def project_private_link_edit(auth, **kwargs): new_name = request.json.get('value', '') private_link_id = request.json.get('pk', '') private_link = PrivateLink.load(private_link_id) if private_link: private_link.name = new_name private_link.save()
def get_object(self): link_id = self.kwargs['link_id'] view_only_link = PrivateLink.load(link_id) return { 'data': view_only_link.nodes.all(), 'self': view_only_link }
def get_object(self): link_id = self.kwargs['link_id'] view_only_link = PrivateLink.load(link_id) return { 'data': [Node.load(node) for node in view_only_link.nodes], 'self': view_only_link }
def wrapped(*args, **kwargs): response = None _inject_nodes(kwargs) node = kwargs['node'] kwargs['auth'] = Auth.from_kwargs(request.args.to_dict(), kwargs) user = kwargs['auth'].user key = request.args.get('view_only', '').strip('/') #if not login user check if the key is valid or the other privilege kwargs['auth'].private_key = key link_anon = None if not include_view_only_anon: from website.models import PrivateLink try: link_anon = PrivateLink.find_one(Q('key', 'eq', key)).anonymous except ModularOdmException: pass if not node.is_public or not include_public: if not include_view_only_anon and link_anon: if not check_can_access(node=node, user=user): raise HTTPError(http.UNAUTHORIZED) elif key not in node.private_link_keys_active: if not check_can_access(node=node, user=user, key=key): redirect_url = check_key_expired(key=key, node=node, url=request.url) if request.headers.get('Content-Type') == 'application/json': raise HTTPError(http.UNAUTHORIZED) else: response = redirect(cas.get_login_url(redirect_url)) return response or func(*args, **kwargs)
def remove_private_link(*args, **kwargs): link_id = request.json['private_link_id'] try: link = PrivateLink.load(link_id) link.is_deleted = True link.save() except ModularOdmException: raise HTTPError(http.NOT_FOUND)
def get_serializer_class(self): if 'link_id' in self.kwargs: view_only_link = PrivateLink.load(self.kwargs['link_id']) node = view_only_link.nodes.first() if node.is_registration: return RegistrationSerializer return NodeSerializer else: return JSONAPISerializer
def is_anonymized(request): is_anonymous = False private_key = request.query_params.get('view_only', None) if private_key is not None: try: link = PrivateLink.find_one(Q('key', 'eq', private_key)) except NoResultsFound: link = None if link is not None: is_anonymous = link.anonymous return is_anonymous
def get_queryset(self): link_id = self.kwargs['link_id'] view_only_link = PrivateLink.load(link_id) user = get_user_auth(self.request).user nodes = [] for node in view_only_link.nodes.all(): if not node.has_permission(user, 'admin'): raise PermissionDenied nodes.append(node) return nodes
def get_object(self): link_id = self.kwargs['link_id'] view_only_link = PrivateLink.load(link_id) user = get_user_auth(self.request).user for node in view_only_link.nodes.all(): if not node.has_permission(user, 'admin'): raise PermissionDenied if not view_only_link: raise NotFound return view_only_link
def project_private_link_edit(auth, **kwargs): name = request.json.get('value', '') try: validate_title(name) except ValidationValueError as e: message = 'Invalid link name.' if e.message == 'Invalid title.' else e.message raise HTTPError(http.BAD_REQUEST, data=dict(message_long=message)) private_link_id = request.json.get('pk', '') private_link = PrivateLink.load(private_link_id) if private_link: new_name = strip_html(name) private_link.name = new_name private_link.save() return new_name else: raise HTTPError(http.BAD_REQUEST, data=dict(message_long='View-only link not found.'))
def get_private_links(): return PrivateLink.find(Q('is_deleted', 'ne', True))