def test_permissions_modify_file_permissions_by_key(self):
permission = Permissions(True,True,True)
key = ps.add_file_permissions(ndb.Key("fk","mfpk"),ndb.Key("uk","mfpk"),permission)
new_permissions = Permissions(False,False,False)
ps.modify_file_permissions_by_key(key, new_permissions)
retrieved = ps.get_permissions_by_key(key)
self.assertEqual(new_permissions.read, retrieved.read)
self.assertEqual(new_permissions.write, retrieved.write)
self.assertEqual(new_permissions.full_control, retrieved.full_control)
def file_permissions_edit(request):
authed_user = auth.get_current_user()
if authed_user is None:
return __unauthed_response()
user_key = ps.get_user_key_by_id(authed_user.user_id())
json_response = {
'success' : False
}
action_responses = []
try:
permissions_request = json.loads(request.raw_post_data)
except ValueError:
json_response.update( {'error' : 'Invalid request payload.'} )
return HttpResponse(json.dumps(json_response), content_type="application/json")
if ( ('actions' not in permissions_request)
or ('filename' not in permissions_request)):
json_response.update( {'error' : 'Incomplete request.'} )
return HttpResponse(json.dumps(json_response), content_type="application/json")
filename = permissions_request['filename']
actions = permissions_request['actions']
if not isinstance(actions, list):
json_response.update( {'error' : 'Actions list is not a list.'} )
return HttpResponse(json.dumps(json_response), content_type="application/json")
file_entry = ps.get_file_by_name(DATA_BUCKET + '/' + filename)
if file_entry is None:
json_response.update( { 'error' : 'File does not exist.' } )
return HttpResponse(json.dumps(json_response), content_type="application/json")
fp_entry = ps.get_user_file_permissions(file_entry.key, user_key)
if fp_entry is None:
json_response.update( { 'error' : 'Permission denied.' } )
return HttpResponse(json.dumps(json_response), content_type="application/json")
res = []
for action in actions:
if ( ('action' in action) # Can't do anything without an action name
and ('userEmail' in action)): # Or a user for that matter
user_email = action['userEmail']
action_name = action['action']
response_part = {
'success' : False,
'action' : action,
'userEmail' : user_email
}
share_user_key = ps.get_user_key_by_email(user_email)
if share_user_key is None:
response_part.update( { 'error' : 'User not found.' } )
action_responses.append(response_part)
continue
else:
response_part = {
'success' : False,
'error' : 'Incomplete request.'
}
continue
edit_permissions = ps.get_user_file_permissions(file_entry.key, share_user_key)
if action_name == 'dropUser':
if edit_permissions is None:
response_part.update( { 'error' : 'User does not have permissions for this file.' } )
else:
remove_action = ps.revoke_permissions_by_key(edit_permissions.key)
if remove_action:
response_part.update( { 'success' : True } )
else:
response_part.update( { 'error' : 'Could not revoke permissions.' } )
elif action_name == 'addUser':
if edit_permissions is None:
if ( ('read' not in action)
or ('write' not in action)
or ('fullControl' not in action)):
response_part.update( { 'error' : 'Incomplete action - permissions not specified.'} )
else:
add_action = ps.add_file_permissions(file_entry.key, share_user_key,
Permissions(
action['read'],
action['write'],
action['fullControl']
) )
if add_action:
response_part.update( { 'success' : True } )
else:
response_part.update( { 'error' : 'Could not add user to file.' } )
else:
response_part.update( { 'error' : 'User already has permissions for this file.' } )
elif action_name == 'editUser':
if edit_permissions is not None:
if ( ('read' not in action)
or ('write' not in action)
or ('fullControl' not in action)):
response_part.update( { 'error' : 'Incomplete action - permissions not specified.'} )
else:
edit_action = ps.modify_file_permissions_by_key(edit_permissions.key,
Permissions(
action['read'],
action['write'],
action['fullControl']
) )
if edit_action:
response_part.update( { 'success' : True } )
else:
response_part.update( { 'error' : 'Could not update user permissions.' } )
else:
response_part.update( { 'error' : 'User does not have a permissions entry for this file.' } )
else:
response_part.update( { 'error' : "Action '%s' not recognised."%action_name } )
action_responses.append(response_part)
json_response.update( { 'success' : True, 'actions' : action_responses } )
return HttpResponse(json.dumps(json_response), content_type="application/json")
def file_list_edit(request):
authed_user = auth.get_current_user()
if authed_user is None:
return __unauthed_response()
user_key = ps.get_user_key_by_id(authed_user.user_id())
try:
actions = json.loads(request.raw_post_data)
except ValueError:
return HttpResponse(json.dumps({'error' : 'invalid request payload'}), content_type="application/json")
if not isinstance(actions, list):
return HttpResponse(json.dumps({'error' : 'Payload is not a list'}), content_type="application/json")
res = []
for a in actions:
#We can't do anything without a filename
if 'filename' not in a:
continue
else:
filename = a['filename']
if 'action' not in a:
continue
else:
action = a['action']
res_fragment = {
'filename' : a['filename'],
'action' : a['action']
}
if action == 'delete':
file_entry = ps.get_file_by_name(DATA_BUCKET + '/' + filename)
if file_entry is not None:
ps.remove_file_by_key(file_entry.key)
ds.delete(DATA_BUCKET + '/' + filename)
ds.delete(INFO_BUCKET + '/' + filename + 'info.txt')
ds.delete(INFO_BUCKET + '/' + filename + '.txt')
ds.delete(GRAPH_BUCKET + '/' + filename + '.png')
res_fragment.update( { 'success' : True } )
#Reinstate this when CE PAL is available
#else:
#res_fragment.update( { 'success' : False, 'error' : 'File does not exist.' } )
elif action == 'rename':
if 'newname' not in a:
res_fragment.update( { 'success' : False, 'error' : 'New name not specified' } )
else:
file_entry = ps.get_file_by_name(DATA_BUCKET + '/' + filename)
if file_entry is None:
res_fragment.update( { 'success' : False, 'error' : 'File does not exist.' } )
else:
file_entry.friendly_name = a['newname']
if ps.update_file(file_entry):
res_fragment.update( { 'success' : True } )
else:
res_fragment.update( { 'success' : False, 'error' : 'Could not rename file' } )
elif action == 'star' or action == 'unstar':
file_entry = ps.get_file_by_name(DATA_BUCKET + '/' + filename)
if file_entry is None:
res_fragment.update( { 'success' : False, 'error' : 'File does not exist.' } )
else:
fp_entry = ps.get_user_file_permissions(file_entry.key, user_key)
if fp_entry is None:
res_fragment.update( { 'success' : False, 'error' : 'Permissions entry not found' } )
else:
if ps.modify_file_permissions_by_key(fp_entry.key, new_starred = (action == 'star')):
res_fragment.update( { 'success' : True } )
else:
res_fragment.update( { 'success' : False, 'error' : 'Could not update file' } )
elif action == 'recolour':
if 'newcolour' not in a:
res_fragment.update( { 'success' : False, 'error' : 'New colour not specified' } )
else:
colour = a['newcolour']
chk_string = re.compile("^[A-Fa-f0-9]{6}$")
if (chk_string.match(colour)):
file_entry = ps.get_file_by_name(DATA_BUCKET + '/' + filename)
if file_entry is None:
res_fragment.update( { 'success' : False, 'error' : 'File does not exist.' } )
else:
fp_entry = ps.get_user_file_permissions(file_entry.key, user_key)
if fp_entry is None:
res_fragment.update( { 'success' : False, 'error' : 'Permissions entry not found' } )
else:
if ps.modify_file_permissions_by_key(fp_entry.key, new_colour = colour):
res_fragment.update( { 'success' : True } )
else:
res_fragment.update( { 'success' : False, 'error' : 'Could not update file' } )
else:
res_fragment.update( { 'success' : False, 'error' : 'New colour invalid' } )
else:
res_fragment.update( { 'success' : False, 'error' : 'Action not recognised' } )
res.append(res_fragment)
return HttpResponse(json.dumps(res), content_type="application/json")
