def create_or_update(collection=None, source=None): if collection is not None: authz.require(authz.collection(authz.WRITE, collection)) if source is not None: authz.require(authz.source(authz.WRITE, source)) resource_type = Permission.COLLECTION if collection else Permission.SOURCE resource_id = collection or source data = request_data() validate(data, permissions_schema) # check that the role exists. rq = session.query(Role).filter(Role.id == data['role']) if rq.first() is None: raise BadRequest() q = session.query(Permission) q = q.filter(Permission.role_id == data['role']) q = q.filter(Permission.resource_type == resource_type) q = q.filter(Permission.resource_id == resource_id) permission = q.first() if permission is None: permission = Permission() permission.role_id = data['role'] permission.resource_type = resource_type permission.resource_id = resource_id permission.read = data['read'] permission.write = data['write'] session.add(permission) session.commit() return jsonify({ 'status': 'ok', 'updated': permission })
def admin_resources(): """ Load access rights for admins. """ for coll_id, in session.query(Collection.id): request.authz_collections[READ].add(coll_id) request.authz_collections[WRITE].add(coll_id) for source_id, in session.query(Source.id): request.authz_sources[READ].add(source_id) request.authz_sources[WRITE].add(source_id)
def test_create_source(self): source = {'slug': 'foo', 'title': 'Foo source', 'url': 'http://foo'} Source.ensure(source) session.commit() cnt = session.query(Source).count() assert cnt == 1, cnt Source.ensure(source) session.commit() cnt = session.query(Source).count() assert cnt == 1, cnt
def get_sources(): """ Get a list of all sources stored in the index, then resolve and return them. """ sources = {} for source in session.query(Source): sources[source.id] = source.to_dict() return sources
def list_roles(): # Not using a pager because in most places this wouldn't make sense to # paginate. Need to review this later. q = session.query(Role) return jsonify({ 'total': q.count(), 'results': q })
def collection_add_entity(collection, subject): q = session.query(CollectionSubject).filter_by(subject=subject) q = q.filter_by(collection_id=collection.id) cs = q.first() if cs is None: cs = CollectionSubject(collection, subject) session.add(cs) session.commit()
def collection_remove_entity(collection, subject): q = session.query(CollectionSubject).filter_by(subject=subject) q = q.filter_by(collection_id=collection.id) q.delete() session.commit() entities = get_loom_config().entities entities.remove(subject, collection_id=collection.id)
def index(): collections = authz.collections(authz.READ) if not len(collections): return jsonify(Pager([])) q = session.query(Source) q = q.filter(Source.id.in_(collections)) q = q.order_by(Source.title.asc()) return jsonify(Pager(q))
def index(): collections = authz.collections(authz.READ) if not len(collections): return jsonify(Pager([])) q = session.query(Collection) q = q.filter(Collection.id.in_(collections)) q = q.options(subqueryload('subjects')) q = q.order_by(Collection.title.asc()) return jsonify(Pager(q))
def update(id): source = session.query(Source).filter(Source.id == id).first() source = obj_or_404(source) authz.require(authz.source(authz.WRITE, source.id)) data = request_data() validate(data, sources_schema) source.title = data.get('title') source.url = data.get('url') session.add(source) session.commit() return jsonify({'status': 'ok', 'data': source})
def index(collection=None, source=None): q = session.query(Permission) if collection is not None: authz.require(authz.collection(authz.WRITE, collection)) q = q.filter(Permission.resource_type == Permission.COLLECTION) q = q.filter(Permission.resource_id == collection) elif source is not None: authz.require(authz.source(authz.WRITE, source)) q = q.filter(Permission.resource_type == Permission.SOURCE) q = q.filter(Permission.resource_id == source) return jsonify({ 'total': q.count(), 'results': q })
def user_resources(): """ Load access rights for normal (non-admin) users. """ q = session.query(Permission) q = q.filter(Permission.role_id.in_(request.auth_roles)) for perm in q: if perm.resource_type == Permission.COLLECTION: if perm.read: request.authz_collections[READ].add(perm.resource_id) if perm.write and request.logged_in: request.authz_collections[WRITE].add(perm.resource_id) if perm.resource_type == Permission.SOURCE: if perm.read: request.authz_sources[READ].add(perm.resource_id) if perm.write and request.logged_in: request.authz_sources[WRITE].add(perm.resource_id)
def index(self, schema=None, source=None): if source is not None: q = session.query(Source.id).filter_by(slug=source) obj = q.first() if obj is None: raise ValueError("No such source: %s" % source) source = obj[0] client = self.config.elastic_client log.debug('Indexing to: %r (index: %r)', client, self.config.elastic_index) self.clear(schema=schema, source_id=source) schemas = self.config.schemas.values() if schema is None else [schema] for schema in schemas: if not self.is_schema_indexed(schema): continue bulk(client, self.generate_entities(schema, source), stats_only=True, chunk_size=self.chunk, request_timeout=60.0) client.indices.flush_synced()
def get_collection(id, right): collection = session.query(Collection).filter(Collection.id == id).first() collection = obj_or_404(collection) authz.require(authz.collection(right, collection.id)) return collection
def view(id): source = session.query(Source).filter(Source.id == id).first() source = obj_or_404(source) authz.require(authz.source(authz.READ, source.id)) return jsonify({'status': 'ok', 'data': source})