def get_publish(self, document, group):
document = Document.get_by_id(document)
if not document:
raise HttpErrorException.bad_request('invalid document id')
if not document.has_permission_read(self.user):
raise HttpErrorException.forbidden()
group = Group.get_by_id(group)
if not group:
raise HttpErrorException.bad_request('invalid group id')
self.project = document.project.get()
version = self.request.get('v', 'latest')
pub = PublishDocument.get(document, group, version)
if not pub:
raise HttpErrorException.not_found()
if pub.group not in self.user.groups and pub.group != Group.get_worldshare_key(
):
raise HttpErrorException.forbidden()
self._create_analytic_session()
self.project.record_analytic('pro_opn', self.analytic_session)
template_index = JINJA_ENVIRONMENT.get_template('document_public.html')
return template_index.render({
'title': self.project.title,
'version': pub.version,
'created_at': pub.created_ts,
'published_to': pub.group.get().name,
'an_token': self.analytic_session.key.id(),
'project_id': self.project.id,
'html': pub.html,
})
def put(self, user=None):
gc = GlobalConfig.get_configs()
if not gc.allow_user_registration:
self.redirect('/register/disabled/', abort=True)
if self.json_request.get('organization'):
return HttpErrorException.forbidden()
User.new(self.json_request, request=self.request, worldshare_group=Group.get_worldshare_key())
creds = GenericCredentials(self.json_request.get('username'), self.json_request.get('password'))
if not creds.authenticate():
raise HttpErrorException.bad_request('faild to authinicate')
session = login(self.request, creds, User)
self.response.set_cookie('auth_user', base64.b64encode(creds.username))
self.response.set_cookie('user', creds.username)
self.response.set_cookie('auth_token', session.token)
def put(self, user_id=None):
if not self.user.is_admin:
lr = tt_logging.construct_log(
msg_short='Non-Admin User Try Create New User',
msg='User (%s) attemped to create a new user' % (self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
if self.json_request.get('username'):
org = None
if self.json_request.get('organization'):
org = Organization.get_by_id(self.json_request.get('organization'))
User.new(self.json_request, verify_email=False, request=self.request,
worldshare_group=Group.get_worldshare_key(), organization=org)
