def put(self, item_id, label='', content=''):
# INFO - D.A. This method is a raw copy of
# TODO - SECURE THIS
workspace = tmpl_context.workspace
try:
api = ContentApi(tmpl_context.current_user)
item = api.get_one(int(item_id), self._item_type, workspace)
with new_revision(item):
api.update_content(item, label, content)
api.save(item, ActionDescription.REVISION)
msg = _('{} updated').format(self._item_type_label)
tg.flash(msg, CST.STATUS_OK)
tg.redirect(
self._std_url.format(tmpl_context.workspace_id,
tmpl_context.folder_id, item.content_id))
except SameValueError as e:
msg = _('{} not updated: the content did not change').format(
self._item_type_label)
tg.flash(msg, CST.STATUS_WARNING)
tg.redirect(
self._err_url.format(tmpl_context.workspace_id,
tmpl_context.folder_id, item_id))
except ValueError as e:
msg = _('{} not updated - error: {}').format(
self._item_type_label, str(e))
tg.flash(msg, CST.STATUS_ERROR)
tg.redirect(
self._err_url.format(tmpl_context.workspace_id,
tmpl_context.folder_id, item_id))
def put(self, item_id, label='',content=''):
# TODO - SECURE THIS
workspace = tmpl_context.workspace
try:
api = ContentApi(tmpl_context.current_user)
item = api.get_one(int(item_id), self._item_type, workspace)
with new_revision(item):
api.update_content(item, label, content)
if not self._path_validation.validate_new_content(item):
return render_invalid_integrity_chosen_path(
item.get_label(),
)
api.save(item, ActionDescription.REVISION)
msg = _('{} updated').format(self._item_type_label)
tg.flash(msg, CST.STATUS_OK)
tg.redirect(self._std_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item.content_id))
except SameValueError as e:
msg = _('{} not updated: the content did not change').format(self._item_type_label)
tg.flash(msg, CST.STATUS_WARNING)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
except ValueError as e:
msg = _('{} not updated - error: {}').format(self._item_type_label, str(e))
tg.flash(msg, CST.STATUS_ERROR)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
def put(self, folder_id, label, can_contain_folders=False, can_contain_threads=False, can_contain_files=False, can_contain_pages=False):
# TODO - SECURE THIS
workspace = tmpl_context.workspace
api = ContentApi(tmpl_context.current_user)
next_url = ''
try:
folder = api.get_one(int(folder_id), ContentType.Folder, workspace)
subcontent = dict(
folder = True if can_contain_folders=='on' else False,
thread = True if can_contain_threads=='on' else False,
file = True if can_contain_files=='on' else False,
page = True if can_contain_pages=='on' else False
)
if label != folder.label:
# TODO - D.A. - 2015-05-25 - Allow to set folder description
api.update_content(folder, label, folder.description)
api.set_allowed_content(folder, subcontent)
api.save(folder)
tg.flash(_('Folder updated'), CST.STATUS_OK)
next_url = self.url(folder.content_id)
except Exception as e:
tg.flash(_('Folder not updated: {}').format(str(e)), CST.STATUS_ERROR)
next_url = self.url(int(folder_id))
tg.redirect(next_url)
def put(self, item_id, label='',content=''):
# TODO - SECURE THIS
workspace = tmpl_context.workspace
try:
api = ContentApi(tmpl_context.current_user)
item = api.get_one(int(item_id), self._item_type, workspace)
with new_revision(item):
api.update_content(item, label, content)
if not self._path_validation.validate_new_content(item):
return render_invalid_integrity_chosen_path(
item.get_label(),
)
api.save(item, ActionDescription.REVISION)
msg = _('{} updated').format(self._item_type_label)
tg.flash(msg, CST.STATUS_OK)
tg.redirect(self._std_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item.content_id))
except SameValueError as e:
msg = _('{} not updated: the content did not change').format(self._item_type_label)
tg.flash(msg, CST.STATUS_WARNING)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
except ValueError as e:
msg = _('{} not updated - error: {}').format(self._item_type_label, str(e))
tg.flash(msg, CST.STATUS_ERROR)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
def put(self,
folder_id,
label,
can_contain_folders=False,
can_contain_threads=False,
can_contain_files=False,
can_contain_pages=False):
# TODO - SECURE THIS
workspace = tmpl_context.workspace
api = ContentApi(tmpl_context.current_user)
next_url = ''
try:
folder = api.get_one(int(folder_id), ContentType.Folder, workspace)
subcontent = dict(
folder=True if can_contain_folders == 'on' else False,
thread=True if can_contain_threads == 'on' else False,
file=True if can_contain_files == 'on' else False,
page=True if can_contain_pages == 'on' else False)
with new_revision(folder):
if label != folder.label:
# TODO - D.A. - 2015-05-25
# Allow to set folder description
api.update_content(folder, label, folder.description)
api.set_allowed_content(folder, subcontent)
if not self._path_validation.validate_new_content(folder):
return render_invalid_integrity_chosen_path(
folder.get_label(), )
api.save(folder)
tg.flash(_('Folder updated'), CST.STATUS_OK)
next_url = self.url(folder.content_id)
except Exception as e:
tg.flash(
_('Folder not updated: {}').format(str(e)), CST.STATUS_ERROR)
next_url = self.url(int(folder_id))
tg.redirect(next_url)
def put(self, item_id, file_data=None, comment=None, label=''):
# TODO - SECURE THIS
workspace = tmpl_context.workspace
try:
item_saved = False
api = ContentApi(tmpl_context.current_user)
item = api.get_one(int(item_id), self._item_type, workspace)
# TODO - D.A. - 2015-03-19
# refactor this method in order to make code easier to understand
if comment and label:
updated_item = api.update_content(
item, label if label else item.label,
comment if comment else ''
)
api.save(updated_item, ActionDescription.EDITION)
# This case is the default "file title and description update"
# In this case the file itself is not revisionned
else:
# So, now we may have a comment and/or a file revision
if comment and ''==label:
comment_item = api.create_comment(workspace,
item, comment,
do_save=False)
if not isinstance(file_data, FieldStorage):
api.save(comment_item, ActionDescription.COMMENT)
else:
# The notification is only sent
# if the file is NOT updated
#
# If the file is also updated,
# then a 'file revision' notification will be sent.
api.save(comment_item,
ActionDescription.COMMENT,
do_notify=False)
if isinstance(file_data, FieldStorage):
api.update_file_data(item, file_data.filename, file_data.type, file_data.file.read())
api.save(item, ActionDescription.REVISION)
msg = _('{} updated').format(self._item_type_label)
tg.flash(msg, CST.STATUS_OK)
tg.redirect(self._std_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item.content_id))
except ValueError as e:
msg = _('{} not updated - error: {}').format(self._item_type_label, str(e))
tg.flash(msg, CST.STATUS_ERROR)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
def put(self, item_id, label='',content=''):
# INFO - D.A. This method is a raw copy of
# TODO - SECURE THIS
workspace = tmpl_context.workspace
try:
api = ContentApi(tmpl_context.current_user)
item = api.get_one(int(item_id), self._item_type, workspace)
api.update_content(item, label, content)
api.save(item, ActionDescription.REVISION)
msg = _('{} updated').format(self._item_type_label)
tg.flash(msg, CST.STATUS_OK)
tg.redirect(self._std_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item.content_id))
except SameValueError as e:
msg = _('{} not updated: the content did not change').format(self._item_type_label)
tg.flash(msg, CST.STATUS_WARNING)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
except ValueError as e:
msg = _('{} not updated - error: {}').format(self._item_type_label, str(e))
tg.flash(msg, CST.STATUS_ERROR)
tg.redirect(self._err_url.format(tmpl_context.workspace_id, tmpl_context.folder_id, item_id))
def put(self, item_id, file_data=None, comment=None, label=None):
# TODO - SECURE THIS
workspace = tmpl_context.workspace
try:
api = ContentApi(tmpl_context.current_user)
item = api.get_one(int(item_id), self._item_type, workspace)
label_changed = False
if label is not None and label != item.label:
label_changed = True
if label is None:
label = ''
# TODO - D.A. - 2015-03-19
# refactor this method in order to make code easier to understand
with new_revision(item):
if (comment and label) or (not comment and label_changed):
updated_item = api.update_content(
item, label if label else item.label,
comment if comment else '')
# Display error page to user if chosen label is in conflict
if not self._path_validation.validate_new_content(
updated_item, ):
return render_invalid_integrity_chosen_path(
updated_item.get_label_as_file(), )
api.save(updated_item, ActionDescription.EDITION)
# This case is the default "file title and description
# update" In this case the file itself is not revisionned
else:
# So, now we may have a comment and/or a file revision
if comment and '' == label:
comment_item = api.create_comment(workspace,
item,
comment,
do_save=False)
if not isinstance(file_data, FieldStorage):
api.save(comment_item, ActionDescription.COMMENT)
else:
# The notification is only sent
# if the file is NOT updated
#
# If the file is also updated,
# then a 'file revision' notification will be sent.
api.save(comment_item,
ActionDescription.COMMENT,
do_notify=False)
if isinstance(file_data, FieldStorage):
api.update_file_data(item, file_data.filename,
file_data.type,
file_data.file.read())
# Display error page to user if chosen label is in
# conflict
if not self._path_validation.validate_new_content(
item, ):
return render_invalid_integrity_chosen_path(
item.get_label_as_file(), )
api.save(item, ActionDescription.REVISION)
msg = _('{} updated').format(self._item_type_label)
tg.flash(msg, CST.STATUS_OK)
tg.redirect(
self._std_url.format(tmpl_context.workspace_id,
tmpl_context.folder_id, item.content_id))
except ValueError as e:
error = '{} not updated - error: {}'
msg = _(error).format(self._item_type_label, str(e))
tg.flash(msg, CST.STATUS_ERROR)
tg.redirect(
self._err_url.format(tmpl_context.workspace_id,
tmpl_context.folder_id, item_id))
def test_update(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user1 = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user1).create_workspace('test workspace',
save_now=True)
wid = workspace.workspace_id
user2 = uapi.create_user()
user2.email = '*****@*****.**'
uapi.save(user2)
RoleApi(user1).create_one(user2, workspace,
UserRoleInWorkspace.CONTENT_MANAGER,
with_notif=False,
flush=True)
# Test starts here
api = ContentApi(user1)
p = api.create(ContentType.Page, workspace, None,
'this_is_a_page', True)
u1id = user1.user_id
u2id = user2.user_id
pcid = p.content_id
poid = p.owner_id
transaction.commit()
# Refresh instances after commit
user1 = uapi.get_one(u1id)
workspace = WorkspaceApi(user1).get_one(wid)
api = ContentApi(user1)
content = api.get_one(pcid, ContentType.Any, workspace)
eq_(u1id, content.owner_id)
eq_(poid, content.owner_id)
u2 = UserApi(None).get_one(u2id)
api2 = ContentApi(u2)
content2 = api2.get_one(pcid, ContentType.Any, workspace)
with new_revision(content2):
api2.update_content(content2, 'this is an updated page', 'new content')
api2.save(content2)
transaction.commit()
# Refresh instances after commit
user1 = uapi.get_one(u1id)
workspace = WorkspaceApi(user1).get_one(wid)
api = ContentApi(user1)
updated = api.get_one(pcid, ContentType.Any, workspace)
eq_(u2id, updated.owner_id,
'the owner id should be {} (found {})'.format(u2id,
updated.owner_id))
eq_('this is an updated page', updated.label)
eq_('new content', updated.description)
eq_(ActionDescription.EDITION, updated.revision_type)
def test_update(self):
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user1 = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
workspace = WorkspaceApi(user1).create_workspace('test workspace',
save_now=True)
wid = workspace.workspace_id
user2 = uapi.create_user()
user2.email = '*****@*****.**'
uapi.save(user2)
RoleApi(user1).create_one(user2,
workspace,
UserRoleInWorkspace.CONTENT_MANAGER,
with_notif=False,
flush=True)
# Test starts here
api = ContentApi(user1)
p = api.create(ContentType.Page, workspace, None, 'this_is_a_page',
True)
u1id = user1.user_id
u2id = user2.user_id
pcid = p.content_id
poid = p.owner_id
transaction.commit()
# Refresh instances after commit
user1 = uapi.get_one(u1id)
workspace = WorkspaceApi(user1).get_one(wid)
api = ContentApi(user1)
content = api.get_one(pcid, ContentType.Any, workspace)
eq_(u1id, content.owner_id)
eq_(poid, content.owner_id)
u2 = UserApi(None).get_one(u2id)
api2 = ContentApi(u2)
content2 = api2.get_one(pcid, ContentType.Any, workspace)
with new_revision(content2):
api2.update_content(content2, 'this is an updated page',
'new content')
api2.save(content2)
transaction.commit()
# Refresh instances after commit
user1 = uapi.get_one(u1id)
workspace = WorkspaceApi(user1).get_one(wid)
api = ContentApi(user1)
updated = api.get_one(pcid, ContentType.Any, workspace)
eq_(
u2id, updated.owner_id,
'the owner id should be {} (found {})'.format(
u2id, updated.owner_id))
eq_('this is an updated page', updated.label)
eq_('new content', updated.description)
eq_(ActionDescription.EDITION, updated.revision_type)
class File(DAVNonCollection):
"""
File resource corresponding to tracim's files
"""
def __init__(self, path: str, environ: dict, content: Content):
super(File, self).__init__(path, environ)
self.content = content
self.user = UserApi(None).get_one_by_email(environ['http_authenticator.username'])
self.content_api = ContentApi(self.user)
# this is the property that windows client except to check if the file is read-write or read-only,
# but i wasn't able to set this property so you'll have to look into it >.>
# self.setPropertyValue('Win32FileAttributes', '00000021')
def __repr__(self) -> str:
return "<DAVNonCollection: File (%d)>" % self.content.revision_id
def getContentLength(self) -> int:
return self.content.depot_file.file.content_length
def getContentType(self) -> str:
return self.content.file_mimetype
def getCreationDate(self) -> float:
return mktime(self.content.created.timetuple())
def getDisplayName(self) -> str:
return self.content.file_name
def getLastModified(self) -> float:
return mktime(self.content.updated.timetuple())
def getContent(self) -> typing.BinaryIO:
filestream = compat.BytesIO()
filestream.write(self.content.depot_file.file.read())
filestream.seek(0)
return filestream
def beginWrite(self, contentType: str=None) -> FakeFileStream:
return FakeFileStream(
content=self.content,
content_api=self.content_api,
file_name=self.content.get_label_as_file(),
workspace=self.content.workspace,
path=self.path
)
def moveRecursive(self, destpath):
"""As we support recursive move, copymovesingle won't be called, though with copy it'll be called
but i have to check if the client ever call that function..."""
destpath = normpath(destpath)
invalid_path = False
# if content is either deleted or archived, we'll check that we try moving it to the parent
# if yes, then we'll unarchive / undelete them, else the action's not allowed
if self.content.is_deleted or self.content.is_archived:
# we remove all archived and deleted from the path and we check to the destpath
# has to be equal or else path not valid
# ex: /a/b/.deleted/resource, to be valid destpath has to be = /a/b/resource (no other solution)
current_path = re.sub(r'/\.(deleted|archived)', '', self.path)
if current_path == destpath:
ManageActions(
ActionDescription.UNDELETION if self.content.is_deleted else ActionDescription.UNARCHIVING,
self.content_api,
self.content
).action()
else:
invalid_path = True
# if the content is not deleted / archived, check if we're trying to delete / archive it by
# moving it to a .deleted / .archived folder
elif basename(dirname(destpath)) in ['.deleted', '.archived']:
# same test as above ^
dest_path = re.sub(r'/\.(deleted|archived)', '', destpath)
if dest_path == self.path:
ManageActions(
ActionDescription.DELETION if '.deleted' in destpath else ActionDescription.ARCHIVING,
self.content_api,
self.content
).action()
else:
invalid_path = True
# else we check if the path is good (not at the root path / not in a deleted/archived path)
# and we move the content
else:
invalid_path = any(x in destpath for x in ['.deleted', '.archived'])
invalid_path = invalid_path or any(x in self.path for x in ['.deleted', '.archived'])
invalid_path = invalid_path or dirname(destpath) == self.environ['http_authenticator.realm']
if not invalid_path:
self.move_file(destpath)
if invalid_path:
raise DAVError(HTTP_FORBIDDEN)
def move_file(self, destpath):
workspace = self.content.workspace
parent = self.content.parent
with new_revision(self.content):
if basename(destpath) != self.getDisplayName():
new_given_file_name = transform_to_bdd(basename(destpath))
new_file_name, new_file_extension = \
os.path.splitext(new_given_file_name)
self.content_api.update_content(
self.content,
new_file_name,
)
self.content.file_extension = new_file_extension
self.content_api.save(self.content)
else:
workspace_api = WorkspaceApi(self.user)
content_api = ContentApi(self.user)
destination_workspace = self.provider.get_workspace_from_path(
destpath,
workspace_api,
)
destination_parent = self.provider.get_parent_from_path(
destpath,
content_api,
destination_workspace,
)
self.content_api.move(
item=self.content,
new_parent=destination_parent,
must_stay_in_same_workspace=False,
new_workspace=destination_workspace
)
transaction.commit()
def supportRecursiveMove(self, destPath):
return True
def delete(self):
ManageActions(ActionDescription.DELETION, self.content_api, self.content).action()
class File(DAVNonCollection):
"""
File resource corresponding to tracim's files
"""
def __init__(self, path: str, environ: dict, content: Content):
super(File, self).__init__(path, environ)
self.content = content
self.user = UserApi(None).get_one_by_email(
environ['http_authenticator.username'])
self.content_api = ContentApi(self.user)
# this is the property that windows client except to check if the file is read-write or read-only,
# but i wasn't able to set this property so you'll have to look into it >.>
# self.setPropertyValue('Win32FileAttributes', '00000021')
def getPreferredPath(self):
fix_txt = '.txt' if self.getContentType(
) == 'text/plain' else mimetypes.guess_extension(self.getContentType())
if self.content.label == '' or self.path.endswith(fix_txt):
return self.path
else:
return self.path + fix_txt
def __repr__(self) -> str:
return "<DAVNonCollection: File (%d)>" % self.content.revision_id
def getContentLength(self) -> int:
return len(self.content.file_content)
def getContentType(self) -> str:
return self.content.file_mimetype
def getCreationDate(self) -> float:
return mktime(self.content.created.timetuple())
def getDisplayName(self) -> str:
return self.content.get_label()
def getLastModified(self) -> float:
return mktime(self.content.updated.timetuple())
def getContent(self):
filestream = compat.BytesIO()
filestream.write(self.content.file_content)
filestream.seek(0)
return filestream
def beginWrite(self, contentType: str = None) -> FakeFileStream:
return FakeFileStream(content=self.content,
content_api=self.content_api,
file_name=self.content.get_label(),
workspace=self.content.workspace,
path=self.path)
def moveRecursive(self, destpath):
"""As we support recursive move, copymovesingle won't be called, though with copy it'll be called
but i have to check if the client ever call that function..."""
destpath = normpath(destpath)
invalid_path = False
# if content is either deleted or archived, we'll check that we try moving it to the parent
# if yes, then we'll unarchive / undelete them, else the action's not allowed
if self.content.is_deleted or self.content.is_archived:
# we remove all archived and deleted from the path and we check to the destpath
# has to be equal or else path not valid
# ex: /a/b/.deleted/resource, to be valid destpath has to be = /a/b/resource (no other solution)
current_path = re.sub(r'/\.(deleted|archived)', '', self.path)
if current_path == destpath:
ManageActions(
ActionDescription.UNDELETION if self.content.is_deleted
else ActionDescription.UNARCHIVING, self.content_api,
self.content).action()
else:
invalid_path = True
# if the content is not deleted / archived, check if we're trying to delete / archive it by
# moving it to a .deleted / .archived folder
elif basename(dirname(destpath)) in ['.deleted', '.archived']:
# same test as above ^
dest_path = re.sub(r'/\.(deleted|archived)', '', destpath)
if dest_path == self.path:
ManageActions(
ActionDescription.DELETION
if '.deleted' in destpath else ActionDescription.ARCHIVING,
self.content_api, self.content).action()
else:
invalid_path = True
# else we check if the path is good (not at the root path / not in a deleted/archived path)
# and we move the content
else:
invalid_path = any(x in destpath
for x in ['.deleted', '.archived'])
invalid_path = invalid_path or any(
x in self.path for x in ['.deleted', '.archived'])
invalid_path = invalid_path or dirname(
destpath) == self.environ['http_authenticator.realm']
if not invalid_path:
self.move_file(destpath)
if invalid_path:
raise DAVError(HTTP_FORBIDDEN)
def move_file(self, destpath):
workspace = self.provider.get_workspace_from_path(
normpath(destpath), WorkspaceApi(self.user))
parent = self.provider.get_parent_from_path(normpath(destpath),
self.content_api,
workspace)
with new_revision(self.content):
if basename(destpath) != self.getDisplayName():
self.content_api.update_content(
self.content,
re.sub('\.[^\.]+$', '',
self.provider.transform_to_bdd(basename(destpath))))
self.content_api.save(self.content)
else:
self.content_api.move(item=self.content,
new_parent=parent,
must_stay_in_same_workspace=False,
new_workspace=workspace)
transaction.commit()
def supportRecursiveMove(self, destPath):
return True
def delete(self):
ManageActions(ActionDescription.DELETION, self.content_api,
self.content).action()