Ejemplo n.º 1
0
def fulltext_search(request, query, limit):
    # query index
    index = get_index()
    parser = QueryParser('value', index.schema)
    with index.searcher() as searcher:
        query = parser.parse(query)
        results = searcher.search(query, limit=limit)
        results = results_to_instances(request, results)

    # helper for limit
    def limited(res):
        if limit is not None:
            return res[:limit]
        return res

    # if authenticated, return all draft and published results
    authenticated = bool(authenticated_userid(request))
    if authenticated:
        return limited(
            [res for res in results if res.state in ['draft', 'published']])
    # check for submitter
    submitter = get_submitter(request)
    if submitter:
        return limited(
            [res for res in results if res.state == 'published' or
                (res.state == 'draft' and submitter == res.submitter)])
    # return only public results
    return limited([res for res in results if res.state == 'published'])
Ejemplo n.º 2
0
def json_references(model, request, search_references, limit,
                    extract_title=None):
    term = request.params['q']
    # authenticated gets all
    authenticated = bool(authenticated_userid(request))
    if authenticated:
        records = search_references(request, term, limit=limit)
    # anonymous gets published
    else:
        records = search_references(
            request, term, state=['published'], limit=limit)
        # additionally add by submitter
        submitter = get_submitter(request)
        if submitter:
            records += search_references(
                request, term, state=['draft'],
                submitter=submitter, limit=limit)
    # create and return result
    result = list()
    for record in records:
        if extract_title is not None:
            name = extract_title(record)
        else:
            name = record.title
        result.append({
            'id': str(record.uid),
            'text': name,
        })
    return sorted(result, key=lambda x: x['text'])
Ejemplo n.º 3
0
 def listable_children(self):
     authenticated = authenticated_userid(self.request)
     submitter = get_submitter(self.request)
     if submitter and not authenticated:
         def query(cls):
             return session.query(cls.uid)\
                           .filter(cls.submitter == submitter).all()
     else:
         creator = authenticated
         def query(cls):
             return session.query(cls.uid)\
                           .filter(cls.creator == creator).all()
     root = self.model.root
     def fetch_node(container, uid):
         return container[str(uid)]
     nodes = list()
     session = get_session(self.request)
     attachments = root['attachments']
     for record in query(AttachmentRecord):
         nodes.append(fetch_node(attachments, record[0]))
     facilities = root['facilities']
     for record in query(FacilityRecord):
         nodes.append(fetch_node(facilities, record[0]))
     locations = root['locations']
     for record in query(LocationRecord):
         nodes.append(fetch_node(locations, record[0]))
     occasions = root['occasions']
     for record in query(OccasionRecord):
         nodes.append(fetch_node(occasions, record[0]))
     return nodes
Ejemplo n.º 4
0
 def actions(self):
     if self.is_backend:
         return False
     authenticated = bool(authenticated_userid(self.request))
     if not authenticated and not get_submitter(self.request):
         return False
     return True
Ejemplo n.º 5
0
 def prepare(_next, self):
     submitter = get_submitter(self.request)
     if not self.authenticated:
         if not submitter:
             raise Forbidden
         if submitter != self.model.attrs['submitter']:
             raise Forbidden
     _next(self)
Ejemplo n.º 6
0
 def show_note(self):
     authenticated = authenticated_userid(self.request)
     if authenticated:
         return False
     if self.model.state == 'published':
         return False
     submitter = get_submitter(self.request)
     if not submitter or self.model.attrs['submitter'] != submitter:
         return False
     return True
Ejemplo n.º 7
0
def check_submitter_access(model, request):
    authenticated = authenticated_userid(request)
    if not authenticated:
        submitter = get_submitter(request)
        if model.attrs['state'] != 'published':
            if not submitter:
                raise Forbidden
            if model.attrs['submitter'] != submitter:
                raise Forbidden
            if model.attrs['state'] != 'draft':
                raise Forbidden
Ejemplo n.º 8
0
 def can_edit(self):
     authenticated = bool(authenticated_userid(self.request))
     if not authenticated:
         submitter = get_submitter(self.request)
         if not submitter:
             return False
         if self.model.attrs['submitter'] != submitter:
             return False
         if self.model.attrs['state'] != 'draft':
             return False
     return True
Ejemplo n.º 9
0
def extract_locations(request, record, result):
    cls = record.__class__
    if cls is LocationRecord:
        # check ignoring not authenticated
        authenticated = bool(authenticated_userid(request))
        if not authenticated and record.state != 'published':
            submitter = get_submitter(request)
            # no submitter, ignore
            if not submitter:
                return
            # wrong submitter, ignore
            if record.submitter != submitter:
                return
            # wrong state, ignore
            if record.state != 'draft':
                return
        uid = str(record.uid)
        query = make_query(**{UX_IDENT: UX_FRONTEND})
        target = make_url(
            request,
            path=[value_containers[cls], uid],
            query=query,
        )
        result[uid] = {
            'value': value_extractors[cls](record),
            'action': value_actions[cls],
            'target': target,
            'lat': record.lat,
            'lon': record.lon,
            'state': record.state,
        }
    elif cls is FacilityRecord:
        for location in record.location:
            extract_locations(request, location, result)
    elif cls is OccasionRecord:
        for location in record.location:
            extract_locations(request, location, result)
        for facility in record.facility:
            extract_locations(request, facility, result)
    elif cls is AttachmentRecord:
        for location in record.location:
            extract_locations(request, location, result)
        for facility in record.facility:
            extract_locations(request, facility, result)
        for occasion in record.occasion:
            extract_locations(request, occasion, result)
Ejemplo n.º 10
0
 def visible_references(self):
     records = list()
     authenticated = bool(authenticated_userid(self.request))
     submitter = get_submitter(self.request)
     for record in self.reference_records:
         # check ignoring not authenticated
         if not authenticated and record.state != 'published':
             # no submitter, continue
             if not submitter:
                 continue
             # wrong submitter, continue
             if record.submitter != submitter:
                 continue
             # wrong state, continue
             if record.state != 'draft':
                 continue
         records.append(record)
     return records
Ejemplo n.º 11
0
def json_locations_in_bounds(model, request):
    # bounds
    north, south, west, east = (
        request.params['n'],
        request.params['s'],
        request.params['w'],
        request.params['e'],
    )
    # authenticated gets all locations
    authenticated = bool(authenticated_userid(request))
    if authenticated:
        records = locations_in_bounds(request, north, south, west, east)
    # anonymous gets published locations
    else:
        records = locations_in_bounds(
            request, north, south, west, east, state=['published'])
        # additionally add records by submitter
        submitter = get_submitter(request)
        if submitter:
            records += locations_in_bounds(
                request, north, south, west, east,
                state=['draft'], submitter=submitter)
    # create result
    result = list()
    for record in records:
        uid = str(record.uid)
        query = make_query(**{UX_IDENT: UX_FRONTEND})
        target = make_url(
            request,
            path=[value_containers[LocationRecord], uid],
            query=query,
        )
        result.append({
            'value': value_extractors[LocationRecord](record),
            'action': value_actions[LocationRecord],
            'target': target,
            'lat': record.lat,
            'lon': record.lon,
            'state': record.state,
        })
    return result
Ejemplo n.º 12
0
 def __call__(self, model, request):
     if not authenticated_userid(request):
         if not get_submitter(request):
             raise Forbidden
     return super(SubmitterContentsTile, self).__call__(model, request)
Ejemplo n.º 13
0
 def table_title(self):
     authenticated = authenticated_userid(self.request)
     if authenticated:
         return authenticated
     return get_submitter(self.request)
Ejemplo n.º 14
0
 def prepare(_next, self):
     submitter = get_submitter(self.request)
     if not self.authenticated:
         if not submitter:
             raise Forbidden
     _next(self)
Ejemplo n.º 15
0
 def save(_next, self, widget, data):
     if not self.authenticated:
         submitter = get_submitter(self.request)
         self.model.attrs['submitter'] = submitter
     _next(self, widget, data)