def create(self, request, workspace_id, tab_id, iwidget_id): workspace = get_object_or_404(Workspace, pk=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: msg = _( 'You have not enough permission for updating the persistent variables of this widget' ) return build_error_response(request, 403, msg) iwidget = get_object_or_404(IWidget, pk=iwidget_id) if iwidget.tab_id != int(tab_id): raise Http404 iwidget_info = iwidget.widget.resource.get_processed_info( translate=True, process_variables=True) new_values = parse_json_request(request) for var_name in new_values: if var_name not in iwidget_info['variables']['properties']: msg = _('Invalid persistent variable: "%s"') % var_name return build_error_response(request, 422, msg) iwidget.set_variable_value(var_name, new_values[var_name]) iwidget.save() return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id): workspace = get_object_or_404(Workspace, pk=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: msg = _( 'You have not enough permission for updating the preferences of the iwidget' ) return build_error_response(request, 403, msg) iwidget = get_object_or_404( IWidget.objects.select_related('widget__resource'), pk=iwidget_id) if iwidget.tab_id != int(tab_id): raise Http404 iwidget_info = iwidget.widget.resource.get_processed_info( translate=True, process_variables=True) new_values = parse_json_request(request) for var_name in new_values: try: vardef = iwidget_info['variables']['preferences'][var_name] except KeyError: msg = _('Invalid preference: "%s"') % var_name return build_error_response(request, 422, msg) if vardef['readonly'] is True: msg = _('"%s" preference is read only.') % var_name return build_error_response(request, 403, msg) iwidget.set_variable_value(var_name, new_values[var_name]) iwidget.save() return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id): iwidget = parse_json_request(request) tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _('You have not enough permission for updating the iwidget') return build_error_response(request, 403, msg) iwidget['id'] = iwidget_id try: UpdateIWidget(iwidget, request.user, tab) except Tab.DoesNotExist: return build_error_response( request, 422, _("Target tab {id} does not exist").format(id=iwidget['tab'])) except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e: msg = _('refered widget %(widget_uri)s does not exist.') % { 'widget_uri': iwidget['widget'] } return build_error_response(request, 422, msg) except TypeError as e: return build_error_response(request, 400, e) except ValueError as e: return build_error_response(request, 422, e) except IWidget.DoesNotExist: raise Http404 return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id): iwidget = parse_json_request(request) initial_variable_values = iwidget.get('variable_values', None) # iWidget creation tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _( 'You have not enough permission for adding iwidgets to the workspace' ) return build_error_response(request, 403, msg) try: iwidget = SaveIWidget(iwidget, request.user, tab, initial_variable_values) iwidget_data = get_iwidget_data(iwidget, tab.workspace, user=request.user) return HttpResponse(json.dumps(iwidget_data), content_type='application/json; charset=UTF-8', status=201) except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e: msg = _('refered widget %(widget_uri)s does not exist.') % { 'widget_uri': iwidget['widget'] } return build_error_response(request, 422, msg) except TypeError as e: return build_error_response(request, 400, e) except ValueError as e: return build_error_response(request, 422, e)
def create(self, request, workspace_id): ts = parse_json_request(request) fields = [] workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response(request, 403, _('You are not allowed to update this workspace')) if 'name' in ts: workspace.name = ts['name'] fields.append('name') if 'title' in ts: workspace.title = ts['title'] fields.append('title') if 'description' in ts: workspace.description = ts['description'] fields.append('description') if 'longdescription' in ts: workspace.longdescription = ts['longdescription'] fields.append('longdescription') try: workspace.save(update_fields=fields) except IntegrityError: msg = _('A workspace with the given name already exists') return build_error_response(request, 409, msg) return HttpResponse(status=204)
def create(self, request, workspace_id): ts = parse_json_request(request) workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response( request, 403, _('You are not allowed to update this workspace')) if 'active' in ts: active = ts.get('active', False) if isinstance(active, string_types): active = ts['active'].lower() == 'true' if active: # Only one active workspace setActiveWorkspace(request.user, workspace) else: currentUserWorkspace = UserWorkspace.objects.get( workspace=workspace, user=request.user) currentUserWorkspace.active = False currentUserWorkspace.save() if 'name' in ts: workspace.name = ts['name'] workspace.save() return HttpResponse(status=204)
def update(self, request, workspace_id, tab_id): iwidgets = parse_json_request(request) tab = get_object_or_404(Tab, workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _( 'You have not enough permission for updating the iwidgets of this workspace' ) return build_error_response(request, 403, msg) for iwidget in iwidgets: try: UpdateIWidget(iwidget, request.user, tab, updatecache=False) except IWidget.DoesNotExist: return build_error_response( request, 422, _("Widget {id} does not exist").format( id=iwidget.get('id'))) except TypeError as e: return build_error_response(request, 400, e) except ValueError as e: return build_error_response(request, 422, e) if len(iwidgets) > 0: # Invalidate workspace cache tab.workspace.save() return HttpResponse(status=204)
def _parse_ac_request(request): fileURL = None file_contents = None content_type = get_content_type(request)[0] data = parse_json_request(request) if 'url' not in data: return build_error_response(request, 400, _('Missing widget URL')) fileURL = data.get('url') id_4CaaSt = data.get('4CaaStID') if id_4CaaSt is None: return build_error_response(request, 400, _('Missing 4CaaStID')) if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '': return build_error_response(request, 400, _('Invalid 4CaaStID')) try: downloaded_file = download_http_content(fileURL) except: return build_error_response( request, 409, _('Mashable application component could not be downloaded')) downloaded_file = StringIO(downloaded_file) file_contents = WgtFile(downloaded_file) # Create a custom version of the resource template = TemplateParser(file_contents.get_template()) template_info = template.get_resource_info() template_info['name'] += '@' + id_4CaaSt for pref_name, pref_value in six.iteritems(data.get('preferences', {})): for widget_pref_index, widget_pref in enumerate( template_info['preferences']): if widget_pref['name'] == pref_name: template_info['preferences'][widget_pref_index][ 'readonly'] = True template_info['preferences'][widget_pref_index][ 'value'] = pref_value break # Write a new Wgt file new_file = StringIO() zin = zipfile.ZipFile(downloaded_file, 'r') zout = zipfile.ZipFile(new_file, 'w') zout.writestr('config.xml', write_rdf_description(template_info)) for item in zin.infolist(): if item.filename == 'config.xml': continue zout.writestr(item, zin.read(item.filename)) zin.close() zout.close() file_contents = WgtFile(new_file) return id_4CaaSt, file_contents, fileURL
def create(self, request, workspace_id): ts = parse_json_request(request) workspace = Workspace.objects.get(pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response(request, 403, _('You are not allowed to update this workspace')) if 'active' in ts: active = ts.get('active', False) if isinstance(active, string_types): active = ts['active'].lower() == 'true' if active: # Only one active workspace setActiveWorkspace(request.user, workspace) else: currentUserWorkspace = UserWorkspace.objects.get(workspace=workspace, user=request.user) currentUserWorkspace.active = False currentUserWorkspace.save() if 'name' in ts: workspace.name = ts['name'] workspace.save() return HttpResponse(status=204)
def process(self, request, to_ws_id): to_ws = get_object_or_404(Workspace, id=to_ws_id) if not request.user.is_superuser and to_ws.creator != request.user: return build_error_response(request, 403, _('You are not allowed to update this workspace')) data = parse_json_request(request) mashup_id = data.get('mashup', '') workspace_id = data.get('workspace', '') if mashup_id == '' and workspace_id == '': return build_error_response(request, 422, _('Missing workspace or mashup parameter')) elif mashup_id != '' and workspace_id != '': return build_error_response(request, 422, _('Workspace and mashup parameters cannot be used at the same time')) if mashup_id != '': values = mashup_id.split('/', 3) if len(values) != 3: return build_error_response(request, 422, _('invalid mashup id')) (mashup_vendor, mashup_name, mashup_version) = values try: resource = CatalogueResource.objects.get(vendor=mashup_vendor, short_name=mashup_name, version=mashup_version) if not resource.is_available_for(request.user) or resource.resource_type() != 'mashup': raise CatalogueResource.DoesNotExist except CatalogueResource.DoesNotExist: return build_error_response(request, 422, _('Mashup not found: %(mashup_id)s') % {'mashup_id': mashup_id}) base_dir = catalogue.wgt_deployer.get_base_dir(mashup_vendor, mashup_name, mashup_version) wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri)) template = TemplateParser(wgt_file.get_template()) else: from_ws = get_object_or_404(Workspace, id=workspace_id) if not request.user.is_superuser and from_ws.creator != request.user: return build_error_response(request, 403, _('You are not allowed to read from workspace %s') % workspace_id) options = { 'vendor': 'api', 'name': 'merge_op', 'version': '1.0', 'title': '', 'description': 'Temporal mashup for merging operation', 'email': '*****@*****.**', } template = TemplateParser(build_json_template_from_workspace(options, from_ws, from_ws.creator)) try: check_mashup_dependencies(template, request.user) except MissingDependencies as e: details = { 'missingDependencies': e.missing_dependencies, } return build_error_response(request, 422, e, details=details) fillWorkspaceUsingTemplate(to_ws, template) return HttpResponse(status=204)
def add_tenant(request): data = parse_json_request(request) id_4CaaSt = data['4CaaStID'] if id_4CaaSt is None: return build_error_response(request, 400, _('Missing 4CaaStID')) if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '': return build_error_response(request, 400, _('Invalid 4CaaStID')) username = parse_username(id_4CaaSt) status = 201 try: user = User.objects.create_user(username, '*****@*****.**', username) except: status = 209 user = User.objects.get(username=username) try: if user.tenantprofile_4CaaSt.id_4CaaSt != id_4CaaSt: msg = "A user with the same name and with different tenant id already exists." return build_error_response(request, 400, msg) else: return HttpResponse(status) except TenantProfile.DoesNotExist: pass TenantProfile.objects.create(user=user, id_4CaaSt=id_4CaaSt) return HttpResponse(status)
def process(self, request, to_ws_id): data = parse_json_request(request) mashup_id = data.get('mashup', '') workspace_id = data.get('workspace', '') if mashup_id == '' and workspace_id == '': return build_error_response(request, 422, _('Missing workspace or mashup parameter')) elif mashup_id != '' and workspace_id != '': return build_error_response(request, 422, _('Workspace and mashup parameters cannot be used at the same time')) to_ws = get_object_or_404(Workspace, id=to_ws_id) if not request.user.is_superuser and to_ws.creator != request.user: return build_error_response(request, 403, _('You are not allowed to update this workspace')) if mashup_id != '': values = mashup_id.split('/', 3) if len(values) != 3: return build_error_response(request, 422, _('invalid mashup id')) (mashup_vendor, mashup_name, mashup_version) = values try: resource = CatalogueResource.objects.get(vendor=mashup_vendor, short_name=mashup_name, version=mashup_version) if not resource.is_available_for(request.user) or resource.resource_type() != 'mashup': raise CatalogueResource.DoesNotExist except CatalogueResource.DoesNotExist: return build_error_response(request, 422, _('Mashup not found: %(mashup_id)s') % {'mashup_id': mashup_id}) base_dir = catalogue.wgt_deployer.get_base_dir(mashup_vendor, mashup_name, mashup_version) wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri)) template = TemplateParser(wgt_file.get_template()) else: from_ws = get_object_or_404(Workspace, id=workspace_id) if not request.user.is_superuser and from_ws.creator != request.user: return build_error_response(request, 403, _('You are not allowed to read from workspace %s') % workspace_id) options = { 'vendor': 'api', 'name': 'merge_op', 'version': '1.0', 'title': '', 'description': 'Temporal mashup for merging operation', 'email': '*****@*****.**', } template = TemplateParser(build_json_template_from_workspace(options, from_ws, from_ws.creator)) try: check_mashup_dependencies(template, request.user) except MissingDependencies as e: details = { 'missingDependencies': e.missing_dependencies, } return build_error_response(request, 422, e, details=details) fillWorkspaceUsingTemplate(to_ws, template) return HttpResponse(status=204)
def update(self, request, workspace_id, tab_id): tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if tab.workspace.creator != request.user: return build_error_response(request, 403, _('You are not allowed to update this workspace')) user_workspace = UserWorkspace.objects.get(user__id=request.user.id, workspace__id=workspace_id) if user_workspace.manager != '': return build_error_response(request, 403, _('You are not allowed to update this workspace')) data = parse_json_request(request) if 'visible' in data: visible = data['visible'] if isinstance(visible, string_types): visible = visible.strip().lower() if visible not in ('true', 'false'): return build_error_response(request, 422, _('Invalid visible value')) visible = visible == 'true' elif not isinstance(visible, bool): return build_error_response(request, 422, _('Invalid visible value')) if visible: #Only one visible tab setVisibleTab(request.user, workspace_id, tab) else: tab.visible = False if 'name' in data: tab.name = data['name'] tab.save() return HttpResponse(status=204)
def process(self, request): data = parse_json_request(request) (resource_vendor, resource_name, resource_version) = data['resource'].split('/') resource = get_object_or_404(CatalogueResource, vendor=resource_vendor, short_name=resource_name, version=resource_version) if not resource.is_available_for(request.user): return build_error_response(request, 403, _('You are not allowed to delete this market')) base_dir = catalogue.wgt_deployer.get_base_dir(resource_vendor, resource_name, resource_version) wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri)) market_managers = get_market_managers(request.user) errors = {} for market_endpoint in data['marketplaces']: try: market_managers[market_endpoint['market']].publish(market_endpoint, wgt_file, request.user, request=request) except Exception as e: errors[market_endpoint['market']] = text_type(e) if len(errors) == 0: return HttpResponse(status=204) elif len(errors) == len(data['marketplaces']): return build_error_response(request, 502, _('Something went wrong (see details for more info)'), details=errors) else: return build_error_response(request, 200, _('Something went wrong (see details for more info)'), details=errors)
def process(self, request): if not request.user.is_superuser: return build_error_response( request, 403, _("You don't have permission to switch current session user")) user_info = parse_json_request(request) if "username" not in user_info: return build_error_response(request, 422, "Missing target user info") user_id = get_object_or_404(User, username=user_info['username']).id target_user = None for backend in auth.get_backends(): try: target_user = backend.get_user(user_id) except: continue if target_user is None: continue # Annotate the user object with the path of the backend. target_user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) break if target_user is None: raise Http404 auth.login(request, target_user) return HttpResponse(status=204)
def update(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: return build_error_response(request, 403, _('You are not allowed to update this workspace')) wiring_status = parse_json_request(request) old_wiring_status = workspace.wiringStatus old_read_only_connections = [] for connection in old_wiring_status['connections']: if connection.get('readonly', False): old_read_only_connections.append(connection) read_only_connections = [] for connection in wiring_status['connections']: if connection.get('readonly', False): read_only_connections.append(connection) if len(old_read_only_connections) > len(read_only_connections): return build_error_response(request, 403, _('You are not allowed to remove read only connections')) for connection in old_read_only_connections: if connection not in read_only_connections: return build_error_response(request, 403, _('You are not allowed to remove read only connections')) workspace.wiringStatus = wiring_status workspace.save() return HttpResponse(status=204)
def create(self, request): received_data = parse_json_request(request) if 'options' not in received_data: return build_error_response(request, 400, _("Missing marketplace options")) validate_url_param(request, 'options.url', received_data['options']['url']) if 'user' not in received_data['options'] or received_data['options']['user'] == request.user.username: user_entry = request.user elif received_data['options'].get('user', None) is not None: user_entry = User.objects.get(username=received_data['options']['user']) else: user_entry = None if (user_entry is None or user_entry != request.user) and not request.user.is_superuser: return build_error_response(request, 403, _("You don't have permissions for adding public marketplaces")) if 'user' in received_data['options']: del received_data['options']['user'] try: Market.objects.create(user=user_entry, name=received_data['name'], options=received_data['options']) except IntegrityError: return build_error_response(request, 409, 'Market name already in use') return HttpResponse(status=201)
def process(self, request): if not request.user.is_superuser: return build_error_response(request, 403, _("You don't have permission to switch current session user")) user_info = parse_json_request(request) if "username" not in user_info: return build_error_response(request, 422, "Missing target user info") user_id = get_object_or_404(User, username=user_info['username']).id target_user = None for backend in auth.get_backends(): try: target_user = backend.get_user(user_id) except: continue if target_user is None: continue # Annotate the user object with the path of the backend. target_user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) break if target_user is None: raise Http404 auth.login(request, target_user) return HttpResponse(status=204)
def create(self, request, workspace_id): ts = parse_json_request(request) fields = [] workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response( request, 403, _('You are not allowed to update this workspace')) if 'name' in ts: workspace.name = ts['name'] fields.append('name') if 'description' in ts: workspace.description = ts['description'] fields.append('description') if 'longdescription' in ts: workspace.longdescription = ts['longdescription'] fields.append('longdescription') workspace.save(update_fields=fields) return HttpResponse(status=204)
def create(self, request, workspace_id): workspace = get_object_or_404(Workspace, pk=workspace_id) data = parse_json_request(request) if 'name' not in data: return build_error_response( request, 400, _('Malformed tab JSON: expecting tab name.')) tab_name = data['name'] if not (request.user.is_superuser or workspace.creator == request.user): return build_error_response( request, 403, _('You are not allowed to create new tabs for this workspace')) try: tab = createTab(tab_name, workspace) except IntegrityError: msg = _( 'A tab with the given name already exists for the workspace') return build_error_response(request, 409, msg) # Returning created Ids ids = {'id': tab.id, 'name': tab.name} return HttpResponse(json.dumps(ids), status=201, content_type='application/json; charset=UTF-8')
def create(self, request, workspace_id, tab_id, iwidget_id): workspace = get_object_or_404(Workspace, pk=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: msg = _('You have not enough permission for updating the preferences of the iwidget') return build_error_response(request, 403, msg) iwidget = get_object_or_404(IWidget.objects.select_related('widget__resource'), pk=iwidget_id) if iwidget.tab_id != int(tab_id): raise Http404 iwidget_info = iwidget.widget.resource.get_processed_info(translate=True, process_variables=True) new_values = parse_json_request(request) for var_name in new_values: try: vardef = iwidget_info['variables']['preferences'][var_name] except KeyError: msg = _('Invalid preference: "%s"') % var_name return build_error_response(request, 422, msg) if vardef['readonly'] is True: msg = _('"%s" preference is read only.') % var_name return build_error_response(request, 403, msg) iwidget.set_variable_value(var_name, new_values[var_name]) iwidget.save() return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id): workspace = get_object_or_404(Workspace, pk=workspace_id) iwidget = get_object_or_404(IWidget, pk=iwidget_id) if iwidget.tab_id != int(tab_id): raise Http404 iwidget_info = iwidget.widget.resource.get_processed_info(translate=True, process_variables=True) new_values = parse_json_request(request) for var_name in new_values: if var_name not in iwidget_info['variables']['properties']: msg = _('Invalid persistent variable: "%s"') % var_name return build_error_response(request, 422, msg) # Check if its multiuser if not iwidget_info['variables']['properties'][var_name].get("multiuser", False): # No multiuser -> Check permissions if workspace.creator != request.user: msg = _('You have not enough permission for updating the persistent variables of this widget') return build_error_response(request, 403, msg) else: # Multiuser -> Check permissions if not workspace.is_available_for(request.user): msg = _('You have not enough permission for updating the persistent variables of this widget') return build_error_response(request, 403, msg) iwidget.set_variable_value(var_name, new_values[var_name], request.user) iwidget.save() return HttpResponse(status=204)
def update(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) new_wiring_status = parse_json_request(request) old_wiring_status = workspace.wiringStatus if workspace.creator == request.user or request.user.is_superuser: result = self.checkWiring(request, new_wiring_status, old_wiring_status, can_update_secure=False) elif workspace.is_available_for(request.user): result = self.checkMultiuserWiring(request, new_wiring_status, old_wiring_status, workspace.creator, can_update_secure=False) else: return build_error_response( request, 403, _('You are not allowed to update this workspace')) if result is not True: return result workspace.wiringStatus = new_wiring_status workspace.save() return HttpResponse(status=204)
def create(self, request, workspace_id): ts = parse_json_request(request) fields = [] workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response( request, 403, _('You are not allowed to update this workspace')) if 'name' in ts: workspace.name = ts['name'] fields.append('name') if 'title' in ts: workspace.title = ts['title'] fields.append('title') if 'description' in ts: workspace.description = ts['description'] fields.append('description') if 'longdescription' in ts: workspace.longdescription = ts['longdescription'] fields.append('longdescription') try: workspace.save(update_fields=fields) except IntegrityError: msg = _('A workspace with the given name already exists') return build_error_response(request, 409, msg) return HttpResponse(status=204)
def create(self, request, workspace_id): # Check Workspace existance and owned by this user workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response(request, 403, _('You are not allowed to update this workspace')) preferences_json = parse_json_request(request) if 'sharelist' in preferences_json: workspace.users.clear() workspace.groups.clear() sharelist = json.loads(preferences_json['sharelist']['value']) for item in sharelist: try: user = User.objects.get(username=item['name']) except User.DoesNotExist: continue workspace.userworkspace_set.create(user=user) try: workspace.groups.add(user.organization.group) except Organization.DoesNotExist: pass del preferences_json['sharelist'] if 'public' in preferences_json: workspace.public = preferences_json['public']['value'].strip().lower() == 'true' workspace.save() del preferences_json['public'] update_workspace_preferences(workspace, preferences_json) return HttpResponse(status=204)
def create(self, request, workspace_id): workspace = get_object_or_404(Workspace, pk=workspace_id) data = parse_json_request(request) if 'name' not in data and 'title' not in data: return build_error_response( request, 422, _('Malformed tab JSON: expecting tab name or title.')) if not (request.user.is_superuser or workspace.creator == request.user): return build_error_response( request, 403, _('You are not allowed to create new tabs for this workspace')) tab_title = data.get('title') tab_name = data.get('name') try: tab = createTab(tab_title, workspace, name=tab_name) except IntegrityError: msg = _( 'A tab with the given name already exists for the workspace') return build_error_response(request, 409, msg) return HttpResponse(json.dumps(get_tab_data(tab, user=request.user)), status=201, content_type='application/json; charset=UTF-8')
def create(self, request, workspace_id, tab_id, iwidget_id): iwidget = parse_json_request(request) tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _('You have not enough permission for updating the iwidget') return build_error_response(request, 403, msg) iwidget['id'] = iwidget_id try: UpdateIWidget(iwidget, request.user, tab) except Tab.DoesNotExist: return build_error_response(request, 422, _("Target tab {id} does not exist").format(id=iwidget['tab'])) except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e: msg = _('refered widget %(widget_uri)s does not exist.') % {'widget_uri': iwidget['widget']} return build_error_response(request, 422, msg) except TypeError as e: return build_error_response(request, 400, e) except ValueError as e: return build_error_response(request, 422, e) except IWidget.DoesNotExist: raise Http404 return HttpResponse(status=204)
def create(self, request): preferences_json = parse_json_request(request) update_preferences(request.user, preferences_json) if 'language' in preferences_json: update_session_lang(request, request.user) return HttpResponse(status=204)
def update(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: return build_error_response(request, 403, _('You are not allowed to update this workspace')) new_wiring_status = parse_json_request(request) old_wiring_status = workspace.wiringStatus # Check read only connections old_read_only_connections = [connection for connection in old_wiring_status['connections'] if connection.get('readonly', False)] new_read_only_connections = [connection for connection in new_wiring_status['connections'] if connection.get('readonly', False)] if len(old_read_only_connections) > len(new_read_only_connections): return build_error_response(request, 403, _('You are not allowed to remove or update read only connections')) for connection in old_read_only_connections: if connection not in new_read_only_connections: return build_error_response(request, 403, _('You are not allowed to remove or update read only connections')) # Check operator preferences for operator_id, operator in six.iteritems(new_wiring_status['operators']): if operator_id in old_wiring_status['operators']: old_operator = old_wiring_status['operators'][operator_id] added_preferences = set(operator['preferences'].keys()) - set(old_operator['preferences'].keys()) removed_preferences = set(old_operator['preferences'].keys()) - set(operator['preferences'].keys()) updated_preferences = set(operator['preferences'].keys()).intersection(old_operator['preferences'].keys()) else: # New operator added_preferences = operator['preferences'].keys() removed_preferences = () updated_preferences = () for preference_name in added_preferences: if operator['preferences'][preference_name].get('readonly', False) or operator['preferences'][preference_name].get('hidden', False): return build_error_response(request, 403, _('Read only and hidden preferences cannot be created using this API')) for preference_name in removed_preferences: if old_operator['preferences'][preference_name].get('readonly', False) or old_operator['preferences'][preference_name].get('hidden', False): return build_error_response(request, 403, _('Read only and hidden preferences cannot be removed')) for preference_name in updated_preferences: old_preference = old_operator['preferences'][preference_name] new_preference = operator['preferences'][preference_name] if old_preference.get('readonly', False) != new_preference.get('readonly', False) or old_preference.get('hidden', False) != new_preference.get('hidden', False): return build_error_response(request, 403, _('Read only and hidden status cannot be changed using this API')) if new_preference.get('readonly', False) and new_preference.get('value') != old_preference.get('value'): return build_error_response(request, 403, _('Read only preferences cannot be updated')) workspace.wiringStatus = new_wiring_status workspace.save() return HttpResponse(status=204)
def _parse_ac_request(request): fileURL = None file_contents = None content_type = get_content_type(request)[0] data = parse_json_request(request) if 'url' not in data: return build_error_response(request, 400, _('Missing widget URL')) fileURL = data.get('url') id_4CaaSt = data.get('4CaaStID') if id_4CaaSt is None: return build_error_response(request, 400, _('Missing 4CaaStID')) if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '': return build_error_response(request, 400, _('Invalid 4CaaStID')) try: downloaded_file = download_http_content(fileURL) except: return build_error_response(request, 409, _('Mashable application component could not be downloaded')) downloaded_file = StringIO(downloaded_file) file_contents = WgtFile(downloaded_file) # Create a custom version of the resource template = TemplateParser(file_contents.get_template()) template_info = template.get_resource_info() template_info['name'] += '@' + id_4CaaSt for pref_name, pref_value in six.iteritems(data.get('preferences', {})): for widget_pref_index, widget_pref in enumerate(template_info['preferences']): if widget_pref['name'] == pref_name: template_info['preferences'][widget_pref_index]['readonly'] = True template_info['preferences'][widget_pref_index]['value'] = pref_value break # Write a new Wgt file new_file = StringIO() zin = zipfile.ZipFile(downloaded_file, 'r') zout = zipfile.ZipFile(new_file, 'w') zout.writestr('config.xml', write_rdf_description(template_info)) for item in zin.infolist(): if item.filename == 'config.xml': continue zout.writestr(item, zin.read(item.filename)) zin.close() zout.close() file_contents = WgtFile(new_file) return id_4CaaSt, file_contents, fileURL
def create(self, request, workspace_id, tab_id): # Check Tab existance and owned by this user tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if not (request.user.is_superuser or tab.workspace.users.filter(pk=request.user.pk).exists()): return build_error_response(request, 403, _('You are not allowed to update this workspace')) preferences_json = parse_json_request(request) update_tab_preferences(tab, preferences_json) return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id): tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if tab.workspace.creator != request.user: return build_error_response( request, 403, _('You are not allowed to update this workspace')) user_workspace = UserWorkspace.objects.get(user__id=request.user.id, workspace__id=workspace_id) if user_workspace.manager != '': return build_error_response( request, 403, _('You are not allowed to update this workspace')) data = parse_json_request(request) if 'visible' in data: visible = data['visible'] if isinstance(visible, string_types): visible = visible.strip().lower() if visible not in ('true', 'false'): return build_error_response(request, 422, _('Invalid visible value')) visible = visible == 'true' elif not isinstance(visible, bool): return build_error_response(request, 422, _('Invalid visible value')) if visible: # Only one visible tab setVisibleTab(request.user, workspace_id, tab) else: tab.visible = False if 'name' in data: tab.name = data['name'] if 'title' in data: tab.title = data['title'] try: tab.save() except IntegrityError: msg = _( 'A tab with the given name already exists for the workspace') return build_error_response(request, 409, msg) return HttpResponse(status=204)
def patch(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) old_wiring_status = workspace.wiringStatus req = parse_json_request(request) # Cant explicitly update missing operator preferences / properties # Check if its modifying directly a preference / property regex = re.compile(r'^/?operators/(?P<operator_id>[0-9]+)/(preferences/|properties/)', re.S) for p in req: try: if p["op"] is "test": continue except: return build_error_response(request, 400, _('Invalid JSON patch')) result = regex.match(p["path"]) if result is not None: try: vendor, name, version = workspace.wiringStatus["operators"][result.group("operator_id")]["name"].split("/") except: raise Http404 # If the operator is missing -> 403 try: CatalogueResource.objects.get(vendor=vendor, short_name=name, version=version) except: return build_error_response(request, 403, _('Missing operators variables cannot be updated')) try: new_wiring_status = jsonpatch.apply_patch(old_wiring_status, req) except jsonpatch.JsonPointerException: return build_error_response(request, 422, _('Failed to apply patch')) except jsonpatch.InvalidJsonPatch: return build_error_response(request, 400, _('Invalid JSON patch')) if workspace.creator == request.user or request.user.is_superuser: result = self.checkWiring(request, new_wiring_status, old_wiring_status, can_update_secure=True) elif workspace.is_available_for(request.user): result = self.checkMultiuserWiring(request, new_wiring_status, old_wiring_status, workspace.creator, can_update_secure=True) else: return build_error_response(request, 403, _('You are not allowed to update this workspace')) if result is not True: return result workspace.wiringStatus = new_wiring_status workspace.save() return HttpResponse(status=204)
def process(self, request, workspace_id): workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.creator == request.user): return build_error_response(request, 403, _('You are not allowed to create new tabs for this workspace')) order = parse_json_request(request) tabs = Tab.objects.filter(id__in=order) for tab in tabs: tab.position = order.index(tab.id) tab.save() return HttpResponse(status=204)
def create(self, request): resources = parse_json_request(request) result = [] for g in resources: latest_resource_version = get_latest_resource_version(g["name"], g["vendor"]) if latest_resource_version: # the resource is still in the catalogue g["lastVersion"] = latest_resource_version.version g["lastVersionURL"] = latest_resource_version.template_uri result.append(g) return HttpResponse(json.dumps({'resources': result}), content_type='application/json; charset=UTF-8')
def process(self, request, workspace_id): workspace = Workspace.objects.get(pk=workspace_id) if not (request.user.is_superuser or workspace.creator == request.user): return build_error_response(request, 403, _('You are not allowed to create new tabs for this workspace')) order = parse_json_request(request) tabs = Tab.objects.filter(id__in=order) for tab in tabs: tab.position = order.index(tab.id) tab.save() return HttpResponse(status=204)
def create(self, request): resources = parse_json_request(request) result = [] for g in resources: latest_resource_version = get_latest_resource_version( g["name"], g["vendor"]) if latest_resource_version: # the resource is still in the catalogue g["lastVersion"] = latest_resource_version.version g["lastVersionURL"] = latest_resource_version.template_uri result.append(g) return HttpResponse(json.dumps({'resources': result}), content_type='application/json; charset=UTF-8')
def process(self, request, market_user, market_name, store): adaptor = get_market_adaptor(market_user, market_name) user_data = get_market_user_data(request.user, market_user, market_name) data = parse_json_request(request) redirect_uri = get_absolute_reverse_url('wirecloud.fiware.store_redirect_uri', request) try: result = adaptor.start_purchase(store, data['offering_url'], redirect_uri, **user_data) except HTTPError as e: details = "%s" % e return build_error_response(request, 502, "Unexpected response", details=details) except (ConnectionError, ConnectTimeout): return build_error_response(request, 504, "Connection Error") return HttpResponse(json.dumps(result), content_type='application/json; chaset=UTF-8')
def create(self, request, workspace_id): # Check Workspace existance and owned by this user workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response(request, 403, _('You are not allowed to update this workspace')) preferences_json = parse_json_request(request) if 'public' in preferences_json: workspace.public = preferences_json['public']['value'] workspace.save() del preferences_json['public'] update_workspace_preferences(workspace, preferences_json) return HttpResponse(status=204)
def update(self, request, workspace_id, tab_id): iwidgets = parse_json_request(request) tab = get_object_or_404(Tab, workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _('You have not enough permission for updating the iwidgets of this workspace') return build_error_response(request, 403, msg) for iwidget in iwidgets: try: UpdateIWidget(iwidget, request.user, tab) except IWidget.DoesNotExist: return build_error_response(request, 422, _("Widget {id} does not exist").format(id=iwidget.get('id'))) except ValueError as e: return build_error_response(request, 422, e) return HttpResponse(status=204)
def process(self, request): data = parse_json_request(request) (resource_vendor, resource_name, resource_version) = data['resource'].split('/') resource = get_object_or_404(CatalogueResource, vendor=resource_vendor, short_name=resource_name, version=resource_version) if not resource.is_available_for(request.user): return build_error_response( request, 403, _('You are not allowed to delete this market')) base_dir = catalogue.wgt_deployer.get_base_dir(resource_vendor, resource_name, resource_version) wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri)) market_managers = get_market_managers(request.user) errors = {} for market_endpoint in data['marketplaces']: try: market_managers[market_endpoint['market']].publish( market_endpoint, wgt_file, request.user, request=request) except Exception as e: errors[market_endpoint['market']] = text_type(e) if len(errors) == 0: return HttpResponse(status=204) elif len(errors) == len(data['marketplaces']): return build_error_response( request, 502, _('Something went wrong (see details for more info)'), details=errors) else: return build_error_response( request, 200, _('Something went wrong (see details for more info)'), details=errors)
def create(self, request, workspace_id): workspace = get_object_or_404(Workspace, pk=workspace_id) data = parse_json_request(request) if 'name' not in data: return build_error_response(request, 422, _('Malformed tab JSON: expecting tab name.')) tab_name = data['name'] if not (request.user.is_superuser or workspace.creator == request.user): return build_error_response(request, 403, _('You are not allowed to create new tabs for this workspace')) try: tab = createTab(tab_name, workspace) except IntegrityError: msg = _('A tab with the given name already exists for the workspace') return build_error_response(request, 409, msg) return HttpResponse(json.dumps(get_tab_data(tab, user=request.user)), status=201, content_type='application/json; charset=UTF-8')
def create(self, request, workspace_id, tab_id, iwidget_id): workspace = Workspace.objects.get(id=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: msg = _("You have not enough permission for updating the persistent variables of this widget") return build_error_response(request, 403, msg) iwidget = get_object_or_404(IWidget, pk=iwidget_id) iwidget_info = iwidget.widget.resource.get_processed_info(translate=True, process_variables=True) new_values = parse_json_request(request) for var_name in new_values: if var_name not in iwidget_info["variables"]["properties"]: msg = _('Invalid persistent variable: "%s"') % var_name return build_error_response(request, 422, msg) iwidget.set_variable_value(var_name, new_values[var_name]) iwidget.save() return HttpResponse(status=204)
def update(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) new_wiring_status = parse_json_request(request) old_wiring_status = workspace.wiringStatus if workspace.creator == request.user or request.user.is_superuser: result = self.checkWiring(request, new_wiring_status, old_wiring_status, can_update_secure=False) elif workspace.is_available_for(request.user): result = self.checkMultiuserWiring(request, new_wiring_status, old_wiring_status, workspace.creator, can_update_secure=False) else: return build_error_response(request, 403, _('You are not allowed to update this workspace')) if result is not True: return result workspace.wiringStatus = new_wiring_status workspace.save() return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id): iwidget = parse_json_request(request) tab = get_object_or_404(Tab.objects.select_related("workspace"), workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _("You have not enough permission for updating the iwidget") return build_error_response(request, 403, msg) iwidget["id"] = iwidget_id try: UpdateIWidget(iwidget, request.user, tab) except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e: msg = _("refered widget %(widget_uri)s does not exist.") % {"widget_uri": iwidget["widget"]} return build_error_response(request, 422, msg) except TypeError as e: return build_error_response(request, 400, e) except ValueError as e: return build_error_response(request, 422, e) return HttpResponse(status=204)
def create(self, request): received_data = parse_json_request(request) received_data.setdefault("public", False) validate_url_param(request, 'url', received_data['url']) if 'user' not in received_data or received_data[ 'user'] == request.user.username: target_user = request.user else: try: target_user = User.objects.get(username=received_data['user']) except: return build_error_response(request, 422, _("invalid user option")) if target_user != request.user and not request.user.is_superuser: return build_error_response( request, 403, _("You don't have permissions for adding marketplaces in name of other user" )) received_data['user'] = target_user.username try: Market.objects.create(user=target_user, name=received_data['name'], public=received_data['public'], options=received_data) except IntegrityError: return build_error_response(request, 409, 'Market name already in use') market_managers = get_market_managers(target_user) market_managers[target_user.username + '/' + received_data['name']].create(target_user) return HttpResponse(status=201)
def create(self, request): received_data = parse_json_request(request) if 'options' not in received_data: return build_error_response(request, 400, _("Missing marketplace options")) validate_url_param(request, 'options.url', received_data['options']['url']) if 'user' not in received_data['options'] or received_data['options'][ 'user'] == request.user.username: user_entry = request.user elif received_data['options'].get('user', None) is not None: user_entry = User.objects.get( username=received_data['options']['user']) else: user_entry = None if (user_entry is None or user_entry != request.user) and not request.user.is_superuser: return build_error_response( request, 403, _("You don't have permissions for adding public marketplaces")) if 'user' in received_data['options']: del received_data['options']['user'] try: Market.objects.create(user=user_entry, name=received_data['name'], options=received_data['options']) except IntegrityError: return build_error_response(request, 409, 'Market name already in use') return HttpResponse(status=201)
def create(self, request, workspace_id, tab_id): iwidget = parse_json_request(request) initial_variable_values = iwidget.get('variable_values', None) # iWidget creation tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id) if not request.user.is_superuser and tab.workspace.creator != request.user: msg = _('You have not enough permission for adding iwidgets to the workspace') return build_error_response(request, 403, msg) try: iwidget = SaveIWidget(iwidget, request.user, tab, initial_variable_values) iwidget_data = get_iwidget_data(iwidget, tab.workspace, user=request.user) return HttpResponse(json.dumps(iwidget_data), content_type='application/json; charset=UTF-8', status=201) except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e: msg = _('refered widget %(widget_uri)s does not exist.') % {'widget_uri': iwidget['widget']} return build_error_response(request, 422, msg) except TypeError as e: return build_error_response(request, 400, e) except ValueError as e: return build_error_response(request, 422, e)
def remove_tenant(request): data = parse_json_request(request) id_4CaaSt = data.get('4CaaStID') if id_4CaaSt is None: return build_error_response(request, 400, _('Missing 4CaaStID')) if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '': return build_error_response(request, 400, _('Invalid 4CaaStID')) username = parse_username(id_4CaaSt) user = get_object_or_404(User, username=username) try: if user.tenantprofile_4CaaSt.id_4CaaSt != id_4CaaSt: raise Http404 except TenantProfile.DoesNotExist: raise Http404 user.delete() return HttpResponse(status=204)
def create(self, request, workspace_id): ts = parse_json_request(request) fields = [] workspace = get_object_or_404(Workspace, pk=workspace_id) if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()): return build_error_response(request, 403, _('You are not allowed to update this workspace')) if 'name' in ts: workspace.name = ts['name'] fields.append('name') if 'description' in ts: workspace.description = ts['description'] fields.append('description') if 'longdescription' in ts: workspace.longdescription = ts['longdescription'] fields.append('longdescription') workspace.save(update_fields=fields) return HttpResponse(status=204)
def process(self, request, market_user, market_name, store): adaptor = get_market_adaptor(market_user, market_name) user_data = get_market_user_data(request.user, market_user, market_name) data = parse_json_request(request) redirect_uri = get_absolute_reverse_url( 'wirecloud.fiware.store_redirect_uri', request) try: result = adaptor.start_purchase(store, data['offering_url'], redirect_uri, **user_data) except HTTPError as e: details = "%s" % e return build_error_response(request, 502, "Unexpected response", details=details) except (ConnectionError, ConnectTimeout): return build_error_response(request, 504, "Connection Error") return HttpResponse(json.dumps(result), content_type='application/json; chaset=UTF-8')
def update(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: return build_error_response( request, 403, _('You are not allowed to update this workspace')) wiring_status = parse_json_request(request) old_wiring_status = workspace.wiringStatus old_read_only_connections = [] for connection in old_wiring_status['connections']: if connection.get('readonly', False): old_read_only_connections.append(connection) read_only_connections = [] for connection in wiring_status['connections']: if connection.get('readonly', False): read_only_connections.append(connection) if len(old_read_only_connections) > len(read_only_connections): return build_error_response( request, 403, _('You are not allowed to remove read only connections')) for connection in old_read_only_connections: if connection not in read_only_connections: return build_error_response( request, 403, _('You are not allowed to remove read only connections')) workspace.wiringStatus = wiring_status workspace.save() return HttpResponse(status=204)
def update(self, request, workspace_id): workspace = get_object_or_404(Workspace, id=workspace_id) if not request.user.is_superuser and workspace.creator != request.user: return build_error_response( request, 403, _('You are not allowed to update this workspace')) new_wiring_status = parse_json_request(request) old_wiring_status = workspace.wiringStatus # Check read only connections old_read_only_connections = [ connection for connection in old_wiring_status['connections'] if connection.get('readonly', False) ] new_read_only_connections = [ connection for connection in new_wiring_status['connections'] if connection.get('readonly', False) ] if len(old_read_only_connections) > len(new_read_only_connections): return build_error_response( request, 403, _('You are not allowed to remove or update read only connections' )) for connection in old_read_only_connections: if connection not in new_read_only_connections: return build_error_response( request, 403, _('You are not allowed to remove or update read only connections' )) # Check operator preferences for operator_id, operator in six.iteritems( new_wiring_status['operators']): if operator_id in old_wiring_status['operators']: old_operator = old_wiring_status['operators'][operator_id] added_preferences = set(operator['preferences'].keys()) - set( old_operator['preferences'].keys()) removed_preferences = set( old_operator['preferences'].keys()) - set( operator['preferences'].keys()) updated_preferences = set( operator['preferences'].keys()).intersection( old_operator['preferences'].keys()) else: # New operator added_preferences = operator['preferences'].keys() removed_preferences = () updated_preferences = () for preference_name in added_preferences: if operator['preferences'][preference_name].get( 'readonly', False) or operator['preferences'][preference_name].get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden preferences cannot be created using this API' )) for preference_name in removed_preferences: if old_operator['preferences'][preference_name].get( 'readonly', False ) or old_operator['preferences'][preference_name].get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden preferences cannot be removed') ) for preference_name in updated_preferences: old_preference = old_operator['preferences'][preference_name] new_preference = operator['preferences'][preference_name] if old_preference.get('readonly', False) != new_preference.get( 'readonly', False) or old_preference.get( 'hidden', False) != new_preference.get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden status cannot be changed using this API' )) if new_preference.get( 'readonly', False) and new_preference.get( 'value') != old_preference.get('value'): return build_error_response( request, 403, _('Read only preferences cannot be updated')) workspace.wiringStatus = new_wiring_status workspace.save() return HttpResponse(status=204)
def create(self, request): data = parse_json_request(request) workspace_name = data.get('name', '').strip() workspace_title = data.get('title', '').strip() workspace_id = data.get('workspace', '') mashup_id = data.get('mashup', '') initial_pref_values = data.get('preferences', {}) allow_renaming = normalize_boolean_param( request, 'allow_renaming', data.get('allow_renaming', False)) dry_run = normalize_boolean_param(request, 'dry_run', data.get('dry_run', False)) if mashup_id == '' and workspace_id == '' and (workspace_name == '' and workspace_title == ''): return build_error_response(request, 422, _('Missing name or title parameter')) elif mashup_id != '' and workspace_id != '': return build_error_response( request, 422, _('Workspace and mashup parameters cannot be used at the same time' )) if mashup_id == '' and workspace_id == '': if workspace_title == '': workspace_title = workspace_name if workspace_name != '' and not is_valid_name(workspace_name): return build_error_response(request, 422, _('invalid workspace name')) if dry_run: return HttpResponse(status=204) try: workspace = createEmptyWorkspace(workspace_title, request.user, name=workspace_name, allow_renaming=allow_renaming) except IntegrityError: msg = _('A workspace with the given name already exists') return build_error_response(request, 409, msg) else: if mashup_id != '': values = mashup_id.split('/', 3) if len(values) != 3: return build_error_response(request, 422, _('invalid mashup id')) (mashup_vendor, mashup_name, mashup_version) = values try: resource = CatalogueResource.objects.get( vendor=mashup_vendor, short_name=mashup_name, version=mashup_version) if not resource.is_available_for( request.user ) or resource.resource_type() != 'mashup': raise CatalogueResource.DoesNotExist except CatalogueResource.DoesNotExist: return build_error_response( request, 422, _('Mashup not found: %(mashup_id)s') % {'mashup_id': mashup_id}) base_dir = catalogue.wgt_deployer.get_base_dir( mashup_vendor, mashup_name, mashup_version) wgt_file = WgtFile( os.path.join(base_dir, resource.template_uri)) template = TemplateParser(wgt_file.get_template()) else: from_ws = get_object_or_404(Workspace, id=workspace_id) if from_ws.public is False and not request.user.is_superuser and from_ws.creator != request.user: return build_error_response( request, 403, _('You are not allowed to read from workspace %s') % workspace_id) options = { 'vendor': 'api', 'name': from_ws.name, 'version': '1.0', 'title': from_ws.title if from_ws.title is not None and from_ws.title.strip() != "" else from_ws.name, 'description': 'Temporal mashup for the workspace copy operation', 'email': '*****@*****.**', } template = TemplateParser( build_json_template_from_workspace(options, from_ws, from_ws.creator)) try: check_mashup_dependencies(template, request.user) except MissingDependencies as e: details = { 'missingDependencies': e.missing_dependencies, } return build_error_response(request, 422, e, details=details) if dry_run: return HttpResponse(status=204) try: workspace, _junk = buildWorkspaceFromTemplate( template, request.user, allow_renaming=allow_renaming, new_name=workspace_name, new_title=workspace_title) except IntegrityError: msg = _('A workspace with the given name already exists') return build_error_response(request, 409, msg) if len(initial_pref_values) > 0: update_workspace_preferences(workspace, initial_pref_values, invalidate_cache=False) workspace_data = get_global_workspace_data(workspace, request.user) return workspace_data.get_response(status_code=201, cacheable=False)
def create(self, request): status_code = 201 force_create = False install_embedded_resources = False templateURL = None file_contents = None if request.mimetype == 'multipart/form-data': force_create = request.POST.get('force_create', 'false').strip().lower() == 'true' public = request.POST.get('public', 'false').strip().lower() == 'true' user_list = set( user.strip() for user in request.POST.get('users', '').split(',') if user != "") group_list = set( group.strip() for group in request.POST.get('groups', '').split(',') if group != "") install_embedded_resources = request.POST.get( 'install_embedded_resources', 'false').strip().lower() == 'true' if 'file' not in request.FILES: return build_error_response( request, 400, _('Missing component file in the request')) downloaded_file = request.FILES['file'] try: file_contents = WgtFile(downloaded_file) except zipfile.BadZipfile: return build_error_response( request, 400, _('The uploaded file is not a zip file')) elif request.mimetype == 'application/octet-stream': downloaded_file = BytesIO(request.body) try: file_contents = WgtFile(downloaded_file) except zipfile.BadZipfile: return build_error_response( request, 400, _('The uploaded file is not a zip file')) force_create = request.GET.get('force_create', 'false').strip().lower() == 'true' public = request.GET.get('public', 'false').strip().lower() == 'true' user_list = set(user.strip() for user in request.GET.get('users', '').split(',') if user != "") group_list = set( group.strip() for group in request.GET.get('groups', '').split(',') if group != "") install_embedded_resources = request.GET.get( 'install_embedded_resources', 'false').strip().lower() == 'true' else: # if request.mimetype == 'application/json' market_endpoint = None data = parse_json_request(request) install_embedded_resources = normalize_boolean_param( request, 'install_embedded_resources', data.get('install_embedded_resources', False)) force_create = data.get('force_create', False) public = request.GET.get('public', 'false').strip().lower() == 'true' user_list = set( user.strip() for user in request.GET.get('user_list', '').split(',') if user != "") group_list = set( group.strip() for group in request.GET.get('group_list', '').split(',') if group != "") templateURL = data.get('url') market_endpoint = data.get('market_endpoint', None) headers = data.get('headers', {}) headers['Accept-Encoding'] = 'identity' if market_endpoint is not None: if 'name' not in market_endpoint: msg = _('Missing market name') return build_error_response(request, 400, msg) market_id = market_endpoint['name'] market_managers = get_market_managers(request.user) if market_id not in market_managers: return build_error_response( request, 409, _('Unknown market: %s') % market_id) market_manager = market_managers[market_id] downloaded_file = market_manager.download_resource( request.user, templateURL, market_endpoint) else: try: context = parse_context_from_referer(request) except Exception: context = {} try: context["headers"] = CaseInsensitiveDict(headers) response = WIRECLOUD_PROXY.do_request( request, templateURL, "GET", context) if response.status_code >= 300 or response.status_code < 200: raise Exception() downloaded_file = b''.join(response) except Exception: return build_error_response( request, 409, _('Content cannot be downloaded from the specified url' )) try: downloaded_file = BytesIO(downloaded_file) file_contents = WgtFile(downloaded_file) except zipfile.BadZipfile: return build_error_response( request, 400, _('The file downloaded from the marketplace is not a zip file' )) if public is False and len(user_list) == 0 and len(group_list) == 0: users = (request.user, ) else: users = User.objects.filter(username__in=user_list) groups = Group.objects.filter(name__in=group_list) if not request.user.is_superuser: if public: return build_error_response( request, 403, _('You are not allowed to make resources publicly available to all users' )) elif len(users) > 0 and tuple(users) != (request.user, ): return build_error_response( request, 403, _('You are not allowed allow to install components to other users' )) elif len(groups) > 0: for group in groups: try: owners = group.organization.team_set.get(name="owners") except ObjectDoesNotExist: fail = True else: fail = owners.users.filter( id=request.user.id).exists() is False if fail: return build_error_response( request, 403, _('You are not allowed to install components to non-owned organizations' )) try: fix_dev_version(file_contents, request.user) added, resource = install_component(file_contents, executor_user=request.user, public=public, users=users, groups=groups) if not added and force_create: return build_error_response(request, 409, _('Resource already exists')) elif not added: status_code = 200 except zipfile.BadZipfile as e: return build_error_response( request, 400, _('The uploaded file is not a valid zip file'), details="{}".format(e)) except OSError as e: if e.errno == errno.EACCES: return build_error_response( request, 500, _('Error writing the resource into the filesystem. Please, contact the server administrator.' )) else: raise except TemplateParseException as e: msg = "Error parsing config.xml descriptor file: %s" % e details = "%s" % e return build_error_response(request, 400, msg, details=details) except (InvalidContents, UnsupportedFeature) as e: details = e.details if hasattr(e, 'details') else None return build_error_response(request, 400, e, details=str(details)) if install_embedded_resources: info = { 'resource_details': resource.get_processed_info( request, url_pattern_name="wirecloud.showcase_media"), 'extra_resources': [] } if resource.resource_type() == 'mashup': resource_info = resource.get_processed_info(process_urls=False) for embedded_resource in resource_info['embedded']: resource_file = BytesIO( file_contents.read(embedded_resource['src'])) extra_resource_contents = WgtFile(resource_file) extra_resource_added, extra_resource = install_component( extra_resource_contents, executor_user=request.user, public=public, users=users, groups=groups) if extra_resource_added: info['extra_resources'].append( extra_resource.get_processed_info( request, url_pattern_name="wirecloud.showcase_media")) response = HttpResponse( json.dumps(info, sort_keys=True), status=status_code, content_type='application/json; charset=UTF-8') else: response = HttpResponse( json.dumps(resource.get_processed_info( request, url_pattern_name="wirecloud.showcase_media"), sort_keys=True), status=status_code, content_type='application/json; charset=UTF-8') response['Location'] = resource.get_template_url() return response