class Meta:
resource_name = "funfconfig"
list_allowed_methods = ["delete", "get", "post"]
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=True)
object_class = Document
collection = "funfconfig" # collection name
class Meta:
queryset = Device.objects.all()
allowed_methods = ("get", "post", "delete")
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=True)
filtering = {"datastore_owner": ALL_WITH_RELATIONS}
limit = 20
class Meta:
resource_name = "answer"
list_allowed_methods = ["get", "post"]
help_text = 'resource help text...'
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=True)
object_class = Document
isList = False
class Meta:
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=False)
resource_name = "funf"
list_allowed_methods = ["delete", "get", "post"]
object_class = Document
collection = "funf" # collection name
filtering = {"key": ["exact"]}
class Meta:
authentication = OAuth2Authentication("crowdsos_write")
authorization = PDSAuthorization(scope="crowdsos_write",
audit_enabled=False)
resource_name = "incident"
list_allowed_methods = ["delete", "get", "post"]
object_class = Document
collection = "incident"
filtering = {"type": ["exact"]}
class Meta:
# NOTE: We're using funf_write as the scope just so we don't have to add a new scope to all tokens that will be used for the app
# moving forward, this should have its own scope of meetup_write, or something like that
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=False)
collection = "meetup_request"
resource_name = "meetup_request"
list_allowed_methods = ["delete", "get", "post"]
object_class = Document
class Meta:
queryset = AuditEntry.objects.extra({
'date': 'date(timestamp)'
}).values('date').annotate(count=models.Count("id"))
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=False)
fields = ['date', 'count']
allowed_methods = ('get')
filtering = {
"date": ["gte", "lte", "gt", "lt"],
"datastore_owner": ALL_WITH_RELATIONS
}
ordering = ("date")
def is_authorized(self, request, object=None):
# pdb.set_trace()
authenticator = OAuth2Authentication(self.scope)
if "datastore_owner__uuid" in request.REQUEST:
authorized = True
token = request.REQUEST[
"bearer_token"] if "bearer_token" in request.REQUEST else request.META[
"HTTP_BEARER_TOKEN"]
# Result will be the uuid of the requesting party
# Note: the trustwrapper must be run regardless of if auditting is enabled on this call or not
datastore_owner_uuid = request.REQUEST["datastore_owner__uuid"]
datastore_owner, ds_owner_created = Profile.objects.get_or_create(
uuid=datastore_owner_uuid)
self.requester_uuid = authenticator.get_userinfo_from_token(
token, self.scope)
if self.requester_uuid is False or self.requester_uuid is None or len(
self.requester_uuid) == 0:
self.requester_uuid = "not-specified"
authorized = False
self.trustWrapper(datastore_owner)
try:
if (self.audit_enabled):
#pdb.set_trace()
audit_entry = AuditEntry(token=token)
audit_entry.method = request.method
audit_entry.scope = self.scope
audit_entry.purpose = request.REQUEST[
"purpose"] if "purpose" in request.REQUEST else ""
audit_entry.system_entity_toggle = request.REQUEST[
"system_entity"] if "system_entity" in request.REQUEST else False
# NOTE: datastore_owner and requester are required
# if they're not available, the KeyError exception should raise and terminate the request
audit_entry.datastore_owner = datastore_owner
audit_entry.requester, created = Profile.objects.get_or_create(
uuid=self.requester_uuid)
audit_entry.script = request.path
audit_entry.save()
except Exception as e:
print e
authorized = False
return authorized
return False
class Meta:
queryset = AuditEntry.objects.all()
# POST is provided to allow a Resource or Sandbox server to store audit entries on the PDS
allowed_methods = ('get', 'post')
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=False)
filtering = {
"datastore_owner": ALL_WITH_RELATIONS,
"timestamp": ["gte", "lte", "gt", "lt"],
"script": ["contains"],
"requester": ALL_WITH_RELATIONS
}
ordering = ('timestamp')
limit = 20
class Meta:
queryset = Profile.objects.all()
authentication = OAuth2Authentication("funf_write")
authorization = PDSAuthorization(scope="funf_write",
audit_enabled=True)
filtering = {"uuid": ["contains", "exact"]}