def get(self):
response = {
"code": 200,
"type": "List of Red Flags.",
"method": "GET",
"response": "OK",
"data": []
}
if not self.request.get('dataset_id'):
self.error(400)
return
dataset_key = ndb.Key('APIData',
normalize_id(self.request.get('dataset_id')))
redflags = RedFlag.query(RedFlag.links == dataset_key).fetch(50)
redflag_objects = []
for redflag in redflags:
redflag_objects.append(redflag.to_object())
response['data'] = redflag_objects
if self.GET("callback"):
callback = self.GET("callback")
d = json.dumps(response)
self.response.out.write(callback + "(" + d + ");")
else:
wrap_response(self, response)
def get(self, data_id=None):
desc = "The GET method is not supported "
desc += "for this endpoint."
response = {}
response["response"] = "UnsupportedMethodError"
response["description"] = desc
response["code"] = 405
wrap_response(self, response)
def get(self, data_id=None):
"""
Handles the /api/v1/data/[data_id] endpoint.
Returns the details of the data_id provided.
"""
response = {
"code": 200,
"type": "Data details.",
"method": "GET",
"response": "OK",
"data": {}
}
try:
data_id = int(data_id)
except ValueError:
data_id = str(data_id)
except Exception as e:
logging.exception(e)
wrap_response(self, response)
return
data = APIData.get_by_id(normalize_id(data_id))
if data:
# TODO: Add check for authorization
response["data"] = data.to_api_object()
if self.request.get('show_environments'):
public = False
for environment_key in data.environment:
logging.debug(str(data.environment))
if environment_key.id() == 'PUBLIC':
public = True
else:
environment = environment_key.get()
if environment:
response["data"][
"environment_object"] = environment.to_api_object(
)
if public:
response["data"]["public"] = True
else:
response["data"]["public"] = False
if self.GET("callback"):
callback = self.GET("callback")
d = json.dumps(response)
self.response.out.write(callback + "(" + d + ");")
else:
wrap_response(self, response)
def get(self, user_id=None):
response = {
"code": 200,
"type": "List of users",
"method": "GET",
"response": "OK",
"data": []
}
if self.request.get('check_email'):
resp = {}
resp['exist'] = False
email = self.request.get('check_email').replace(' ', '+')
resp['email'] = email
user = User.query(User.current_email == email).get(keys_only=True)
if user:
resp['exist'] = True
self.response.headers['Content-Type'] = 'application/json'
self.response.write(json.dumps(resp))
else:
if user_id:
response["type"] = "Get user data."
user = User.get_by_id(int(user_id))
if user:
response["data"] = {}
response["data"] = user.to_api_object(
user_role=self.user.role, level=self.user.level)
else:
query = User.query()
query = query.order(User.last_name)
if self.GET("cursor"):
curs = Cursor(urlsafe=self.GET("cursor"))
users, cursor, more = query.fetch_page(50,
start_cursor=curs)
else:
users, cursor, more = query.fetch_page(50)
if users:
for user in users:
response["data"].append(
user.to_api_object(user_role=self.user.role,
level=self.user.level))
if more:
response["cursor"] = cursor.urlsafe()
wrap_response(self, response)
def post(self, data_id=None):
# TODO: Rewrite this for environments
if not data_id:
desc = "ID is missing from the request."
response["success"] = False
response["response"] = "MissingParametersError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
data = APIData.get_by_id(normalize_id(data_id))
if not data:
desc = "Cannot find the package."
response["success"] = False
response["response"] = "InvalidIDError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
if self.user.key != data.user:
if not self.user.teams:
msg = "You have insufficient rights to access this application."
response["success"] = False
response["response"] = "InvalidIDError"
response["description"] = msg
response["code"] = 400
wrap_response(self, response)
return
has_access = False
for team in self.user.teams:
if team in data.access_lock:
has_access = True
if not has_access:
msg = "You have insufficient rights to access this application."
response["success"] = False
response["response"] = "InvalidIDError"
response["description"] = msg
response["code"] = 400
else:
data.access_lock.remove("PRIVATE")
data.access_lock.append("PUBLIC")
data.access_lock = uniquify(data.access_lock)
data.put()
msg = "The data has been published and is now public."
response["success"] = True
response["response"] = "Success"
response["description"] = msg
response["code"] = 200
wrap_response(self, response)
def get(self):
"""
Handles the /admin/register endpoint.
Agency Admin registration.
"""
if self.GET("ajax"):
n = 50
if self.GET("n"):
n = int(self.GET("n"))
query = User.query()
query = query.filter(User.role == "AGENCYADMIN")
if self.GET("status"):
query = query.filter(User.status == self.GET("status").upper())
if self.GET("cursor"):
curs = Cursor(urlsafe=self.GET("cursor"))
users, cursor, more = query.fetch_page(n, start_cursor=curs)
else:
users, cursor, more = query.fetch_page(n)
response = {}
response["more"] = False
response["users"] = []
response["cursor"] = ""
if users:
for user in users:
response["users"].append(user.to_approval_object())
if more:
response["more"] = True
response["cursor"] = cursor.urlsafe()
response["url"] = CURRENT_URL
response["url"] += "agency/admins?ajax=1&status="
response["url"] += self.GET("status")
response["url"] += "&cursor=" + cursor.urlsafe()
if self.GET("n"):
response["url"] += "&n=" + self.GET("n")
wrap_response(self, response)
else:
self.render("register-approve.html")
def post(self):
"""
Handles the /admin/register endpoint.
Agency Admin registration.
"""
if self.POST("agency_admin_id") and self.POST("action"):
user = User.get_by_id(int(self.POST("agency_admin_id")))
if user:
if self.POST("action") == "approve":
user.approved_by_name = " ".join(
[self.user.first_name, self.user.last_name])
user.approved_by_key = self.user.key
user.approved_on = datetime.datetime.now()
user.status = "APPROVED"
content = {
"receiver_name": user.first_name,
"receiver_email": user.current_email,
"subject": "Account Approved",
"email_type": "approve_account"
}
taskqueue.add(url="/tasks/email/send",
params=content,
method="POST")
elif self.POST("action") == "disapprove":
user.status = "DISAPPROVED"
user.disapproved_on = datetime.datetime.now()
user.disapproved_by_name = " ".join(
[self.user.first_name, self.user.last_name])
user.disapproved_by_key = self.user.key
else:
wrap_response(self, {"status": "error"})
return
user.put()
wrap_response(self, {"status": "ok"})
return
wrap_response(self, {"status": "error"})
def get(self):
"""
Handles the /api/v1/uacs endpoint.
Returns list of uacs.
"""
response = {
"code": 200,
"type": "",
"method": "GET",
"response": "OK",
"data": []
}
department = ""
agency = ""
region = ""
operating_unit = ""
if self.request.get('department'):
department = self.request.get('department').upper().strip()
if self.request.get('agency'):
agency = self.request.get('agency').upper().strip()
if self.request.get('region'):
region = self.request.get('region').upper().strip()
if self.request.get('operating_unit'):
operating_unit = self.request.get('operating_unit').upper().strip()
uacs_json_file = json.load(open('uacs.json'))
response_json = []
if department:
if department in uacs_json_file:
if agency:
if agency in uacs_json_file[department]:
if region:
if region in uacs_json_file[department][agency]:
response_json = uacs_json_file[department][agency][region]
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response_json = sorted(uacs_json_file[department][agency].keys())
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response_json = sorted(uacs_json_file[department].keys())
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response_json = sorted(uacs_json_file.keys())
response['data'] = response_json
if self.GET("callback"):
callback = self.GET("callback")
d = json.dumps(response)
self.response.out.write(callback + "(" + d + ");")
else:
wrap_response(self, response)
def get(self):
"""
Handles the /api/v1/uacs endpoint.
Returns list of uacs.
"""
response = {
"code": 200,
"type": "",
"method": "GET",
"response": "OK",
"description": "",
"data": []
}
if not self.GET("uacs_type"):
response["response"] = "ERROR"
response["desc"] = "Parameter uacs_type is required."
wrap_response(self, response)
return
uacs_type = self.GET("uacs_type")
if uacs_type.lower() not in [
"funding source", "organization", "location", "pap",
"object code"
]:
response["response"] = "ERROR"
response["desc"] = "Invalid uacs_type: " + uacs_type + "."
wrap_response(self, response)
return
if self.GET("uacs_code"):
if uacs_type.lower() == "organization":
if len(self.GET("uacs_code")) > 12 or len(
self.GET("uacs_code")) == 0:
response["response"] = "ERROR"
response["desc"] = "Invalid uacs_code: " + self.GET(
"uacs_code") + "."
wrap_response(self, response)
return
if uacs_type.lower() == "organization":
uacs_json_file = json.load(open('uacs_organization.json'))
uacs_code = self.GET("uacs_code")
if uacs_type.lower() == "organization" and uacs_code:
if len(uacs_code) == 2:
if uacs_code in uacs_json_file:
response_json = uacs_json_file[uacs_code]
response["type"] = "Department"
response["description"] = "List of department agencies."
response["data"] = response_json
else:
response["code"] = 404
response["response"] = "NOT FOUND"
elif len(uacs_code) == 5:
department_uacs = uacs_code[:2]
if department_uacs in uacs_json_file:
if uacs_code in uacs_json_file[department_uacs]["AGENCY"]:
response_json = uacs_json_file[department_uacs][
"AGENCY"][uacs_code]
response["type"] = "Agency"
response[
"description"] = "List of regions in a department agency."
response["data"] = response_json
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
elif len(uacs_code) == 7:
department_uacs = uacs_code[:2]
agency_uacs = uacs_code[:5]
region_uacs = uacs_code
if department_uacs in uacs_json_file:
if agency_uacs in uacs_json_file[department_uacs][
"AGENCY"]:
if region_uacs in uacs_json_file[department_uacs][
"AGENCY"][agency_uacs]["REGION"]:
response_json = uacs_json_file[department_uacs][
"AGENCY"][agency_uacs]["REGION"][region_uacs]
response["type"] = "Region"
response[
"description"] = "Low level operating unit in a department agency region."
response["data"] = response_json
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
elif len(uacs_code) == 12:
department_uacs = uacs_code[:2]
agency_uacs = uacs_code[:5]
region_uacs = uacs_code[:7]
lower_lvl_op_unit_uacs = uacs_code
if department_uacs in uacs_json_file:
if agency_uacs in uacs_json_file[department_uacs][
"AGENCY"]:
if region_uacs in uacs_json_file[department_uacs][
"AGENCY"][agency_uacs]["REGION"]:
if lower_lvl_op_unit_uacs in uacs_json_file[
department_uacs]["AGENCY"][agency_uacs][
"REGION"][region_uacs][
"LOWER LEVEL OPERATING UNIT"]:
response_json = uacs_json_file[
department_uacs]["AGENCY"][agency_uacs][
"REGION"][region_uacs][
"LOWER LEVEL OPERATING UNIT"][
uacs_code]
response["type"] = "Lower Level Operating Unit"
response[
"description"] = "List of low level operating unit in a department agency region."
response["data"] = response_json
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
department = ""
agency = ""
region = ""
operating_unit = ""
if self.GET('department'):
department = self.GET('department').upper().strip()
if self.GET('agency'):
agency = self.GET('agency').upper().strip()
if self.GET('region'):
region = self.GET('region').upper().strip()
if self.GET('operating_unit'):
operating_unit = self.GET('operating_unit').upper().strip()
response_json = []
if department:
if department in uacs_json_file:
if agency:
if agency in uacs_json_file[department]["AGENCY"]:
if region:
if region in uacs_json_file[department][
agency]:
response_json = uacs_json_file[department][
agency][region]
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response_json = uacs_json_file[department][
"AGENCY"][agency]
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response_json = uacs_json_file[department]
else:
response["code"] = 404
response["response"] = "NOT FOUND"
else:
response_json = uacs_json_file
response['data'] = response_json
if self.GET("callback"):
callback = self.GET("callback")
d = json.dumps(response)
self.response.out.write(callback + "(" + d + ");")
else:
wrap_response(self, response)
def post(self, data_id=None):
response = {
"code": 200,
"type": "List of users",
"method": "POST",
"response": "OK",
"data": []
}
if data_id:
user = User.get_by_id(int(data_id))
if self.POST("action") == "disable":
response["type"] = "Disable user account."
if user:
user.status = "DISABLED"
user.put()
response["data"] = user.to_api_object(
user_role=self.user.role, level=self.user.level)
else:
response["code"] = 400
response["response"] = "ERROR"
wrap_response(self, response)
return
if self.POST("action") == "approve":
response["type"] = "Enable user account."
if user:
user.status = "APPROVED"
user.approved_by_key = self.user.key
user.approved_by_name = self.user.name
user.approved_on = datetime.datetime.utcnow()
user.put()
response["data"] = user.to_api_object(
user_role=self.user.role, level=self.user.level)
else:
response["code"] = 400
response["response"] = "ERROR"
wrap_response(self, response)
return
if self.POST("action") == "enable":
response["type"] = "Enable user account."
if user:
user.status = "APPROVED"
user.put()
response["data"] = user.to_api_object(
user_role=self.user.role, level=self.user.level)
else:
response["code"] = 400
response["response"] = "ERROR"
wrap_response(self, response)
return
elif self.POST("action") == "update":
if user:
if self.POST("first_name"):
user.first_name = self.POST("first_name")
if self.POST("middle_name"):
user.middle_name = self.POST("middle_name")
if self.POST("last_name"):
user.last_name = self.POST("last_name")
if self.POST("role"):
user.level = int(self.POST("role"))
if user.level == 2:
user.role = 'CLUSTERDIRECTOR'
elif user.level == 3:
user.role = 'AGENCYADMIN'
elif user.level == 4:
user.role = 'GEOSTOREADMIN'
else:
user.role = 'USER'
if self.POST("email"):
user.current_email = self.POST("email").strip().lower()
user.email_list.append(user.current_email)
if self.POST("access_key"):
access_key = ["PUBLIC"]
for key in self.POST("access_key").split(","):
if key:
access_key.append(key.upper().strip())
user.access_key = uniquify(access_key)
user.put()
msg = "User has been updated."
success_message(self, msg)
self.redirect("/dashboard")
def get(self):
"""
Handles the /api/v1/logs endpoint.
Returns list of logs.
"""
response = {
"code": 200,
"type": "List of geostore logs.",
"method": "GET",
"response": "OK",
"data": []
}
# Default number of entities to be retrieved is 50.
n = 150
if self.GET("n"):
n = int(self.GET("n"))
# if the number of entities to be retrieved given is
# greater than 100. Switch back to default which is 100
if n > 500:
n = 500
query = SL.query()
for arg in self.request.arguments():
if arg.lower() == "callback" \
or arg.lower() == "_" \
or arg.lower() == "order" \
or arg.lower() == "cursor" \
or arg.lower() == "n" \
or arg.lower() == "_search_" \
or arg.lower() == "show_image_dates" \
or arg.lower() == "start_updated_from" \
or arg.lower() == "csv" \
or arg.lower() == "start_created_from":
continue
ad_value = self.GET(arg)
tag = create_indexed_tag(arg, ad_value)
query = query.filter(SL.indexed_data == tag)
query = query.order(-SL.created)
logging.info(query)
if self.GET("cursor"):
curs = Cursor(urlsafe=self.GET("cursor"))
data, cursor, more = query.fetch_page(n, start_cursor=curs)
else:
data, cursor, more = query.fetch_page(n)
if data:
response["cursor"] = ""
data.reverse()
previous = None
for d in data:
try:
response["data"].append(d.to_api_object(change_against=previous))
previous = d
except Exception as e:
logging.debug(e)
response["data"].reverse()
if more:
response["cursor"] = cursor.urlsafe()
if self.GET("callback"):
callback = self.GET("callback")
d = json.dumps(response)
self.response.out.write(callback + "(" + d + ");")
else:
wrap_response(self, response)
def get(self, group_id=None):
if self.user.role != 'CLUSTERDIRECTOR':
self.redirect('/environment')
return
self.tv['page_user_groups'] = True
if group_id:
group = UserGroup.get_by_id(int(group_id))
if group:
if self.GET("ta") == "join":
if self.user.current_email in group.invited_users:
if self.user.key in group.users:
msg = "You are already a member of the "
msg += group.title
msg += " user group."
error_message(self, msg)
else:
self.user.user_groups.append(str(group.key.id()))
self.user.put()
group.users.append(self.user.key)
group.invited_users.remove(self.user.current_email)
group.put()
if group.environments:
for environment in group.environments:
environment = environment.get()
if environment:
if self.user.key not in environment.users:
environment.users.append(
self.user.key)
environment.put()
msg = "You have successfully joined the "
msg += group.title
msg += " user group."
success_message(self, msg)
else:
msg = "Cannot find user group."
error_message(self, msg)
self.redirect("/groups")
else:
if self.user.role == "CLUSTERDIRECTOR":
wrap_response(self, group.to_object())
else:
self.redirect("/groups")
else:
if self.user.role == "CLUSTERDIRECTOR":
wrap_response(self, {"error": "cannot find user group"})
else:
self.redirect("/groups")
else:
query = UserGroup.query()
if self.user.role == "CLUSTERDIRECTOR":
query = query.filter(UserGroup.owner == self.user.key)
else:
query = query.filter(
ndb.OR(UserGroup.users == self.user.key,
UserGroup.invited_users == self.user.current_email))
groups = query.fetch()
self.tv["user_groups"] = []
if groups:
for g in groups:
if self.GET('fetch'):
if self.GET('environmentid'):
environment = Environment.get_by_id(
int(self.GET('environmentid')))
if self.GET('addusergroup'):
if g.key not in environment.user_groups:
self.tv["user_groups"].append(
g.to_object())
elif self.GET('removeusergroup'):
if g.key in environment.user_groups:
self.tv["user_groups"].append(
g.to_object())
else:
self.tv["user_groups"].append(g.to_object())
if self.GET('fetch'):
wrap_response(self, self.tv['user_groups'])
return
self.tv["breadcrumb"] = [{
"name": "User Groups",
"link": "/groups"
}]
if self.user.role == "CLUSTERDIRECTOR":
self.tv["show_new_group"] = True
self.render("groups.html")
else:
self.render("groups-user.html")
def post(self, data_id=None):
response = {}
response["success"] = True
logging.info(self.request.headers)
content_type = self.request.headers["Content_Type"]
if not self.user:
if content_type == "application/json":
if "Authorization" not in self.request.headers:
logging.info("No Authorization in headers")
desc = "You must be logged in to use the API."
response["success"] = False
response["response"] = "AuthorizationError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
if self.request.headers["Authorization"] == API_KEY:
if not self.request.headers["From"]:
logging.info("No email defined")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
user_email = self.request.headers["From"].lower()
query = User.query()
owner = query.filter(
User.current_email == user_email).get()
if not owner:
logging.info("Cannot find user")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
else:
token = Token.get_by_id(
self.request.headers["Authorization"])
if not token:
logging.info(
"Cannot find token: " +
str(self.request.headers["Authorization"]))
desc = "The token you provided is invalid."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(token)
session = token.session.get()
if not session:
logging.info("Cannot find session")
desc = "The token has already expired."
response["error"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(session)
if session.expires < datetime.datetime.now(
) or session.status is False:
logging.info("token has expired or not active")
desc = "The token has already expired."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
else:
desc = "You must be logged in to use the API."
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
if not data_id:
desc = "ID is missing from the request."
if content_type == "application/json":
response["success"] = False
response["response"] = "MissingParametersError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
else:
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
return
data = APIData.get_by_id(normalize_id(data_id))
if not data:
desc = "Cannot find the package."
if content_type == "application/json":
response["success"] = False
response["response"] = "InvalidIDError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
else:
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
return
if data.archived:
desc = "Cannot find the package."
if content_type == "application/json":
response["success"] = False
response["response"] = "InvalidIDError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
else:
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
return
desc = "There are missing parameters in your request."
if content_type == "application/json":
if not self.request.body:
response["success"] = False
response["response"] = "MissingParametersError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
try:
body = json.loads(self.request.body)
except Exception as e:
logging.info(e)
desc = "Invalid JSON format."
response["success"] = False
response["response"] = "InvalidJSONError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
tags = []
try:
for key, value in body.items():
try:
tags += create_tags(value)
except Exception as e:
logging.info("Cannot create tag from: ")
logging.info(e)
if key.startswith('unindexed_'): # unindexed_
ad_key = key.replace("unindexed_", "")
data.additional_data[ad_key] = value.strip()
if key.startswith('indexed_'):
ad_key = key.replace("indexed_", "")
data.additional_data[ad_key] = value
for d in data.indexed_data:
ad_key = key.replace("indexed_", "")
if d.startswith(ad_key.upper()):
try:
data.indexed_data.remove(d)
except Exception as e:
logging.exception(e)
logging.info("Cannot remove from list")
data.indexed_data.append(create_indexed_tag(
key, value))
if self.user:
data.username = self.user.name
data.user = self.user.key
data.indexed_data = uniquify(data.indexed_data)
data.tags = uniquify(tags)
data.put()
desc = "Data has been saved."
response["success"] = True
response["response"] = "Success"
response["description"] = desc
response["code"] = 200
response["data"] = data.to_api_object()
wrap_response(self, response)
except Exception as e:
logging.exception(e)
desc = "A server error occured. Please try again later."
response["success"] = False
response["response"] = "ServerError"
response["description"] = desc
response["code"] = 500
wrap_response(self, response)
else:
if not self.request.arguments():
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
return
tags = []
try:
for arg in self.request.arguments():
for d in data.indexed_data:
ad_key = arg.replace("indexed_", "")
if d.startswith(ad_key.upper()):
try:
data.indexed_data.remove(d)
except Exception as e:
logging.exception(e)
logging.info("Cannot remove from list")
if arg.startswith('unindexed_'):
ad_key = arg.replace("unindexed_", "")
ad_value = self.request.POST.get(arg)
data.additional_data[ad_key] = ad_value.strip()
try:
tags += create_tags(ad_value)
except Exception as e:
logging.info("Cannot create tag from: ")
logging.info(e)
if arg.startswith('indexed_'):
ad_key = arg.replace("indexed_", "")
ad_value = self.request.POST.get(arg)
data.additional_data[ad_key] = ad_value
try:
tags += create_tags(ad_value)
except Exception as e:
logging.info("Cannot create tag from: ")
logging.info(e)
data.indexed_data.append(
create_indexed_tag(arg,
self.request.POST.get(arg)))
if arg.startswith('file_'):
filename = BUCKET_NAME
filename += random_string(20) + "/"
ad_key = arg.replace("file_", "")
data.additional_data[ad_key] = {}
try:
# try:
file_name = self.request.POST.get(arg).filename
filename += file_name
gcs_file = gcs.open(
filename,
'w',
options={'x-goog-acl': 'public-read'})
gcs_file.write(self.request.get(arg))
gcs_file.close()
full_url = "https://storage.googleapis.com" + filename
# data.additional_data["file"]["file_url"] = full_url
data.file_url = full_url
data.additional_data[ad_key]["file_url"] = full_url
try:
blob_key = blobstore.create_gs_key("/gs" +
filename)
data.serving_url = images.get_serving_url(
blob_key)
data.additional_data[ad_key][
"serving_url"] = data.serving_url
data.gcs_key = blobstore.BlobKey(blob_key)
except Exception as e:
logging.exception(e)
logging.error("not an image??")
data.additional_data[ad_key][
"serving_url"] = full_url
except AttributeError, e:
logging.exception(e)
logging.exception("NO FILE ATTACHED")
if self.user:
data.username = self.user.name
data.user = self.user.key
data.indexed_data = uniquify(data.indexed_data)
data.tags = uniquify(tags)
data.put()
desc = "Data has been updated."
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?success=" + urllib.quote(desc)
self.redirect(url)
else:
response["success"] = True
response["response"] = "Success"
response["description"] = desc
response["code"] = 200
response["data"] = data.to_api_object()
wrap_response(self, response)
except Exception as e:
logging.exception(e)
desc = "A server error occured. Please try again later."
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
else:
url = self.request.referer
if url:
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
else:
response["success"] = False
response["response"] = "ServerError"
response["description"] = desc
response["code"] = 500
wrap_response(self, response)
def get(self, environment_key_urlsafe=None):
"""
Returns the list of environments of a logged in user
"""
n = 50
response = {
"code": 200,
"type": "List of geostore environments.",
"method": "GET",
"response": "OK",
"data": []
}
if self.user:
if environment_key_urlsafe:
environment = Environment.get_by_id(ndb.Key(urlsafe=environment_key_urlsafe).id())
if not environment:
self.error(404)
return
response['data'] = [environment.to_object()]
else:
query = Environment.query()
query = query.filter(Environment.users == self.user.key)
if self.GET("cursor"):
curs = Cursor(urlsafe=self.GET("cursor"))
data, cursor, more = query.fetch_page(n, start_cursor=curs)
else:
data, cursor, more = query.fetch_page(n)
if data:
response["cursor"] = ""
for d in data:
try:
response["data"].append(d.to_object())
except Exception as e:
logging.exception(e)
if more:
response["cursor"] = cursor.urlsafe()
else:
if self.GET('user'):
user = ndb.Key('User', int(self.GET('user')))
if user.get():
query = Environment.query()
query = query.filter(Environment.users == user)
if self.GET("cursor"):
curs = Cursor(urlsafe=self.GET("cursor"))
data, cursor, more = query.fetch_page(n, start_cursor=curs)
else:
data, cursor, more = query.fetch_page(n)
if data:
response["cursor"] = ""
for d in data:
try:
response["data"].append(d.to_object())
except Exception as e:
logging.exception(e)
if more:
response["cursor"] = cursor.urlsafe()
wrap_response(self, response)
def get(self):
"""
Handles the /api/v1/data endpoint.
Returns list of datasets.
"""
response = {
"code": 200,
"type": "List of geostore saved data.",
"method": "GET",
"response": "OK",
"data": []
}
# Default number of entities to be retrieved is 50.
n = 50
if self.GET("n"):
n = int(self.GET("n"))
# if the number of entities to be retrieved given is
# greater than 100. Switch back to default which is 100
if n > 100:
n = 100
query = APIData.query()
query = query.filter(APIData.archived == False)
if not self.user:
if "Authorization" in self.request.headers:
token = Token.get_by_id(self.request.headers["Authorization"])
if not token:
logging.info("Cannot find token: " +
str(self.request.headers["Authorization"]))
desc = "The token you provided is invalid."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(token)
session = token.session.get()
if not session:
logging.info("Cannot find session")
desc = "The token has already expired."
response["error"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(session)
if session.expires < datetime.datetime.now(
) or session.status is False:
logging.info("token has expired or not active")
desc = "The token has already expired."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
owner = session.owner.get()
if not owner:
logging.info("Cannot find user")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
self.user = owner
if self.user and self.GET('workspace'):
environment = ndb.Key(urlsafe=self.GET('workspace')).get()
if environment:
if self.user.key in environment.users:
environment_key = environment.key
query = query.filter(
APIData.environment == environment_key)
elif self.user and not self.GET('workspace') and (
not self.GET('type')
or not self.GET('type') in ['PROJECT', 'SUBPROJECT']):
environments_user = Environment.query(
Environment.users == self.user.key).fetch(keys_only=True)
environments_user.append(ndb.Key('Environment', 'PUBLIC'))
query = query.filter(
APIData.environment.IN(environments_user)).order(APIData._key)
else:
query = query.filter(
APIData.environment == ndb.Key('Environment', 'PUBLIC'))
if self.GET("_search_"):
response["type"] = "Search geostore saved data."
response["query"] = self.GET("_search_")
search = self.GET("_search_").strip().upper()
query = query.filter(APIData.tags >= search)
query = query.order(APIData.tags)
else:
for arg in self.request.arguments():
if arg.lower() == "callback" \
or arg.lower() == "_" \
or arg.lower() == "order" \
or arg.lower() == "cursor" \
or arg.lower() == "n" \
or arg.lower() == "_search_" \
or arg.lower() == "show_image_dates" \
or arg.lower() == "start_updated_from" \
or arg.lower() == "start_created_from":
continue
ad_value = self.GET(arg)
tag = create_indexed_tag(arg, ad_value)
query = query.filter(APIData.indexed_data == tag)
if self.GET("order"):
if self.GET("order").lower() in ["asc", "ascending"]:
query = query.order(APIData.updated_time)
elif self.GET("order").lower() in ["desc", "descending"]:
query = query.order(-APIData.updated_time)
elif self.GET("order").lower() == "created_asc":
query = query.order(APIData.created_time)
elif self.GET("order").lower() == "created_desc":
query = query.order(-APIData.created_time)
elif self.GET("order").lower() == "modified":
query = query.order(APIData.updated_time)
else:
query = query.order(-APIData.created_time)
if self.GET("start_updated_from"):
logging.debug(self.GET("start_updated_from"))
if self.GET("order").lower() in ["desc", "descending"]:
query = query.filter(
APIData.updated_time <= datetime.datetime.
fromtimestamp(int(self.GET("start_updated_from"))))
else:
query = query.filter(
APIData.updated_time >= datetime.datetime.
fromtimestamp(int(self.GET("start_updated_from"))))
elif self.GET('start_created_from'):
logging.debug(self.GET("start_created_from"))
if self.GET("order").lower() in ["desc", "descending"]:
query = query.filter(
APIData.created_time <= datetime.datetime.
fromtimestamp(int(self.GET("start_created_from"))))
else:
query = query.filter(
APIData.created_time >= datetime.datetime.
fromtimestamp(int(self.GET("start_created_from"))))
logging.info(query)
if self.GET("cursor"):
curs = Cursor(urlsafe=self.GET("cursor"))
data, cursor, more = query.fetch_page(n, start_cursor=curs)
else:
data, cursor, more = query.fetch_page(n)
if data:
response["cursor"] = ""
for d in data:
try:
response["data"].append(d.to_api_object())
except Exception as e:
logging.exception(e)
if more:
response["cursor"] = cursor.urlsafe()
if self.GET('show_image_dates'):
if self.GET('type'):
if self.GET('type').upper() == 'CLASSIFICATION':
if 'data' in response:
image_ids = []
for classification in response['data']:
image_ids.append(
ndb.Key('APIData',
int(classification['image_id'])))
images = ndb.get_multi(image_ids)
for image in images:
date = ''
image_latlng = image.additional_data['latlng']
if 'date' in image.additional_data:
date = image.additional_data['date']
else:
date = image.created_time.strftime(
'%Y:%m:%d %H:%M:%S')
for i in range(0, len(response['data'])):
if response['data'][i]['image_id'] == str(
image.key.id()):
response['data'][i]['image_date'] = date
response['data'][i][
'image_latlng'] = image_latlng
if self.GET("callback"):
callback = self.GET("callback")
d = json.dumps(response)
self.response.out.write(callback + "(" + d + ");")
else:
wrap_response(self, response)
def post(self):
"""
Handles the /api/v1/data endpoint.
Creates a dataset.
"""
owner = None
response = {}
response["success"] = True
content_type = self.request.headers[
"Content_Type"] or self.request.headers["Content-Type"]
if not self.user:
if content_type == "application/json":
if "Authorization" not in self.request.headers:
logging.info("No Authorization in headers")
desc = "You must be logged in to use the API."
response["success"] = False
response["response"] = "AuthorizationError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
if self.request.headers["Authorization"] == API_KEY:
if not self.request.headers["From"]:
logging.info("No email defined")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
user_email = self.request.headers["From"].lower()
query = User.query()
owner = query.filter(
User.current_email == user_email).get()
if not owner:
logging.info("Cannot find user")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
else:
token = Token.get_by_id(
self.request.headers["Authorization"])
if not token:
logging.info(
"Cannot find token: " +
str(self.request.headers["Authorization"]))
desc = "The token you provided is invalid."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(token)
session = token.session.get()
if not session:
logging.info("Cannot find session")
desc = "The token has already expired."
response["error"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(session)
if session.expires < datetime.datetime.now(
) or session.status is False:
logging.info("token has expired or not active")
desc = "The token has already expired."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
owner = session.owner.get()
if not owner:
logging.info("Cannot find user")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
else:
if "Authorization" in self.request.headers:
token = Token.get_by_id(
self.request.headers["Authorization"])
if not token:
logging.info(
"Cannot find token: " +
str(self.request.headers["Authorization"]))
desc = "The token you provided is invalid."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(token)
session = token.session.get()
if not session:
logging.info("Cannot find session")
desc = "The token has already expired."
response["error"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
logging.info(session)
if session.expires < datetime.datetime.now(
) or session.status is False:
logging.info("token has expired or not active")
desc = "The token has already expired."
response["success"] = False
response["response"] = "InvalidTokenError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
owner = session.owner.get()
if not owner:
logging.info("Cannot find user")
desc = "Cannot find user."
response["success"] = False
response["response"] = "InvalidUserError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
else:
desc = "You must be logged in to use the API."
if self.POST("r"):
url = urllib.unquote(str(self.POST("r")))
if "?" in url:
url = url.split("?")[0]
url += "?error=" + urllib.quote(desc)
self.redirect(url)
else:
logging.info("User is not logged in")
desc = "You must be logged in to use the api."
response["success"] = False
response["response"] = "InvalidRequestError"
response["description"] = desc
response["code"] = 400
wrap_response(self, response)
return
else:
owner = self.user
logging.debug(content_type)
if content_type == 'application/json':
# d = write_to_api(json.loads(self.request.body), owner, content_type)
d = write_to_api(json.loads(self.request.body), owner)
else:
d = write_to_api_params(self.request.arguments(), owner,
content_type, False, self)
wrap_response(self, d.to_api_object())
def post(self, group_id=None):
if group_id:
response = {}
response["code"] = 200
response["data"] = []
response["description"] = ""
response["success"] = True
group = UserGroup.get_by_id(int(group_id))
if group:
if self.POST("action"):
if self.POST("action") == "delete_invited_user":
if self.POST("email").strip().lower(
) in group.invited_users:
group.invited_users.remove(
self.POST("email").strip().lower())
group.put()
response[
'description'] = 'Invitation to ' + self.POST(
'email').strip().lower(
) + ' has been cancelled.'
response["data"] = group.to_object()
elif self.POST("action") == "remove_member":
user_key = ndb.Key('User', int(self.POST('user_id')))
if user_key in group.users:
if group.environments:
for environment in group.environments:
environment = environment.get()
if environment:
if user_key in environment.users:
environment.users.remove(user_key)
environment.put()
group.users.remove(user_key)
group.put()
response["data"] = group.to_object()
response['description'] = 'User has been removed.'
else:
response['success'] = False
response[
'description'] = 'User is not a member of the user group.'
elif self.POST("action") == "invite_users":
if self.POST("email"):
for email in self.POST("email").strip().split(","):
email = email.strip().lower()
query = User.query()
query = query.filter(
User.current_email == email)
user = query.get()
if user:
user.user_groups.append(str(
group.key.id()))
user.put()
group.users.append(user.key)
else:
group.invited_users.append(email)
group.put()
response["data"] = group.to_object()
elif self.POST("action") == "leave_group":
if self.user.key in group.users:
group.users.remove(self.user.key)
group.put()
response["data"] = group.to_object()
response[
"description"] = "You have successfully left the " + group.title.upper(
) + " user group."
else:
response["success"] = False
response[
"description"] = "User is not part of the team."
elif self.POST("action") == "update_group":
if self.POST("group_name"):
query = Teams.query()
query = query.filter(Teams.team_name == self.POST(
"group_name").strip().upper())
group2 = query.get()
logging.info(group2)
logging.info(group)
if group2:
if str(group2.key.id()) != str(group.key.id()):
response["success"] = False
response[
"description"] = "User group already exists."
wrap_response(self, response)
return
group.title = self.POST(
"group_name").strip().upper()
if self.POST("group_description"):
group.description = self.POST("group_description")
group.put()
response["data"] = group.to_object()
wrap_response(self, response)
else:
if self.POST("group_name") \
and self.POST("group_description") \
and self.POST("group_member_emails"):
# Create Environment
# Only CLUSTERDIRECTOR role can create an environment
if self.user.role != "CLUSTERDIRECTOR":
msg = "You have insufficient rights to access this application."
error_message(self, msg)
self.redirect("/groups")
return
query = UserGroup.query()
query = query.filter(
UserGroup.title == self.POST("group_name").strip().upper())
group = query.get()
if group:
msg = "Could not create the user group. "
msg += self.POST("group_name").strip()
msg += " already exists."
error_message(self, msg)
else:
group = UserGroup()
group.title = self.POST("group_name").strip().upper()
group.description = self.POST("group_description").strip()
group.owner = self.user.key
for email in self.POST("group_member_emails").split(","):
email = email.strip().lower()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if user:
group.users.append(user.key)
else:
group.invited_users.append(email)
group.put()
self.user.user_groups.append(str(group.key.id()))
self.user.put()
msg = "User group has been saved."
success_message(self, msg)
self.redirect("/groups")