def create_user_db(self): # Create database just for users if does not exist my_client = mongoDBInterface.get_db_client() if not my_client.list_database_names().__contains__("Users"): mongoDBInterface.get_db_client()["Users"].create_collection( "users") mongoDBInterface.get_col("Users", "users") mongoDBInterface.get_col("Users", "users").insert_one(self.__dict__)
def get_user_infos_for_project(project_name): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 users_col = get_col(project_name, "users") if users_col.find_one({'email': requestor_email}) is None: response = { 'message': "Not allowed to perform this action unless you are part of the project" } response = make_response(response) return response, 403 all_users = users_col.find({}) all_users_dict = {"users": list(all_users)} all_users_json = JSONEncoder().encode(all_users_dict) return all_users_json, 200
def remove_user_from_project(project_name): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 if 'user' in request.json: email = request.json['user'] else: response = {'message': "Missing user"} response = make_response(response) return response, 400 users_col = get_col(project_name, "users") requestor = users_col.find_one({'email': requestor_email}) print(requestor_email) if requestor_email == email or requestor[ 'isAdmin']: # if you want to delete yourself, or are an admin, can delete others users_col.delete_one({'email': email}) remove_project_from_user(email, project_name) return "", 204
def create_user(): # creates a new user based on the ID token that gets sent over id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 all_users = get_col("users", "users") if all_users.find_one({'email': requestor_email}) is not None: response = {'message': "User already exists"} response = make_response(response) return response, 400 all_users.insert_one({ 'email': requestor_email, 'projects': [] }) # projects should just include the project IDs which the user # is part of! When a new user is created it should be empty return "", 204
def get_projects(): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 all_users_col = get_col("users", "users") requestor = all_users_col.find_one({"email": requestor_email}) if requestor is None: response = {'message': "Not authorised to perform this action"} response = make_response(response) return response, 401 my_client = get_db_client() names = my_client.list_database_names() names.remove("admin") names.remove("local") names.remove("users") response = {'projects': names} response = make_response(response) return response, 200
def get_document(project_name, document_id): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 users_col = get_col(project_name, "users") requestor = users_col.find_one({'email': requestor_email}) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 col = get_db_collection(project_name, "documents") doc = col.find_one({'_id': ObjectId(document_id)}, {'_id': 0}) doc = {'document': doc} doc = JSONEncoder().encode(doc) return doc, 200
def get_preset_labels(project_name): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 user_col = get_db_collection(project_name, "users") requestor = user_col.find_one({'email': requestor_email}) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 labels_col = get_col(project_name, "labels") labels = labels_col.find({}) labels_list = list(labels) labels_dict = {'labels': labels_list} labels_out = JSONEncoder().encode(labels_dict) return labels_out, 200
def update_user(project_name): # inputs: id_token of requestor, project name, email of user to be changed, and changes to be applied id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 if 'user' in request.json: email = request.json['user'] else: response = {'message': "Missing user"} response = make_response(response) return response, 400 if 'permissions' in request.json: permissions = request.json['permissions'] else: response = {'message': "Missing permissions"} response = make_response(response) return response, 400 project_user_col = get_col(project_name, "users") if project_user_col.find_one({ 'email': requestor_email }) is None: # if requestor is not in project, return unauthorised response = {'message': "Not authorised to perform this action"} response = make_response(response) return response, 401 if not project_user_col.find_one({ 'email': requestor_email })['isAdmin']: # if the requestor is not an admin, return forbidden response = {'message': "Forbidden to perform this action"} response = make_response(response) return response, 403 if project_user_col.find_one({ 'email': email }) is None: # if cannot find an existing user for that email response = { 'message': "That user does not exist in the project, add them to the project first" } response = make_response(response) return response, 400 project_user_col.update_one({'email': email}, {'$set': permissions}) return "", 204
def add_document(self, document): self.documents.append(document) # link with DB and push there when appending something col = mongoDBInterface.get_col(self.name, "documents") for d in self.documents: if not col.find_one(d.__dict__): col.insert_one(d.__dict__)
def remove_user(): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 get_col("users", "users").delete_one({"email": requestor_email}) return "", 204
def delete_preset_labels(project_name, label_id): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 user_col = get_db_collection(project_name, "users") requestor = user_col.find_one({'email': requestor_email, 'isAdmin': True}) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 labels_col = get_col(project_name, "labels") labels_col.delete_one({"_id": ObjectId(label_id)}) # Go into each document, and delete all mentions of that label from each document document_col = get_col(project_name, "documents") document_col.update( {"user_and_labels": { "$elemMatch": { "label": ObjectId(label_id) } }}, {"$pull": { "user_and_labels": { 'label': ObjectId(label_id) } }}) return "", 204
def preset_labels(): # make sure project id is passed if 'project_name' in request.json: project_name = str(request.json['project_name']) labels_col = get_col(project_name, "labels") labels_cursor = labels_col.find({}) labels = list(labels_cursor) for l in labels: l['_id'] = str(l['_id']) if request.method == 'GET': response = {"labels": labels} response = make_response(response) return response, 200 # identify if passed label is already in the preset list if 'label' in request.json: label = request.json['label'] if labels_col.find_one({"name": label}) is not None: label_present = True else: label_present = False if request.method == 'POST': if label_present: response = {'message': "Label already set"} response = make_response(response) return response, 400 else: labels_col.insert_one({"name": label}) response = {'message': "Added label successfully"} response = make_response(response) return response, 200 if request.method == 'DELETE': if label_present: labels_col.delete_one({"name": label}) response = {'message': "Label deleted successfully"} response = make_response(response) return response, 200 else: response = {'message': "Label was not set"} response = make_response(response) return response, 400 else: response = {'message': 'No label value provided'} response = make_response(response) return response, 400 else: response = {'message': 'No project id provided'} response = make_response(response) return response, 400
def create_project(): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 if 'project_name' in request.json: project = request.json['project_name'] else: response = {'message': "Missing project name"} response = make_response(response) return response, 400 my_client = get_db_client() if re.match(r'^\w+$', project): response = { 'message': "Project name can only be Alphanumerics and underscores" } response = make_response(response) return response, 400 if project not in my_client.list_database_names(): create_db_for_proj(project) project_user_col = get_col(project, "users") project_user_col.insert_one({ 'email': requestor_email, 'isAdmin': True, 'isContributor': True }) add_project_to_user(requestor_email, project) else: response = {'message': "Project already exists"} response = make_response(response) return response, 400 return "", 204
def delete_project(project_name): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 if project_name == "local" or project_name == "users" or project_name == "admin": response = { 'message': "Cannot delete that project because it is not a user created project" } response = make_response(response) return response, 400 user_col = get_col(project_name, "users") requestor = user_col.find_one({'email': requestor_email, 'isAdmin': True}) if requestor is None: response = {'message': "Not authorised for that operation"} response = make_response(response) return response, 403 my_client = get_db_client() names = my_client.list_database_names() if project_name in names: all_users = user_col.find({}) for user in all_users: user_email = user['email'] remove_project_from_user(user_email, project_name) my_client.drop_database(project_name) else: response = {'message': "Project does not exist"} response = make_response(response) return response, 400 return "", 204
def add_preset_labels(project_name): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 user_col = get_db_collection(project_name, "users") requestor = user_col.find_one({'email': requestor_email, 'isAdmin': True}) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 if 'label_name' in request.json: label_name = request.json['label_name'] else: response = {'message': "Missing label to add"} response = make_response(response) return response, 400 labels_col = get_col(project_name, "labels") label_in_database = labels_col.find_one({"name": label_name}) if label_in_database is not None: response = {'message': "That label already exists"} response = make_response(response) return response, 400 labels_col.insert_one({"name": label_name}) return "", 204
def get_user_info(): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 users_col = get_col("users", "users") user_dict = users_col.find_one({"email": requestor_email}) user_json = JSONEncoder().encode(user_dict) return user_json, 200
def get_user_emails(): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 users_col = get_col("users", "users") all_users = users_col.find({}, {'email': 1}) all_users_dict = {"users": list(all_users)} all_users_json = JSONEncoder().encode(all_users_dict) return all_users_json, 200
def create_document(project_name): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 users_col = get_col(project_name, "users") requestor = users_col.find_one({ 'email': requestor_email, 'isContributor': True }) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 if 'content' in request.json: content = request.json['content'] else: response = {'message': "Missing content"} response = make_response(response) return response, 400 doc = Document(content, [], []) doc.data = content doc.upload(project_name) return '', 204
def get_document_ids(project_name): id_token = request.args.get('id_token') try: page = int(request.args.get('page')) page_size = int(request.args.get('page_size')) except (ValueError, TypeError): response = {'message': "page and page_size must be integers"} response = make_response(response) return response, 400 if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 users_col = get_col(project_name, "users") requestor = users_col.find_one({'email': requestor_email}) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 col = get_db_collection(project_name, "documents") docs = col.find({}, {'_id': 1}).skip(page * page_size).limit(page_size) docs_dict = {'docs': list(docs)} docs = JSONEncoder().encode(docs_dict) return docs, 200
def update_preset_labels(project_name, label_id): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 user_col = get_db_collection(project_name, "users") requestor = user_col.find_one({'email': requestor_email, 'isAdmin': True}) if requestor is None: response = {'message': "You are not authorised to perform this action"} response = make_response(response) return response, 403 if 'label_name' in request.json: label_name = request.json['label_name'] else: response = {'message': "Missing label to add"} response = make_response(response) return response, 400 labels_col = get_col(project_name, "labels") labels_col.update_one({"_id": ObjectId(label_id)}, {'$set': { 'name': label_name }}) return "", 204
def remove_project_from_user(user_email, project_name): user_col = get_col("users", "users") user_col.update_one({"email": user_email}, {"$pull": {"projects": project_name}})
def add_project_to_user(user_email, project_name): user_col = get_col("users", "users") user_col.update_one({"email": user_email}, {"$push": {"projects": project_name}})
def get_db_collection(proj, col): col = mongoDBInterface.get_col(proj, col) return col
def upload_file(): id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 if request.method == 'POST': if 'projectName' in request.form: project_name = str(request.form['projectName']) else: response = {'message': 'No project id provided'} response = make_response(response) return response, 400 users_col = get_col(project_name, "users") requestor = users_col.find_one({ 'email': requestor_email, 'isContributor': True }) if requestor is None: response = { 'message': "You are not authorised to perform this action" } response = make_response(response) return response, 403 if 'inputFile' not in request.files: response = {'message': 'No file selected'} response = make_response(response) return response, 400 file = request.files['inputFile'] if file.filename == '': response = {'message': 'No file selected'} response = make_response(response) return response, 400 if file: filename = secure_filename(file.filename) filelocation = os.path.join(uploads_dir, filename) file.save(filelocation) with open(filelocation) as csv_file: csv_reader = csv.reader(csv_file, delimiter=",") is_first_line = True for row in csv_reader: if is_first_line: is_first_line = False else: document = Document(row[1], [], []) # Find project database and populate document collection project = Project(project_name, [], []) project.add_document(document) # Delete file when done os.remove(filelocation) response = {'message': 'Documents imported successfully'} response = make_response(response) return response, 200
def set_labels(self, preset_labels): self.preset_labels = preset_labels # link with DB and push there new list of labels col = mongoDBInterface.get_col(self.name, "labels") col.insert_many([label.__dict__ for label in self.preset_labels])
def add_user_to_project(project_name): # inputs: id_token of requestor, project name, email of user to be added to project id_token = request.args.get('id_token') if id_token is None or id_token == "": response = { 'message': "ID Token is not included with the request uri in args" } response = make_response(response) return response, 400 requestor_email = get_email(id_token) if requestor_email is None: response = {'message': "ID Token has expired or is invalid"} response = make_response(response) return response, 400 if 'user' in request.json: email = request.json['user'] else: response = {'message': "Missing user"} response = make_response(response) return response, 400 # check if the new user is already in the "users" collection in the "users" database user_to_add = get_col("users", "users").find_one({'email': email}) if user_to_add is None: response = {'message': "User does not exist/does not have an account"} response = make_response(response) return response, 400 project_user_col = get_col(project_name, "users") if project_user_col.find_one({ 'email': requestor_email }) is None: # if requestor is not in project, return unauthorised response = {'message': "Not authorised to perform this action"} response = make_response(response) return response, 401 if not project_user_col.find_one({ 'email': requestor_email })['isAdmin']: # if the requestor is not an admin, return forbidden response = {'message': "Forbidden to perform this action"} response = make_response(response) return response, 403 if project_user_col.find_one({ 'email': email }) is None: # if cannot find an existing user for that email project_user_col.insert_one({ 'email': email, 'isAdmin': False, 'isContributor': False }) add_project_to_user(email, project_name) return "", 204 else: response = {'message': "That user is already in the provided project"} response = make_response(response) return response, 400