def POST(self, name=None): try: logging.info("[LayMan][POST] %s"% name) params = repr(web.input()) logging.info("[LayMan][POST] Parameters: %s ... %s"%\ (str(params)[:500], str(params)[-500:])) global config if not self.auth.authorised: logging.error("[LayMan][POST] Unauthorised") raise AuthError(401, "Authorisation failed. Are you logged-in?") code = None message = None origName = name name = [d for d in os.path.split(origName) if d] if len(name) > 0: # POST "http://localhost:8080/layman/fileman/file.shp" if name[0] == "fileman": from fileman import FileMan fm = FileMan() # Jachyme, what we expect here to receive from the client? # Where is it documented? inpt = web.input(filename={}, newfilename="") newFilename = inpt["newfilename"] if not newFilename: newFilename = inpt["filename"].filename newFilename = self._getTargetFile(newFilename,False) (code, message) = fm.postFile(newFilename, inpt["filename"].file.read()) # FIXME Security: we # shoudl read file size up to X megabytes web.header("Content-type", "text/html") # POST /layman/user # data: {screenName: "user", roles: [{roleTitle, roleName}, {roleTitle, roleName}]} elif name[0] == "user": from userprefs import UserPrefs up = UserPrefs(config) data = web.data() logging.debug(data) (code, message) = up.createUser(userJsonStr=data) # POST "http://localhost:8080/layman/layed?fileName=Rivers.shp&usergroup=RescueRangers" elif name[0] == "layed": from layed import LayEd le = LayEd(config) inpt = web.input(usergroup=None) if not inpt.fileName: raise LaymanError( 400, "'fileName' parameter missing") fileName = inpt.fileName fsUserDir = self.auth.getFSUserDir() fsGroupDir = self.auth.getFSGroupDir(inpt.usergroup) dbSchema = self.auth.getDBSchema(inpt.usergroup) gsWorkspace = self.auth.getGSWorkspace(inpt.usergroup) crs = inpt.crs # native crs tsrs = inpt.tsrs # target srs cpg = inpt.cpg # code page secureLayer = True if "secureLayer" in inpt: if inpt.secureLayer.lower() == "false": secureLayer = False (code, layerName, message) = le.importAndPublish(fsUserDir, fsGroupDir, dbSchema, gsWorkspace, fileName, crs, tsrs, cpg, inpt, secureLayer) # Set Location header if code == 201 and layerName is not None: location = layerName # TODO: provide full URI here web.header("Location", location) elif name[0] == "publish" or name[0] == "data": from layed import LayEd le = LayEd(config) inpt = web.input() # Obligatory parameters if not "schema" in inpt: raise LaymanError( 400, "'schema' parameter missing") if not "view" in inpt: raise LaymanError( 400, "'view' parameter missing") if not "crs" in inpt: raise LaymanError( 400, "'crs' parameter missing") viewName = inpt.view dbSchema = self.auth.getDBSchema(inpt.schema) gsWorkspace = self.auth.getGSWorkspace(inpt.schema) crs = inpt.crs secureLayer = True if "secureLayer" in inpt: if inpt.secureLayer.lower() == "false": secureLayer = False # Optional parameters styleName = None styleWs = None if "style" in inpt: styleName = inpt.style if "style_ws" in inpt: styleWs = inpt.style_ws (code, layerName, message) = le.publishFromDbToGs(dbSchema, viewName, gsWorkspace, crs, inpt, styleName, styleWs, secureLayer) # Set Location header if code == 201 and layerName is not None: location = layerName # TODO: provide full URI here web.header("Location", location) else: (code, message) = self._callNotSupported(restMethod="POST", call=origName) else: (code, message) = self._callNotSupported(restMethod="POST", call=origName) success = self._setReturnCode(code) retval = self._jsonReply(code, message, success) return retval except LaymanError as le: return self._handleLaymanError(le) except Exception as e: return self._handleException(e)
def POST(self, name=None): try: logging.info("[LayMan][POST] %s"% name) params = repr(web.input()) logging.info("[LayMan][POST] Parameters: %s ... %s"%\ (str(params)[:500], str(params)[-500:])) global config if not self.auth.authorised: logging.error("[LayMan][POST] Unauthorised") raise AuthError(401, "Authorisation failed. Are you logged-in?") code = None message = None origName = name path = [d for d in os.path.split(origName) if d] if len(path) > 0: # POST "http://localhost:8080/layman/files/<user>" if path[0] == "files" and len(path) == 2: from fileman import FileMan fm = FileMan() # Everyone can post only in his/her own directory userName = self.auth.getUserName() if userName != path[1]: logging.error("[LayMan][POST] %s is not authorized to post files into %s's directory"% (userName, path[1])) raise AuthError(401, "Sorry, you are not authorized to post files into %s's directory"% path[1]) # Request params inpt = web.input(filename={}, newfilename="") # User dir fsUserDir = self.auth.getFSUserDir() # Chek 'source' parameter ['url'|'payload'] if "source" in inpt and inpt["source"].lower() == "url": # Check URL param if not inpt["url"] or inpt["url"] == "": # Get from url requested, but url not given code = 400 message = "URL source requested, but URL not given" else: # Get file from URL (code, message) = fm.postFileFromUrl(fsUserDir, inpt["url"]) else: # Get file data from request payload newFilename = inpt["newfilename"] if not newFilename: newFilename = inpt["filename"].filename (code, message) = fm.postFileFromPayload(fsUserDir, newFilename, inpt["filename"].file.read()) web.header("Content-type", "text/html") # POST /layman/user # data: {screenName: "user", roles: [{roleTitle, roleName}, {roleTitle, roleName}]} elif path[0] == "user": from userprefs import UserPrefs up = UserPrefs(config) data = web.data() logging.debug(data) (code, message) = up.createUser(userJsonStr=data) # /datalayers/<group>?fileName=Rivers.shp # was /layed?fileName=Rivers.shp&usergroup=RescueRangers" elif path[0] == "datalayers" and len(path) == 2: from layed import LayEd le = LayEd(config) inpt = web.input() if not inpt.fileName: raise LaymanError( 400, "'fileName' parameter missing") checkRole = self.auth.getRole(path[1]) logging.debug("[LayMan][POST] checkRole: '%s', path[1]: '%s'"% (checkRole, path[1])) if checkRole["roleName"] != path[1]: logging.error("[LayMan][POST] Not authorized to post files into %s group"% path[1]) raise AuthError(401, "Sorry, you are not authorized to post files into %s group"% path[1]) fileName = inpt.fileName userName = self.auth.getUserName() fsUserDir = self.auth.getFSUserDir() fsGroupDir = self.auth.getFSGroupDir(path[1]) dbSchema = self.auth.getDBSchema(path[1]) gsWorkspace = self.auth.getGSWorkspace(path[1]) crs = inpt.crs # native crs tsrs = inpt.tsrs # target srs cpg = inpt.cpg # code page secureLayer = False if "secureLayer" in inpt: if inpt.secureLayer.lower() == "true": secureLayer = True (code, layerName, message) = le.importAndPublish(fsUserDir, fsGroupDir, dbSchema, gsWorkspace, fileName, userName, crs, tsrs, cpg, inpt, secureLayer) # Set Location header if code == 201 and layerName is not None: location = layerName # TODO: provide full URI here web.header("Location", location) # /layers/<group> # was: /publish or /data elif path[0] == "layers" and len(path) == 2: from layed import LayEd le = LayEd(config) inpt = web.input() # Check authorization checkRole = self.auth.getRole(path[1]) if checkRole["roleName"] != path[1]: logging.error("[LayMan][POST] Not authorized to post files into %s group"% path[1]) raise AuthError(401, "Sorry, you are not authorized to post files into %s group"% path[1]) # Obligatory parameters if not "dataname" in inpt: raise LaymanError( 400, "'dataname' parameter missing") if not "datatype" in inpt: raise LaymanError( 400, "'datatype' parameter missing") if not "crs" in inpt: raise LaymanError( 400, "'crs' parameter missing") dataName = inpt.dataname dataType = inpt.datatype userName = self.auth.getUserName() dbSchema = self.auth.getDBSchema(path[1]) gsWorkspace = self.auth.getGSWorkspace(path[1]) crs = inpt.crs secureLayer = False if "secureLayer" in inpt: if inpt.secureLayer.lower() == "true": secureLayer = True # Optional parameters styleName = None styleWs = None if "style" in inpt: styleName = inpt.style if "style_ws" in inpt: styleWs = inpt.style_ws (code, layerName, message) = le.publishFromDbToGs(dbSchema, dataName, dataType, gsWorkspace, userName, crs, inpt, styleName, styleWs, secureLayer) # Set Location header if code == 201 and layerName is not None: location = layerName # TODO: provide full URI here web.header("Location", location) else: (code, message) = self._callNotSupported(restMethod="POST", call=origName) else: (code, message) = self._callNotSupported(restMethod="POST", call=origName) success = self._setReturnCode(code) retval = self._jsonReply(code, message, success) return retval except LaymanError as le: return self._handleLaymanError(le) except Exception as e: return self._handleException(e)