def app_allow_access(request, app_id, repo_name):
username = request.user.get_username()
try:
app = None
try:
app = App.objects.get(app_id=app_id)
except App.DoesNotExist:
raise Exception("Invalid app_id")
app = App.objects.get(app_id=app_id)
redirect_url = post_or_get(request, key='redirect_url', fallback=None)
if request.method == "POST":
access_val = request.POST['access_val']
if access_val == 'allow':
grant_app_permission(
username=username,
repo_name=repo_name,
app_id=app_id,
app_token=app.app_token)
if redirect_url:
redirect_url = redirect_url + \
urllib.unquote_plus('?auth_user=%s' % (username))
return HttpResponseRedirect(redirect_url)
else:
if access_val == 'allow':
return HttpResponseRedirect(
'/settings/%s/%s' % (username, repo_name))
else:
res = {
'msg_title': "Access Request",
'msg_body':
"Permission denied to the app {0}.".format(app_id)
}
return render_to_response('confirmation.html', res)
else:
res = {
'login': username,
'repo_name': repo_name,
'app_id': app_id,
'app_name': app.app_name}
if redirect_url:
res['redirect_url'] = redirect_url
res.update(csrf(request))
return render_to_response('app-allow-access.html', res)
except Exception as e:
return HttpResponse(
json.dumps(
{'error': str(e)}),
content_type="application/json")
def app_allow_access(request, app_id, repo_name):
username = request.user.get_username()
try:
app = None
try:
app = App.objects.get(app_id=app_id)
except App.DoesNotExist:
raise Exception("Invalid app_id")
app = App.objects.get(app_id=app_id)
redirect_url = post_or_get(request, key='redirect_url', fallback=None)
if request.method == "POST":
access_val = request.POST['access_val']
if access_val == 'allow':
grant_app_permission(
username=username,
repo_name=repo_name,
app_id=app_id,
app_token=app.app_token)
if redirect_url:
redirect_url = redirect_url + \
urllib.unquote_plus('?auth_user=%s' % (username))
return HttpResponseRedirect(redirect_url)
else:
if access_val == 'allow':
return HttpResponseRedirect(
'/settings/%s/%s' % (username, repo_name))
else:
res = {
'msg_title': "Access Request",
'msg_body':
"Permission denied to the app {0}.".format(app_id)
}
return render_to_response('confirmation.html', res)
else:
res = {
'login': username,
'repo_name': repo_name,
'app_id': app_id,
'app_name': app.app_name}
if redirect_url:
res['redirect_url'] = redirect_url
res.update(csrf(request))
return render_to_response('app-allow-access.html', res)
except Exception as e:
return HttpResponse(
json.dumps(
{'error': str(e)}),
content_type="application/json")
def query(request, repo_base, repo):
query = post_or_get(request, key='q', fallback=None)
username = request.user.get_username()
# if the user is just requesting the query page
if not query:
data = {
'login': username,
'repo_base': repo_base,
'repo': repo,
'select_query': False,
'query': None}
return render_to_response("query.html", data)
# if the user is actually executing a query
current_page = 1
if request.POST.get('page'):
current_page = request.POST.get('page')
url_path = reverse('browser-query', args=(repo_base, repo))
with DataHubManager(user=username, repo_base=repo_base) as manager:
if repo:
manager.set_search_paths([repo])
res = manager.paginate_query(
query=query, current_page=current_page, rows_per_page=50)
# get annotation to the table:
annotation, created = Annotation.objects.get_or_create(url_path=url_path)
annotation_text = annotation.annotation_text
data = {
'login': username,
'repo_base': repo_base,
'repo': repo,
'annotation': annotation_text,
'current_page': current_page,
'next_page': current_page + 1, # the template should relaly do this
'prev_page': current_page - 1, # the template should relaly do this
'url_path': url_path,
'query': query,
'select_query': res['select_query'],
'column_names': res['column_names'],
'tuples': res['rows'],
'total_pages': res['total_pages'],
'pages': range(res['start_page'], res['end_page'] + 1), # template
'num_rows': res['num_rows'],
'time_cost': res['time_cost']
}
data.update(csrf(request))
return render_to_response("query-browse-results.html", data)
def query(request, repo_base, repo):
query = post_or_get(request, key='q', fallback=None)
username = request.user.get_username()
# if the user is just requesting the query page
if not query:
data = {
'login': username,
'repo_base': repo_base,
'repo': repo,
'select_query': False,
'query': None
}
return render_to_response("query.html", data)
# if the user is actually executing a query
current_page = 1
if request.POST.get('page'):
current_page = request.POST.get('page')
url_path = reverse('browser-query', args=(repo_base, repo))
with DataHubManager(user=username, repo_base=repo_base) as manager:
res = manager.paginate_query(query=query,
current_page=current_page,
rows_per_page=50)
# get annotation to the table:
annotation, created = Annotation.objects.get_or_create(url_path=url_path)
annotation_text = annotation.annotation_text
data = {
'login': username,
'repo_base': repo_base,
'repo': repo,
'annotation': annotation_text,
'current_page': current_page,
'next_page': current_page + 1, # the template should relaly do this
'prev_page': current_page - 1, # the template should relaly do this
'url_path': url_path,
'query': query,
'select_query': res['select_query'],
'column_names': res['column_names'],
'tuples': res['rows'],
'total_pages': res['total_pages'],
'pages': range(res['start_page'], res['end_page'] + 1), # template
'num_rows': res['num_rows'],
'time_cost': res['time_cost']
}
data.update(csrf(request))
return render_to_response("query-browse-results.html", data)
def security_policy_query(request, repo_base, repo, table):
'''
Converts a SQL permissions statement into a new security policy.
'''
username = request.user.get_username()
query = post_or_get(request, key='q', fallback=None)
try:
permissions_parser = RLSPermissionsParser(repo_base, username)
permissions_parser.process_permissions(query)
except Exception as e:
return HttpResponse(json.dumps({'error': str(e)}),
content_type="application/json")
return HttpResponseRedirect(
reverse('browse-security_policies', args=(repo_base, repo, table)))
def security_policy_query(request, repo_base, repo, table):
'''
Converts a SQL permissions statement into a new security policy.
'''
username = request.user.get_username()
query = post_or_get(request, key='q', fallback=None)
try:
permissions_parser = RLSPermissionsParser(repo_base, username)
permissions_parser.process_permissions(query)
except Exception as e:
return HttpResponse(
json.dumps(
{'error': str(e)}),
content_type="application/json")
return HttpResponseRedirect(
reverse('browse-security_policies', args=(repo_base, repo, table)))
