Example #1
0
def uploads(o_label, p_label, u_label):
    ''' uploadin
    /organizations/aquaya/projects/water-quality/uploads?create=true
        : create a new upload, immediately redirect to editing
    /organizations/aquaya/projects/water-quality/uploads/may-2012
        : view an upload
    /organizations/aquaya/projects/water-quality/uploads/may-2012?edit=true
        : edit an upload; accepts GET or POST
    '''
    # can't wrap the line through a route or spaces are injected
    # hence this silliness:
    org_label = o_label
    project_label = p_label
    upload_label = u_label

    user = User.objects(email=session['email'])[0]

    orgs = Organization.objects(label=org_label)
    if not orgs:
        flash('Organization "%s" not found, sorry!' % org_label, 'warning')
        return redirect(url_for('organizations'))
    org = orgs[0]
    
    # permission-check
    if org not in user.organizations and not user.admin_rights:
        app.logger.error('%s tried to view a project but was \
            denied for want of admin rights' % session['email'])
        abort(404)
    
    projects = Project.objects(label=project_label, organization=org) 
    if not projects:
        flash('Project "%s" not found, sorry!' % project_label, 'warning')
        return redirect(url_for('organizations', org_label=org.label))
    project = projects[0]

    if request.method == 'GET':
        if not upload_label and request.args.get('create', '') == 'true':
            # create a new upload

            # CSRF validation
            token = request.args.get('token', '')
            if not verify_token(token):
                abort(403)

            try:
                name = 'upl-%s' % utilities.generate_random_string(6)
                new_upload = Upload(
                    label = name.lower()
                    , name = name
                    , project = project
                )
                new_upload.save()

                project.update(push__uploads=new_upload)
                app.logger.info('upload created by %s' % session['email'])
                flash('please select a file and make other edits', 'warning')
            except:
                app.logger.error('upload creation failed for %s' % \
                    session['email'])
                flash('There was an error, sorry :/', 'error')
                return redirect(url_for('projects', org_label=org.label
                    , project_label=project.label))
            
            # redirect to the editing screen
            return redirect(url_for('uploads', o_label=org.label
                , p_label=project.label, u_label=new_upload.label
                , edit='true'))

        elif not upload_label:
            # could show projects uploads but punting for now
            unique_entries = Entry.objects(project=project, unique=True
                , visible=True)
            duplicate_entries = Entry.objects(project=project
                , unique=False)
            hidden_entries = Entry.objects(project=project, visible=False
                , unique=True)
            
            upload_entry_counts = {}
            for upload in project.uploads:
                upload_entry_counts[upload.id] = Entry.objects(upload=upload).count()
            
            return render_template('project_uploads.html', project=project
                , unique_entries=unique_entries
                , duplicate_entries=duplicate_entries
                , upload_entry_counts=upload_entry_counts
                , hidden_entries=hidden_entries)
        
        else:
            # we have an upload label
            uploads = Upload.objects(label=upload_label, project=project) 
            if not uploads:
                flash('Upload "%s" not found, sorry!' % upload_label
                    , 'warning')
                return redirect(url_for('projects', org_label=org.label
                    , project_label=project.label))
            upload = uploads[0]

            if request.args.get('edit', '') == 'true':
                # show the editor

                # queue up any flashed messages
                # these get set during the worker's processing of a file
                worker_messages = upload.worker_messages
                for message in worker_messages:
                    flash(message['message'], message['status'])
                upload.update(set__worker_messages = [])

                return render_template('upload_edit.html', upload=upload
                        , number_of_pages=0)

            else:
                if not upload.filename:
                    # need to add one so redirect to editing
                    flash('please specify a file for this upload', 'warning')
                    return redirect(url_for('uploads', o_label=org.label
                        , p_label=project.label, u_label=upload.label
                        , edit='true'))
                else:

                    # things are still in progress
                    if not upload.s3_key:
                        flash('Your file is being processed in the '
                            'background.  Refresh the page to see updates.'
                            , 'info')
                        return render_template('upload.html', upload=upload
                                , number_of_pages=0)

                    # otherwise upload is complete, show the data
                    # pagination
                    total_entries = Entry.objects(project=project
                        , upload=upload).count()
                    entries_per_page = 10
                    pages = utilities.calculate_pages(total_entries
                        , entries_per_page=entries_per_page)

                    # validate the requested page
                    current_page = utilities.validate_page_request(
                        request.args.get('page', 1), pages)

                    # get the sorted entries
                    entries = utilities.query_entries(project
                        , upload = upload
                        , skip = (entries_per_page * (current_page - 1))
                        , limit = entries_per_page)
                    
                    hidden_entries_count = Entry.objects(upload=upload
                        , visible=False).count()

                    # queue up any flashed messages
                    # these get set during the worker's processing of a file
                    worker_messages = upload.worker_messages
                    for message in worker_messages:
                        flash(message['message'], message['status'])
                    upload.update(set__worker_messages = [])

                    return render_template('upload.html'
                        , upload=upload
                        , entries=entries
                        , total_entries = total_entries
                        , hidden_entries_count=hidden_entries_count
                        , current_page = current_page
                        , number_of_pages = pages)

    elif request.method == 'POST':
        # we have an upload label
        uploads = Upload.objects(label=upload_label, project=project)
        if not uploads:
            abort(404)
        upload = uploads[0]

        form_type = request.form.get('form_type', '')
        if form_type == 'info':

            if upload.name != request.form.get('name', ''):
                name = request.form.get('name', '')
                upload.update(set__name = name)

                uploads = Upload.objects(project=project).only('label')
                labels = [u.label for u in uploads]
                upload.update(set__label = 
                        utilities.generate_label(name, labels))

                upload.project.update(set__update_time =
                        datetime.datetime.utcnow())
                upload.reload()
            
            if upload.description != request.form.get('description', ''):
                upload.update(set__description =
                        request.form.get('description', ''))
                upload.project.update(set__update_time =
                        datetime.datetime.utcnow())

            if request.files.get('data_file', ''):
                data_file = request.files.get('data_file')
                
                try:
                    filename = uploaded_data.save(data_file)
                    if '..' in filename or filename.startswith('/'):
                        app.logger.info('%s tried to upload a malicious file \
                            "%s"' % (session['email'], filename))
                        flash('bad filename, sorry :/', 'error')
                        return redirect(url_for('uploads'
                            , o_label=org.label, p_label=project.label
                            , u_label=upload.label, edit='true'))

                    absolute_filename = uploaded_data.path(filename)
                
                except UploadNotAllowed:
                    app.logger.info('%s tried to upload an unsupported file'
                        % session['email'])
                    flash('we currently only support .xls files, sorry :/'
                        , 'error')
                    return redirect(url_for('uploads'
                        , o_label=org.label, p_label=project.label
                        , u_label=upload.label, edit='true'))
                
                upload.update(set__filename = 
                        os.path.basename(absolute_filename))
                upload.update(set__uploaded_by = user)

                # enqueue upload-processing
                redis_config = app.config['REDIS_CONFIG']
                use_connection(Redis(redis_config['host'], redis_config['port']
                        , password=redis_config['password']))
                queue = Queue()
                queue.enqueue(process_uploaded_file, upload.id,
                        absolute_filename)
                    
        elif form_type == 'admin':
            # delete the upload
            name = upload.name
            # pull out the upload from the parent project first
            project.update(pull__uploads=upload)
            
            # delete associated entries, remove from system, remove from s3
            deleted_entries_count = utilities.delete_upload(upload
                , session['email'])
            flash('upload "%s" was deleted successfully; %s entries deleted \
                as well' % (name, deleted_entries_count), 'success')
            
            # see if, given this deletion, the dupes are still dupes
            unduped_count = utilities.recheck_duplicate_entries(project)
            if unduped_count:
                flash('%s entries were automatically added to the project \
                    as they are no longer duplicates' % unduped_count, 'info')

            return redirect(url_for('uploads', o_label=org.label
                , p_label=project.label))
        
        else:
            # bad 'form_type'
            abort(404)
       
        try:
            upload.save()
            project.save()
        except:
            app.logger.error('%s experienced an error saving info about the \
                upload %s' % (session['email'], request.form['name']))
            flash('error, make sure names are unique', 'error')
            return redirect(url_for('projects'
                , org_label=upload.project.organization.label
                , project_label=upload.project.label))
        
        return redirect(url_for('uploads'
            , o_label=upload.project.organization.label, p_label=project.label
            , u_label=upload.label))
Example #2
0
def entries(org_label, project_label, entry_id):
    ''' show a specific entry mostly for editing purposes
    '''
    user = User.objects(email=session['email'])[0]
    
    # find the org
    orgs = Organization.objects(label=org_label)
    if not orgs:
        flash('Organization "%s" not found, sorry!' % org_label, 'warning')
        return redirect(url_for('organizations'))
    org = orgs[0]
    
    # permission-check
    if org not in user.organizations and not user.admin_rights:
        app.logger.error('%s tried to view a project but was \
            denied for want of admin rights' % session['email'])
        abort(404)
    
    # find the project
    projects = Project.objects(label=project_label, organization=org) 
    if not projects:
        flash('Project "%s" not found, sorry!' % project_label, 'warning')
        return redirect(url_for('organizations', org_label=org.label))
    project = projects[0]

    if not entry_id:
        if request.method == 'POST':
            # downloading entries with applied filters
            filter_labels = request.form.getlist('filters')
            apply_any_filters = request.form.get('apply_any_filters', '')
            if apply_any_filters == 'true':
                apply_any_filters = True
            else:
                apply_any_filters = False

            # make a list of filter objects
            filters = []
            for filter_label in filter_labels:
                filters.append(Filter.objects(label=filter_label
                    , project=project)[0])
            
            # serve up a file of the project entries
            absolute_filename = utilities.download_all_entries(project
                , filters, format='xls', apply_any_filters=apply_any_filters)

            # delay the deletion so we have time to serve the file
            redis_config = app.config['REDIS_CONFIG']
            use_connection(Redis(redis_config['host'], redis_config['port']
                    , password=redis_config['password']))
            scheduler = Scheduler()
            scheduler.enqueue_in(datetime.timedelta(seconds=60)
                , delete_local_file, absolute_filename)

            return send_file(absolute_filename, as_attachment=True)
        

        '''GET request..
        display entries for the project
        '''
        duplicate_entries_count = Entry.objects(project=project
            , unique=False).count()
        hidden_entries_count = Entry.objects(project=project, unique=True
            , visible=False).count()
        unique_entries_count = Entry.objects(project=project, unique=True
            , visible=True).count()

        entry_type = request.args.get('type', '')

        if entry_type == 'duplicate':
            # show unique=False entries
            count = duplicate_entries_count
            unique = False
            visible = None
            template = 'project_duplicate_entries.html'

        elif entry_type == 'hidden':
            # show visible=False, unique=True entries
            count = hidden_entries_count
            unique = True
            visible = False
            template = 'project_hidden_entries.html'

        else:
            # show uniques
            count = unique_entries_count
            unique = True
            visible = True
            template = 'project_entries.html'

        entries_per_page = 10
        pages = utilities.calculate_pages(count
            , entries_per_page=entries_per_page)

        # validate the requested page
        current_page = utilities.validate_page_request(
            request.args.get('page', 1), pages)

        entries = utilities.query_entries(project
            , unique=unique
            , visible=visible
            , skip=(entries_per_page * (current_page - 1))
            , limit=entries_per_page)

        # present some filters if data is downloaded
        available_filters = Filter.objects(project=project)

        return render_template(template
            , project=project
            , entries=entries
            , unique_entries_count=unique_entries_count
            , duplicate_entries_count=duplicate_entries_count
            , hidden_entries_count=hidden_entries_count
            , available_filters=available_filters
            , current_page = current_page
            , number_of_pages = pages)
    

    # we have an entry_id, try to find the object
    entries = Entry.objects(id=entry_id)
    if not entries:
        flash('Entry "%s" not found, sorry!' % entry_id, 'warning')
        return redirect(url_for('entries', org_label=org.label
            , project_label=project.label))
    entry = entries[0]

    if request.method == 'GET':
        if request.args.get('edit', '') == 'true':
            return render_template('entry_edit.html', entry=entry)
        else:
            return render_template('entry.html', entry=entry)

    elif request.method == 'POST':
        form_type = request.form.get('form_type', '')

        if form_type == 'info':
            # track all modifications to this entry
            modifications = []
            # don't think I can set just one value in the dict with set__
            # so let's make a copy then alter it, then update it
            values = dict(entry.values)

            for header in entry.project.ordered_schema:
                if header.data_type == 'datetime':
                    full_dt = '%s %s' % (
                            request.form.get('%s__date' % header.id, '')
                            , request.form.get('%s__time' % header.id, ''))
                    try:
                        struct = time.strptime(full_dt, '%B %d, %Y %I:%M %p')
                        edited_val = datetime.datetime.fromtimestamp(
                                time.mktime(struct))
                    except ValueError:
                        # requested change was improperly formatted
                        message = ('Error.  Date-time data expected for the'
                                ' field "%s."' % header.label)
                        return redirect_to_editing(entry, 'error', message)

                elif header.data_type == 'number':
                    try:
                        edited_val = float(request.form.get(
                            str(header.id), ''))
                    except ValueError:
                        # requested change wasn't a number
                        message = ('Error.  Numerical data expected for the'
                                ' field "%s."' % header.label)
                        return redirect_to_editing(entry, 'error', message)

                else:
                    edited_val = request.form.get(str(header.id), '')

                # values that were originally None will show up here as ''
                if edited_val == '' and entry.values[header.name] == None:
                    continue

                if edited_val != entry.values[header.name]:
                    values[header.name] = edited_val
                    modifications.append('updated "%s" from "%s" to "%s"' %
                            (header.label, entry.values[header.name]
                                , edited_val))

            if modifications:
                ''' update the entry
                '''
                entry.update(set__values = values)
                entry.update(set__was_never_edited = False)

                ''' generate some hashes
                used to check other possible duplicative and hidden entries
                '''
                old_hash = str(entry.value_hash)
                # compute a hash for the new values
                m = hashlib.md5()
                #sorted_headers = [h.name for h in project.ordered_schema]
                sorted_headers = values.keys()
                sorted_headers.sort()
                for header in sorted_headers:
                    value = values[header]
                    if type(value) == type(u'unicode'):
                        m.update(value.encode('utf8'))
                    else:
                        m.update(str(value))
                new_hash = m.hexdigest()

                # if the old entry was unique and had a dupe..
                # ..that dupe is now unique
                # limit one to flip just one of several possible dupes
                if entry.unique:
                    old_dupes = Entry.objects(project=project, unique=False
                            , value_hash=old_hash).limit(1)
                    if old_dupes:
                        flash('The entry you have edited had a duplicate in'
                            ' the system.  That duplicate has now been marked'
                            ' "unique."', 'success')
                        old_dupes[0].update(set__unique = True)

                # process hidden entries
                # if there are hidden entries with these values..
                # ..sound the alarm
                hidden_entries = Entry.objects(project=project
                        , visible=False).only('value_hash')
                hidden_hashes = [h['value_hash'] for h in hidden_entries]
                if entry.visible and new_hash in hidden_hashes:
                    flash('Warning: an entry with these values was previously'
                            ' "hidden," i.e. removed from analysis.  Consider'
                            ' hiding this entry.', 'warning')

                # if the entry was hidden, remind the user of that fact..
                # since the values were just edited they may want to change it
                if not entry.visible:
                    flash('This entry is currently "hidden" and not included'
                        ' in analysis.  Consider un-hiding it to include your'
                        ' new edits.', 'warning')

                # search for unique and duplicate values
                uniques = Entry.objects(project=project
                        , unique=True).only('value_hash')
                unique_hashes = [u['value_hash'] for u in uniques]

                # if entry /was/ unique
                if entry.unique:
                    if new_hash in unique_hashes:
                        flash('This entry is now a duplicate of another entry'
                            ' in the system.', 'warning')
                        entry.update(set__unique=False)

                # entry /wasn't/ unique
                else:
                    if new_hash not in unique_hashes:
                        flash('This entry was formerly a duplicate but is now'
                            ' unique.', 'success')
                        entry.update(set__unique=True)

                entry.update(set__value_hash = new_hash)


                ''' create a comment encapsulating the changes
                '''
                new_comment = Comment(
                    body = '; '.join(modifications)
                    , creation_time = datetime.datetime.utcnow()
                    , editable = False
                    , entry = entry
                    , owner = user
                    , project = project
                )
                new_comment.save()

                message = ('Changes saved successfully: %s' %
                        '; '.join(modifications))
                return redirect_to_editing(entry, 'success', message)

            else:
                # no modifications made to the entry
                return redirect_to_editing(entry, None, None)


        elif form_type == 'hide_entry':
            # flip the 'visible' state of this entry
            if entry.visible:
                entry.update(set__visible = False)
                modifications = 'entry removed from analysis'
            else:
                entry.update(set__visible = True)
                modifications = 'entry re-included in analysis'
            
            # also find all duplicates in the project and hide/unhide them as well
            duplicate_entries = Entry.objects(project=project
                , value_hash=entry.value_hash)
            # if we have more than the original entry
            if len(duplicate_entries) > 1:
                for duplicate_entry in duplicate_entries:
                    if duplicate_entry.id == entry.id:
                        continue
                    entry.reload()
                    if entry.visible:
                        duplicate_entry.update(set__visible = True)
                    else:
                        duplicate_entry.update(set__visible = False)
                
                # append a note about the dupes
                # plural..
                dupes = len(duplicate_entries) - 1
                if dupes > 1:
                    plural = 's'
                else:
                    plural = ''
                modifications += ' with %s duplicate%s' % (dupes, plural)

            ''' create a comment encapsulating the changes
            hm, comments won't be attached to duplicates..alas
            '''
            new_comment = Comment(
                body = modifications
                , creation_time = datetime.datetime.utcnow()
                , editable = False
                , entry = entry
                , owner = user
                , project = project
            )
            new_comment.save()

            message = 'Changes saved successfully: %s.' % modifications
            return redirect_to_editing(entry, 'success', message)