def experiment_datasets_json(request, experiment_id): try: experiment = Experiment.safe.get(request.user, experiment_id) except Experiment.DoesNotExist: return return_response_not_found(request) has_download_permissions = \ authz.has_experiment_download_access(request, experiment_id) objects = [ get_dataset_info(ds, include_thumbnail=has_download_permissions, exclude=['datafiles']) for ds in experiment.datasets.all().order_by('description')] return HttpResponse(json.dumps(objects), content_type='application/json')
def experiment_datasets_json(request, experiment_id): try: experiment = Experiment.safe.get(request.user, experiment_id) except Experiment.DoesNotExist: return return_response_not_found(request) has_download_permissions = \ authz.has_experiment_download_access(request, experiment_id) objects = [ get_dataset_info(ds, include_thumbnail=has_download_permissions, exclude=['datafiles']) for ds in experiment.datasets.all().order_by('description') ] return HttpResponse(json.dumps(objects), content_type='application/json')
def dataset_json(request, experiment_id=None, dataset_id=None): # Experiment ID is optional (but dataset_id is not)! dataset = Dataset.objects.get(id=dataset_id) if experiment_id: try: # PUT is fine for non-existing resources, but GET/DELETE is not if request.method == 'PUT': experiment = Experiment.objects.get(id=experiment_id) else: experiment = dataset.experiments.get(id=experiment_id) except Experiment.DoesNotExist: return HttpResponseNotFound() # Convenience methods for permissions def can_update(): return authz.has_dataset_ownership(request, dataset_id) can_delete = can_update def add_experiments(updated_experiments): current_experiments = \ frozenset(dataset.experiments.values_list('id', flat=True)) # Get all the experiments that currently aren't associated for experiment_id in updated_experiments - current_experiments: # You must own the experiment to assign datasets to it if authz.has_experiment_ownership(request, experiment_id): experiment = Experiment.safe.get(request.user, experiment_id) logger.info("Adding dataset #%d to experiment #%d" % (dataset.id, experiment.id)) dataset.experiments.add(experiment) # Update this experiment to add it to more experiments if request.method == 'PUT': # Obviously you can't do this if you don't own the dataset if not can_update(): return HttpResponseForbidden() data = json.loads(request.body) # Detect if any experiments are new, and add the dataset to them add_experiments(frozenset(data['experiments'])) # Include the experiment we PUT to, as it may also be new if experiment is not None: add_experiments(frozenset((experiment.id,))) dataset.save() # Remove this dataset from the given experiment if request.method == 'DELETE': # First, we need an experiment if experiment_id is None: # As the experiment is in the URL, this method will never be # allowed if can_update(): return HttpResponseMethodNotAllowed(allow="GET PUT") return HttpResponseMethodNotAllowed(allow="GET") # Cannot remove if this is the last experiment or if it is being # removed from a publication if (not can_delete() or dataset.experiments.count() < 2 or experiment.is_publication()): return HttpResponseForbidden() dataset.experiments.remove(experiment) dataset.save() has_download_permissions = \ authz.has_dataset_download_access(request, dataset_id) return HttpResponse(json.dumps(get_dataset_info(dataset, has_download_permissions)), content_type='application/json')
def dataset_json(request, experiment_id=None, dataset_id=None): # Experiment ID is optional (but dataset_id is not)! dataset = Dataset.objects.get(id=dataset_id) if experiment_id: try: # PUT is fine for non-existing resources, but GET/DELETE is not if request.method == 'PUT': experiment = Experiment.objects.get(id=experiment_id) else: experiment = dataset.experiments.get(id=experiment_id) except Experiment.DoesNotExist: return HttpResponseNotFound() # Convenience methods for permissions def can_update(): return authz.has_dataset_ownership(request, dataset_id) can_delete = can_update def add_experiments(updated_experiments): current_experiments = \ frozenset(dataset.experiments.values_list('id', flat=True)) # Get all the experiments that currently aren't associated for experiment_id in updated_experiments - current_experiments: # You must own the experiment to assign datasets to it if authz.has_experiment_ownership(request, experiment_id): experiment = Experiment.safe.get(request.user, experiment_id) logger.info("Adding dataset #%d to experiment #%d" % (dataset.id, experiment.id)) dataset.experiments.add(experiment) # Update this experiment to add it to more experiments if request.method == 'PUT': # Obviously you can't do this if you don't own the dataset if not can_update(): return HttpResponseForbidden() data = json.loads(request.body) # Detect if any experiments are new, and add the dataset to them add_experiments(frozenset(data['experiments'])) # Include the experiment we PUT to, as it may also be new if experiment is not None: add_experiments(frozenset((experiment.id, ))) dataset.save() # Remove this dataset from the given experiment if request.method == 'DELETE': # First, we need an experiment if experiment_id is None: # As the experiment is in the URL, this method will never be # allowed if can_update(): return HttpResponseMethodNotAllowed(allow="GET PUT") return HttpResponseMethodNotAllowed(allow="GET") # Cannot remove if this is the last experiment or if it is being # removed from a publication if (not can_delete() or dataset.experiments.count() < 2 or experiment.is_publication()): return HttpResponseForbidden() dataset.experiments.remove(experiment) dataset.save() has_download_permissions = \ authz.has_dataset_download_access(request, dataset_id) return HttpResponse(json.dumps( get_dataset_info(dataset, has_download_permissions)), content_type='application/json')