def get_file(self, check_permissions=True): try: obj = utils.get_object_or_error( BaseFileNode, self.kwargs[self.file_lookup_url_kwarg], self.request, display_name='file') except NotFound: obj = utils.get_object_or_error( Guid, self.kwargs[self.file_lookup_url_kwarg], self.request).referent if obj.is_deleted: raise Gone(detail='The requested file is no longer available.') if not isinstance(obj, BaseFileNode): raise NotFound if obj.node.is_quickfiles and obj.node.creator.is_disabled: raise Gone( detail= 'This user has been deactivated and their quickfiles are no longer available.' ) if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_file(self, check_permissions=True): try: obj = utils.get_object_or_error(FileNode, self.kwargs[self.file_lookup_url_kwarg]) except (NotFound, Gone): obj = utils.get_object_or_error(Guid, self.kwargs[self.file_lookup_url_kwarg]).referent if not isinstance(obj, StoredFileNode): raise NotFound if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_user(self, check_permissions=True): key = self.kwargs[self.user_lookup_url_kwarg] # If Contributor is in self.request.parents, # then this view is getting called due to an embedded request (contributor embedding user) # We prefer to access the user from the contributor object and take advantage # of the query cache if hasattr(self.request, 'parents') and len( self.request.parents.get(Contributor, {})) == 1: # We expect one parent contributor view, so index into the first item contrib_id, contrib = list( self.request.parents[Contributor].items())[0] user = contrib.user if user.is_disabled: raise UserGone(user=user) # Make sure that the contributor ID is correct if user._id == key: if check_permissions: self.check_object_permissions(self.request, user) return get_object_or_error( OSFUser.objects.filter(id=user.id). annotate(default_region=F( 'addons_osfstorage_user_settings__default_region___id') ).exclude(default_region=None), request=self.request, display_name='user', ) if self.kwargs.get('is_embedded') is True: if key in self.request.parents[OSFUser]: return self.request.parents[OSFUser].get(key) current_user = self.request.user if isinstance(current_user, AnonymousUser): if key == 'me': raise NotAuthenticated elif key == 'me' or key == current_user._id: return get_object_or_error( OSFUser.objects.filter(id=current_user.id).annotate( default_region=F( 'addons_osfstorage_user_settings__default_region___id') ).exclude(default_region=None), request=self.request, display_name='user', ) obj = get_object_or_error(OSFUser, key, self.request, 'user') if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_file(self, check_permissions=True): try: obj = get_object_or_error(FileNode, self.kwargs[self.file_lookup_url_kwarg]) except (NotFound, Gone): obj = get_object_or_error(Guid, self.kwargs[self.file_lookup_url_kwarg]).referent if not isinstance(obj, StoredFileNode): raise NotFound obj = obj.wrapped() if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj.wrapped()
def get_file(self, check_permissions=True): try: obj = utils.get_object_or_error(BaseFileNode, self.kwargs[self.file_lookup_url_kwarg], self.request, display_name='file') except NotFound: obj = utils.get_object_or_error(Guid, self.kwargs[self.file_lookup_url_kwarg], self.request).referent if obj.is_deleted: raise Gone(detail='The requested file is no longer available.') if not isinstance(obj, BaseFileNode): raise NotFound if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_app(self): app = get_object_or_error( ApiOAuth2Application, Q(client_id=self.kwargs['client_id'], is_active=True), self.request) self.check_object_permissions(self.request, app) return app
def get_user(self, check_permissions=True): key = self.kwargs[self.user_lookup_url_kwarg] # If Contributor is in self.request.parents, # then this view is getting called due to an embedded request (contributor embedding user) # We prefer to access the user from the contributor object and take advantage # of the query cache if hasattr(self.request, 'parents') and len(self.request.parents.get(Contributor, {})) == 1: # We expect one parent contributor view, so index into the first item contrib_id, contrib = self.request.parents[Contributor].items()[0] user = contrib.user if user.is_disabled: raise UserGone(user=user) # Make sure that the contributor ID is correct if user._id == key: if check_permissions: self.check_object_permissions(self.request, user) return user if self.kwargs.get('is_embedded') is True: if key in self.request.parents[OSFUser]: return self.request.parents[key] current_user = self.request.user if key == 'me': if isinstance(current_user, AnonymousUser): raise NotAuthenticated else: return self.request.user obj = get_object_or_error(OSFUser, key, self.request, 'user') if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_object(self): license = get_object_or_error(NodeLicense, self.kwargs[self.lookup_url_kwarg], self.request, display_name='license') self.check_object_permissions(self.request, license) return license
def get_file_object(node, path, provider, request): if provider == 'osfstorage': # Kinda like /me for a user # The one odd case where path is not really path if path == '/': obj = node.get_addon('osfstorage').get_root() else: obj = get_object_or_error( OsfStorageFileNode, Q('node', 'eq', node._id) & Q('_id', 'eq', path.strip('/')) & Q('is_file', 'eq', not path.endswith('/')) ) return obj url = waterbutler_api_url_for(node._id, provider, path, meta=True) waterbutler_request = requests.get( url, cookies=request.COOKIES, headers={'Authorization': request.META.get('HTTP_AUTHORIZATION')}, ) if waterbutler_request.status_code == 401: raise PermissionDenied if waterbutler_request.status_code == 404: raise NotFound if is_server_error(waterbutler_request.status_code): raise ServiceUnavailableError(detail='Could not retrieve files information at this time.') try: return waterbutler_request.json()['data'] except KeyError: raise ServiceUnavailableError(detail='Could not retrieve files information at this time.')
def get_queryset(self): provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], display_name='PreprintProvider') return provider.licenses_acceptable.get_queryset( ) if provider.licenses_acceptable.count() else super( PreprintProviderLicenseList, self).get_queryset()
def get_queryset(self): provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], display_name='PreprintProvider') return Subject.objects.filter( id__in=[s.id for s in provider.highlighted_subjects]).order_by('text')
def get_object(self): try: obj = get_object_or_error(ApiOAuth2PersonalToken, Q(_id=self.kwargs['_id'], is_active=True), self.request) except ApiOAuth2PersonalToken.DoesNotExist: raise NotFound self.check_object_permissions(self.request, obj) return obj
def get_queryset(self): parent = self.request.query_params.get( 'filter[parents]', None) or self.request.query_params.get( 'filter[parent]', None) provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], self.request, display_name='PreprintProvider') if parent: if parent == 'null': return provider.top_level_subjects if provider.subjects.exists(): return optimize_subject_query( provider.subjects.filter(parent___id=parent)) else: # TODO: Delet this when all PreprintProviders have a mapping # Calculate this here to only have to do it once. allowed_parents = [ id_ for sublist in provider.subjects_acceptable for id_ in sublist[0] ] allows_children = [ subs[0][-1] for subs in provider.subjects_acceptable if subs[1] ] return [ sub for sub in optimize_subject_query( Subject.objects.filter(parent___id=parent)) if provider.subjects_acceptable == [] or self.is_valid_subject(allows_children=allows_children, allowed_parents=allowed_parents, sub=sub) ] return optimize_subject_query(provider.all_subjects)
def get_object(self): log = get_object_or_error(NodeLog, self.kwargs['log_id'], display_name='log') # May raise a permission denied self.check_object_permissions(self.request, log) return log
def get_default_queryset(self): """ Returns provider.acceptable_licenses if they exist, otherwise returns all licenses. The provider's default_license is also included in the queryset if one exists. """ provider = get_object_or_error( self.provider_class, self.kwargs['provider_id'], self.request, display_name=self.provider_class.__name__, ) if provider.licenses_acceptable.count(): licenses = provider.licenses_acceptable.get_queryset() else: licenses = NodeLicense.objects.all() if provider.default_license: licenses |= NodeLicense.objects.filter( id=provider.default_license.id) # Since default_license could also be in acceptable_licenses, filtering # this way to avoid duplicates without .distinct() usage return NodeLicense.objects.filter( Q(id__in=licenses.values_list('id', flat=True)), )
def get_object(self): return utils.get_object_or_error( self.get_file().records.filter( _id=self.kwargs[self.record_lookup_url_kwarg]).select_related( 'schema', 'file'), request=self.request, )
def get_object(self): return get_object_or_error( Guid, self.kwargs['guids'], self.request, display_name='guid' )
def get_object(self): return get_object_or_error( Guid, self.kwargs['guids'], self.request, display_name='guid', )
def get_node(self): obj = get_object_or_error(Node, self.kwargs[self.node_lookup_url_kwarg], 'node') # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_object(self): provider = get_object_or_error(self.model_class, self.kwargs['provider_id'], self.request, display_name=self.model_class.__name__) self.check_object_permissions(self.request, provider) return provider
def get_object(self): node_link_lookup_url_kwarg = 'node_link_id' node_link = get_object_or_error( Pointer, self.kwargs[node_link_lookup_url_kwarg], 'node link') # May raise a permission denied self.check_object_permissions(self.request, node_link) return node_link
def get_object(self): obj = get_object_or_error( ApiOAuth2PersonalToken, Q('_id', 'eq', self.kwargs['_id']) & Q('is_active', 'eq', True)) self.check_object_permissions(self.request, obj) return obj
def create(self, validated_data): auth = Auth(self.context['request'].user) node = self.context['view'].get_node() contributor = get_object_or_error(User, validated_data['_id'], display_name='user') # Node object checks for contributor existence but can still change permissions anyway if contributor in node.contributors: raise exceptions.ValidationError( '{} is already a contributor'.format(contributor.fullname)) bibliographic = validated_data['bibliographic'] permissions = osf_permissions.expand_permissions( validated_data.get('permission') ) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS node.add_contributor(contributor=contributor, auth=auth, visible=bibliographic, permissions=permissions, save=True) contributor.permission = osf_permissions.reduce_permissions( node.get_permissions(contributor)) contributor.bibliographic = node.get_visible(contributor) contributor.node_id = node._id return contributor
def get_app(self): app = get_object_or_error(ApiOAuth2Application, Q('client_id', 'eq', self.kwargs['client_id']) & Q('is_active', 'eq', True)) self.check_object_permissions(self.request, app) return app
def get_institution(self): inst = get_object_or_error( Institution, self.kwargs[self.institution_lookup_url_kwarg], display_name='institution' ) return inst
def get_object(self): obj = get_object_or_error( ApiOAuth2Application, Q("client_id", "eq", self.kwargs["client_id"]) & Q("is_active", "eq", True) ) self.check_object_permissions(self.request, obj) return obj
def get_default_queryset(self): auth = get_user_auth(self.request) auth_user = getattr(auth, 'user', None) provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], self.request, display_name='PreprintProvider') # Permissions on the list objects are handled by the query return self.preprints_queryset(provider.preprint_services.all(), auth_user)
def get_user(self, check_permissions=True): key = self.kwargs[self.user_lookup_url_kwarg] # If Contributor is in self.request.parents, # then this view is getting called due to an embedded request (contributor embedding user) # We prefer to access the user from the contributor object and take advantage # of the query cache if hasattr(self.request, 'parents') and len(self.request.parents.get(Contributor, {})) == 1: # We expect one parent contributor view, so index into the first item contrib_id, contrib = self.request.parents[Contributor].items()[0] user = contrib.user if user.is_disabled: raise UserGone(user=user) # Make sure that the contributor ID is correct if user._id == key: if check_permissions: self.check_object_permissions(self.request, user) return user if self.kwargs.get('is_embedded') is True: if key in self.request.parents[User]: return self.request.parents[key] current_user = self.request.user if key == 'me': if isinstance(current_user, AnonymousUser): raise NotAuthenticated else: return self.request.user obj = get_object_or_error(User, key, 'user') if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_file(self, check_permissions=True): obj = get_object_or_error(FileNode, self.kwargs[self.file_lookup_url_kwarg]) if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj.wrapped()
def get_institution(self): inst = get_object_or_error( Institution, self.kwargs[self.institution_lookup_url_kwarg], self.request, display_name='institution') return inst
def get_object(self): node_link_lookup_url_kwarg = "node_link_id" node_link = get_object_or_error(Pointer, self.kwargs[node_link_lookup_url_kwarg], "node link") # May raise a permission denied self.kwargs["node_id"] = self.kwargs["collection_id"] self.check_object_permissions(self.request, node_link) return node_link
def get_object(self): obj = get_object_or_error(ApiOAuth2Application, Q('client_id', 'eq', self.kwargs['client_id']) & Q('is_active', 'eq', True)) self.check_object_permissions(self.request, obj) return obj
def get_object(self): obj = get_object_or_error(ApiOAuth2PersonalToken, Q('_id', 'eq', self.kwargs['_id']) & Q('is_active', 'eq', True)) self.check_object_permissions(self.request, obj) return obj
def get_object(self): provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], self.request, display_name='PreprintProvider') self.check_object_permissions(self.request, provider) return provider
def get_object(self): return get_object_or_error( model_or_qs=SchemaResponse, query_or_pk=self.kwargs['schema_response_id'], request=self.request, check_deleted=False, )
def create(self, validated_data): node = validated_data.pop('node') initiator = validated_data.pop('initiator') metadata = validated_data.pop('registration_metadata', None) schema_id = validated_data.pop('registration_schema').get('_id') schema = get_object_or_error(MetaSchema, schema_id) if schema.schema_version != LATEST_SCHEMA_VERSION or schema.name not in ACTIVE_META_SCHEMAS: raise exceptions.ValidationError( 'Registration supplement must be an active schema.') draft = DraftRegistration.create_from_node(node=node, user=initiator, schema=schema) reviewer = is_prereg_admin_not_project_admin(self.context['request'], draft) if metadata: try: # Required fields are only required when creating the actual registration, not updating the draft. draft.validate_metadata(metadata=metadata, reviewer=reviewer, required_fields=False) except ValidationValueError as e: raise exceptions.ValidationError(e.message) draft.update_metadata(metadata) draft.save() return draft
def get_object(self): license = get_object_or_error( NodeLicense, self.kwargs[self.lookup_url_kwarg], display_name='license' ) self.check_object_permissions(self.request, license) return license
def get_default_queryset(self): provider = get_object_or_error(RegistrationProvider, self.kwargs['provider_id'], self.request, display_name='RegistrationProvider') if provider and provider.primary_collection: return provider.primary_collection.collectionsubmission_set.all() return CollectionSubmission.objects.none()
def get_queryset(self): parent = self.request.query_params.get('filter[parents]', None) or self.request.query_params.get('filter[parent]', None) provider = get_object_or_error(self._model_class, self.kwargs['provider_id'], self.request, display_name=self._model_class.__name__) if parent: if parent == 'null': return provider.top_level_subjects return optimize_subject_query(provider.all_subjects.filter(parent___id=parent)) return optimize_subject_query(provider.all_subjects)
def get_object(self): self.file = self.get_file() maybe_version = self.file.get_version(self.kwargs[self.version_lookup_url_kwarg]) # May raise a permission denied # Kinda hacky but versions have no reference to node or file self.check_object_permissions(self.request, file) return utils.get_object_or_error(FileVersion, getattr(maybe_version, '_id', ''), self.request)
def get_institution(self): inst = get_object_or_error( Node, Q('institution_id', 'eq', self.kwargs[self.institution_lookup_url_kwarg]), display_name='institution', allow_institution=True ) return Institution(inst)
def get_object(self): file = self.get_file() maybe_version = file.get_version(self.kwargs[self.version_lookup_url_kwarg]) # May raise a permission denied # Kinda hacky but versions have no reference to node or file self.check_object_permissions(self.request, file) return get_object_or_error(FileVersion, getattr(maybe_version, '_id', ''))
def get_object(self): try: return get_object_or_error( ScheduledBanner, Q(start_date__lte=timezone.now(), end_date__gte=timezone.now()), self.request) except NotFound: return ScheduledBanner()
def get_user(self, check_permissions=True): key = self.kwargs[self.user_lookup_url_kwarg] # If Contributor is in self.request.parents, # then this view is getting called due to an embedded request (contributor embedding user) # We prefer to access the user from the contributor object and take advantage # of the query cache if hasattr(self.request, 'parents') and len(self.request.parents.get(Contributor, {})) == 1: # We expect one parent contributor view, so index into the first item contrib_id, contrib = self.request.parents[Contributor].items()[0] user = contrib.user if user.is_disabled: raise UserGone(user=user) # Make sure that the contributor ID is correct if user._id == key: if check_permissions: self.check_object_permissions(self.request, user) return get_object_or_error( OSFUser.objects.filter(id=user.id).annotate(default_region=F('addons_osfstorage_user_settings__default_region___id')).exclude(default_region=None), request=self.request, display_name='user', ) if self.kwargs.get('is_embedded') is True: if key in self.request.parents[OSFUser]: return self.request.parents[OSFUser].get(key) current_user = self.request.user if isinstance(current_user, AnonymousUser): if key == 'me': raise NotAuthenticated elif key == 'me' or key == current_user._id: return get_object_or_error( OSFUser.objects.filter(id=current_user.id).annotate(default_region=F('addons_osfstorage_user_settings__default_region___id')).exclude(default_region=None), request=self.request, display_name='user', ) obj = get_object_or_error(OSFUser, key, self.request, 'user') if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_file(self, check_permissions=True): try: obj = utils.get_object_or_error(BaseFileNode, self.kwargs[self.file_lookup_url_kwarg], self.request, display_name='file') except NotFound: obj = utils.get_object_or_error(Guid, self.kwargs[self.file_lookup_url_kwarg], self.request).referent if obj.is_deleted: raise Gone(detail='The requested file is no longer available.') if not isinstance(obj, BaseFileNode): raise NotFound if getattr(obj.target, 'is_quickfiles', False) and getattr(obj.target, 'creator'): if obj.target.creator.is_disabled: raise Gone(detail='This user has been deactivated and their quickfiles are no longer available.') if check_permissions: # May raise a permission denied self.check_object_permissions(self.request, obj) return obj
def get_queryset(self): provider = get_object_or_error(self._model_class, self.kwargs['provider_id'], self.request, display_name=self._model_class.__name__) if not provider.licenses_acceptable.count(): if not provider.default_license: return super(GenericProviderLicenseList, self).get_queryset() return [provider.default_license] + [license for license in super(GenericProviderLicenseList, self).get_queryset() if license != provider.default_license] if not provider.default_license: return provider.licenses_acceptable.get_queryset() return [provider.default_license] + [license for license in provider.licenses_acceptable.all() if license != provider.default_license]
def get_queryset(self): provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], self.request, display_name='PreprintProvider') if not provider.licenses_acceptable.count(): if not provider.default_license: return super(PreprintProviderLicenseList, self).get_queryset() return [provider.default_license] + [license for license in super(PreprintProviderLicenseList, self).get_queryset() if license != provider.default_license] if not provider.default_license: return provider.licenses_acceptable.get_queryset() return [provider.default_license] + [license for license in provider.licenses_acceptable.all() if license != provider.default_license]
def get_object(self): log = get_object_or_error( NodeLog, self.kwargs['log_id'], display_name='log' ) # May raise a permission denied self.check_object_permissions(self.request, log) return log
def get_target(self, target_id): target = get_object_or_error( AbstractNode, target_id, self.request, display_name='target' ) if getattr(target, 'is_registration', False) and not getattr(target, 'archiving', False): raise ValidationError('Registrations cannot be changed.') return target
def get_object(self): node_link_lookup_url_kwarg = 'node_link_id' node_link = get_object_or_error( Pointer, self.kwargs[node_link_lookup_url_kwarg], 'node link' ) # May raise a permission denied self.check_object_permissions(self.request, node_link) return node_link
def get_object(self): provider = self.get_provider() user = get_object_or_error(OSFUser, self.kwargs['moderator_id'], self.request, display_name='OSFUser') try: perm_group = user.groups.filter(name__contains=PreprintProvider.group_format.format(self=provider, group='')).order_by('name').first().name.split('_')[-1] except AttributeError: # Group doesn't exist -- users not moderator raise NotFound setattr(user, 'permission_group', perm_group) return user
def get_node(self, node_id): node = get_object_or_error( AbstractNode, node_id, self.request, display_name='node' ) if node.is_registration and not node.archiving: raise ValidationError('Registrations cannot be changed.') return node
def get_node(self): node = get_object_or_error( Node, self.kwargs[self.node_lookup_url_kwarg], display_name='preprint' ) if not node.is_preprint and self.request.method != 'POST': raise NotFound return node
def get_object(self): cgm = get_object_or_error( CollectionSubmission, self.kwargs['cgm_id'], self.request, 'submission', ) # May raise a permission denied self.check_object_permissions(self.request, cgm) return cgm
def get_node(self, check_object_permissions=True): node = get_object_or_error(Node, self.kwargs[self.node_lookup_url_kwarg], display_name="collection") # Nodes that are folders/collections are treated as a separate resource, so if the client # requests a non-collection through a collection endpoint, we return a 404 if not node.is_collection: raise NotFound # May raise a permission denied if check_object_permissions: self.check_object_permissions(self.request, node) return node
def get_collection(self, check_object_permissions=True): collection = get_object_or_error( Collection, self.kwargs[self.obj_lookup_url_kwarg], self.request, display_name='collection', ) # May raise a permission denied if check_object_permissions: self.check_object_permissions(self.request, collection) return collection