def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.data['path']
folders = []
parent = get_object_by_path(path)
while parent is None:
last_index = path.rfind('/')
folders.append(path[last_index + 1:])
path = path[:last_index]
parent = get_object_by_path(path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
for folder in reversed(folders):
cDriveFolder = CDriveFolder(name=folder,
owner=cDriveUser,
parent=parent)
cDriveFolder.save()
parent = cDriveFolder
cDriveFile = CDriveFile(cdrive_file=request.data['file'],
name=request.data['file'].name,
owner=cDriveUser,
parent=parent,
size=request.data['file'].size)
cDriveFile.save()
return Response({'file_name': request.data['file'].name},
status=status.HTTP_201_CREATED)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
path = request.data['path']
file_name = request.data['file_name']
parent = get_object_by_path(path)
key = path + '/' + file_name
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
client = boto3.client(
's3',
region_name='us-east-1',
config=Config(signature_version='s3v4'),
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
mpu = client.create_multipart_upload(
Bucket=settings.AWS_STORAGE_BUCKET_NAME, Key=key)
return Response({'uploadId': mpu['UploadId']},
status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
service_url = request.data['serviceUrl']
service_name = request.data['serviceName']
data = {'app_name': service_name, 'redirect_url': service_url}
response = requests.post(url='http://authentication/register-app/',
data=data)
data = response.json()
lnd = string.ascii_letters + string.digits
code = ''.join(random.choice(lnd) for i in range(12))
hostedService = HostedService(name=service_name,
url=service_url,
owner=cDriveUser,
client_id=data['clientId'],
client_secret=data['clientSecret'],
code=code)
hostedService.save()
return Response(status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.query_params['path']
cDriveObject = get_object_by_path(path)
if check_permission(cDriveObject, cDriveUser, cDriveApp, 'V'):
client = boto3.client(
's3',
region_name='us-east-1',
config=Config(signature_version='s3v4'),
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
url = client.generate_presigned_url(
ClientMethod='get_object',
Params={
'Bucket': settings.AWS_STORAGE_BUCKET_NAME,
'Key': path
},
ExpiresIn=300)
return Response({'download_url': url}, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
upload_id = request.data['uploadId']
data = jwt.decode(upload_id,
settings.COLUMBUS_CLIENT_SECRET,
algorithms='HS256')
path = data['path']
last_index = path.rfind('/')
parent_path = path[:path.rfind('/')]
file_name = path[last_index + 1:]
parent = get_object_by_path(parent_path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
resource = boto3.resource(
's3',
region_name='us-east-1',
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
size = resource.Bucket(
settings.AWS_STORAGE_BUCKET_NAME).Object(path).content_length
cDriveFile = CDriveFile(cdrive_file=path,
name=file_name,
owner=cDriveUser,
parent=parent,
size=size)
cDriveFile.save()
return Response({'file_name': file_name},
status=status.HTTP_201_CREATED)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveApp.name != 'cdrive':
return Response(status=status.HTTP_403_FORBIDDEN)
path = request.data['path']
target_type = request.data['targetType']
target_name = request.data['name']
permission = request.data['permission']
cDriveObject = get_object_by_path(path)
if cDriveObject is None:
return Response(status=status.HTTP_403_FORBIDDEN)
if target_type == 'application':
if check_permission(cDriveObject, cDriveUser, cDriveApp,
permission):
target_app = get_app(target_name, cDriveUser)
if target_app is None:
return Response(status=status.HTTP_400_BAD_REQUEST)
share_object(cDriveObject, cDriveUser, target_app, permission)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
elif target_type == 'user':
if cDriveObject.owner != cDriveUser:
return Response(status=status.HTTP_403_FORBIDDEN)
target_user = get_user(target_name)
if target_user is None:
return Response(status=status.HTTP_400_BAD_REQUEST)
target_app = get_app('cdrive', target_user)
share_object(cDriveObject, target_user, target_app, permission)
return Response(status=status.HTTP_200_OK)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.data['path']
file_name = request.data['file_name']
part_number = int(request.data['partNumber'])
upload_id = request.data['uploadId']
chunk_data = request.data['chunk']
key = path + '/' + file_name
client = boto3.client(
's3',
region_name='us-east-1',
config=Config(signature_version='s3v4'),
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
part_info = client.upload_part(Bucket=settings.AWS_STORAGE_BUCKET_NAME,
Key=key,
PartNumber=part_number,
UploadId=upload_id,
Body=chunk_data)
etag = part_info['ETag'].strip('\"')
return Response({'ETag': etag}, status=status.HTTP_200_OK)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
username = cDriveUser.username
apps = CDriveApplication.objects.filter(owner=username)
for app in apps:
data = {'username': username, 'appName': app.name}
response = requests.post(url='http://app-manager/stop-app',
data=data)
return Response(status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
username = cDriveUser.username
app_name = request.query_params['app_name']
response = requests.get(url='http://app-manager/get-app-status/' +
username + '/' + app_name + '/')
data = response.json()
return Response({'appStatus': data['appStatus']})
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
username = cDriveUser.username
app_name = request.data['app_name']
data = {'username': username, 'appName': app_name}
response = requests.post(url='http://app-manager/stop-app', data=data)
response = requests.post(url='http://app-manager/delete-app-storage',
data=data)
CDriveApplication.objects.filter(owner=username,
name=app_name).delete()
return Response(status=status.HTTP_204_NO_CONTENT)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.query_params['path']
parent = get_object_by_path(path)
data = {}
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
data['permission'] = 'Edit'
elif check_permission(parent, cDriveUser, cDriveApp, 'V'):
data['permission'] = 'View'
elif check_permission(parent, cDriveUser, cDriveApp, 'D'):
data['permission'] = 'None'
else:
return Response(
{
'message':
'Such a folder does not exist or you do not have permission to view contents of this folder'
},
status=status.HTTP_403_FORBIDDEN)
data['driveObjects'] = []
folders = CDriveFolder.objects.filter(parent=parent)
for f in folders:
ser = CDriveFolderSerializer(f).data
if check_permission(f, cDriveUser, cDriveApp, 'E'):
ser['permission'] = 'Edit'
ser['type'] = 'Folder'
data['driveObjects'].append(ser)
elif check_permission(f, cDriveUser, cDriveApp, 'V'):
ser['permission'] = 'View'
ser['type'] = 'Folder'
data['driveObjects'].append(ser)
elif check_permission(f, cDriveUser, cDriveApp, 'D'):
ser['permission'] = 'None'
ser['type'] = 'Folder'
data['driveObjects'].append(ser)
files = CDriveFile.objects.filter(parent=parent)
for f in files:
ser = CDriveFileSerializer(f).data
if check_permission(f, cDriveUser, cDriveApp, 'E'):
ser['permission'] = 'Edit'
ser['type'] = 'File'
data['driveObjects'].append(ser)
elif check_permission(f, cDriveUser, cDriveApp, 'V'):
ser['permission'] = 'View'
ser['type'] = 'File'
data['driveObjects'].append(ser)
return Response(data, status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.query_params['path']
folder = get_object_by_path(path)
if folder is None :
return Response(status=status.HTTP_403_FORBIDDEN)
if not (check_permission(folder, cDriveUser, cDriveApp, 'V') or check_child_permission(folder, cDriveUser, cDriveApp)):
return Response(status=status.HTTP_403_FORBIDDEN)
data = {}
data['driveObjects'] = serialize_folder_recursive(folder, cDriveUser, cDriveApp, path)
return Response(data, status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
path = request.query_params['path']
cDriveObject = get_object_by_path(path)
if check_permission(cDriveObject, cDriveUser, cDriveApp, 'V'):
if cDriveObject.__class__.__name__ == 'CDriveFile':
content = cDriveObject.cdrive_file.read()
return Response(content, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def delete(self, request):
cDriveUser, cDriveApp = introspect_token(request)
path = request.query_params['path']
cDriveObject = get_object_by_path(path)
if check_permission(cDriveObject, cDriveUser, cDriveApp, 'E'):
if cDriveObject.__class__.__name__ == 'CDriveFolder':
delete_folder(cDriveObject)
else:
cDriveObject.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.data['path']
parent_path = path[:path.rfind('/')]
folders = []
parent = get_object_by_path(parent_path)
while parent is None:
last_index = parent_path.rfind('/')
folders.append(parent_path[last_index + 1:])
parent_path = parent_path[:last_index]
parent = get_object_by_path(parent_path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
for folder in reversed(folders):
cDriveFolder, created = CDriveFolder.objects.get_or_create(
name=folder, owner=cDriveUser, parent=parent)
parent = cDriveFolder
client = boto3.client(
's3',
region_name='us-east-1',
config=Config(signature_version='s3v4'),
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
response = client.generate_presigned_post(
settings.AWS_STORAGE_BUCKET_NAME, path, ExpiresIn=3600)
upload_id_data = {
'exp':
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
'path': path,
}
upload_id = jwt.encode(upload_id_data,
settings.COLUMBUS_CLIENT_SECRET,
algorithm='HS256')
return Response(
{
'url': response['url'],
'fields': response['fields'],
'uploadId': upload_id
},
status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
path = request.data['path']
name = request.data['name']
parent = get_object_by_path(path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
cDriveFolder = CDriveFolder(name=name,
owner=cDriveUser,
parent=parent)
cDriveFolder.save()
return Response({'name': name}, status=status.HTTP_201_CREATED)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.data['path']
file_name = request.data['file_name']
upload_id = request.data['uploadId']
parts = request.data['partInfo']
size = request.data['size']
part_info = { 'Parts': [] }
parts = parts.split(',')
for i, part in enumerate(parts, start=1):
info = { 'ETag': part, 'PartNumber': i }
part_info['Parts'].append(info)
key = path + '/' + file_name
client = boto3.client(
's3',
region_name = 'us-east-1',
config=Config(signature_version='s3v4'),
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
client.complete_multipart_upload(
Bucket=settings.AWS_STORAGE_BUCKET_NAME,
Key=key,
UploadId=upload_id,
MultipartUpload=part_info
)
parent = get_object_by_path(path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
cDriveFile = CDriveFile(
cdrive_file = path + '/' + file_name,
name = file_name,
owner = cDriveUser,
parent = parent,
size = size
)
cDriveFile.save()
return Response({'file_name':file_name}, status=status.HTTP_201_CREATED)
else :
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
path = request.data['path']
parent = get_object_by_path(path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
cDriveFile = CDriveFile(cdrive_file=request.data['file'],
name=request.data['file'].name,
owner=cDriveUser,
parent=parent,
size=request.data['file'].size)
cDriveFile.save()
return Response({'file_name': request.data['file'].name},
status=status.HTTP_201_CREATED)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
username = cDriveUser.username
app_name = request.data['app_name']
cDriveApplication = CDriveApplication.objects.filter(owner=cDriveUser,
name=app_name)[0]
data = {
'imagePath': cDriveApplication.image,
'username': username,
'appName': app_name,
'clientId': cDriveApplication.client_id,
'clientSecret': cDriveApplication.client_secret
}
response = requests.post(url='http://app-manager/start-app', data=data)
return Response(status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
path = request.query_params['path']
parent = get_object_by_path(path)
data = {}
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
data['permission'] = 'Edit'
else:
data['permission'] = 'View'
data['driveObjects'] = []
folders = CDriveFolder.objects.filter(parent=parent)
for f in folders:
ser = CDriveFolderSerializer(f).data
if check_permission(f, cDriveUser, cDriveApp, 'E'):
ser['permission'] = 'Edit'
ser['type'] = 'Folder'
data['driveObjects'].append(ser)
elif check_permission(f, cDriveUser, cDriveApp, 'V'):
ser['permission'] = 'View'
ser['type'] = 'Folder'
data['driveObjects'].append(ser)
elif check_child_permission(f, cDriveUser, cDriveApp):
ser['permission'] = 'View'
ser['type'] = 'Folder'
data['driveObjects'].append(ser)
files = CDriveFile.objects.filter(parent=parent)
for f in files:
ser = CDriveFileSerializer(f).data
if check_permission(f, cDriveUser, cDriveApp, 'E'):
ser['permission'] = 'Edit'
ser['type'] = 'File'
data['driveObjects'].append(ser)
elif check_permission(f, cDriveUser, cDriveApp, 'V'):
ser['permission'] = 'View'
ser['type'] = 'File'
data['driveObjects'].append(ser)
return Response(data, status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
path = request.query_params['path']
cDriveObject = get_object_by_path(path)
if check_permission(cDriveObject, cDriveUser, cDriveApp, 'V'):
if cDriveObject.__class__.__name__ == 'CDriveFile':
data = []
csvString = io.StringIO(
cDriveObject.cdrive_file.read().decode("utf-8"))
csvReader = csv.DictReader(csvString)
for row in csvReader:
data.append(row)
return Response(data, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
username = cDriveUser.username
app_docker_link = request.data['app_docker_link']
start_index = app_docker_link.rfind('/')
end_index = app_docker_link.rfind(':')
if end_index == -1:
end_index = len(app_docker_link)
app_name = app_docker_link[start_index + 1:end_index]
data = {
'app_name': app_name,
'redirect_url':
settings.APPS_ROOT + username + '/' + app_name + '/'
}
response = requests.post(url='http://authentication/register-app/',
data=data)
data = response.json()
client_id = data['clientId']
client_secret = data['clientSecret']
data = {
'imagePath': app_docker_link,
'username': username,
'appName': app_name,
'clientId': client_id,
'clientSecret': client_secret
}
response = requests.post(url='http://app-manager/start-app', data=data)
cDriveApplication = CDriveApplication(name=app_name,
url=settings.APPS_ROOT +
username + '/' + app_name + '/',
image=app_docker_link,
owner=cDriveUser,
client_id=client_id,
client_secret=client_secret)
cDriveApplication.save()
return Response({'appName': app_name}, status=status.HTTP_201_CREATED)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
if cDriveUser == None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
original_path = request.data['path']
file_name = request.data['file_name']
folders = []
path = original_path
parent = get_object_by_path(path)
while parent is None:
last_index = path.rfind('/')
folders.append(path[last_index+1:])
path = path[:last_index]
parent = get_object_by_path(path)
if check_permission(parent, cDriveUser, cDriveApp, 'E'):
for folder in reversed(folders):
cDriveFolder = CDriveFolder(
name = folder,
owner = cDriveUser,
parent = parent
)
cDriveFolder.save()
parent = cDriveFolder
key = original_path + '/' + file_name
client = boto3.client(
's3',
region_name = 'us-east-1',
config=Config(signature_version='s3v4'),
aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY,
)
mpu = client.create_multipart_upload(Bucket=settings.AWS_STORAGE_BUCKET_NAME, Key=key)
return Response({'uploadId': mpu['UploadId']}, status=status.HTTP_200_OK)
else :
return Response(status=status.HTTP_403_FORBIDDEN)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
queryset = HostedService.objects.filter(owner=cDriveUser)
serializer = HostedServiceSerializer(queryset, many=True)
return Response(serializer.data, status=status.HTTP_200_OK)
def get(self, request):
cDriveUser, cDriveApp = introspect_token(request)
queryset = CDriveApplication.objects.filter(owner=cDriveUser).exclude(
name='cdrive')
serializer = CDriveApplicationSerializer(queryset, many=True)
return Response(serializer.data, status=status.HTTP_200_OK)
def post(self, request):
cDriveUser, cDriveApp = introspect_token(request)
url = request.data['service_url']
HostedService.objects.filter(owner=cDriveUser, url=url).delete()
return Response(status=status.HTTP_204_NO_CONTENT)
