def get_analytics_alerts(discussion, user_id, types, all_users=False):
from assembl.semantic.virtuoso_mapping import (AssemblQuadStorageManager,
AESObfuscator)
settings = get_config()
metrics_server_endpoint = settings.get(
'metrics_server_endpoint',
'https://discussions.bluenove.com/analytics/accept')
verify_metrics = False # weird SNI bug on some platforms
protocol = 'https' if asbool(
settings.get('accept_secure_connection', False)) else 'http'
host = settings.get('public_hostname')
if settings.get('public_port', 80) != 80:
# TODO: public_secure_port?
host += ':' + str(settings.get('public_port'))
seed = urandom(8)
obfuscator = AESObfuscator(seed)
token = permission_token(user_id, discussion.id, [P_READ_PUBLIC_CIF], seed)
metrics_requests = [{"metric": "alerts", "types": types}]
if user_id != Everyone and not all_users:
obfuscated_userid = "local:AgentProfile/" + obfuscator.encrypt(
str(user_id))
metrics_requests[0]['users'] = [obfuscated_userid]
mapurl = '%s://%s/data/Discussion/%d/jsonld?token=%s' % (
protocol, host, discussion.id, token)
alerts = requests.post(metrics_server_endpoint,
data=dict(mapurl=mapurl,
requests=json.dumps(metrics_requests),
recency=60),
verify=verify_metrics)
result = AssemblQuadStorageManager.deobfuscate(alerts.text,
obfuscator.decrypt)
# AgentAccount is a pseudo for AgentProfile
result = re.sub(r'local:AgentAccount\\/', r'local:AgentProfile\\/', result)
return result
def get_analytics_alerts(discussion, user_id, types, all_users=False):
from assembl.semantic.virtuoso_mapping import AssemblQuadStorageManager, AESObfuscator
settings = get_config()
metrics_server_endpoint = settings.get(
"metrics_server_endpoint", "https://discussions.bluenove.com/analytics/accept"
)
verify_metrics = False # weird SNI bug on some platforms
protocol = "https" if asbool(settings.get("accept_secure_connection", False)) else "http"
host = settings.get("public_hostname")
if settings.get("public_port", 80) != 80:
# TODO: public_secure_port?
host += ":" + str(settings.get("public_port"))
seed = urandom(8)
obfuscator = AESObfuscator(seed)
token = permission_token(user_id, discussion.id, [P_READ_PUBLIC_CIF], seed)
metrics_requests = [{"metric": "alerts", "types": types}]
if user_id != Everyone and not all_users:
obfuscated_userid = "local:AgentProfile/" + obfuscator.encrypt(str(user_id))
metrics_requests[0]["users"] = [obfuscated_userid]
mapurl = "%s://%s/data/Discussion/%d/jsonld?token=%s" % (protocol, host, discussion.id, token)
alerts = requests.post(
metrics_server_endpoint,
data=dict(mapurl=mapurl, requests=json.dumps(metrics_requests), recency=60),
verify=verify_metrics,
)
result = AssemblQuadStorageManager.deobfuscate(alerts.text, obfuscator.decrypt)
# AgentAccount is a pseudo for AgentProfile
result = re.sub(r"local:AgentAccount\\/", r"local:AgentProfile\\/", result)
return result
def get_token(request):
user_id = authenticated_userid(request)
if not user_id:
raise HTTPUnauthorized()
discussion_id = request.context.get_discussion_id()
permission_sets = request.GET.getall('permissions')
if permission_sets:
permission_sets = [s.split(',') for s in permission_sets]
for permissions in permission_sets:
if P_READ in permissions:
permissions.append(P_READ_PUBLIC_CIF)
permission_sets = [
sorted(set(permissions)) for permissions in permission_sets
]
else:
permission_sets = [[P_READ, P_READ_PUBLIC_CIF]]
random_str = urandom(8)
data = {
','.join(permissions): permission_token(user_id, discussion_id,
permissions, random_str)
for permissions in permission_sets
}
user_ids = request.GET.getall("user_id")
if user_ids:
from assembl.semantic.virtuoso_mapping import (
AssemblQuadStorageManager, AESObfuscator)
obfuscator = AESObfuscator(random_str)
user_ids = "\n".join(user_ids)
data["user_ids"] = AssemblQuadStorageManager.obfuscate(
user_ids, obfuscator.encrypt).split("\n")
return data
def discussion_instance_view_jsonld(request):
discussion = request.context._instance
user_id, permissions, salt = read_user_token(request)
if not (P_READ in permissions or P_READ_PUBLIC_CIF in permissions):
raise HTTPUnauthorized()
if not salt and P_ADMIN_DISC not in permissions:
salt = base64.urlsafe_b64encode(urandom(6))
jdata = discussion_jsonld(discussion.id)
if salt:
from assembl.semantic.virtuoso_mapping import (
AssemblQuadStorageManager, AESObfuscator)
obfuscator = AESObfuscator(salt)
jdata = AssemblQuadStorageManager.obfuscate(jdata, obfuscator.encrypt)
# TODO: Add age
if "callback" in request.GET:
jdata = handle_jsonp(request.GET['callback'], jdata)
content_type = "application/json-p"
else:
content_type = "application/ld+json"
return Response(body=jdata, content_type=content_type)
def get_alerts(request):
from assembl.semantic.virtuoso_mapping import (AssemblQuadStorageManager,
AESObfuscator)
discussion = request.context._instance
user_id = authenticated_userid(request) or Everyone
settings = request.registry.settings
metrics_server_endpoint = settings.get(
'metrics_server_endpoint',
'https://discussions.bluenove.com/analytics/accept')
verify_metrics = False # weird SNI bug on some platforms
discussion = request.context._instance
protocol = 'https' if asbool(
request.registry.settings.get('accept_secure_connection',
False)) else 'http'
host = settings.get('public_hostname')
if settings.get('public_port', 80) != 80:
# TODO: public_secure_port?
host += ':' + str(settings.get('public_port'))
seed = urandom(8)
obfuscator = AESObfuscator(seed)
token = permission_token(user_id, discussion.id, [P_READ_PUBLIC_CIF], seed)
metrics_requests = [{
"metric":
"alerts",
"types": ["lurking_user", "inactive_user", "user_gone_inactive"]
}]
mapurl = '%s://%s/data/Discussion/%d/jsonld?token=%s' % (
protocol, host, discussion.id, token)
alerts = requests.post(metrics_server_endpoint,
data=dict(mapurl=mapurl,
requests=json.dumps(metrics_requests),
recency=60),
verify=verify_metrics)
result = AssemblQuadStorageManager.deobfuscate(alerts.text,
obfuscator.decrypt)
# AgentAccount is a pseudo for AgentProfile
result = re.sub(r'local:AgentAccount\\/', r'local:AgentProfile\\/', result)
return Response(body=result, content_type='application/json')
def user_private_view_jsonld(request):
if request.scheme == "http" and asbool(
request.registry.settings.get('accept_secure_connection', False)):
return HTTPFound("https://" + request.host + request.path_qs)
discussion_id = request.context.get_discussion_id()
user_id, permissions, salt = read_user_token(request)
if P_READ not in permissions:
raise HTTPUnauthorized()
if not salt and P_ADMIN_DISC not in permissions:
salt = base64.urlsafe_b64encode(urandom(6))
jdata = userprivate_jsonld(discussion_id)
if salt:
from assembl.semantic.virtuoso_mapping import (
AssemblQuadStorageManager, AESObfuscator)
obfuscator = AESObfuscator(salt)
jdata = AssemblQuadStorageManager.obfuscate(jdata, obfuscator.encrypt)
if "callback" in request.GET:
jdata = handle_jsonp(request.GET['callback'], jdata)
content_type = "application/json-p"
else:
content_type = "application/ld+json"
return Response(body=jdata, content_type=content_type)