def create_or_update(collection=None, source=None):
if collection is not None:
authz.require(authz.collection(authz.WRITE, collection))
if source is not None:
authz.require(authz.source(authz.WRITE, source))
resource_type = Permission.COLLECTION if collection else Permission.SOURCE
resource_id = collection or source
data = request_data()
validate(data, permissions_schema)
# check that the role exists.
rq = session.query(Role).filter(Role.id == data['role'])
if rq.first() is None:
raise BadRequest()
q = session.query(Permission)
q = q.filter(Permission.role_id == data['role'])
q = q.filter(Permission.resource_type == resource_type)
q = q.filter(Permission.resource_id == resource_id)
permission = q.first()
if permission is None:
permission = Permission()
permission.role_id = data['role']
permission.resource_type = resource_type
permission.resource_id = resource_id
permission.read = data['read']
permission.write = data['write']
session.add(permission)
session.commit()
return jsonify({
'status': 'ok',
'updated': permission
})
def admin_resources():
""" Load access rights for admins. """
for coll_id, in session.query(Collection.id):
request.authz_collections[READ].add(coll_id)
request.authz_collections[WRITE].add(coll_id)
for source_id, in session.query(Source.id):
request.authz_sources[READ].add(source_id)
request.authz_sources[WRITE].add(source_id)
def test_create_source(self):
source = {'slug': 'foo', 'title': 'Foo source', 'url': 'http://foo'}
Source.ensure(source)
session.commit()
cnt = session.query(Source).count()
assert cnt == 1, cnt
Source.ensure(source)
session.commit()
cnt = session.query(Source).count()
assert cnt == 1, cnt
def get_sources():
""" Get a list of all sources stored in the index, then resolve and
return them. """
sources = {}
for source in session.query(Source):
sources[source.id] = source.to_dict()
return sources
def get_sources():
""" Get a list of all sources stored in the index, then resolve and
return them. """
sources = {}
for source in session.query(Source):
sources[source.id] = source.to_dict()
return sources
def list_roles():
# Not using a pager because in most places this wouldn't make sense to
# paginate. Need to review this later.
q = session.query(Role)
return jsonify({
'total': q.count(),
'results': q
})
def collection_add_entity(collection, subject):
q = session.query(CollectionSubject).filter_by(subject=subject)
q = q.filter_by(collection_id=collection.id)
cs = q.first()
if cs is None:
cs = CollectionSubject(collection, subject)
session.add(cs)
session.commit()
def collection_remove_entity(collection, subject):
q = session.query(CollectionSubject).filter_by(subject=subject)
q = q.filter_by(collection_id=collection.id)
q.delete()
session.commit()
entities = get_loom_config().entities
entities.remove(subject, collection_id=collection.id)
def index():
collections = authz.collections(authz.READ)
if not len(collections):
return jsonify(Pager([]))
q = session.query(Source)
q = q.filter(Source.id.in_(collections))
q = q.order_by(Source.title.asc())
return jsonify(Pager(q))
def index():
collections = authz.collections(authz.READ)
if not len(collections):
return jsonify(Pager([]))
q = session.query(Collection)
q = q.filter(Collection.id.in_(collections))
q = q.options(subqueryload('subjects'))
q = q.order_by(Collection.title.asc())
return jsonify(Pager(q))
def update(id):
source = session.query(Source).filter(Source.id == id).first()
source = obj_or_404(source)
authz.require(authz.source(authz.WRITE, source.id))
data = request_data()
validate(data, sources_schema)
source.title = data.get('title')
source.url = data.get('url')
session.add(source)
session.commit()
return jsonify({'status': 'ok', 'data': source})
def index(collection=None, source=None):
q = session.query(Permission)
if collection is not None:
authz.require(authz.collection(authz.WRITE, collection))
q = q.filter(Permission.resource_type == Permission.COLLECTION)
q = q.filter(Permission.resource_id == collection)
elif source is not None:
authz.require(authz.source(authz.WRITE, source))
q = q.filter(Permission.resource_type == Permission.SOURCE)
q = q.filter(Permission.resource_id == source)
return jsonify({
'total': q.count(),
'results': q
})
def user_resources():
""" Load access rights for normal (non-admin) users. """
q = session.query(Permission)
q = q.filter(Permission.role_id.in_(request.auth_roles))
for perm in q:
if perm.resource_type == Permission.COLLECTION:
if perm.read:
request.authz_collections[READ].add(perm.resource_id)
if perm.write and request.logged_in:
request.authz_collections[WRITE].add(perm.resource_id)
if perm.resource_type == Permission.SOURCE:
if perm.read:
request.authz_sources[READ].add(perm.resource_id)
if perm.write and request.logged_in:
request.authz_sources[WRITE].add(perm.resource_id)
def index(self, schema=None, source=None):
if source is not None:
q = session.query(Source.id).filter_by(slug=source)
obj = q.first()
if obj is None:
raise ValueError("No such source: %s" % source)
source = obj[0]
client = self.config.elastic_client
log.debug('Indexing to: %r (index: %r)', client,
self.config.elastic_index)
self.clear(schema=schema, source_id=source)
schemas = self.config.schemas.values() if schema is None else [schema]
for schema in schemas:
if not self.is_schema_indexed(schema):
continue
bulk(client, self.generate_entities(schema, source),
stats_only=True, chunk_size=self.chunk,
request_timeout=60.0)
client.indices.flush_synced()
def get_collection(id, right):
collection = session.query(Collection).filter(Collection.id == id).first()
collection = obj_or_404(collection)
authz.require(authz.collection(right, collection.id))
return collection
def view(id):
source = session.query(Source).filter(Source.id == id).first()
source = obj_or_404(source)
authz.require(authz.source(authz.READ, source.id))
return jsonify({'status': 'ok', 'data': source})
