def create(self, request, workspace_id, tab_id, iwidget_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
msg = _(
'You have not enough permission for updating the persistent variables of this widget'
)
return build_error_response(request, 403, msg)
iwidget = get_object_or_404(IWidget, pk=iwidget_id)
if iwidget.tab_id != int(tab_id):
raise Http404
iwidget_info = iwidget.widget.resource.get_processed_info(
translate=True, process_variables=True)
new_values = parse_json_request(request)
for var_name in new_values:
if var_name not in iwidget_info['variables']['properties']:
msg = _('Invalid persistent variable: "%s"') % var_name
return build_error_response(request, 422, msg)
iwidget.set_variable_value(var_name, new_values[var_name])
iwidget.save()
return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
msg = _(
'You have not enough permission for updating the preferences of the iwidget'
)
return build_error_response(request, 403, msg)
iwidget = get_object_or_404(
IWidget.objects.select_related('widget__resource'), pk=iwidget_id)
if iwidget.tab_id != int(tab_id):
raise Http404
iwidget_info = iwidget.widget.resource.get_processed_info(
translate=True, process_variables=True)
new_values = parse_json_request(request)
for var_name in new_values:
try:
vardef = iwidget_info['variables']['preferences'][var_name]
except KeyError:
msg = _('Invalid preference: "%s"') % var_name
return build_error_response(request, 422, msg)
if vardef['readonly'] is True:
msg = _('"%s" preference is read only.') % var_name
return build_error_response(request, 403, msg)
iwidget.set_variable_value(var_name, new_values[var_name])
iwidget.save()
return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id):
iwidget = parse_json_request(request)
tab = get_object_or_404(Tab.objects.select_related('workspace'),
workspace__pk=workspace_id,
pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _('You have not enough permission for updating the iwidget')
return build_error_response(request, 403, msg)
iwidget['id'] = iwidget_id
try:
UpdateIWidget(iwidget, request.user, tab)
except Tab.DoesNotExist:
return build_error_response(
request, 422,
_("Target tab {id} does not exist").format(id=iwidget['tab']))
except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e:
msg = _('refered widget %(widget_uri)s does not exist.') % {
'widget_uri': iwidget['widget']
}
return build_error_response(request, 422, msg)
except TypeError as e:
return build_error_response(request, 400, e)
except ValueError as e:
return build_error_response(request, 422, e)
except IWidget.DoesNotExist:
raise Http404
return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id):
iwidget = parse_json_request(request)
initial_variable_values = iwidget.get('variable_values', None)
# iWidget creation
tab = get_object_or_404(Tab.objects.select_related('workspace'),
workspace__pk=workspace_id,
pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _(
'You have not enough permission for adding iwidgets to the workspace'
)
return build_error_response(request, 403, msg)
try:
iwidget = SaveIWidget(iwidget, request.user, tab,
initial_variable_values)
iwidget_data = get_iwidget_data(iwidget,
tab.workspace,
user=request.user)
return HttpResponse(json.dumps(iwidget_data),
content_type='application/json; charset=UTF-8',
status=201)
except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e:
msg = _('refered widget %(widget_uri)s does not exist.') % {
'widget_uri': iwidget['widget']
}
return build_error_response(request, 422, msg)
except TypeError as e:
return build_error_response(request, 400, e)
except ValueError as e:
return build_error_response(request, 422, e)
def create(self, request, workspace_id):
ts = parse_json_request(request)
fields = []
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
if 'name' in ts:
workspace.name = ts['name']
fields.append('name')
if 'title' in ts:
workspace.title = ts['title']
fields.append('title')
if 'description' in ts:
workspace.description = ts['description']
fields.append('description')
if 'longdescription' in ts:
workspace.longdescription = ts['longdescription']
fields.append('longdescription')
try:
workspace.save(update_fields=fields)
except IntegrityError:
msg = _('A workspace with the given name already exists')
return build_error_response(request, 409, msg)
return HttpResponse(status=204)
def create(self, request, workspace_id):
ts = parse_json_request(request)
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser
or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
if 'active' in ts:
active = ts.get('active', False)
if isinstance(active, string_types):
active = ts['active'].lower() == 'true'
if active:
# Only one active workspace
setActiveWorkspace(request.user, workspace)
else:
currentUserWorkspace = UserWorkspace.objects.get(
workspace=workspace, user=request.user)
currentUserWorkspace.active = False
currentUserWorkspace.save()
if 'name' in ts:
workspace.name = ts['name']
workspace.save()
return HttpResponse(status=204)
def update(self, request, workspace_id, tab_id):
iwidgets = parse_json_request(request)
tab = get_object_or_404(Tab, workspace__pk=workspace_id, pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _(
'You have not enough permission for updating the iwidgets of this workspace'
)
return build_error_response(request, 403, msg)
for iwidget in iwidgets:
try:
UpdateIWidget(iwidget, request.user, tab, updatecache=False)
except IWidget.DoesNotExist:
return build_error_response(
request, 422,
_("Widget {id} does not exist").format(
id=iwidget.get('id')))
except TypeError as e:
return build_error_response(request, 400, e)
except ValueError as e:
return build_error_response(request, 422, e)
if len(iwidgets) > 0:
# Invalidate workspace cache
tab.workspace.save()
return HttpResponse(status=204)
def _parse_ac_request(request):
fileURL = None
file_contents = None
content_type = get_content_type(request)[0]
data = parse_json_request(request)
if 'url' not in data:
return build_error_response(request, 400, _('Missing widget URL'))
fileURL = data.get('url')
id_4CaaSt = data.get('4CaaStID')
if id_4CaaSt is None:
return build_error_response(request, 400, _('Missing 4CaaStID'))
if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '':
return build_error_response(request, 400, _('Invalid 4CaaStID'))
try:
downloaded_file = download_http_content(fileURL)
except:
return build_error_response(
request, 409,
_('Mashable application component could not be downloaded'))
downloaded_file = StringIO(downloaded_file)
file_contents = WgtFile(downloaded_file)
# Create a custom version of the resource
template = TemplateParser(file_contents.get_template())
template_info = template.get_resource_info()
template_info['name'] += '@' + id_4CaaSt
for pref_name, pref_value in six.iteritems(data.get('preferences', {})):
for widget_pref_index, widget_pref in enumerate(
template_info['preferences']):
if widget_pref['name'] == pref_name:
template_info['preferences'][widget_pref_index][
'readonly'] = True
template_info['preferences'][widget_pref_index][
'value'] = pref_value
break
# Write a new Wgt file
new_file = StringIO()
zin = zipfile.ZipFile(downloaded_file, 'r')
zout = zipfile.ZipFile(new_file, 'w')
zout.writestr('config.xml', write_rdf_description(template_info))
for item in zin.infolist():
if item.filename == 'config.xml':
continue
zout.writestr(item, zin.read(item.filename))
zin.close()
zout.close()
file_contents = WgtFile(new_file)
return id_4CaaSt, file_contents, fileURL
def create(self, request, workspace_id):
ts = parse_json_request(request)
workspace = Workspace.objects.get(pk=workspace_id)
if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
if 'active' in ts:
active = ts.get('active', False)
if isinstance(active, string_types):
active = ts['active'].lower() == 'true'
if active:
# Only one active workspace
setActiveWorkspace(request.user, workspace)
else:
currentUserWorkspace = UserWorkspace.objects.get(workspace=workspace, user=request.user)
currentUserWorkspace.active = False
currentUserWorkspace.save()
if 'name' in ts:
workspace.name = ts['name']
workspace.save()
return HttpResponse(status=204)
def process(self, request, to_ws_id):
to_ws = get_object_or_404(Workspace, id=to_ws_id)
if not request.user.is_superuser and to_ws.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
data = parse_json_request(request)
mashup_id = data.get('mashup', '')
workspace_id = data.get('workspace', '')
if mashup_id == '' and workspace_id == '':
return build_error_response(request, 422, _('Missing workspace or mashup parameter'))
elif mashup_id != '' and workspace_id != '':
return build_error_response(request, 422, _('Workspace and mashup parameters cannot be used at the same time'))
if mashup_id != '':
values = mashup_id.split('/', 3)
if len(values) != 3:
return build_error_response(request, 422, _('invalid mashup id'))
(mashup_vendor, mashup_name, mashup_version) = values
try:
resource = CatalogueResource.objects.get(vendor=mashup_vendor, short_name=mashup_name, version=mashup_version)
if not resource.is_available_for(request.user) or resource.resource_type() != 'mashup':
raise CatalogueResource.DoesNotExist
except CatalogueResource.DoesNotExist:
return build_error_response(request, 422, _('Mashup not found: %(mashup_id)s') % {'mashup_id': mashup_id})
base_dir = catalogue.wgt_deployer.get_base_dir(mashup_vendor, mashup_name, mashup_version)
wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri))
template = TemplateParser(wgt_file.get_template())
else:
from_ws = get_object_or_404(Workspace, id=workspace_id)
if not request.user.is_superuser and from_ws.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to read from workspace %s') % workspace_id)
options = {
'vendor': 'api',
'name': 'merge_op',
'version': '1.0',
'title': '',
'description': 'Temporal mashup for merging operation',
'email': '*****@*****.**',
}
template = TemplateParser(build_json_template_from_workspace(options, from_ws, from_ws.creator))
try:
check_mashup_dependencies(template, request.user)
except MissingDependencies as e:
details = {
'missingDependencies': e.missing_dependencies,
}
return build_error_response(request, 422, e, details=details)
fillWorkspaceUsingTemplate(to_ws, template)
return HttpResponse(status=204)
def add_tenant(request):
data = parse_json_request(request)
id_4CaaSt = data['4CaaStID']
if id_4CaaSt is None:
return build_error_response(request, 400, _('Missing 4CaaStID'))
if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '':
return build_error_response(request, 400, _('Invalid 4CaaStID'))
username = parse_username(id_4CaaSt)
status = 201
try:
user = User.objects.create_user(username, '*****@*****.**', username)
except:
status = 209
user = User.objects.get(username=username)
try:
if user.tenantprofile_4CaaSt.id_4CaaSt != id_4CaaSt:
msg = "A user with the same name and with different tenant id already exists."
return build_error_response(request, 400, msg)
else:
return HttpResponse(status)
except TenantProfile.DoesNotExist:
pass
TenantProfile.objects.create(user=user, id_4CaaSt=id_4CaaSt)
return HttpResponse(status)
def process(self, request, to_ws_id):
data = parse_json_request(request)
mashup_id = data.get('mashup', '')
workspace_id = data.get('workspace', '')
if mashup_id == '' and workspace_id == '':
return build_error_response(request, 422, _('Missing workspace or mashup parameter'))
elif mashup_id != '' and workspace_id != '':
return build_error_response(request, 422, _('Workspace and mashup parameters cannot be used at the same time'))
to_ws = get_object_or_404(Workspace, id=to_ws_id)
if not request.user.is_superuser and to_ws.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
if mashup_id != '':
values = mashup_id.split('/', 3)
if len(values) != 3:
return build_error_response(request, 422, _('invalid mashup id'))
(mashup_vendor, mashup_name, mashup_version) = values
try:
resource = CatalogueResource.objects.get(vendor=mashup_vendor, short_name=mashup_name, version=mashup_version)
if not resource.is_available_for(request.user) or resource.resource_type() != 'mashup':
raise CatalogueResource.DoesNotExist
except CatalogueResource.DoesNotExist:
return build_error_response(request, 422, _('Mashup not found: %(mashup_id)s') % {'mashup_id': mashup_id})
base_dir = catalogue.wgt_deployer.get_base_dir(mashup_vendor, mashup_name, mashup_version)
wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri))
template = TemplateParser(wgt_file.get_template())
else:
from_ws = get_object_or_404(Workspace, id=workspace_id)
if not request.user.is_superuser and from_ws.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to read from workspace %s') % workspace_id)
options = {
'vendor': 'api',
'name': 'merge_op',
'version': '1.0',
'title': '',
'description': 'Temporal mashup for merging operation',
'email': '*****@*****.**',
}
template = TemplateParser(build_json_template_from_workspace(options, from_ws, from_ws.creator))
try:
check_mashup_dependencies(template, request.user)
except MissingDependencies as e:
details = {
'missingDependencies': e.missing_dependencies,
}
return build_error_response(request, 422, e, details=details)
fillWorkspaceUsingTemplate(to_ws, template)
return HttpResponse(status=204)
def update(self, request, workspace_id, tab_id):
tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id)
if tab.workspace.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
user_workspace = UserWorkspace.objects.get(user__id=request.user.id, workspace__id=workspace_id)
if user_workspace.manager != '':
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
data = parse_json_request(request)
if 'visible' in data:
visible = data['visible']
if isinstance(visible, string_types):
visible = visible.strip().lower()
if visible not in ('true', 'false'):
return build_error_response(request, 422, _('Invalid visible value'))
visible = visible == 'true'
elif not isinstance(visible, bool):
return build_error_response(request, 422, _('Invalid visible value'))
if visible:
#Only one visible tab
setVisibleTab(request.user, workspace_id, tab)
else:
tab.visible = False
if 'name' in data:
tab.name = data['name']
tab.save()
return HttpResponse(status=204)
def process(self, request):
data = parse_json_request(request)
(resource_vendor, resource_name, resource_version) = data['resource'].split('/')
resource = get_object_or_404(CatalogueResource, vendor=resource_vendor, short_name=resource_name, version=resource_version)
if not resource.is_available_for(request.user):
return build_error_response(request, 403, _('You are not allowed to delete this market'))
base_dir = catalogue.wgt_deployer.get_base_dir(resource_vendor, resource_name, resource_version)
wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri))
market_managers = get_market_managers(request.user)
errors = {}
for market_endpoint in data['marketplaces']:
try:
market_managers[market_endpoint['market']].publish(market_endpoint, wgt_file, request.user, request=request)
except Exception as e:
errors[market_endpoint['market']] = text_type(e)
if len(errors) == 0:
return HttpResponse(status=204)
elif len(errors) == len(data['marketplaces']):
return build_error_response(request, 502, _('Something went wrong (see details for more info)'), details=errors)
else:
return build_error_response(request, 200, _('Something went wrong (see details for more info)'), details=errors)
def process(self, request):
if not request.user.is_superuser:
return build_error_response(
request, 403,
_("You don't have permission to switch current session user"))
user_info = parse_json_request(request)
if "username" not in user_info:
return build_error_response(request, 422,
"Missing target user info")
user_id = get_object_or_404(User, username=user_info['username']).id
target_user = None
for backend in auth.get_backends():
try:
target_user = backend.get_user(user_id)
except:
continue
if target_user is None:
continue
# Annotate the user object with the path of the backend.
target_user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
break
if target_user is None:
raise Http404
auth.login(request, target_user)
return HttpResponse(status=204)
def update(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
wiring_status = parse_json_request(request)
old_wiring_status = workspace.wiringStatus
old_read_only_connections = []
for connection in old_wiring_status['connections']:
if connection.get('readonly', False):
old_read_only_connections.append(connection)
read_only_connections = []
for connection in wiring_status['connections']:
if connection.get('readonly', False):
read_only_connections.append(connection)
if len(old_read_only_connections) > len(read_only_connections):
return build_error_response(request, 403, _('You are not allowed to remove read only connections'))
for connection in old_read_only_connections:
if connection not in read_only_connections:
return build_error_response(request, 403, _('You are not allowed to remove read only connections'))
workspace.wiringStatus = wiring_status
workspace.save()
return HttpResponse(status=204)
def create(self, request):
received_data = parse_json_request(request)
if 'options' not in received_data:
return build_error_response(request, 400, _("Missing marketplace options"))
validate_url_param(request, 'options.url', received_data['options']['url'])
if 'user' not in received_data['options'] or received_data['options']['user'] == request.user.username:
user_entry = request.user
elif received_data['options'].get('user', None) is not None:
user_entry = User.objects.get(username=received_data['options']['user'])
else:
user_entry = None
if (user_entry is None or user_entry != request.user) and not request.user.is_superuser:
return build_error_response(request, 403, _("You don't have permissions for adding public marketplaces"))
if 'user' in received_data['options']:
del received_data['options']['user']
try:
Market.objects.create(user=user_entry, name=received_data['name'], options=received_data['options'])
except IntegrityError:
return build_error_response(request, 409, 'Market name already in use')
return HttpResponse(status=201)
def process(self, request):
if not request.user.is_superuser:
return build_error_response(request, 403, _("You don't have permission to switch current session user"))
user_info = parse_json_request(request)
if "username" not in user_info:
return build_error_response(request, 422, "Missing target user info")
user_id = get_object_or_404(User, username=user_info['username']).id
target_user = None
for backend in auth.get_backends():
try:
target_user = backend.get_user(user_id)
except:
continue
if target_user is None:
continue
# Annotate the user object with the path of the backend.
target_user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
break
if target_user is None:
raise Http404
auth.login(request, target_user)
return HttpResponse(status=204)
def create(self, request, workspace_id):
ts = parse_json_request(request)
fields = []
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser
or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
if 'name' in ts:
workspace.name = ts['name']
fields.append('name')
if 'description' in ts:
workspace.description = ts['description']
fields.append('description')
if 'longdescription' in ts:
workspace.longdescription = ts['longdescription']
fields.append('longdescription')
workspace.save(update_fields=fields)
return HttpResponse(status=204)
def add_tenant(request):
data = parse_json_request(request)
id_4CaaSt = data['4CaaStID']
if id_4CaaSt is None:
return build_error_response(request, 400, _('Missing 4CaaStID'))
if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '':
return build_error_response(request, 400, _('Invalid 4CaaStID'))
username = parse_username(id_4CaaSt)
status = 201
try:
user = User.objects.create_user(username, '*****@*****.**', username)
except:
status = 209
user = User.objects.get(username=username)
try:
if user.tenantprofile_4CaaSt.id_4CaaSt != id_4CaaSt:
msg = "A user with the same name and with different tenant id already exists."
return build_error_response(request, 400, msg)
else:
return HttpResponse(status)
except TenantProfile.DoesNotExist:
pass
TenantProfile.objects.create(user=user, id_4CaaSt=id_4CaaSt)
return HttpResponse(status)
def create(self, request, workspace_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
data = parse_json_request(request)
if 'name' not in data:
return build_error_response(
request, 400, _('Malformed tab JSON: expecting tab name.'))
tab_name = data['name']
if not (request.user.is_superuser
or workspace.creator == request.user):
return build_error_response(
request, 403,
_('You are not allowed to create new tabs for this workspace'))
try:
tab = createTab(tab_name, workspace)
except IntegrityError:
msg = _(
'A tab with the given name already exists for the workspace')
return build_error_response(request, 409, msg)
# Returning created Ids
ids = {'id': tab.id, 'name': tab.name}
return HttpResponse(json.dumps(ids),
status=201,
content_type='application/json; charset=UTF-8')
def create(self, request, workspace_id, tab_id, iwidget_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
msg = _('You have not enough permission for updating the preferences of the iwidget')
return build_error_response(request, 403, msg)
iwidget = get_object_or_404(IWidget.objects.select_related('widget__resource'), pk=iwidget_id)
if iwidget.tab_id != int(tab_id):
raise Http404
iwidget_info = iwidget.widget.resource.get_processed_info(translate=True, process_variables=True)
new_values = parse_json_request(request)
for var_name in new_values:
try:
vardef = iwidget_info['variables']['preferences'][var_name]
except KeyError:
msg = _('Invalid preference: "%s"') % var_name
return build_error_response(request, 422, msg)
if vardef['readonly'] is True:
msg = _('"%s" preference is read only.') % var_name
return build_error_response(request, 403, msg)
iwidget.set_variable_value(var_name, new_values[var_name])
iwidget.save()
return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
iwidget = get_object_or_404(IWidget, pk=iwidget_id)
if iwidget.tab_id != int(tab_id):
raise Http404
iwidget_info = iwidget.widget.resource.get_processed_info(translate=True, process_variables=True)
new_values = parse_json_request(request)
for var_name in new_values:
if var_name not in iwidget_info['variables']['properties']:
msg = _('Invalid persistent variable: "%s"') % var_name
return build_error_response(request, 422, msg)
# Check if its multiuser
if not iwidget_info['variables']['properties'][var_name].get("multiuser", False):
# No multiuser -> Check permissions
if workspace.creator != request.user:
msg = _('You have not enough permission for updating the persistent variables of this widget')
return build_error_response(request, 403, msg)
else:
# Multiuser -> Check permissions
if not workspace.is_available_for(request.user):
msg = _('You have not enough permission for updating the persistent variables of this widget')
return build_error_response(request, 403, msg)
iwidget.set_variable_value(var_name, new_values[var_name], request.user)
iwidget.save()
return HttpResponse(status=204)
def update(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
new_wiring_status = parse_json_request(request)
old_wiring_status = workspace.wiringStatus
if workspace.creator == request.user or request.user.is_superuser:
result = self.checkWiring(request,
new_wiring_status,
old_wiring_status,
can_update_secure=False)
elif workspace.is_available_for(request.user):
result = self.checkMultiuserWiring(request,
new_wiring_status,
old_wiring_status,
workspace.creator,
can_update_secure=False)
else:
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
if result is not True:
return result
workspace.wiringStatus = new_wiring_status
workspace.save()
return HttpResponse(status=204)
def create(self, request, workspace_id):
ts = parse_json_request(request)
fields = []
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser
or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
if 'name' in ts:
workspace.name = ts['name']
fields.append('name')
if 'title' in ts:
workspace.title = ts['title']
fields.append('title')
if 'description' in ts:
workspace.description = ts['description']
fields.append('description')
if 'longdescription' in ts:
workspace.longdescription = ts['longdescription']
fields.append('longdescription')
try:
workspace.save(update_fields=fields)
except IntegrityError:
msg = _('A workspace with the given name already exists')
return build_error_response(request, 409, msg)
return HttpResponse(status=204)
def create(self, request, workspace_id):
# Check Workspace existance and owned by this user
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
preferences_json = parse_json_request(request)
if 'sharelist' in preferences_json:
workspace.users.clear()
workspace.groups.clear()
sharelist = json.loads(preferences_json['sharelist']['value'])
for item in sharelist:
try:
user = User.objects.get(username=item['name'])
except User.DoesNotExist:
continue
workspace.userworkspace_set.create(user=user)
try:
workspace.groups.add(user.organization.group)
except Organization.DoesNotExist:
pass
del preferences_json['sharelist']
if 'public' in preferences_json:
workspace.public = preferences_json['public']['value'].strip().lower() == 'true'
workspace.save()
del preferences_json['public']
update_workspace_preferences(workspace, preferences_json)
return HttpResponse(status=204)
def create(self, request, workspace_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
data = parse_json_request(request)
if 'name' not in data and 'title' not in data:
return build_error_response(
request, 422,
_('Malformed tab JSON: expecting tab name or title.'))
if not (request.user.is_superuser
or workspace.creator == request.user):
return build_error_response(
request, 403,
_('You are not allowed to create new tabs for this workspace'))
tab_title = data.get('title')
tab_name = data.get('name')
try:
tab = createTab(tab_title, workspace, name=tab_name)
except IntegrityError:
msg = _(
'A tab with the given name already exists for the workspace')
return build_error_response(request, 409, msg)
return HttpResponse(json.dumps(get_tab_data(tab, user=request.user)),
status=201,
content_type='application/json; charset=UTF-8')
def create(self, request, workspace_id, tab_id, iwidget_id):
iwidget = parse_json_request(request)
tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _('You have not enough permission for updating the iwidget')
return build_error_response(request, 403, msg)
iwidget['id'] = iwidget_id
try:
UpdateIWidget(iwidget, request.user, tab)
except Tab.DoesNotExist:
return build_error_response(request, 422, _("Target tab {id} does not exist").format(id=iwidget['tab']))
except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e:
msg = _('refered widget %(widget_uri)s does not exist.') % {'widget_uri': iwidget['widget']}
return build_error_response(request, 422, msg)
except TypeError as e:
return build_error_response(request, 400, e)
except ValueError as e:
return build_error_response(request, 422, e)
except IWidget.DoesNotExist:
raise Http404
return HttpResponse(status=204)
def create(self, request):
preferences_json = parse_json_request(request)
update_preferences(request.user, preferences_json)
if 'language' in preferences_json:
update_session_lang(request, request.user)
return HttpResponse(status=204)
def update(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
new_wiring_status = parse_json_request(request)
old_wiring_status = workspace.wiringStatus
# Check read only connections
old_read_only_connections = [connection for connection in old_wiring_status['connections'] if connection.get('readonly', False)]
new_read_only_connections = [connection for connection in new_wiring_status['connections'] if connection.get('readonly', False)]
if len(old_read_only_connections) > len(new_read_only_connections):
return build_error_response(request, 403, _('You are not allowed to remove or update read only connections'))
for connection in old_read_only_connections:
if connection not in new_read_only_connections:
return build_error_response(request, 403, _('You are not allowed to remove or update read only connections'))
# Check operator preferences
for operator_id, operator in six.iteritems(new_wiring_status['operators']):
if operator_id in old_wiring_status['operators']:
old_operator = old_wiring_status['operators'][operator_id]
added_preferences = set(operator['preferences'].keys()) - set(old_operator['preferences'].keys())
removed_preferences = set(old_operator['preferences'].keys()) - set(operator['preferences'].keys())
updated_preferences = set(operator['preferences'].keys()).intersection(old_operator['preferences'].keys())
else:
# New operator
added_preferences = operator['preferences'].keys()
removed_preferences = ()
updated_preferences = ()
for preference_name in added_preferences:
if operator['preferences'][preference_name].get('readonly', False) or operator['preferences'][preference_name].get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden preferences cannot be created using this API'))
for preference_name in removed_preferences:
if old_operator['preferences'][preference_name].get('readonly', False) or old_operator['preferences'][preference_name].get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden preferences cannot be removed'))
for preference_name in updated_preferences:
old_preference = old_operator['preferences'][preference_name]
new_preference = operator['preferences'][preference_name]
if old_preference.get('readonly', False) != new_preference.get('readonly', False) or old_preference.get('hidden', False) != new_preference.get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden status cannot be changed using this API'))
if new_preference.get('readonly', False) and new_preference.get('value') != old_preference.get('value'):
return build_error_response(request, 403, _('Read only preferences cannot be updated'))
workspace.wiringStatus = new_wiring_status
workspace.save()
return HttpResponse(status=204)
def _parse_ac_request(request):
fileURL = None
file_contents = None
content_type = get_content_type(request)[0]
data = parse_json_request(request)
if 'url' not in data:
return build_error_response(request, 400, _('Missing widget URL'))
fileURL = data.get('url')
id_4CaaSt = data.get('4CaaStID')
if id_4CaaSt is None:
return build_error_response(request, 400, _('Missing 4CaaStID'))
if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '':
return build_error_response(request, 400, _('Invalid 4CaaStID'))
try:
downloaded_file = download_http_content(fileURL)
except:
return build_error_response(request, 409, _('Mashable application component could not be downloaded'))
downloaded_file = StringIO(downloaded_file)
file_contents = WgtFile(downloaded_file)
# Create a custom version of the resource
template = TemplateParser(file_contents.get_template())
template_info = template.get_resource_info()
template_info['name'] += '@' + id_4CaaSt
for pref_name, pref_value in six.iteritems(data.get('preferences', {})):
for widget_pref_index, widget_pref in enumerate(template_info['preferences']):
if widget_pref['name'] == pref_name:
template_info['preferences'][widget_pref_index]['readonly'] = True
template_info['preferences'][widget_pref_index]['value'] = pref_value
break
# Write a new Wgt file
new_file = StringIO()
zin = zipfile.ZipFile(downloaded_file, 'r')
zout = zipfile.ZipFile(new_file, 'w')
zout.writestr('config.xml', write_rdf_description(template_info))
for item in zin.infolist():
if item.filename == 'config.xml':
continue
zout.writestr(item, zin.read(item.filename))
zin.close()
zout.close()
file_contents = WgtFile(new_file)
return id_4CaaSt, file_contents, fileURL
def create(self, request, workspace_id, tab_id):
# Check Tab existance and owned by this user
tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id)
if not (request.user.is_superuser or tab.workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
preferences_json = parse_json_request(request)
update_tab_preferences(tab, preferences_json)
return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id):
tab = get_object_or_404(Tab.objects.select_related('workspace'),
workspace__pk=workspace_id,
pk=tab_id)
if tab.workspace.creator != request.user:
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
user_workspace = UserWorkspace.objects.get(user__id=request.user.id,
workspace__id=workspace_id)
if user_workspace.manager != '':
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
data = parse_json_request(request)
if 'visible' in data:
visible = data['visible']
if isinstance(visible, string_types):
visible = visible.strip().lower()
if visible not in ('true', 'false'):
return build_error_response(request, 422,
_('Invalid visible value'))
visible = visible == 'true'
elif not isinstance(visible, bool):
return build_error_response(request, 422,
_('Invalid visible value'))
if visible:
# Only one visible tab
setVisibleTab(request.user, workspace_id, tab)
else:
tab.visible = False
if 'name' in data:
tab.name = data['name']
if 'title' in data:
tab.title = data['title']
try:
tab.save()
except IntegrityError:
msg = _(
'A tab with the given name already exists for the workspace')
return build_error_response(request, 409, msg)
return HttpResponse(status=204)
def patch(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
old_wiring_status = workspace.wiringStatus
req = parse_json_request(request)
# Cant explicitly update missing operator preferences / properties
# Check if its modifying directly a preference / property
regex = re.compile(r'^/?operators/(?P<operator_id>[0-9]+)/(preferences/|properties/)', re.S)
for p in req:
try:
if p["op"] is "test":
continue
except:
return build_error_response(request, 400, _('Invalid JSON patch'))
result = regex.match(p["path"])
if result is not None:
try:
vendor, name, version = workspace.wiringStatus["operators"][result.group("operator_id")]["name"].split("/")
except:
raise Http404
# If the operator is missing -> 403
try:
CatalogueResource.objects.get(vendor=vendor, short_name=name, version=version)
except:
return build_error_response(request, 403, _('Missing operators variables cannot be updated'))
try:
new_wiring_status = jsonpatch.apply_patch(old_wiring_status, req)
except jsonpatch.JsonPointerException:
return build_error_response(request, 422, _('Failed to apply patch'))
except jsonpatch.InvalidJsonPatch:
return build_error_response(request, 400, _('Invalid JSON patch'))
if workspace.creator == request.user or request.user.is_superuser:
result = self.checkWiring(request, new_wiring_status, old_wiring_status, can_update_secure=True)
elif workspace.is_available_for(request.user):
result = self.checkMultiuserWiring(request, new_wiring_status, old_wiring_status, workspace.creator, can_update_secure=True)
else:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
if result is not True:
return result
workspace.wiringStatus = new_wiring_status
workspace.save()
return HttpResponse(status=204)
def process(self, request, workspace_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser or workspace.creator == request.user):
return build_error_response(request, 403, _('You are not allowed to create new tabs for this workspace'))
order = parse_json_request(request)
tabs = Tab.objects.filter(id__in=order)
for tab in tabs:
tab.position = order.index(tab.id)
tab.save()
return HttpResponse(status=204)
def create(self, request):
resources = parse_json_request(request)
result = []
for g in resources:
latest_resource_version = get_latest_resource_version(g["name"], g["vendor"])
if latest_resource_version:
# the resource is still in the catalogue
g["lastVersion"] = latest_resource_version.version
g["lastVersionURL"] = latest_resource_version.template_uri
result.append(g)
return HttpResponse(json.dumps({'resources': result}),
content_type='application/json; charset=UTF-8')
def process(self, request, workspace_id):
workspace = Workspace.objects.get(pk=workspace_id)
if not (request.user.is_superuser or workspace.creator == request.user):
return build_error_response(request, 403, _('You are not allowed to create new tabs for this workspace'))
order = parse_json_request(request)
tabs = Tab.objects.filter(id__in=order)
for tab in tabs:
tab.position = order.index(tab.id)
tab.save()
return HttpResponse(status=204)
def create(self, request):
resources = parse_json_request(request)
result = []
for g in resources:
latest_resource_version = get_latest_resource_version(
g["name"], g["vendor"])
if latest_resource_version:
# the resource is still in the catalogue
g["lastVersion"] = latest_resource_version.version
g["lastVersionURL"] = latest_resource_version.template_uri
result.append(g)
return HttpResponse(json.dumps({'resources': result}),
content_type='application/json; charset=UTF-8')
def process(self, request, market_user, market_name, store):
adaptor = get_market_adaptor(market_user, market_name)
user_data = get_market_user_data(request.user, market_user, market_name)
data = parse_json_request(request)
redirect_uri = get_absolute_reverse_url('wirecloud.fiware.store_redirect_uri', request)
try:
result = adaptor.start_purchase(store, data['offering_url'], redirect_uri, **user_data)
except HTTPError as e:
details = "%s" % e
return build_error_response(request, 502, "Unexpected response", details=details)
except (ConnectionError, ConnectTimeout):
return build_error_response(request, 504, "Connection Error")
return HttpResponse(json.dumps(result), content_type='application/json; chaset=UTF-8')
def create(self, request, workspace_id):
# Check Workspace existance and owned by this user
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
preferences_json = parse_json_request(request)
if 'public' in preferences_json:
workspace.public = preferences_json['public']['value']
workspace.save()
del preferences_json['public']
update_workspace_preferences(workspace, preferences_json)
return HttpResponse(status=204)
def update(self, request, workspace_id, tab_id):
iwidgets = parse_json_request(request)
tab = get_object_or_404(Tab, workspace__pk=workspace_id, pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _('You have not enough permission for updating the iwidgets of this workspace')
return build_error_response(request, 403, msg)
for iwidget in iwidgets:
try:
UpdateIWidget(iwidget, request.user, tab)
except IWidget.DoesNotExist:
return build_error_response(request, 422, _("Widget {id} does not exist").format(id=iwidget.get('id')))
except ValueError as e:
return build_error_response(request, 422, e)
return HttpResponse(status=204)
def process(self, request):
data = parse_json_request(request)
(resource_vendor, resource_name,
resource_version) = data['resource'].split('/')
resource = get_object_or_404(CatalogueResource,
vendor=resource_vendor,
short_name=resource_name,
version=resource_version)
if not resource.is_available_for(request.user):
return build_error_response(
request, 403, _('You are not allowed to delete this market'))
base_dir = catalogue.wgt_deployer.get_base_dir(resource_vendor,
resource_name,
resource_version)
wgt_file = WgtFile(os.path.join(base_dir, resource.template_uri))
market_managers = get_market_managers(request.user)
errors = {}
for market_endpoint in data['marketplaces']:
try:
market_managers[market_endpoint['market']].publish(
market_endpoint, wgt_file, request.user, request=request)
except Exception as e:
errors[market_endpoint['market']] = text_type(e)
if len(errors) == 0:
return HttpResponse(status=204)
elif len(errors) == len(data['marketplaces']):
return build_error_response(
request,
502,
_('Something went wrong (see details for more info)'),
details=errors)
else:
return build_error_response(
request,
200,
_('Something went wrong (see details for more info)'),
details=errors)
def create(self, request, workspace_id):
workspace = get_object_or_404(Workspace, pk=workspace_id)
data = parse_json_request(request)
if 'name' not in data:
return build_error_response(request, 422, _('Malformed tab JSON: expecting tab name.'))
tab_name = data['name']
if not (request.user.is_superuser or workspace.creator == request.user):
return build_error_response(request, 403, _('You are not allowed to create new tabs for this workspace'))
try:
tab = createTab(tab_name, workspace)
except IntegrityError:
msg = _('A tab with the given name already exists for the workspace')
return build_error_response(request, 409, msg)
return HttpResponse(json.dumps(get_tab_data(tab, user=request.user)), status=201, content_type='application/json; charset=UTF-8')
def create(self, request, workspace_id, tab_id, iwidget_id):
workspace = Workspace.objects.get(id=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
msg = _("You have not enough permission for updating the persistent variables of this widget")
return build_error_response(request, 403, msg)
iwidget = get_object_or_404(IWidget, pk=iwidget_id)
iwidget_info = iwidget.widget.resource.get_processed_info(translate=True, process_variables=True)
new_values = parse_json_request(request)
for var_name in new_values:
if var_name not in iwidget_info["variables"]["properties"]:
msg = _('Invalid persistent variable: "%s"') % var_name
return build_error_response(request, 422, msg)
iwidget.set_variable_value(var_name, new_values[var_name])
iwidget.save()
return HttpResponse(status=204)
def update(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
new_wiring_status = parse_json_request(request)
old_wiring_status = workspace.wiringStatus
if workspace.creator == request.user or request.user.is_superuser:
result = self.checkWiring(request, new_wiring_status, old_wiring_status, can_update_secure=False)
elif workspace.is_available_for(request.user):
result = self.checkMultiuserWiring(request, new_wiring_status, old_wiring_status, workspace.creator, can_update_secure=False)
else:
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
if result is not True:
return result
workspace.wiringStatus = new_wiring_status
workspace.save()
return HttpResponse(status=204)
def create(self, request, workspace_id, tab_id, iwidget_id):
iwidget = parse_json_request(request)
tab = get_object_or_404(Tab.objects.select_related("workspace"), workspace__pk=workspace_id, pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _("You have not enough permission for updating the iwidget")
return build_error_response(request, 403, msg)
iwidget["id"] = iwidget_id
try:
UpdateIWidget(iwidget, request.user, tab)
except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e:
msg = _("refered widget %(widget_uri)s does not exist.") % {"widget_uri": iwidget["widget"]}
return build_error_response(request, 422, msg)
except TypeError as e:
return build_error_response(request, 400, e)
except ValueError as e:
return build_error_response(request, 422, e)
return HttpResponse(status=204)
def create(self, request):
received_data = parse_json_request(request)
received_data.setdefault("public", False)
validate_url_param(request, 'url', received_data['url'])
if 'user' not in received_data or received_data[
'user'] == request.user.username:
target_user = request.user
else:
try:
target_user = User.objects.get(username=received_data['user'])
except:
return build_error_response(request, 422,
_("invalid user option"))
if target_user != request.user and not request.user.is_superuser:
return build_error_response(
request, 403,
_("You don't have permissions for adding marketplaces in name of other user"
))
received_data['user'] = target_user.username
try:
Market.objects.create(user=target_user,
name=received_data['name'],
public=received_data['public'],
options=received_data)
except IntegrityError:
return build_error_response(request, 409,
'Market name already in use')
market_managers = get_market_managers(target_user)
market_managers[target_user.username + '/' +
received_data['name']].create(target_user)
return HttpResponse(status=201)
def create(self, request):
received_data = parse_json_request(request)
if 'options' not in received_data:
return build_error_response(request, 400,
_("Missing marketplace options"))
validate_url_param(request, 'options.url',
received_data['options']['url'])
if 'user' not in received_data['options'] or received_data['options'][
'user'] == request.user.username:
user_entry = request.user
elif received_data['options'].get('user', None) is not None:
user_entry = User.objects.get(
username=received_data['options']['user'])
else:
user_entry = None
if (user_entry is None or
user_entry != request.user) and not request.user.is_superuser:
return build_error_response(
request, 403,
_("You don't have permissions for adding public marketplaces"))
if 'user' in received_data['options']:
del received_data['options']['user']
try:
Market.objects.create(user=user_entry,
name=received_data['name'],
options=received_data['options'])
except IntegrityError:
return build_error_response(request, 409,
'Market name already in use')
return HttpResponse(status=201)
def create(self, request, workspace_id, tab_id):
iwidget = parse_json_request(request)
initial_variable_values = iwidget.get('variable_values', None)
# iWidget creation
tab = get_object_or_404(Tab.objects.select_related('workspace'), workspace__pk=workspace_id, pk=tab_id)
if not request.user.is_superuser and tab.workspace.creator != request.user:
msg = _('You have not enough permission for adding iwidgets to the workspace')
return build_error_response(request, 403, msg)
try:
iwidget = SaveIWidget(iwidget, request.user, tab, initial_variable_values)
iwidget_data = get_iwidget_data(iwidget, tab.workspace, user=request.user)
return HttpResponse(json.dumps(iwidget_data), content_type='application/json; charset=UTF-8', status=201)
except (CatalogueResource.DoesNotExist, Widget.DoesNotExist) as e:
msg = _('refered widget %(widget_uri)s does not exist.') % {'widget_uri': iwidget['widget']}
return build_error_response(request, 422, msg)
except TypeError as e:
return build_error_response(request, 400, e)
except ValueError as e:
return build_error_response(request, 422, e)
def remove_tenant(request):
data = parse_json_request(request)
id_4CaaSt = data.get('4CaaStID')
if id_4CaaSt is None:
return build_error_response(request, 400, _('Missing 4CaaStID'))
if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '':
return build_error_response(request, 400, _('Invalid 4CaaStID'))
username = parse_username(id_4CaaSt)
user = get_object_or_404(User, username=username)
try:
if user.tenantprofile_4CaaSt.id_4CaaSt != id_4CaaSt:
raise Http404
except TenantProfile.DoesNotExist:
raise Http404
user.delete()
return HttpResponse(status=204)
def create(self, request, workspace_id):
ts = parse_json_request(request)
fields = []
workspace = get_object_or_404(Workspace, pk=workspace_id)
if not (request.user.is_superuser or workspace.users.filter(pk=request.user.pk).exists()):
return build_error_response(request, 403, _('You are not allowed to update this workspace'))
if 'name' in ts:
workspace.name = ts['name']
fields.append('name')
if 'description' in ts:
workspace.description = ts['description']
fields.append('description')
if 'longdescription' in ts:
workspace.longdescription = ts['longdescription']
fields.append('longdescription')
workspace.save(update_fields=fields)
return HttpResponse(status=204)
def remove_tenant(request):
data = parse_json_request(request)
id_4CaaSt = data.get('4CaaStID')
if id_4CaaSt is None:
return build_error_response(request, 400, _('Missing 4CaaStID'))
if not isinstance(id_4CaaSt, string_types) or id_4CaaSt.strip() == '':
return build_error_response(request, 400, _('Invalid 4CaaStID'))
username = parse_username(id_4CaaSt)
user = get_object_or_404(User, username=username)
try:
if user.tenantprofile_4CaaSt.id_4CaaSt != id_4CaaSt:
raise Http404
except TenantProfile.DoesNotExist:
raise Http404
user.delete()
return HttpResponse(status=204)
def process(self, request, market_user, market_name, store):
adaptor = get_market_adaptor(market_user, market_name)
user_data = get_market_user_data(request.user, market_user,
market_name)
data = parse_json_request(request)
redirect_uri = get_absolute_reverse_url(
'wirecloud.fiware.store_redirect_uri', request)
try:
result = adaptor.start_purchase(store, data['offering_url'],
redirect_uri, **user_data)
except HTTPError as e:
details = "%s" % e
return build_error_response(request,
502,
"Unexpected response",
details=details)
except (ConnectionError, ConnectTimeout):
return build_error_response(request, 504, "Connection Error")
return HttpResponse(json.dumps(result),
content_type='application/json; chaset=UTF-8')
def update(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
wiring_status = parse_json_request(request)
old_wiring_status = workspace.wiringStatus
old_read_only_connections = []
for connection in old_wiring_status['connections']:
if connection.get('readonly', False):
old_read_only_connections.append(connection)
read_only_connections = []
for connection in wiring_status['connections']:
if connection.get('readonly', False):
read_only_connections.append(connection)
if len(old_read_only_connections) > len(read_only_connections):
return build_error_response(
request, 403,
_('You are not allowed to remove read only connections'))
for connection in old_read_only_connections:
if connection not in read_only_connections:
return build_error_response(
request, 403,
_('You are not allowed to remove read only connections'))
workspace.wiringStatus = wiring_status
workspace.save()
return HttpResponse(status=204)
def update(self, request, workspace_id):
workspace = get_object_or_404(Workspace, id=workspace_id)
if not request.user.is_superuser and workspace.creator != request.user:
return build_error_response(
request, 403,
_('You are not allowed to update this workspace'))
new_wiring_status = parse_json_request(request)
old_wiring_status = workspace.wiringStatus
# Check read only connections
old_read_only_connections = [
connection for connection in old_wiring_status['connections']
if connection.get('readonly', False)
]
new_read_only_connections = [
connection for connection in new_wiring_status['connections']
if connection.get('readonly', False)
]
if len(old_read_only_connections) > len(new_read_only_connections):
return build_error_response(
request, 403,
_('You are not allowed to remove or update read only connections'
))
for connection in old_read_only_connections:
if connection not in new_read_only_connections:
return build_error_response(
request, 403,
_('You are not allowed to remove or update read only connections'
))
# Check operator preferences
for operator_id, operator in six.iteritems(
new_wiring_status['operators']):
if operator_id in old_wiring_status['operators']:
old_operator = old_wiring_status['operators'][operator_id]
added_preferences = set(operator['preferences'].keys()) - set(
old_operator['preferences'].keys())
removed_preferences = set(
old_operator['preferences'].keys()) - set(
operator['preferences'].keys())
updated_preferences = set(
operator['preferences'].keys()).intersection(
old_operator['preferences'].keys())
else:
# New operator
added_preferences = operator['preferences'].keys()
removed_preferences = ()
updated_preferences = ()
for preference_name in added_preferences:
if operator['preferences'][preference_name].get(
'readonly',
False) or operator['preferences'][preference_name].get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden preferences cannot be created using this API'
))
for preference_name in removed_preferences:
if old_operator['preferences'][preference_name].get(
'readonly', False
) or old_operator['preferences'][preference_name].get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden preferences cannot be removed')
)
for preference_name in updated_preferences:
old_preference = old_operator['preferences'][preference_name]
new_preference = operator['preferences'][preference_name]
if old_preference.get('readonly', False) != new_preference.get(
'readonly', False) or old_preference.get(
'hidden', False) != new_preference.get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden status cannot be changed using this API'
))
if new_preference.get(
'readonly', False) and new_preference.get(
'value') != old_preference.get('value'):
return build_error_response(
request, 403,
_('Read only preferences cannot be updated'))
workspace.wiringStatus = new_wiring_status
workspace.save()
return HttpResponse(status=204)
def create(self, request):
data = parse_json_request(request)
workspace_name = data.get('name', '').strip()
workspace_title = data.get('title', '').strip()
workspace_id = data.get('workspace', '')
mashup_id = data.get('mashup', '')
initial_pref_values = data.get('preferences', {})
allow_renaming = normalize_boolean_param(
request, 'allow_renaming', data.get('allow_renaming', False))
dry_run = normalize_boolean_param(request, 'dry_run',
data.get('dry_run', False))
if mashup_id == '' and workspace_id == '' and (workspace_name == '' and
workspace_title == ''):
return build_error_response(request, 422,
_('Missing name or title parameter'))
elif mashup_id != '' and workspace_id != '':
return build_error_response(
request, 422,
_('Workspace and mashup parameters cannot be used at the same time'
))
if mashup_id == '' and workspace_id == '':
if workspace_title == '':
workspace_title = workspace_name
if workspace_name != '' and not is_valid_name(workspace_name):
return build_error_response(request, 422,
_('invalid workspace name'))
if dry_run:
return HttpResponse(status=204)
try:
workspace = createEmptyWorkspace(workspace_title,
request.user,
name=workspace_name,
allow_renaming=allow_renaming)
except IntegrityError:
msg = _('A workspace with the given name already exists')
return build_error_response(request, 409, msg)
else:
if mashup_id != '':
values = mashup_id.split('/', 3)
if len(values) != 3:
return build_error_response(request, 422,
_('invalid mashup id'))
(mashup_vendor, mashup_name, mashup_version) = values
try:
resource = CatalogueResource.objects.get(
vendor=mashup_vendor,
short_name=mashup_name,
version=mashup_version)
if not resource.is_available_for(
request.user
) or resource.resource_type() != 'mashup':
raise CatalogueResource.DoesNotExist
except CatalogueResource.DoesNotExist:
return build_error_response(
request, 422,
_('Mashup not found: %(mashup_id)s') %
{'mashup_id': mashup_id})
base_dir = catalogue.wgt_deployer.get_base_dir(
mashup_vendor, mashup_name, mashup_version)
wgt_file = WgtFile(
os.path.join(base_dir, resource.template_uri))
template = TemplateParser(wgt_file.get_template())
else:
from_ws = get_object_or_404(Workspace, id=workspace_id)
if from_ws.public is False and not request.user.is_superuser and from_ws.creator != request.user:
return build_error_response(
request, 403,
_('You are not allowed to read from workspace %s') %
workspace_id)
options = {
'vendor':
'api',
'name':
from_ws.name,
'version':
'1.0',
'title':
from_ws.title if from_ws.title is not None
and from_ws.title.strip() != "" else from_ws.name,
'description':
'Temporal mashup for the workspace copy operation',
'email':
'*****@*****.**',
}
template = TemplateParser(
build_json_template_from_workspace(options, from_ws,
from_ws.creator))
try:
check_mashup_dependencies(template, request.user)
except MissingDependencies as e:
details = {
'missingDependencies': e.missing_dependencies,
}
return build_error_response(request, 422, e, details=details)
if dry_run:
return HttpResponse(status=204)
try:
workspace, _junk = buildWorkspaceFromTemplate(
template,
request.user,
allow_renaming=allow_renaming,
new_name=workspace_name,
new_title=workspace_title)
except IntegrityError:
msg = _('A workspace with the given name already exists')
return build_error_response(request, 409, msg)
if len(initial_pref_values) > 0:
update_workspace_preferences(workspace,
initial_pref_values,
invalidate_cache=False)
workspace_data = get_global_workspace_data(workspace, request.user)
return workspace_data.get_response(status_code=201, cacheable=False)
def create(self, request):
status_code = 201
force_create = False
install_embedded_resources = False
templateURL = None
file_contents = None
if request.mimetype == 'multipart/form-data':
force_create = request.POST.get('force_create',
'false').strip().lower() == 'true'
public = request.POST.get('public',
'false').strip().lower() == 'true'
user_list = set(
user.strip()
for user in request.POST.get('users', '').split(',')
if user != "")
group_list = set(
group.strip()
for group in request.POST.get('groups', '').split(',')
if group != "")
install_embedded_resources = request.POST.get(
'install_embedded_resources',
'false').strip().lower() == 'true'
if 'file' not in request.FILES:
return build_error_response(
request, 400, _('Missing component file in the request'))
downloaded_file = request.FILES['file']
try:
file_contents = WgtFile(downloaded_file)
except zipfile.BadZipfile:
return build_error_response(
request, 400, _('The uploaded file is not a zip file'))
elif request.mimetype == 'application/octet-stream':
downloaded_file = BytesIO(request.body)
try:
file_contents = WgtFile(downloaded_file)
except zipfile.BadZipfile:
return build_error_response(
request, 400, _('The uploaded file is not a zip file'))
force_create = request.GET.get('force_create',
'false').strip().lower() == 'true'
public = request.GET.get('public',
'false').strip().lower() == 'true'
user_list = set(user.strip()
for user in request.GET.get('users', '').split(',')
if user != "")
group_list = set(
group.strip()
for group in request.GET.get('groups', '').split(',')
if group != "")
install_embedded_resources = request.GET.get(
'install_embedded_resources',
'false').strip().lower() == 'true'
else: # if request.mimetype == 'application/json'
market_endpoint = None
data = parse_json_request(request)
install_embedded_resources = normalize_boolean_param(
request, 'install_embedded_resources',
data.get('install_embedded_resources', False))
force_create = data.get('force_create', False)
public = request.GET.get('public',
'false').strip().lower() == 'true'
user_list = set(
user.strip()
for user in request.GET.get('user_list', '').split(',')
if user != "")
group_list = set(
group.strip()
for group in request.GET.get('group_list', '').split(',')
if group != "")
templateURL = data.get('url')
market_endpoint = data.get('market_endpoint', None)
headers = data.get('headers', {})
headers['Accept-Encoding'] = 'identity'
if market_endpoint is not None:
if 'name' not in market_endpoint:
msg = _('Missing market name')
return build_error_response(request, 400, msg)
market_id = market_endpoint['name']
market_managers = get_market_managers(request.user)
if market_id not in market_managers:
return build_error_response(
request, 409,
_('Unknown market: %s') % market_id)
market_manager = market_managers[market_id]
downloaded_file = market_manager.download_resource(
request.user, templateURL, market_endpoint)
else:
try:
context = parse_context_from_referer(request)
except Exception:
context = {}
try:
context["headers"] = CaseInsensitiveDict(headers)
response = WIRECLOUD_PROXY.do_request(
request, templateURL, "GET", context)
if response.status_code >= 300 or response.status_code < 200:
raise Exception()
downloaded_file = b''.join(response)
except Exception:
return build_error_response(
request, 409,
_('Content cannot be downloaded from the specified url'
))
try:
downloaded_file = BytesIO(downloaded_file)
file_contents = WgtFile(downloaded_file)
except zipfile.BadZipfile:
return build_error_response(
request, 400,
_('The file downloaded from the marketplace is not a zip file'
))
if public is False and len(user_list) == 0 and len(group_list) == 0:
users = (request.user, )
else:
users = User.objects.filter(username__in=user_list)
groups = Group.objects.filter(name__in=group_list)
if not request.user.is_superuser:
if public:
return build_error_response(
request, 403,
_('You are not allowed to make resources publicly available to all users'
))
elif len(users) > 0 and tuple(users) != (request.user, ):
return build_error_response(
request, 403,
_('You are not allowed allow to install components to other users'
))
elif len(groups) > 0:
for group in groups:
try:
owners = group.organization.team_set.get(name="owners")
except ObjectDoesNotExist:
fail = True
else:
fail = owners.users.filter(
id=request.user.id).exists() is False
if fail:
return build_error_response(
request, 403,
_('You are not allowed to install components to non-owned organizations'
))
try:
fix_dev_version(file_contents, request.user)
added, resource = install_component(file_contents,
executor_user=request.user,
public=public,
users=users,
groups=groups)
if not added and force_create:
return build_error_response(request, 409,
_('Resource already exists'))
elif not added:
status_code = 200
except zipfile.BadZipfile as e:
return build_error_response(
request,
400,
_('The uploaded file is not a valid zip file'),
details="{}".format(e))
except OSError as e:
if e.errno == errno.EACCES:
return build_error_response(
request, 500,
_('Error writing the resource into the filesystem. Please, contact the server administrator.'
))
else:
raise
except TemplateParseException as e:
msg = "Error parsing config.xml descriptor file: %s" % e
details = "%s" % e
return build_error_response(request, 400, msg, details=details)
except (InvalidContents, UnsupportedFeature) as e:
details = e.details if hasattr(e, 'details') else None
return build_error_response(request, 400, e, details=str(details))
if install_embedded_resources:
info = {
'resource_details':
resource.get_processed_info(
request, url_pattern_name="wirecloud.showcase_media"),
'extra_resources': []
}
if resource.resource_type() == 'mashup':
resource_info = resource.get_processed_info(process_urls=False)
for embedded_resource in resource_info['embedded']:
resource_file = BytesIO(
file_contents.read(embedded_resource['src']))
extra_resource_contents = WgtFile(resource_file)
extra_resource_added, extra_resource = install_component(
extra_resource_contents,
executor_user=request.user,
public=public,
users=users,
groups=groups)
if extra_resource_added:
info['extra_resources'].append(
extra_resource.get_processed_info(
request,
url_pattern_name="wirecloud.showcase_media"))
response = HttpResponse(
json.dumps(info, sort_keys=True),
status=status_code,
content_type='application/json; charset=UTF-8')
else:
response = HttpResponse(
json.dumps(resource.get_processed_info(
request, url_pattern_name="wirecloud.showcase_media"),
sort_keys=True),
status=status_code,
content_type='application/json; charset=UTF-8')
response['Location'] = resource.get_template_url()
return response
