def post(self, id): parser = reqparse.RequestParser() parser.add_argument('file', type=FileStorage, required=True, location='files') args = parser.parse_args() repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) args['repository'] = repository args['storage_id'] = generate_string() args['storage_path'] = os.path.join(current_app.root_path, self.config()['UPLOAD_DIR'], args['storage_id']) args['file'].save(args['storage_path']) args['name'] = args['file'].filename args['extension'] = '.'.join(args['name'].split('.')[1:]) args['content_type'] = 'application/octet-stream' args['media_link'] = args['storage_path'] args['size'] = 0 # Remove 'file' element in the arguments because the File constructor # does not expect it del args['file'] f_dao = FileDao(self.db_session()) f = f_dao.create(**args) return f.to_dict(), 201
def get(self, id): self.check_permission('retrieve:repository@{}'.format(id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) return repository.to_dict(), 200
def delete(self, id): self.check_permission('retrieve,delete:repository@{}'.format(id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) repository_dao.delete(repository) return {}, 204
def post(self): self.check_permission('create:repository') parser = reqparse.RequestParser() parser.add_argument('name', type=str, required=True, location='json') args = parser.parse_args() repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.create(**args) return repository.to_dict(), 201
def get(self, id, file_id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('retrieve:file@{}'.format(file_id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) f_dao = FileDao(self.db_session()) f = f_dao.retrieve(id=file_id) if f.repository != repository: raise FileNotInRepositoryException(f.name, repository.name) return f.to_dict(), 200
def delete(self, id, file_set_id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('retrieve,delete:file-set@{}'.format(file_set_id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) file_set_dao = FileSetDao(self.db_session()) file_set = file_set_dao.retrieve(id=file_set_id) if file_set.repository != repository: raise FileSetNotInRepositoryException(file_set.name, repository.name) file_set_dao.delete(file_set) return {}, 204
def put(self, id): self.check_permission('retrieve,update:repository@{}'.format(id)) parser = reqparse.RequestParser() parser.add_argument('name', type=str, location='json') args = parser.parse_args() repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) if args['name'] != repository.name: repository.name = args['name'] repository_dao.save(repository) return repository.to_dict(), 200
def get(self): self.check_permission('retrieve:repository') parser = reqparse.RequestParser() parser.add_argument('name', type=str, location='json') args = parser.parse_args() repository_dao = RepositoryDao(self.db_session()) result = [ repository.to_dict() for repository in repository_dao.retrieve_all(**args) ] return result, 200
def get(self, id, file_id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('retrieve:file@{}'.format(file_id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) f_dao = FileDao(self.db_session()) f = f_dao.retrieve(id=file_id) if f.repository != repository: raise FileNotInRepositoryException(f.name, repository.name) return send_from_directory(os.path.join(current_app.root_path, self.config()['UPLOAD_DIR']), filename=f.storage_id), 200
def post(self, id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('create:file-set') parser = reqparse.RequestParser() parser.add_argument('name', type=str, required=True, location='json') args = parser.parse_args() repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) args['repository'] = repository file_set_dao = FileSetDao(self.db_session()) file_set = file_set_dao.create(**args) return file_set.to_dict(), 201
def get(self, id): self.check_permission('retrieve:repository@{}'.format(id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) result = [] if self.has_permission('retrieve:file-set'): result = [file_set.to_dict() for file_set in repository.file_sets] else: for file_set in repository.file_sets: if self.has_permission('retrieve:file-set@{}'.format(file_set.id)): result.append(file_set.to_dict()) return result, 200
def put(self, id, file_set_id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('retrieve,update:file-set@{}'.format(file_set_id)) parser = reqparse.RequestParser() parser.add_argument('name', type=str, location='json') args = parser.parse_args() repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) file_set_dao = FileSetDao(self.db_session()) file_set = file_set_dao.retrieve(id=file_set_id) if file_set.repository != repository: raise FileSetNotInRepositoryException(file_set.name, repository.name) if args['name'] != file_set.name: file_set.name = args['name'] file_set_dao.save(file_set) return file_set.to_dict(), 200
def delete(self, id, file_set_id, file_id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('retrieve,update:file-set@{}'.format(file_set_id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) file_set_dao = FileSetDao(self.db_session()) file_set = file_set_dao.retrieve(id=file_set_id) if file_set.repository != repository: raise FileSetNotInRepositoryException(file_set.name, repository.name) f_dao = FileDao(self.db_session()) f = f_dao.retrieve(id=file_id) if f.repository != repository: raise FileNotInRepositoryException(f.name, repository.name) file_set.remove_file(f) file_set_dao.save(file_set) return file_set.to_dict(), 200
def get(self, id): self.check_permission('retrieve:repository@{}'.format(id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) # We only return those files in the repository that are accessible to the # current user. Normally, all files uploaded by the user will be accessible # and optionally other files that were shared with him. result = [] # If the user has class-level retrieve permission for files, then we don't # have to check file permissions individually if self.has_permission('retrieve:file'): result = [f.to_dict() for f in repository.files] else: for f in repository.files: if self.has_permission('retrieve:file@{}'.format(f.id)): result.append(f.to_dict()) return result, 200
def get(self, id, file_set_id): self.check_permission('retrieve:repository@{}'.format(id)) self.check_permission('retrieve:file-set@{}'.format(file_set_id)) repository_dao = RepositoryDao(self.db_session()) repository = repository_dao.retrieve(id=id) file_set_dao = FileSetDao(self.db_session()) file_set = file_set_dao.retrieve(id=file_set_id) if file_set.repository != repository: raise FileSetNotInRepositoryException(file_set.name, repository.name) result = [] if self.has_permission('retrieve:file'): result = [f.to_dict() for f in file_set.files] else: for f in file_set.files: if self.has_permission('retrieve:file@{}'.format(f.id)): result.append(f.to_dict()) return result, 200