def upload(self, id):
"""
Upload of an unpublished file, accepts a POST request with a file and
then renders the result of the import to the user.
"""
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author,
'for_view': True
}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Organization not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to upload inventory' % (c.user))
def edit(self, id):
"""
The edit homepage to allow department admins to download and
upload their inventories
"""
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author,
'for_view': True
}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Organisation not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(
401, 'User %r not authorized to view internal unpublished' %
(c.user))
def download(self, id):
"""
Downloads all of the current datasets for a given publisher as a read-only
CSV file.
"""
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author,
'for_view': True,
'group': id
}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Organization not found')
except NotAuthorized:
abort(401, 'Unauthorized to read Organization %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(401,
'User %r not authorized to download unpublished ' % (c.user))
def index(self):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
data_dict = {'all_fields': True}
try:
check_access('site_read', context)
except NotAuthorized:
abort(401, _('Not authorized to see this page'))
# TODO: Fix this up, we only really need to do this when we are
# showing the hierarchy (and then we should load on demand really).
c.all_groups = model.Session.query(model.Group).\
filter(model.Group.type == 'publisher').\
filter(model.Group.state == 'active').\
order_by('title')
c.page = AlphaPage(
controller_name="ckanext.dgu.controllers.publisher:PublisherController",
collection=c.all_groups,
page=request.params.get('page', 'A'),
alpha_attribute='title',
other_text=_('Other'),
)
return render('publisher/index.html')
def edit_item(self, id, data=None, errors=None, error_summary=None):
"""
Allows for the editing of a single item
"""
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'extras_as_string': True,
'save': 'save' in request.params}
if context['save'] and not data:
return self._save_edit(id, context)
try:
c.pkg_dict = get_action('package_show')(context, {'id': id})
context['for_edit'] = True
old_data = get_action('package_show')(context, {'id': id})
# old data is from the database and data is passed from the
# user if there is a validation error. Use users data if there.
data = data or old_data
except NotAuthorized:
abort(401, _('Unauthorized to read package %s') % '')
except ObjectNotFound:
abort(404, _('Dataset not found'))
c.pkg = context.get("package")
try:
check_access('package_update',context)
except NotAuthorized, e:
abort(401, _('User %r not authorized to edit %s') % (c.user, id))
def _add_or_reply(self, dataset_name):
"""
Allows the user to add a comment to an existing dataset
"""
context = {'model': model, 'user': c.user}
# Auth check to make sure the user can see this package
ctx = context
ctx['id'] = dataset_name
check_access('package_show', ctx)
try:
c.pkg_dict = get_action('package_show')(context, {
'id': dataset_name
})
c.pkg = context['package']
except:
abort(403)
errors = {}
if request.method == 'POST':
data_dict = clean_dict(
unflatten(tuplize_dict(parse_params(request.POST))))
data_dict['parent_id'] = c.parent.id if c.parent else None
data_dict['url'] = '/dataset/%s' % c.pkg.name
success = False
try:
res = get_action('comment_create')(context, data_dict)
success = True
except ValidationError, ve:
errors = ve.error_dict
except Exception, e:
abort(403)
def moderation(self):
context = {'model': model, 'user': c.user}
check_access('moderation_queue_show', context)
try:
res = get_action('moderation_queue_show')(context, {})
except Exception, e:
abort(403)
def report(self):
"""
Generates a simple report of open/closed counts both as totals
and per-category
"""
from ckanext.redmine.client import RedmineClient
import ckan.model as model
# Ensure only sysadmins can view this report for now.
try:
context = {'model':model,'user': c.user}
check_access('issue_list',context)
except NotAuthorized, e:
h.redirect_to('/')
def new(self, data=None, errors=None, error_summary=None):
c.body_class = "group new"
c.is_sysadmin = Authorizer().is_sysadmin(c.user)
self._add_publisher_list()
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
try:
check_access('group_create', context)
c.is_superuser_or_groupadmin = True
except NotAuthorized:
c.is_superuser_or_groupadmin = False
return super(PublisherController, self).new(data, errors, error_summary)
def report(self):
"""
Generates a simple report of open/closed counts both as totals
and per-category
"""
from ckanext.redmine.client import RedmineClient
import ckan.model as model
# Ensure only sysadmins can view this report for now.
try:
context = {'model': model, 'user': c.user}
check_access('issue_list', context)
except NotAuthorized, e:
h.redirect_to('/')
def edit(self, id):
"""
Allows editing of commitments for a specific publisher
"""
from ckanext.dgu.model.commitment import Commitment
context = {'model': model, 'session': model.Session,
'user': c.user, 'extras_as_string': True,
'save': 'save' in request.params}
try:
check_access('organization_update', {'id': id})
except Exception, e:
abort(401, "Not authorised")
def report_groups_without_admins(self):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
try:
check_access('group_create', context)
except NotAuthorized:
abort(401, _('Not authorized to see this page'))
g_query = """SELECT g.* FROM public.group g WHERE id NOT IN
(SELECT group_id FROM public.member WHERE capacity='admin')
ORDER BY g.name;"""
c.non_admin = model.Session.query(model.Group).from_statement(g_query).all()
c.non_admin_count = len(c.non_admin)
return render('publisher/report_groups_without_admins.html')
def report_users_not_assigned_to_groups(self):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
try:
check_access('group_create', context)
except NotAuthorized:
abort(401, _('Not authorized to see this page'))
query = """SELECT * FROM public.user WHERE id NOT IN
(SELECT table_id FROM public.member WHERE table_name='user')
ORDER BY created desc;"""
c.unassigned_users = model.Session.query(model.User).from_statement(query).all()
c.unassigned_users_count = len(c.unassigned_users)
return render('publisher/report_users_not_assigned_to_groups.html')
def moderation(self):
"""
The moderation queue will show all items that are currently:
- Requiring moderation
- Not already moderated
We should implement paging here.
"""
from ckanext.dgu.model.feedback import Feedback
try:
context = {'model':model,'user': c.user}
check_access('feedback_update',context)
except NotAuthorized, e:
abort(403)
def moderation(self):
"""
The moderation queue will show all items that are currently:
- Requiring moderation
- Not already moderated
We should implement paging here.
"""
from ckanext.dgu.model.feedback import Feedback
try:
context = {'model': model, 'user': c.user}
check_access('feedback_update', context)
except NotAuthorized, e:
abort(403)
def add(self, id):
"""
Adds new feedback from a user, first checking that the user is
a. Logged in (in which case they are redirected)
b. Not blocked
"""
from ckanext.dgu.model.feedback import Feedback, FeedbackBlockedUser
self._get_package(id)
# Redirect to login if not logged in
try:
context = {'model':model,'user': c.user}
check_access('feedback_create',context)
except NotAuthorized, e:
h.redirect_to('/user?destination={0}'.format(request.path[1:]))
def add(self, id):
"""
Adds new feedback from a user, first checking that the user is
a. Logged in (in which case they are redirected)
b. Not blocked
"""
from ckanext.dgu.model.feedback import Feedback, FeedbackBlockedUser
self._get_package(id)
# Redirect to login if not logged in
try:
context = {'model': model, 'user': c.user}
check_access('feedback_create', context)
except NotAuthorized, e:
h.redirect_to('/user?destination={0}'.format(request.path[1:]))
def users(self, id, data=None, errors=None, error_summary=None):
c.group = model.Group.get(id)
if not c.group:
abort(404, _('Group not found'))
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author,
'group': c.group }
try:
check_access('group_update',context)
except NotAuthorized, e:
abort(401, _('User %r not authorized to edit %s') % (c.user, id))
def moderate(self, id):
"""
Accepts a feedback ID and in the get it accepts one or more of ...
delete, publish, delete_and_ban within the action param
"""
import ckan.model as model
from ckanext.dgu.model.feedback import Feedback, FeedbackBlockedUser
def status(success, msg=''):
return json.dumps({'success': success, 'message': msg})
# Only system administrators may access this page.
try:
context = {'model': model, 'user': c.user}
check_access('feedback_update', context)
except NotAuthorized, e:
return status('error', 'Permission denied')
def upload_complete(self, id):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'for_view': True}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Group not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to upload unpublished' % (c.user))
def moderate(self, id):
"""
Accepts a feedback ID and in the get it accepts one or more of ...
delete, publish, delete_and_ban within the action param
"""
import ckan.model as model
from ckanext.dgu.model.feedback import Feedback, FeedbackBlockedUser
def status(success, msg=''):
return json.dumps({'success': success, 'message': msg})
# Only system administrators may access this page.
try:
context = {'model':model,'user': c.user}
check_access('feedback_update',context)
except NotAuthorized, e:
return status('error', 'Permission denied')
def upload_status(self, id, upload_id):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'for_view': True}
try:
c.group_dict = get_action('group_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
self._redirect_if_previous_name(id)
abort(404, 'Group not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('group_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to view internal inventory' % (c.user))
def upload_status(self, id, upload_id):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'for_view': True}
try:
c.group_dict = get_action('group_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
self._redirect_if_previous_name(id)
abort(404, 'Group not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('group_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to view internal inventory' % (c.user))
def edit(self, id):
"""
Allows editing of commitments for a specific publisher
"""
from ckanext.dgu.model.commitment import Commitment
context = {
'model': model,
'session': model.Session,
'user': c.user,
'extras_as_string': True,
'save': 'save' in request.params
}
try:
check_access('organization_update', {'id': id})
except Exception, e:
abort(401, "Not authorised")
def report_users(self):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
try:
check_access('group_create', context)
except NotAuthorized:
abort(401, _('Not authorized to see this page'))
q = model.Session.query(model.User).order_by(model.User.created.desc())
c.count = q.count()
c.page = h.Page(
collection=q,
page=int(request.params.get('page', 1)),
url=h.pager_url,
items_per_page=report_limit,
)
return render('publisher/report_users.html')
def setup_template_variables(self, context, data_dict):
"""
Add variables to c just prior to the template being rendered. We should
use the available groups for the current user, but should be optional
in case this is a top level group
"""
c.is_sysadmin = Authorizer().is_sysadmin(c.user)
c.body_class = "group edit"
c.schema_fields = [
'contact-name',
'contact-email',
'contact-phone',
'foi-name',
'foi-email',
'foi-phone',
'category',
]
if 'group' in context:
group = context['group']
try:
check_access('group_update', context)
c.is_superuser_or_groupadmin = True
except NotAuthorized:
c.is_superuser_or_groupadmin = False
c.possible_parents = model.Session.query(model.Group).\
filter(model.Group.state == 'active').\
filter(model.Group.type == 'publisher').\
filter(model.Group.name != group.id ).order_by(model.Group.title).all()
c.parent = None
grps = group.get_groups('publisher')
if grps:
c.parent = grps[0]
c.users = group.members_of_type(model.User)
else:
c.body_class = 'group new'
c.categories = categories
def upload(self, id):
"""
Upload of an unpublished file, accepts a POST request with a file and
then renders the result of the import to the user.
"""
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'for_view': True}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Organization not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to upload inventory' % (c.user))
def edit(self, id):
"""
The edit homepage to allow department admins to download and
upload their inventories
"""
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'for_view': True}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Organisation not found')
except NotAuthorized:
abort(401, 'Unauthorized to read group %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to view internal unpublished' % (c.user))
def download(self, id):
"""
Downloads all of the current datasets for a given publisher as a read-only
CSV file.
"""
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'for_view': True,
'group': id}
try:
c.group_dict = get_action('organization_show')(context, {"id": id})
c.group = context['group']
except ObjectNotFound:
abort(404, 'Organization not found')
except NotAuthorized:
abort(401, 'Unauthorized to read Organization %s' % id)
try:
context['group'] = c.group
check_access('organization_update', context)
except NotAuthorized, e:
abort(401, 'User %r not authorized to download unpublished '% (c.user))
def setup_template_variables(self, context, data_dict):
"""
Add variables to c just prior to the template being rendered. We should
use the available groups for the current user, but should be optional
in case this is a top level group
"""
c.is_sysadmin = Authorizer().is_sysadmin(c.user)
c.body_class = "group edit"
c.schema_fields = [
'contact-name', 'contact-email', 'contact-phone',
'foi-name', 'foi-email', 'foi-phone',
'category',
]
if 'group' in context:
group = context['group']
try:
check_access('group_update', context)
c.is_superuser_or_groupadmin = True
except NotAuthorized:
c.is_superuser_or_groupadmin = False
c.possible_parents = model.Session.query(model.Group).\
filter(model.Group.state == 'active').\
filter(model.Group.type == 'publisher').\
filter(model.Group.name != group.id ).order_by(model.Group.title).all()
c.parent = None
grps = group.get_groups('publisher')
if grps:
c.parent = grps[0]
c.users = group.members_of_type(model.User)
else:
c.body_class = 'group new'
c.categories = categories
abort(404, _('Package not found'))
except DataError:
abort(400, _(u'Integrity Error'))
except SearchIndexError, e:
abort(500,
_(u'Unable to update search index.') + repr(e.args))
except ValidationError, e:
abort(400,
_('Unable to delete package.') + repr(e.error_dict))
else:
abort(400, 'Parameter error')
# GET
c.pkg = context.get('package')
try:
check_access('package_delete', context)
except NotAuthorized, e:
abort(401, _('Unauthorized to delete package.'))
package_type = self._get_package_type(id)
self._setup_template_variables(context, {'id': id},
package_type=package_type)
return render('package/delete.html')
class CommentProxy(BaseController):
'''A proxy to Drupal on another server to provide comment HTML. Useful only
for test purposes, when Drupal is not present locally.
'''
def get_comments(self, id):
url = 'http://co-prod3.dh.bytemark.co.uk/comment/get/3266d22c-9d0f-4ebe-b0bc-ea622f858e15?comments_per_page=999999'
#url = 'http://co-dev1.dh.bytemark.co.uk/comment/get/%s' % quote(id)
abort(401, _("Unauthorized to delete package %s") % id)
except ObjectNotFound, e:
abort(404, _("Package not found"))
except DataError:
abort(400, _(u"Integrity Error"))
except SearchIndexError, e:
abort(500, _(u"Unable to update search index.") + repr(e.args))
except ValidationError, e:
abort(400, _("Unable to delete package.") + repr(e.error_dict))
else:
abort(400, "Parameter error")
# GET
c.pkg = context.get("package")
try:
check_access("package_delete", context)
except NotAuthorized, e:
abort(401, _("Unauthorized to delete package."))
package_type = self._get_package_type(id)
self._setup_template_variables(context, {"id": id}, package_type=package_type)
return render("package/delete.html")
class CommentProxy(BaseController):
"""A proxy to Drupal on another server to provide comment HTML. Useful only
for test purposes, when Drupal is not present locally.
"""
def get_comments(self, id):
url = "http://uat2.lampdevelopment.co.uk/comment/get/1c65c66a-fdec-4138-9c64-0f9bf087bcbb"
# url = 'http://co-dev1.dh.bytemark.co.uk/comment/get/%s' % quote(id)
abort(401, _('Unauthorized to delete package %s') % id)
except ObjectNotFound, e:
abort(404, _('Package not found'))
except DataError:
abort(400, _(u'Integrity Error'))
except SearchIndexError, e:
abort(500, _(u'Unable to update search index.') + repr(e.args))
except ValidationError, e:
abort(400, _('Unable to delete package.') + repr(e.error_dict))
else:
abort(400, 'Parameter error')
# GET
c.pkg = context.get('package')
try:
check_access('package_delete', context)
except NotAuthorized, e:
abort(401, _('Unauthorized to delete package.'))
package_type = self._get_package_type(id)
self._setup_template_variables(context, {'id': id}, package_type=package_type)
return render('package/delete.html')
class CommentProxy(BaseController):
'''A proxy to Drupal on another server to provide comment HTML. Useful only
for test purposes, when Drupal is not present locally.
'''
def get_comments(self, id):
url = 'http://co-prod3.dh.bytemark.co.uk/comment/get/3266d22c-9d0f-4ebe-b0bc-ea622f858e15?comments_per_page=999999'
#url = 'http://co-dev1.dh.bytemark.co.uk/comment/get/%s' % quote(id)
return self._read_url(url)
