def retrieve(self, request, pk=None): if pk is None: queryset = self.get_queryset() else: queryset = Collection.objects.filter(content_resource=False, hidden=False) # collection = get_object_or_404(queryset, pk=pk) if not authorization.check_authorization(CollectionAuthorization.VIEW, request.user, collection): return HttpResponseForbidden('Nope') context = {'request': request} serializer = CollectionDetailSerializer(collection, context=context) return Response(serializer.data)
def get_content_location(self, obj): request = self.context.get('request') if not request: return obj.content_location url = request.build_absolute_uri(obj.content_location) if authorization.check_authorization(ResourceAuthorization.VIEW, request.user, obj): if obj.external_source == Resource.GILES: remote = get_remote(obj.external_source, obj.created_by) url = remote.sign_uri(obj.location) else: remote = get_remote(obj.external_source, request.user) url = request.build_absolute_uri( reverse('resource-content', args=(obj.id, ))) return url
def collection_authorization_list(request, collection_id): """ Display permissions for a specific :class:`.Collection` instance. """ collection = get_object_or_404(Collection, pk=collection_id) can_change = authorization.check_authorization('change_authorizations', request.user, collection) context = RequestContext( request, { 'can_change': can_change, 'collection': collection, 'authorizations': authorization.list_authorizations(collection), }) template = loader.get_template('collection_authorization_list.html') return HttpResponse(template.render(context))
def resource_authorization_list(request, resource_id): """ Display permissions for a specific resource. """ resource = get_object_or_404(Resource, pk=resource_id) can_change = authorization.check_authorization('change_authorizations', request.user, resource) context = RequestContext( request, { 'can_change': can_change, 'resource': resource, 'authorizations': authorization.list_authorizations(resource), }) template = loader.get_template('resource_authorization_list.html') return HttpResponse(template.render(context))
def resource(request, obj_id): """ Display the resource with the given id """ __isPartOf__ = Field.objects.get(uri='http://purl.org/dc/terms/isPartOf') __extent__ = Field.objects.get(name='Extent') resource = _get_resource_by_id(request, obj_id) # Get a fresh Giles auth token, if needed. # giles.get_user_auth_token(resource.created_by, fresh=True) preview = request.GET.get('preview') part_relations = resource.relations_to.filter( predicate=__isPartOf__).order_by('sort_order') content_region_relations = resource.relations_to.filter( predicate=__extent__).order_by('sort_order') context = { 'resource': resource, 'request': request, 'preview_content': preview, 'part_of': resource.container.part_of, 'relations_from': resource.relations_from.filter(is_deleted=False), 'content_relations': resource.content.filter(is_deleted=False), 'part_relations': part_relations, 'content_region_relations': content_region_relations, } resource_pending_uploads = resource.giles_uploads.filter( state=GilesUpload.PENDING) if resource_pending_uploads.count() > 0: pending_stats = GilesUpload.objects.filter( state=GilesUpload.PENDING).values('priority').annotate( total=Count('priority')) pending_stats = {e['priority']: e['total'] for e in pending_stats} context['pending_counts'] = {} context['pending_counts']['low'] = pending_stats.get( GilesUpload.PRIORITY_LOW, 0) context['pending_counts']['medium'] = pending_stats.get( GilesUpload.PRIORITY_MEDIUM, 0) context['pending_counts']['high'] = pending_stats.get( GilesUpload.PRIORITY_HIGH, 0) if request.method == 'POST': form = ResourceGilesPriorityForm(request.POST) if form.is_valid(): if not auth.check_authorization(ResourceAuthorization.EDIT, request.user, resource): context['priority_change_error'] = 'Unauthorized' else: priority = form.cleaned_data.get('priority') success = resource.giles_uploads.all().update( priority=priority) context['priority_change_success'] = success context['form'] = form else: context['form'] = ResourceGilesPriorityForm() if request.GET.get('format', None) == 'json': return JsonResponse( ResourceDetailSerializer( context=context).to_representation(resource)) return render(request, 'resource.html', context)
def is_authorized(perm, user, obj): action = AUTHORIZATIONS_MAP.get(perm, perm) return check_authorization(action, user, obj)
def has_object_permission(self, request, view, obj): authorized = authorization.check_authorization('view_resource', request.user, obj) return authorized or request.user.is_superuser
def has_object_permission(self, request, view, obj): authorized = authorization.check_authorization( CollectionAuthorization.VIEW, request.user, obj) return authorized or request.user.is_superuser
def is_authorized(perm, user, obj): return check_authorization(perm, user, obj)