예제 #1
0
class DecoratorsTest(TestCase):
    fixtures = [
        'sample_admin.json',
    ]

    def setUp(self):
        call_command("load_current_apps")
        self.app = App.objects.get(name="cartoview_basic_viewer")
        self.app_instance = AppInstance()
        self.app_instance.app = self.app
        self.user = Profile.objects.get(username="******")
        self.app_instance.owner = self.user
        self.app_instance.title = "fake_viewer"
        self.app_instance.config = {}
        self.app_instance.abstract = "fake_viewer_abstract"
        self.app_instance.map_id = None
        self.app_instance.save()

    def test_can_view_app(self):
        func_allowed = Mock()
        func_allowed.__name__ = "fake_app_view"
        req = HttpRequest()
        req.user = self.user
        decorated = can_view_app_instance(func_allowed)
        decorated(req, instance_id=self.app_instance.id)
        self.assertTrue(func_allowed.called)
        func_anonymous_allowed = Mock()
        func_anonymous_allowed.__name__ = "fake_app_view"
        req.user = AnonymousUser()
        decorated = can_view_app_instance(func_anonymous_allowed)
        decorated(req, instance_id=self.app_instance.id)
        self.assertTrue(func_anonymous_allowed.called)
        func_not_allowed = Mock()
        func_not_allowed.__name__ = "fake_app_view"
        decorated = can_view_app_instance(func_not_allowed)
        owner_permissions = [
            'view_resourcebase',
            'download_resourcebase',
            'change_resourcebase_metadata',
            'change_resourcebase',
            'delete_resourcebase',
            'change_resourcebase_permissions',
            'publish_resourcebase',
        ]
        permessions = {
            'users': {
                '{}'.format(self.user): owner_permissions,
            }
        }
        self.app_instance.set_permissions(permessions)
        try:
            decorated(req, instance_id=self.app_instance.id)
        except PermissionDenied:
            pass
        self.assertFalse(func_not_allowed.called)
예제 #2
0
    def save(self, request, instance_id=None):
        user = request.user
        res_json = dict(success=False)
        data = json.loads(request.body)
        config = data.get('config', None)
        logger.error(config)
        resources = config['resources']
        title = data.get('title', "")
        access = data.get('access', None)
        keywords = data.get('keywords', [])
        config.update(access=access, keywords=keywords)
        config = json.dumps(data.get('config', None))
        abstract = data.get('abstract', "")
        if instance_id is None:
            instance_obj = AppInstance()
            instance_obj.app = App.objects.get(name=self.app_name)
            instance_obj.owner = user
        else:
            instance_obj = AppInstance.objects.get(pk=instance_id)
            user = instance_obj.owner

        instance_obj.title = title
        instance_obj.config = config
        instance_obj.abstract = abstract
        if config:
            maps = Map.objects.filter(id__in=[int(id) for id in resources])
            if maps.count() > 0:
                instance_obj.map = maps[0]
            else:
                instance_obj.map = None
        instance_obj.save()
        owner_permissions = [
            'view_resourcebase',
            'download_resourcebase',
            'change_resourcebase_metadata',
            'change_resourcebase',
            'delete_resourcebase',
            'change_resourcebase_permissions',
            'publish_resourcebase',
        ]
        permessions = {
            'users': {
                '{}'.format(request.user.username): owner_permissions,
            }
        }
        self.get_users_permissions(access, permessions, user.username)
        instance_obj.set_permissions(permessions)
        if hasattr(instance_obj, 'keywords') and keywords:
            new_keywords = [
                k for k in keywords if k not in instance_obj.keyword_list()]
            instance_obj.keywords.add(*new_keywords)

        res_json.update(dict(success=True, id=instance_obj.id))
        return HttpResponse(json.dumps(res_json),
                            content_type="application/json")
예제 #3
0
    def save(self, request, instance_id=None):
        user = request.user
        res_json = dict(success=False)
        data = json.loads(request.body)
        config = data.get('config', None)
        map_id = data.get('map', None)
        title = data.get('title', "")
        access = data.get('access', None)
        keywords = data.get('keywords', [])
        config.update(access=access, keywords=keywords)
        config = json.dumps(data.get('config', None))
        abstract = data.get('abstract', "")
        if instance_id is None:
            instance_obj = AppInstance()
            instance_obj.app = App.objects.get(name=self.app_name)
            instance_obj.owner = user
        else:
            instance_obj = AppInstance.objects.get(pk=instance_id)
            user = instance_obj.owner

        instance_obj.title = title
        instance_obj.config = config
        instance_obj.abstract = abstract
        instance_obj.map_id = map_id
        instance_obj.save()
        owner_permissions = [
            'view_resourcebase',
            'download_resourcebase',
            'change_resourcebase_metadata',
            'change_resourcebase',
            'delete_resourcebase',
            'change_resourcebase_permissions',
            'publish_resourcebase',
        ]
        permessions = {
            'users': {
                '{}'.format(request.user.username): owner_permissions,
            }
        }
        self.get_users_permissions(access, permessions, user.username)
        instance_obj.set_permissions(permessions)
        if hasattr(instance_obj, 'keywords') and keywords:
            new_keywords = [
                k for k in keywords if k not in instance_obj.keyword_list()
            ]
            instance_obj.keywords.add(*new_keywords)

        res_json.update(dict(success=True, id=instance_obj.id))
        return HttpResponse(json.dumps(res_json),
                            content_type="application/json")
예제 #4
0
def save(request, instance_id=None, app_name=APP_NAME):
    res_json = dict(success=False)

    data = json.loads(request.body)
    map_id = data.get('map', None)
    title = data.get('title', "")
    config = data.get('config', None)
    access = data.get('access', None)
    config.update(access=access)
    config = json.dumps(data.get('config', None))
    abstract = data.get('abstract', "")
    keywords = data.get('keywords', [])

    if instance_id is None:
        instance_obj = AppInstance()
        instance_obj.app = App.objects.get(name=app_name)
        instance_obj.owner = request.user
    else:
        instance_obj = AppInstance.objects.get(pk=instance_id)

    instance_obj.title = title
    instance_obj.config = config
    instance_obj.abstract = abstract
    instance_obj.map_id = map_id
    instance_obj.save()

    owner_permissions = [
        'view_resourcebase',
        'download_resourcebase',
        'change_resourcebase_metadata',
        'change_resourcebase',
        'delete_resourcebase',
        'change_resourcebase_permissions',
        'publish_resourcebase',
    ]

    if access == "private":
        permessions = {
                'users': {
                    '{}'.format(request.user): owner_permissions,
                }
            }
    else:
        permessions = {
                'users': {
                    '{}'.format(request.user): owner_permissions,
                    'AnonymousUser': [
                        'view_resourcebase',
                    ],
                }
            }
    # set permissions so that no one can view this appinstance other than
    #  the user
    instance_obj.set_permissions(permessions)

    # update the instance keywords
    if hasattr(instance_obj, 'keywords'):
        for k in keywords:
            if k not in instance_obj.keyword_list():
                instance_obj.keywords.add(k)

    res_json.update(dict(success=True, id=instance_obj.id))
    return HttpResponse(json.dumps(res_json), content_type="application/json")
예제 #5
0
    def save(self, request, instance_id=None):
        res_json = dict(success=False)
        data = json.loads(request.body)
        config = data.get('config', None)
        base64_image = config.get('logo', None)
        if base64_image:
            logo = base64_image.get('base64', None)
            encoded_image = generate_thumbnails(logo)
            config['logo']['base64'] = encoded_image
        map_id = data.get('map', None)
        title = data.get('title', "")
        access = data.get('access', None)
        keywords = data.get('keywords', [])
        config.update(access=access, keywords=keywords)
        config = json.dumps(data.get('config', None))
        abstract = data.get('abstract', "")

        if instance_id is None:
            instance_obj = AppInstance()
            instance_obj.app = App.objects.get(name=self.app_name)
            instance_obj.owner = request.user
        else:
            instance_obj = AppInstance.objects.get(pk=instance_id)

        instance_obj.title = title
        instance_obj.config = config
        instance_obj.abstract = abstract
        instance_obj.map_id = map_id
        instance_obj.save()

        owner_permissions = [
            'view_resourcebase',
            'download_resourcebase',
            'change_resourcebase_metadata',
            'change_resourcebase',
            'delete_resourcebase',
            'change_resourcebase_permissions',
            'publish_resourcebase',
        ]
        # access limited to specific users
        users_permissions = {'{}'.format(request.user): owner_permissions}
        for user in access:
            if isinstance(user, dict) and \
                    user.get('value', None) != request.user.username:
                users_permissions.update(
                    {user.get('value', None): [
                         'view_resourcebase',
                     ]})
        permessions = {'users': users_permissions}
        # set permissions so that no one can view this appinstance other than
        #  the user
        instance_obj.set_permissions(permessions)

        # update the instance keywords
        if hasattr(instance_obj, 'keywords') and keywords:
            for k in keywords:
                if k.get('value', None) not in instance_obj.keyword_list():
                    instance_obj.keywords.add(k.get('value', None))

        res_json.update(dict(success=True, id=instance_obj.id))
        return HttpResponse(json.dumps(res_json),
                            content_type="application/json")