def anonymize_ips(): """Anonymize all the IPs of the server.""" from pybossa.core import anonymizer, task_repo taskruns = task_repo.filter_task_runs_by(user_id=None) for tr in taskruns: print "Working on taskrun %s" % tr.id print "From %s to %s" % (tr.user_ip, anonymizer.ip(tr.user_ip)) tr.user_ip = anonymizer.ip(tr.user_ip) task_repo.update(tr)
def user_progress(project_id=None, short_name=None): """API endpoint for user progress. Return a JSON object with two fields regarding the tasks for the user: { 'done': 10, 'total: 100 } This will mean that the user has done a 10% of the available tasks for him """ if project_id or short_name: if short_name: project = project_repo.get_by_shortname(short_name) elif project_id: project = project_repo.get(project_id) if project: # For now, keep this version, but wait until redis cache is # used here for task_runs too query_attrs = dict(project_id=project.id) if current_user.is_anonymous: query_attrs['user_ip'] = anonymizer.ip(request.remote_addr or '127.0.0.1') else: query_attrs['user_id'] = current_user.id taskrun_count = task_repo.count_task_runs_with(**query_attrs) tmp = dict(done=taskrun_count, total=n_tasks(project.id)) return Response(json.dumps(tmp), mimetype="application/json") else: return abort(404) else: # pragma: no cover return abort(404)
def user_progress(project_id=None, short_name=None): """API endpoint for user progress. Return a JSON object with two fields regarding the tasks for the user: { 'done': 10, 'total: 100 } This will mean that the user has done a 10% of the available tasks for him """ if project_id or short_name: if short_name: project = project_repo.get_by_shortname(short_name) elif project_id: project = project_repo.get(project_id) if project: # For now, keep this version, but wait until redis cache is # used here for task_runs too query_attrs = dict(project_id=project.id) if current_user.is_anonymous(): query_attrs['user_ip'] = anonymizer.ip(request.remote_addr or '127.0.0.1') else: query_attrs['user_id'] = current_user.id taskrun_count = task_repo.count_task_runs_with(**query_attrs) tmp = dict(done=taskrun_count, total=n_tasks(project.id)) return Response(json.dumps(tmp), mimetype="application/json") else: return abort(404) else: # pragma: no cover return abort(404)
def ratelimit( limit, per, send_x_headers=True, scope_func=lambda: anonymizer.ip(request.remote_addr or '127.0.0.1'), key_func=lambda: request.endpoint, path=lambda: request.path): """ Decorator for limiting the access to a route. Returns the function if within the limit, otherwise TooManyRequests error """ def decorator(f): @wraps(f) def rate_limited(*args, **kwargs): try: key = 'rate-limit/%s/%s/' % (key_func(), scope_func()) rlimit = RateLimit(key, limit, per, send_x_headers) g._view_rate_limit = rlimit # if over_limit is not None and rlimit.over_limit: if rlimit.over_limit: raise TooManyRequests return f(*args, **kwargs) except Exception as e: return error.format_exception(e, target=path(), action=f.__name__) return update_wrapper(rate_limited, f) return decorator
def ratelimit(limit, per, send_x_headers=True, scope_func=lambda: anonymizer.ip(request.remote_addr or '127.0.0.1'), key_func=lambda: request.endpoint, path=lambda: request.path): """ Decorator for limiting the access to a route. Returns the function if within the limit, otherwise TooManyRequests error """ def decorator(f): @wraps(f) def rate_limited(*args, **kwargs): try: key = 'rate-limit/%s/%s/' % (key_func(), scope_func()) rlimit = RateLimit(key, limit, per, send_x_headers) g._view_rate_limit = rlimit # if over_limit is not None and rlimit.over_limit: if rlimit.over_limit: raise TooManyRequests return f(*args, **kwargs) except Exception as e: return error.format_exception(e, target=path(), action=f.__name__) return update_wrapper(rate_limited, f) return decorator
def _retrieve_new_task(project_id): project = project_repo.get(project_id) if project is None: raise NotFound if not project.allow_anonymous_contributors and current_user.is_anonymous( ): info = dict(error="This project does not allow anonymous contributors") error = [model.task.Task(info=info)] return error if request.args.get('external_uid'): resp = jwt_authorize_project(project, request.headers.get('Authorization')) if resp != True: return resp if request.args.get('limit'): limit = int(request.args.get('limit')) else: limit = 1 if limit > 100: limit = 100 if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 if request.args.get('orderby'): orderby = request.args.get('orderby') else: orderby = 'id' if request.args.get('desc'): desc = fuzzyboolean(request.args.get('desc')) else: desc = False user_id = None if current_user.is_anonymous() else current_user.id user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1') if current_user.is_anonymous() else None) external_uid = request.args.get('external_uid') task = sched.new_task(project_id, project.info.get('sched'), user_id, user_ip, external_uid, offset, limit, orderby=orderby, desc=desc) return task
def _add_user_info(self, taskrun): if taskrun.external_uid is None: if current_user.is_anonymous: taskrun.user_ip = anonymizer.ip(request.remote_addr or '127.0.0.1') else: taskrun.user_id = current_user.id else: taskrun.user_ip = None taskrun.user_id = None
def _add_user_info(self, taskrun): if taskrun.external_uid is None: if current_user.is_anonymous(): taskrun.user_ip = anonymizer.ip(request.remote_addr or '127.0.0.1') else: taskrun.user_id = current_user.id else: taskrun.user_ip = None taskrun.user_id = None
def _retrieve_new_task(project_id): project = project_repo.get(project_id) if project is None: raise NotFound if not project.allow_anonymous_contributors and current_user.is_anonymous(): info = dict( error="This project does not allow anonymous contributors") error = [model.task.Task(info=info)] return error if request.args.get('external_uid'): resp = jwt_authorize_project(project, request.headers.get('Authorization')) if resp != True: return resp if request.args.get('limit'): limit = int(request.args.get('limit')) else: limit = 1 if limit > 100: limit = 100 if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 if request.args.get('orderby'): orderby = request.args.get('orderby') else: orderby = 'id' if request.args.get('desc'): desc = fuzzyboolean(request.args.get('desc')) else: desc = False user_id = None if current_user.is_anonymous() else current_user.id user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1') if current_user.is_anonymous() else None) external_uid = request.args.get('external_uid') task = sched.new_task(project_id, project.info.get('sched'), user_id, user_ip, external_uid, offset, limit, orderby=orderby, desc=desc) return task
def _retrieve_new_task(project_id): project = project_repo.get(project_id) if project is None or not (project.published or current_user.admin or current_user.id in project.owners_ids): raise NotFound if current_user.is_anonymous: info = dict(error="This project does not allow anonymous contributors") error = [model.task.Task(info=info)] return error, None, lambda x: x if current_user.get_quiz_failed(project): # User is blocked from project so don't return a task return None, None, None # check cookie pwd_manager = get_pwd_manager(project) user_id_or_ip = get_user_id_or_ip() if pwd_manager.password_needed(project, user_id_or_ip): raise Forbidden("No project password provided") if request.args.get('external_uid'): resp = jwt_authorize_project(project, request.headers.get('Authorization')) if resp != True: return resp, lambda x: x if request.args.get('limit'): limit = int(request.args.get('limit')) else: limit = 1 if limit > 100: limit = 100 if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 if request.args.get('orderby'): orderby = request.args.get('orderby') else: orderby = 'id' if request.args.get('desc'): desc = fuzzyboolean(request.args.get('desc')) else: desc = False user_id = None if current_user.is_anonymous else current_user.id user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1') if current_user.is_anonymous else None) external_uid = request.args.get('external_uid') sched_rand_within_priority = project.info.get('sched_rand_within_priority', False) user = user_repo.get(user_id) if (user.get_quiz_not_started(project) and user.get_quiz_enabled(project) and not task_repo.get_user_has_task_run_for_project( project_id, user_id)): user.set_quiz_status(project, 'in_progress') user_repo.update(user) task = sched.new_task(project.id, project.info.get('sched'), user_id, user_ip, external_uid, offset, limit, orderby=orderby, desc=desc, rand_within_priority=sched_rand_within_priority, gold_only=user.get_quiz_in_progress(project)) handler = partial(pwd_manager.update_response, project=project, user=user_id_or_ip) return task, project.info.get('timeout'), handler
def _retrieve_new_task(project_id): project = project_repo.get(project_id) if project is None or not (project.published or current_user.admin or current_user.id in project.owners_ids): raise NotFound if current_user.is_anonymous: info = dict(error="This project does not allow anonymous contributors") error = [model.task.Task(info=info)] return error, None, lambda x: x if current_user.get_quiz_failed(project): # User is blocked from project so don't return a task return None, None, None # check cookie pwd_manager = get_pwd_manager(project) user_id_or_ip = get_user_id_or_ip() if pwd_manager.password_needed(project, user_id_or_ip): raise Forbidden("No project password provided") if request.args.get('external_uid'): resp = jwt_authorize_project(project, request.headers.get('Authorization')) if resp != True: return resp, lambda x: x if request.args.get('limit'): limit = int(request.args.get('limit')) else: limit = 1 if limit > 100: limit = 100 if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 if request.args.get('orderby'): orderby = request.args.get('orderby') else: orderby = 'id' if request.args.get('desc'): desc = fuzzyboolean(request.args.get('desc')) else: desc = False user_id = None if current_user.is_anonymous else current_user.id user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1') if current_user.is_anonymous else None) external_uid = request.args.get('external_uid') sched_rand_within_priority = project.info.get('sched_rand_within_priority', False) user = user_repo.get(user_id) if (project.published and user_id != project.owner_id and user_id not in project.owners_ids and user.get_quiz_not_started(project) and user.get_quiz_enabled(project) and not task_repo.get_user_has_task_run_for_project( project_id, user_id)): user.set_quiz_status(project, 'in_progress') # We always update the user even if we didn't change the quiz status. # The reason for that is the user.<?quiz?> methods take a snapshot of the project's quiz # config the first time it is accessed for a user and save that snapshot # with the user. So we want to commit that snapshot if this is the first access. user_repo.update(user) # Allow scheduling a gold-only task if quiz mode is enabled for the user and the project. quiz_mode_enabled = user.get_quiz_in_progress( project) and project.info["quiz"]["enabled"] task = sched.new_task(project.id, project.info.get('sched'), user_id, user_ip, external_uid, offset, limit, orderby=orderby, desc=desc, rand_within_priority=sched_rand_within_priority, gold_only=quiz_mode_enabled) handler = partial(pwd_manager.update_response, project=project, user=user_id_or_ip) return task, project.info.get('timeout'), handler
def default_scope_func(): if current_app.config.get('RATE_LIMIT_BY_USER_ID'): if current_user.is_authenticated(): return current_user.id return anonymizer.ip(request.remote_addr or '127.0.0.1')
def _retrieve_new_task(project_id): project = project_repo.get(project_id) if project is None: raise NotFound if current_user.is_anonymous(): info = dict(error="This project does not allow anonymous contributors") error = [model.task.Task(info=info)] return error, None, lambda x: x # check cookie pwd_manager = get_pwd_manager(project) user_id_or_ip = get_user_id_or_ip() if pwd_manager.password_needed(project, user_id_or_ip): raise Forbidden("No project password provided") if request.args.get('external_uid'): resp = jwt_authorize_project(project, request.headers.get('Authorization')) if resp != True: return resp, lambda x: x if request.args.get('limit'): limit = int(request.args.get('limit')) else: limit = 1 if limit > 100: limit = 100 if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 if request.args.get('orderby'): orderby = request.args.get('orderby') else: orderby = 'id' if request.args.get('desc'): desc = fuzzyboolean(request.args.get('desc')) else: desc = False user_id = None if current_user.is_anonymous() else current_user.id user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1') if current_user.is_anonymous() else None) external_uid = request.args.get('external_uid') sched_rand_within_priority = project.info.get('sched_rand_within_priority', False) task = sched.new_task(project.id, project.info.get('sched'), user_id, user_ip, external_uid, offset, limit, orderby=orderby, desc=desc, rand_within_priority=sched_rand_within_priority) handler = partial(pwd_manager.update_response, project=project, user=user_id_or_ip) return task, project.info.get('timeout'), handler