = e.error_summary
    def report(self, dataset_id, issue_number):
        dataset = self._before_dataset(dataset_id)
        if request.method == 'POST':
            if not c.user:
                msg = _('You must be logged in to report issues')
                toolkit.abort(401, msg)
            try:
                report_info = toolkit.get_action('issue_report')(
                    data_dict={
                        'issue_number': issue_number,
                        'dataset_id': dataset_id
                    }
                )
                if report_info:
                    # we have this info if it is an admin
                    msgs = [_('Report acknowledged.')]
                    if report_info['abuse_status'] == \
                            issuemodel.AbuseStatus.abuse.value:
                        msgs.append(_('Marked as abuse/spam.'))
                    msgs.append(_('Issue is visible.')
                                if report_info['visibility'] == 'visible' else
                                _('Issue is invisible to normal users.'))
                    h.flash_success(' '.join(msgs))
                else:
                    h.flash_success(_('Issue reported to an administrator'))
            except toolkit.ValidationError:
                toolkit.abort(404)
            except toolkit.ObjectNotFound:
                toolkit.abort(404)
            except ReportAlreadyExists, e:
                h.flash_error(e.message)

            h.redirect_to('issues_show',
                          dataset_id=dataset_id,
                          issue_number=issue_number)
  def _listener_route(self, action, id, resource_id):
    if not c.userobj or not c.userobj.sysadmin:
      base.abort(404)

    if action == 'terminate':
      task = session.query(model.TaskStatus)\
        .filter(
          model.TaskStatus.task_type=='twitter_streaming',
          model.TaskStatus.entity_id==resource_id)\
        .first()
      if not task:
        h.flash_error("Can't find listener")
      if task:
        pid = task.error or '' 
        if not pid:
          h.flash_error("Can't get PID of process")
        else:
          h.flash_success('Success')
          toolkit.get_action('task_status_update')(None, {
            'entity_id': resource_id,
            'task_type': 'twitter_streaming',
            'key': 'celery_task_id',
            'state': 'Terminated',
            'value': 'Ready for start',
            'error': pid,
            'last_updated': datetime.datetime.now().isoformat(),
            'entity_type': 'resource'
          })
          if os.system('kill -9 %s' % pid):
            toolkit.get_action('celery_revoke')(self.context, {'id': pid, 'resource': resource_id})
    base.redirect(h.url_for('getting_tweets', id=id, resource_id=resource_id))
Beispiel #5
0
    def request_reset(self):
        context = {"model": model, "session": model.Session, "user": toolkit.c.user, "auth_user_obj": toolkit.c.userobj}
        data_dict = {"id": toolkit.request.params.get("user")}
        try:
            toolkit.check_access("request_reset", context)
        except toolkit.NotAuthorized:
            toolkit.abort(401, toolkit._("Unauthorized to request reset password."))

        if toolkit.request.method == "POST":
            id = toolkit.request.params.get("user")

            context = {"model": model, "user": toolkit.c.user}

            data_dict = {"id": id}
            user_obj = None
            try:
                toolkit.get_action("user_show")(context, data_dict)
                user_obj = context["user_obj"]
            except toolkit.ObjectNotFound:
                h.flash_error(toolkit._("No such user: %s") % id)

            if user_obj:
                try:
                    mailer.send_reset_link(user_obj)
                    h.flash_success(toolkit._("Please check your inbox for " "a reset code."))
                    h.redirect_to("/")
                except mailer.MailerException, e:
                    h.flash_error(toolkit._("Could not send reset link: %s") % unicode(e))
 def remove_pipe(self, id, pipeline_id):
     assert id
     assert pipeline_id
     
     try:
         data_dict = {'id': id}
         context = {'model': model, 'session': model.Session,
                'user': c.user or c.author,
                'auth_user_obj': c.userobj}
         check_access('package_update', context, data_dict)
         package = get_action('package_show')(context, data_dict)
         # id is most probably is package.name so we have to get actual id
         pipe = Pipelines(package['id'], pipeline_id).get()
         
         if not pipe:
             h.flash_error(_(u"Couldn't remove pipeline, because there is no such pipeline assigned to this dataset."))
             base.redirect(h.url_for('pipe_assign', id=id))
         else:
             pipe_id = pipe.pipeline_id
             pipe.delete()
             pipe.commit()
             h.flash_success(_(u'Pipeline removed from dataset successfully'))
             
             disable_schedules_for_pipe(pipe_id)
     except NotFound:
         abort(404, _(u'Dataset not found'))
     except NotAuthorized:
         abort(401, _(u'User {user} not authorized to edit {id}').format(user=c.user, id=id))
     
     base.redirect(h.url_for('pipe_assign', id=id))
    def logged_in(self):
        came_from = request.params.get('came_from', '')

        if c.user:
            context = None
            data_dict = {'id': c.user, 'link_wotkit': True}
            try:
                user_dict = get_action('user_show')(context, data_dict)
            except logic.NotAuthorized as e:
                return self.login(error=str(e))

            h.flash_success(_("%s is now logged in") %
                            user_dict['display_name'])
            if came_from and "logged_in" not in came_from:
                """Mark: HACK redirect to ignore the base URL /data. 
                This used to use url_for, but doing so always appends the /data path which we won't want
                Thus had to change it to redirect_to
                """
                return routes.redirect_to(str(came_from))
            return self.me()
        else:
            err = _('Login failed. Bad username or password.')
            if g.openid_enabled:
                err += _(' (Or if using OpenID, it hasn\'t been associated '
                         'with a user account.)')
            if h.asbool(config.get('ckan.legacy_templates', 'false')):
                h.flash_error(err)
                h.redirect_to(locale=lang, controller='user',
                              action='login', came_from=came_from)
            else:
                return self.login(error=err)
Beispiel #8
0
    def refresh(self, id):
        try:
            context = {'model': model, 'user': c.user, 'session': model.Session}
            p.toolkit.get_action('harvest_job_create')(
                context, {'source_id': id, 'run': True}
            )
            h.flash_success(
                _('Harvest will start shortly. Refresh this page for updates.')
            )
        except p.toolkit.ObjectNotFound:
            abort(404, _('Harvest source not found'))
        except p.toolkit.NotAuthorized:
            abort(401, self.not_auth_message)
        except HarvestSourceInactiveError:
            h.flash_error(
                _(
                    'Cannot create new harvest jobs on inactive '
                    'sources. First, please change the source status '
                    'to "active".'
                )
            )
        except HarvestJobExists:
            h.flash_notice(
                _('A harvest job has already been scheduled for ' 'this source')
            )
        except Exception as e:
            msg = 'An error occurred: [%s]' % str(e)
            h.flash_error(msg)

        h.redirect_to(h.url_for('{0}_admin'.format(DATASET_TYPE_NAME), id=id))
Beispiel #9
0
    def request_reset(self):
        context = {'model': model, 'session': model.Session, 'user': c.user,
                   'auth_user_obj': c.userobj}
        data_dict = {'id': request.params.get('user')}
        try:
            check_access('request_reset', context)
        except NotAuthorized:
            abort(401, _('Unauthorized to request reset password.'))

        if request.method == 'POST':
            id = request.params.get('user')

            context = {'model': model,
                       'user': c.user}

            data_dict = {'id': id}
            user_obj = None
            try:
                user_dict = get_action('user_show')(context, data_dict)
                user_obj = context['user_obj']
            except NotFound:
                # Show success regardless of outcome to prevent scanning
                h.flash_success(_('Please check your inbox for '
                                  'a reset code.'))

            if user_obj:
                try:
                    mailer.send_reset_link(user_obj)
                    h.flash_success(_('Please check your inbox for '
                                      'a reset code.'))
                    h.redirect_to('/')
                except mailer.MailerException, e:
                    h.flash_error(_('Could not send reset link: %s') %
                                  unicode(e))
Beispiel #10
0
    def request_reset(self):
        context = {'model': model, 'session': model.Session, 'user': c.user,
                   'auth_user_obj': c.userobj}

        try:
            check_access('request_reset', context)
        except NotAuthorized:
            abort(401, _('Unauthorized to request reset password.'))

        if request.method == 'POST':
            email = request.params.get('email')
            users = model.User.by_email(email)

            if not users:
                h.flash_error(_('Email not registered: %s') % email)

            else:
                try:
                    mailer.send_reset_link(users[0])
                    h.flash_success(_('Please check your inbox for '
                                    'a reset code.'))
                    h.redirect_to('/')
                except mailer.MailerException, e:
                    h.flash_error(_('Could not send reset link: %s') %
                                  unicode(e))
Beispiel #11
0
    def remove_project_admin(self):
        '''
        Remove a user from the project Admin list.
        '''
        context = {'model': model, 'session': model.Session,
                   'user': c.user or c.author}

        try:
            check_access('sysadmin', context, {})
        except NotAuthorized:
            abort(401, _('User not authorized to view page'))

        if 'cancel' in request.params:
            tk.redirect_to(controller='ckanext.project.controller:projectController',
                          action='manage_project_admins')

        user_id = request.params['user']
        if request.method == 'POST' and user_id:
            user_id = request.params['user']
            try:
                get_action('ckanext_project_admin_remove')(data_dict={'username': user_id})
            except NotAuthorized:
                abort(401, _('Unauthorized to perform that action'))
            except NotFound:
                h.flash_error(_('The user is not a project Admin'))
            else:
                h.flash_success(_('The user is no longer a project Admin'))

            return redirect(h.url_for(controller='ckanext.project.controller:projectController',
                                      action='manage_project_admins'))

        c.user_dict = get_action('user_show')(data_dict={'id': user_id})
        c.user_id = user_id
        return render('admin/confirm_remove_project_admin.html')
Beispiel #12
0
    def logged_in(self):
        # redirect if needed
        came_from = request.params.get('came_from', '')
        if self._sane_came_from(came_from):
            return h.redirect_to(str(came_from))

        if c.user:
            context = None
            data_dict = {'id': c.user}

            user_dict = get_action('user_show')(context, data_dict)

            h.flash_success(
                _("%s is now logged in") % user_dict['display_name'])
            return self.me()
        else:
            err = _('Login failed. Bad username or password.')
            if g.openid_enabled:
                err += _(' (Or if using OpenID, it hasn\'t been associated '
                         'with a user account.)')
            if h.asbool(config.get('ckan.legacy_templates', 'false')):
                h.flash_error(err)
                h.redirect_to(
                    controller='user', action='login', came_from=came_from)
            else:
                return self.login(error=err)
Beispiel #13
0
    def dataset_project_list(self, id):
        '''
        Display a list of projects a dataset is associated with, with an
        option to add to project from a list.
        '''
        context = {'model': model, 'session': model.Session,
                   'user': c.user or c.author, 'for_view': True,
                   'auth_user_obj': c.userobj}
        data_dict = {'id': id}

        try:
            check_access('package_show', context, data_dict)
        except NotFound:
            abort(404, _('Dataset not found'))
        except NotAuthorized:
            abort(401, _('Not authorized to see this page'))

        try:
            c.pkg_dict = get_action('package_show')(context, data_dict)
            c.project_list = get_action('ckanext_package_project_list')(context, {'package_id': c.pkg_dict['id']})
        except NotFound:
            abort(404, _('Dataset not found'))
        except logic.NotAuthorized:
            abort(401, _('Unauthorized to read package %s') % id)

        if request.method == 'POST':
            # Are we adding the dataset to a project?
            new_project = request.POST.get('project_added')
            if new_project:
                data_dict = {"project_id": new_project,
                             "package_id": c.pkg_dict['id']}
                try:
                    get_action('ckanext_project_package_association_create')(context, data_dict)
                except NotFound:
                    abort(404, _('project not found'))
                else:
                    h.flash_success(_("The dataset has been added to the project."))

            # Are we removing a dataset from a project?
            project_to_remove = request.POST.get('remove_project_id')
            if project_to_remove:
                data_dict = {"project_id": project_to_remove,
                             "package_id": c.pkg_dict['id']}
                try:
                    get_action('ckanext_project_package_association_delete')(context, data_dict)
                except NotFound:
                    abort(404, _('project not found'))
                else:
                    h.flash_success(_("The dataset has been removed from the project."))
            redirect(h.url_for(controller='ckanext.project.controller:projectController',
                               action='dataset_project_list', id=c.pkg_dict['name']))

        pkg_project_ids = [project['id'] for project in c.project_list]
        site_projects = get_action('ckanext_project_list')(context, {})

        c.project_dropdown = [[project['id'], project['title']]
                               for project in site_projects
                               if project['id'] not in pkg_project_ids]

        return render("package/dataset_project_list.html")
Beispiel #14
0
def unpublish_ogc(context, data_dict):
    """
    Un-publishes the Geoserver layer based on the resource identifier. Retrieves the Geoserver layer name and package
     identifier to construct layer and remove it.
    """
    resource_id = data_dict.get("resource_id")
    layer_name = data_dict.get("layer_name")
    layer_name = "NGDS:" + resource_id
    username = context.get('user')
    file_resource = toolkit.get_action("resource_show")(None, {"id": resource_id})

    geoserver = Geoserver.from_ckan_config()

    package_id = model.Resource.get(resource_id).resource_group.package_id

    def unpub():
        layer = Layer(geoserver=geoserver, layer_name=layer_name, resource_id=resource_id, package_id=package_id,
                      username=username)
        return layer

    try:
        layer = unpub()
    except socket.error:
        h.flash_error(
            _("Error connecting to geoserver. Please contact the site administrator if this problem persists."))
        return False

    layer.remove()
    h.flash_success(
        _("This resource has successfully been unpublished."))
    return True
Beispiel #15
0
    def refresh(self, id):
        try:
            context = {
                'model': model,
                'user': c.user,
                'session': model.Session}
            p.toolkit.get_action('harvest_job_create')(
                context, {'source_id': id})
            h.flash_success(
                _('Refresh requested, harvesting will take place within 15 minutes.'))
        except p.toolkit.ObjectNotFound:
            abort(404, _('Harvest source not found'))
        except p.toolkit.NotAuthorized:
            abort(401, self.not_auth_message)
        except Exception as e:
            if 'Can not create jobs on inactive sources' in str(e):
                h.flash_error(_('Cannot create new harvest jobs on inactive sources.' +
                                ' First, please change the source status to \'active\'.'))
            elif 'There already is an unrun job for this source' in str(e):
                h.flash_notice(
                    _('A harvest job has already been scheduled for this source'))
            else:
                msg = 'An error occurred: [%s]' % str(e)
                h.flash_error(msg)

        redirect(h.url_for('{0}_admin'.format(DATASET_TYPE_NAME), id=id))
Beispiel #16
0
    def form(self):
        context = {'model': model, 'user': c.user}
        if not ckan.new_authz.is_authorized('sysadmin',
                context, {})['success']:
            base.abort(401, _('Need to be system administrator'))
        # get one and only one entry from our extlink table
        entry = model.Session.query(extlinkmodel.ExtLink).first()
        if not entry:
            # create the empty entry for the first time
            entry = extlinkmodel.ExtLink()
            entry.save()

        if base.request.method == "POST":
            data = logic.clean_dict(
                    df.unflatten(
                        logic.tuplize_dict(
                            logic.parse_params(base.request.params)
                    )))
            entry.domains = data.get('white-list')
            entry.message = data.get('message')
            entry.save()
            h.flash_success(_('External link changes saved.'))
            h.redirect_to(controller=self.controller_path, action='form')

        c.extlinkdata = {
            'white-list': entry.domains,
            'message': entry.message,
            'placeholder': msg_default,
        }
        return p.toolkit.render("form.html")
Beispiel #17
0
    def logged_in(self):
        # we need to set the language via a redirect
        lang = session.pop('lang', None)
        session.save()
        came_from = request.params.get('came_from', '')

        # we need to set the language explicitly here or the flash
        # messages will not be translated.
        i18n.set_lang(lang)

        if c.user:
            context = None
            data_dict = {'id': c.user}

            user_dict = get_action('user_show')(context, data_dict)

            h.flash_success(_("%s is now logged in") %
                            user_dict['display_name'])
            if came_from:
                return h.redirect_to(str(came_from))
            return self.me()
        else:
            err = _('Login failed. Bad username or password.')
            if g.openid_enabled:
                err += _(' (Or if using OpenID, it hasn\'t been associated '
                         'with a user account.)')
            if h.asbool(config.get('ckan.legacy_templates', 'false')):
                h.flash_error(err)
                h.redirect_to(locale=lang, controller='user',
                              action='login', came_from=came_from)
            else:
                return self.login(error=err)
 def _save_new_pending(self, context):
     params = request.params
     password = str(binascii.b2a_hex(os.urandom(15)))
     data = dict(
         fullname = params['fullname'],
         name = params['name'],
         password1 = password,
         password2 = password,
         state = model.State.PENDING,
         email = params['email'],
         organization_request = params['organization-for-request'],
         reason_to_access = params['reason-to-access']
         )
     organization = model.Group.get(data['organization_request'])
     try:
         user_dict = logic.get_action('user_create')(context, data)
         context1 = { 'user': model.Session.query(model.User).filter_by(sysadmin=True).first().name }
         msg = "Dear Admin,\n\nA request for a new user account has been submitted:\nUsername: "******"\nName: " + data['fullname'] + "\nEmail: " + data['email'] + "\nOrganisation: " + organization.display_name + "\nReason for access: " + data['reason_to_access'] + "\n\nThis request can be approved or rejected at " + g.site_url + h.url_for(controller='ckanext.accessrequests.controller:AccessRequestsController', action='account_requests')
         mailer.mail_recipient('Admin', config.get('ckanext.accessrequests.approver_email'), 'Account request', msg)
         h.flash_success('Your request for access to the {0} has been submitted.'.format(config.get('ckan.site_title')))
     except ValidationError, e:
         # return validation failures to the form
         errors = e.error_dict
         error_summary = e.error_summary
         return self.request_account(data, errors, error_summary)
Beispiel #19
0
    def handle_submit(self, id):
        data = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
            request.params))))

        data['dataset_url'] = toolkit.url_for(
            controller='package',
            action='read',
            id=id,
            qualified=True
        )

        package = get_action('package_show')(None, {'id': id})
        self.fail_if_private(package, data['dataset_url'])

        # Comma separated config var
        to_addrs = config['ckanext.ands.support_emails'].split(',')

        subject = 'DataPortal Support: Request to publish dataset'

        body = base.render(
            'package/doi_email.text',
            extra_vars=data)

        for email in to_addrs:
            mail_recipient('Dataportal support', email, subject, body)

        data['package_id'] = package['id']
        data['user_id'] = c.userobj.id

        doi_request = DoiRequest(**data)
        Session.add(doi_request)
        Session.commit()

        h.flash_success("DOI Request sent")
        return toolkit.redirect_to(data['dataset_url'])
Beispiel #20
0
    def _save_edit(self, id, context):
        try:
            data_dict = logic.clean_dict(unflatten(
                logic.tuplize_dict(logic.parse_params(request.params))))
            context['message'] = data_dict.get('log_message', '')
            data_dict['id'] = id

            if data_dict['password1'] and data_dict['password2']:
                identity = {'login': c.user,
                            'password': data_dict['old_password']}
                auth = authenticator.UsernamePasswordAuthenticator()

                if auth.authenticate(request.environ, identity) != c.user:
                    raise UsernamePasswordError

            # MOAN: Do I really have to do this here?
            if 'activity_streams_email_notifications' not in data_dict:
                data_dict['activity_streams_email_notifications'] = False

            user = get_action('user_update')(context, data_dict)
            h.flash_success(_('Profile updated'))
            h.redirect_to(controller='user', action='read', id=user['name'])
        except NotAuthorized:
            abort(401, _('Unauthorized to edit user %s') % id)
        except NotFound, e:
            abort(404, _('User not found'))
Beispiel #21
0
 def _package_after_update(self, context, pkg_dict):
     log.debug(u"Updating package {}".format(pkg_dict['name']))
     if 'authors' in pkg_dict:
         update_authors(context, pkg_dict, pkg_dict['authors'])
     if 'oa_funder' in pkg_dict:
         update_oa_tag(context, pkg_dict, 'oa_funders', pkg_dict['oa_funder'])
     if 'oa_funding_program' in pkg_dict:
         update_oa_tag(context, pkg_dict, 'oa_funding_programs', pkg_dict['oa_funding_program'])
     update_ancestral_license(context, pkg_dict, 
             pkg_dict['ancestral_license'] if 'ancestral_license' in pkg_dict else None)
     update_moderation_status(context['session'], 
                              pkg_dict['id'], 
                              pkg_dict['moderationStatus'] if 'moderationStatus' in pkg_dict else 'private', 
                              pkg_dict['moderationNotes'] if 'moderationNotes' in pkg_dict else '')
     if pkg_dict.get('state', 'active') == 'active' and not pkg_dict.get('private', False):
         orig_pkg_dict = toolkit.get_action('package_show')(context,
                 {'id': pkg_dict['id']})
         pkg_dict['metadata_created'] = orig_pkg_dict['metadata_created']
         package_doi = get_package_doi(pkg_dict['id'])
         if not package_doi:
             package_doi = create_package_doi(pkg_dict)
         # TODO verify if crucial metadata has been changed and only then
         # send updates to DataCite.  But the truth is that in our case
         # almost every change in metadata is crucial, so let's skip that
         # check for a while.
         if package_doi.published:
             update_package_doi(pkg_dict)
             h.flash_success(_('DataCite DOI metadata updated'))
         else:
             publish_package_doi(pkg_dict)
             h.flash_success(_('DataCite DOI has been created'))
     return pkg_dict
Beispiel #22
0
    def post(self, id):
        context, user_dict = self._prepare(id)
        context[u'reset_password'] = True
        user_state = user_dict[u'state']
        try:
            new_password = self._get_form_password()
            user_dict[u'password'] = new_password
            username = request.form.get(u'name')
            if (username is not None and username != u''):
                user_dict[u'name'] = username
            user_dict[u'reset_key'] = g.reset_key
            user_dict[u'state'] = model.State.ACTIVE
            logic.get_action(u'user_update')(context, user_dict)
            mailer.create_reset_key(context[u'user_obj'])

            h.flash_success(_(u'Your password has been reset.'))
            return h.redirect_to(u'home.index')
        except logic.NotAuthorized:
            h.flash_error(_(u'Unauthorized to edit user %s') % id)
        except logic.NotFound:
            h.flash_error(_(u'User not found'))
        except dictization_functions.DataError:
            h.flash_error(_(u'Integrity Error'))
        except logic.ValidationError as e:
            h.flash_error(u'%r' % e.error_dict)
        except ValueError as e:
            h.flash_error(text_type(e))
        user_dict[u'state'] = user_state
        return base.render(u'user/perform_reset.html', {
            u'user_dict': user_dict
        })
Beispiel #23
0
def unfollow(package_type, id):
    """Stop following this dataset.
    """
    context = {
        u'model': model,
        u'session': model.Session,
        u'user': g.user,
        u'auth_user_obj': g.userobj
    }
    data_dict = {u'id': id}
    try:
        get_action(u'unfollow_dataset')(context, data_dict)
        package_dict = get_action(u'package_show')(context, data_dict)
        id = package_dict['name']
    except ValidationError as e:
        error_message = (e.message or e.error_summary or e.error_dict)
        h.flash_error(error_message)
    except (NotFound, NotAuthorized) as e:
        error_message = e.message
        h.flash_error(error_message)
    else:
        h.flash_success(
            _(u"You are no longer following {0}").format(
                package_dict[u'title']
            )
        )

    return h.redirect_to(u'dataset.read', id=id)
Beispiel #24
0
    def review(self, id):
        """
        sends review notification to all journal admins
        """

        context = self._context()

        try:
            tk.check_access('package_update', context, {'id': id})
        except tk.NotAuthorized:
            tk.abort(403, 'Unauthorized')

        c.pkg_dict = tk.get_action('package_show')(context, {'id': id})

        # avoid multiple notifications (eg. when someone calls review directly)
        if c.pkg_dict.get('dara_edawax_review', 'false') == 'true':
            h.flash_error("Package has already been sent to review")
            redirect(id)

        user_name = tk.c.userobj.fullname or tk.c.userobj.email
        admins = get_group_or_org_admin_ids(c.pkg_dict['owner_org'])
        addresses = map(lambda admin_id: model.User.get(admin_id).email, admins)
        note = n.review(addresses, user_name, id)

        if note:
            c.pkg_dict['dara_edawax_review'] = 'true'
            tk.get_action('package_update')(context, c.pkg_dict)
            h.flash_success('Notification to Editors sent.')
        else:
            h.flash_error('ERROR: Mail could not be sent. Please try again later or contact the site admin.')

        redirect(id)
Beispiel #25
0
    def logged_in(self):
        # we need to set the language via a redirect
        lang = session.pop("lang", None)
        session.save()
        came_from = request.params.get("came_from", "")

        # we need to set the language explicitly here or the flash
        # messages will not be translated.
        i18n.set_lang(lang)

        if c.user:
            context = None
            data_dict = {"id": c.user}

            user_dict = get_action("user_show")(context, data_dict)

            h.flash_success(_("%s is now logged in") % user_dict["display_name"])
            if came_from:
                return h.redirect_to(str(came_from))
            return self.me()
        else:
            err = _("Login failed. Bad username or password.")
            if g.openid_enabled:
                err += _(" (Or if using OpenID, it hasn't been associated " "with a user account.)")
            if h.asbool(config.get("ckan.legacy_templates", "false")):
                h.flash_error(err)
                h.redirect_to(locale=lang, controller="user", action="login", came_from=came_from)
            else:
                return self.login(error=err)
Beispiel #26
0
 def report_comment(self, dataset_id, issue_number, comment_id):
     dataset = self._before_dataset(dataset_id)
     if request.method == 'POST':
         if not c.user:
             msg = _('You must be logged in to report comments')
             toolkit.abort(401, msg)
         try:
             toolkit.get_action('issue_comment_report')(
                 data_dict={
                     'comment_id': comment_id,
                     'issue_number': issue_number,
                     'dataset_id': dataset_id
                 }
             )
             h.flash_success(
                 _('Comment has been reported to an administrator')
             )
             h.redirect_to('issues_show',
                           dataset_id=dataset_id,
                           issue_number=issue_number)
         except toolkit.ValidationError:
             toolkit.abort(404)
         except ReportAlreadyExists, e:
             h.flash_error(e.message)
         h.redirect_to('issues_show', dataset_id=dataset_id,
                       issue_number=issue_number)
Beispiel #27
0
 def trash(self):
     c.deleted_revisions = model.Session.query(
         model.Revision).filter_by(state=model.State.DELETED)
     c.deleted_packages = model.Session.query(
         model.Package).filter_by(state=model.State.DELETED)
     if not request.params or (len(request.params) == 1 and '__no_cache__'
                               in request.params):
         return base.render('admin/trash.html')
     else:
         # NB: we repeat retrieval of of revisions
         # this is obviously inefficient (but probably not *that* bad)
         # but has to be done to avoid (odd) sqlalchemy errors (when doing
         # purge packages) of form: "this object already exists in the
         # session"
         msgs = []
         if ('purge-packages' in request.params) or ('purge-revisions' in
                                                     request.params):
             if 'purge-packages' in request.params:
                 revs_to_purge = []
                 for pkg in c.deleted_packages:
                     revisions = [x[0] for x in pkg.all_related_revisions]
                     # ensure no accidental purging of other(non-deleted)
                     # packages initially just avoided purging revisions
                     # where non-deleted packages were affected
                     # however this lead to confusing outcomes e.g.
                     # we succesfully deleted revision in which package
                     # was deleted (so package now active again) but no
                     # other revisions
                     problem = False
                     for r in revisions:
                         affected_pkgs = set(r.packages).\
                             difference(set(c.deleted_packages))
                         if affected_pkgs:
                             msg = _('Cannot purge package %s as '
                                     'associated revision %s includes '
                                     'non-deleted packages %s')
                             msg = msg % (pkg.id, r.id, [pkg.id for r
                                                         in affected_pkgs])
                             msgs.append(msg)
                             problem = True
                             break
                     if not problem:
                         revs_to_purge += [r.id for r in revisions]
                 model.Session.remove()
             else:
                 revs_to_purge = [rev.id for rev in c.deleted_revisions]
             revs_to_purge = list(set(revs_to_purge))
             for id in revs_to_purge:
                 revision = model.Session.query(model.Revision).get(id)
                 try:
                     # TODO deleting the head revision corrupts the edit
                     # page Ensure that whatever 'head' pointer is used
                     # gets moved down to the next revision
                     model.repo.purge_revision(revision, leave_record=False)
                 except Exception, inst:
                     msg = _('Problem purging revision %s: %s') % (id, inst)
                     msgs.append(msg)
             h.flash_success(_('Purge complete'))
         else:
Beispiel #28
0
    def after_update(self, context, pkg_dict):
        """
        Dataset has been created / updated
        Check status of the dataset to determine if we should publish DOI to datacite network

        @param pkg_dict:
        @return: pkg_dict
        """

        # Is this active and public? If so we need to make sure we have an active DOI
        if pkg_dict.get('state', 'active') == 'active' and not pkg_dict.get('private', False):

            package_id = pkg_dict['id']

            # Load the original package, so we can determine if user has changed any fields
            orig_pkg_dict = get_action('package_show')(context, {'id': package_id})

            # Metadata created isn't populated in pkg_dict - so copy from the original
            pkg_dict['metadata_created'] = orig_pkg_dict['metadata_created']

            # Load the local DOI
            doi = get_doi(package_id)

            # If we don't have a DOI, create one
            # This could happen if the DOI module is enabled after a dataset has been creates

            if not doi:
                doi = create_unique_identifier(package_id)

            # Build the metadata dict to pass to DataCite service
            metadata_dict = self.build_metadata(pkg_dict, doi)

            # Perform some basic checks against the data - we require at the very least
            # title and author fields - they're mandatory in the DataCite Schema
            # This will only be an issue if another plugin has removed a mandatory field
            self.validate_metadata(metadata_dict)

            # Is this an existing DOI? Update it
            if doi.published:

                # Before updating, check if any of the metadata has been changed - otherwise
                # We end up sending loads of revisions to DataCite for minor edits
                # Load the current version
                orig_metadata_dict = self.build_metadata(orig_pkg_dict, doi)

                # Check if the two dictionaries are the same
                if cmp(orig_metadata_dict, metadata_dict) != 0:
                    # Not the same, so we want to update the metadata
                    update_doi(package_id, **metadata_dict)
                    h.flash_success('DataCite DOI metadata updated')

                # TODO: If editing a dataset older than 5 days, create DOI revision

            # New DOI - publish to datacite
            else:
                h.flash_success('DataCite DOI created')
                publish_doi(package_id, **metadata_dict)

        return pkg_dict
Beispiel #29
0
    def _edit_or_new(self, id, related_id, is_edit):
        """
        Edit and New were too similar and so I've put the code together
        and try and do as much up front as possible.
        """
        context = {"model": model, "session": model.Session, "user": c.user or c.author, "for_view": True}
        data_dict = {}

        if is_edit:
            tpl = "related/edit.html"
            auth_name = "related_update"
            auth_dict = {"id": related_id}
            action_name = "related_update"

            try:
                related = logic.get_action("related_show")(context, {"id": related_id})
            except logic.NotFound:
                base.abort(404, _("Related item not found"))
        else:
            tpl = "related/new.html"
            auth_name = "related_create"
            auth_dict = {}
            action_name = "related_create"

        try:
            logic.check_access(auth_name, context, auth_dict)
        except logic.NotAuthorized:
            base.abort(401, base._("Not authorized"))

        try:
            c.pkg_dict = logic.get_action("package_show")(context, {"id": id})
        except logic.NotFound:
            base.abort(404, _("Package not found"))

        data, errors, error_summary = {}, {}, {}

        if base.request.method == "POST":
            try:
                data = logic.clean_dict(df.unflatten(logic.tuplize_dict(logic.parse_params(base.request.params))))

                if is_edit:
                    data["id"] = related_id
                else:
                    data["dataset_id"] = id
                data["owner_id"] = c.userobj.id

                related = logic.get_action(action_name)(context, data)

                if not is_edit:
                    h.flash_success(_("Related item was successfully created"))
                else:
                    h.flash_success(_("Related item was successfully updated"))

                h.redirect_to(controller="related", action="list", id=c.pkg_dict["name"])
            except df.DataError:
                base.abort(400, _(u"Integrity Error"))
            except logic.ValidationError, e:
                errors = e.error_dict
                error_summary = e.error_summary
Beispiel #30
0
 def send(self):
     if not 'email' in request.params:
         abort(400,_('Please provide an email address'))
     email = request.params['email']
     row = {'email':email,'signedup': datetime.now().isoformat()}
     self.table.AddRecord(row)
     h.flash_success(_('Your email has been stored. Thank you for your interest.'))
     redirect('/')
Beispiel #31
0
 def unfollow(self, id):
     '''Stop following this user.'''
     context = {
         'model': model,
         'session': model.Session,
         'user': c.user or c.author,
         'auth_user_obj': c.userobj
     }
     data_dict = {'id': id, 'include_num_followers': True}
     try:
         get_action('unfollow_user')(context, data_dict)
         user_dict = get_action('user_show')(context, data_dict)
         h.flash_success(
             _("You are no longer following {0}").format(
                 user_dict['display_name']))
     except (NotFound, NotAuthorized) as e:
         error_message = e.message
         h.flash_error(error_message)
     except ValidationError as e:
         error_message = (e.error_summary or e.message or e.error_dict)
         h.flash_error(error_message)
     h.redirect_to(controller='user', action='read', id=id)
Beispiel #32
0
def unfollow(id: str, group_type: str, is_organization: bool) -> Response:
    u'''Stop following this group.'''
    set_org(is_organization)
    context = cast(Context, {
        u'model': model,
        u'session': model.Session,
        u'user': g.user
    })
    data_dict = {u'id': id}
    try:
        get_action(u'unfollow_group')(context, data_dict)
        group_dict = get_action(u'group_show')(context, data_dict)
        h.flash_success(
            _(u"You are no longer following {0}").format(group_dict['title']))
        id = group_dict['name']
    except ValidationError as e:
        error_message = (e.message or e.error_summary or e.error_dict)
        h.flash_error(error_message)
    except (NotFound, NotAuthorized) as e:
        error_message = e.message or ''
        h.flash_error(error_message)
    return h.redirect_to(u'group.read', id=id)
Beispiel #33
0
def comment_report_clear(dataset_id, issue_number, comment_id):
    dataset = _before_dataset(dataset_id)
    if request.method == 'POST':
        try:
            toolkit.get_action('issue_comment_report_clear')(
                data_dict={
                    'comment_id': comment_id,
                    'issue_number': issue_number,
                    'dataset_id': dataset_id
                })
            h.flash_success(_('Spam/abuse report cleared'))
            return p.toolkit.redirect_to('issues.show_issue',
                                         dataset_id=dataset_id,
                                         issue_number=issue_number)
        except toolkit.NotAuthorized:
            msg = _('You must be logged in to clear abuse reports').format(
                issue_number)
            toolkit.abort(401, msg)
        except toolkit.ValidationError:
            toolkit.abort(404)
        except toolkit.ObjectNotFound:
            toolkit.abort(404)
Beispiel #34
0
    def remove_pipe(self, id, pipeline_id):
        assert id
        assert pipeline_id

        try:
            data_dict = {'id': id}
            context = {
                'model': model,
                'session': model.Session,
                'user': c.user or c.author,
                'auth_user_obj': c.userobj
            }
            check_access('package_update', context, data_dict)
            package = get_action('package_show')(context, data_dict)
            # id is most probably is package.name so we have to get actual id
            pipe = Pipelines(package['id'], pipeline_id).get()

            if not pipe:
                h.flash_error(
                    _(u"Couldn't remove pipeline, because there is no such pipeline assigned to this dataset."
                      ))
                base.redirect(h.url_for('pipe_assign', id=id))
            else:
                pipe_id = pipe.pipeline_id
                pipe.delete()
                pipe.commit()
                h.flash_success(
                    _(u'Pipeline removed from dataset successfully'))

                disable_schedules_for_pipe(pipe_id)
        except NotFound:
            abort(404, _(u'Dataset not found'))
        except NotAuthorized:
            abort(
                401,
                _(u'User {user} not authorized to edit {id}').format(
                    user=c.user, id=id))

        base.redirect(h.url_for('pipe_assign', id=id))
Beispiel #35
0
 def follow(self, id):
     '''Start following this user.'''
     context = {
         'model': model,
         'session': model.Session,
         'user': c.user or c.author,
         'auth_user_obj': c.userobj
     }
     data_dict = {'id': id}
     try:
         get_action('follow_user')(context, data_dict)
         user_dict = get_action('user_show')(context, data_dict)
         h.flash_success(
             _("You are now following {0}").format(
                 user_dict['display_name']))
     except ValidationError as e:
         error_message = (e.extra_msg or e.message or e.error_summary
                          or e.error_dict)
         h.flash_error(error_message)
     except NotAuthorized as e:
         h.flash_error(e.extra_msg)
     h.redirect_to(controller='user', action='read', id=id)
Beispiel #36
0
 def report_comment(self, dataset_id, issue_number, comment_id):
     dataset = self._before_dataset(dataset_id)
     if request.method == 'POST':
         if not c.user:
             msg = _('You must be logged in to report comments')
             toolkit.abort(401, msg)
         try:
             report_info = toolkit.get_action('issue_comment_report')(
                 data_dict={
                     'comment_id': comment_id,
                     'issue_number': issue_number,
                     'dataset_id': dataset_id
                 })
             if report_info:
                 # we have this info if it is an admin
                 msgs = [_('Report acknowledged.')]
                 if report_info['abuse_status'] == \
                         issuemodel.AbuseStatus.abuse.value:
                     msgs.append(_('Marked as abuse/spam.'))
                 msgs.append(
                     _('Comment is visible.'
                       ) if report_info['visibility'] == 'visible' else _(
                           'Comment is invisible to normal users.'))
                 h.flash_success(' '.join(msgs))
             else:
                 h.flash_success(
                     _('Comment has been reported to an administrator'))
             p.toolkit.redirect_to('issues_show',
                                   dataset_id=dataset_id,
                                   issue_number=issue_number)
         except toolkit.ValidationError:
             toolkit.abort(404)
         except toolkit.ObjectNotFound:
             toolkit.abort(404)
         except ReportAlreadyExists, e:
             h.flash_error(e.message)
         p.toolkit.redirect_to('issues_show',
                               dataset_id=dataset_id,
                               issue_number=issue_number)
 def unfollow(self, id):
     '''Stop following this group.'''
     context = {
         'model': model,
         'session': model.Session,
         'user': c.user or c.author
     }
     data_dict = {'id': id}
     try:
         get_action('unfollow_group')(context, data_dict)
         group_dict = get_action('group_show')(context, data_dict)
         h.flash_success(
             _("You are no longer following {0}").format(
                 group_dict['title']))
     except ValidationError as e:
         error_message = (e.extra_msg or e.message or e.error_summary
                          or e.error_dict)
         h.flash_error(error_message)
     except (NotFound, NotAuthorized) as e:
         error_message = e.extra_msg or e.message
         h.flash_error(error_message)
     h.redirect_to(controller='group', action='read', id=id)
Beispiel #38
0
 def _save_new(self, context):
     try:
         data_dict = logic.clean_dict(unflatten(
             logic.tuplize_dict(logic.parse_params(request.params))))
         context['message'] = data_dict.get('log_message', '')
         captcha.check_recaptcha(request)
         user = get_action('user_create')(context, data_dict)
     except NotAuthorized:
         abort(403, _('Unauthorized to create user %s') % '')
     except NotFound as e:
         abort(404, _('User not found'))
     except DataError:
         abort(400, _(u'Integrity Error'))
     except captcha.CaptchaError:
         error_msg = _(u'Bad Captcha. Please try again.')
         h.flash_error(error_msg)
         return self.new(data_dict)
     except ValidationError as e:
         errors = e.error_dict
         error_summary = e.error_summary
         return self.new(data_dict, errors, error_summary)
     if not c.user:
         # log the user in programatically
         set_repoze_user(data_dict['name'])
         h.redirect_to(controller='user', action='me')
     else:
         # #1799 User has managed to register whilst logged in - warn user
         # they are not re-logged in as new user.
         h.flash_success(_('User "%s" is now registered but you are still '
                         'logged in as "%s" from before') %
                         (data_dict['name'], c.user))
         if authz.is_sysadmin(c.user):
             # the sysadmin created a new user. We redirect him to the
             # activity page for the newly created user
             h.redirect_to(controller='user',
                           action='activity',
                           id=data_dict['name'])
         else:
             return render('user/logout_first.html')
Beispiel #39
0
def unfollow(id):
    u'''Stop following this user.'''
    context = {
        u'model': model,
        u'session': model.Session,
        u'user': g.user,
        u'auth_user_obj': g.userobj
    }
    data_dict = {u'id': id, u'include_num_followers': True}
    try:
        logic.get_action(u'unfollow_user')(context, data_dict)
        user_dict = logic.get_action(u'user_show')(context, data_dict)
        h.flash_success(
            _(u'You are no longer following {0}').format(
                user_dict[u'display_name']))
    except (logic.NotFound, logic.NotAuthorized) as e:
        error_message = e.message
        h.flash_error(error_message)
    except logic.ValidationError as e:
        error_message = (e.error_summary or e.message or e.error_dict)
        h.flash_error(error_message)
    return h.redirect_to(u'user.read', id=id)
Beispiel #40
0
    def manage(self):
        context = {
            'model': model,
            'session': model.Session,
            'user': toolkit.c.user or toolkit.c.author
        }
        try:
            toolkit.check_access('sysadmin', context, {})
        except toolkit.NotAuthorized:
            toolkit.abort(401, toolkit._('User not authorized to view page'))

        controller = 'ckanext.cadastaroles.controller:CadastaAdminController'
        username = toolkit.request.params.get('username')
        if toolkit.request.method == 'POST' and username:
            try:
                toolkit.get_action('cadasta_admin_create')(data_dict={
                    'username': username
                })
            except toolkit.NotAuthorized:
                toolkit.abort(401,
                              toolkit._('Unauthorized to perform that action'))
            except toolkit.ObjectNotFound:
                helpers.flash_error(
                    toolkit._("User '{0}' not found.").format(username))
            except toolkit.ValidationError as e:
                helpers.flash_notice(e.error_summary)
            else:
                helpers.flash_success(
                    toolkit._('The user is now a Cadasta Admin'))

            return toolkit.redirect_to(
                toolkit.url_for(controller=controller, action='manage'))

        cadasta_admin_list = toolkit.get_action('cadasta_admin_list')()
        return toolkit.render('admin/manage_cadasta_admin.html',
                              extra_vars={
                                  'cadasta_admin_list': cadasta_admin_list,
                              })
Beispiel #41
0
    def post(self, id):
        context = {u'model': model}

        data_dict = logic.clean_dict(
            dictization_functions.unflatten(
                logic.tuplize_dict(logic.parse_params(request.form))))

        data_dict[u'user'] = id
        try:
            token = logic.get_action(u'api_token_create')(
                context,
                data_dict
            )[u'token']
        except logic.NotAuthorized:
            base.abort(403, _(u'Unauthorized to create API tokens.'))
        except logic.ValidationError as e:
            errors = e.error_dict
            error_summary = e.error_summary
            return self.get(id, data_dict, errors, error_summary)

        copy_btn = dom_tags.button(dom_tags.i(u'', {
            u'class': u'fa fa-copy'
        }), {
            u'type': u'button',
            u'class': u'btn btn-default btn-xs',
            u'data-module': u'copy-into-buffer',
            u'data-module-copy-value': ensure_str(token)
        })
        h.flash_success(
            _(
                u"API Token created: <code style=\"word-break:break-all;\">"
                u"{token}</code> {copy}<br>"
                u"Make sure to copy it now, "
                u"you won't be able to see it again!"
            ).format(token=ensure_str(token), copy=copy_btn),
            True
        )
        return h.redirect_to(u'user.api_tokens', id=id)
Beispiel #42
0
    def request_reset(self):
        context = {
            'model': model,
            'session': model.Session,
            'user': toolkit.c.user,
            'auth_user_obj': toolkit.c.userobj
        }
        data_dict = {'id': toolkit.request.params.get('user')}
        try:
            toolkit.check_access('request_reset', context)
        except toolkit.NotAuthorized:
            toolkit.abort(401,
                          toolkit._('Unauthorized to request reset password.'))

        if toolkit.request.method == 'POST':
            id = toolkit.request.params.get('user')

            context = {'model': model, 'user': toolkit.c.user}

            data_dict = {'id': id}
            user_obj = None
            try:
                toolkit.get_action('user_show')(context, data_dict)
                user_obj = context['user_obj']
            except toolkit.ObjectNotFound:
                h.flash_error(toolkit._('No such user: %s') % id)

            if user_obj:
                try:
                    mailer.send_reset_link(user_obj)
                    h.flash_success(
                        toolkit._('Please check your inbox for '
                                  'a reset code.'))
                    h.redirect_to('/')
                except mailer.MailerException, e:
                    h.flash_error(
                        toolkit._('Could not send reset link: %s') %
                        unicode(e))
Beispiel #43
0
 def refresh(self, id):
     try:
         context = {
             'model': model,
             'user': c.user,
             'session': model.Session
         }
         p.toolkit.get_action('harvest_job_create')(context, {
             'source_id': id,
             'run': True
         })
         h.flash_success(
             _('Harvest will start shortly. Refresh this page for updates.')
         )
     except p.toolkit.ObjectNotFound:
         abort(404, _('Harvest source not found'))
     except p.toolkit.NotAuthorized:
         abort(401, self.not_auth_message)
     except HarvestSourceInactiveError, e:
         h.flash_error(
             _('Cannot create new harvest jobs on inactive '
               'sources. First, please change the source status '
               'to \'active\'.'))
Beispiel #44
0
def follow(package_type, id):
    """Start following this dataset.
    """
    context = {
        u'model': model,
        u'session': model.Session,
        u'user': g.user,
        u'auth_user_obj': g.userobj
    }
    data_dict = {u'id': id}
    try:
        get_action(u'follow_dataset')(context, data_dict)
        package_dict = get_action(u'package_show')(context, data_dict)
    except ValidationError as e:
        error_message = (e.message or e.error_summary or e.error_dict)
        h.flash_error(error_message)
    except NotAuthorized as e:
        h.flash_error(e.message)
    else:
        h.flash_success(
            _(u"You are now following {0}").format(package_dict[u'title']))

    return h.redirect_to(u'dataset.read', id=id)
Beispiel #45
0
def delete_view(id):
    try:
        context = {'model': model, 'user': tk.c.user}

        context['clear_source'] = tk.request.params.get('clear',
                                                        '').lower() in (
                                                            u'true',
                                                            u'1',
                                                        )

        tk.get_action('harvest_source_delete')(context, {'id': id})

        if context['clear_source']:
            h.flash_success(_('Harvesting source successfully cleared'))
        else:
            h.flash_success(_('Harvesting source successfully inactivated'))

        return h.redirect_to(
            h.url_for('{0}_admin'.format(DATASET_TYPE_NAME), id=id))
    except tk.ObjectNotFound:
        return tk.abort(404, _('Harvest source not found'))
    except tk.NotAuthorized:
        return tk.abort(401, _not_auth_message())
Beispiel #46
0
    def reauthor(self, id):
        """reset dataset to private and leave review state.
        Should also send email to author
        """
        context = self._context()
        msg = tk.request.params.get('msg', '')
        c.pkg_dict = tk.get_action('package_show')(context, {'id': id})
        creator_mail = model.User.get(c.pkg_dict['creator_user_id']).email
        note = n.reauthor(id, creator_mail, msg, context)

        if note:
            c.pkg_dict.update({
                'private': True,
                'dara_edawax_review': 'reauthor'
            })
            tk.get_action('package_update')(context, c.pkg_dict)
            h.flash_success(
                'Notification sent. Dataset can now be re-edited by author')
        else:
            h.flash_error(
                'ERROR: Mail could not be sent. Please try again later or contact the site admin.'
            )
        redirect(id)
Beispiel #47
0
    def generate_apikey(self, id):
        '''Cycle the API key of a user'''
        context = {'model': model,
                   'session': model.Session,
                   'user': c.user,
                   'auth_user_obj': c.userobj,
                   }
        if id is None:
            if c.userobj:
                id = c.userobj.id
            else:
                abort(400, _('No user specified'))
        data_dict = {'id': id}

        try:
            result = get_action('user_generate_apikey')(context, data_dict)
        except NotAuthorized:
            abort(403, _('Unauthorized to edit user %s') % '')
        except NotFound:
            abort(404, _('User not found'))

        h.flash_success(_('Profile updated'))
        h.redirect_to(controller='user', action='read', id=result['name'])
Beispiel #48
0
def member_request_membership_cancel(context, data_dict):
    '''
    Cancel ACTIVE organization membership (not request) from logged in user.
    Organization_id must be provided.
    :param organization_id: id of the organization
    :type member: string
    '''
    logic.check_access('member_request_membership_cancel', context, data_dict)

    organization_id = data_dict.get("organization_id")
    query = model.Session.query(model.Member) \
        .filter(model.Member.state == 'active') \
        .filter(model.Member.table_name == 'user') \
        .filter(model.Member.table_id == c.userobj.id) \
        .filter(model.Member.group_id == organization_id)
    member = query.first()

    if not member or not member.group.is_organization:
        raise logic.NotFound

    flash_success(_("Membership cancelled"))

    return _process_request(context, organization_id, member, 'active')
Beispiel #49
0
def sync_irods(params, id):
    """
    Fetches a resource from database with the same path as user specified and 
    that matches an existing resource in CKAN.
    """
    from irods import getFileUserMetadata, rcModAccessControl
    rev = model.repo.new_revision()
    conn = get_connection_from_params(params)
    resource = Resource.get(id)
    path = params['path']
    extras = {}
    # Lets handle only resources with file names
    if resource.name:
        fname = "%s/%s" % (path, resource.name.split('/')[-1])
        log.debug(fname)
        i = 0
        access = rcModAccessControl()
        log.debug(access.getPath())
        if conn:
            for met in getFileUserMetadata(conn, fname):
                i += 1
                key, value, _ = met
                extras[key] = value
            resource.extras = extras
            Session.add(resource)
            conn.disconnect()
            model.repo.commit()
            rev.message = "Update from iRODS, matched file %s" % fname
            h.flash_success(
                "iRODS import to resource OK! Imported %s metadatas" % i)
        else:
            h.flash_error("Could not connect to iRODS!")
    else:
        h.flash_error("Resource is an URL, cannot import!")
    h.redirect_to(controller='package', action='resource_read', \
              id=resource.resource_group.package.name, \
              resource_id=resource.id)
    def post_slack_form(self, action, context, **kwargs):
        if request.POST:
            data_dict = dict()
            data_dict['webhook_url'] = request.POST.get('webhook_url', '')
            data_dict['slack_channel'] = request.POST.get('slack_channel',
                                                          '').lower()
            data_dict['organization_id'] = request.POST.get(
                'organization_id', '')

            if action == constants.SLACK_CHANNEL_UPDATE:
                data_dict['id'] = kwargs['id']

            try:
                toolkit.get_action(action)(context, data_dict)
                if action == constants.DATAREQUEST_REGISTER_SLACK:
                    helpers.flash_success(
                        toolkit.
                        _('You have successfully added a slack notification channel'
                          ))
                else:
                    helpers.flash_success(
                        toolkit.
                        _('You have successfully updated a slack notification channel'
                          ))
                toolkit.redirect_to('organization_channels',
                                    id=data_dict['organization_id'])

            except toolkit.ValidationError as e:
                log.warning(e)
                # Fill the fields that will display some information in the page
                c.slack_data = {
                    'organization_id': data_dict.get('organization_id', ''),
                    'webhook_url': data_dict.get('webhook_url', ''),
                    'slack_channel': data_dict.get('slack_channel', '')
                }
                c.errors = e.error_dict
                c.errors_summary = _get_errors_summary(c.errors)
    def remove_showcase_admin(self):
        '''
        Remove a user from the Showcase Admin list.
        '''
        context = {'model': model, 'session': model.Session,
                   'user': c.user or c.author}

        try:
            check_access('sysadmin', context, {})
        except NotAuthorized:
            abort(401, _('User not authorized to view page'))

        if 'cancel' in request.params:
            tk.redirect_to(
                controller='ckanext.showcase.controller:ShowcaseController',
                action='manage_showcase_admins')

        user_id = request.params['user']
        if request.method == 'POST' and user_id:
            user_id = request.params['user']
            try:
                get_action('ckanext_showcase_admin_remove')(
                    data_dict={'username': user_id})
            except NotAuthorized:
                abort(401, _('Unauthorized to perform that action'))
            except NotFound:
                h.flash_error(_('The user is not a Showcase Admin'))
            else:
                h.flash_success(_('The user is no longer a Showcase Admin'))

            return redirect(h.url_for(
                controller='ckanext.showcase.controller:ShowcaseController',
                action='manage_showcase_admins'))

        c.user_dict = get_action('user_show')(data_dict={'id': user_id})
        c.user_id = user_id
        return render('admin/confirm_remove_showcase_admin.html')
Beispiel #52
0
    def post(self, package_type, id):
        context = {u'model': model, u'user': g.user}

        try:
            form_dict = logic.clean_dict(
                dict_fns.unflatten(
                    logic.tuplize_dict(
                        logic.parse_params(request.form))))

            user = get_action(u'user_show')(
                context, {u'id': form_dict[u'username']}
            )

            data_dict = {
                u'id': id,
                u'user_id': user[u'id'],
                u'capacity': form_dict[u'capacity']
            }

            get_action(u'package_collaborator_create')(
                context, data_dict)

        except dict_fns.DataError:
            return base.abort(400, _(u'Integrity Error'))
        except NotAuthorized:
            message = _(u'Unauthorized to edit collaborators {}').format(id)
            return base.abort(401, _(message))
        except NotFound as e:
            h.flash_error(_('User not found'))
            return h.redirect_to(u'dataset.new_collaborator', id=id)
        except ValidationError as e:
            h.flash_error(e.error_summary)
            return h.redirect_to(u'dataset.new_collaborator', id=id)
        else:
            h.flash_success(_(u'User added to collaborators'))

        return h.redirect_to(u'dataset.collaborators_read', id=id)
Beispiel #53
0
    def post(self):
        if u'cancel' in request.form:
            return h.redirect_to(u'admin.trash')

        req_action = request.form.get(u'action')
        if req_action == u'all':
            d = {
                u'dataset_purge': self.deleted_packages,
                u'group_purge': self.deleted_groups,
                u'organization_purge': self.deleted_orgs
            }
            for action, deleted_entities in d.items():
                for ent in deleted_entities:
                    logic.get_action(action)({
                        u'user': g.user
                    }, {
                        u'id': ent.id
                    })
                model.Session.remove()
            h.flash_success(_(u'Massive purge complete'))

        elif req_action in (u'package', u'organization', u'group'):
            entities = self.deleted_entities[req_action]
            number = entities.count()
            for ent in entities:
                logic.get_action(ent.type + u'_purge')({
                    u'user': g.user
                }, {
                    u'id': ent.id
                })
            model.Session.remove()
            h.flash_success(
                _(self.messages[u'success'][req_action].format(number=number)))
        else:
            h.flash_error(_(u'Action not implemented.'))
        return h.redirect_to(u'admin.trash')
Beispiel #54
0
    def request_editor_for_org(self, org_id):
        '''
            user_email, name of user, username, organization name,  list with org-admins emails,
        '''
        try:
            msg = _('Please allow me to submit data to this organization ')
            user = hdx_h.hdx_get_user_info(c.user)
            context = {
                'model': model,
                'session': model.Session,
                'user': c.user or c.author
            }
            org_admins = tk.get_action('member_list')(context, {
                'id': org_id,
                'capacity': 'admin',
                'object_type': 'user'
            })
            admins = []
            for admin_tuple in org_admins:
                admin_id = admin_tuple[0]
                admins.append(hdx_h.hdx_get_user_info(admin_id))
            admins_with_email = [admin for admin in admins if admin['email']]

            data_dict = {
                'display_name': user['display_name'],
                'name': user['name'],
                'email': user['email'],
                'organization': org_id,
                'message': msg,
                'admins': admins_with_email
            }
            tk.get_action('hdx_send_editor_request_for_org')(context,
                                                             data_dict)
            h.flash_success(_('Message sent'))
        except hdx_mail.NoRecipientException, e:
            h.flash_error(_(str(e)))
Beispiel #55
0
def generate_apikey(id=None):
    u'''Cycle the API key of a user'''
    context = {
        u'model': model,
        u'session': model.Session,
        u'user': g.user,
        u'auth_user_obj': g.userobj,
    }
    if id is None:
        if g.userobj:
            id = g.userobj.id
        else:
            base.abort(400, _(u'No user specified'))
    data_dict = {u'id': id}

    try:
        result = logic.get_action(u'user_generate_apikey')(context, data_dict)
    except logic.NotAuthorized:
        base.abort(403, _(u'Unauthorized to edit user %s') % u'')
    except logic.NotFound:
        base.abort(404, _(u'User not found'))

    h.flash_success(_(u'Profile updated'))
    return h.redirect_to(u'user.read', id=result[u'name'])
 def post(self):
     action = request.form.get('action')
     query_name = request.form.get('q_name')
     if not action or not query_name:
         return base.abort(409, _('Missing request parameter'))
     query = model.Session.query(SearchQuery).filter(
         SearchQuery.query == query_name).first()
     if query is None:
         return base.abort(404, _('Search query not found'))
     if action == 'delete':
         model.Session.delete(query)
         h.flash_success(_('The query has been removed'))
     elif action == 'update':
         value = request.form.get('q_value')
         if value:
             existing = SearchQuery.get(value)
             if existing and existing is not query:
                 existing.count += query.count
                 model.Session.delete(query)
                 query = existing
             query.query = value
             h.flash_success(_('The query has been updated'))
     model.Session.commit()
     return toolkit.redirect_to('search_queries.index')
    def post(self, org_id):
        actions = {'approve': 'approve_access', 'reject': 'reject_access'}
        act = request.form.get('bulk_action', '')
        reject_reason = request.form.get('reject-reason')

        request_ids = self._get_request_ids(request.form)

        if not request_ids:
            h.flash_error(_('Select at least one to proceed.'))
            return self._redirect(org_id)

        action = actions.get(act)

        if not action:
            h.flash_error(_('Action not implemented.'))
            return self._redirect(org_id)

        if action == 'reject_access' and not reject_reason:
            h.flash_error(_('Reject reason isn\'t provided'))
            return self._redirect(org_id)

        for _id in request_ids:
            try:
                logic.get_action(action)(self.context, {
                    'request_id': _id,
                    'user': g.user,
                    'reject_reason': reject_reason
                })
            except logic.NotFound:
                abort(404, _('User or pkg not found'))
            except logic.NotAuthorized:
                abort(403, _('You need to be sysadmin or data custodian'))

        h.flash_success(_(self.messages[act].format(number=len(request_ids))))

        return self._redirect(org_id)
    def run_create(self, context, data_dict, resources_sheet, archive):
        """Dataset creating proccess."""
        data_dict['name'] = munge_title_to_name(data_dict['title'])
        try:
            package_id_or_name_exists(data_dict['name'], context)
        except Invalid:
            pass
        else:
            counter = 0

            while True:
                name = '{0}-{1}'.format(data_dict['name'], counter)
                try:
                    package_id_or_name_exists(name, context)
                except Invalid:
                    data_dict['name'] = name
                    break
                counter += 1

        result = self.create_dataset(context, data_dict, resources_sheet,
                                     archive)

        if result:
            h.flash_success('Dataset was created!')
Beispiel #59
0
 def close_app(self, id):
     if c.userobj is None or not c.userobj.sysadmin:
         tk.redirect_to(tk.url_for(controller='user', action='login'))
     app = App.get_by_id(id=id)
     if not app:
         tk.redirect_to(tk.url_for('apps_activity'))
     form = CloseAppForm(tk.request.POST)
     if tk.request.POST:
         if form.validate():
             form.populate_obj(app)
             app.status = "close"
             app.save()
             log.debug("Closed app")
             jobs.enqueue(
                 send_notifications_on_change_app_status,
                 [app, 'close',
                  tk.request.environ.get('CKAN_LANG')])
             flash_success(tk._('You successfully closed app'))
             tk.redirect_to(tk.url_for('apps_activity'))
         else:
             flash_error(tk._('You have errors in form'))
             log.debug("Validate errors: %s", form.errors)
     context = {'form': form}
     return self.__render('close_app.html', context)
Beispiel #60
0
 def thread_add(self):
     if not c.userobj:
         tk.redirect_to(
             tk.url_for(controller='user',
                        action='login',
                        came_from=full_current_url()))
     if BannedUser.check_by_id(c.userobj):
         flash_error(tk._('You are banned'))
         tk.redirect_to(tk.url_for('forum_index'))
     form = CreateThreadForm(tk.request.POST)
     if tk.request.POST:
         if form.validate():
             thread = tk.get_action('forum_create_thread')(
                 {
                     'auth_user_obj': c.userobj
                 }, form.data)
             log.debug("Form data is valid. Content: %s", thread.content)
             flash_success(tk._('You successfully create thread'))
             tk.redirect_to(thread.get_absolute_url())
         else:
             flash_error(tk._('You have errors in form'))
             log.error("Validate errors: %s", form.errors)
     context = {'form': form, 'board_can_post': Board.filter_can_post()}
     return self.__render('create_thread.html', context)