def es_proxy(request):
user = request.user
es_path = request.path.replace('/elastic', '')
resource_requested = parse_request_path(es_path)
# Allow access to the cluster _mapping and _nodes for kibana
if resource_requested['cluster'] == True:
if resource_requested['call'] not in ['_mapping', '_nodes']:
raise PermissionDenied()
request_method = requests.get
# Allow access to _search by POST only
else:
if request.method not in ['POST', 'GET'] or resource_requested['call'] != '_search':
raise PermissionDenied()
request_method = requests.post
r = request_method('http://localhost:9200%s' % es_path, data=request.body)
if resource_requested['cluster']:
content = r.content
else:
es_response = json.loads(r.content)
if 'hits' in es_response.keys():
for index, record in enumerate(es_response['hits']['hits']):
index_name = record['_type']
es_response['hits']['hits'][index]['_source'] = restrict_access(record['_source'], index_name, user)
content = json.dumps(es_response)
return HttpResponse(content, content_type="application/json")
def to_representation(self, obj):
# Here we figure out if the user has access to this data object
# through a data sharing agreement or since the object is permitted
# to all users
from globallometree.apps.data_sharing.data_tools import restrict_access
record = super(LinkedModelSerializer, self).to_representation(obj)
if 'request' in self.context.keys():
return restrict_access(record, self.elasticsearch_index_name, self.context['request'].user)
else:
return record
