def rest_delete_file(bucket_id, file_name): """ Deletes file in container :param int bucket_id: The bucket in which the file is in :param string file_name: The name of the file :return file: a status response """ # 1 check auth. if g.user is None or not g.user.is_authenticated(): return "401" # Unauthorized # 2 only owner is allowed to delete if int(g.user.get_id()) != bucket_id: return "403" # 3 check if this combination really exists elements = dbSession.query(Userfile).filter( (Userfile.folder == bucket_id), (Userfile.name == file_name)).first() if elements is None: dbSession.remove() return "404" # 4 try a delete-atempt # ATT [here an exception can lead to desynchronized states] if storageinterface.file_exists(bucket_id, file_name): storageinterface.delete_file(bucket_id, file_name) # no cascade possible, therfore we must remove the foreign-key there manually references = dbSession.query(UserUserfile).filter( UserUserfile.userfile_id == elements.id) for ref in references: dbSession.delete(ref) dbSession.delete(elements) dbSession.commit() dbSession.remove() return "200" dbSession.remove() return "500" # something went wrong
def rest_delete_file(bucket_id, file_name): """ Deletes file in container :param int bucket_id: The bucket in which the file is in :param string file_name: The name of the file :return file: a status response """ # 1 check auth. if g.user is None or not g.user.is_authenticated(): return "401" # Unauthorized # 2 only owner is allowed to delete if int(g.user.get_id()) != bucket_id: return "403" # 3 check if this combination really exists elements = dbSession.query(Userfile).filter((Userfile.folder == bucket_id), (Userfile.name == file_name)).first() if elements is None: dbSession.remove() return "404" # 4 try a delete-atempt # ATT [here an exception can lead to desynchronized states] if storageinterface.file_exists(bucket_id, file_name): storageinterface.delete_file(bucket_id, file_name) # no cascade possible, therfore we must remove the foreign-key there manually references = dbSession.query(UserUserfile).filter(UserUserfile.userfile_id == elements.id) for ref in references: dbSession.delete(ref) dbSession.delete(elements) dbSession.commit() dbSession.remove() return "200" dbSession.remove() return "500" # something went wrong
def rest_delete_container(bucket_id): """ Deletes specified container :param int bucket_id: The bucket to delete :return file: 200 Page """ # 1. check if logged in user is owner of bucket if g.user is None or not g.user.is_authenticated(): return "401" # Unauthorized if int(g.user.get_id()) != bucket_id: return "403" # Forbidden # ATT: all files in bucket must be deleted in db # can be replaced via bulkrequest, but this needs more attention, because errors are made easily and db could be out of synch [foreign keys and so on]! files_in_bucket = dbSession.query(Userfile).filter( Userfile.folder == bucket_id) for content in files_in_bucket: connectors = dbSession.query(UserUserfile).filter( UserUserfile.userfile_id == content.id) for connect in connectors: dbSession.delete(connect) dbSession.delete(content) user = dbSession.query(User).filter(User.id == bucket_id).first() dbSession.delete(user) dbSession.commit() storageinterface.delete_container(bucket_id) dbSession.remove() return "200"
def rest_delete_container(bucket_id): """ Deletes specified container :param int bucket_id: The bucket to delete :return file: 200 Page """ # 1. check if logged in user is owner of bucket if g.user is None or not g.user.is_authenticated(): return "401" # Unauthorized if int(g.user.get_id()) != bucket_id: return "403" # Forbidden # ATT: all files in bucket must be deleted in db # can be replaced via bulkrequest, but this needs more attention, because errors are made easily and db could be out of synch [foreign keys and so on]! files_in_bucket = dbSession.query(Userfile).filter(Userfile.folder == bucket_id) for content in files_in_bucket: connectors = dbSession.query(UserUserfile).filter(UserUserfile.userfile_id == content.id) for connect in connectors: dbSession.delete(connect) dbSession.delete(content) user = dbSession.query(User).filter(User.id == bucket_id).first() dbSession.delete(user) dbSession.commit() storageinterface.delete_container(bucket_id) dbSession.remove() return "200"
def rest_syncdb_share_file_permission(): name_file_owner = request.json['name_file_owner'] share_username = request.json['username'] permission = request.json['permission'] file_name = request.json['file_name'] etcd_client = init_etcd_connection() commit_key = '/setPermission/' + share_username + '_' + file_name + '/' + 'commit' async_commit_queue = Queue() async_commit_data = FuncThread(listen_commit_status, etcd_client, commit_key, async_commit_queue) async_commit_data.daemon = True async_commit_data.start() key_path = 'setPermission/' + share_username + '_' + file_name + '/' + 'ack_' + cloudplatform print ">>>>>>>>> REST API >>>>>>>>>>>>>>" print "key: " + key_path etcd_client.write(key_path, 2) print ">>>>> REST API: wrote to etcd..." print ">>>>>>>>> REST API >>>>>>>>>>>>>>" async_commit_data.join() commit_res = async_commit_queue.get() print ">>>> commit result: " + commit_res if commit_res == "1": user_file_owner = dbSession.query(User).filter( User.username == name_file_owner).first() print "got owner: " + str(user_file_owner.id) user = dbSession.query(User).filter( User.username == share_username).first() print "shared user: "******"userfile" + str(userfile.id) useruserfile = dbSession.query(UserUserfile).filter( UserUserfile.user_id == user.id, UserUserfile.userfile_id == userfile.id).first() print "useruserfile" if useruserfile is not None: print "entry available" useruserfile.permission = permission dbSession.commit() else: print("set useruserfile") useruserfile = UserUserfile(userfile, user, permission) dbSession.add(useruserfile) dbSession.commit() etcd_client.write(key_path, 3) dbSession.remove() return "200"
def rest_syncdb_share_file_permission(): name_file_owner = request.json['name_file_owner'] share_username = request.json['username'] permission = request.json['permission'] file_name = request.json['file_name'] etcd_client = init_etcd_connection() commit_key = '/setPermission/' + share_username + '_' + file_name + '/' + 'commit' async_commit_queue = Queue() async_commit_data = FuncThread(listen_commit_status, etcd_client, commit_key, async_commit_queue) async_commit_data.daemon = True async_commit_data.start() key_path = 'setPermission/' + share_username + '_' + file_name + '/' + 'ack_' + cloudplatform print ">>>>>>>>> REST API >>>>>>>>>>>>>>" print "key: " + key_path etcd_client.write(key_path, 2) print ">>>>> REST API: wrote to etcd..." print ">>>>>>>>> REST API >>>>>>>>>>>>>>" async_commit_data.join() commit_res = async_commit_queue.get() print ">>>> commit result: " + commit_res if commit_res == "1": user_file_owner = dbSession.query(User).filter(User.username == name_file_owner).first() print "got owner: " + str(user_file_owner.id) user = dbSession.query(User).filter(User.username == share_username).first() print "shared user: "******"userfile" + str(userfile.id) useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user.id, UserUserfile.userfile_id == userfile.id).first() print "useruserfile" if useruserfile is not None: print "entry available" useruserfile.permission = permission dbSession.commit() else: print("set useruserfile") useruserfile = UserUserfile(userfile, user, permission) dbSession.add(useruserfile) dbSession.commit() etcd_client.write(key_path, 3) dbSession.remove() return "200"
def rest_syncfile_save_file_tmp(user_email, file_name): print "rest_syncfile_save_file_tmp: ..." if request.method == 'POST': # set tmp suffix for saving the file only temporary file_name += "_tmp" # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles userfile = dbSession.query(Userfile).filter( Userfile.name == file_name).first() user = dbSession.query(User).filter(User.email == user_email).first() user_id = user.get_id() print("-------------> found user with email : " + user_email + " and bucket id : " + user_id) if userfile is None: if user is None: return "403" # Forbidden userfile = Userfile(user_id, file_name) useruserfile = UserUserfile(userfile, user, 6) dbSession.add(userfile) dbSession.add(useruserfile) dbSession.commit() # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles else: useruserfile = dbSession.query(UserUserfile).filter( UserUserfile.user_id == user_id, UserUserfile.userfile_id == userfile.id).first() if useruserfile is None or useruserfile.permission < 6: print("return 403") dbSession.remove() return '403' # redirect(url_for('403')) # No permission found or permission not sufficient content = request.json['content'] print("-------------------------------------------------------------") print( "Received an external POST in order to save following file temporarily" ) print("content: " + content) print("user email: " + user_email) print("bucketid: " + str(user_id)) print("file_name: " + file_name) print("-------------------------------------------------------------") response = "500" if storageinterface.upload_from_text(user_id, file_name, content): response = "200" file_string = "saveFile_tmp/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform etcd_client = init_etcd_connection() etcd_client.write(file_string, 2) dbSession.remove() return response
def rest_syncdb_register_user(): new_username = request.json['username'] new_email = request.json['email'] new_password = request.json['password'] new_sso = request.json['sso'] user = dbSession.query(User).filter(User.username == new_username).first() email = dbSession.query(User).filter(User.email == new_email).first() etcd_client = init_etcd_connection() commit_key = "/registerUser/" + new_username + '/' + 'commit' async_commit_queue = Queue() async_commit_data = FuncThread(listen_commit_status, etcd_client, commit_key, async_commit_queue) async_commit_data.daemon = True async_commit_data.start() if user is not None: user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform etcd_client.write(user_key, 1) elif email is not None: user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform etcd_client.write(user_key, 1) else: user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform print ">>>>>>>>> REST API >>>>>>>>>>>>>>" print "user_key: " + user_key etcd_client.write(user_key, 2) print ">>>>> REST API: wrote to etcd..." print ">>>>>>>>> REST API >>>>>>>>>>>>>>" async_commit_data.join() commit_res = async_commit_queue.get() print ">>>> commit result: " + commit_res if commit_res == "1": user = User( username=new_username, email=new_email, password=new_password, sso=new_sso ) # save new user in database dbSession.add(user) dbSession.commit() # create container/bucket for the new registered user storageinterface.create_container(user.get_id()) etcd_client.write(user_key, 3) dbSession.remove() return "200"
def rest_syncdb_register_user(): new_username = request.json['username'] new_email = request.json['email'] new_password = request.json['password'] new_sso = request.json['sso'] user = dbSession.query(User).filter(User.username == new_username).first() email = dbSession.query(User).filter(User.email == new_email).first() etcd_client = init_etcd_connection() commit_key = "/registerUser/" + new_username + '/' + 'commit' async_commit_queue = Queue() async_commit_data = FuncThread(listen_commit_status, etcd_client, commit_key, async_commit_queue) async_commit_data.daemon = True async_commit_data.start() if user is not None: user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform etcd_client.write(user_key, 1) elif email is not None: user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform etcd_client.write(user_key, 1) else: user_key = "registerUser/" + new_username + '/' + 'ack_' + cloudplatform print ">>>>>>>>> REST API >>>>>>>>>>>>>>" print "user_key: " + user_key etcd_client.write(user_key, 2) print ">>>>> REST API: wrote to etcd..." print ">>>>>>>>> REST API >>>>>>>>>>>>>>" async_commit_data.join() commit_res = async_commit_queue.get() print ">>>> commit result: " + commit_res if commit_res == "1": user = User(username=new_username, email=new_email, password=new_password, sso=new_sso) # save new user in database dbSession.add(user) dbSession.commit() # create container/bucket for the new registered user storageinterface.create_container(user.get_id()) etcd_client.write(user_key, 3) dbSession.remove() return "200"
def rest_syncfile_save_file_tmp(user_email, file_name): print "rest_syncfile_save_file_tmp: ..." if request.method == 'POST': # set tmp suffix for saving the file only temporary file_name += "_tmp" # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles userfile = dbSession.query(Userfile).filter(Userfile.name == file_name).first() user = dbSession.query(User).filter(User.email == user_email).first() user_id = user.get_id() print("-------------> found user with email : " + user_email + " and bucket id : " + user_id) if userfile is None: if user is None: return "403" # Forbidden userfile = Userfile(user_id, file_name) useruserfile = UserUserfile(userfile, user, 6) dbSession.add(userfile) dbSession.add(useruserfile) dbSession.commit() # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles else: useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user_id, UserUserfile.userfile_id == userfile.id).first() if useruserfile is None or useruserfile.permission < 6: print("return 403") dbSession.remove() return '403' # redirect(url_for('403')) # No permission found or permission not sufficient content = request.json['content'] print("-------------------------------------------------------------") print("Received an external POST in order to save following file temporarily") print("content: " + content) print("user email: " + user_email) print("bucketid: " + str(user_id)) print("file_name: " + file_name) print("-------------------------------------------------------------") response = "500" if storageinterface.upload_from_text(user_id, file_name, content): response = "200" file_string = "saveFile_tmp/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform etcd_client = init_etcd_connection() etcd_client.write(file_string, 2) dbSession.remove() return response
def rest_syncfile_save_file(user_email, file_name): print "rest_syncfile_save_file: ..." if request.method == 'POST': # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles userfile = dbSession.query(Userfile).filter( Userfile.name == file_name).first() user = dbSession.query(User).filter(User.email == user_email).first() user_id = user.get_id() print("-------------> found user with email : " + user_email + " and bucket id : " + user_id) if userfile is None: if user is None: return "403" # Forbidden userfile = Userfile(user_id, file_name) useruserfile = UserUserfile(userfile, user, 6) dbSession.add(userfile) dbSession.add(useruserfile) dbSession.commit() # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles else: useruserfile = dbSession.query(UserUserfile).filter( UserUserfile.user_id == user.id, UserUserfile.userfile_id == userfile.id).first() if useruserfile is None or useruserfile.permission < 6: print("return 403") dbSession.remove() return '403' # redirect(url_for('403')) # No permission found or permission not sufficient file_name_tmp = file_name + "_tmp" tmp_value = "" elements = dbSession.query(Userfile).filter( (Userfile.folder == user_id), (Userfile.name == file_name_tmp)).first() if elements is None: dbSession.remove() return "404" if storageinterface.file_exists(user_id, file_name_tmp): # get tmp file that was saved before # get value of tmp file tmp_value = storageinterface.download_file_to_text( user_id, file_name_tmp) # delete tmp file storageinterface.delete_file(user_id, file_name_tmp) # no cascade possible, therfore we must remove the foreign-key there manually references = dbSession.query(UserUserfile).filter( UserUserfile.userfile_id == elements.id) for ref in references: dbSession.delete(ref) dbSession.delete(elements) dbSession.commit() dbSession.remove() #tmp_value = unicode(tmp_value,"utf-8") print("-------------------------------------------------------------") print("Received an external POST in order to save following file") print("content: " + tmp_value) print("user email: " + user_email) print("file_name: " + file_name) print("-------------------------------------------------------------") response = "500" if storageinterface.upload_from_text(user_id, file_name, tmp_value): response = "200" file_string = "saveFile/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform etcd_client = init_etcd_connection() etcd_client.write(file_string, 3) dbSession.remove() return response
def rest_syncfile_save_file(user_email, file_name): print "rest_syncfile_save_file: ..." if request.method == 'POST': # if file doesnt exists -> logged in user must be bucket_id -> add permission to UserUserfiles userfile = dbSession.query(Userfile).filter(Userfile.name == file_name).first() user = dbSession.query(User).filter(User.email == user_email).first() user_id = user.get_id() print("-------------> found user with email : " + user_email + " and bucket id : " + user_id) if userfile is None: if user is None: return "403" # Forbidden userfile = Userfile(user_id, file_name) useruserfile = UserUserfile(userfile, user, 6) dbSession.add(userfile) dbSession.add(useruserfile) dbSession.commit() # if file exists -> check if file_name, user_id is found with right permission in UserUserfiles else: useruserfile = dbSession.query(UserUserfile).filter(UserUserfile.user_id == user.id, UserUserfile.userfile_id == userfile.id).first() if useruserfile is None or useruserfile.permission < 6: print("return 403") dbSession.remove() return '403' # redirect(url_for('403')) # No permission found or permission not sufficient file_name_tmp = file_name+"_tmp" tmp_value = "" elements = dbSession.query(Userfile).filter((Userfile.folder == user_id), (Userfile.name == file_name_tmp)).first() if elements is None: dbSession.remove() return "404" if storageinterface.file_exists(user_id, file_name_tmp): # get tmp file that was saved before # get value of tmp file tmp_value = storageinterface.download_file_to_text(user_id, file_name_tmp) # delete tmp file storageinterface.delete_file(user_id, file_name_tmp) # no cascade possible, therfore we must remove the foreign-key there manually references = dbSession.query(UserUserfile).filter(UserUserfile.userfile_id == elements.id) for ref in references: dbSession.delete(ref) dbSession.delete(elements) dbSession.commit() dbSession.remove() #tmp_value = unicode(tmp_value,"utf-8") print("-------------------------------------------------------------") print("Received an external POST in order to save following file") print("content: " + tmp_value) print("user email: " + user_email) print("file_name: " + file_name) print("-------------------------------------------------------------") response = "500" if storageinterface.upload_from_text(user_id, file_name, tmp_value): response = "200" file_string = "saveFile/" + user_email + '_' + file_name + '/' + 'ack_' + cloudplatform etcd_client = init_etcd_connection() etcd_client.write(file_string, 3) dbSession.remove() return response