def get_languages(request):
"""
Get the list of languages for the entities in JSON
"""
lang = translation.get_language()
cache_name = 'languages:%s' % lang
languages = cache_manager.get('main', cache_name)
if languages:
return HttpResponseRest(request, languages)
languages = []
for language in Language.objects.all().order_by('code'):
languages.append({
'id': language.code,
'value': language.code,
'label': language.get_label()
})
# cache for 24h
cache_manager.set('main', cache_name, languages, 60 * 60 * 24)
return HttpResponseRest(request, languages)
def create_storage_location(request):
"""
Create a storage location.
"""
name = request.data['name']
label = request.data['label']
if isinstance(request.data['parent_storage_location'], int):
parent_storage_location = StorageLocation.objects.get(id=request.data['parent_storage_location'])
else:
parent_storage_location = None
lang = translation.get_language()
storage_location = StorageLocation.objects.create(
name=name,
parent=parent_storage_location,
label={lang: label},
)
result = {
'id': storage_location.id,
'name': storage_location.name,
'label': storage_location.get_label()
}
return HttpResponseRest(request, result)
def update_self_settings(request):
"""
Update or create a user setting.
"""
update_setting(request.user, request.data['name'], request.data['setting'],
request.data['version'])
return HttpResponseRest(request, {})
def get_classification_entry_children_list_count(request, cls_id):
"""
Return the count of direct children for the given classification entry.
"""
classification_entry = get_object_or_404(ClassificationEntry,
id=int(cls_id))
from main.cursor import CursorQuery
cq = CursorQuery(ClassificationEntry)
cq.set_synonym_model(ClassificationEntrySynonym)
# if only children
if request.GET.get('deeply', False):
cq.filter(parent_list__in=[classification_entry.id])
else:
cq.filter(parent=classification_entry.id)
if request.GET.get('filters'):
cq.filter(json.loads(request.GET['filters']))
count = cq.count()
results = {'count': count}
return HttpResponseRest(request, results)
def get_action_list_for_entity_id_count(request, ent_id):
# @todo
from main.cursor import CursorQuery
cq = CursorQuery(ActionToEntity)
# cq = ActionToEntity.objects.filter(entity_id=int(ent_id))
# @todo filter for action relating
cq.inner_join(Action, related_name='id', to_related_name='action_id', entity=int(ent_id))
cq.filter(entity=int(ent_id))
if request.GET.get('search'):
search = json.loads(request.GET['search'])
cq.filter(search)
if request.GET.get('filters'):
filters = json.loads(request.GET['filters'])
cq.filter(filters)
# print(cq.sql())
count = cq.count()
# cq.filter(input_batches__in=int(bat_id))
results = {
'count': count
}
return HttpResponseRest(request, results)
def get_entity(request):
"""
Retrieve an entity (generic details) from an app_label, model and object identifier.
In others words from its content type and its uniquer identifier.
@note Returned name if the natural name (it can be a name field or a code, the display label...).
"""
app_label = request.GET['app_label']
model = request.GET['model']
object_id = int(request.GET['object_id'])
if app_label and model and object_id:
content_type = ContentType.objects.get_by_natural_key(app_label, model)
entity = content_type.get_object_for_this_type(id=object_id)
results = {
'id': entity.id,
'uuid': str(entity.uuid),
'name': entity.natural_name(),
'content_type': "%s.%s" % (app_label, model),
'created_date': entity.created_date,
'modified_date': entity.modified_date,
'entity_status': entity.entity_status
}
return HttpResponseRest(request, results)
def delete_value_for_descriptor(request, des_id, val_id):
"""
Delete a single value for a descriptor.
"""
descriptor = get_object_or_404(Descriptor, id=int(des_id))
if descriptor.in_usage():
raise SuspiciousOperation(_("There is some data using the descriptor"))
format_type = descriptor.format
# internally stored values
if descriptor.values is not None:
values = descriptor.values
if format_type['trans']:
for lvalues in values:
del lvalues[val_id]
else:
del values[val_id]
descriptor.values = values
else:
# table stored values
values = descriptor.values_set.filter(code=val_id)
values.delete()
return HttpResponseRest(request, {})
def create_index(request):
descriptor_id = int(request.data.get('descriptor'))
target = request.data.get('target')
index_type = JSONBFieldIndexType(request.data.get('type', 0))
descriptor = Descriptor.objects.get(id=descriptor_id)
app_label, model = target.split('.')
target = ContentType.objects.get_by_natural_key(app_label, model)
index = DescriptorIndex.objects.create(descriptor=descriptor,
target=target,
type=index_type.value)
with transaction.atomic():
index.save()
index.create_or_drop_index()
response = {
'id': index.id,
'descriptor': index.descriptor.name,
'target': index.target.name.capitalize(),
'type': JSONBFieldIndexType(index.type).name
}
return HttpResponseRest(request, response)
def delete_accession(request, acc_id):
accession = get_object_or_404(Accession, id=int(acc_id))
accession.synonyms.all().delete()
accession.delete()
return HttpResponseRest(request, {})
def get_accession_list_count(request):
from main.cursor import CursorQuery
cq = CursorQuery(Accession)
if request.GET.get('search'):
search = json.loads(request.GET['search'])
cq.filter(search)
if request.GET.get('filters'):
filters = json.loads(request.GET['filters'])
cq.filter(filters)
cq.m2m_to_array_field(relationship=AccessionPanel.accessions,
selected_field='accessionpanel_id',
from_related_field='id',
to_related_field='accession_id',
alias='panels')
cq.m2m_to_array_field(relationship=Accession.classifications_entries,
selected_field='classification_entry_id',
from_related_field='id',
to_related_field='accession_id',
alias='classifications')
cq.set_synonym_model(AccessionSynonym)
count = cq.count()
results = {'count': count}
return HttpResponseRest(request, results)
def change_all_labels_of_classification_rank(request, crk_id):
"""
Changes all the label, for each language related to the user interface.
Returns only the local label.
"""
classification_rank = get_object_or_404(ClassificationRank, id=int(crk_id))
if not classification_rank.classification.can_modify:
raise PermissionDenied(_("The classification owning this rank is locked"))
labels = request.data
languages_values = [lang[0] for lang in InterfaceLanguages.choices()]
for lang, label in labels.items():
if lang not in languages_values:
raise SuspiciousOperation(_("Unsupported language identifier"))
classification_rank.label = labels
classification_rank.update_field('label')
classification_rank.save()
result = {
'label': classification_rank.get_label()
}
return HttpResponseRest(request, result)
def delete_classification_rank(request, crk_id):
"""
If possible delete a classification rank.
It is not possible if there is data using the classification or the status is valid.
"""
classification_rank = get_object_or_404(ClassificationRank, id=int(crk_id))
if not classification_rank.classification.can_modify:
raise PermissionDenied(_("The classification owning this rank is locked"))
if classification_rank.in_usage():
raise SuspiciousOperation(_("There is one or more entities using this classification rank"))
# l-shift next ranks level
with transaction.atomic():
ranks = classification_rank.classification.ranks.filter(level__gt=classification_rank.level).order_by('level')
classification_rank.delete()
# could use a set constraints level DEFERRED; but how with django and non raw ?
# fake with a minus level temporary
for rank in ranks:
rank.level = rank.level - 1
rank.save()
return HttpResponseRest(request, {})
def create_classification(request):
"""
Create a new classification with a label in the current language.
"""
parameters = request.data
language = translation.get_language()
if not Language.objects.filter(code=language).exists():
raise SuspiciousOperation(_("The language is not supported"))
if Classification.objects.filter(name=parameters['name']).exists():
raise SuspiciousOperation(_("A classification already exists with this name"))
classification = Classification()
classification.name = parameters['name']
classification.set_label(language, parameters['label'])
classification.description = parameters['description']
classification.save()
response = {
'id': classification.pk,
'name': classification.name,
'can_modify': classification.can_modify,
'can_delete': classification.can_delete,
'label': classification.get_label(),
'description': classification.description,
'num_classification_ranks': 0
}
return HttpResponseRest(request, response)
def add_city(request):
external_id = int_arg(request.data['external_id'])
lang = get_language()
manager = instance.geolocation_app.geolocation_manager
mgr_result = manager.create_city(external_id, lang)
country_r = manager.get_country(country_id=mgr_result['cou_id'], lang=lang)
response = {
'id': mgr_result['cit_id'],
'name': mgr_result['name'],
'lat': mgr_result['lat'],
'long': mgr_result['long'],
'display_names': mgr_result['alt_name'],
'country': {
'id': country_r['cou_id'],
'name': country_r['name'],
'code3': country_r['code3'],
'lat': country_r['lat'],
'long': country_r['long'],
'display_names': country_r['alt_name'],
'preferred_names': country_r['preferred_name'],
'short_names': country_r['short_name']
},
'preferred_names': mgr_result['preferred_name'],
'short_names': mgr_result['short_name']
}
return HttpResponseRest(request, response)
def city(request, cit_id):
lang = get_language()
manager = instance.geolocation_app.geolocation_manager
city_r = manager.get_city(city_id=int(cit_id), lang=lang)
country_r = manager.get_country(country_id=city_r['cou_id'], lang=lang)
result = {
'id': city_r['cit_id'],
'name': city_r['name'],
'lat': city_r['lat'],
'long': city_r['long'],
'display_names': city_r['alt_name'],
'country': {
'id': country_r['cou_id'],
'name': country_r['name'],
'code3': country_r['code3'],
'lat': country_r['lat'],
'long': country_r['long'],
'display_names': country_r['alt_name'],
'preferred_names': country_r['preferred_name'],
'short_names': country_r['short_name']
},
'preferred_names': city_r['preferred_name'],
'short_names': city_r['short_name']
}
return HttpResponseRest(request, result)
def add_user_permission(request, username):
permission = request.data['permission']
content_type = request.data['content_type']
object_id = int(
request.data['object']) if 'object' in request.data else None
if content_type == "auth.permission" and not request.user.is_superuser:
raise PermissionDenied(
_("Only a superuser can change an auth.permission"))
user = get_object_or_404(User, username=username)
app_label, model = content_type.split('.')
# content_type = get_object_or_404(ContentType, app_label=app_label, model=model)
content_type = ContentType.objects.get_by_natural_key(app_label, model)
if not object_id:
perm = get_object_or_404(Permission,
codename=permission,
content_type=content_type)
user.user_permissions.add(perm)
else:
obj = get_object_or_404(content_type.model, id=object_id)
UserObjectPermission.objects.assign_perm(permission,
user=user,
obj=obj)
return HttpResponseRest(request, {})
def add_group_permission(request, grp_id):
permission = request.data['permission']
content_type = request.data['content_type']
object_id = int(
request.data['object']) if 'object' in request.data else None
if content_type == "auth.permission" and not request.user.is_superuser:
raise PermissionDenied(
_("Only a superuser can change an auth.permission"))
group = get_object_or_404(Group, id=int(grp_id))
app_label, model = content_type.split('.')
content_type = ContentType.objects.get_by_natural_key(app_label, model)
if not object_id:
perm = get_object_or_404(Permission,
codename=permission,
content_type=content_type)
group.permissions.add(perm)
else:
obj = get_object_or_404(content_type.model, id=object_id)
GroupObjectPermission.objects.assign_perm(permission,
group=group,
obj=obj)
return HttpResponseRest(request, {})
def get_format_type_list(request):
"""
Return the list of format of action type
"""
groups = {}
items = {}
for ft in ActionStepFormatManager.values():
if ft.group:
if ft.group.name not in groups:
groups[ft.group.name] = {
'group': ft.group.name,
'label': str(ft.group.verbose_name)
}
if ft.name in items:
raise SuspiciousOperation(
"Already registered format of action type %s" % ft.name)
items[ft.name] = {
'id': ft.name,
'group': ft.group.name,
'value': ft.name,
'label': str(ft.verbose_name)
}
groups_list = sorted(list(groups.values()), key=lambda x: x['group'])
items_list = sorted(list(items.values()), key=lambda x: x['label'])
results = {'groups': groups_list, 'items': items_list}
return HttpResponseRest(request, results)
def get_descriptor_values(request, des_id):
"""
Get the list of values for a given descriptor and according to the current language.
"""
results_per_page = int_arg(request.GET.get('more', 30))
cursor = request.GET.get('cursor')
limit = results_per_page
sort_by = request.GET.get('sort_by', 'id')
descriptor = get_object_or_404(Descriptor, id=int(des_id))
if sort_by.startswith('-'):
order_by = sort_by[1:]
reverse = True
elif sort_by.startswith('+'):
order_by = sort_by[1:]
reverse = False
else:
order_by = sort_by
reverse = False
prev_cursor, next_cursor, values_list = descriptor.get_values(
order_by, reverse, cursor, limit)
results = {
'sort_by': sort_by,
'prev': prev_cursor,
'cursor': cursor,
'next': next_cursor,
'format': descriptor.format,
'items': values_list,
}
return HttpResponseRest(request, results)
def get_count_classification_entry_related(request, cls_id):
"""
Return the list of related classification entries for the given classification entry.
"""
classification_entry = get_object_or_404(ClassificationEntry,
id=int(cls_id))
from main.cursor import CursorQuery
cq = CursorQuery(ClassificationEntry)
cq.inner_join(ClassificationEntry,
related_name='related',
to_related_name='to_classificationentry',
from_classificationentry=classification_entry.pk)
if request.GET.get('search'):
cq.filter(json.loads(request.GET['search']))
if request.GET.get('filters'):
cq.filter(json.loads(request.GET['filters']))
count = cq.count()
results = {'count': count}
return HttpResponseRest(request, results)
def post_entity_synonym_type(request):
"""
Create an new entity synonym type.
"""
name = request.data['name']
label = request.data['label']
target_model_name = request.data['target_model']
app_label, model = target_model_name.split('.')
content_type = get_object_or_404(ContentType, app_label=app_label, model=model)
lang = translation.get_language()
entity_synonym_type = EntitySynonymType()
entity_synonym_type.name = name
entity_synonym_type.set_label(lang, label)
entity_synonym_type.target_model = content_type
entity_synonym_type.save()
results = {
'id': entity_synonym_type.pk,
'value': entity_synonym_type.pk, # st.name
'name': entity_synonym_type.name,
'label': entity_synonym_type.get_label(),
'unique': entity_synonym_type.unique,
'multiple_entry': entity_synonym_type.multiple_entry,
'has_language': entity_synonym_type.has_language,
'target_model': ".".join(entity_synonym_type.target_model.natural_key()),
'can_delete': entity_synonym_type.can_delete,
'can_modify': entity_synonym_type.can_modify
}
return HttpResponseRest(request, results)
def accession_batches_list_count(request, acc_id):
accession = get_object_or_404(Accession, id=int(acc_id))
# check permission on accession object
perms = get_permissions_for(request.user, accession.content_type.app_label,
accession.content_type.model, accession.pk)
if 'accession.get_accession' not in perms:
raise PermissionDenied(
_('Invalid permission to access to this accession'))
from main.cursor import CursorQuery
cq = CursorQuery(Batch)
if request.GET.get('search'):
search = json.loads(request.GET['search'])
cq.filter(search)
if request.GET.get('filters'):
filters = json.loads(request.GET['filters'])
cq.filter(filters)
cq.filter(accession=accession.id)
count = cq.count()
results = {'count': count}
return HttpResponseRest(request, results)
def get_batch_parents_batches_list(request, bat_id):
results_per_page = int_arg(request.GET.get('more', 30))
cursor = request.GET.get('cursor')
limit = results_per_page
parent_batch = get_object_or_404(Batch, id=int(bat_id))
# check permission on accession object
perms = get_permissions_for(request.user,
parent_batch.accession.content_type.app_label,
parent_batch.accession.content_type.model,
parent_batch.accession.pk)
if 'accession.get_accession' not in perms:
raise PermissionDenied(
_('Invalid permission to access to this accession'))
if cursor:
cursor = json.loads(cursor)
cursor_name, cursor_id = cursor
batches = parent_batch.batches.filter(Q(name__gt=cursor_name))
else:
batches = parent_batch.batches.all()
batches = batches.order_by('name')[:limit]
items_list = []
for batch in batches:
b = {
'id': batch.pk,
'name': batch.name,
'accession': batch.accession_id,
'layout': batch.layout_id,
'descriptors': batch.descriptors,
'location': batch.location
}
items_list.append(b)
if len(items_list) > 0:
# prev cursor (asc order)
obj = items_list[0]
prev_cursor = (obj['name'], obj['id'])
# next cursor (asc order)
obj = items_list[-1]
next_cursor = (obj['name'], obj['id'])
else:
prev_cursor = None
next_cursor = None
results = {
'perms': [],
'items': items_list,
'prev': prev_cursor,
'cursor': cursor,
'next': next_cursor,
}
return HttpResponseRest(request, results)
def get_media(request, uuid):
"""
Returns the media details (mime-type, file name, size...) but not the file content.
"""
media = get_object_or_404(Media, uuid=uuid)
# check user permission on the media
if media.owner_content_type == "auth.user":
if media.owner_object_id != request.user.pk:
raise PermissionDenied(_('Your are not the owner of the media'))
else:
perms = get_permissions_for(request.user,
media.owner_content_type.app_label,
media.owner_content_type.model,
media.owner_object_id)
if len(perms) == 0:
raise PermissionDenied(_('No permissions to the owner entity'))
result = {
'id': media.pk,
'uuid': media.uuid,
'name': media.name,
'created_date': media.created_date,
'modified_date': media.modified_date,
'file_name': media.file_name,
'file_size': media.file_size,
'mime_type': media.mime_type
}
return HttpResponseRest(request, result)
def create_classification_entry(request):
"""
Create a new classification entry with a primary synonym in the current language.
"""
parameters = request.data
parent = None
if parameters.get('parent'):
parent_id = int_arg(parameters['parent'])
parent = get_object_or_404(ClassificationEntry, id=parent_id)
rank_id = int_arg(parameters['rank'])
language = parameters['language']
layout = request.data.get('layout')
descriptors = request.data.get('descriptors')
if not Language.objects.filter(code=language).exists():
raise SuspiciousOperation(_("The language is not supported"))
if layout is not None and descriptors is not None:
layout_id = int_arg(layout)
content_type = get_object_or_404(ContentType,
app_label="classification",
model="classificationentry")
layout = get_object_or_404(Layout, id=layout_id, target=content_type)
else:
# @todo do we allow that ?
layout = None
classification_entry = None
try:
with transaction.atomic():
classification_entry = ClassificationEntryManager.create_classification_entry(
parameters['name'], rank_id, parent, language, layout,
descriptors)
except IntegrityError as e:
Descriptor.integrity_except(ClassificationEntry, e)
response = {
'id': classification_entry.id,
'name': classification_entry.name,
'rank': classification_entry.rank_id,
'parent': classification_entry.parent_id if parent else None,
'parent_list': classification_entry.parent_list,
'synonyms': [],
'layout': classification_entry.layout_id if layout else None,
'descriptors': classification_entry.descriptors
}
for s in classification_entry.synonyms.all():
response['synonyms'].append({
'id': s.id,
'name': s.name,
'synonym_type': s.synonym_type_id,
'language': s.language
})
return HttpResponseRest(request, response)
def get_self_permissions_for_entity(request, content_type, ent_id):
"""
User get its own permissions for its session for a specific entity
"""
user = get_object_or_404(User, username=request.user.username)
permissions = []
app_label, model = content_type.split('.')
content_type = ContentType.objects.get_by_natural_key(app_label, model)
entity = get_object_or_404(content_type.model_class(), int(ent_id))
perms = get_perms(user, entity)
permission_details = Permission.objects.find(codename__in=perms)
lookup = {}
for perm in permission_details:
lookup[perm.codename] = perm.name
for perm in perms:
perm_detail = lookup.get(perm)
if perm_detail:
permissions.append({
'id': perm,
'name': perm_detail,
'app_label': app_label
})
return HttpResponseRest(request, permissions)
def get_format_unit_list(request):
"""
Return the list of units of format.
"""
groups = {}
items = {}
for fu in DescriptorFormatUnitManager.values():
if fu.group:
if fu.group.name not in groups:
groups[fu.group.name] = {
'group': fu.group.name,
'label': str(fu.group.verbose_name)
}
if fu.name in items:
raise SuspiciousOperation(
"Already registered descriptor format unit %s" % fu.name)
items[fu.name] = {
'id': fu.name,
'group': fu.group.name,
'value': fu.name,
'label': str(fu.verbose_name)
}
groups_list = sorted(list(groups.values()), key=lambda x: x['group'])
items_list = sorted(list(items.values()), key=lambda x: x['id'])
results = {'groups': groups_list, 'items': items_list}
return HttpResponseRest(request, results)
def get_permission_types(request):
"""
Get the list of permissions type in JSON
"""
logger.debug("Cache miss for permission.permission-type")
ignore_list = [
'admin.',
'contenttypes.',
'guardian.',
'main.profile.',
'main.settings.',
'sessions.',
'sites.',
]
for module in module_manager.modules:
if hasattr(module, 'ignored_permission_types'):
ignore_list.extend(module.ignored_permission_types)
types = []
for perm in Permission.objects.all().select_related('content_type'):
pid = "%s.%s.%s" % (perm.content_type.app_label,
perm.content_type.model, perm.codename)
add = True
for ignore_pattern in ignore_list:
if pid.startswith(ignore_pattern):
add = False
break
if add:
types.append({'id': perm.id, 'value': pid, 'label': perm.name})
return HttpResponseRest(request, types)
def get_session_status(request):
"""
Get current session status. Returns true if the session still authenticated.
"""
result = {'is_auth': request.user.is_authenticated}
return HttpResponseRest(request, result)
def patch_user(request, username):
user = get_object_or_404(User, username=username)
update = False
result = {'id': user.pk}
if 'is_active' in request.data:
update = True
user.is_active = request.data['is_active']
result['is_active'] = user.is_active
# update the pending state if necessary
try:
profile = Profile.objects.get(user=user)
if user.is_active and profile.pending:
profile.pending = False
profile.save()
except Profile.DoesNotExist:
pass
if 'is_staff' in request.data:
update = True
user.is_staff = request.data['is_staff']
result['is_staff'] = user.is_staff
if 'is_superuser' in request.data:
update = True
user.is_superuser = request.data['is_superuser']
result['is_superuser'] = user.is_superuser
if update:
user.save()
return HttpResponseRest(request, result)
