def anonymize_ips():
"""Anonymize all the IPs of the server."""
from pybossa.core import anonymizer, task_repo
taskruns = task_repo.filter_task_runs_by(user_id=None)
for tr in taskruns:
print "Working on taskrun %s" % tr.id
print "From %s to %s" % (tr.user_ip, anonymizer.ip(tr.user_ip))
tr.user_ip = anonymizer.ip(tr.user_ip)
task_repo.update(tr)
def anonymize_ips():
"""Anonymize all the IPs of the server."""
from pybossa.core import anonymizer, task_repo
taskruns = task_repo.filter_task_runs_by(user_id=None)
for tr in taskruns:
print "Working on taskrun %s" % tr.id
print "From %s to %s" % (tr.user_ip, anonymizer.ip(tr.user_ip))
tr.user_ip = anonymizer.ip(tr.user_ip)
task_repo.update(tr)
def user_progress(project_id=None, short_name=None):
"""API endpoint for user progress.
Return a JSON object with two fields regarding the tasks for the user:
{ 'done': 10,
'total: 100
}
This will mean that the user has done a 10% of the available tasks for
him
"""
if project_id or short_name:
if short_name:
project = project_repo.get_by_shortname(short_name)
elif project_id:
project = project_repo.get(project_id)
if project:
# For now, keep this version, but wait until redis cache is
# used here for task_runs too
query_attrs = dict(project_id=project.id)
if current_user.is_anonymous:
query_attrs['user_ip'] = anonymizer.ip(request.remote_addr or
'127.0.0.1')
else:
query_attrs['user_id'] = current_user.id
taskrun_count = task_repo.count_task_runs_with(**query_attrs)
tmp = dict(done=taskrun_count, total=n_tasks(project.id))
return Response(json.dumps(tmp), mimetype="application/json")
else:
return abort(404)
else: # pragma: no cover
return abort(404)
def user_progress(project_id=None, short_name=None):
"""API endpoint for user progress.
Return a JSON object with two fields regarding the tasks for the user:
{ 'done': 10,
'total: 100
}
This will mean that the user has done a 10% of the available tasks for
him
"""
if project_id or short_name:
if short_name:
project = project_repo.get_by_shortname(short_name)
elif project_id:
project = project_repo.get(project_id)
if project:
# For now, keep this version, but wait until redis cache is
# used here for task_runs too
query_attrs = dict(project_id=project.id)
if current_user.is_anonymous():
query_attrs['user_ip'] = anonymizer.ip(request.remote_addr or
'127.0.0.1')
else:
query_attrs['user_id'] = current_user.id
taskrun_count = task_repo.count_task_runs_with(**query_attrs)
tmp = dict(done=taskrun_count, total=n_tasks(project.id))
return Response(json.dumps(tmp), mimetype="application/json")
else:
return abort(404)
else: # pragma: no cover
return abort(404)
def ratelimit(
limit,
per,
send_x_headers=True,
scope_func=lambda: anonymizer.ip(request.remote_addr or '127.0.0.1'),
key_func=lambda: request.endpoint,
path=lambda: request.path):
"""
Decorator for limiting the access to a route.
Returns the function if within the limit, otherwise TooManyRequests error
"""
def decorator(f):
@wraps(f)
def rate_limited(*args, **kwargs):
try:
key = 'rate-limit/%s/%s/' % (key_func(), scope_func())
rlimit = RateLimit(key, limit, per, send_x_headers)
g._view_rate_limit = rlimit
# if over_limit is not None and rlimit.over_limit:
if rlimit.over_limit:
raise TooManyRequests
return f(*args, **kwargs)
except Exception as e:
return error.format_exception(e,
target=path(),
action=f.__name__)
return update_wrapper(rate_limited, f)
return decorator
def ratelimit(limit, per, send_x_headers=True,
scope_func=lambda: anonymizer.ip(request.remote_addr or '127.0.0.1'),
key_func=lambda: request.endpoint,
path=lambda: request.path):
"""
Decorator for limiting the access to a route.
Returns the function if within the limit, otherwise TooManyRequests error
"""
def decorator(f):
@wraps(f)
def rate_limited(*args, **kwargs):
try:
key = 'rate-limit/%s/%s/' % (key_func(), scope_func())
rlimit = RateLimit(key, limit, per, send_x_headers)
g._view_rate_limit = rlimit
# if over_limit is not None and rlimit.over_limit:
if rlimit.over_limit:
raise TooManyRequests
return f(*args, **kwargs)
except Exception as e:
return error.format_exception(e, target=path(),
action=f.__name__)
return update_wrapper(rate_limited, f)
return decorator
def _retrieve_new_task(project_id):
project = project_repo.get(project_id)
if project is None:
raise NotFound
if not project.allow_anonymous_contributors and current_user.is_anonymous(
):
info = dict(error="This project does not allow anonymous contributors")
error = [model.task.Task(info=info)]
return error
if request.args.get('external_uid'):
resp = jwt_authorize_project(project,
request.headers.get('Authorization'))
if resp != True:
return resp
if request.args.get('limit'):
limit = int(request.args.get('limit'))
else:
limit = 1
if limit > 100:
limit = 100
if request.args.get('offset'):
offset = int(request.args.get('offset'))
else:
offset = 0
if request.args.get('orderby'):
orderby = request.args.get('orderby')
else:
orderby = 'id'
if request.args.get('desc'):
desc = fuzzyboolean(request.args.get('desc'))
else:
desc = False
user_id = None if current_user.is_anonymous() else current_user.id
user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1')
if current_user.is_anonymous() else None)
external_uid = request.args.get('external_uid')
task = sched.new_task(project_id,
project.info.get('sched'),
user_id,
user_ip,
external_uid,
offset,
limit,
orderby=orderby,
desc=desc)
return task
def _add_user_info(self, taskrun):
if taskrun.external_uid is None:
if current_user.is_anonymous:
taskrun.user_ip = anonymizer.ip(request.remote_addr
or '127.0.0.1')
else:
taskrun.user_id = current_user.id
else:
taskrun.user_ip = None
taskrun.user_id = None
def _add_user_info(self, taskrun):
if taskrun.external_uid is None:
if current_user.is_anonymous():
taskrun.user_ip = anonymizer.ip(request.remote_addr or
'127.0.0.1')
else:
taskrun.user_id = current_user.id
else:
taskrun.user_ip = None
taskrun.user_id = None
def _retrieve_new_task(project_id):
project = project_repo.get(project_id)
if project is None:
raise NotFound
if not project.allow_anonymous_contributors and current_user.is_anonymous():
info = dict(
error="This project does not allow anonymous contributors")
error = [model.task.Task(info=info)]
return error
if request.args.get('external_uid'):
resp = jwt_authorize_project(project,
request.headers.get('Authorization'))
if resp != True:
return resp
if request.args.get('limit'):
limit = int(request.args.get('limit'))
else:
limit = 1
if limit > 100:
limit = 100
if request.args.get('offset'):
offset = int(request.args.get('offset'))
else:
offset = 0
if request.args.get('orderby'):
orderby = request.args.get('orderby')
else:
orderby = 'id'
if request.args.get('desc'):
desc = fuzzyboolean(request.args.get('desc'))
else:
desc = False
user_id = None if current_user.is_anonymous() else current_user.id
user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1')
if current_user.is_anonymous() else None)
external_uid = request.args.get('external_uid')
task = sched.new_task(project_id, project.info.get('sched'),
user_id,
user_ip,
external_uid,
offset,
limit,
orderby=orderby,
desc=desc)
return task
def _retrieve_new_task(project_id):
project = project_repo.get(project_id)
if project is None or not (project.published or current_user.admin
or current_user.id in project.owners_ids):
raise NotFound
if current_user.is_anonymous:
info = dict(error="This project does not allow anonymous contributors")
error = [model.task.Task(info=info)]
return error, None, lambda x: x
if current_user.get_quiz_failed(project):
# User is blocked from project so don't return a task
return None, None, None
# check cookie
pwd_manager = get_pwd_manager(project)
user_id_or_ip = get_user_id_or_ip()
if pwd_manager.password_needed(project, user_id_or_ip):
raise Forbidden("No project password provided")
if request.args.get('external_uid'):
resp = jwt_authorize_project(project,
request.headers.get('Authorization'))
if resp != True:
return resp, lambda x: x
if request.args.get('limit'):
limit = int(request.args.get('limit'))
else:
limit = 1
if limit > 100:
limit = 100
if request.args.get('offset'):
offset = int(request.args.get('offset'))
else:
offset = 0
if request.args.get('orderby'):
orderby = request.args.get('orderby')
else:
orderby = 'id'
if request.args.get('desc'):
desc = fuzzyboolean(request.args.get('desc'))
else:
desc = False
user_id = None if current_user.is_anonymous else current_user.id
user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1')
if current_user.is_anonymous else None)
external_uid = request.args.get('external_uid')
sched_rand_within_priority = project.info.get('sched_rand_within_priority',
False)
user = user_repo.get(user_id)
if (user.get_quiz_not_started(project) and user.get_quiz_enabled(project)
and not task_repo.get_user_has_task_run_for_project(
project_id, user_id)):
user.set_quiz_status(project, 'in_progress')
user_repo.update(user)
task = sched.new_task(project.id,
project.info.get('sched'),
user_id,
user_ip,
external_uid,
offset,
limit,
orderby=orderby,
desc=desc,
rand_within_priority=sched_rand_within_priority,
gold_only=user.get_quiz_in_progress(project))
handler = partial(pwd_manager.update_response,
project=project,
user=user_id_or_ip)
return task, project.info.get('timeout'), handler
def _retrieve_new_task(project_id):
project = project_repo.get(project_id)
if project is None or not (project.published or current_user.admin
or current_user.id in project.owners_ids):
raise NotFound
if current_user.is_anonymous:
info = dict(error="This project does not allow anonymous contributors")
error = [model.task.Task(info=info)]
return error, None, lambda x: x
if current_user.get_quiz_failed(project):
# User is blocked from project so don't return a task
return None, None, None
# check cookie
pwd_manager = get_pwd_manager(project)
user_id_or_ip = get_user_id_or_ip()
if pwd_manager.password_needed(project, user_id_or_ip):
raise Forbidden("No project password provided")
if request.args.get('external_uid'):
resp = jwt_authorize_project(project,
request.headers.get('Authorization'))
if resp != True:
return resp, lambda x: x
if request.args.get('limit'):
limit = int(request.args.get('limit'))
else:
limit = 1
if limit > 100:
limit = 100
if request.args.get('offset'):
offset = int(request.args.get('offset'))
else:
offset = 0
if request.args.get('orderby'):
orderby = request.args.get('orderby')
else:
orderby = 'id'
if request.args.get('desc'):
desc = fuzzyboolean(request.args.get('desc'))
else:
desc = False
user_id = None if current_user.is_anonymous else current_user.id
user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1')
if current_user.is_anonymous else None)
external_uid = request.args.get('external_uid')
sched_rand_within_priority = project.info.get('sched_rand_within_priority',
False)
user = user_repo.get(user_id)
if (project.published and user_id != project.owner_id
and user_id not in project.owners_ids
and user.get_quiz_not_started(project)
and user.get_quiz_enabled(project)
and not task_repo.get_user_has_task_run_for_project(
project_id, user_id)):
user.set_quiz_status(project, 'in_progress')
# We always update the user even if we didn't change the quiz status.
# The reason for that is the user.<?quiz?> methods take a snapshot of the project's quiz
# config the first time it is accessed for a user and save that snapshot
# with the user. So we want to commit that snapshot if this is the first access.
user_repo.update(user)
# Allow scheduling a gold-only task if quiz mode is enabled for the user and the project.
quiz_mode_enabled = user.get_quiz_in_progress(
project) and project.info["quiz"]["enabled"]
task = sched.new_task(project.id,
project.info.get('sched'),
user_id,
user_ip,
external_uid,
offset,
limit,
orderby=orderby,
desc=desc,
rand_within_priority=sched_rand_within_priority,
gold_only=quiz_mode_enabled)
handler = partial(pwd_manager.update_response,
project=project,
user=user_id_or_ip)
return task, project.info.get('timeout'), handler
def default_scope_func():
if current_app.config.get('RATE_LIMIT_BY_USER_ID'):
if current_user.is_authenticated():
return current_user.id
return anonymizer.ip(request.remote_addr or '127.0.0.1')
def _retrieve_new_task(project_id):
project = project_repo.get(project_id)
if project is None:
raise NotFound
if current_user.is_anonymous():
info = dict(error="This project does not allow anonymous contributors")
error = [model.task.Task(info=info)]
return error, None, lambda x: x
# check cookie
pwd_manager = get_pwd_manager(project)
user_id_or_ip = get_user_id_or_ip()
if pwd_manager.password_needed(project, user_id_or_ip):
raise Forbidden("No project password provided")
if request.args.get('external_uid'):
resp = jwt_authorize_project(project,
request.headers.get('Authorization'))
if resp != True:
return resp, lambda x: x
if request.args.get('limit'):
limit = int(request.args.get('limit'))
else:
limit = 1
if limit > 100:
limit = 100
if request.args.get('offset'):
offset = int(request.args.get('offset'))
else:
offset = 0
if request.args.get('orderby'):
orderby = request.args.get('orderby')
else:
orderby = 'id'
if request.args.get('desc'):
desc = fuzzyboolean(request.args.get('desc'))
else:
desc = False
user_id = None if current_user.is_anonymous() else current_user.id
user_ip = (anonymizer.ip(request.remote_addr or '127.0.0.1')
if current_user.is_anonymous() else None)
external_uid = request.args.get('external_uid')
sched_rand_within_priority = project.info.get('sched_rand_within_priority',
False)
task = sched.new_task(project.id,
project.info.get('sched'),
user_id,
user_ip,
external_uid,
offset,
limit,
orderby=orderby,
desc=desc,
rand_within_priority=sched_rand_within_priority)
handler = partial(pwd_manager.update_response,
project=project,
user=user_id_or_ip)
return task, project.info.get('timeout'), handler
