def read_detail(self, object_list, bundle): # noqa # too complex
if bundle.request.user.is_authenticated() and \
bundle.request.user.is_superuser:
return True
if isinstance(bundle.obj, Experiment):
return has_experiment_access(bundle.request, bundle.obj.id)
elif isinstance(bundle.obj, ExperimentParameterSet):
return has_experiment_access(
bundle.request, bundle.obj.experiment.id)
elif isinstance(bundle.obj, ExperimentParameter):
return has_experiment_access(
bundle.request, bundle.obj.parameterset.experiment.id)
elif isinstance(bundle.obj, Dataset):
return has_dataset_access(bundle.request, bundle.obj.id)
elif isinstance(bundle.obj, DatasetParameterSet):
return has_dataset_access(bundle.request, bundle.obj.dataset.id)
elif isinstance(bundle.obj, DatasetParameter):
return has_dataset_access(
bundle.request, bundle.obj.parameterset.dataset.id)
elif isinstance(bundle.obj, DataFile):
return has_datafile_access(bundle.request, bundle.obj.id)
elif isinstance(bundle.obj, DatafileParameterSet):
return has_datafile_access(
bundle.request, bundle.obj.datafile.id)
elif isinstance(bundle.obj, DatafileParameter):
return has_datafile_access(
bundle.request, bundle.obj.parameterset.datafile.id)
elif isinstance(bundle.obj, User):
# allow all authenticated users to read public user info
# the dehydrate function also adds/removes some information
authenticated = bundle.request.user.is_authenticated()
public_user = bundle.obj.experiment_set.filter(
public_access__gt=1).count() > 0
return public_user or authenticated
elif isinstance(bundle.obj, Schema):
return True
elif isinstance(bundle.obj, ParameterName):
return True
elif isinstance(bundle.obj, StorageBox):
return bundle.request.user.is_authenticated()
elif isinstance(bundle.obj, StorageBoxOption):
return bundle.request.user.is_authenticated() and \
bundle.obj.key in StorageBoxOptionResource.accessible_keys
elif isinstance(bundle.obj, StorageBoxAttribute):
return bundle.request.user.is_authenticated()
elif isinstance(bundle.obj, Group):
return bundle.obj in bundle.request.user.groups.all()
elif isinstance(bundle.obj, Facility):
return bundle.obj in facilities_managed_by(bundle.request.user)
elif isinstance(bundle.obj, Instrument):
facilities = facilities_managed_by(bundle.request.user)
return bundle.obj.facility in facilities
raise NotImplementedError(type(bundle.obj))
def read_detail(self, object_list, bundle): # noqa # too complex
if bundle.request.user.is_authenticated() and \
bundle.request.user.is_superuser:
return True
if isinstance(bundle.obj, Experiment):
return has_experiment_access(bundle.request, bundle.obj.id)
elif isinstance(bundle.obj, ExperimentParameterSet):
return has_experiment_access(
bundle.request, bundle.obj.experiment.id)
elif isinstance(bundle.obj, ExperimentParameter):
return has_experiment_access(
bundle.request, bundle.obj.parameterset.experiment.id)
elif isinstance(bundle.obj, Dataset):
return has_dataset_access(bundle.request, bundle.obj.id)
elif isinstance(bundle.obj, DatasetParameterSet):
return has_dataset_access(bundle.request, bundle.obj.dataset.id)
elif isinstance(bundle.obj, DatasetParameter):
return has_dataset_access(
bundle.request, bundle.obj.parameterset.dataset.id)
elif isinstance(bundle.obj, DataFile):
return has_datafile_access(bundle.request, bundle.obj.id)
elif isinstance(bundle.obj, DatafileParameterSet):
return has_datafile_access(
bundle.request, bundle.obj.datafile.id)
elif isinstance(bundle.obj, DatafileParameter):
return has_datafile_access(
bundle.request, bundle.obj.parameterset.datafile.id)
elif isinstance(bundle.obj, User):
# allow all authenticated users to read public user info
# the dehydrate function also adds/removes some information
authenticated = bundle.request.user.is_authenticated()
public_user = bundle.obj.experiment_set.filter(
public_access__gt=1).count() > 0
return public_user or authenticated
elif isinstance(bundle.obj, Schema):
return True
elif isinstance(bundle.obj, ParameterName):
return True
elif isinstance(bundle.obj, StorageBox):
return bundle.request.user.is_authenticated()
elif isinstance(bundle.obj, StorageBoxOption):
return bundle.request.user.is_authenticated() and \
bundle.obj.key in StorageBoxOptionResource.accessible_keys
elif isinstance(bundle.obj, StorageBoxAttribute):
return bundle.request.user.is_authenticated()
elif isinstance(bundle.obj, Group):
return bundle.obj in bundle.request.user.groups.all()
elif isinstance(bundle.obj, Facility):
return bundle.obj in facilities_managed_by(bundle.request.user)
elif isinstance(bundle.obj, Instrument):
facilities = facilities_managed_by(bundle.request.user)
return bundle.obj.facility in facilities
raise NotImplementedError(type(bundle.obj))
def load_dataset_image(request, parameter_id):
parameter = DatasetParameter.objects.get(pk=parameter_id)
dataset = parameter.parameterset.dataset
if authz.has_dataset_access(request, dataset.id):
return load_image(request, parameter)
else:
return return_response_error(request)
def display_dataset_image(
request, dataset_id, parameterset_id, parameter_name):
# TODO handle not exist
if not authz.has_dataset_access(request, dataset_id):
return return_response_error(request)
image = DatasetParameter.objects.get(name__name=parameter_name,
parameterset=parameterset_id)
return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def display_dataset_image(request, dataset_id, parameterset_id,
parameter_name):
# TODO handle not exist
if not authz.has_dataset_access(request, dataset_id):
return return_response_error(request)
image = DatasetParameter.objects.get(name__name=parameter_name,
parameterset=parameterset_id)
return HttpResponse(b64decode(image.string_value),
content_type='image/jpeg')
def read_detail(self, object_list, bundle):
if bundle.request.user.is_authenticated() and \
bundle.request.user.is_superuser:
return True
if type(bundle.obj) == Experiment:
return has_experiment_access(bundle.request, bundle.obj.id)
elif type(bundle.obj) == ExperimentParameterSet:
return has_experiment_access(
bundle.request, bundle.obj.experiment.id)
elif type(bundle.obj) == ExperimentParameter:
return has_experiment_access(
bundle.request, bundle.obj.parameterset.experiment.id)
elif type(bundle.obj) == Dataset:
return has_dataset_access(bundle.request, bundle.obj.id)
elif type(bundle.obj) == DatasetParameterSet:
return has_dataset_access(bundle.request, bundle.obj.dataset.id)
elif type(bundle.obj) == DatasetParameter:
return has_dataset_access(
bundle.request, bundle.obj.parameterset.dataset.id)
elif type(bundle.obj) == Dataset_File:
return has_datafile_access(bundle.request, bundle.obj.id)
elif type(bundle.obj) == DatafileParameterSet:
return has_datafile_access(
bundle.request, bundle.obj.dataset_file.id)
elif type(bundle.obj) == DatafileParameter:
return has_datafile_access(
bundle.request, bundle.obj.parameterset.dataset_file.id)
elif type(bundle.obj) == User:
# allow all authenticated users to read user list
return bundle.request.user.is_authenticated()
elif type(bundle.obj) == Schema:
return bundle.request.user.is_authenticated()
elif type(bundle.obj) == ParameterName:
return bundle.request.user.is_authenticated()
elif type(bundle.obj) == Location:
return bundle.request.user.is_authenticated()
raise NotImplementedError(type(bundle.obj))
def read_list(self, object_list, bundle): # noqa # too complex
obj_ids = [obj.id for obj in object_list]
if bundle.request.user.is_authenticated() and \
bundle.request.user.is_superuser:
return object_list
if isinstance(bundle.obj, Experiment):
experiments = Experiment.safe.all(bundle.request.user)
return experiments.filter(id__in=obj_ids)
elif isinstance(bundle.obj, ExperimentParameterSet):
experiments = Experiment.safe.all(bundle.request.user)
return ExperimentParameterSet.objects.filter(
experiment__in=experiments, id__in=obj_ids)
elif isinstance(bundle.obj, ExperimentParameter):
experiments = Experiment.safe.all(bundle.request.user)
return ExperimentParameter.objects.filter(
parameterset__experiment__in=experiments,
id__in=obj_ids
)
elif isinstance(bundle.obj, Dataset):
dataset_ids = [ds.id for ds in object_list
if has_dataset_access(bundle.request, ds.id)]
return Dataset.objects.filter(id__in=dataset_ids)
elif isinstance(bundle.obj, DatasetParameterSet):
return [dps for dps in object_list
if has_dataset_access(bundle.request, dps.dataset.id)]
elif isinstance(bundle.obj, DatasetParameter):
return [dp for dp in object_list
if has_dataset_access(bundle.request,
dp.parameterset.dataset.id)]
elif isinstance(bundle.obj, DataFile):
all_files = get_accessible_datafiles_for_user(bundle.request)
return all_files.filter(id__in=obj_ids)
elif isinstance(bundle.obj, DatafileParameterSet):
datafiles = get_accessible_datafiles_for_user(bundle.request)
return DatafileParameterSet.objects.filter(
datafile__in=datafiles, id__in=obj_ids
)
elif isinstance(bundle.obj, DatafileParameter):
datafiles = get_accessible_datafiles_for_user(bundle.request)
return DatafileParameter.objects.filter(
parameterset__datafile__in=datafiles, id__in=obj_ids)
elif isinstance(bundle.obj, Schema):
return object_list
elif isinstance(bundle.obj, ParameterName):
return object_list
elif isinstance(bundle.obj, ObjectACL):
experiment_ids = Experiment.safe.all(
bundle.request.user).values_list('id', flat=True)
return ObjectACL.objects.filter(
content_type__model='experiment',
object_id__in=experiment_ids,
id__in=obj_ids
)
elif bundle.request.user.is_authenticated() and \
isinstance(bundle.obj, User):
if len(facilities_managed_by(bundle.request.user)) > 0:
return object_list
else:
return [user for user in object_list if
(user == bundle.request.user or
user.experiment_set.filter(public_access__gt=1)
.count() > 0)]
elif isinstance(bundle.obj, Group):
if facilities_managed_by(bundle.request.user).count() > 0:
return object_list
else:
return bundle.request.user.groups.filter(id__in=obj_ids)
elif isinstance(bundle.obj, Facility):
facilities = facilities_managed_by(bundle.request.user)
return [facility for facility in object_list
if facility in facilities]
elif isinstance(bundle.obj, Instrument):
facilities = facilities_managed_by(bundle.request.user)
instruments = Instrument.objects.filter(facility__in=facilities)
return [instrument for instrument in object_list
if instrument in instruments]
elif isinstance(bundle.obj, StorageBox):
return object_list
elif isinstance(bundle.obj, StorageBoxOption):
return [option for option in object_list
if option.key in StorageBoxOptionResource.accessible_keys]
elif isinstance(bundle.obj, StorageBoxAttribute):
return object_list
else:
return []
def read_list(self, object_list, bundle): # noqa # too complex
obj_ids = [obj.id for obj in object_list]
if bundle.request.user.is_authenticated() and \
bundle.request.user.is_superuser:
return object_list
if isinstance(bundle.obj, Experiment):
experiments = Experiment.safe.all(bundle.request.user)
return experiments.filter(id__in=obj_ids)
elif isinstance(bundle.obj, ExperimentParameterSet):
experiments = Experiment.safe.all(bundle.request.user)
return ExperimentParameterSet.objects.filter(
experiment__in=experiments, id__in=obj_ids)
elif isinstance(bundle.obj, ExperimentParameter):
experiments = Experiment.safe.all(bundle.request.user)
return ExperimentParameter.objects.filter(
parameterset__experiment__in=experiments, id__in=obj_ids)
elif isinstance(bundle.obj, Dataset):
dataset_ids = [
ds.id for ds in object_list
if has_dataset_access(bundle.request, ds.id)
]
return Dataset.objects.filter(id__in=dataset_ids)
elif isinstance(bundle.obj, DatasetParameterSet):
return [
dps for dps in object_list
if has_dataset_access(bundle.request, dps.dataset.id)
]
elif isinstance(bundle.obj, DatasetParameter):
return [
dp for dp in object_list if has_dataset_access(
bundle.request, dp.parameterset.dataset.id)
]
elif isinstance(bundle.obj, DataFile):
all_files = get_accessible_datafiles_for_user(bundle.request)
return all_files.filter(id__in=obj_ids)
elif isinstance(bundle.obj, DatafileParameterSet):
datafiles = get_accessible_datafiles_for_user(bundle.request)
return DatafileParameterSet.objects.filter(datafile__in=datafiles,
id__in=obj_ids)
elif isinstance(bundle.obj, DatafileParameter):
datafiles = get_accessible_datafiles_for_user(bundle.request)
return DatafileParameter.objects.filter(
parameterset__datafile__in=datafiles, id__in=obj_ids)
elif isinstance(bundle.obj, Schema):
return object_list
elif isinstance(bundle.obj, ParameterName):
return object_list
elif isinstance(bundle.obj, ObjectACL):
experiment_ids = Experiment.safe.all(
bundle.request.user).values_list('id', flat=True)
return ObjectACL.objects.filter(content_type__model='experiment',
object_id__in=experiment_ids,
id__in=obj_ids)
elif bundle.request.user.is_authenticated() and \
isinstance(bundle.obj, User):
if len(facilities_managed_by(bundle.request.user)) > 0:
return object_list
else:
return [
user for user in object_list
if (user == bundle.request.user or user.experiment_set.
filter(public_access__gt=1).count() > 0)
]
elif isinstance(bundle.obj, Group):
if facilities_managed_by(bundle.request.user).count() > 0:
return object_list
else:
return bundle.request.user.groups.filter(id__in=obj_ids)
elif isinstance(bundle.obj, Facility):
facilities = facilities_managed_by(bundle.request.user)
return [
facility for facility in object_list if facility in facilities
]
elif isinstance(bundle.obj, Instrument):
facilities = facilities_managed_by(bundle.request.user)
instruments = Instrument.objects.filter(facility__in=facilities)
return [
instrument for instrument in object_list
if instrument in instruments
]
elif isinstance(bundle.obj, StorageBox):
return object_list
elif isinstance(bundle.obj, StorageBoxOption):
return [
option for option in object_list
if option.key in StorageBoxOptionResource.accessible_keys
]
elif isinstance(bundle.obj, StorageBoxAttribute):
return object_list
else:
return []
def read_list(self, object_list, bundle):
if bundle.request.user.is_authenticated() and \
bundle.request.user.is_superuser:
return object_list
if type(bundle.obj) == Experiment:
return type(bundle.obj).safe.all(bundle.request.user)
elif type(bundle.obj) == ExperimentParameterSet:
experiments = Experiment.safe.all(bundle.request.user)
eps_list = []
for eps in object_list:
exp = eps.experiment
if exp in experiments:
eps_list.append(eps)
return eps_list
elif type(bundle.obj) == ExperimentParameter:
experiments = Experiment.safe.all(bundle.request.user)
ep_list = []
for ep in object_list:
exp = ep.experiment
if exp in experiments:
ep_list.append(ep)
return eps_list
elif type(bundle.obj) == Dataset:
datasets = []
for ds in object_list:
if has_dataset_access(bundle.request, ds.id):
datasets.append(ds)
return datasets
elif type(bundle.obj) == DatasetParameterSet:
dps_list = []
for dps in object_list:
if has_dataset_access(bundle.request, dps.dataset.id):
dps_list.append(dps)
return dps_list
elif type(bundle.obj) == DatasetParameter:
dp_list = []
for dp in object_list:
if has_dataset_access(bundle.request,
dp.parameterset.dataset.id):
dp_list.append(dp)
return dp_list
elif type(bundle.obj) == Dataset_File:
all_dfs = set(
get_accessible_datafiles_for_user(bundle.request))
return list(all_dfs.intersection(object_list))
elif type(bundle.obj) == DatafileParameterSet:
datafiles = get_accessible_datafiles_for_user(bundle.request)
dfps_list = []
for dfps in object_list:
if dfps.dataset_file in datafiles:
dfps_list.append(dfps)
return dfps_list
elif type(bundle.obj) == DatafileParameter:
datafiles = get_accessible_datafiles_for_user(bundle.request)
dfp_list = []
for dfp in object_list:
if dfp.parameterset.dataset_file in datafiles:
dfp_list.append(dfp)
return dfp_list
else:
return []
def load_dataset_image(request, parameter_id):
parameter = DatasetParameter.objects.get(pk=parameter_id)
dataset = parameter.parameterset.dataset
if authz.has_dataset_access(request, dataset.id):
return load_image(request, parameter)
return return_response_error(request)
