def artifact_status_put_req(artifact_id, user_id, visibility): """Set the status of the artifact given Parameters ---------- artifact_id : int Artifact being acted on user_id : str The user requesting the action visibility : {'sandbox', 'awaiting_approval', 'private', 'public'} What to change the visibility to Returns ------- dict Status of action, in the form {'status': status, 'message': msg} status: status of the action, either success or error message: Human readable message for status """ if visibility not in get_visibilities(): return {'status': 'error', 'message': 'Unknown visibility value: %s' % visibility} pd = Artifact(int(artifact_id)) sid = pd.study.id access_error = check_access(sid, user_id) if access_error: return access_error user = User(str(user_id)) status = 'success' msg = 'Artifact visibility changed to %s' % visibility # Set the approval to private if needs approval and admin if visibility == 'private': if not qiita_config.require_approval: pd.visibility = 'private' # Set the approval to private if approval not required elif user.level == 'admin': pd.visibility = 'private' # Trying to set approval without admin privileges else: status = 'error' msg = 'User does not have permissions to approve change' else: pd.visibility = visibility LogEntry.create('Warning', '%s changed artifact %s (study %d) to %s' % ( user_id, artifact_id, sid, visibility)) return {'status': status, 'message': msg}
def artifact_status_put_req(artifact_id, user_id, visibility): """Set the status of the artifact given Parameters ---------- artifact_id : int Artifact being acted on user_id : str The user requesting the action visibility : {'sandbox', 'awaiting_approval', 'private', 'public'} What to change the visibility to Returns ------- dict Status of action, in the form {'status': status, 'message': msg} status: status of the action, either success or error message: Human readable message for status """ if visibility not in get_visibilities(): return {'status': 'error', 'message': 'Unknown visiblity value: %s' % visibility} pd = Artifact(int(artifact_id)) access_error = check_access(pd.study.id, user_id) if access_error: return access_error user = User(str(user_id)) status = 'success' msg = 'Artifact visibility changed to %s' % visibility # Set the approval to private if needs approval and admin if visibility == 'private': if not qiita_config.require_approval: pd.visibility = 'private' # Set the approval to private if approval not required elif user.level == 'admin': pd.visibility = 'private' # Trying to set approval without admin privileges else: status = 'error' msg = 'User does not have permissions to approve change' else: pd.visibility = visibility return {'status': status, 'message': msg}
def artifact_patch_request(user, artifact_id, req_op, req_path, req_value=None, req_from=None): """Modifies an attribute of the artifact Parameters ---------- user : qiita_db.user.User The user performing the patch operation artifact_id : int Id of the artifact in which the patch operation is being performed req_op : str The operation to perform on the artifact req_path : str The prep information and attribute to patch req_value : str, optional The value that needs to be modified req_from : str, optional The original path of the element Raises ------ QiitaHTTPError If `req_op` != 'replace' If the path parameter is incorrect If missing req_value If the attribute to replace is not known """ if req_op == 'replace': req_path = [v for v in req_path.split('/') if v] if len(req_path) != 1: raise QiitaHTTPError(404, 'Incorrect path parameter') attribute = req_path[0] # Check if the user actually has access to the artifact artifact = Artifact(artifact_id) check_artifact_access(user, artifact) if not req_value: raise QiitaHTTPError(404, 'Missing value to replace') if attribute == 'name': artifact.name = req_value return elif attribute == 'visibility': if req_value not in get_visibilities(): raise QiitaHTTPError( 400, 'Unknown visibility value: %s' % req_value) if (req_value == 'private' and qiita_config.require_approval and not user.level == 'admin'): raise QiitaHTTPError( 403, 'User does not have permissions ' 'to approve change') try: artifact.visibility = req_value except Exception as e: raise QiitaHTTPError(403, str(e).replace('\n', '<br/>')) sid = artifact.study.id if artifact.visibility == 'awaiting_approval': email_to = '*****@*****.**' subject = ('QIITA: Artifact %s awaiting_approval. Study %d, ' 'Prep %d' % (artifact_id, sid, artifact.prep_templates[0].id)) message = ('%s requested approval. <a ' 'href="https://qiita.ucsd.edu/study/description/' '%d">Study %d</a>.' % (user.email, sid, sid)) try: send_email(email_to, subject, message) except Exception: msg = ("Couldn't send email to admins, please email us " "directly to <a href='mailto:{0}'>{0}</a>.".format( email_to)) raise QiitaHTTPError(400, msg) else: msg = '%s changed artifact %s (study %d) to %s' % ( user.email, artifact_id, sid, req_value) LogEntry.create('Warning', msg) else: # We don't understand the attribute so return an error raise QiitaHTTPError( 404, 'Attribute "%s" not found. Please, ' 'check the path parameter' % attribute) else: raise QiitaHTTPError( 400, 'Operation "%s" not supported. Current ' 'supported operations: replace' % req_op)
def artifact_patch_request(user, artifact_id, req_op, req_path, req_value=None, req_from=None): """Modifies an attribute of the artifact Parameters ---------- user : qiita_db.user.User The user performing the patch operation artifact_id : int Id of the artifact in which the patch operation is being performed req_op : str The operation to perform on the artifact req_path : str The prep information and attribute to patch req_value : str, optional The value that needs to be modified req_from : str, optional The original path of the element Raises ------ QiitaHTTPError If `req_op` != 'replace' If the path parameter is incorrect If missing req_value If the attribute to replace is not known """ if req_op == 'replace': req_path = [v for v in req_path.split('/') if v] if len(req_path) != 1: raise QiitaHTTPError(404, 'Incorrect path parameter') attribute = req_path[0] # Check if the user actually has access to the artifact artifact = Artifact(artifact_id) check_artifact_access(user, artifact) if not req_value: raise QiitaHTTPError(404, 'Missing value to replace') if attribute == 'name': artifact.name = req_value return elif attribute == 'visibility': if req_value not in get_visibilities(): raise QiitaHTTPError(400, 'Unknown visibility value: %s' % req_value) if (req_value == 'private' and qiita_config.require_approval and not user.level == 'admin'): raise QiitaHTTPError(403, 'User does not have permissions ' 'to approve change') try: artifact.visibility = req_value except Exception as e: raise QiitaHTTPError(403, str(e).replace('\n', '<br/>')) if artifact.visibility == 'awaiting_approval': email_to = '*****@*****.**' sid = artifact.study.id subject = ('QIITA: Artifact %s awaiting_approval. Study %d, ' 'Prep %d' % (artifact_id, sid, artifact.prep_templates[0].id)) message = ('%s requested approval. <a ' 'href="https://qiita.ucsd.edu/study/description/' '%d">Study %d</a>.' % (user.email, sid, sid)) try: send_email(email_to, subject, message) except Exception: msg = ("Couldn't send email to admins, please email us " "directly to <a href='mailto:{0}'>{0}</a>.".format( email_to)) raise QiitaHTTPError(400, msg) else: # We don't understand the attribute so return an error raise QiitaHTTPError(404, 'Attribute "%s" not found. Please, ' 'check the path parameter' % attribute) else: raise QiitaHTTPError(400, 'Operation "%s" not supported. Current ' 'supported operations: replace' % req_op)
def artifact_patch_request(user, artifact_id, req_op, req_path, req_value=None, req_from=None): """Modifies an attribute of the artifact Parameters ---------- user : qiita_db.user.User The user performing the patch operation artifact_id : int Id of the artifact in which the patch operation is being performed req_op : str The operation to perform on the artifact req_path : str The prep information and attribute to patch req_value : str, optional The value that needs to be modified req_from : str, optional The original path of the element Raises ------ QiitaHTTPError If `req_op` != 'replace' If the path parameter is incorrect If missing req_value If the attribute to replace is not known """ if req_op == 'replace': req_path = [v for v in req_path.split('/') if v] if len(req_path) != 1: raise QiitaHTTPError(404, 'Incorrect path parameter') attribute = req_path[0] # Check if the user actually has access to the artifact artifact = Artifact(artifact_id) check_artifact_access(user, artifact) if not req_value: raise QiitaHTTPError(404, 'Missing value to replace') if attribute == 'name': artifact.name = req_value return elif attribute == 'visibility': if req_value not in get_visibilities(): raise QiitaHTTPError(400, 'Unknown visibility value: %s' % req_value) # Set the approval to private if needs approval and admin if req_value == 'private': if not qiita_config.require_approval: artifact.visibility = 'private' # Set the approval to private if approval not required elif user.level == 'admin': artifact.visibility = 'private' # Trying to set approval without admin privileges else: raise QiitaHTTPError(403, 'User does not have permissions ' 'to approve change') else: artifact.visibility = req_value else: # We don't understand the attribute so return an error raise QiitaHTTPError(404, 'Attribute "%s" not found. Please, ' 'check the path parameter' % attribute) else: raise QiitaHTTPError(400, 'Operation "%s" not supported. Current ' 'supported operations: replace' % req_op)
def artifact_patch_request(user, artifact_id, req_op, req_path, req_value=None, req_from=None): """Modifies an attribute of the artifact Parameters ---------- user : qiita_db.user.User The user performing the patch operation artifact_id : int Id of the artifact in which the patch operation is being performed req_op : str The operation to perform on the artifact req_path : str The prep information and attribute to patch req_value : str, optional The value that needs to be modified req_from : str, optional The original path of the element Raises ------ QiitaHTTPError If `req_op` != 'replace' If the path parameter is incorrect If missing req_value If the attribute to replace is not known """ if req_op == 'replace': req_path = [v for v in req_path.split('/') if v] if len(req_path) != 1: raise QiitaHTTPError(404, 'Incorrect path parameter') attribute = req_path[0] # Check if the user actually has access to the artifact artifact = Artifact(artifact_id) check_artifact_access(user, artifact) if not req_value: raise QiitaHTTPError(404, 'Missing value to replace') if attribute == 'name': artifact.name = req_value return elif attribute == 'visibility': if req_value not in get_visibilities(): raise QiitaHTTPError( 400, 'Unknown visibility value: %s' % req_value) # Set the approval to private if needs approval and admin if req_value == 'private': if not qiita_config.require_approval: artifact.visibility = 'private' # Set the approval to private if approval not required elif user.level == 'admin': artifact.visibility = 'private' # Trying to set approval without admin privileges else: raise QiitaHTTPError( 403, 'User does not have permissions ' 'to approve change') else: artifact.visibility = req_value else: # We don't understand the attribute so return an error raise QiitaHTTPError( 404, 'Attribute "%s" not found. Please, ' 'check the path parameter' % attribute) else: raise QiitaHTTPError( 400, 'Operation "%s" not supported. Current ' 'supported operations: replace' % req_op)