Beispiel #1
0
 def get(self, request):
     """Returns all public diagrams"""
     search = request.GET.get("search")
     if search:
         serializer = serializers.DiagramSerializer(
             Diagram.objects.all().filter(
                 Q(is_public=True)
                 | reduce(operator.and_, (Q(description__icontains=x)
                                          for x in search.split()))),
             many=True)
     else:
         serializer = serializers.DiagramSerializer(
             Diagram.objects.all().filter(is_public=True), many=True)
     return Response(data=serializer.data, status=status.HTTP_200_OK)
Beispiel #2
0
    def get(self, request, pk):
        """Return selected diagram of the authenticated user"""
        diagram = self.get_object(pk, auth_user_only=True)
        serializer = serializers.DiagramSerializer(diagram)
        export_type = request.GET.get("export_type")
        xml_data = serializer.data['diagram'][1:]
        # TODO actually fix with https://stackoverflow.com/questions/35274068/rendering-xml-from-draw-io-as-an-image-using-mxcellrenderer
        if export_type == "PNG":
            img = Image.open(xml_data, formats=("XML", ))
            transformed = img.save(img, format="PNG")
            response = HttpResponse(transformed,
                                    content_type='application/png')
        if export_type == "PDF":
            img = Image.open(xml_data, formats=("XML", ))
            transformed = img.save(img, format="PDF")
            response = HttpResponse(transformed,
                                    content_type='application/pdf')
        if export_type == "SVG":
            img = Image.open(xml_data, formats=("XML", ))
            transformed = img.save(img, format="SVG")
            response = HttpResponse(transformed,
                                    content_type='application/svg')
        else:
            response = HttpResponse(xml_data, content_type='application/xml')

        # response['Content-Disposition'] = 'attachment; filename="%s"' % path.split('/')[-1]
        return response
Beispiel #3
0
 def get(self, request):
     """Return all diagrams of the current authenticated user only"""
     search = request.GET.get("search")
     if search:
         serializer = serializers.DiagramSerializer(
             Diagram.objects.all().filter(
                 Q(owner=self.request.user)
                 | reduce(operator.and_, (Q(description__icontains=x)
                                          for x in search.split()))),
             many=True)
     else:
         serializer = serializers.DiagramSerializer(
             Diagram.objects.all().filter(owner=self.request.user),
             many=True)
         # print(serializer.data)
     return Response(data=serializer.data, status=status.HTTP_200_OK)
Beispiel #4
0
 def post(self, request):
     """Create new Diagram"""
     serializer = serializers.DiagramSerializer(data=request.data)
     diagramStat = DiagramStat.objects.create()
     if serializer.is_valid():
         serializer.save(owner=request.user, diagram_stat=diagramStat)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Beispiel #5
0
 def get(self, request):
     """Returns all private diagrams of a user"""
     serializer = serializers.DiagramSerializer(
         Diagram.objects.all().filter(
             Q(is_public=False)
             & Q(owner=request.user)),
         many=True)
     return Response(data=serializer.data, status=status.HTTP_200_OK)
Beispiel #6
0
 def test_get_all_diagrams_shared(self):
     """ Test GET diagram/shared gives all the diagrams shared with the current user """
     self.client.force_authenticate(user=self.user_to_share_with)
     self.diagram_pub1.reader.add(self.user_to_share_with)
     res = self.client.get(reverse('diagram:shared-with-me'))
     self.assertEqual(res.status_code, 200)
     serializer = serializers.DiagramSerializer(data=res.data, many=isinstance(res.data, list))
     serializer.is_valid()
     if serializer.is_valid():
         self.assertIn(self.diagram_pub1.name, serializer.data[0]['name'])
Beispiel #7
0
 def put(self, request, pk):
     """Update diagram"""
     diagram = self.get_object(pk)
     serializer = serializers.DiagramSerializer(data=request.data)
     if serializer.is_valid():
         if not diagram.public:
             os.remove(diagram.diagram.path)
             diagram.delete()
         serializer.save(owner=request.user)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Beispiel #8
0
    def get(self, request, pk):
        """Return selected diagram of the authenticated user"""
        diagram = self.get_object(pk, auth_user_only=True)
        serializer = serializers.DiagramSerializer(diagram)
        export_type = request.GET.get("export_type")
        xml_data = serializer.data['diagram']

        response = HttpResponse(xml_data, content_type='application/xml')

        # response['Content-Disposition'] = 'attachment; filename="%s"' % path.split('/')[-1]
        return response
Beispiel #9
0
 def test_get_all_public(self):
     """ Test that GET diagram/public/list gives all the public diagrams currently stored"""
     res = self.client.get(self.PUBLIC_DIAG_URL)
     self.assertEqual(res.status_code, 200)
     # print(res.content.decode('utf-8'))
     serializer = serializers.DiagramSerializer(data=res.data, many=isinstance(res.data, list))
     serializer.is_valid()
     # print(serializer.errors)
     if serializer.is_valid():
         for diag in serializer.data:
             self.assertIn('pub', diag['name'])
             self.assertEqual(True, diag['is_public'])
Beispiel #10
0
 def test_get_all_private_diag(self):
     """ Test GET diagram/private/list gives all the private diagram of current user"""
     res = self.client.get(self.ALL_MY_PRIVATE_DIAGS)
     self.assertEqual(res.status_code, 200)
     # print(res.content.decode('utf-8'))
     serializer = serializers.DiagramSerializer(data=res.data, many=isinstance(res.data, list))
     serializer.is_valid()
     # print(serializer.errors)
     if serializer.is_valid():
         for diag in serializer.data:
             # print(diag)
             self.assertIn('private', diag['name'])
             self.assertEqual(False, diag['is_public'])
Beispiel #11
0
 def test_get_all_diags_of_user(self):
     """ Test GET diagram/private gives all the diagrams of the current user"""
     res = self.client.get(self.ALL_USER_DIAG)
     self.assertEqual(res.status_code, 200)
     # print(res.content.decode('utf-8'))
     serializer = serializers.DiagramSerializer(data=res.data, many=isinstance(res.data, list))
     serializer.is_valid()
     # print(serializer.errors)
     diagramCount = 0
     if serializer.is_valid():
         for diag in serializer.data:
             self.assertIn('test', diag['name'])
             # print(diag)
             diagramCount += 1
         # print(f"Number of diagrams stored, expected 3 got {diagramCount}")
         self.assertEqual(3, diagramCount)
Beispiel #12
0
    def put(self, request, pk):
        """Update diagram"""
        diagramModel = Diagram.objects.get(pk=pk)
        # Checks that the current user as the rights to update specified diagram
        serializer = serializers.DiagramSerializer(data=request.data)
        if serializer.is_valid():
            # print(diagramModel.owner.username)
            # print(request.user.username)
            diagram_xml = request.data['diagram']
            no_script_xml = noScriptTagsInXML(diagram_xml)
            try:
                # Checks that the diagram sent is properly built
                diagram = defusedxml.minidom.parseString(no_script_xml)
                root = diagram.documentElement.firstChild
                allMxCell = root.getElementsByTagName('mxCell')
            except (AttributeError, TypeError):
                return Response(status=status.HTTP_400_BAD_REQUEST)
            if diagramModel.owner.email != self.request.user.email:
                if diagramModel.is_public:
                    # If current user isn't the owner of the diagram,
                    # then he can only create a new private diagram from the public one
                    serializer.save(
                        owner=request.user,
                        is_public=False,
                        lastTimeSpent=request.data['lastTimeSpent'],
                        diagram=no_script_xml)
                    return Response(serializer.data,
                                    status=status.HTTP_201_CREATED)
                if self.request.user not in diagramModel.writer.all():
                    return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)
            # In bellow case we either are the owner, or we have writer rights over the diagram
            # Hence we can modify it
            with reversion.create_revision():
                diagramModel.lastTimeSpent = float(
                    request.data['lastTimeSpent'])
                diagramModel.name = str(request.data['name'])
                diagramModel.diagram = no_script_xml
                diagramModel.is_public = request.data['is_public']
                if request.data['tags'] != "\"\"":
                    diagramModel.tags.set(request.data['tags'])
                diagramModel.preview = request.data['preview']
                diagramModel.save()
                reversion.set_date_created(timezone.now())

            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Beispiel #13
0
 def get(self, request):
     """Return all the diagrams shared with current authenticated user"""
     diags_as_reader = Diagram.objects.all().filter(
         reader__email__contains=self.request.user.email)
     diags_as_writer = Diagram.objects.all().filter(
         writer__email__contains=self.request.user.email)
     all_diags = diags_as_writer.union(diags_as_reader)
     serializer = serializers.DiagramSerializer(all_diags, many=True)
     resp_datas = serializer.data
     # print(resp_datas)
     for diag_serialized in resp_datas:
         diag = Diagram.objects.get(pk=diag_serialized['id'])
         # print(diag)
         diag_is_risk_shared = diag.isRiskComputationShared
         # print(diag_is_risk_shared)
         is_risk_shared_dict = json.loads(diag_is_risk_shared)
         if is_risk_shared_dict != {}:
             value = is_risk_shared_dict[self.request.user.email]
             diag_serialized['isRiskShared'] = value
     return Response(data=resp_datas, status=status.HTTP_200_OK)
Beispiel #14
0
 def post(self, request):
     """Create new Diagram"""
     # request_img = request.data['preview']
     serializer = serializers.DiagramSerializer(data=request.data)
     if serializer.is_valid():
         diagram_xml = request.data['diagram']
         no_script_xml = noScriptTagsInXML(diagram_xml)
         try:
             # Checks that the diagram sent is properly built
             diagram = defusedxml.minidom.parseString(no_script_xml)
             root = diagram.documentElement.firstChild
             allMxCell = root.getElementsByTagName('mxCell')
         except (AttributeError, TypeError):
             return Response(status=status.HTTP_400_BAD_REQUEST)
         # Checks against XSS
         with reversion.create_revision():
             serializer.save(owner=request.user,
                             lastTimeSpent=request.data['lastTimeSpent'],
                             diagram=no_script_xml)
             reversion.set_date_created(timezone.now())
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Beispiel #15
0
 def get(self, request):
     """Return diagrams of the current authenticated user only"""
     serializer = serializers.DiagramSerializer(
         Diagram.objects.all().filter(owner=self.request.user), many=True)
     return Response(data=serializer.data, status=status.HTTP_200_OK)
Beispiel #16
0
 def get(self, request):
     """Returns all public diagrams"""
     serializer = serializers.DiagramSerializer(
         Diagram.objects.all().filter(public=True), many=True)
     return Response(data=serializer.data, status=status.HTTP_200_OK)