def status():
enable_cache(vary_user=True)
return jsonify({
'logged_in': authz.logged_in(),
'api_key': request.auth_role.api_key if authz.logged_in() else None,
'role': request.auth_role,
'roles': list(request.auth_roles),
'permissions': {
'read': authz.collections(authz.READ),
'write': authz.collections(authz.WRITE)
},
'logout': url_for('.logout')
})
def status():
oauth_providers = {}
for name, provider in PROVIDERS.items():
if not isinstance(provider, Stub):
oauth_providers[name] = url_for('.login', provider=name)
return jsonify({
'logged_in': authz.logged_in(),
'api_key': current_user.api_key if authz.logged_in() else None,
'user': current_user if authz.logged_in() else None,
'permissions': {},
'logins': oauth_providers,
'logout': url_for('.logout')
})
def status():
oauth_providers = {}
for name, provider in PROVIDERS.items():
if not isinstance(provider, Stub):
oauth_providers[name] = url_for('.login', provider=name)
return jsonify({
'logged_in': authz.logged_in(),
'is_admin': authz.is_admin(),
'api_key': current_user.api_key if authz.logged_in() else None,
'user': current_user if authz.logged_in() else None,
'permissions': {},
'logins': oauth_providers,
'logout': url_for('.logout')
})
def view(id):
authz.require(authz.logged_in())
role = obj_or_404(Role.by_id(id))
data = role.to_dict()
if role.id != request.auth_role.id:
del data["email"]
return jsonify(data)
def delete(id):
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id))
authz.require(alert.user_id == current_user.id)
db.session.delete(alert)
db.session.commit()
return jsonify({'status': 'ok'})
def create():
authz.require(authz.logged_in())
collection = Collection.create(request_data(), request.auth_role)
db.session.commit()
update_collection(collection)
log_event(request)
return view(collection.id)
def delete(id):
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id))
authz.require(alert.user_id == current_user.id)
db.session.delete(alert)
db.session.commit()
return jsonify({'status': 'ok'})
def reconcile_index():
domain = get_app_url().strip('/')
api_key = request.auth_role.api_key if authz.logged_in() else None
preview_uri = entity_link('{{id}}') + '&preview=true&api_key=%s' % api_key
meta = {
'name': get_app_title(),
'identifierSpace': 'http://rdf.freebase.com/ns/type.object.id',
'schemaSpace': 'http://rdf.freebase.com/ns/type.object.id',
'view': {'url': entity_link('{{id}}')},
'preview': {
'url': preview_uri,
'width': 600,
'height': 300
},
'suggest': {
'entity': {
'service_url': domain,
'service_path': url_for('reconcile_api.suggest_entity',
api_key=api_key)
},
'type': {
'service_url': domain,
'service_path': url_for('reconcile_api.suggest_type')
},
'property': {
'service_url': domain,
'service_path': url_for('reconcile_api.suggest_property')
}
},
'defaultTypes': [{
'id': DEFAULT_TYPE,
'name': 'Persons and Companies'
}]
}
return jsonify(meta)
def delete(id):
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id, role=request.auth_role))
alert.delete()
db.session.commit()
log_event(request)
return jsonify({'status': 'ok'})
def delete(id):
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id, role=request.auth_role))
alert.delete()
db.session.commit()
log_event(request)
return jsonify({'status': 'ok'})
def create():
authz.require(authz.logged_in())
alert = Alert.create(request_data(),
request.auth_role)
db.session.commit()
log_event(request)
return view(alert.id)
def create():
# also handles update
data = request.get_json()
print(data)
if 'query_text' not in data:
return jsonify({'status': 'invalid'})
authz.require(authz.logged_in())
if data.get('alert_id', None): # UPDATE
alert_id = int(data['alert_id'])
alert = obj_or_404(Alert.by_id(alert_id))
authz.require(alert.role_id == request.auth_role.id)
alert.query_text = data['query_text']
alert.custom_label = data.get('custom_label' '') or data['query_text']
alert.checking_interval=int(data.get('checking_interval', 9))
else: # CREATE
alert = Alert(
role_id = request.auth_role.id,
query_text=data['query_text'],
custom_label=data.get('custom_label' '') or data['query_text'],
checking_interval=int(data.get('checking_interval', 9))
)
db.session.add(alert)
db.session.commit()
return view(alert.id)
def view(id):
authz.require(authz.logged_in())
role = obj_or_404(Role.by_id(id))
data = role.to_dict()
if role.id != request.auth_role.id:
del data['email']
return jsonify(data)
def create():
authz.require(authz.logged_in())
collection = Collection.create(request_data(), request.auth_role)
db.session.commit()
update_collection(collection)
log_event(request)
return view(collection.id)
def index():
authz.require(authz.logged_in())
users = []
for role in Role.all():
data = role.to_dict()
del data['email']
users.append(data)
return jsonify({'results': users, 'total': len(users)})
def index():
authz.require(authz.logged_in())
users = []
for role in Role.all():
data = role.to_dict()
del data['email']
users.append(data)
return jsonify({'results': users, 'total': len(users)})
def view(id):
## XXX seems to let any user get private info on other users?
authz.require(authz.logged_in())
role = obj_or_404(Role.by_id(id))
data = role.to_dict()
if role.id != request.auth_role.id:
del data['email']
return jsonify(data)
def update(id):
role = obj_or_404(Role.by_id(id))
authz.require(authz.logged_in())
authz.require(role.id == request.auth_role.id)
role.update(request_data())
db.session.add(role)
db.session.commit()
return jsonify(role)
def update(id):
role = obj_or_404(Role.by_id(id))
authz.require(authz.logged_in())
authz.require(role.id == request.auth_role.id)
role.update(request_data())
db.session.add(role)
db.session.commit()
return jsonify(role)
def index():
authz.require(authz.logged_in())
users = []
for role in Role.all():
data = role.to_dict()
del data["email"]
users.append(data)
return jsonify({"results": users, "total": len(users)})
def status():
return jsonify({
'logged_in': authz.logged_in(),
'api_key': request.auth_role.api_key if authz.logged_in() else None,
'role': request.auth_role,
'roles': list(request.auth_roles),
'permissions': {
'watchlists': {
'read': authz.watchlists(authz.READ),
'write': authz.watchlists(authz.WRITE)
},
'sources': {
'read': authz.sources(authz.READ),
'write': authz.sources(authz.WRITE)
}
},
'logout': url_for('.logout')
})
def create():
authz.require(authz.logged_in())
data = request_data()
data['creator'] = current_user
if 'users' not in data:
data['users'] = []
lst = List.create(data, current_user)
db.session.commit()
return view(lst.id)
def create():
authz.require(authz.logged_in())
data = request.get_json()
validate(data, alerts_schema)
alert = Alert(user_id=current_user.id,
query=data['query'],
label=data.get('custom_label', data['query']),
checking_interval=int(data.get('checking_interval', 9)))
db.session.add(alert)
db.session.commit()
return view(alert.id)
def query():
creds = authz.collections(authz.READ), authz.sources(authz.READ)
enable_cache(vary_user=True, vary=creds)
query = documents_query(request.args)
query['size'] = get_limit(default=100)
query['from'] = get_offset()
result = execute_documents_query(request.args, query)
result['alert'] = None
if authz.logged_in():
result['alert'] = Alert.exists(request.args, request.auth_role)
params = next_params(request.args, result)
if params is not None:
result['next'] = url_for('search_api.query', **params)
return jsonify(result)
def query():
creds = authz.collections(authz.READ), authz.sources(authz.READ)
enable_cache(vary_user=True, vary=creds)
query = documents_query(request.args)
query['size'] = get_limit(default=100)
query['from'] = get_offset()
result = execute_documents_query(request.args, query)
result['alert'] = None
if authz.logged_in():
result['alert'] = Alert.exists(request.args, request.auth_role)
params = next_params(request.args, result)
if params is not None:
result['next'] = url_for('search_api.query', **params)
return jsonify(result)
def etag_cache_keygen(*keys):
if not request._http_cache:
return
args = sorted(set(request.args.items()))
# jquery where is your god now?!?
args = filter(lambda (k, v): k != '_', args)
cache_parts = [args, keys]
if authz.logged_in():
cache_parts.extend((request.auth_roles,
request.auth_sources,
request.auth_lists))
request._http_etag = cache_hash(*cache_parts)
if request.if_none_match == request._http_etag:
raise NotModified()
def cache_response(resp):
if request.endpoint == 'static':
enable_cache()
request._http_cache = True
resp.set_etag(request._http_etag)
resp.cache_control.public = True
resp.cache_control.max_age = 3600 * 24 * 14
return resp
if resp.is_streamed:
# http://wiki.nginx.org/X-accel#X-Accel-Buffering
resp.headers['X-Accel-Buffering'] = 'no'
if not request._http_cache:
return resp
if request.method not in ['GET', 'HEAD', 'OPTIONS']:
return resp
if resp.status_code != 200:
return resp
if request._http_etag:
if request.if_none_match == request._http_etag:
raise NotModified()
resp.set_etag(request._http_etag)
if authz.logged_in():
resp.cache_control.private = True
else:
resp.cache_control.public = True
if request._http_server:
resp.expires = -1
else:
resp.cache_control.max_age = 3600 * 2
return resp
def cache_response(resp):
if request.endpoint == 'static':
enable_cache()
request._http_cache = True
resp.set_etag(request._http_etag)
resp.cache_control.public = True
resp.cache_control.max_age = 3600 * 24 * 14
return resp
if resp.is_streamed:
# http://wiki.nginx.org/X-accel#X-Accel-Buffering
resp.headers['X-Accel-Buffering'] = 'no'
if not request._http_cache:
return resp
if request.method not in ['GET', 'HEAD', 'OPTIONS']:
return resp
if resp.status_code != 200:
return resp
if request._http_etag:
if request.if_none_match == request._http_etag:
raise NotModified()
resp.set_etag(request._http_etag)
if authz.logged_in():
resp.cache_control.private = True
else:
resp.cache_control.public = True
if request._http_server:
resp.expires = -1
else:
resp.cache_control.max_age = 3600 * 2
return resp
def create():
''' should also handle update'''
authz.require(authz.logged_in())
data = request.get_json()
print(data)
validate(data, alerts_schema)
if data['alert_id']: # UPDATE
alert_id = int(data['alert_id'])
alert = obj_or_404(Alert.by_id(alert_id))
authz.require(alert.user_id == current_user.id)
alert.query = data['query']
alert.label = data.get('custom_label', data['query'])
alert.checking_interval=int(data.get('checking_interval', 9))
else: # CREATE
alert = Alert(
user_id = current_user.id,
query=data['query'],
label=data.get('custom_label', data['query']),
checking_interval=int(data.get('checking_interval', 9))
)
db.session.add(alert)
db.session.commit()
return view(alert.id)
def cache_response(resp):
if resp.is_streamed and request.endpoint != 'static':
# http://wiki.nginx.org/X-accel#X-Accel-Buffering
resp.headers['X-Accel-Buffering'] = 'no'
if not request._http_cache \
or request.method not in ['GET', 'HEAD', 'OPTIONS'] \
or resp.status_code > 399 \
or resp.is_streamed \
or len(get_flashed_messages()):
resp.cache_control.no_cache = True
return resp
resp.cache_control.max_age = 3600 * 3
if authz.logged_in():
resp.cache_control.private = True
else:
resp.cache_control.public = True
if request._http_etag is None:
etag_cache_keygen()
resp.set_etag(request._http_etag)
return resp
def index():
authz.require(authz.logged_in())
#alerts = Alert.all(role=request.auth_role).all()
alerts = db.session.query(Alert).filter(
Alert.user_id == current_user.id).all()
return jsonify({'results': alerts, 'total': len(alerts)})
def view(id):
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id))
authz.require(alert.user_id == current_user.id)
return jsonify(alert)
def peek():
enable_cache(vary_user=True, vary=authz.collections(authz.READ))
response = peek_query(request.args)
if not authz.logged_in():
response.pop("roles", None)
return jsonify(response)
def create():
authz.require(authz.logged_in())
alert = Alert.create(request_data(), request.auth_role)
db.session.commit()
log_event(request)
return view(alert.id)
def logout():
authz.require(authz.logged_in())
session.clear()
return redirect(url_for('ui'))
def create():
authz.require(authz.logged_in())
src = Source.create(request_data(), current_user)
db.session.commit()
return view(src.slug)
def peek():
enable_cache(vary_user=True, vary=authz.collections(authz.READ))
response = peek_query(request.args)
if not authz.logged_in():
response.pop('roles', None)
return jsonify(response)
def view(id):
enable_cache(vary_user=True)
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id, role=request.auth_role))
return jsonify(alert)
def view(id):
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id))
authz.require(alert.user_id == current_user.id)
return jsonify(alert)
def view(id):
enable_cache(vary_user=True)
authz.require(authz.logged_in())
alert = obj_or_404(Alert.by_id(id, role=request.auth_role))
return jsonify(alert)
def index():
authz.require(authz.logged_in())
#alerts = Alert.all(role=request.auth_role).all()
alerts = db.session.query(Alert).filter(Alert.user_id == current_user.id).all()
return jsonify({'results': alerts, 'total': len(alerts)})
def index():
if authz.logged_in():
alerts = Alert.by_role(request.auth_role).all()
return jsonify({'results': alerts, 'total': len(alerts)})
return jsonify({'results': [], 'total': 0})
def create():
authz.require(authz.logged_in())
watchlist = Watchlist.create(request_data(), request.auth_role)
db.session.commit()
return view(watchlist.id)
def index():
if authz.logged_in():
alerts = Alert.by_role(request.auth_role).all()
return jsonify({'results': alerts, 'total': len(alerts)})
return jsonify({'results': [], 'total': 0})
