def get_default_queryset(self):
provider = self.get_provider()
group_helper = GroupHelper(provider)
admin_group = group_helper.get_group('admin')
mod_group = group_helper.get_group('moderator')
return (admin_group.user_set.all() | mod_group.user_set.all()).annotate(permission_group=Case(
When(groups=admin_group, then=Value('admin')),
default=Value('moderator'),
output_field=CharField()
)).order_by('fullname')
def populate_provider_notification_subscriptions(apps, schema_editor):
NotificationSubscription = apps.get_model('osf', 'NotificationSubscription')
PreprintProvider = apps.get_model('osf', 'PreprintProvider')
for provider in PreprintProvider.objects.all():
helper = GroupHelper(provider)
try:
provider_admins = helper.get_group('admin').user_set.all()
provider_moderators = helper.get_group('moderator').user_set.all()
except Group.DoesNotExist:
logger.warn('Unable to find groups for provider "{}", assuming there are no subscriptions to create.'.format(provider._id))
continue
instance, created = NotificationSubscription.objects.get_or_create(_id='{provider_id}_new_pending_submissions'.format(provider_id=provider._id),
event_name='new_pending_submissions',
provider=provider)
for user in provider_admins | provider_moderators:
# add user to subscription list but set their notification to none by default
instance.add_user_to_subscription(user, 'email_transactional', save=True)
def resolve_guid(guid, suffix=None):
"""Load GUID by primary key, look up the corresponding view function in the
routing table, and return the return value of the view function without
changing the URL.
:param str guid: GUID primary key
:param str suffix: Remainder of URL after the GUID
:return: Return value of proxied view function
"""
try:
# Look up
guid_object = Guid.load(guid)
except KeyError as e:
if e.message == 'osfstorageguidfile': # Used when an old detached OsfStorageGuidFile object is accessed
raise HTTPError(http.NOT_FOUND)
else:
raise e
if guid_object:
# verify that the object implements a GuidStoredObject-like interface. If a model
# was once GuidStoredObject-like but that relationship has changed, it's
# possible to have referents that are instances of classes that don't
# have a deep_url attribute or otherwise don't behave as
# expected.
if not hasattr(guid_object.referent, 'deep_url'):
sentry.log_message('Guid resolved to an object with no deep_url',
dict(guid=guid))
raise HTTPError(http.NOT_FOUND)
referent = guid_object.referent
if referent is None:
logger.error('Referent of GUID {0} not found'.format(guid))
raise HTTPError(http.NOT_FOUND)
if not referent.deep_url:
raise HTTPError(http.NOT_FOUND)
# Handle file `/download` shortcut with supported types.
if suffix and suffix.rstrip('/').lower() == 'download':
file_referent = None
if isinstance(referent, PreprintService) and referent.primary_file:
if not referent.is_published:
# TODO: Ideally, permissions wouldn't be checked here.
# This is necessary to prevent a logical inconsistency with
# the routing scheme - if a preprint is not published, only
# admins and moderators should be able to know it exists.
auth = Auth.from_kwargs(request.args.to_dict(), {})
group_helper = GroupHelper(referent.provider)
admin_group = group_helper.get_group('admin')
mod_group = group_helper.get_group('moderator')
# Check if user isn't a nonetype or that the user has admin/moderator permissions
if auth.user is None or not (
referent.node.has_permission(
auth.user, permissions.ADMIN) or
(mod_group.user_set.all() | admin_group.user_set.all()
).filter(id=auth.user.id).exists()):
raise HTTPError(http.NOT_FOUND)
file_referent = referent.primary_file
elif isinstance(referent, BaseFileNode) and referent.is_file:
file_referent = referent
if file_referent:
# Extend `request.args` adding `action=download`.
request.args = request.args.copy()
request.args.update({'action': 'download'})
# Do not include the `download` suffix in the url rebuild.
url = _build_guid_url(urllib.unquote(file_referent.deep_url))
return proxy_url(url)
# Handle Ember Applications
if isinstance(referent, PreprintService):
if referent.provider.domain_redirect_enabled:
# This route should always be intercepted by nginx for the branded domain,
# w/ the exception of `<guid>/download` handled above.
return redirect(referent.absolute_url, http.MOVED_PERMANENTLY)
if PROXY_EMBER_APPS:
resp = requests.get(EXTERNAL_EMBER_APPS['preprints']['server'],
stream=True,
timeout=EXTERNAL_EMBER_SERVER_TIMEOUT)
return Response(stream_with_context(resp.iter_content()),
resp.status_code)
return send_from_directory(preprints_dir, 'index.html')
if isinstance(referent, BaseFileNode
) and referent.is_file and referent.node.is_quickfiles:
if referent.is_deleted:
raise HTTPError(http.GONE)
if PROXY_EMBER_APPS:
resp = requests.get(
EXTERNAL_EMBER_APPS['ember_osf_web']['server'],
stream=True,
timeout=EXTERNAL_EMBER_SERVER_TIMEOUT)
return Response(stream_with_context(resp.iter_content()),
resp.status_code)
return send_from_directory(ember_osf_web_dir, 'index.html')
if isinstance(referent,
Node) and not referent.is_registration and suffix:
page = suffix.strip('/').split('/')[0]
if waffle.flag_is_active(request,
'ember_project_{}_page'.format(page)):
use_ember_app()
url = _build_guid_url(urllib.unquote(referent.deep_url), suffix)
return proxy_url(url)
# GUID not found; try lower-cased and redirect if exists
guid_object_lower = Guid.load(guid.lower())
if guid_object_lower:
return redirect(_build_guid_url(guid.lower(), suffix))
# GUID not found
raise HTTPError(http.NOT_FOUND)
def resolve_guid(guid, suffix=None):
"""Load GUID by primary key, look up the corresponding view function in the
routing table, and return the return value of the view function without
changing the URL.
:param str guid: GUID primary key
:param str suffix: Remainder of URL after the GUID
:return: Return value of proxied view function
"""
try:
# Look up
guid_object = Guid.load(guid)
except KeyError as e:
if e.message == 'osfstorageguidfile': # Used when an old detached OsfStorageGuidFile object is accessed
raise HTTPError(http.NOT_FOUND)
else:
raise e
if guid_object:
# verify that the object implements a GuidStoredObject-like interface. If a model
# was once GuidStoredObject-like but that relationship has changed, it's
# possible to have referents that are instances of classes that don't
# have a deep_url attribute or otherwise don't behave as
# expected.
if not hasattr(guid_object.referent, 'deep_url'):
sentry.log_message(
'Guid resolved to an object with no deep_url', dict(guid=guid)
)
raise HTTPError(http.NOT_FOUND)
referent = guid_object.referent
if referent is None:
logger.error('Referent of GUID {0} not found'.format(guid))
raise HTTPError(http.NOT_FOUND)
if not referent.deep_url:
raise HTTPError(http.NOT_FOUND)
# Handle file `/download` shortcut with supported types.
if suffix and suffix.rstrip('/').lower() == 'download':
file_referent = None
if isinstance(referent, PreprintService) and referent.primary_file:
if not referent.is_published:
# TODO: Ideally, permissions wouldn't be checked here.
# This is necessary to prevent a logical inconsistency with
# the routing scheme - if a preprint is not published, only
# admins and moderators should be able to know it exists.
auth = Auth.from_kwargs(request.args.to_dict(), {})
group_helper = GroupHelper(referent.provider)
admin_group = group_helper.get_group('admin')
mod_group = group_helper.get_group('moderator')
# Check if user isn't a nonetype or that the user has admin/moderator permissions
if auth.user is None or not (referent.node.has_permission(auth.user, permissions.ADMIN) or (mod_group.user_set.all() | admin_group.user_set.all()).filter(id=auth.user.id).exists()):
raise HTTPError(http.NOT_FOUND)
file_referent = referent.primary_file
elif isinstance(referent, BaseFileNode) and referent.is_file:
file_referent = referent
if file_referent:
# Extend `request.args` adding `action=download`.
request.args = request.args.copy()
request.args.update({'action': 'download'})
# Do not include the `download` suffix in the url rebuild.
url = _build_guid_url(urllib.unquote(file_referent.deep_url))
return proxy_url(url)
# Handle Ember Applications
if isinstance(referent, PreprintService):
if referent.provider.domain_redirect_enabled:
# This route should always be intercepted by nginx for the branded domain,
# w/ the exception of `<guid>/download` handled above.
return redirect(referent.absolute_url, http.MOVED_PERMANENTLY)
if PROXY_EMBER_APPS:
resp = requests.get(EXTERNAL_EMBER_APPS['preprints']['server'], stream=True, timeout=EXTERNAL_EMBER_SERVER_TIMEOUT)
return Response(stream_with_context(resp.iter_content()), resp.status_code)
return send_from_directory(preprints_dir, 'index.html')
if isinstance(referent, BaseFileNode) and referent.is_file and referent.node.is_quickfiles:
if referent.is_deleted:
raise HTTPError(http.GONE)
if PROXY_EMBER_APPS:
resp = requests.get(EXTERNAL_EMBER_APPS['ember_osf_web']['server'], stream=True, timeout=EXTERNAL_EMBER_SERVER_TIMEOUT)
return Response(stream_with_context(resp.iter_content()), resp.status_code)
return send_from_directory(ember_osf_web_dir, 'index.html')
url = _build_guid_url(urllib.unquote(referent.deep_url), suffix)
return proxy_url(url)
# GUID not found; try lower-cased and redirect if exists
guid_object_lower = Guid.load(guid.lower())
if guid_object_lower:
return redirect(
_build_guid_url(guid.lower(), suffix)
)
# GUID not found
raise HTTPError(http.NOT_FOUND)