def put(self): if not self.json_request.get('organization') and \ not Organization.valid_id(self.json_request.get('organization')): raise HttpErrorException.bad_request('invalid organization id') org = Organization.get_by_id(self.json_request.get('organization')) if not org: raise HttpErrorException.bad_request('invalid organization id') name = self.json_request.get('name', None) hidden = self.json_request.get('hidden', False) description = self.json_request.get('description', '') if not name or name == 'super_admin' or name == 'admin': raise HttpErrorException.bad_request('invalid group name') if type(hidden) != bool: raise HttpErrorException.bad_request('invalid hidden type must be boolean') if Group.query(ndb.AND(Group.organization == org.key, Group.name == name)).count() > 0: raise HttpErrorException.bad_request('group name taken') group = Group(key=Group.create_key(), name=name, description=description, organization=org.key, active=True) if hidden: org.hidden_groups.append(group.key) else: org.groups.append(group.key) ndb.put_multi([group, org]) if self.json_request.get('return', '') == 'group_dict': self.write_json_response(group.to_dict())
def post(self, org_id=None): if not org_id: raise HttpErrorException.bad_request('no org_id given') org = Organization.get_by_id(org_id) if not org: raise HttpErrorException.bad_request('invalid org_id given') org.edit(self.request, self.json_request, self.user)
def get(self, organization=None): if organization: self.organization = Organization.get_by_id(organization) if not self.organization: raise HttpErrorException.bad_request('invalid organization id') if (not self.user.is_super_admin or (self.organization and not self.user.is_org_admin and self.organization.key != self.user.organization)): raise HttpErrorException.forbidden() temp_data = {} template_index = JINJA_ENVIRONMENT.get_template( 'admin_panel/thinktank/analytics.html') self.response.write(template_index.render(temp_data))
def post(self, organization): if not organization and not Organization.valid_id(organization): raise HttpErrorException.bad_request('invalid organization id') organization = Organization.get_by_id(organization) if organization is None: raise HttpErrorException.bad_request('invalid organization id') user = user_user.User.get_by_id(self.json_request.get('username')) if user is None: raise HttpErrorException.bad_request('bad username') if not self.user.is_admin: lr = tt_logging.construct_log( msg_short='Non-Admin User Tried Adding Org Admin', msg='A Non-Admin user try setting another user as admin', log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user, request=self.request, artifact=organization ) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() is_admin = self.json_request.get('is_admin') if is_admin is None and not type(is_admin) == bool: raise HttpErrorException.bad_request('invalid admin settings') if is_admin: if user.key not in organization.admins: organization.admins.append(user.key) organization.put() lr = tt_logging.construct_log( msg_short='User was made organization admin', log_type=tt_logging.USER, request_user=self.user, affected_user=user, artifact=organization, request=self.request ) log.info(lr['dict_msg']['msg'], extra=lr) else: if user.key in organization.admins: organization.admins.remove(user.key) organization.put() lr = tt_logging.construct_log( msg_short='User was removed as organization admin', log_type=tt_logging.USER, request_user=self.user, affected_user=user, artifact=organization, request=self.request ) log.info(lr['dict_msg']['msg'], extra=lr)
def get(self): if self.request.get('organization_groups') is not '': if self.request.get('organization_groups') == 'all': organization = Organization.get_by_id(self.request.get('organization')) if organization.is_user(self.user) or self.user.is_super_admin: hidden = False if self.request.get('hidden') is not '': hidden = self.request.get('hidden') group_array = organization.get_all_groups() if hidden and self.user.is_admin: hidden_group_array = organization.get_all_hidden_groups() group_array = group_array + hidden_group_array elif self.user.is_admin: hidden_group_array = organization.get_all_hidden_groups() group_array = group_array + hidden_group_array else: user_hidden_groups = organization.get_user_hidden_groups(self.user) for group in user_hidden_groups: group_array.append(group.to_dict()) self.write_json_response(group_array) else: lr = tt_logging.construct_log( msg_short='User Tried Access Organization Groups', msg='User (%s) tried to access groups that belongs to organization ' '(%s) and they are not in this organization' % (self.user.key.id(), organization.key.id()), log_type=tt_logging.SECURITY, request_user=self.user, artifact=organization, request=self.request ) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() elif self.request.get('organization_groups') == 'mine': user_groups = self.user.get_groups() user_groups = ndb.get_multi(user_groups) user_groups_dict_list = [] for group in user_groups: user_groups_dict_list.append(group.to_dict()) self.write_json_response(user_groups_dict_list) else: self._serve_user_groups()
def put(self, user_id=None): if not self.user.is_admin: lr = tt_logging.construct_log( msg_short='Non-Admin User Try Create New User', msg='User (%s) attemped to create a new user' % (self.user.key.id()), log_type=tt_logging.SECURITY, request_user=self.user, request=self.request ) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() if self.json_request.get('username'): org = None if self.json_request.get('organization'): org = Organization.get_by_id(self.json_request.get('organization')) User.new(self.json_request, verify_email=False, request=self.request, worldshare_group=Group.get_worldshare_key(), organization=org)
def get(self, organization=None): if organization: self.organization = Organization.get_by_id(organization) if not self.organization: raise HttpErrorException.bad_request('invalid organization id') if (not self.user.is_super_admin or (self.organization and not self.user.is_org_admin and self.organization.key != self.user.organization)): raise HttpErrorException.forbidden() start_time = self.request.get('start_time', None) try: start_time = AnalyticsDailyStat.get_start_time( datetime.fromtimestamp(int(start_time) / 1000)) except ValueError: raise HttpErrorException.bad_request( 'start_time must be javascript timestamps') end_time = AnalyticsDailyStat.get_end_time(start_time) self.write_json_response( self._get_analyticstats_json(AnalyticsHourlyStat, OrgAnalyticsHourlyStat, start_time, end_time))
def get(self): term = self.request.get('term', '') if term == '': raise HttpErrorException.bad_request('no search term given') limit = 10 if self.request.get('limit', '') != '': try: limit = int(self.request.get('limit')) except ValueError: raise HttpErrorException.bad_request('limit must be integer') if self.user.is_super_admin and self.request.get('organization', '') != '': org = Organization.get_by_id(self.request.get('organization')) if not org: raise HttpErrorException.bad_request('invalid org id') else: if not self.user.organization: raise HttpErrorException.bad_request('user has not organization') org = self.user.organization.get() groups = org.get_all_group_objects() if self.user.is_admin: groups += org.get_all_hidden_group_objects() else: groups += org.get_user_hidden_groups(self.user) matched_groups = [] for group in groups: if len(matched_groups) == limit: break if term.lower() in group.name.lower(): matched_groups.append(group.to_dict()) if self.request.get('callback', '') != '': self.response.write(self.request.get('callback') + '(%s)' % json.dumps(matched_groups)) else: self.write_json_response(matched_groups)
def get(self, user_id=None): # TODO: This handler needs broken down into smaller methods. No point cleaning # this up until that is complete. if self.request.get('user_info') is not '': if self.request.get('user_info') == self.user.username or self.user.is_admin: user = User.get_by_id(self.request.get('user_info')) if not user: raise HttpErrorException.bad_request('invalid user id') self.write_json_response(user.to_dict(user=self.user)) elif self.request.get('user_perms') is not '': user = User.get_by_id(self.request.get('user_perms')) if not user: raise HttpErrorException.bad_request('invalid username') if not user.is_admin and not self.user == user: lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Another User', msg='User (%s) attemped to access user\'s (%s) data ' % (self.user.key.id(), user.key.id()), log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user, request=self.request) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() user_perms_dict = {} for group_key in user.groups: group = group_key.get() if group is None: user.groups.remove(group_key) user.put() lr = tt_logging.construct_log(msg_short='Broken Group Key in User Group List', msg='Found a broken group key (%s) in the user\'s group list\n' 'Key has been removed' % str(group_key), log_type=tt_logging.USER, request_user=self.user, affected_user=user, request=self.request) log.error(lr['dict_msg']['msg'], extra=lr) elif (group.has_permission(self.user, 'set_user_perms') or group.has_permission(self.user, 'remove_user_perms') or user.key == self.user.key): perms = user.get_group_perms_dict(group) if perms is not None: user_perms_dict[group.key.id()] = perms self.write_json_response(user_perms_dict) elif self.request.get('organization_users') is not '': if self.request.get('organization_users') == 'all': organization = Organization.get_by_id(self.request.get('organization_id')) if organization.is_admin(self.user) or Group.get_by_id('super_admin').key in self.user.groups: user_array = User.get_all_users(organization, request_user=self.user) self.write_json_response(user_array) else: lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Org Users', msg='User (%s) attemped to access all Organization\'s users' % (self.user.key.id()), log_type=tt_logging.SECURITY, request_user=self.user, request=self.request, artifact=organization) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() elif self.request.get('non_org') is not '': if not self.user.is_super_admin: lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Org Users', msg='User (%s) attemped to access all Organization\'s users' % (self.user.key.id()), log_type=tt_logging.SECURITY, request_user=self.user, request=self.request) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() else: users = User.query(User.organization == None).fetch() users_dicts = [] for user in users: users_dicts.append(user.to_dict()) self.write_json_response(users_dicts)
def get(self, organization=None): if organization: self.organization = Organization.get_by_id(organization) if not self.organization: raise HttpErrorException.bad_request('invalid organization id') if (not self.user.is_super_admin or (self.organization and not self.user.is_org_admin and self.organization.key != self.user.organization)): raise HttpErrorException.forbidden() start_time = self.request.get('start_time', None) limit = self.request.get('limit', 10) ana_type = self.request.get('type', 'concept') if ana_type not in ['concept', 'user']: raise HttpErrorException.bad_request('invalid type') if ana_type == 'user': ana_type = UserAnalyticsMonthlyStat else: ana_type = ConceptAnalyticsMonthlyStat try: limit = int(limit) except ValueError: raise HttpErrorException.bad_request('limit must be int') if limit > 100: limit = 100 if not start_time: raise HttpErrorException.bad_request('no start_time given') try: start_time = ana_type.get_start_time( datetime.fromtimestamp(int(start_time) / 1000)) except ValueError: raise HttpErrorException.bad_request( 'start_time must be javascript timestamps') log.debug('start_time: %s', start_time) if not self.organization: top_total = ana_type.query(ana_type.start_time == start_time ).order(-ana_type.total).fetch(limit) top_consumption = ana_type.query( ana_type.start_time == start_time).order( -ana_type.total_consumption).fetch(limit) top_production = ana_type.query( ana_type.start_time == start_time).order( ana_type.total_production).fetch(limit) else: top_total = ana_type.query( ndb.AND( ana_type.start_time == start_time, ana_type.entity_organization == self.organization.key)).order(-ana_type.total).fetch(limit) top_consumption = ana_type.query( ndb.AND(ana_type.start_time == start_time, ana_type.entity_organization == self.organization.key) ).order(-ana_type.total_consumption).fetch(limit) top_production = ana_type.query( ndb.AND(ana_type.start_time == start_time, ana_type.entity_organization == self.organization.key) ).order(-ana_type.total_production).fetch(limit) top_total_json = [] for s in top_total: if ana_type == ConceptAnalyticsMonthlyStat: d = s.to_dict() con = s.entity.get() if con: phr = con.get_phrasing() else: phr = 'Concept no longer exists' d['phrasing'] = phr top_total_json.append(d) else: d = s.to_dict() user = s.entity.get() if user: username = user.username else: username = '******' d['username'] = username top_total_json.append(d) top_consumption_json = [] for s in top_consumption: if ana_type == ConceptAnalyticsMonthlyStat: d = s.to_dict() con = s.entity.get() if con: phr = con.get_phrasing() else: phr = 'Concept no longer exists' d['phrasing'] = phr top_consumption_json.append(d) else: d = s.to_dict() user = s.entity.get() if user: username = user.username else: username = '******' d['username'] = username top_consumption_json.append(d) top_production_json = [] for s in top_production: if ana_type == ConceptAnalyticsMonthlyStat: d = s.to_dict() con = s.entity.get() if con: phr = con.get_phrasing() else: phr = 'Concept no longer exists' d['phrasing'] = phr top_production_json.append(d) else: d = s.to_dict() user = s.entity.get() if user: username = user.username else: username = '******' d['username'] = username top_production_json.append(d) response = { 'start_time': time.mktime(start_time.timetuple()) * 1000, 'start_time_str': str(start_time), 'top_total': top_total_json, 'top_consumption': top_consumption_json, 'top_production': top_production_json, } self.write_json_response(response)