def get(self):
params = collections.defaultdict(dict)
search_perms = base_handler.VerifyAllPermissionTypes(
permissions.SEARCH)
for model_type in search_perms:
if not search_perms[model_type]:
continue
model = model_util.TypeNameToModel(model_type)
if not hasattr(model, 'SEARCH_FIELDS'):
continue
params[model_type]['fields'] = model.SEARCH_FIELDS
can_retrieve_own = False
retrieve_own_perms = base_handler.VerifyAllPermissionTypes(
permissions.RETRIEVE_OWN)
for volume_type in retrieve_own_perms:
if retrieve_own_perms[volume_type]:
params[volume_type][permissions.RETRIEVE_OWN] = True
can_retrieve_own = True
if can_retrieve_own:
params['user'] = base.GetCurrentUser().user.nickname()
self.response.out.write(util.ToSafeJson(params))
def get(self, type_name, target_id):
"""Handles GET requests."""
user = base.GetCurrentUser()
tag = self.request.get('tag', 'default')
entity = models_util.TypeNameToModel(type_name).GetLatestForTarget(
target_id, tag)
if not entity:
# TODO(b/35954370) notify users about missing passphrases.
self.response.write(util.ToSafeJson(False))
return
if entity.owner != user.email:
logging.warning('owner mismatch %s %s', entity.owner, user.email)
# Passphrase retrieval is necessary for rekeying so we abort.
self.response.write(util.ToSafeJson(False))
return
self.response.write(util.ToSafeJson(bool(entity.force_rekeying)))
def get(self, type_name, target_id):
"""Handles GET requests."""
user = base.GetCurrentUser()
tag = self.request.get('tag', 'default')
entity = models_util.TypeNameToModel(
type_name).GetLatestForTarget(target_id, tag)
if not entity:
if memcache.Client().get(target_id, namespace='experimental_rekey'):
logging.info('experimental_rekey %s', target_id)
self.response.write(util.ToSafeJson('experimental'))
return
self.response.write(util.ToSafeJson(False))
return
if entity.owner != user.email:
logging.warning(
'owner mismatch %s %s', entity.owner, user.email)
# Passphrase retrieval is necessary for rekeying so we abort.
self.response.write(util.ToSafeJson(False))
return
self.response.write(util.ToSafeJson(bool(entity.force_rekeying)))
def get(self):
"""Handles GET requests."""
if self.request.get('json', '0') != '1':
search_type = self.request.get('search_type')
field1 = urllib.quote(self.request.get('field1'))
value1 = urllib.quote(self.request.get('value1').strip())
prefix_search = urllib.quote(self.request.get(
'prefix_search', '0'))
if search_type and field1 and value1:
self.redirect('/ui/#/search/%s/%s/%s/%s' %
(search_type, field1, value1, prefix_search))
else:
self.redirect('/ui/', permanent=True)
return
tag = self.request.get('tag', 'default')
search_type = self.request.get('search_type')
field1 = self.request.get('field1')
value1 = self.request.get('value1').strip()
prefix_search = self.request.get('prefix_search', '0') == '1'
try:
model = models_util.TypeNameToModel(search_type)
except ValueError:
raise passphrase_handler.InvalidArgumentError(
'Invalid search_type %s' % search_type)
if not (field1 and value1):
raise base_handler.InvalidArgumentError('Missing field1 or value1')
# Get the user's search and retrieve permissions for all permission types.
search_perms = base_handler.VerifyAllPermissionTypes(
permissions.SEARCH)
retrieve_perms = base_handler.VerifyAllPermissionTypes(
permissions.RETRIEVE_OWN)
retrieve_created = base_handler.VerifyAllPermissionTypes(
permissions.RETRIEVE_CREATED_BY)
# user is performing a search, ensure they have permissions.
if (not search_perms.get(search_type)
and not retrieve_perms.get(search_type)
and not retrieve_created.get(search_type)):
raise base.AccessDeniedError('User lacks %s permission' %
search_type)
try:
passphrases = _PassphrasesForQuery(model, field1, value1,
prefix_search)
except ValueError:
self.error(httplib.NOT_FOUND)
return
skipped = False
if not search_perms.get(search_type):
results_len = len(passphrases)
email = base.GetCurrentUser().user.email()
passphrases = [x for x in passphrases if x.owner == email]
skipped = len(passphrases) != results_len
too_many_results = len(passphrases) >= MAX_PASSPHRASES_PER_QUERY
passphrases = [
v.ToDict(skip_secret=True) for v in passphrases if v.tag == tag
]
if model.ALLOW_OWNER_CHANGE:
for passphrase in passphrases:
if not passphrase['active']:
continue
link = '/api/internal/change-owner/%s/%s/' % (search_type,
passphrase['id'])
passphrase['change_owner_link'] = link
self.response.out.write(
util.ToSafeJson({
'passphrases': passphrases,
'too_many_results': too_many_results,
'results_access_warning': skipped,
}))