コード例 #1
0
    def get(self):
        response = {
            "code": 200,
            "type": "List of Red Flags.",
            "method": "GET",
            "response": "OK",
            "data": []
        }

        if not self.request.get('dataset_id'):
            self.error(400)
            return

        dataset_key = ndb.Key('APIData',
                              normalize_id(self.request.get('dataset_id')))

        redflags = RedFlag.query(RedFlag.links == dataset_key).fetch(50)

        redflag_objects = []

        for redflag in redflags:
            redflag_objects.append(redflag.to_object())

        response['data'] = redflag_objects

        if self.GET("callback"):
            callback = self.GET("callback")
            d = json.dumps(response)

            self.response.out.write(callback + "(" + d + ");")
        else:
            wrap_response(self, response)
コード例 #2
0
    def get(self, data_id=None):
        desc = "The GET method is not supported "
        desc += "for this endpoint."

        response = {}
        response["response"] = "UnsupportedMethodError"
        response["description"] = desc
        response["code"] = 405
        wrap_response(self, response)
コード例 #3
0
    def get(self, data_id=None):
        """
            Handles the /api/v1/data/[data_id] endpoint.
            Returns the details of the data_id provided.
        """
        response = {
            "code": 200,
            "type": "Data details.",
            "method": "GET",
            "response": "OK",
            "data": {}
        }

        try:
            data_id = int(data_id)
        except ValueError:
            data_id = str(data_id)
        except Exception as e:
            logging.exception(e)
            wrap_response(self, response)
            return

        data = APIData.get_by_id(normalize_id(data_id))
        if data:

            # TODO: Add check for authorization

            response["data"] = data.to_api_object()

            if self.request.get('show_environments'):
                public = False
                for environment_key in data.environment:
                    logging.debug(str(data.environment))
                    if environment_key.id() == 'PUBLIC':
                        public = True
                    else:
                        environment = environment_key.get()
                        if environment:
                            response["data"][
                                "environment_object"] = environment.to_api_object(
                                )

                if public:
                    response["data"]["public"] = True
                else:
                    response["data"]["public"] = False

        if self.GET("callback"):
            callback = self.GET("callback")
            d = json.dumps(response)

            self.response.out.write(callback + "(" + d + ");")
        else:
            wrap_response(self, response)
コード例 #4
0
    def get(self, user_id=None):
        response = {
            "code": 200,
            "type": "List of users",
            "method": "GET",
            "response": "OK",
            "data": []
        }
        if self.request.get('check_email'):
            resp = {}
            resp['exist'] = False
            email = self.request.get('check_email').replace(' ', '+')
            resp['email'] = email
            user = User.query(User.current_email == email).get(keys_only=True)
            if user:
                resp['exist'] = True
            self.response.headers['Content-Type'] = 'application/json'
            self.response.write(json.dumps(resp))
        else:
            if user_id:
                response["type"] = "Get user data."
                user = User.get_by_id(int(user_id))
                if user:
                    response["data"] = {}
                    response["data"] = user.to_api_object(
                        user_role=self.user.role, level=self.user.level)
            else:
                query = User.query()
                query = query.order(User.last_name)
                if self.GET("cursor"):
                    curs = Cursor(urlsafe=self.GET("cursor"))
                    users, cursor, more = query.fetch_page(50,
                                                           start_cursor=curs)
                else:
                    users, cursor, more = query.fetch_page(50)

                if users:
                    for user in users:
                        response["data"].append(
                            user.to_api_object(user_role=self.user.role,
                                               level=self.user.level))

                    if more:
                        response["cursor"] = cursor.urlsafe()

            wrap_response(self, response)
コード例 #5
0
    def post(self, data_id=None):
        # TODO: Rewrite this for environments
        if not data_id:
            desc = "ID is missing from the request."
            response["success"] = False
            response["response"] = "MissingParametersError"
            response["description"] = desc
            response["code"] = 400
            wrap_response(self, response)
            return

        data = APIData.get_by_id(normalize_id(data_id))
        if not data:
            desc = "Cannot find the package."
            response["success"] = False
            response["response"] = "InvalidIDError"
            response["description"] = desc
            response["code"] = 400
            wrap_response(self, response)
            return

        if self.user.key != data.user:
            if not self.user.teams:
                msg = "You have insufficient rights to access this application."
                response["success"] = False
                response["response"] = "InvalidIDError"
                response["description"] = msg
                response["code"] = 400
                wrap_response(self, response)
                return

            has_access = False
            for team in self.user.teams:
                if team in data.access_lock:
                    has_access = True

            if not has_access:
                msg = "You have insufficient rights to access this application."
                response["success"] = False
                response["response"] = "InvalidIDError"
                response["description"] = msg
                response["code"] = 400
            else:
                data.access_lock.remove("PRIVATE")
                data.access_lock.append("PUBLIC")
                data.access_lock = uniquify(data.access_lock)
                data.put()

                msg = "The data has been published and is now public."
                response["success"] = True
                response["response"] = "Success"
                response["description"] = msg
                response["code"] = 200

        wrap_response(self, response)
コード例 #6
0
    def get(self):
        """
            Handles the /admin/register endpoint.
            Agency Admin registration.
        """
        if self.GET("ajax"):
            n = 50
            if self.GET("n"):
                n = int(self.GET("n"))

            query = User.query()
            query = query.filter(User.role == "AGENCYADMIN")

            if self.GET("status"):
                query = query.filter(User.status == self.GET("status").upper())

            if self.GET("cursor"):
                curs = Cursor(urlsafe=self.GET("cursor"))
                users, cursor, more = query.fetch_page(n, start_cursor=curs)
            else:
                users, cursor, more = query.fetch_page(n)

            response = {}
            response["more"] = False
            response["users"] = []
            response["cursor"] = ""

            if users:
                for user in users:
                    response["users"].append(user.to_approval_object())

                if more:
                    response["more"] = True
                    response["cursor"] = cursor.urlsafe()
                    response["url"] = CURRENT_URL
                    response["url"] += "agency/admins?ajax=1&status="
                    response["url"] += self.GET("status")
                    response["url"] += "&cursor=" + cursor.urlsafe()
                    if self.GET("n"):
                        response["url"] += "&n=" + self.GET("n")

            wrap_response(self, response)
        else:
            self.render("register-approve.html")
コード例 #7
0
    def post(self):
        """
            Handles the /admin/register endpoint.
            Agency Admin registration.
        """
        if self.POST("agency_admin_id") and self.POST("action"):
            user = User.get_by_id(int(self.POST("agency_admin_id")))
            if user:
                if self.POST("action") == "approve":
                    user.approved_by_name = " ".join(
                        [self.user.first_name, self.user.last_name])
                    user.approved_by_key = self.user.key
                    user.approved_on = datetime.datetime.now()
                    user.status = "APPROVED"

                    content = {
                        "receiver_name": user.first_name,
                        "receiver_email": user.current_email,
                        "subject": "Account Approved",
                        "email_type": "approve_account"
                    }

                    taskqueue.add(url="/tasks/email/send",
                                  params=content,
                                  method="POST")

                elif self.POST("action") == "disapprove":
                    user.status = "DISAPPROVED"
                    user.disapproved_on = datetime.datetime.now()
                    user.disapproved_by_name = " ".join(
                        [self.user.first_name, self.user.last_name])
                    user.disapproved_by_key = self.user.key
                else:
                    wrap_response(self, {"status": "error"})
                    return

                user.put()
                wrap_response(self, {"status": "ok"})
                return

        wrap_response(self, {"status": "error"})
コード例 #8
0
    def get(self):
        """
            Handles the /api/v1/uacs endpoint.
            Returns list of uacs.
        """
        response = {
            "code": 200,
            "type": "",
            "method": "GET",
            "response": "OK",
            "data": []
        }

        department = ""
        agency = ""
        region = ""
        operating_unit = ""

        if self.request.get('department'):
            department = self.request.get('department').upper().strip()

        if self.request.get('agency'):
            agency = self.request.get('agency').upper().strip()

        if self.request.get('region'):
            region = self.request.get('region').upper().strip()

        if self.request.get('operating_unit'):
            operating_unit = self.request.get('operating_unit').upper().strip()

        uacs_json_file = json.load(open('uacs.json'))
        response_json = []

        if department:
            if department in uacs_json_file:
                if agency:
                    if agency in uacs_json_file[department]:
                        if region:
                            if region in uacs_json_file[department][agency]:
                                response_json = uacs_json_file[department][agency][region]
                            else:
                                response["code"] = 404
                                response["response"] = "NOT FOUND"
                        else:
                            response_json = sorted(uacs_json_file[department][agency].keys())
                    else:
                        response["code"] = 404
                        response["response"] = "NOT FOUND"
                else:
                    response_json = sorted(uacs_json_file[department].keys())
            else:
                response["code"] = 404
                response["response"] = "NOT FOUND"

        else:
            response_json = sorted(uacs_json_file.keys())

        response['data'] = response_json

        if self.GET("callback"):
            callback = self.GET("callback")
            d = json.dumps(response)

            self.response.out.write(callback + "(" + d + ");")
        else:
            wrap_response(self, response)
コード例 #9
0
    def get(self):
        """
            Handles the /api/v1/uacs endpoint.
            Returns list of uacs.
        """
        response = {
            "code": 200,
            "type": "",
            "method": "GET",
            "response": "OK",
            "description": "",
            "data": []
        }

        if not self.GET("uacs_type"):
            response["response"] = "ERROR"
            response["desc"] = "Parameter uacs_type is required."
            wrap_response(self, response)
            return

        uacs_type = self.GET("uacs_type")
        if uacs_type.lower() not in [
                "funding source", "organization", "location", "pap",
                "object code"
        ]:
            response["response"] = "ERROR"
            response["desc"] = "Invalid uacs_type: " + uacs_type + "."
            wrap_response(self, response)
            return

        if self.GET("uacs_code"):
            if uacs_type.lower() == "organization":
                if len(self.GET("uacs_code")) > 12 or len(
                        self.GET("uacs_code")) == 0:
                    response["response"] = "ERROR"
                    response["desc"] = "Invalid uacs_code: " + self.GET(
                        "uacs_code") + "."
                    wrap_response(self, response)
                    return

        if uacs_type.lower() == "organization":
            uacs_json_file = json.load(open('uacs_organization.json'))

        uacs_code = self.GET("uacs_code")
        if uacs_type.lower() == "organization" and uacs_code:
            if len(uacs_code) == 2:
                if uacs_code in uacs_json_file:
                    response_json = uacs_json_file[uacs_code]
                    response["type"] = "Department"
                    response["description"] = "List of department agencies."
                    response["data"] = response_json
                else:
                    response["code"] = 404
                    response["response"] = "NOT FOUND"
            elif len(uacs_code) == 5:
                department_uacs = uacs_code[:2]
                if department_uacs in uacs_json_file:
                    if uacs_code in uacs_json_file[department_uacs]["AGENCY"]:
                        response_json = uacs_json_file[department_uacs][
                            "AGENCY"][uacs_code]
                        response["type"] = "Agency"
                        response[
                            "description"] = "List of regions in a department agency."
                        response["data"] = response_json
                    else:
                        response["code"] = 404
                        response["response"] = "NOT FOUND"
                else:
                    response["code"] = 404
                    response["response"] = "NOT FOUND"
            elif len(uacs_code) == 7:
                department_uacs = uacs_code[:2]
                agency_uacs = uacs_code[:5]
                region_uacs = uacs_code
                if department_uacs in uacs_json_file:
                    if agency_uacs in uacs_json_file[department_uacs][
                            "AGENCY"]:
                        if region_uacs in uacs_json_file[department_uacs][
                                "AGENCY"][agency_uacs]["REGION"]:
                            response_json = uacs_json_file[department_uacs][
                                "AGENCY"][agency_uacs]["REGION"][region_uacs]
                            response["type"] = "Region"
                            response[
                                "description"] = "Low level operating unit in a department agency region."
                            response["data"] = response_json
                        else:
                            response["code"] = 404
                            response["response"] = "NOT FOUND"
                    else:
                        response["code"] = 404
                        response["response"] = "NOT FOUND"
                else:
                    response["code"] = 404
                    response["response"] = "NOT FOUND"
            elif len(uacs_code) == 12:
                department_uacs = uacs_code[:2]
                agency_uacs = uacs_code[:5]
                region_uacs = uacs_code[:7]
                lower_lvl_op_unit_uacs = uacs_code
                if department_uacs in uacs_json_file:
                    if agency_uacs in uacs_json_file[department_uacs][
                            "AGENCY"]:
                        if region_uacs in uacs_json_file[department_uacs][
                                "AGENCY"][agency_uacs]["REGION"]:
                            if lower_lvl_op_unit_uacs in uacs_json_file[
                                    department_uacs]["AGENCY"][agency_uacs][
                                        "REGION"][region_uacs][
                                            "LOWER LEVEL OPERATING UNIT"]:
                                response_json = uacs_json_file[
                                    department_uacs]["AGENCY"][agency_uacs][
                                        "REGION"][region_uacs][
                                            "LOWER LEVEL OPERATING UNIT"][
                                                uacs_code]
                                response["type"] = "Lower Level Operating Unit"
                                response[
                                    "description"] = "List of low level operating unit in a department agency region."
                                response["data"] = response_json
                            else:
                                response["code"] = 404
                                response["response"] = "NOT FOUND"
                        else:
                            response["code"] = 404
                            response["response"] = "NOT FOUND"
                    else:
                        response["code"] = 404
                        response["response"] = "NOT FOUND"
                else:
                    response["code"] = 404
                    response["response"] = "NOT FOUND"
            else:
                response["code"] = 404
                response["response"] = "NOT FOUND"
        else:
            department = ""
            agency = ""
            region = ""
            operating_unit = ""

            if self.GET('department'):
                department = self.GET('department').upper().strip()

            if self.GET('agency'):
                agency = self.GET('agency').upper().strip()

            if self.GET('region'):
                region = self.GET('region').upper().strip()

            if self.GET('operating_unit'):
                operating_unit = self.GET('operating_unit').upper().strip()

            response_json = []

            if department:
                if department in uacs_json_file:
                    if agency:
                        if agency in uacs_json_file[department]["AGENCY"]:
                            if region:
                                if region in uacs_json_file[department][
                                        agency]:
                                    response_json = uacs_json_file[department][
                                        agency][region]
                                else:
                                    response["code"] = 404
                                    response["response"] = "NOT FOUND"
                            else:
                                response_json = uacs_json_file[department][
                                    "AGENCY"][agency]
                        else:
                            response["code"] = 404
                            response["response"] = "NOT FOUND"
                    else:
                        response_json = uacs_json_file[department]
                else:
                    response["code"] = 404
                    response["response"] = "NOT FOUND"

            else:
                response_json = uacs_json_file

            response['data'] = response_json

        if self.GET("callback"):
            callback = self.GET("callback")
            d = json.dumps(response)

            self.response.out.write(callback + "(" + d + ");")
        else:
            wrap_response(self, response)
コード例 #10
0
    def post(self, data_id=None):
        response = {
            "code": 200,
            "type": "List of users",
            "method": "POST",
            "response": "OK",
            "data": []
        }
        if data_id:
            user = User.get_by_id(int(data_id))
            if self.POST("action") == "disable":
                response["type"] = "Disable user account."
                if user:
                    user.status = "DISABLED"
                    user.put()

                    response["data"] = user.to_api_object(
                        user_role=self.user.role, level=self.user.level)
                else:
                    response["code"] = 400
                    response["response"] = "ERROR"

                wrap_response(self, response)
                return

            if self.POST("action") == "approve":
                response["type"] = "Enable user account."
                if user:
                    user.status = "APPROVED"
                    user.approved_by_key = self.user.key
                    user.approved_by_name = self.user.name
                    user.approved_on = datetime.datetime.utcnow()
                    user.put()

                    response["data"] = user.to_api_object(
                        user_role=self.user.role, level=self.user.level)
                else:
                    response["code"] = 400
                    response["response"] = "ERROR"

                wrap_response(self, response)
                return

            if self.POST("action") == "enable":
                response["type"] = "Enable user account."
                if user:
                    user.status = "APPROVED"
                    user.put()

                    response["data"] = user.to_api_object(
                        user_role=self.user.role, level=self.user.level)
                else:
                    response["code"] = 400
                    response["response"] = "ERROR"

                wrap_response(self, response)
                return
            elif self.POST("action") == "update":
                if user:
                    if self.POST("first_name"):
                        user.first_name = self.POST("first_name")

                    if self.POST("middle_name"):
                        user.middle_name = self.POST("middle_name")

                    if self.POST("last_name"):
                        user.last_name = self.POST("last_name")

                    if self.POST("role"):
                        user.level = int(self.POST("role"))
                        if user.level == 2:
                            user.role = 'CLUSTERDIRECTOR'
                        elif user.level == 3:
                            user.role = 'AGENCYADMIN'
                        elif user.level == 4:
                            user.role = 'GEOSTOREADMIN'
                        else:
                            user.role = 'USER'

                    if self.POST("email"):
                        user.current_email = self.POST("email").strip().lower()
                        user.email_list.append(user.current_email)

                    if self.POST("access_key"):
                        access_key = ["PUBLIC"]
                        for key in self.POST("access_key").split(","):
                            if key:
                                access_key.append(key.upper().strip())

                        user.access_key = uniquify(access_key)

                    user.put()
                    msg = "User has been updated."
                    success_message(self, msg)

        self.redirect("/dashboard")
コード例 #11
0
    def get(self):
        """
            Handles the /api/v1/logs endpoint.
            Returns list of logs.
        """
        response = {
            "code": 200,
            "type": "List of geostore logs.",
            "method": "GET",
            "response": "OK",
            "data": []
        }

        # Default number of entities to be retrieved is 50.
        n = 150
        if self.GET("n"):
            n = int(self.GET("n"))
            # if the number of entities to be retrieved given is
            # greater than 100. Switch back to default which is 100
            if n > 500:
                n = 500

        query = SL.query()

        for arg in self.request.arguments():
            if arg.lower() == "callback" \
               or arg.lower() == "_" \
               or arg.lower() == "order" \
               or arg.lower() == "cursor" \
               or arg.lower() == "n" \
               or arg.lower() == "_search_" \
               or arg.lower() == "show_image_dates" \
               or arg.lower() == "start_updated_from" \
               or arg.lower() == "csv" \
               or arg.lower() == "start_created_from":
                continue

            ad_value = self.GET(arg)
            tag = create_indexed_tag(arg, ad_value)
            query = query.filter(SL.indexed_data == tag)

        query = query.order(-SL.created)

        logging.info(query)

        
        if self.GET("cursor"):
            curs = Cursor(urlsafe=self.GET("cursor"))
            data, cursor, more = query.fetch_page(n, start_cursor=curs)
        else:
            data, cursor, more = query.fetch_page(n)

        if data:
            response["cursor"] = ""

            data.reverse()
            previous = None
            for d in data:
                try:
                    response["data"].append(d.to_api_object(change_against=previous))
                    previous = d
                except Exception as e:
                    logging.debug(e)

            response["data"].reverse()

            if more:
                response["cursor"] = cursor.urlsafe()

        if self.GET("callback"):
            callback = self.GET("callback")
            d = json.dumps(response)

            self.response.out.write(callback + "(" + d + ");")
        else:
            wrap_response(self, response)
コード例 #12
0
    def get(self, group_id=None):
        if self.user.role != 'CLUSTERDIRECTOR':
            self.redirect('/environment')
            return

        self.tv['page_user_groups'] = True
        if group_id:
            group = UserGroup.get_by_id(int(group_id))
            if group:
                if self.GET("ta") == "join":
                    if self.user.current_email in group.invited_users:
                        if self.user.key in group.users:
                            msg = "You are already a member of the "
                            msg += group.title
                            msg += " user group."
                            error_message(self, msg)
                        else:
                            self.user.user_groups.append(str(group.key.id()))
                            self.user.put()

                            group.users.append(self.user.key)
                            group.invited_users.remove(self.user.current_email)
                            group.put()

                            if group.environments:
                                for environment in group.environments:
                                    environment = environment.get()
                                    if environment:
                                        if self.user.key not in environment.users:
                                            environment.users.append(
                                                self.user.key)
                                            environment.put()

                            msg = "You have successfully joined the "
                            msg += group.title
                            msg += " user group."
                            success_message(self, msg)
                    else:
                        msg = "Cannot find user group."
                        error_message(self, msg)

                    self.redirect("/groups")
                else:
                    if self.user.role == "CLUSTERDIRECTOR":
                        wrap_response(self, group.to_object())
                    else:
                        self.redirect("/groups")
            else:
                if self.user.role == "CLUSTERDIRECTOR":
                    wrap_response(self, {"error": "cannot find user group"})
                else:
                    self.redirect("/groups")
        else:
            query = UserGroup.query()
            if self.user.role == "CLUSTERDIRECTOR":
                query = query.filter(UserGroup.owner == self.user.key)
            else:
                query = query.filter(
                    ndb.OR(UserGroup.users == self.user.key,
                           UserGroup.invited_users == self.user.current_email))
            groups = query.fetch()

            self.tv["user_groups"] = []

            if groups:
                for g in groups:
                    if self.GET('fetch'):
                        if self.GET('environmentid'):
                            environment = Environment.get_by_id(
                                int(self.GET('environmentid')))
                            if self.GET('addusergroup'):
                                if g.key not in environment.user_groups:
                                    self.tv["user_groups"].append(
                                        g.to_object())
                            elif self.GET('removeusergroup'):
                                if g.key in environment.user_groups:
                                    self.tv["user_groups"].append(
                                        g.to_object())
                    else:
                        self.tv["user_groups"].append(g.to_object())

            if self.GET('fetch'):
                wrap_response(self, self.tv['user_groups'])
                return

            self.tv["breadcrumb"] = [{
                "name": "User Groups",
                "link": "/groups"
            }]

            if self.user.role == "CLUSTERDIRECTOR":
                self.tv["show_new_group"] = True
                self.render("groups.html")
            else:
                self.render("groups-user.html")
コード例 #13
0
    def post(self, data_id=None):
        response = {}
        response["success"] = True

        logging.info(self.request.headers)

        content_type = self.request.headers["Content_Type"]

        if not self.user:
            if content_type == "application/json":
                if "Authorization" not in self.request.headers:
                    logging.info("No Authorization in headers")
                    desc = "You must be logged in to use the API."
                    response["success"] = False
                    response["response"] = "AuthorizationError"
                    response["description"] = desc
                    response["code"] = 400
                    wrap_response(self, response)
                    return

                if self.request.headers["Authorization"] == API_KEY:
                    if not self.request.headers["From"]:
                        logging.info("No email defined")
                        desc = "Cannot find user."
                        response["success"] = False
                        response["response"] = "InvalidUserError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    user_email = self.request.headers["From"].lower()
                    query = User.query()
                    owner = query.filter(
                        User.current_email == user_email).get()
                    if not owner:
                        logging.info("Cannot find user")
                        desc = "Cannot find user."
                        response["success"] = False
                        response["response"] = "InvalidUserError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return
                else:

                    token = Token.get_by_id(
                        self.request.headers["Authorization"])
                    if not token:
                        logging.info(
                            "Cannot find token: " +
                            str(self.request.headers["Authorization"]))
                        desc = "The token you provided is invalid."
                        response["success"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    logging.info(token)
                    session = token.session.get()
                    if not session:
                        logging.info("Cannot find session")
                        desc = "The token has already expired."
                        response["error"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    logging.info(session)
                    if session.expires < datetime.datetime.now(
                    ) or session.status is False:
                        logging.info("token has expired or not active")
                        desc = "The token has already expired."
                        response["success"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return
            else:
                desc = "You must be logged in to use the API."
                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?error=" + urllib.quote(desc)
                    self.redirect(url)

        if not data_id:
            desc = "ID is missing from the request."
            if content_type == "application/json":
                response["success"] = False
                response["response"] = "MissingParametersError"
                response["description"] = desc
                response["code"] = 400
                wrap_response(self, response)
            else:
                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?error=" + urllib.quote(desc)
                    self.redirect(url)
            return

        data = APIData.get_by_id(normalize_id(data_id))
        if not data:
            desc = "Cannot find the package."
            if content_type == "application/json":
                response["success"] = False
                response["response"] = "InvalidIDError"
                response["description"] = desc
                response["code"] = 400
                wrap_response(self, response)
            else:
                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?error=" + urllib.quote(desc)
                    self.redirect(url)
            return

        if data.archived:
            desc = "Cannot find the package."
            if content_type == "application/json":
                response["success"] = False
                response["response"] = "InvalidIDError"
                response["description"] = desc
                response["code"] = 400
                wrap_response(self, response)
            else:
                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?error=" + urllib.quote(desc)
                    self.redirect(url)
            return

        desc = "There are missing parameters in your request."
        if content_type == "application/json":
            if not self.request.body:
                response["success"] = False
                response["response"] = "MissingParametersError"
                response["description"] = desc
                response["code"] = 400
                wrap_response(self, response)
                return

            try:
                body = json.loads(self.request.body)
            except Exception as e:
                logging.info(e)
                desc = "Invalid JSON format."
                response["success"] = False
                response["response"] = "InvalidJSONError"
                response["description"] = desc
                response["code"] = 400
                wrap_response(self, response)
                return

            tags = []

            try:
                for key, value in body.items():
                    try:
                        tags += create_tags(value)
                    except Exception as e:
                        logging.info("Cannot create tag from: ")
                        logging.info(e)
                    if key.startswith('unindexed_'):  # unindexed_
                        ad_key = key.replace("unindexed_", "")
                        data.additional_data[ad_key] = value.strip()

                    if key.startswith('indexed_'):
                        ad_key = key.replace("indexed_", "")
                        data.additional_data[ad_key] = value

                        for d in data.indexed_data:
                            ad_key = key.replace("indexed_", "")
                            if d.startswith(ad_key.upper()):
                                try:
                                    data.indexed_data.remove(d)
                                except Exception as e:
                                    logging.exception(e)
                                    logging.info("Cannot remove from list")

                        data.indexed_data.append(create_indexed_tag(
                            key, value))
                if self.user:
                    data.username = self.user.name
                    data.user = self.user.key

                data.indexed_data = uniquify(data.indexed_data)
                data.tags = uniquify(tags)
                data.put()

                desc = "Data has been saved."
                response["success"] = True
                response["response"] = "Success"
                response["description"] = desc
                response["code"] = 200
                response["data"] = data.to_api_object()
                wrap_response(self, response)
            except Exception as e:
                logging.exception(e)
                desc = "A server error occured. Please try again later."
                response["success"] = False
                response["response"] = "ServerError"
                response["description"] = desc
                response["code"] = 500
                wrap_response(self, response)
        else:
            if not self.request.arguments():
                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?error=" + urllib.quote(desc)
                    self.redirect(url)
                return

            tags = []

            try:
                for arg in self.request.arguments():
                    for d in data.indexed_data:
                        ad_key = arg.replace("indexed_", "")
                        if d.startswith(ad_key.upper()):
                            try:
                                data.indexed_data.remove(d)
                            except Exception as e:
                                logging.exception(e)
                                logging.info("Cannot remove from list")

                    if arg.startswith('unindexed_'):
                        ad_key = arg.replace("unindexed_", "")
                        ad_value = self.request.POST.get(arg)
                        data.additional_data[ad_key] = ad_value.strip()
                        try:
                            tags += create_tags(ad_value)
                        except Exception as e:
                            logging.info("Cannot create tag from: ")
                            logging.info(e)

                    if arg.startswith('indexed_'):
                        ad_key = arg.replace("indexed_", "")
                        ad_value = self.request.POST.get(arg)
                        data.additional_data[ad_key] = ad_value
                        try:
                            tags += create_tags(ad_value)
                        except Exception as e:
                            logging.info("Cannot create tag from: ")
                            logging.info(e)

                        data.indexed_data.append(
                            create_indexed_tag(arg,
                                               self.request.POST.get(arg)))

                    if arg.startswith('file_'):
                        filename = BUCKET_NAME
                        filename += random_string(20) + "/"
                        ad_key = arg.replace("file_", "")
                        data.additional_data[ad_key] = {}
                        try:
                            # try:
                            file_name = self.request.POST.get(arg).filename
                            filename += file_name

                            gcs_file = gcs.open(
                                filename,
                                'w',
                                options={'x-goog-acl': 'public-read'})
                            gcs_file.write(self.request.get(arg))
                            gcs_file.close()

                            full_url = "https://storage.googleapis.com" + filename
                            # data.additional_data["file"]["file_url"] = full_url

                            data.file_url = full_url
                            data.additional_data[ad_key]["file_url"] = full_url

                            try:
                                blob_key = blobstore.create_gs_key("/gs" +
                                                                   filename)
                                data.serving_url = images.get_serving_url(
                                    blob_key)
                                data.additional_data[ad_key][
                                    "serving_url"] = data.serving_url
                                data.gcs_key = blobstore.BlobKey(blob_key)
                            except Exception as e:
                                logging.exception(e)
                                logging.error("not an image??")
                                data.additional_data[ad_key][
                                    "serving_url"] = full_url
                        except AttributeError, e:
                            logging.exception(e)
                            logging.exception("NO FILE ATTACHED")

                if self.user:
                    data.username = self.user.name
                    data.user = self.user.key

                data.indexed_data = uniquify(data.indexed_data)
                data.tags = uniquify(tags)
                data.put()

                desc = "Data has been updated."

                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?success=" + urllib.quote(desc)
                    self.redirect(url)
                else:
                    response["success"] = True
                    response["response"] = "Success"
                    response["description"] = desc
                    response["code"] = 200
                    response["data"] = data.to_api_object()
                    wrap_response(self, response)
            except Exception as e:
                logging.exception(e)
                desc = "A server error occured. Please try again later."
                if self.POST("r"):
                    url = urllib.unquote(str(self.POST("r")))
                else:
                    url = self.request.referer

                if url:
                    if "?" in url:
                        url = url.split("?")[0]

                    url += "?error=" + urllib.quote(desc)
                    self.redirect(url)
                else:
                    response["success"] = False
                    response["response"] = "ServerError"
                    response["description"] = desc
                    response["code"] = 500
                    wrap_response(self, response)
コード例 #14
0
    def get(self, environment_key_urlsafe=None):
        """
            Returns the list of environments of a logged in user
        """
        n = 50
        response = {
            "code": 200,
            "type": "List of geostore environments.",
            "method": "GET",
            "response": "OK",
            "data": []
        }

        if self.user:
            if environment_key_urlsafe:
                environment = Environment.get_by_id(ndb.Key(urlsafe=environment_key_urlsafe).id())
                if not environment:
                    self.error(404)
                    return

                response['data'] = [environment.to_object()]

            else:
                query = Environment.query()
                query = query.filter(Environment.users == self.user.key)
                if self.GET("cursor"):
                    curs = Cursor(urlsafe=self.GET("cursor"))
                    data, cursor, more = query.fetch_page(n, start_cursor=curs)
                else:
                    data, cursor, more = query.fetch_page(n)

                if data:
                    response["cursor"] = ""
                    for d in data:
                        try:
                            response["data"].append(d.to_object())
                        except Exception as e:
                            logging.exception(e)

                    if more:
                        response["cursor"] = cursor.urlsafe()
        else:
            if self.GET('user'):
                user = ndb.Key('User', int(self.GET('user')))
                if user.get():
                    query = Environment.query()
                    query = query.filter(Environment.users == user)
                    if self.GET("cursor"):
                        curs = Cursor(urlsafe=self.GET("cursor"))
                        data, cursor, more = query.fetch_page(n, start_cursor=curs)
                    else:
                        data, cursor, more = query.fetch_page(n)

                    if data:
                        response["cursor"] = ""
                        for d in data:
                            try:
                                response["data"].append(d.to_object())
                            except Exception as e:
                                logging.exception(e)

                        if more:
                            response["cursor"] = cursor.urlsafe()

        wrap_response(self, response)
コード例 #15
0
    def get(self):
        """
            Handles the /api/v1/data endpoint.
            Returns list of datasets.
        """
        response = {
            "code": 200,
            "type": "List of geostore saved data.",
            "method": "GET",
            "response": "OK",
            "data": []
        }

        # Default number of entities to be retrieved is 50.
        n = 50
        if self.GET("n"):
            n = int(self.GET("n"))
            # if the number of entities to be retrieved given is
            # greater than 100. Switch back to default which is 100
            if n > 100:
                n = 100

        query = APIData.query()
        query = query.filter(APIData.archived == False)

        if not self.user:
            if "Authorization" in self.request.headers:
                token = Token.get_by_id(self.request.headers["Authorization"])
                if not token:
                    logging.info("Cannot find token: " +
                                 str(self.request.headers["Authorization"]))
                    desc = "The token you provided is invalid."
                    response["success"] = False
                    response["response"] = "InvalidTokenError"
                    response["description"] = desc
                    response["code"] = 400
                    wrap_response(self, response)
                    return

                logging.info(token)
                session = token.session.get()
                if not session:
                    logging.info("Cannot find session")
                    desc = "The token has already expired."
                    response["error"] = False
                    response["response"] = "InvalidTokenError"
                    response["description"] = desc
                    response["code"] = 400
                    wrap_response(self, response)
                    return

                logging.info(session)
                if session.expires < datetime.datetime.now(
                ) or session.status is False:
                    logging.info("token has expired or not active")
                    desc = "The token has already expired."
                    response["success"] = False
                    response["response"] = "InvalidTokenError"
                    response["description"] = desc
                    response["code"] = 400
                    wrap_response(self, response)
                    return

                owner = session.owner.get()
                if not owner:
                    logging.info("Cannot find user")
                    desc = "Cannot find user."
                    response["success"] = False
                    response["response"] = "InvalidUserError"
                    response["description"] = desc
                    response["code"] = 400
                    wrap_response(self, response)
                    return

                self.user = owner
        if self.user and self.GET('workspace'):
            environment = ndb.Key(urlsafe=self.GET('workspace')).get()
            if environment:
                if self.user.key in environment.users:
                    environment_key = environment.key
                    query = query.filter(
                        APIData.environment == environment_key)

        elif self.user and not self.GET('workspace') and (
                not self.GET('type')
                or not self.GET('type') in ['PROJECT', 'SUBPROJECT']):
            environments_user = Environment.query(
                Environment.users == self.user.key).fetch(keys_only=True)
            environments_user.append(ndb.Key('Environment', 'PUBLIC'))
            query = query.filter(
                APIData.environment.IN(environments_user)).order(APIData._key)

        else:
            query = query.filter(
                APIData.environment == ndb.Key('Environment', 'PUBLIC'))

        if self.GET("_search_"):
            response["type"] = "Search geostore saved data."
            response["query"] = self.GET("_search_")
            search = self.GET("_search_").strip().upper()
            query = query.filter(APIData.tags >= search)
            query = query.order(APIData.tags)
        else:
            for arg in self.request.arguments():
                if arg.lower() == "callback" \
                   or arg.lower() == "_" \
                   or arg.lower() == "order" \
                   or arg.lower() == "cursor" \
                   or arg.lower() == "n" \
                   or arg.lower() == "_search_" \
                   or arg.lower() == "show_image_dates" \
                   or arg.lower() == "start_updated_from" \
                   or arg.lower() == "start_created_from":
                    continue

                ad_value = self.GET(arg)
                tag = create_indexed_tag(arg, ad_value)
                query = query.filter(APIData.indexed_data == tag)

            if self.GET("order"):
                if self.GET("order").lower() in ["asc", "ascending"]:
                    query = query.order(APIData.updated_time)
                elif self.GET("order").lower() in ["desc", "descending"]:
                    query = query.order(-APIData.updated_time)
                elif self.GET("order").lower() == "created_asc":
                    query = query.order(APIData.created_time)
                elif self.GET("order").lower() == "created_desc":
                    query = query.order(-APIData.created_time)
                elif self.GET("order").lower() == "modified":
                    query = query.order(APIData.updated_time)
            else:
                query = query.order(-APIData.created_time)

            if self.GET("start_updated_from"):
                logging.debug(self.GET("start_updated_from"))
                if self.GET("order").lower() in ["desc", "descending"]:
                    query = query.filter(
                        APIData.updated_time <= datetime.datetime.
                        fromtimestamp(int(self.GET("start_updated_from"))))
                else:
                    query = query.filter(
                        APIData.updated_time >= datetime.datetime.
                        fromtimestamp(int(self.GET("start_updated_from"))))
            elif self.GET('start_created_from'):
                logging.debug(self.GET("start_created_from"))
                if self.GET("order").lower() in ["desc", "descending"]:
                    query = query.filter(
                        APIData.created_time <= datetime.datetime.
                        fromtimestamp(int(self.GET("start_created_from"))))
                else:
                    query = query.filter(
                        APIData.created_time >= datetime.datetime.
                        fromtimestamp(int(self.GET("start_created_from"))))

        logging.info(query)

        if self.GET("cursor"):
            curs = Cursor(urlsafe=self.GET("cursor"))
            data, cursor, more = query.fetch_page(n, start_cursor=curs)
        else:
            data, cursor, more = query.fetch_page(n)

        if data:
            response["cursor"] = ""

            for d in data:
                try:
                    response["data"].append(d.to_api_object())
                except Exception as e:
                    logging.exception(e)

            if more:
                response["cursor"] = cursor.urlsafe()

        if self.GET('show_image_dates'):
            if self.GET('type'):
                if self.GET('type').upper() == 'CLASSIFICATION':
                    if 'data' in response:
                        image_ids = []
                        for classification in response['data']:
                            image_ids.append(
                                ndb.Key('APIData',
                                        int(classification['image_id'])))
                        images = ndb.get_multi(image_ids)
                        for image in images:
                            date = ''
                            image_latlng = image.additional_data['latlng']
                            if 'date' in image.additional_data:
                                date = image.additional_data['date']
                            else:
                                date = image.created_time.strftime(
                                    '%Y:%m:%d %H:%M:%S')
                            for i in range(0, len(response['data'])):
                                if response['data'][i]['image_id'] == str(
                                        image.key.id()):
                                    response['data'][i]['image_date'] = date
                                    response['data'][i][
                                        'image_latlng'] = image_latlng

        if self.GET("callback"):
            callback = self.GET("callback")
            d = json.dumps(response)

            self.response.out.write(callback + "(" + d + ");")
        else:
            wrap_response(self, response)
コード例 #16
0
    def post(self):
        """
            Handles the /api/v1/data endpoint.
            Creates a dataset.
        """
        owner = None

        response = {}
        response["success"] = True

        content_type = self.request.headers[
            "Content_Type"] or self.request.headers["Content-Type"]
        if not self.user:
            if content_type == "application/json":
                if "Authorization" not in self.request.headers:
                    logging.info("No Authorization in headers")
                    desc = "You must be logged in to use the API."
                    response["success"] = False
                    response["response"] = "AuthorizationError"
                    response["description"] = desc
                    response["code"] = 400
                    wrap_response(self, response)
                    return

                if self.request.headers["Authorization"] == API_KEY:
                    if not self.request.headers["From"]:
                        logging.info("No email defined")
                        desc = "Cannot find user."
                        response["success"] = False
                        response["response"] = "InvalidUserError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    user_email = self.request.headers["From"].lower()
                    query = User.query()
                    owner = query.filter(
                        User.current_email == user_email).get()
                    if not owner:
                        logging.info("Cannot find user")
                        desc = "Cannot find user."
                        response["success"] = False
                        response["response"] = "InvalidUserError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return
                else:
                    token = Token.get_by_id(
                        self.request.headers["Authorization"])
                    if not token:
                        logging.info(
                            "Cannot find token: " +
                            str(self.request.headers["Authorization"]))
                        desc = "The token you provided is invalid."
                        response["success"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    logging.info(token)
                    session = token.session.get()
                    if not session:
                        logging.info("Cannot find session")
                        desc = "The token has already expired."
                        response["error"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    logging.info(session)
                    if session.expires < datetime.datetime.now(
                    ) or session.status is False:
                        logging.info("token has expired or not active")
                        desc = "The token has already expired."
                        response["success"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    owner = session.owner.get()
                    if not owner:
                        logging.info("Cannot find user")
                        desc = "Cannot find user."
                        response["success"] = False
                        response["response"] = "InvalidUserError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return
            else:
                if "Authorization" in self.request.headers:
                    token = Token.get_by_id(
                        self.request.headers["Authorization"])
                    if not token:
                        logging.info(
                            "Cannot find token: " +
                            str(self.request.headers["Authorization"]))
                        desc = "The token you provided is invalid."
                        response["success"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    logging.info(token)
                    session = token.session.get()
                    if not session:
                        logging.info("Cannot find session")
                        desc = "The token has already expired."
                        response["error"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    logging.info(session)
                    if session.expires < datetime.datetime.now(
                    ) or session.status is False:
                        logging.info("token has expired or not active")
                        desc = "The token has already expired."
                        response["success"] = False
                        response["response"] = "InvalidTokenError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return

                    owner = session.owner.get()
                    if not owner:
                        logging.info("Cannot find user")
                        desc = "Cannot find user."
                        response["success"] = False
                        response["response"] = "InvalidUserError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                        return
                else:
                    desc = "You must be logged in to use the API."
                    if self.POST("r"):
                        url = urllib.unquote(str(self.POST("r")))
                        if "?" in url:
                            url = url.split("?")[0]

                            url += "?error=" + urllib.quote(desc)
                            self.redirect(url)
                    else:
                        logging.info("User is not logged in")
                        desc = "You must be logged in to use the api."
                        response["success"] = False
                        response["response"] = "InvalidRequestError"
                        response["description"] = desc
                        response["code"] = 400
                        wrap_response(self, response)
                    return
        else:
            owner = self.user

        logging.debug(content_type)

        if content_type == 'application/json':
            # d = write_to_api(json.loads(self.request.body), owner, content_type)
            d = write_to_api(json.loads(self.request.body), owner)
        else:
            d = write_to_api_params(self.request.arguments(), owner,
                                    content_type, False, self)

        wrap_response(self, d.to_api_object())
コード例 #17
0
    def post(self, group_id=None):
        if group_id:
            response = {}
            response["code"] = 200
            response["data"] = []
            response["description"] = ""
            response["success"] = True
            group = UserGroup.get_by_id(int(group_id))
            if group:
                if self.POST("action"):
                    if self.POST("action") == "delete_invited_user":
                        if self.POST("email").strip().lower(
                        ) in group.invited_users:
                            group.invited_users.remove(
                                self.POST("email").strip().lower())
                            group.put()

                            response[
                                'description'] = 'Invitation to ' + self.POST(
                                    'email').strip().lower(
                                    ) + ' has been cancelled.'
                            response["data"] = group.to_object()
                    elif self.POST("action") == "remove_member":
                        user_key = ndb.Key('User', int(self.POST('user_id')))
                        if user_key in group.users:
                            if group.environments:
                                for environment in group.environments:
                                    environment = environment.get()
                                    if environment:
                                        if user_key in environment.users:
                                            environment.users.remove(user_key)
                                            environment.put()

                            group.users.remove(user_key)
                            group.put()

                            response["data"] = group.to_object()
                            response['description'] = 'User has been removed.'
                        else:
                            response['success'] = False
                            response[
                                'description'] = 'User is not a member of the user group.'
                    elif self.POST("action") == "invite_users":
                        if self.POST("email"):
                            for email in self.POST("email").strip().split(","):
                                email = email.strip().lower()

                                query = User.query()
                                query = query.filter(
                                    User.current_email == email)
                                user = query.get()

                                if user:
                                    user.user_groups.append(str(
                                        group.key.id()))
                                    user.put()

                                    group.users.append(user.key)
                                else:
                                    group.invited_users.append(email)

                            group.put()

                            response["data"] = group.to_object()
                    elif self.POST("action") == "leave_group":
                        if self.user.key in group.users:
                            group.users.remove(self.user.key)
                            group.put()

                            response["data"] = group.to_object()
                            response[
                                "description"] = "You have successfully left the " + group.title.upper(
                                ) + " user group."
                        else:
                            response["success"] = False
                            response[
                                "description"] = "User is not part of the team."
                    elif self.POST("action") == "update_group":
                        if self.POST("group_name"):
                            query = Teams.query()
                            query = query.filter(Teams.team_name == self.POST(
                                "group_name").strip().upper())
                            group2 = query.get()

                            logging.info(group2)
                            logging.info(group)

                            if group2:
                                if str(group2.key.id()) != str(group.key.id()):
                                    response["success"] = False
                                    response[
                                        "description"] = "User group already exists."
                                    wrap_response(self, response)
                                    return

                            group.title = self.POST(
                                "group_name").strip().upper()

                        if self.POST("group_description"):
                            group.description = self.POST("group_description")

                        group.put()

                        response["data"] = group.to_object()

            wrap_response(self, response)
        else:
            if self.POST("group_name") \
               and self.POST("group_description") \
               and self.POST("group_member_emails"):
                # Create Environment
                # Only CLUSTERDIRECTOR role can create an environment
                if self.user.role != "CLUSTERDIRECTOR":
                    msg = "You have insufficient rights to access this application."
                    error_message(self, msg)
                    self.redirect("/groups")
                    return

                query = UserGroup.query()
                query = query.filter(
                    UserGroup.title == self.POST("group_name").strip().upper())
                group = query.get()

                if group:
                    msg = "Could not create the user group. "
                    msg += self.POST("group_name").strip()
                    msg += " already exists."
                    error_message(self, msg)
                else:
                    group = UserGroup()
                    group.title = self.POST("group_name").strip().upper()
                    group.description = self.POST("group_description").strip()
                    group.owner = self.user.key

                    for email in self.POST("group_member_emails").split(","):
                        email = email.strip().lower()

                        query = User.query()
                        query = query.filter(User.current_email == email)
                        user = query.get()

                        if user:
                            group.users.append(user.key)
                        else:
                            group.invited_users.append(email)

                    group.put()

                    self.user.user_groups.append(str(group.key.id()))
                    self.user.put()

                    msg = "User group has been saved."
                    success_message(self, msg)

            self.redirect("/groups")