def check_permissions_from_header(itgs, authorization, permissions):
"""A convenience method to check that the given authorization header is
formatted correctly, corresponds to a real unexpired token, and that
token has all of the given list of permissions.
For most endpoints, calling this immediately after initializing the lazy
integrations is the fastest and easiest way to check permissions.
@param itgs The lazy integrations to use
@param authorization The authorization header provided
@param permissions The list of permissions required, where each item is
the string name of the permission. May be an empty list or a single
string
@return (True, user_id) if the authorization is valid and has
all of the required permissions, (False, None) otherwise.
"""
if isinstance(permissions, str):
permissions = [permissions]
authtoken = get_authtoken_from_header(authorization)
if authtoken is None:
return (False, None)
info = get_auth_info_from_token_auth(
itgs, models.TokenAuthentication(token=authtoken)
)
if info is None:
return (False, None)
auth_id, user_id = info[:2]
if not permissions:
return (True, user_id)
perms = Table('permissions')
authtoken_perms = Table('authtoken_permissions')
itgs.read_cursor.execute(
Query.from_(authtoken_perms).select(ppfns.Count('*'))
.join(perms).on(perms.id == authtoken_perms.permission_id)
.where(perms.name.isin([Parameter('%s') for _ in permissions]))
.where(authtoken_perms.authtoken_id == Parameter('%s'))
.get_sql(),
(*permissions, auth_id)
)
(num_perms_found,) = itgs.read_cursor.fetchone()
if num_perms_found == len(permissions):
return (True, user_id)
return (False, None)
def store_event(itgs, queue_type, event_at, event, commit=False):
"""Store that the given event should occur at the given time with the
given context information.
Example:
```py
import lbshared.delayed_queue as delayed_queue
from lbshared.lazy_integrations import LazyIntegrations as LazyItgs
from datetime import datetime, timedelta
with LazyItgs(no_read_only=True) as itgs:
delayed_queue.store_event(
itgs,
delayed_queue.QUEUE_TYPES['trust'],
datetime.now() + timedelta(days=3),
{
'additional': 'information',
'goes': ['h', 'e', 'r', 'e']
},
commit=True
)
```
Arguments:
- `itgs (LazyIntegrations)`: The integrations to use to connect to
networked components. Must not be read-only.
- `queue_type (int)`: The type of queue to connect to
- `event_at (datetime)`: The time when the event should occur
- `event (any)`: Any additional context information surrounding the event;
this will not be indexed and cannot be searched on.
- `commit (bool)`: If true this will commit the database change
immediately. Otherwise the transaction will be left open.
Returns:
- event_uuid (str): The uuid assigned to the event
"""
event_uuid = str(uuid.uuid4())
coll = itgs.kvs_db.collection('delayed_queue')
try:
coll.create_or_overwrite_doc(event_uuid, event)
except requests.exceptions.HTTPError:
coll.create_if_not_exists(ttl=31622400)
coll.create_or_overwrite_doc(event_uuid, event)
del_queue = Table('delayed_queue')
itgs.write_cursor.execute(
Query.into(del_queue).columns(
del_queue.uuid, del_queue.queue_type,
del_queue.event_at).insert(*[Parameter('%s')
for _ in range(3)]).get_sql(),
(event_uuid, queue_type, event_at))
if commit:
itgs.write_conn.commit()
return event_uuid
def test_param_select_subquery(self):
q = Query.from_(self.table_abc).select('*').where(self.table_abc.category == Parameter('&1'))\
.where(self.table_abc.id.isin(
Query.from_(self.table_efg).select(self.table_efg.abc_id).where(self.table_efg.date >= Parameter('&2'))
)).limit(10)
self.assertEqual(
'SELECT * FROM "abc" WHERE "category"=&1 AND "id" IN (SELECT "abc_id" FROM "efg" WHERE "date">=&2) LIMIT 10',
q.get_sql())
def test_event_requires_level(self):
self.cursor.execute(
Query.into(self.apps).columns(self.apps.name).insert(
Parameter('%s')).returning(self.apps.id).get_sql(),
('appnm', ))
app_id = self.cursor.fetchone()[0]
self.cursor.execute(
Query.into(self.idens).columns(self.idens.identifier).insert(
Parameter('%s')).returning(self.idens.id).get_sql(),
('iden', ))
iden_id = self.cursor.fetchone()[0]
helper.assert_fails_with_pgcode(
self, '23502', self.cursor,
Query.into(self.events).columns(
self.events.application_id, self.events.identifier_id,
self.events.message).insert(
*[Parameter('%s') for _ in range(3)]).get_sql(),
(app_id, iden_id, 'my message'))
async def group_check(
self, organization_id: OrganizationID, author: DeviceID, to_check: List[dict]
) -> List[dict]:
changed = []
to_check_dict = {}
for x in to_check:
if x["version"] == 0:
changed.append({"vlob_id": x["vlob_id"], "version": 0})
else:
to_check_dict[x["vlob_id"]] = x
async with self.dbh.pool.acquire() as conn:
query = """
SELECT DISTINCT ON (vlob_id) vlob_id, version
FROM vlob_atom
WHERE
organization = ({})
AND vlob_id = any($3::uuid[])
AND ({})
AND NOT ({})
ORDER BY vlob_id, version DESC
""".format(
q_organization_internal_id(Parameter("$1")),
q_user_can_read_vlob(
organization_id=Parameter("$1"),
user_id=Parameter("$2"),
realm=Query.from_(t_vlob_encryption_revision)
.select("realm")
.where(t_vlob_encryption_revision._id == Parameter("vlob_encryption_revision")),
),
q_realm_in_maintenance(
realm=Query.from_(t_vlob_encryption_revision)
.select("realm")
.where(t_vlob_encryption_revision._id == Parameter("vlob_encryption_revision"))
),
)
rows = await conn.fetch(query, organization_id, author.user_id, to_check_dict.keys())
for vlob_id, version in rows:
if version != to_check_dict[vlob_id]["version"]:
changed.append({"vlob_id": vlob_id, "version": version})
return changed
def get_reward_redemption_by_child() -> str:
"""Return the reward history for the child requesting."""
query = (Query.from_(redemption_history_table).from_(rewards_table).select(
redemption_history_table.RewardId,
rewards_table.Name,
rewards_table.Description,
redemption_history_table.RedeemedTime,
).where(redemption_history_table.RewardId == rewards_table.RewardId).where(
redemption_history_table.ChildGoogleAccountId == Parameter("?")))
return query.get_sql()
def get_column_definitions(self, schema, table, connection=None):
view_columns, table_columns = Tables('view_columns', 'columns')
view_query = (VerticaQuery.from_(view_columns).select(
view_columns.column_name, view_columns.data_type).where(
(view_columns.table_schema == Parameter(':schema'))
& (view_columns.field('table_name') == Parameter(':table'))).
distinct())
table_query = (VerticaQuery.from_(
table_columns, immutable=False).select(
table_columns.column_name, table_columns.data_type).where(
(table_columns.table_schema == Parameter(':schema'))
& (table_columns.field("table_name") == Parameter(':table')
)).distinct())
return self.fetch(str(view_query + table_query),
parameters=dict(schema=schema, table=table),
connection=connection)
async def _get_realm_id_from_vlob_id(conn, organization_id, vlob_id):
query = """
SELECT
realm.realm_id
FROM vlob_atom
INNER JOIN vlob_encryption_revision
ON vlob_atom.vlob_encryption_revision = vlob_encryption_revision._id
INNER JOIN realm
ON vlob_encryption_revision.realm = realm._id
WHERE vlob_atom._id = ({})
LIMIT 1
""".format(
q_vlob_atom(organization_id=Parameter("$1"), vlob_id=Parameter("$2")).select("_id").limit(1)
)
realm_id = await conn.fetchval(query, organization_id, vlob_id)
if not realm_id:
raise VlobNotFoundError(f"Vlob `{vlob_id}` doesn't exist")
return realm_id
def _is_mod(itgs: LazyItgs, user_id: int) -> bool:
moderators = Table('moderators')
itgs.read_cursor.execute(
Query.from_(moderators)
.select(1)
.where(moderators.user_id == Parameter('%s'))
.get_sql(),
(user_id,)
)
return itgs.read_cursor.fetchone() is not None
def handle_loan_paid(version, body):
"""Called when we detect a loan was repaid. If there are no more loans unpaid
by the borrower, and the borrower is banned, we unban them.
"""
with LazyIntegrations(logger_iden=LOGGER_IDEN) as itgs:
borrower_username = body['borrower']['username']
borrower_id = body['borrower']['id']
was_unpaid = body['was_unpaid']
itgs.logger.print(Level.TRACE, 'Detected /u/{} repaid a loan',
borrower_username)
if not was_unpaid:
itgs.logger.print(
Level.TRACE,
'Nothing to do about /u/{} repaying a loan - was not unpaid',
borrower_username)
return
info = perms.manager.fetch_info(itgs, borrower_username, RPIDEN,
version)
if not info['borrow_banned']:
itgs.logger.print(
Level.TRACE,
'Nothing to do about /u/{} repaying a loan - not banned',
borrower_username)
return
loans = Table('loans')
itgs.read_cursor.execute(
Query.from_(loans).select(Count(Star())).where(
loans.deleted_at.isnull()).where(
loans.unpaid_at.notnull()).where(
loans.borrower_id == Parameter('%s')).get_sql(),
(borrower_id, ))
(cnt, ) = itgs.read_cursor.fetchone()
if cnt > 0:
itgs.logger.print(
Level.TRACE,
'Nothing to do about /u/{} repaying a loan - still has {} unpaid loans',
borrower_username, cnt)
return
itgs.logger.print(Level.DEBUG,
'Unbanning /u/{} (no more loans unpaid)',
borrower_username)
utils.reddit_proxy.send_request(itgs, RPIDEN, version, 'unban_user', {
'subreddit': 'borrow',
'username': borrower_username
})
perms.manager.flush_cache(itgs, borrower_username.lower())
itgs.logger.print(
Level.INFO, 'Unbanned /u/{} - repaid all outstanding unpaid loans',
borrower_username)
def show_authentication_methods(req_user_id: int, authorization=Header(None)):
if authorization is None:
return Response(status_code=401)
request_cost = 1
with LazyItgs() as itgs:
user_id, _, perms = helper.get_permissions_from_header(
itgs, authorization, (VIEW_OTHERS_AUTHENTICATION_METHODS_PERM,
CAN_VIEW_DELETED_AUTHENTICATION_METHODS_PERM,
ADD_SELF_AUTHENTICATION_METHODS_PERM,
ADD_OTHERS_AUTHENTICATION_METHODS_PERM,
*ratelimit_helper.RATELIMIT_PERMISSIONS))
if not ratelimit_helper.check_ratelimit(itgs, user_id, perms,
request_cost):
return Response(status_code=429,
headers={'x-request-cost': str(request_cost)})
can_view_others_auth_methods = VIEW_OTHERS_AUTHENTICATION_METHODS_PERM in perms
can_view_deleted_auth_methods = CAN_VIEW_DELETED_AUTHENTICATION_METHODS_PERM in perms
can_add_self_auth_methods = ADD_SELF_AUTHENTICATION_METHODS_PERM in perms
can_add_others_auth_methods = ADD_OTHERS_AUTHENTICATION_METHODS_PERM in perms
if not can_view_others_auth_methods and req_user_id != user_id:
return Response(status_code=403,
headers={'x-request-cost': str(request_cost)})
can_add_more = ((req_user_id == user_id and can_add_self_auth_methods)
or can_add_others_auth_methods)
auth_methods = Table('password_authentications')
query = (Query.from_(auth_methods).select(
auth_methods.id).where(auth_methods.user_id == Parameter('%s')))
args = (req_user_id, )
if not can_view_deleted_auth_methods:
query = query.where(auth_methods.deleted.eq(False))
else:
query = query.orderby(auth_methods.deleted, order=Order.asc)
query = query.orderby(auth_methods.id, order=Order.desc)
itgs.read_cursor.execute(query.get_sql(), args)
result = itgs.read_cursor.fetchall()
result = [r[0] for r in result]
return JSONResponse(
status_code=200,
content=settings_models.UserAuthMethodsList(
authentication_methods=result,
can_add_more=can_add_more).dict(),
headers={
'x-request-cost':
str(request_cost),
'cache-control':
'private, max-age=86400, stale-while-revalidate=86400'
})
def insert_new_record_crawls(self, config: Config) -> int:
"""Insert a new record to the 'crawls' table.
Used at the start of a crawl task.
Args:
config (Config): Config for the crawl task.
"""
# Prepare necessary values
crawl_config = config.get_data(as_json=True)
dir_path = ', '.join(
[inputs['path'] for inputs in config.get_directories()])
author = config.get_author()
name = config.get_name()
starting_time = datetime.now()
insert_values = (dir_path, author, name, 'running', crawl_config,
starting_time)
# Construct the SQL query
crawls = Table('crawls')
query = Query.into(crawls) \
.columns('dir_path', 'author', 'name', 'status', 'crawl_config', 'starting_time') \
.insert(Parameter('%s'), Parameter('%s'), Parameter('%s'), Parameter('%s'), Parameter('%s'), Parameter('%s'))
curs = self.con.cursor()
query = curs.mogrify(str(query), insert_values).decode('utf8')
query = query + ' RETURNING id'
# Make database request
try:
curs.execute(query)
except:
logging.warning('"Error updating database"')
curs.close()
self.con.rollback()
raise
# Return result or 0 in case nothing could be fetched
try:
dbID = curs.fetchone()[0]
except:
dbID = 0
curs.close()
self.con.commit()
return dbID
def get_loansbot_user_id(itgs: 'LazyItgs') -> int:
"""This function returns the id of the loansbot user. If they do not exist
they are created. This is useful since thats the "author" of automated
permission changes.
Arguments:
- `itgs (LazyItgs)`: The integrations for connecting to networked
services.
Returns:
- `loansbot_user_id (int)`: The id of the loansbot user.
"""
users = Table('users')
unm = 'loansbot'
(user_id, ) = query_helper.find_or_create_or_find(
itgs, (Query.from_(users).select(
users.id).where(users.username == Parameter('%s')).get_sql(),
(unm, )), (Query.into(users).columns(users.username).insert(
Parameter('%s')).returning(users.id).get_sql(), (unm, )))
return user_id
def _rem_mod(itgs: LazyItgs, user_id: int, commit: bool = False):
moderators = Table('moderators')
itgs.write_cursor.execute(
Query.from_(moderators)
.delete()
.where(moderators.user_id == Parameter('%s'))
.get_sql(),
(user_id,)
)
if commit:
itgs.write_conn.commit()
def _add_mod(itgs: LazyItgs, user_id: int, commit: bool = False):
moderators = Table('moderators')
itgs.write_cursor.execute(
Query.into(moderators)
.columns(moderators.user_id)
.insert(Parameter('%s'))
.get_sql(),
(user_id,)
)
if commit:
itgs.write_conn.commit()
def check_if_table_exist(cursor, tblname):
"""Returns true if the given table exists and false otherwise"""
info_schema = Schema('information_schema').tables
cursor.execute(
Query.from_(info_schema).where(
info_schema.table_type == 'BASE TABLE').where(
info_schema.table_schema == 'public').where(
info_schema.table_name == Parameter('%s')).select(1).limit(
1).get_sql(), (tblname, ))
result = cursor.fetchone()
return result is not None
def test_event_defaults(self):
self.cursor.execute(
Query.into(self.apps).columns(self.apps.name).insert(
Parameter('%s')).returning(self.apps.id).get_sql(),
('appnm', ))
app_id = self.cursor.fetchone()[0]
self.cursor.execute(
Query.into(self.idens).columns(self.idens.identifier).insert(
Parameter('%s')).returning(self.idens.id).get_sql(),
('iden', ))
iden_id = self.cursor.fetchone()[0]
self.cursor.execute(
Query.into(self.events).columns(
self.events.level, self.events.application_id,
self.events.identifier_id, self.events.message).insert(
*[Parameter('%s') for _ in range(4)]).returning(
self.events.created_at).get_sql(),
(1, app_id, iden_id, 'my message'))
cat = self.cursor.fetchone()[0]
self.assertIsNotNone(cat)
def test_join(self):
subquery = Query.from_(self.table_efg).select(self.table_efg.fiz, self.table_efg.buz).where(self.table_efg.buz == Parameter(':buz'))
q = Query.from_(self.table_abc).join(subquery).on(
self.table_abc.bar == subquery.buz
).select(self.table_abc.foo, subquery.fiz).where(self.table_abc.bar == Parameter(':bar'))
self.assertEqual(
'SELECT "abc"."foo","sq0"."fiz" FROM "abc" JOIN (SELECT "fiz","buz" FROM "efg" WHERE "buz"=:buz)'
' "sq0" ON "abc"."bar"="sq0"."buz" WHERE "abc"."bar"=:bar',
q.get_sql())
def get_and_format_all_or_summary(itgs: LazyIntegrations, username: str, threshold: int = 5):
"""Checks how many loans the given user has. If it's at or above the
threshold, this fetches the summary info on the user and formats it,
then returns the formatted summary. If it's below the threshold,
fetches all the loans for that user, formats it into a table, and returns
the formatted table.
Note that when using the summary format this will include the users in-
progress loans as a table as well so they stand out.
Arguments:
itgs (LazyIntegrations): The integrations to use for getting info
username (str): The username to check
threshold (int): The number of loans required for a summary instead of
just all the loans in a table
Returns:
(str): A markdown representation of the users loans
"""
loans = Table('loans')
users = Table('users')
lenders = users.as_('lenders')
borrowers = users.as_('borrowers')
itgs.read_cursor.execute(
Query.from_(loans).select(Count(Star()))
.join(lenders).on(lenders.id == loans.lender_id)
.join(borrowers).on(borrowers.id == loans.borrower_id)
.where(
(lenders.username == Parameter('%s'))
| (borrowers.username == Parameter('%s'))
)
.where(loans.deleted_at.isnull())
.get_sql(),
(username.lower(), username.lower())
)
(cnt,) = itgs.read_cursor.fetchone()
if cnt < threshold:
return format_loan_table(get_all_loans(itgs, username))
return format_loan_summary(*get_summary_info(itgs, username))
def get_last_started_session(self, u: types.User) -> int:
query = SQLLiteQuery().from_(SESSION).select('*') \
.where(SESSION.user_telegram_id.eq(Parameter(':user_id'))) \
.orderby(SESSION.start_at, order=Order.desc) \
.limit(1).get_sql()
session = self._cursor.execute(query, {'user_id': u.id}).fetchone()
if not session:
raise DoesNotExist()
return session
def get_category(self, category_id: int) -> tuple:
query = SQLLiteQuery.from_(CATEGORY).select('*') \
.where(CATEGORY.id == Parameter(':category_id'))
category = self._cursor.execute(query.get_sql(), {
'category_id': category_id
}).fetchone()
if not category:
raise DoesNotExist()
return category
def test_failed_passwd_auth(self):
with helper.clear_tables(self.conn, self.cursor, ['users']):
users = Table('users')
self.cursor.execute(
Query.into(users).columns(users.username).insert(
Parameter('%s')).returning(users.id).get_sql(),
('testuser', ))
(user_id, ) = self.cursor.fetchone()
passwd_hsh = b64encode(
pbkdf2_hmac('sha256', 'testpass'.encode('utf-8'),
'salt'.encode('utf-8'), 10)).decode('ascii')
pauths = Table('password_authentications')
self.cursor.execute(
Query.into(pauths).columns(
pauths.user_id, pauths.human, pauths.hash_name,
pauths.hash, pauths.salt,
pauths.iterations).insert(Parameter('%s'), True,
Parameter('%s'), Parameter('%s'),
Parameter('%s'),
Parameter('%s')).get_sql(),
(user_id, 'sha256', passwd_hsh, 'salt', 10))
self.conn.commit()
r = requests.post(f'{HOST}/users/login',
json={
'user_id': user_id,
'username': '******',
'password': '******',
'captcha_token': 'notoken'
})
self.assertNotEqual(r.status_code, 200)
self.assertLess(r.status_code, 500)
def stop_activity(self, activity_id: str, category_id: int):
_ = self.get_unstopped_activity(activity_id) # check existing
column_value_map = {'activity_id': activity_id}
query = SQLLiteQuery.update(TIMESHEET).set(
TIMESHEET.default_category_id, category_id).where(
TIMESHEET.activity_id == Parameter(':activity_id'))
self._cursor.execute(query.get_sql(), column_value_map)
self._con.commit()
if self._cursor.rowcount > 1:
raise RuntimeError()
def get_unstopped_activity(self, activity_id: str) -> tuple:
column_value_map = {'activity_id': activity_id}
query = SQLLiteQuery.from_(TIMESHEET).select(
'*').where((TIMESHEET.activity_id == Parameter(':activity_id'))
& (TIMESHEET.default_category_id.isnull())
& (TIMESHEET.user_category_id.isnull()))
activity = self._cursor.execute(query.get_sql(),
column_value_map).fetchone()
if not activity:
raise DoesNotExist()
return activity
def clear_temporary_bans(itgs: LazyItgs, username: str, subreddit: str) -> None:
temp_bans = Table('temporary_bans')
users = Table('users')
itgs.write_cursor.execute(
Query.from_(temp_bans).delete()
.where(Exists(
Query.from_(users).select(1)
.where(users.id == temp_bans.user_id)
.where(users.username == Parameter('%s'))
))
.where(temp_bans.subreddit == Parameter('%s'))
.get_sql(),
(username, subreddit)
)
itgs.write_conn.commit()
itgs.logger.print(
Level.DEBUG,
'Deleted temporary bans for /u/{} on /r/{} (overriden by another '
+ 'mod action)',
username, subreddit,
)
def create_insert(table, columns: List[str]):
"""
:param table:
:param columns: List[str]:
"""
table = Table(table)
table_columns = [table[c] for c in columns]
query = Query.into(table).columns(*table_columns).insert(
*[Parameter(f":{c}") for c in columns])
return query.get_sql()
def read_tag_values(self, tag_id: int, start_local: datetime,
end_local: datetime) -> List[DataDouble]:
"""
Выполняет чтение значений тега за указанный период времени
:param tag_id: идентификатор тега
:param start_local: начальное время чтения (локальное)
:param end_local: конечное время чтения (локальное)
:return: массив значений тега
"""
utc_start = start_local.astimezone(pytz.UTC).replace(tzinfo=None)
utc_end = end_local.astimezone(pytz.UTC).replace(tzinfo=None)
ret_val: List[DataDouble] = []
d = Table('DataDouble')
q = (self._query.from_(d).where(
(d.IdTagDef == Parameter('%s'))
& (d.TimeWrite[ToTicks(self._schema, Parameter('%s')
):ToTicks(self._schema, Parameter('%s'))])).
orderby(d.TimeWrite, order=Order.asc).select(
d.IdTagDef, d.Data,
ToDateTime2(self._schema, d.TimeWrite, alias='TimeWrite'),
d.QSlim))
sql = q.get_sql()
self._logger.debug(
f'SQL: {sql} PARAMS: tag_id:{tag_id}, utc_start={utc_start}, utc_end={utc_end}'
)
try:
result = self._engine_data.execute(sql, tag_id, utc_start, utc_end)
for row in result:
data = DataDouble(
tag_id, row['Data'],
datetime.strptime(
row['TimeWrite'][:23], self.DATETIME_FORMAT_F).replace(
tzinfo=pytz.UTC).astimezone(settings.TIME_ZONE),
row['QSlim'])
ret_val.append(data)
except Exception as e:
self._logger.error(e)
return ret_val
def update_borrower_req_pm_opt_out(
req_user_id: int,
new_value: settings_models.UserSettingBoolChangeRequest,
authorization=Header(None)):
if authorization is None:
return Response(status_code=401)
request_cost = 5
headers = {'x-request-cost': str(request_cost)}
with LazyItgs() as itgs:
user_id, _, perms = helper.get_permissions_from_header(
itgs, authorization,
(settings_helper.VIEW_OTHERS_SETTINGS_PERMISSION,
settings_helper.EDIT_OTHERS_STANDARD_SETTINGS_PERMISSION,
*ratelimit_helper.RATELIMIT_PERMISSIONS))
if not ratelimit_helper.check_ratelimit(itgs, user_id, perms,
request_cost):
return Response(status_code=429, headers=headers)
if user_id is None:
return Response(status_code=404, headers=headers)
can_view_others_settings = settings_helper.VIEW_OTHERS_SETTINGS_PERMISSION in perms
can_edit_others_standard_settings = (
settings_helper.EDIT_OTHERS_STANDARD_SETTINGS_PERMISSION in perms)
if user_id != req_user_id:
if not can_view_others_settings:
return Response(status_code=404, headers=headers)
users = Table('users')
itgs.read_cursor.execute(
Query.from_(users).select(1).where(
users.id == Parameter('%s')).get_sql(), (req_user_id, ))
if itgs.read_cursor.fetchone() is None:
return Response(status_code=404, headers=headers)
if not can_edit_others_standard_settings:
return Response(status_code=403, headers=headers)
changes = user_settings.set_settings(
itgs, req_user_id, borrower_req_pm_opt_out=new_value.new_value)
user_settings.create_settings_events(itgs,
req_user_id,
user_id,
changes,
commit=True)
return Response(status_code=200, headers=headers)
def update_response(name: str,
change: models.ResponseEditArgs,
authorization: str = Header(None)):
if len(change.edit_reason) < 5:
return JSONResponse(status_code=422,
content={
'detail': {
'loc': ['body', 'edit_reason']
},
'msg': 'minimum 5 characters',
'type': 'too_short'
})
with LazyItgs(no_read_only=True) as itgs:
authed, user_id = users_helper.check_permissions_from_header(
itgs, authorization, 'responses')
if not authed:
return Response(status_code=403)
users = Table('users')
itgs.write_cursor.execute(
Query.from_(users).select(
users.id).where(users.id == Parameter('%s')).get_sql() +
' FOR SHARE', (user_id, ))
row = itgs.write_cursor.fetchone()
if row is None:
itgs.write_conn.rollback()
return Response(status_code=403)
responses = Table('responses')
itgs.write_cursor.execute(
Query.from_(responses).select(
responses.id, responses.response_body,
responses.description).where(
responses.name == Parameter('%s')).get_sql() +
' FOR UPDATE', (name, ))
row = itgs.write_cursor.fetchone()
if row is None:
itgs.write_conn.rollback()
return Response(status_code=404)
(resp_id, old_body, old_desc) = row
resp_hists = Table('response_histories')
itgs.write_cursor.execute(
Query.into(resp_hists).columns(
resp_hists.response_id, resp_hists.user_id, resp_hists.old_raw,
resp_hists.new_raw, resp_hists.reason, resp_hists.old_desc,
resp_hists.new_desc).insert(
*[Parameter('%s') for _ in range(7)]).get_sql(),
(resp_id, user_id, old_body, change.body, change.edit_reason,
old_desc, change.desc))
itgs.write_cursor.execute(
Query.update(responses).set(
responses.response_body, Parameter('%s')).set(
responses.description, Parameter('%s')).set(
responses.updated_at, ppfns.Now()).where(
responses.id == Parameter('%s')).get_sql(),
(change.body, change.desc, resp_id))
itgs.write_conn.commit()
return Response(status_code=200)
def set_crawl_state(self, tree_walk_id: int, status: str) -> None:
"""Update the status of the crawler in it's corresponding database entry.
Args:
tree_walk_id (int): ID of the TreeWalk execution
status (str): status to set
"""
# Build query to update status
crawls = Table('crawls')
query = Query.update(crawls) \
.set(crawls.finished_time, Parameter('%s')) \
.set(crawls.status, Parameter('%s')) \
.where(crawls.id == Parameter('%s'))
# Check if valid status was given
if status in [
communication.CRAWL_STATUS_FINISHED,
communication.CRAWL_STATUS_PAUSED,
communication.CRAWL_STATUS_RUNNING,
communication.CRAWL_STATUS_ABORTED
]:
curs = self.con.cursor()
query = curs.mogrify(str(query),
(datetime.now(), status, tree_walk_id))
else:
logging.warning(
'"Error updating database state, state not recognized"')
return
# Execute query
try:
curs.execute(query)
curs.close()
self.con.commit()
except:
logging.warning('"Error updating database state"')
curs.close()
self.con.rollback()
