def on_message(self, msg): if getattr(self, 'socket', None): print "closing old socket" self.loop.stop_on_recv() self.socket.close() self.socket = None if msg.startswith('discussion:') and self.valid: self.discussion = msg.split(':', 1)[1] if msg.startswith('token:') and self.valid: try: self.token = decode_token(msg.split(':', 1)[1], TOKEN_SECRET) except TokenInvalid: pass if self.token and self.discussion: # Check if token authorizes discussion r = requests.get( 'http://%s:%d/api/v1/discussion/%s/permissions/read/u/%s' % (SERVER_HOST, SERVER_PORT, self.discussion, self.token['userId'])) print r.text if r.text != 'true': return self.socket = context.socket(zmq.SUB) self.socket.connect(INTERNAL_SOCKET) self.socket.setsockopt(zmq.SUBSCRIBE, '*') self.socket.setsockopt(zmq.SUBSCRIBE, self.discussion) self.loop = zmqstream.ZMQStream(self.socket, io_loop=io_loop) self.loop.on_recv(self.on_recv) print "connected" self.send('[{"@type":"Connection"}]')
def delete_extract(request): user_id = authenticated_userid(request) discussion_id = int(request.matchdict['discussion_id']) if not user_id: # Straight from annotator token = request.headers.get('X-Annotator-Auth-Token') if token: token = decode_token( token, request.registry.settings['session.secret']) if token: user_id = token['userId'] if not user_id: user_id = Everyone if not user_has_permission(discussion_id, user_id, P_DELETE_EXTRACT): return HTTPForbidden() extract_id = request.matchdict['id'] extract = Extract.get_instance(extract_id) if not extract: return {'ok': False} with transaction.manager: Extract.db.delete(extract) return {'ok': True}
def put_extract(request): """ Updating an Extract """ extract_id = request.matchdict['id'] user_id = authenticated_userid(request) discussion_id = int(request.matchdict['discussion_id']) if not user_id: # Straight from annotator token = request.headers.get('X-Annotator-Auth-Token') if token: token = decode_token( token, request.registry.settings['session.secret']) if token: user_id = token['userId'] if not user_id: user_id = Everyone if not user_has_permission(discussion_id, user_id, P_EDIT_EXTRACT): return HTTPForbidden() updated_extract_data = json.loads(request.body) extract = Extract.get_instance(extract_id) if not extract: raise HTTPNotFound("Extract with id '%s' not found." % extract_id) extract.owner_id = user_id or get_database_id("User", extract.owner_id) extract.order = updated_extract_data.get('order', extract.order) idea_id = updated_extract_data.get('idIdea', None) if idea_id: idea = Idea.get_instance(idea_id) if(idea.discussion != extract.discussion): raise HTTPBadRequest( "Extract from discussion %s cannot be associated with an idea from a different discussion." % extract.get_discussion_id()) extract.idea = idea else: extract.idea = None Extract.db.add(extract) #TODO: Merge ranges. Sigh. return {'ok': True}
def post_extract(request): """ Create a new extract. """ extract_data = json.loads(request.body) discussion_id = int(request.matchdict['discussion_id']) user_id = authenticated_userid(request) if not user_id: # Straight from annotator token = request.headers.get('X-Annotator-Auth-Token') if token: token = decode_token( token, request.registry.settings['session.secret']) if token: user_id = token['userId'] if not user_id: user_id = Everyone if not user_has_permission(discussion_id, user_id, P_ADD_EXTRACT): #TODO: maparent: restore this code once it works: #return HTTPForbidden(result=ACLDenied(permission=P_ADD_EXTRACT)) return HTTPForbidden() if user_id == Everyone: # TODO: Create an anonymous user. raise HTTPServerError("Anonymous extracts are not implemeted yet.") content = None uri = extract_data.get('uri') annotation_text = None if uri: # Straight from annotator annotation_text = extract_data.get('text') else: target = extract_data.get('target') if not (target or uri): raise HTTPClientError("No target") target_type = target.get('@type') if target_type == 'email': post_id = target.get('@id') post = Post.get_instance(post_id) if not post: raise HTTPNotFound( "Post with id '%s' not found." % post_id) content = post elif target_type == 'webpage': uri = target.get('url') if uri and not content: content = Webpage.get_instance(uri) if not content: # TODO: maparent: This is actually a singleton pattern, should be # handled by the AnnotatorSource now that it exists... source = AnnotatorSource.db.query(AnnotatorSource).filter_by( discussion_id=discussion_id).filter( cast(AnnotatorSource.name, Unicode) == 'Annotator').first() if not source: source = AnnotatorSource( name='Annotator', discussion_id=discussion_id, type='source') content = Webpage(url=uri, discussion_id=discussion_id) extract_body = extract_data.get('quote', '') new_extract = Extract( creator_id=user_id, owner_id=user_id, discussion_id=discussion_id, body=extract_body, annotation_text=annotation_text, content=content ) Extract.db.add(new_extract) for range_data in extract_data.get('ranges', []): range = TextFragmentIdentifier( extract=new_extract, xpath_start=range_data['start'], offset_start=range_data['startOffset'], xpath_end=range_data['end'], offset_end=range_data['endOffset']) TextFragmentIdentifier.db.add(range) Extract.db.flush() return {'ok': True, 'id': new_extract.uri()}