def read_detail(self, object_list, bundle): # noqa # too complex if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return True if isinstance(bundle.obj, Experiment): return has_experiment_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, ExperimentParameterSet): return has_experiment_access( bundle.request, bundle.obj.experiment.id) elif isinstance(bundle.obj, ExperimentParameter): return has_experiment_access( bundle.request, bundle.obj.parameterset.experiment.id) elif isinstance(bundle.obj, Dataset): return has_dataset_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, DatasetParameterSet): return has_dataset_access(bundle.request, bundle.obj.dataset.id) elif isinstance(bundle.obj, DatasetParameter): return has_dataset_access( bundle.request, bundle.obj.parameterset.dataset.id) elif isinstance(bundle.obj, DataFile): return has_datafile_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, DatafileParameterSet): return has_datafile_access( bundle.request, bundle.obj.datafile.id) elif isinstance(bundle.obj, DatafileParameter): return has_datafile_access( bundle.request, bundle.obj.parameterset.datafile.id) elif isinstance(bundle.obj, User): # allow all authenticated users to read public user info # the dehydrate function also adds/removes some information authenticated = bundle.request.user.is_authenticated() public_user = bundle.obj.experiment_set.filter( public_access__gt=1).count() > 0 return public_user or authenticated elif isinstance(bundle.obj, Schema): return True elif isinstance(bundle.obj, ParameterName): return True elif isinstance(bundle.obj, StorageBox): return bundle.request.user.is_authenticated() elif isinstance(bundle.obj, StorageBoxOption): return bundle.request.user.is_authenticated() and \ bundle.obj.key in StorageBoxOptionResource.accessible_keys elif isinstance(bundle.obj, StorageBoxAttribute): return bundle.request.user.is_authenticated() elif isinstance(bundle.obj, Group): return bundle.obj in bundle.request.user.groups.all() elif isinstance(bundle.obj, Facility): return bundle.obj in facilities_managed_by(bundle.request.user) elif isinstance(bundle.obj, Instrument): facilities = facilities_managed_by(bundle.request.user) return bundle.obj.facility in facilities raise NotImplementedError(type(bundle.obj))
def read_detail(self, object_list, bundle): # noqa # too complex if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return True if isinstance(bundle.obj, Experiment): return has_experiment_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, ExperimentParameterSet): return has_experiment_access( bundle.request, bundle.obj.experiment.id) elif isinstance(bundle.obj, ExperimentParameter): return has_experiment_access( bundle.request, bundle.obj.parameterset.experiment.id) elif isinstance(bundle.obj, Dataset): return has_dataset_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, DatasetParameterSet): return has_dataset_access(bundle.request, bundle.obj.dataset.id) elif isinstance(bundle.obj, DatasetParameter): return has_dataset_access( bundle.request, bundle.obj.parameterset.dataset.id) elif isinstance(bundle.obj, DataFile): return has_datafile_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, DatafileParameterSet): return has_datafile_access( bundle.request, bundle.obj.datafile.id) elif isinstance(bundle.obj, DatafileParameter): return has_datafile_access( bundle.request, bundle.obj.parameterset.datafile.id) elif isinstance(bundle.obj, User): # allow all authenticated users to read public user info # the dehydrate function also adds/removes some information authenticated = bundle.request.user.is_authenticated() public_user = bundle.obj.experiment_set.filter( public_access__gt=1).count() > 0 return public_user or authenticated elif isinstance(bundle.obj, Schema): return True elif isinstance(bundle.obj, ParameterName): return True elif isinstance(bundle.obj, StorageBox): return bundle.request.user.is_authenticated() elif isinstance(bundle.obj, StorageBoxOption): return bundle.request.user.is_authenticated() and \ bundle.obj.key in StorageBoxOptionResource.accessible_keys elif isinstance(bundle.obj, StorageBoxAttribute): return bundle.request.user.is_authenticated() elif isinstance(bundle.obj, Group): return bundle.obj in bundle.request.user.groups.all() elif isinstance(bundle.obj, Facility): return bundle.obj in facilities_managed_by(bundle.request.user) elif isinstance(bundle.obj, Instrument): facilities = facilities_managed_by(bundle.request.user) return bundle.obj.facility in facilities raise NotImplementedError(type(bundle.obj))
def load_experiment_image(request, parameter_id): parameter = ExperimentParameter.objects.get(pk=parameter_id) experiment_id = parameter.parameterset.experiment.id if authz.has_experiment_access(request, experiment_id): return load_image(request, parameter) else: return return_response_error(request)
def _list_related_info(request, experiment_id): if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) sets = ExperimentParameterSet.objects.filter(schema__namespace=SCHEMA_URI) return HttpResponse(json.dumps([_get_dict_from_ps(ps) for ps in sets]), content_type='application/json; charset=utf-8')
def _list(self, request, experiment_id): from tardis.tardis_portal.auth.decorators import has_experiment_access if not has_experiment_access(request, experiment_id): return return_response_error(request) sets = ExperimentParameterSet.objects.filter( schema=self.schema, experiment__pk=experiment_id) return HttpResponse(json.dumps( [self._get_dict_from_ps(ps) for ps in sets]), content_type='application/json; charset=utf-8')
def _list(self, request, experiment_id): from tardis.tardis_portal.auth.decorators import has_experiment_access if not has_experiment_access(request, experiment_id): return return_response_error(request) sets = ExperimentParameterSet.objects.filter(schema=self.schema, experiment__pk=experiment_id) return HttpResponse(json.dumps([self._get_dict_from_ps(ps) for ps in sets]), content_type='application/json; charset=utf-8')
def experiment_public_access_badge(request, experiment_id): try: experiment = Experiment.objects.get(id=experiment_id) except Experiment.DoesNotExist: HttpResponse('') if authz.has_experiment_access(request, experiment_id): return HttpResponse(render_public_access_badge(experiment)) return HttpResponse('')
def experiment_public_access_badge(request, experiment_id): try: experiment = Experiment.objects.get(id=experiment_id) except Experiment.DoesNotExist: HttpResponse('') if authz.has_experiment_access(request, experiment_id): return HttpResponse(render_public_access_badge(experiment)) return HttpResponse('')
def _get(self, request, experiment_id, ps_id): from tardis.tardis_portal.auth.decorators import has_experiment_access if not has_experiment_access(request, experiment_id): return return_response_error(request) try: ps = ExperimentParameterSet.objects.get(schema=self.schema, experiment__pk=experiment_id, id=ps_id) return HttpResponse(json.dumps(self._get_dict_from_ps(ps)), content_type="application/json; charset=utf-8") except: return return_response_not_found(request)
def _get_related_info(request, experiment_id, related_info_id): if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) try: ps = ExperimentParameterSet.objects.get(schema__namespace=SCHEMA_URI, id=related_info_id) return HttpResponse(json.dumps(_get_dict_from_ps(ps)), content_type='application/json; charset=utf-8') except: return return_response_not_found(request)
def _get_related_info(request, experiment_id, related_info_id): if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) try: ps = ExperimentParameterSet.objects.get(schema__namespace=SCHEMA_URI, id=related_info_id) return HttpResponse(json.dumps(_get_dict_from_ps(ps)), content_type='application/json; charset=utf-8') except: return return_response_not_found(request)
def _get(self, request, experiment_id, ps_id): from tardis.tardis_portal.auth.decorators import has_experiment_access if not has_experiment_access(request, experiment_id): return return_response_error(request) try: ps = ExperimentParameterSet.objects.get( schema=self.schema, experiment__pk=experiment_id, id=ps_id) return HttpResponse(json.dumps(self._get_dict_from_ps(ps)), content_type='application/json; charset=utf-8') except: return return_response_not_found(request)
def display_experiment_image( request, experiment_id, parameterset_id, parameter_name): # TODO handle not exist if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) image = ExperimentParameter.objects.get(name__name=parameter_name, parameterset=parameterset_id) return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def display_experiment_image(request, experiment_id, parameterset_id, parameter_name): # TODO handle not exist if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) image = ExperimentParameter.objects.get(name__name=parameter_name, parameterset=parameterset_id) return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def read_detail(self, object_list, bundle): if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return True if type(bundle.obj) == Experiment: return has_experiment_access(bundle.request, bundle.obj.id) elif type(bundle.obj) == ExperimentParameterSet: return has_experiment_access( bundle.request, bundle.obj.experiment.id) elif type(bundle.obj) == ExperimentParameter: return has_experiment_access( bundle.request, bundle.obj.parameterset.experiment.id) elif type(bundle.obj) == Dataset: return has_dataset_access(bundle.request, bundle.obj.id) elif type(bundle.obj) == DatasetParameterSet: return has_dataset_access(bundle.request, bundle.obj.dataset.id) elif type(bundle.obj) == DatasetParameter: return has_dataset_access( bundle.request, bundle.obj.parameterset.dataset.id) elif type(bundle.obj) == Dataset_File: return has_datafile_access(bundle.request, bundle.obj.id) elif type(bundle.obj) == DatafileParameterSet: return has_datafile_access( bundle.request, bundle.obj.dataset_file.id) elif type(bundle.obj) == DatafileParameter: return has_datafile_access( bundle.request, bundle.obj.parameterset.dataset_file.id) elif type(bundle.obj) == User: # allow all authenticated users to read user list return bundle.request.user.is_authenticated() elif type(bundle.obj) == Schema: return bundle.request.user.is_authenticated() elif type(bundle.obj) == ParameterName: return bundle.request.user.is_authenticated() elif type(bundle.obj) == Location: return bundle.request.user.is_authenticated() raise NotImplementedError(type(bundle.obj))
def _list_related_info(request, experiment_id): if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) sets = ExperimentParameterSet.objects.filter(schema__namespace=SCHEMA_URI) return HttpResponse(json.dumps([_get_dict_from_ps(ps) for ps in sets]), content_type='application/json; charset=utf-8')
def load_experiment_image(request, parameter_id): parameter = ExperimentParameter.objects.get(pk=parameter_id) experiment_id = parameter.parameterset.experiment.id if authz.has_experiment_access(request, experiment_id): return load_image(request, parameter) return return_response_error(request)