def test_wrong_formats(self): wrong_formats = ( #'{% get_obj_perms user for flatpage as obj_perms %}', # no quotes "{% get_obj_perms user for flatpage as 'obj_perms\" %}", # wrong quotes "{% get_obj_perms user for flatpage as 'obj_perms\" %}", # wrong quotes '{% get_obj_perms user for flatpage as obj_perms" %}', # wrong quotes "{% get_obj_perms user for flatpage as obj_perms' %}", # wrong quotes "{% get_obj_perms user for flatpage as %}", # no context_var '{% get_obj_perms for flatpage as "obj_perms" %}', # no user/group '{% get_obj_perms user flatpage as "obj_perms" %}', # no "for" bit '{% get_obj_perms user for flatpage "obj_perms" %}', # no "as" bit '{% get_obj_perms user for as "obj_perms" %}', # no object ) context = {"user": User.get_anonymous(), "flatpage": self.flatpage} for wrong in wrong_formats: fullwrong = "{% load guardian_tags %}" + wrong try: render(fullwrong, context) self.fail( "Used wrong get_obj_perms tag format: \n\n\t%s\n\n " "but TemplateSyntaxError have not been raised" % wrong ) except TemplateSyntaxError: pass
def render(self, context): for_whom = self.for_whom.resolve(context) if isinstance(for_whom, User): self.user = for_whom self.group = None elif isinstance(for_whom, AnonymousUser): self.user = User.get_anonymous() self.group = None elif isinstance(for_whom, Group): self.user = None self.group = for_whom else: raise Exception("User or Group instance required (got %s)" % for_whom.__class__) obj = self.obj.resolve(context) if self.user is not None: perms = self.user.get_object_perm_as_str_list(obj) if perms == 0: perms = [] for group in self.user.groups.all(): gperms = group.get_object_perm_as_str_list(obj) if not gperms == 0: perms += gperms else: perms = self.group.get_object_perm_as_str_list(obj) #check = ObjectPermissionChecker(for_whom) #perms = check.get_perms(obj) perms = list(set(perms)) context[self.context_var] = perms return ''
def test_anon_patch_with_model_permission_gives_200(self): benchmark = BenchmarkFactory() anon_user = User.get_anonymous() assign_perm('eyra.change_benchmark', anon_user) url = f'/api/v1/benchmarks/{benchmark.pk}/' response = self.client.patch(url, {'name': 'new_name'}) self.assertEqual(200, response.status_code)
def handle(self, *args, **options): user = User.get_anonymous() r = redis.StrictRedis(host='localhost', port=6379, db=1) while(True): try: playlist = Request.objects.filter(status='Q').order_by('created_on') for index, request in enumerate(playlist): request.status = 'P' request.played_on = datetime.datetime.now() request.save() try: r.set('now_playing', pickle.dumps(request.as_dict(), -1)) if index+1 < len(playlist): r.set('next_up', pickle.dumps(playlist[index+1].as_dict(), -1)) else: r.delete('next_up') call(["mpg123", request.track.mp3_file.path]) except: import traceback traceback.print_exc() sys.exit(1) finally: request.status = 'C' request.save() if not playlist: # find all songs that have been requested by real users requests = Request.objects.exclude(created_by_id=-1) # now exclude any song that has ever been voted down requests = requests.exclude(track_id__in=[t.track_id for t in Vote.objects.filter(score=-1)]) # exclude anything that has been played recently window = datetime.datetime.now() - datetime.timedelta(hours=6) requests = requests.exclude(track_id__in=[t.track_id for t in Request.objects.filter(created_on__gt=window)]) if requests: requests = requests.order_by('?') request = Request.objects.create(track=requests[0].track, created_by=user, modified_by=user, played_on=None) r.lpush('requests', pickle.dumps(request.as_dict(), -1)) r.ltrim('requests', 0, 100) # for the bug of tracks stucking on the playing status because of an unxpected system halt request_completed = Request.objects.filter(status='P').order_by('created_on') for req in request_completed: if long((datetime.datetime.now() - req.played_on).total_seconds()) > req.track.length: req.status = 'C' req.save() except: import traceback traceback.print_exc() sys.exit(1)
def _discourse_username_to_submitter(self, username, topic, topic_title): submitter = None submitter_url = None if username != 'comses': try: submitter = User.objects.get(username=username) except User.DoesNotExist: pass if submitter is None: category_id = topic['category_id'] logger.debug("category id: %s, topic title: %s, topic: %s", category_id, topic_title, topic) # special case lookup for real submitter # FIXME: get rid of magic constants target_object = None if category_id == 6: # jobs and appointments target_object = Job.objects.filter( title=topic_title).order_by('-date_created').first() elif category_id == 7: # events target_object = Event.objects.filter( title=topic_title).order_by('-date_created').first() elif category_id == 8: target_object = Codebase.objects.filter( title=topic_title).order_by('-date_created').first() if target_object: submitter = target_object.submitter submitter_url = submitter.member_profile.get_absolute_url() else: submitter = User.get_anonymous() return submitter, submitter_url
def response(self, request, username, project_slug, task_id): task = get_object_or_404(Task, id=task_id, project__author__username=username, project__slug=project_slug) if request.method == 'POST': form = TaskEditForm(request.POST, instance=task) if form.is_valid(): if request.user.is_authenticated(): editor = request.user else: editor = User.get_anonymous() # available from guardian task = form.save( editor=editor, editor_ip=request.META.get('REMOTE_ADDR', ''), ) task.create_revision() messages.success(request, _("Task updated successfully.")) task.notify() return redirect(task.get_absolute_url()) else: form = TaskEditForm(instance=task, initial={ 'owner': task.owner and task.owner.username or None, }) self.context['form'] = form return self.context
def test_anonymous_user(self): template = "".join( ("{% load guardian_tags %}", '{% get_obj_perms user for flatpage as "obj_perms" %}{{ perms }}') ) context = {"user": AnonymousUser(), "flatpage": self.flatpage} anon_output = render(template, context) context = {"user": User.get_anonymous(), "flatpage": self.flatpage} real_anon_user_output = render(template, context) self.assertEqual(anon_output, real_anon_user_output)
def handle(self, *args, **options): tracklib = Track.objects.all() lock_file = '/tmp/player.lock' user = User.get_anonymous() if os.path.exists(lock_file): sys.exit(0) else: call(["touch", lock_file]) try: while(True): try: playlist = Request.objects.filter(status='Q').order_by('created_on') for request in playlist: request.status = 'P' request.played_on = datetime.datetime.now() request.save() try: call(["mpg123", request.track.mp3_file.path]) except: import traceback traceback.print_exc() sys.exit(1) finally: request.status = 'C' request.save() if not playlist: #generate a random track request while no more request to play randomlist = tracklib.filter(is_active=True).exclude(name="").order_by('?') Request.objects.create(track=randomlist[0], created_by=user, modified_by=user, played_on =None) #for the bug of tracks stucking on the playing status because of an unxpected system halt request_completed = Request.objects.filter(status='P').order_by('created_on') if request_completed: for req in request_completed: if (datetime.datetime.now() - req.played_on).seconds > req.track.length: req.status = 'C' req.save() except: import traceback traceback.print_exc() sys.exit(1) finally: call(["rm", lock_file])
def test_anonymous_user(self): template = ''.join(( '{% load guardian_tags %}', '{% get_obj_perms user for contenttype as "obj_perms" %}{{ perms }}', )) context = {'user': AnonymousUser(), 'contenttype': self.ctype} anon_output = render(template, context) context = {'user': User.get_anonymous(), 'contenttype': self.ctype} real_anon_user_output = render(template, context) self.assertEqual(anon_output, real_anon_user_output)
def find_users_with_email(self, candidate_email, exclude_user=None): """ Return a queryset of user pks with the given email """ if exclude_user is None: exclude_user = User.get_anonymous() return EmailAddress.objects.filter(email=candidate_email).exclude( user=exclude_user).values_list('user').union( User.objects.filter(email=candidate_email).exclude( pk=exclude_user.pk).values_list('pk'))
def get_releases(self, obj): request = self.context.get('request') user = request.user if request else User.get_anonymous() queryset = CodebaseRelease.objects.filter( codebase_id=obj.pk).accessible(user).order_by('-version_number') # queryset = obj.releases.order_by('-version_number') return RelatedCodebaseReleaseSerializer(queryset, read_only=True, many=True, context=self.context).data
def test_get_resources_for_user(self): django_anon_user = AnonymousUser() guardian_anon_user = User.get_anonymous() auth_user = User.objects.create_user( 'testuser', '*****@*****.**', 'password') public_group = ExtendedGroup.objects.public_group() def django_anon_datasets(): return get_resources_for_user(django_anon_user, 'dataset') def guardian_anon_datasets(): return get_resources_for_user(guardian_anon_user, 'dataset') def auth_datasets(): return get_resources_for_user(auth_user, 'dataset') def public_datasets(): return get_objects_for_group( public_group, 'core.read_dataset' ) # The point of this test is to make sure getting # resources for the Anonymous User is the same as # getting resources for the Public Group. # (In practice, it should be the Guardian # Anonymous, but if it's Django for some reason, # it should still work.) self.assertTrue(auth_user.is_authenticated()) # Both ways should be the same, and empty, to begin: self.assertEqual(len(django_anon_datasets()), 0) self.assertEqual(len(guardian_anon_datasets()), 0) self.assertEqual(len(auth_datasets()), 0) self.assertEqual(len(public_datasets()), 0) # Create a data set: dataset = create_dataset_with_necessary_models() dataset.set_owner(auth_user) self.assertEqual(len(django_anon_datasets()), 0) self.assertEqual(len(guardian_anon_datasets()), 0) self.assertEqual(len(auth_datasets()), 1) self.assertEqual(len(public_datasets()), 0) # Make data set public: dataset.share(public_group) self.assertEqual(len(django_anon_datasets()), 1) self.assertEqual(len(guardian_anon_datasets()), 1) self.assertEqual(len(auth_datasets()), 1) self.assertEqual(len(public_datasets()), 1)
def has_permission(self, request, view): if getattr(view, '_ignore_model_permissions', False): return True user = request.user if not user.is_authenticated: # user is Django AnonymousUser user = User.get_anonymous() # guardians AnonymousUser queryset = self._queryset(view) perms = self.get_required_permissions(request.method, queryset.model) return user.has_perms(perms)
def generate_solr_params_for_user(params, user_id): """Creates the encoded solr params limiting results to one user. Keyword Argument params -- python dict or QueryDict Params/Solr Params is_annotation - metadata facet_count/facet - enables facet counts in query response, true/false offset - paginate, offset response limit/row - maximum number of documents field_limit - set of fields to return facet_field - specify a field which should be treated as a facet facet_filter - adds params to facet fields&fqs for filtering on fields facet_pivot - list of fields to pivot sort - Ordering include field name, whitespace, & asc or desc. fq - filter query """ try: user = User.objects.get(id=user_id) except User.DoesNotExist: user = User.get_anonymous() # will update to allow users to view read_meta datasets then we can # update to use get_resources_for_user method in core/utils datasets = get_objects_for_user(user, 'core.read_dataset', accept_global_perms=accept_global_perms( 'dataset' )) assay_uuids = [] for dataset in datasets: investigation_link = dataset.get_latest_investigation_link() if investigation_link is None: continue # It's not an error not to have data, # but there's nothing more to do here. investigation = investigation_link.investigation study_ids = Study.objects.filter( investigation=investigation ).values_list('id', flat=True) assay_uuids += Assay.objects.filter( study_id__in=study_ids ).values_list('uuid', flat=True) return generate_solr_params(params, assay_uuids=assay_uuids, facets_from_config=True)
def handle(self, *args, **options): tracklib = Track.objects.all() lock_file = '/tmp/player.lock' user = User.get_anonymous() if os.path.exists(lock_file): sys.exit(0) else: call(["touch", lock_file]) try: while(True): try: playlist = Request.objects.filter(status='Q').order_by('created_on') for request in playlist: request.status = 'P' request.played_on = datetime.datetime.now() request.save() try: call(["mpg123", request.track.mp3_file.path]) except: import traceback traceback.print_exc() sys.exit(1) finally: request.status = 'C' request.save() if not playlist: randomlist = tracklib.order_by('?') Request.objects.create(track=randomlist[0], created_by=user, modified_by=user, played_on =None) except: import traceback traceback.print_exc() sys.exit(1) finally: call(["rm", lock_file])
def load_initial_data(): flush_vavilov_tables() User = get_user_model() anon = User.get_anonymous() public_group = get_or_create_public_group() public_group.user_set.add(anon) non_public_permissions = [ 'View Observation', 'View observation images', 'View Observation Relationship', 'View Observation entity' ] if not ACCESSIONS_ARE_PUBLIC: non_public_permissions.append('View Accession') add_view_permissions(anon, filter_perms=non_public_permissions) load_initial_data_from_dict(SHARED_INITIAL_DATA_TO_LOAD)
def generate_solr_params_for_user(params, user_id): """Creates the encoded solr params limiting results to one user. Keyword Argument params -- python dict or QueryDict Params/Solr Params is_annotation - metadata facet_count/facet - enables facet counts in query response, true/false offset - paginate, offset response limit/row - maximum number of documents field_limit - set of fields to return facet_field - specify a field which should be treated as a facet facet_filter - adds params to facet fields&fqs for filtering on fields facet_pivot - list of fields to pivot sort - Ordering include field name, whitespace, & asc or desc. fq - filter query """ try: user = User.objects.get(id=user_id) except User.DoesNotExist: user = User.get_anonymous() # will update to allow users to view read_meta datasets then we can # update to use get_resources_for_user method in core/utils datasets = get_objects_for_user( user, 'core.read_dataset', accept_global_perms=accept_global_perms('dataset')) assay_uuids = [] for dataset in datasets: investigation_link = dataset.get_latest_investigation_link() if investigation_link is None: continue # It's not an error not to have data, # but there's nothing more to do here. investigation = investigation_link.investigation study_ids = Study.objects.filter( investigation=investigation).values_list('id', flat=True) assay_uuids += Assay.objects.filter( study_id__in=study_ids).values_list('uuid', flat=True) return generate_solr_params(params, assay_uuids=assay_uuids, facets_from_config=True)
def render(self, context): for_whom = self.for_whom.resolve(context) if isinstance(for_whom, User): self.user = for_whom self.group = None elif isinstance(for_whom, AnonymousUser): self.user = User.get_anonymous() self.group = None elif isinstance(for_whom, Group): self.user = None self.group = for_whom else: raise NotUserNorGroup("User or Group instance required (got %s)" % for_whom.__class__) model = self.model.resolve(context) perms = get_codename_perms(model) context[self.context_var] = perms return ''
def render(self, context): for_whom = self.for_whom.resolve(context) if isinstance(for_whom, User): self.user = for_whom self.group = None elif isinstance(for_whom, AnonymousUser): self.user = User.get_anonymous() self.group = None elif isinstance(for_whom, Group): self.user = None self.group = for_whom else: raise NotUserNorGroup("User or Group instance required (got %s)" % for_whom.__class__) obj = self.obj.resolve(context) check = ObjectPermissionChecker(for_whom) perms = check.get_perms(obj) context[self.context_var] = perms return ''
def render(self, context): for_whom = self.for_whom.resolve(context) if isinstance(for_whom, User): self.user = for_whom elif isinstance(for_whom, AnonymousUser): self.user = User.get_anonymous() else: raise NotUser("User instance required (got %s)" % for_whom.__class__) obj = self.obj.resolve(context) if self.perm: if for_whom.has_perm(self.perm, obj): perms = [ self.perm ] else: perms = [] else: check = ObjectPermissionChecker(for_whom) perms = check.get_perms(obj) context[self.context_var] = perms return ''
def render(self, context): for_whom = self.for_whom.resolve(context) if isinstance(for_whom, User): self.user = for_whom elif isinstance(for_whom, AnonymousUser): self.user = User.get_anonymous() else: raise NotUser("User instance required (got %s)" % for_whom.__class__) obj = self.obj.resolve(context) if self.perm: if for_whom.has_perm(self.perm, obj): perms = [self.perm] else: perms = [] else: check = ObjectPermissionChecker(for_whom) perms = check.get_perms(obj) context[self.context_var] = perms return ''
def test_wrong_formats(self): wrong_formats = ( '{% get_obj_perms user for contenttype as obj_perms %}', # no quotes '{% get_obj_perms user for contenttype as \'obj_perms" %}', # wrong quotes '{% get_obj_perms user for contenttype as \'obj_perms" %}', # wrong quotes '{% get_obj_perms user for contenttype as obj_perms" %}', # wrong quotes '{% get_obj_perms user for contenttype as obj_perms\' %}', # wrong quotes '{% get_obj_perms user for contenttype as %}', # no context_var '{% get_obj_perms for contenttype as "obj_perms" %}', # no user/group '{% get_obj_perms user contenttype as "obj_perms" %}', # no "for" bit '{% get_obj_perms user for contenttype "obj_perms" %}', # no "as" bit '{% get_obj_perms user for as "obj_perms" %}', # no object ) context = {'user': User.get_anonymous(), 'contenttype': self.ctype} for wrong in wrong_formats: fullwrong = '{% load guardian_tags %}' + wrong try: render(fullwrong, context) self.fail("Used wrong get_obj_perms tag format: \n\n\t%s\n\n " "but TemplateSyntaxError have not been raised" % wrong) except TemplateSyntaxError: pass
def handle(self, *args, **options): user = User.get_anonymous() r = get_redis_connection('default') while(True): try: playlist = Request.objects.filter(status='Q').order_by('created_on') for index, request in enumerate(playlist): request.status = 'P' request.played_on = timezone.now() request.save() try: r.set('now_playing', pickle.dumps(request.as_dict(), -1)) if index+1 < len(playlist): r.set('next_up', pickle.dumps(playlist[index+1].as_dict(), -1)) else: r.delete('next_up') call(["mpg123", request.track.mp3_file.path]) except: import traceback traceback.print_exc() sys.exit(1) finally: request.status = 'C' request.save() if not playlist: user_tz = pytz.timezone(settings.USER_TIME_ZONE) now = user_tz.normalize(timezone.now()) print now.hour if now.hour >= 9 and now.hour <= 17 and now.isoweekday() < 6: # find all songs that have been requested by real users requests = Request.objects.exclude(created_by_id=-1) # now exclude any song that has ever been voted down requests = requests.exclude(track_id__in=[t.track_id for t in Vote.objects.filter(score=-1)]) # exclude anything that has been played recently window = timezone.now() - datetime.timedelta(hours=6) requests = requests.exclude(track_id__in=[t.track_id for t in Request.objects.filter(created_on__gt=window)]) if requests: requests = requests.order_by('?') request = Request.objects.create(track=requests[0].track, created_by=user, modified_by=user, played_on=None) r.lpush('requests', pickle.dumps(request.as_dict(), -1)) r.ltrim('requests', 0, 100) else: print "%s - no longer workday, skipping" % now # wait a bit before checking again time.sleep(15) # for the bug of tracks stucking on the playing status because of an unexpected system halt request_completed = Request.objects.filter(status='P').order_by('created_on') for req in request_completed: if long((timezone.now() - req.played_on).total_seconds()) > req.track.length: req.status = 'C' req.save() except: import traceback traceback.print_exc() finally: time.sleep(1)
def get_db_user(user): """Replaces AnonymousUser with Guardian anonymous user db record. Otherwise returns input""" return User.get_anonymous() if user.is_anonymous else user
def assign_anon_permissions(): # guardian anon user anon_user = User.get_anonymous() assign_perm('eyra.view_benchmark', anon_user) assign_perm('eyra.view_submission', anon_user) assign_perm('eyra.view_algorithm', anon_user)