def get_publish(self, document, group):
document = Document.get_by_id(document)
if not document:
raise HttpErrorException.bad_request('invalid document id')
if not document.has_permission_read(self.user):
raise HttpErrorException.forbidden()
group = Group.get_by_id(group)
if not group:
raise HttpErrorException.bad_request('invalid group id')
self.project = document.project.get()
version = self.request.get('v', 'latest')
pub = PublishDocument.get(document, group, version)
if not pub:
raise HttpErrorException.not_found()
if pub.group not in self.user.groups and pub.group != Group.get_worldshare_key(
):
raise HttpErrorException.forbidden()
self._create_analytic_session()
self.project.record_analytic('pro_opn', self.analytic_session)
template_index = JINJA_ENVIRONMENT.get_template('document_public.html')
return template_index.render({
'title': self.project.title,
'version': pub.version,
'created_at': pub.created_ts,
'published_to': pub.group.get().name,
'an_token': self.analytic_session.key.id(),
'project_id': self.project.id,
'html': pub.html,
})
def post(self, group):
if not group and Group.valid_id(group):
raise HttpErrorException.bad_request('invalid group id')
group = Group.get_by_id(group)
if group is None:
raise HttpErrorException.bad_request('invalid group id')
if not self.json_request.get('username', None):
raise HttpErrorException.bad_request('invalid username')
user = user_user.User.get_by_id(self.json_request.get('username'))
if user is None:
raise HttpErrorException.bad_request('invalid username')
if not self.user.is_admin and not group.is_admin(self.user):
lr = tt_logging.construct_log(
msg_short='Non-Admin User Tried To Give Group Admin',
msg='User (%s) tried to give User (%s) group admin for group (%s)Request:'
'%s' % (self.user.key.id(), user.key.id(), group.key.id(), str(self.request)),
log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user,
artifact=group, request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
is_group_admin = self.json_request.get('is_group_admin')
if is_group_admin is None:
raise HttpErrorException.bad_request('no group settings')
if is_group_admin:
if user.key not in group.admins:
group.admins.append(user.key)
group.put()
lr = tt_logging.construct_log(
msg_short='User was set a group admin', log_type=tt_logging.USER,
request_user=self.user, affected_user=user, artifact=group, request=self.request
)
log.info(lr['dict_msg']['msg'], extra=lr)
else:
if user.key in group.admins:
group.admins.remove(user.key)
group.put()
lr = tt_logging.construct_log(
msg_short='User was removed as group admin', log_type=tt_logging.USER,
request_user=self.user, affected_user=user, artifact=group, request=self.request
)
log.info(lr['dict_msg']['msg'], extra=lr)
def delete(self, group):
if not group and not Group.valid_id(group):
raise HttpErrorException.bad_request('invalid group id')
group = Group.get_by_id(group)
if not group:
raise HttpErrorException.bad_request('invalid group id')
group.delete(self)
users = user_user.User.get_all_users(
organization=group.organization.get(), to_dict=False,
request_user=self.user, request=self
)
mod_users = []
for user in users:
if group.key in user.groups:
user.groups.remove(group.key)
mod_users.append(user)
ndb.put_multi(mod_users)
def get(self, user_id=None):
# TODO: This handler needs broken down into smaller methods. No point cleaning
# this up until that is complete.
if self.request.get('user_info') is not '':
if self.request.get('user_info') == self.user.username or self.user.is_admin:
user = User.get_by_id(self.request.get('user_info'))
if not user:
raise HttpErrorException.bad_request('invalid user id')
self.write_json_response(user.to_dict(user=self.user))
elif self.request.get('user_perms') is not '':
user = User.get_by_id(self.request.get('user_perms'))
if not user:
raise HttpErrorException.bad_request('invalid username')
if not user.is_admin and not self.user == user:
lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Another User',
msg='User (%s) attemped to access user\'s (%s) data ' %
(self.user.key.id(), user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user,
request=self.request)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
user_perms_dict = {}
for group_key in user.groups:
group = group_key.get()
if group is None:
user.groups.remove(group_key)
user.put()
lr = tt_logging.construct_log(msg_short='Broken Group Key in User Group List',
msg='Found a broken group key (%s) in the user\'s group list\n'
'Key has been removed' %
str(group_key),
log_type=tt_logging.USER, request_user=self.user, affected_user=user,
request=self.request)
log.error(lr['dict_msg']['msg'], extra=lr)
elif (group.has_permission(self.user, 'set_user_perms') or
group.has_permission(self.user, 'remove_user_perms') or
user.key == self.user.key):
perms = user.get_group_perms_dict(group)
if perms is not None:
user_perms_dict[group.key.id()] = perms
self.write_json_response(user_perms_dict)
elif self.request.get('organization_users') is not '':
if self.request.get('organization_users') == 'all':
organization = Organization.get_by_id(self.request.get('organization_id'))
if organization.is_admin(self.user) or Group.get_by_id('super_admin').key in self.user.groups:
user_array = User.get_all_users(organization, request_user=self.user)
self.write_json_response(user_array)
else:
lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Org Users',
msg='User (%s) attemped to access all Organization\'s users' %
(self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request, artifact=organization)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
elif self.request.get('non_org') is not '':
if not self.user.is_super_admin:
lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Org Users',
msg='User (%s) attemped to access all Organization\'s users' %
(self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
else:
users = User.query(User.organization == None).fetch()
users_dicts = []
for user in users:
users_dicts.append(user.to_dict())
self.write_json_response(users_dicts)
def get(self, project, document, group):
if not project:
raise HttpErrorException.bad_request('invalid project given')
project = Project.get_by_id(project)
if not project:
raise HttpErrorException.bad_request('invalid project given')
if not project.has_permission_read(self.user):
raise HttpErrorException.forbidden()
if not document:
raise HttpErrorException.bad_request('invalid document given')
document = Document.get_by_id(document)
if not document:
raise HttpErrorException.bad_request('invalid document given')
if not document.has_permission_read(self.user):
raise HttpErrorException.forbidden()
if not group:
raise HttpErrorException.bad_request('invalid group given')
group = Group.get_by_id(group)
if not group:
raise HttpErrorException.bad_request('invalid group given')
if document.key not in project.documents and document.key != project.distilled_document:
raise HttpErrorException.bad_request(
'document does not belong to project')
temp_user = User()
temp_user.groups = [group.key, Group.get_worldshare().key]
org = self.user.organization if self.user.organization else None
if org:
temp_user.organization = org
if not document.has_permission_read(temp_user):
raise HttpErrorException.bad_request(
'Group does not have permission to read the document')
pubs = document.get_presentation_published(group=group)
version_int = PublishDocument.get_largest_version(pubs)
if version_int is None:
version_int = 1
else:
version_int += 1
version = self.request.get('version', str(version_int))
if version == 'latest':
raise HttpErrorException.bad_request('invalid version given')
for pub in pubs:
if pub.version == version:
raise HttpErrorException.bad_request(
'version name already taken')
try:
slide_count = int(self.request.get('slide_count', 15))
except ValueError:
raise HttpErrorException.bad_request(
'invalid slide count, must be integer')
if slide_count < 1:
raise HttpErrorException.bad_request(
'invalid slide_count given min 1')
if slide_count > 100:
raise HttpErrorException.bad_request(
'invalid slide_count given max 100')
try:
min_bullet = int(self.request.get('min_bullet', 4))
except ValueError:
raise HttpErrorException.bad_request(
'invalid min bullet, must be integer')
if min_bullet < 1:
raise HttpErrorException.bad_request(
'invalid min_bullet given min 1')
if min_bullet > 15:
raise HttpErrorException.bad_request(
'invalid min_bullet given max 15')
try:
max_bullet = int(self.request.get('max_bullet', 6))
except ValueError:
raise HttpErrorException.bad_request(
'invalid max bullet, must be integer')
if max_bullet < 1:
raise HttpErrorException.bad_request(
'invalid max_bullet given min 1')
if max_bullet > 15:
raise HttpErrorException.bad_request(
'invalid max_bullet given max 15')
if min_bullet > max_bullet:
raise HttpErrorException.bad_request(
'min_bullet can not be greater than max_bullet')
publisher = PresentationPublisherThread()
publisher.id = server.create_uuid()
publisher.request = self
publisher.project = project
publisher.document = document
publisher.slide_count = slide_count
publisher.min_bullet = min_bullet
publisher.max_bullet = max_bullet
publisher.group = group
publisher.user = self.user
publisher.version = version
if publisher.is_lock():
raise HttpErrorException.bad_request('publisher already running')
publisher.start()
self.write_json_response({'id': publisher.id})
self.get_analytic_session()
document.record_analytic('pres_publish',
self.analytic_session,
project=project.key)
def get(self, project, document, group):
if not project:
raise HttpErrorException.bad_request('invalid project given')
project = Project.get_by_id(project)
if not project:
raise HttpErrorException.bad_request('invalid project given')
if not project.has_permission_read(self.user):
raise HttpErrorException.forbidden()
if not document:
raise HttpErrorException.bad_request('invalid document given')
document = Document.get_by_id(document)
if not document:
raise HttpErrorException.bad_request('invalid document given')
if not document.has_permission_read(self.user):
raise HttpErrorException.forbidden()
if not group:
raise HttpErrorException.bad_request('invalid group given')
group = Group.get_by_id(group)
if not group:
raise HttpErrorException.bad_request('invalid group given')
temp_user = User()
temp_user.groups = [group.key, Group.get_worldshare().key]
org = self.user.organization if self.user.organization else None
if org:
temp_user.organization = org
if not document.has_permission_read(temp_user):
raise HttpErrorException.bad_request(
'Group does not have permission to read the document')
if document.key not in project.documents and document.key != project.distilled_document:
raise HttpErrorException.bad_request(
'document does not belong to project')
pubs = document.get_published(group=group)
version_int = PublishDocument.get_largest_version(pubs)
if version_int is None:
version_int = 1
else:
version_int += 1
version = self.request.get('version', str(version_int))
if version == 'latest':
raise HttpErrorException.bad_request('invalid version given')
pubs = document.get_published(group=group)
for pub in pubs:
if pub.version == version:
raise HttpErrorException.bad_request(
'version name already taken')
publisher = DocumentPublisherThread()
publisher.id = server.create_uuid()
publisher.request = self
publisher.project = project
publisher.document = document
publisher.group = group
publisher.user = self.user
publisher.version = version
if publisher.is_lock():
raise HttpErrorException.bad_request('publisher already running')
publisher.start()
self.write_json_response({'id': publisher.id})
self.get_analytic_session()
document.record_analytic('doc_publish',
self.analytic_session,
project=project.key)
