def format_element(bfo,
only_public_records=1,
addthis_id=CFG_BIBFORMAT_ADDTHIS_ID):
"""
Prints the AddThis box from the <http://www.addthis.com/> service.
@param only_public_records: if set to 1 (the default), prints the box only
if the record is public (i.e. if it belongs to the root colletion and is
accessible to the world).
@param addthis_id: the pubid API parameter as provided by the service
(e.g. ra-4ff80aae118f4dad). This can be set at the repository level
in the variable CFG_BIBFORMAT_ADDTHIS_ID in invenio(-local).conf
"""
if not addthis_id:
return ""
if int(only_public_records) and not record_public_p(bfo.recID):
return ""
return """\
<!-- AddThis Button BEGIN -->
<div class="addthis_toolbox addthis_default_style ">
<a class="addthis_button_preferred_1"></a>
<a class="addthis_button_preferred_2"></a>
<a class="addthis_button_preferred_3"></a>
<a class="addthis_button_preferred_4"></a>
<a class="addthis_button_compact"></a>
<a class="addthis_counter addthis_bubble_style"></a>
</div>
<script type="text/javascript">var addthis_config = {"data_track_clickback":true};</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=%(addthis_id)s"></script>
<!-- AddThis Button END -->
""" % {
'addthis_id': addthis_id
}
def format_element(bfo, only_public_records=1, addthis_id=CFG_BIBFORMAT_ADDTHIS_ID):
"""
Prints the AddThis box from the <http://www.addthis.com/> service.
@param only_public_records: if set to 1 (the default), prints the box only
if the record is public (i.e. if it belongs to the root colletion and is
accessible to the world).
@param addthis_id: the pubid API parameter as provided by the service
(e.g. ra-4ff80aae118f4dad). This can be set at the repository level
in the variable CFG_BIBFORMAT_ADDTHIS_ID in invenio(-local).conf
"""
if not addthis_id:
return ""
if int(only_public_records) and not record_public_p(bfo.recID):
return ""
return """\
<!-- AddThis Button BEGIN -->
<div class="addthis_toolbox addthis_default_style ">
<a class="addthis_button_preferred_1"></a>
<a class="addthis_button_preferred_2"></a>
<a class="addthis_button_preferred_3"></a>
<a class="addthis_button_preferred_4"></a>
<a class="addthis_button_compact"></a>
<a class="addthis_counter addthis_bubble_style"></a>
</div>
<script type="text/javascript">var addthis_config = {"data_track_clickback":true};</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=%(addthis_id)s"></script>
<!-- AddThis Button END -->
""" % {'addthis_id': addthis_id}
def test_article_in_unreleased_issue(self):
"""webjournal - check access to unreleased article"""
from invenio.legacy.search_engine import record_public_p
# Record is not public
self.assertEqual(record_public_p(112), False)
# Unreleased article is not visible to guest
error_messages = test_web_page_content(
cfg['CFG_SITE_URL'] + '/journal/AtlantisTimes/2009/06/News/112',
expected_text=["A naturalist's voyage around the world"],
unexpected_text=['Galapagos Archipelago'])
if error_messages:
self.fail(merge_error_messages(error_messages))
# Unreleased article is visible to editor
error_messages = test_web_page_content(
cfg['CFG_SITE_URL'] + '/journal/AtlantisTimes/2009/06/News/112',
username='******',
password='******',
expected_text=['Galapagos Archipelago'],
unexpected_text=[
'This file is restricted', 'You are not authorized'
])
if error_messages:
self.fail(merge_error_messages(error_messages))
def test_restricted_article_in_released_issue(self):
"""webjournal - check access to restricted article in released issue"""
from invenio.legacy.search_engine import record_public_p
# Record is not public
self.assertEqual(record_public_p(112), False)
# Released article (even if restricted) is visible to guest
error_messages = test_web_page_content(cfg['CFG_SITE_URL'] + '/journal/AtlantisTimes/2009/03/Science/111' ,
expected_text=["Scissor-beak"],
unexpected_text=["A naturalist's voyage around the world"])
if error_messages:
self.fail(merge_error_messages(error_messages))
def test_restricted_article_in_released_issue(self):
"""webjournal - check access to restricted article in released issue"""
from invenio.legacy.search_engine import record_public_p
# Record is not public
self.assertEqual(record_public_p(112), False)
# Released article (even if restricted) is visible to guest
error_messages = test_web_page_content(
cfg['CFG_SITE_URL'] + '/journal/AtlantisTimes/2009/03/Science/111',
expected_text=["Scissor-beak"],
unexpected_text=["A naturalist's voyage around the world"])
if error_messages:
self.fail(merge_error_messages(error_messages))
def test_article_in_unreleased_issue(self):
"""webjournal - check access to unreleased article"""
from invenio.legacy.search_engine import record_public_p
# Record is not public
self.assertEqual(record_public_p(112), False)
# Unreleased article is not visible to guest
error_messages = test_web_page_content(cfg['CFG_SITE_URL'] + '/journal/AtlantisTimes/2009/06/News/112' ,
expected_text=["A naturalist's voyage around the world"],
unexpected_text=['Galapagos Archipelago'])
if error_messages:
self.fail(merge_error_messages(error_messages))
# Unreleased article is visible to editor
error_messages = test_web_page_content(cfg['CFG_SITE_URL'] + '/journal/AtlantisTimes/2009/06/News/112',
username='******',
password='******',
expected_text=['Galapagos Archipelago'],
unexpected_text=['This file is restricted',
'You are not authorized'])
if error_messages:
self.fail(merge_error_messages(error_messages))
def check_user_can_view_record(user_info, recid):
"""Check if the user is authorized to view the given recid.
The function grants access in two cases: either user has author rights on
this record, or he has view rights to the primary collection this record
belongs to.
:param user_info: the user_info dictionary that describe the user.
:type user_info: user_info dictionary
:param recid: the record identifier.
:type recid: positive integer
:return: (0, ''), when authorization is granted, (>0, 'message') when
authorization is not granted
"""
from invenio.modules.access.engine import acc_authorize_action
from invenio.modules.access.local_config import VIEWRESTRCOLL
from invenio.modules.collections.cache import is_record_in_any_collection
from invenio.legacy.search_engine import record_public_p, record_exists
policy = cfg['CFG_WEBSEARCH_VIEWRESTRCOLL_POLICY'].strip().upper()
if isinstance(recid, str):
recid = int(recid)
# At this point, either webcoll has not yet run or there are some
# restricted collections. Let's see first if the user own the record.
if is_user_owner_of_record(user_info, recid):
# Perfect! It's authorized then!
return (0, '')
if is_user_viewer_of_record(user_info, recid):
# Perfect! It's authorized then!
return (0, '')
restricted_collections = get_restricted_collections_for_recid(
recid, recreate_cache_if_needed=False)
if not restricted_collections and record_public_p(recid):
# The record is public and not part of any restricted collection
return (0, '')
if restricted_collections:
# If there are restricted collections the user must be authorized to
# all/any of them (depending on the policy)
auth_code, auth_msg = 0, ''
for collection in restricted_collections:
(auth_code, auth_msg) = acc_authorize_action(user_info,
VIEWRESTRCOLL,
collection=collection)
if auth_code and policy != 'ANY':
# Ouch! the user is not authorized to this collection
return (auth_code, auth_msg)
elif auth_code == 0 and policy == 'ANY':
# Good! At least one collection is authorized
return (0, '')
# Depending on the policy, the user will be either authorized or not
return auth_code, auth_msg
if is_record_in_any_collection(recid, recreate_cache_if_needed=False):
# the record is not in any restricted collection
return (0, '')
elif record_exists(recid) > 0:
# We are in the case where webcoll has not run.
# Let's authorize SUPERADMIN
(auth_code, auth_msg) = acc_authorize_action(user_info,
VIEWRESTRCOLL,
collection=None)
if auth_code == 0:
return (0, '')
else:
# Too bad. Let's print a nice message:
return (
1, "The record you are trying to access has just been "
"submitted to the system and needs to be assigned to the "
"proper collections. It is currently restricted for security "
"reasons until the assignment will be fully completed. Please "
"come back later to properly access this record.")
else:
# The record either does not exists or has been deleted.
# Let's handle these situations outside of this code.
return (0, '')
def format_element(
bfo,
only_public_records=1,
sites="linkedin,twitter,facebook,google,delicious,sciencewise"):
"""
Return a snippet of JavaScript needed for displaying a bookmark toolbar
@param only_public_records: if set to 1 (the default), prints the box only
if the record is public (i.e. if it belongs to the root colletion and is
accessible to the world).
@param sites: which sites to enable (default is 'linkedin,twitter,facebook,google,delicious,sciencewise'). This should be a
comma separated list of strings.
Valid values are available on:
<http://keith-wood.name/bookmark.html#sites>
Note that 'sciencewise' is an ad-hoc service that will be displayed
only in case the record has an arXiv reportnumber and will always
be displayed last.
"""
if int(only_public_records) and not record_public_p(bfo.recID):
return ""
sitelist = sites.split(',')
sitelist = [site.strip().lower() for site in sitelist]
sciencewise = False
if 'sciencewise' in sitelist:
sciencewise = True
sitelist.remove('sciencewise')
sites_js = ", ".join("'%s'" % site for site in sitelist)
title = bfo.field('245__a')
description = bfo.field('520__a')
sciencewise_script = ""
if sciencewise:
reportnumber = get_arxiv_reportnumber(bfo)
sciencewise_url = ""
if reportnumber:
sciencewise_url = create_sciencewise_url(reportnumber)
if not sciencewise_url and CFG_CERN_SITE:
sciencewise_url = create_sciencewise_url(bfo.recID, cds=True)
if sciencewise_url:
sciencewise_script = """\
$.bookmark.addSite('sciencewise', 'ScienceWise.info', '%(siteurl)s/img/sciencewise.png', 'en', 'bookmark', '%(url)s');
$('#bookmark_sciencewise').bookmark({sites: ['sciencewise']});
""" % {
'siteurl': CFG_SITE_URL,
'url': sciencewise_url.replace("'", r"\'"),
}
url = '%(siteurl)s/%(record)s/%(recid)s' % \
{'recid': bfo.recID,
'record': CFG_SITE_RECORD,
'siteurl': CFG_BASE_URL}
args = parse_url_string(bfo.user_info['uri'])
journal_name = args["journal_name"]
if journal_name and \
(journal_name in [info.get('journal_name', '') for info in get_journals_ids_and_names()]):
# We are displaying a WebJournal article: URL is slightly different
url = make_journal_url(bfo.user_info['uri'])
return """\
<!-- JQuery Bookmark Button BEGIN -->
<div id="bookmark"></div><div id="bookmark_sciencewise"></div>
<style type="text/css">
#bookmark_sciencewise, #bookmark { float: left; }
#bookmark_sciencewise li { padding: 2px; width: 25px}
#bookmark_sciencewise ul, #bookmark ul { list-style-image: none; }
</style>
<script type="text/javascript" src="%(siteurl)s/vendors/jquery.bookmark/jquery.bookmark.min.js"></script>
<style type="text/css">@import "%(siteurl)s/vendors/jquery.bookmark/jquery.bookmark.css";</style>
<script type="text/javascript">// <![CDATA[
%(sciencewise)s
$('#bookmark').bookmark({
sites: [%(sites_js)s],
icons: '%(siteurl)s/vendors/jquery.bookmark/bookmarks.png',
url: '%(url)s',
addEmail: true,
title: "%(title)s",
description: "%(description)s"
});
// ]]>
</script>
<!-- JQuery Bookmark Button END -->
""" % {
'siteurl':
CFG_BASE_URL,
'sciencewise':
sciencewise_script,
'title':
escape_javascript_string(
title, escape_for_html=False, escape_CDATA=True),
'description':
escape_javascript_string(
description, escape_for_html=False, escape_CDATA=True),
'sites_js':
sites_js,
'url':
url,
}
def check_user_can_view_record(user_info, recid):
"""Check if the user is authorized to view the given recid.
The function grants access in two cases: either user has author rights on
this record, or he has view rights to the primary collection this record
belongs to.
:param user_info: the user_info dictionary that describe the user.
:type user_info: user_info dictionary
:param recid: the record identifier.
:type recid: positive integer
:return: (0, ''), when authorization is granted, (>0, 'message') when
authorization is not granted
"""
from invenio.modules.access.engine import acc_authorize_action
from invenio.modules.access.local_config import VIEWRESTRCOLL
from invenio.modules.collections.cache import is_record_in_any_collection
from invenio.legacy.search_engine import record_public_p, record_exists
policy = cfg['CFG_WEBSEARCH_VIEWRESTRCOLL_POLICY'].strip().upper()
if isinstance(recid, str):
recid = int(recid)
# At this point, either webcoll has not yet run or there are some
# restricted collections. Let's see first if the user own the record.
if is_user_owner_of_record(user_info, recid):
# Perfect! It's authorized then!
return (0, '')
if is_user_viewer_of_record(user_info, recid):
# Perfect! It's authorized then!
return (0, '')
restricted_collections = get_restricted_collections_for_recid(
recid, recreate_cache_if_needed=False
)
if not restricted_collections and record_public_p(recid):
# The record is public and not part of any restricted collection
return (0, '')
if restricted_collections:
# If there are restricted collections the user must be authorized to
# all/any of them (depending on the policy)
auth_code, auth_msg = 0, ''
for collection in restricted_collections:
(auth_code, auth_msg) = acc_authorize_action(
user_info, VIEWRESTRCOLL, collection=collection
)
if auth_code and policy != 'ANY':
# Ouch! the user is not authorized to this collection
return (auth_code, auth_msg)
elif auth_code == 0 and policy == 'ANY':
# Good! At least one collection is authorized
return (0, '')
# Depending on the policy, the user will be either authorized or not
return auth_code, auth_msg
if is_record_in_any_collection(recid, recreate_cache_if_needed=False):
# the record is not in any restricted collection
return (0, '')
elif record_exists(recid) > 0:
# We are in the case where webcoll has not run.
# Let's authorize SUPERADMIN
(auth_code, auth_msg) = acc_authorize_action(
user_info, VIEWRESTRCOLL, collection=None
)
if auth_code == 0:
return (0, '')
else:
# Too bad. Let's print a nice message:
return (
1,
"The record you are trying to access has just been "
"submitted to the system and needs to be assigned to the "
"proper collections. It is currently restricted for security "
"reasons until the assignment will be fully completed. Please "
"come back later to properly access this record.")
else:
# The record either does not exists or has been deleted.
# Let's handle these situations outside of this code.
return (0, '')
def format_element(bfo, only_public_records=1, sites="linkedin,twitter,facebook,google,delicious,sciencewise"):
"""
Return a snippet of JavaScript needed for displaying a bookmark toolbar
@param only_public_records: if set to 1 (the default), prints the box only
if the record is public (i.e. if it belongs to the root colletion and is
accessible to the world).
@param sites: which sites to enable (default is 'linkedin,twitter,facebook,google,delicious,sciencewise'). This should be a
comma separated list of strings.
Valid values are available on:
<http://keith-wood.name/bookmark.html#sites>
Note that 'sciencewise' is an ad-hoc service that will be displayed
only in case the record has an arXiv reportnumber and will always
be displayed last.
"""
if int(only_public_records) and not record_public_p(bfo.recID):
return ""
sitelist = sites.split(',')
sitelist = [site.strip().lower() for site in sitelist]
sciencewise = False
if 'sciencewise' in sitelist:
sciencewise = True
sitelist.remove('sciencewise')
sites_js = ", ".join("'%s'" % site for site in sitelist)
title = bfo.field('245__a')
description = bfo.field('520__a')
sciencewise_script = ""
if sciencewise:
reportnumber = get_arxiv_reportnumber(bfo)
sciencewise_url = ""
if reportnumber:
sciencewise_url = create_sciencewise_url(reportnumber)
if not sciencewise_url and CFG_CERN_SITE:
sciencewise_url = create_sciencewise_url(bfo.recID, cds=True)
if sciencewise_url:
sciencewise_script = """\
$.bookmark.addSite('sciencewise', 'ScienceWise.info', '%(siteurl)s/img/sciencewise.png', 'en', 'bookmark', '%(url)s');
$('#bookmark_sciencewise').bookmark({sites: ['sciencewise']});
""" % {
'siteurl': CFG_SITE_URL,
'url': sciencewise_url.replace("'", r"\'"),
}
url = '%(siteurl)s/%(record)s/%(recid)s' % \
{'recid': bfo.recID,
'record': CFG_SITE_RECORD,
'siteurl': CFG_SITE_URL}
args = parse_url_string(bfo.user_info['uri'])
journal_name = args["journal_name"]
if journal_name and \
(journal_name in [info.get('journal_name', '') for info in get_journals_ids_and_names()]):
# We are displaying a WebJournal article: URL is slightly different
url = make_journal_url(bfo.user_info['uri'])
return """\
<!-- JQuery Bookmark Button BEGIN -->
<div id="bookmark"></div><div id="bookmark_sciencewise"></div>
<style type="text/css">
#bookmark_sciencewise, #bookmark { float: left; }
#bookmark_sciencewise li { padding: 2px; width: 25px}
#bookmark_sciencewise ul, #bookmark ul { list-style-image: none; }
</style>
<script type="text/javascript" src="%(siteurl)s/js/jquery.bookmark.min.js"></script>
<style type="text/css">@import "%(siteurl)s/css/jquery.bookmark.css";</style>
<script type="text/javascript">// <![CDATA[
%(sciencewise)s
$('#bookmark').bookmark({
sites: [%(sites_js)s],
icons: '%(siteurl)s/img/bookmarks.png',
url: '%(url)s',
addEmail: true,
title: "%(title)s",
description: "%(description)s"
});
// ]]>
</script>
<!-- JQuery Bookmark Button END -->
""" % {
'siteurl': CFG_SITE_URL,
'sciencewise': sciencewise_script,
'title': escape_javascript_string(title,
escape_for_html=False,
escape_CDATA=True),
'description': escape_javascript_string(description,
escape_for_html=False,
escape_CDATA=True),
'sites_js': sites_js,
'url': url,
}
