def previews_callback():
if not verify_preview_service_authorization(
request.headers.get('authorization')):
raise UnauthorizedRequestError(
'Missing or invalid authorization header.')
params = request.form
if not (params.get('id', None) and params.get('status', None)):
raise BadRequestError('Id and status fields required.')
metadata = None
try:
if params.get('metadata'):
metadata = json.loads(params['metadata'])
except Exception as e:
app.logger.error('Failed to parse JSON preview metadata.')
app.logger.exception(e)
raise BadRequestError('Could not parse JSON metadata.')
asset = Asset.find_by_id(params['id'])
if not asset:
raise BadRequestError(f"Asset {params['id']} not found.")
if asset.update_preview(
preview_status=params.get('status'),
thumbnail_url=params.get('thumbnail'),
image_url=params.get('image'),
pdf_url=params.get('pdf'),
metadata=metadata,
):
return tolerant_jsonify({'status': 'success'})
else:
raise InternalServerError(
f"Unable to update preview data (asset_id={params['id']}.")
def get_comments(asset_id):
asset = Asset.find_by_id(asset_id=asset_id)
if asset and can_view_asset(asset=asset, user=current_user):
return tolerant_jsonify(
_decorate_comments(Comment.get_comments(asset.id)))
else:
raise ResourceNotFoundError(
'Asset is either unavailable or non-existent.')
def _get_asset_for_like(asset_id):
asset = Asset.find_by_id(asset_id=asset_id)
if not asset or not can_view_asset(asset=asset, user=current_user):
raise ResourceNotFoundError(f'No asset found with id: {asset_id}')
elif current_user.user in asset.users:
raise BadRequestError('You cannot like your own asset.')
else:
return asset
def get_asset(asset_id):
asset = Asset.find_by_id(asset_id=asset_id)
if asset and can_view_asset(asset=asset, user=current_user):
if current_user.user not in asset.users:
asset.increment_views(current_user.user)
return tolerant_jsonify(
asset.to_api_json(user_id=current_user.get_id()))
else:
raise ResourceNotFoundError(f'No asset found with id: {asset_id}')
def delete_asset(asset_id):
asset = Asset.find_by_id(asset_id) if asset_id else None
if not asset:
raise ResourceNotFoundError('Asset not found.')
if not can_update_asset(asset=asset, user=current_user):
raise BadRequestError(
'To delete this asset you must own it or be a teacher in the course.'
)
Asset.delete(asset_id=asset_id)
return tolerant_jsonify({'message': f'Asset {asset_id} deleted'}), 200
def download(asset_id):
asset = Asset.find_by_id(asset_id)
s3_url = asset.download_url
if asset and s3_url and can_view_asset(asset=asset, user=current_user):
stream = stream_object(s3_url)
if stream:
now = datetime.now().strftime('%Y-%m-%d_%H-%M-%S')
name = re.sub(r'[^a-zA-Z0-9]', '_', asset.title)
extension = s3_url.rsplit('.', 1)[-1]
return Response(
stream,
headers={
'Content-disposition':
f'attachment; filename="{name}_{now}.{extension}"',
},
)
raise ResourceNotFoundError(f'Asset {asset_id} not found.')
def create_comment():
params = request.get_json()
asset_id = params.get('assetId')
asset = Asset.find_by_id(asset_id=asset_id)
if asset and can_view_asset(asset=asset, user=current_user):
body = params.get('body', '').strip()
if not body:
raise BadRequestError('Comment body is required.')
parent_id = params.get('parentId')
comment = Comment.create(
asset=asset,
user_id=current_user.user_id,
body=body,
parent_id=parent_id and int(parent_id),
)
return tolerant_jsonify(_decorate_comments([comment.to_api_json()])[0])
else:
raise ResourceNotFoundError(
'Asset is either unavailable or non-existent.')
def update_asset():
params = request.get_json()
asset_id = params.get('assetId')
category_id = params.get('categoryId')
description = params.get('description')
title = params.get('title')
asset = Asset.find_by_id(asset_id) if asset_id else None
if not asset or not title:
raise BadRequestError('Asset update requires a valid ID and title.')
if not can_update_asset(asset=asset, user=current_user):
raise BadRequestError(
'To update an asset you must own it or be a teacher in the course.'
)
asset = Asset.update(
asset_id=asset_id,
categories=category_id and [Category.find_by_id(category_id)],
description=description,
title=title,
)
return tolerant_jsonify(asset.to_api_json(user_id=current_user.get_id()))