def post(self, id):
parser = reqparse.RequestParser()
parser.add_argument('file',
type=FileStorage,
required=True,
location='files')
args = parser.parse_args()
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
args['repository'] = repository
args['storage_id'] = generate_string()
args['storage_path'] = os.path.join(current_app.root_path,
self.config()['UPLOAD_DIR'],
args['storage_id'])
args['file'].save(args['storage_path'])
args['name'] = args['file'].filename
args['extension'] = '.'.join(args['name'].split('.')[1:])
args['content_type'] = 'application/octet-stream'
args['media_link'] = args['storage_path']
args['size'] = 0
# Remove 'file' element in the arguments because the File constructor
# does not expect it
del args['file']
f_dao = FileDao(self.db_session())
f = f_dao.create(**args)
return f.to_dict(), 201
def get(self, id):
self.check_permission('retrieve:repository@{}'.format(id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
return repository.to_dict(), 200
def delete(self, id):
self.check_permission('retrieve,delete:repository@{}'.format(id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
repository_dao.delete(repository)
return {}, 204
def get(self, id, file_id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('retrieve:file@{}'.format(file_id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
f_dao = FileDao(self.db_session())
f = f_dao.retrieve(id=file_id)
if f.repository != repository:
raise FileNotInRepositoryException(f.name, repository.name)
return f.to_dict(), 200
def delete(self, id, file_set_id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('retrieve,delete:file-set@{}'.format(file_set_id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
file_set_dao = FileSetDao(self.db_session())
file_set = file_set_dao.retrieve(id=file_set_id)
if file_set.repository != repository:
raise FileSetNotInRepositoryException(file_set.name, repository.name)
file_set_dao.delete(file_set)
return {}, 204
def put(self, id):
self.check_permission('retrieve,update:repository@{}'.format(id))
parser = reqparse.RequestParser()
parser.add_argument('name', type=str, location='json')
args = parser.parse_args()
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
if args['name'] != repository.name:
repository.name = args['name']
repository_dao.save(repository)
return repository.to_dict(), 200
def get(self, id, file_id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('retrieve:file@{}'.format(file_id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
f_dao = FileDao(self.db_session())
f = f_dao.retrieve(id=file_id)
if f.repository != repository:
raise FileNotInRepositoryException(f.name, repository.name)
return send_from_directory(os.path.join(current_app.root_path,
self.config()['UPLOAD_DIR']),
filename=f.storage_id), 200
def post(self, id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('create:file-set')
parser = reqparse.RequestParser()
parser.add_argument('name', type=str, required=True, location='json')
args = parser.parse_args()
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
args['repository'] = repository
file_set_dao = FileSetDao(self.db_session())
file_set = file_set_dao.create(**args)
return file_set.to_dict(), 201
def get(self, id):
self.check_permission('retrieve:repository@{}'.format(id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
result = []
if self.has_permission('retrieve:file-set'):
result = [file_set.to_dict() for file_set in repository.file_sets]
else:
for file_set in repository.file_sets:
if self.has_permission('retrieve:file-set@{}'.format(file_set.id)):
result.append(file_set.to_dict())
return result, 200
def put(self, id, file_set_id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('retrieve,update:file-set@{}'.format(file_set_id))
parser = reqparse.RequestParser()
parser.add_argument('name', type=str, location='json')
args = parser.parse_args()
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
file_set_dao = FileSetDao(self.db_session())
file_set = file_set_dao.retrieve(id=file_set_id)
if file_set.repository != repository:
raise FileSetNotInRepositoryException(file_set.name, repository.name)
if args['name'] != file_set.name:
file_set.name = args['name']
file_set_dao.save(file_set)
return file_set.to_dict(), 200
def delete(self, id, file_set_id, file_id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('retrieve,update:file-set@{}'.format(file_set_id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
file_set_dao = FileSetDao(self.db_session())
file_set = file_set_dao.retrieve(id=file_set_id)
if file_set.repository != repository:
raise FileSetNotInRepositoryException(file_set.name, repository.name)
f_dao = FileDao(self.db_session())
f = f_dao.retrieve(id=file_id)
if f.repository != repository:
raise FileNotInRepositoryException(f.name, repository.name)
file_set.remove_file(f)
file_set_dao.save(file_set)
return file_set.to_dict(), 200
def get(self, id):
self.check_permission('retrieve:repository@{}'.format(id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
# We only return those files in the repository that are accessible to the
# current user. Normally, all files uploaded by the user will be accessible
# and optionally other files that were shared with him.
result = []
# If the user has class-level retrieve permission for files, then we don't
# have to check file permissions individually
if self.has_permission('retrieve:file'):
result = [f.to_dict() for f in repository.files]
else:
for f in repository.files:
if self.has_permission('retrieve:file@{}'.format(f.id)):
result.append(f.to_dict())
return result, 200
def get(self, id, file_set_id):
self.check_permission('retrieve:repository@{}'.format(id))
self.check_permission('retrieve:file-set@{}'.format(file_set_id))
repository_dao = RepositoryDao(self.db_session())
repository = repository_dao.retrieve(id=id)
file_set_dao = FileSetDao(self.db_session())
file_set = file_set_dao.retrieve(id=file_set_id)
if file_set.repository != repository:
raise FileSetNotInRepositoryException(file_set.name, repository.name)
result = []
if self.has_permission('retrieve:file'):
result = [f.to_dict() for f in file_set.files]
else:
for f in file_set.files:
if self.has_permission('retrieve:file@{}'.format(f.id)):
result.append(f.to_dict())
return result, 200