def get_entity(id, action): entity, obj = fetch_entity(id) obj_or_404(entity) if entity.get('$bulk') and action == request.authz.WRITE: raise ImATeapot("Cannot write this entity.") require(request.authz.can(entity.get('collection_id'), action)) return entity, obj
def update(collection_id, id): collection = obj_or_404(Collection.by_id(collection_id)) authz.require(authz.collection_write(collection_id)) network = obj_or_404(Network.by_id_collection(id, collection)) network.update(request_data()) log_event(request) db.session.commit() return view(collection_id, network.id)
def delete(collection_id, id): collection = obj_or_404(Collection.by_id(collection_id)) authz.require(authz.collection_write(collection.id)) network = obj_or_404(Network.by_id_collection(id, collection)) network.delete() db.session.commit() log_event(request) return jsonify({'status': 'ok'})
def merge(id, other_id): entity = obj_or_404(Entity.by_id(id)) check_authz(entity, authz.WRITE) other = obj_or_404(Entity.by_id(other_id)) check_authz(other, authz.WRITE) entity.merge(other) db.session.commit() update_entity(entity) update_entity(other) return view(entity.id)
def update(id): authz.require(authz.list_write(id)) lst = obj_or_404(List.by_id(id)) lst.update(request_data(), current_user) db.session.add(lst) db.session.commit() return view(id)
def ingest_upload(collection_id): collection = obj_or_404(Collection.by_id(collection_id)) authz.require(authz.collection_write(collection.id)) log_event(request) try: meta = json.loads(request.form.get('meta', '{}')) except Exception as ex: raise BadRequest(unicode(ex)) metas = [] for storage in request.files.values(): file_meta = meta.copy() file_meta['mime_type'] = storage.mimetype file_meta['file_name'] = storage.filename validate(file_meta, 'metadata.json#') file_meta = Metadata.from_data(file_meta) file_meta.crawler_id = 'user_upload:%s' % request.auth_role.id file_meta.crawler_run = make_textid() sec_fn = os.path.join(get_upload_folder(), secure_filename(storage.filename)) storage.save(sec_fn) ingest_file(collection.id, file_meta, sec_fn, move=True, queue=USER_QUEUE, routing_key=USER_ROUTING_KEY) metas.append(file_meta) return jsonify({'status': 'ok', 'metadata': metas})
def delete(id): entity = obj_or_404(Entity.by_id(id)) check_authz(entity, authz.WRITE) delete_entity(entity) db.session.commit() log_event(request, entity_id=entity.id) return jsonify({'status': 'ok'})
def process(id): collection = obj_or_404(Collection.by_id(id)) request.authz.require(request.authz.collection_write(collection)) analyze_collection.apply_async([collection.id], queue=USER_QUEUE, routing_key=USER_ROUTING_KEY) log_event(request) return jsonify({'status': 'ok'})
def delete(id): authz.require(authz.logged_in()) alert = obj_or_404(Alert.by_id(id)) authz.require(alert.user_id == current_user.id) db.session.delete(alert) db.session.commit() return jsonify({'status': 'ok'})
def delete(id): collection = obj_or_404(Collection.by_id(id)) authz.require(authz.collection_write(id)) delete_collection.apply_async([collection.id], queue=USER_QUEUE, routing_key=USER_ROUTING_KEY) log_event(request) return jsonify({'status': 'ok'})
def update(login): user = obj_or_404(User.by_login(login)) authz.require(user.id == current_user.id) user.update(request_data()) db.session.add(user) db.session.commit() return view(login)
def ingest_upload(collection_id): collection = obj_or_404(Collection.by_id(collection_id)) request.authz.require(request.authz.collection_write(collection.id)) log_event(request) crawler_run = make_textid() try: meta = json.loads(request.form.get('meta', '{}')) except Exception as ex: raise BadRequest(unicode(ex)) documents = [] for storage in request.files.values(): sec_fn = os.path.join(upload_folder, secure_filename(storage.filename)) storage.save(sec_fn) content_hash = checksum(sec_fn) document = Document.by_keys(collection=collection, content_hash=content_hash) document.crawler = 'user_upload:%s' % request.authz.role.id document.crawler_run = crawler_run document.mime_type = storage.mimetype document.file_name = storage.filename try: meta = json.loads(request.form.get('meta', '{}')) validate(meta, 'metadata.json#') document.meta.update(meta) except Exception as ex: raise BadRequest(unicode(ex)) ingest_document(document, sec_fn, user_queue=True) os.unlink(sec_fn) documents.append(document) return jsonify({'status': 'ok', 'documents': documents})
def update(slug): authz.require(authz.source_write(slug)) source = obj_or_404(Source.by_slug(slug)) source.update(request_data(), current_user) db.session.add(source) db.session.commit() return view(slug)
def crawl(slug): logging.debug('starting a crawl of %s' % slug) authz.require(authz.source_write(slug)) source = obj_or_404(Source.by_slug(slug)) crawl_source.delay(source.slug) logging.debug('started crawl') return jsonify({'status': 'ok'})
def create(): # also handles update data = request.get_json() print(data) if 'query_text' not in data: return jsonify({'status': 'invalid'}) authz.require(authz.logged_in()) if data.get('alert_id', None): # UPDATE alert_id = int(data['alert_id']) alert = obj_or_404(Alert.by_id(alert_id)) authz.require(alert.role_id == request.auth_role.id) alert.query_text = data['query_text'] alert.custom_label = data.get('custom_label' '') or data['query_text'] alert.checking_interval=int(data.get('checking_interval', 9)) else: # CREATE alert = Alert( role_id = request.auth_role.id, query_text=data['query_text'], custom_label=data.get('custom_label' '') or data['query_text'], checking_interval=int(data.get('checking_interval', 9)) ) db.session.add(alert) db.session.commit() return view(alert.id)
def delete(id): entity = obj_or_404(Entity.by_id(id)) authz.require(authz.watchlist_write(entity.watchlist_id)) entity.delete() db.session.commit() analyze_entity.delay(id) return jsonify({"status": "ok"})
def update(id): authz.require(authz.system_edit()) entity = obj_or_404(EntityQuery.by_id(id)) context = Context.create(current_user, {}) entity.update(request_data(), context) db.session.commit() return redirect(url_for(".view", id=entity.id))
def update(id): authz.require(authz.source_write(id)) source = obj_or_404(Source.by_id(id)) source.update(request_data()) db.session.add(source) db.session.commit() return view(id)
def delete(id): entity = obj_or_404(Entity.by_id(id)) check_authz(entity, authz.WRITE) entity.delete() db.session.commit() update_entity(entity) return jsonify({'status': 'ok'})
def delete(id): authz.require(authz.logged_in()) alert = obj_or_404(Alert.by_id(id, role=request.auth_role)) alert.delete() db.session.commit() log_event(request) return jsonify({'status': 'ok'})
def update(id): authz.require(authz.collection_write(id)) coll = obj_or_404(Collection.by_id(id)) coll.update(request_data(), current_user) db.session.add(coll) db.session.commit() return view(id)
def view(id): authz.require(id == current_user.id or authz.is_admin()) user = obj_or_404(User.by_id(id)) data = user.to_dict() if user.id != current_user.id: del data['email'] return jsonify(data)
def update(id): user = obj_or_404(User.by_id(id)) authz.require(user.id == current_user.id or authz.is_admin()) user.update(request_data()) db.session.add(user) db.session.commit() return jsonify(user)
def delete(id): authz.require(authz.collection_write(id)) collection = obj_or_404(Collection.by_id(id)) analyze_terms.delay(collection.terms) collection.delete() db.session.commit() return jsonify({'status': 'ok'})
def ingest_upload(collection_id): collection = obj_or_404(Collection.by_id(collection_id)) request.authz.require(request.authz.collection_write(collection.id)) log_event(request) try: meta = json.loads(request.form.get('meta', '{}')) meta['crawler_id'] = 'user_upload:%s' % request.authz.role.id meta['crawler_run'] = make_textid() except Exception as ex: raise BadRequest(unicode(ex)) metas = [] for storage in request.files.values(): file_meta = meta.copy() file_meta['mime_type'] = storage.mimetype file_meta['file_name'] = storage.filename file_meta['source_path'] = storage.filename validate(file_meta, 'metadata.json#') file_meta = Metadata.from_data(file_meta) sec_fn = os.path.join(upload_folder, secure_filename(storage.filename)) storage.save(sec_fn) ingest_file(collection_id, file_meta, sec_fn, move=True, queue=USER_QUEUE, routing_key=USER_ROUTING_KEY) metas.append(file_meta) return jsonify({'status': 'ok', 'metadata': metas})
def delete(id): authz.require(authz.watchlist_write(id)) watchlist = obj_or_404(Watchlist.by_id(id)) analyze_terms.delay(watchlist.terms) watchlist.delete() db.session.commit() return jsonify({'status': 'ok'})
def view(dataset, id): dataset = get_dataset(dataset) run = obj_or_404(Run.by_id(dataset, id)) data = run.to_dict() package = data_manager.package(dataset.name) data['messages'] = list(logger.load(package, run.id)) return jsonify(data)
def delete(id): entity = obj_or_404(Entity.by_id(id)) authz.require(authz.collection_write(entity.collection_id)) entity.delete() db.session.commit() analyze_entity.delay(id) return jsonify({'status': 'ok'})
def view(id): authz.require(authz.logged_in()) role = obj_or_404(Role.by_id(id)) data = role.to_dict() if role.id != request.auth_role.id: del data["email"] return jsonify(data)
def delete(id): request.authz.require(request.authz.session_write()) alert = obj_or_404(Alert.by_id(id, role=request.authz.role)) alert.delete() db.session.commit() log_event(request) return jsonify({'status': 'ok'})
def update(id): authz.require(authz.collection_write(id)) collection = obj_or_404(Collection.by_id(id)) collection.update(request_data()) db.session.add(collection) db.session.commit() return view(id)
def view(id): authz.require(authz.logged_in()) role = obj_or_404(Role.by_id(id)) data = role.to_dict() if role.id != request.auth_role.id: del data['email'] return jsonify(data)
def update(id): authz.require(authz.watchlist_write(id)) watchlist = obj_or_404(Watchlist.by_id(id)) watchlist.update(request_data()) db.session.add(watchlist) db.session.commit() return view(id)
def create(collection_id): collection = obj_or_404(Collection.by_id(collection_id)) authz.require(authz.collection_write(collection.id)) network = Network.create(request_data(), collection, request.auth_role) db.session.commit() log_event(request) return view(collection_id, network.id)
def update(id): role = obj_or_404(Role.by_id(id)) authz.require(authz.logged_in()) authz.require(role.id == request.auth_role.id) role.update(request_data()) db.session.add(role) db.session.commit() return jsonify(role)
def update(id): entity = obj_or_404(Entity.by_id(id)) entity = Entity.save(get_data(entity=entity), collection_id=entity.collection_id, merge=arg_bool('merge')) db.session.commit() analyze_entity.delay(entity.id) return view(entity.id)
def view(id): role = obj_or_404(Role.by_id(id)) request.authz.require(request.authz.logged_in) request.authz.require(check_visible(role)) data = role.to_dict() if role.id == request.authz.role.id: data['email'] = role.email return jsonify(data)
def delete(id): authz.require(authz.list_write(id)) lst = obj_or_404(List.by_id(id)) selectors = lst.terms lst.delete() db.session.commit() refresh_selectors.delay(list(selectors)) return jsonify({'status': 'ok'})
def update(id): authz.require(authz.collection_write(id)) collection = obj_or_404(Collection.by_id(id)) collection.update(request_data()) db.session.add(collection) db.session.commit() log_event(request) return view(id)
def delete(id): collection = obj_or_404(Collection.by_id(id)) authz.require(authz.collection_write(id)) collection.delete() for entity in collection.entities: update_entity(entity) db.session.commit() return jsonify({'status': 'ok'})
def delete(id): entity = obj_or_404(Entity.by_id(id)) authz.require(authz.list_write(entity.list_id)) selectors = entity.terms entity.delete() db.session.commit() refresh_selectors.delay(list(selectors)) return jsonify({'status': 'ok'})
def view(id): ## XXX seems to let any user get private info on other users? authz.require(authz.logged_in()) role = obj_or_404(Role.by_id(id)) data = role.to_dict() if role.id != request.auth_role.id: del data['email'] return jsonify(data)
def update(id): role = obj_or_404(Role.by_id(id)) request.authz.require(request.authz.session_write()) request.authz.require(role.id == request.authz.role.id) role.update(request_data()) db.session.add(role) db.session.commit() log_event(request) return jsonify(role)