def check_login(self, *args, **kwargs): required_args = getargspec(handler_method)[0][1:] log(args, kwargs, required_args) obj = None self.user = user = users.get_current_user() # ciju: ! is_admin = users.is_current_user_admin() roles = [x.strip() for x in role.split(",")] if not user: res = {'status' : 'not_found'} elif "admin" in roles or "author" in roles: args = list(args) log(args, roles) k = tryint(args[0]) # incase key is id not name key = db.Key.from_path(kind, k) if kind else k try: obj = db.get(key) except db.BadKeyError: res = {'status' : 'not_found'} finally: if obj and (is_admin or user == obj.author): # switch first argument with an object args[0] = obj res = handler_method(self, *args, **kwargs) else: res = {'status' : 'not_found'} elif "user" in roles: res = handler_method(self, *args, **kwargs) else: res = {'status' : 'not_found'} return res
def check_access(self, user, types): q = AccntAuthorization.gql( "where project = :p and author = :u and authorization in :a", p=self, a=types, u=user ) log(types, q.count()) return ( AccntAuthorization.gql( "where project = :p and author = :u and authorization in :a ", p=self, a=types, u=user ).count() > 0 )
def get_object(resource, args, orig): # log(resource, orig, args) k, t = resource.split('@') attr = orig.index(k) log(t, k, args) # obj = getattr( getattr(models, t), 'get_by_'+k)(args[attr]) try: obj = getattr( getattr(models, t), 'get_by_'+k)(args[attr]) except db.BadKeyError: obj = False finally: log(args, k, orig, obj) return obj
def calc_req_tag_val(cls, req): "(dimention, (tag,value)) pairs" ph_id = req.get("ph_id") log(json.loads(req.get("data"))) entries = cls.__entry_list(json.loads(req.get("data"))) cats = Dimentions.get_dim_and_met(req, req.get("time")) result = {"aggregate": {}, "timeline": {}} for i in ["aggregate", "timeline"]: res = result[i] stat = cats[i] for c in stat: typ = slashify(ph_id, c[0]) if typ in res: logging.error(" the string should be unique for a single request:" + typ) res[typ] = {c[1]: entries} return result
def _aggregate_stats_for_proj(cls, p, till_b4_hr, now, local=False): from_hr = p.last_hr # last hr when stats were taken if from_hr is None: from_hr = utils.hr_before(4) # todo: wtf from_hr += datetime.timedelta(hours=1) log(from_hr, till_b4_hr, now) if local: # just for testing. till_b4_hr += datetime.timedelta(hours=1) from_hr = utils.hr_before(1) while from_hr < till_b4_hr: hr_stats = cls.get_hour_stats(p.key().id(), from_hr) if hr_stats: log("----------") logging.info( "#### aggregate - [(project) " + p.name + " till: " + str(till_b4_hr) + "] [(hr) " + str(from_hr.hour) + "] " + str(len(hr_stats)) ) aggregate = hr_stats["aggregate"] timeline = hr_stats["timeline"] for i in aggregate: Aggregate.save_aggregate(p.key().id(), i, aggregate[i]) for i in timeline: Timeline.save_timeline(p.key().id(), i, timeline[i]) p.last_hr = from_hr from_hr += datetime.timedelta(hours=1)
def check_auth(self, *args, **kwargs): def copy_and_rm_args(args, kwargs, defaults): "map args from kwargs and arg defaults" res = [] dstart = len(args) - len(defaults) # defaults start for i, a in enumerate(args): if a in kwargs: res.append(kwargs[a]) del kwargs[a] elif i >= dstart: res.append(defaults[i-dstart]) else: return False return res def get_kinds(roles): return [x.strip() for x in roles.split(',')] def get_object(resource, args, orig): # log(resource, orig, args) k, t = resource.split('@') attr = orig.index(k) log(t, k, args) # obj = getattr( getattr(models, t), 'get_by_'+k)(args[attr]) try: obj = getattr( getattr(models, t), 'get_by_'+k)(args[attr]) except db.BadKeyError: obj = False finally: log(args, k, orig, obj) return obj def put_object(resource, args, orig, obj): k, t = resource.split('@') args[orig.index(k)] = obj user = self.user = users.get_current_user() is_admin = users.is_current_user_admin() kinds = get_kinds(roles) log(kinds, resources) if 'user' in kinds: return handler_method(self, *args, **kwargs) argspec = getargspec(handler_method) required_args = argspec[0][1:] defaults = argspec[3] or [] log(required_args, kwargs, defaults) args = copy_and_rm_args(required_args, kwargs, defaults) obj = get_object(resources, args, required_args) # check based on author attribute, if present if 'author' in kinds and getattr(obj, 'author', None): # where is the author check done ? put_object(resources, args, required_args, obj) return handler_method(self, *args, **kwargs) # check generic authorization stuff. # @see Project for details if getattr(obj, 'check_access', None): if obj.check_access(user, kinds): put_object(resources, args, required_args, obj) return handler_method(self, *args, **kwargs) # # anon check should be done here. if 'admin' in kinds: if not is_admin: return {'status': 'not_found'} put_object(resources, args, required_args, obj) return handler_method(self, *args, **kwargs) return {'status': 'not_found'}