def set_bulk_permissions(request):
permission_spec = json.loads(request.POST.get('permissions', None))
resource_ids = request.POST.getlist('resources', [])
if permission_spec is not None:
not_permitted = []
for resource_id in resource_ids:
try:
resource = resolve_object(
request, ResourceBase, {'id': resource_id},
'base.change_resourcebase_permissions')
resource.set_permissions(permission_spec)
except PermissionDenied:
try:
resolve_object(request, ResourceBase, {'id': resource_id},
'base.change_resourcebase')
resource.set_permissions(permission_spec)
except PermissionDenied:
not_permitted.append(
ResourceBase.objects.get(id=resource_id).title)
return HttpResponse(json.dumps({
'success': 'ok',
'not_changed': not_permitted
}),
status=200,
content_type='text/plain')
else:
return HttpResponse(json.dumps(
{'error': _('Wrong permissions specification')}),
status=400,
content_type='text/plain')
def _resolve_layer(request,
typename,
permission='base.view_resourcebase',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
"""
Resolve the layer by the provided typename (which may include service name) and check the optional permission.
"""
service_typename = typename.split(":", 1)
service = Service.objects.filter(name=service_typename[0])
try:
if service.count() > 0 and service[0].method != "C":
return resolve_object(request,
Layer, {
'service': service[0],
'typename': service_typename[1]
},
permission=permission,
permission_msg=msg,
**kwargs)
else:
return resolve_object(request,
Layer, {'typename': typename},
permission=permission,
permission_msg=msg,
**kwargs)
except PermissionDenied:
return "permission_denied"
def _filter_actions(action, request):
if action == 'all':
_actions = Action.objects.filter(public=True)[:1000]
else:
_actions = Action.objects.filter(
public=True, action_object_content_type__model=action)[:1000]
_filtered_actions = []
for _action in _actions:
if _action.target_object_id:
action_object_filter = {
'id': _action.target_object_id
}
elif _action.action_object_object_id:
action_object_filter = {
'id': _action.action_object_object_id
}
try:
resolve_object(
request,
ResourceBase,
action_object_filter,
'base.view_resourcebase')
_filtered_actions.append(_action.id)
except ResourceBase.DoesNotExist:
_filtered_actions.append(_action.id)
except (PermissionDenied, Exception) as e:
logger.debug(e)
return _filtered_actions
def _resolve_layer(request, typename, permission='base.view_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the layer by the provided typename (which may include service name) and check the optional permission.
"""
service_typename = typename.split(":", 1)
service = Service.objects.filter(name=service_typename[0])
try:
if service.count() > 0 and service[0].method != "C":
return resolve_object(request,
Layer,
{'service': service[0],
'typename': service_typename[1]},
permission=permission,
permission_msg=msg,
**kwargs)
else:
return resolve_object(request,
Layer,
{'typename': typename},
permission=permission,
permission_msg=msg,
**kwargs)
except PermissionDenied:
return "permission_denied"
def _resolve_layer(request,
typename,
permission='base.view_resourcebase',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
"""
Resolve the layer by the provided typename (which may include service name) and check the optional permission.
"""
service_typename = typename.split(":", 1)
if Service.objects.filter(name=service_typename[0]).exists():
service = Service.objects.filter(name=service_typename[0])
return resolve_object(
request,
Layer, {
'service':
service[0],
'typename':
service_typename[1] if service[0].method != "C" else typename
},
permission=permission,
permission_msg=msg,
**kwargs)
else:
return resolve_object(request,
Layer, {
'typename': typename,
'service': None
},
permission=permission,
permission_msg=msg,
**kwargs)
def _resolve_layer(request,
typename,
permission='base.view_resourcebase',
msg=_PERMISSION_GENERIC,
**kwargs):
service_typename = typename.split(":", 1)
service = Service.objects.filter(name=service_typename[0])
if service.count() > 0:
return resolve_object(
request,
Layer, {
'service':
service[0],
'typename':
service_typename[1] if service[0].method != "C" else typename
},
permission=permission,
permission_msg=msg,
**kwargs)
else:
return resolve_object(request,
Layer, {
'typename': typename,
'service': None
},
permission=permission,
permission_msg=msg,
**kwargs)
def _resolve_layer(request, typename, permission='layers.change_layer',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the layer by the provided typename and check the optional permission.
"""
return resolve_object(request, Layer, {'typename':typename},
permission = permission, permission_msg=msg, **kwargs)
def _resolve_analysis(request, identifier, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the Analysis by the provided typename and check the optional permission.
"""
return resolve_object(request, Analysis, {'pk':identifier}, permission=permission,
permission_msg=msg, **kwargs)
def original_link_available(context, resourceid, url):
_not_permitted = _("You are not permitted to save or edit this resource.")
request = context['request']
instance = resolve_object(request,
ResourceBase, {'pk': resourceid},
permission='base.download_resourcebase',
permission_msg=_not_permitted)
download_url = urljoin(settings.SITEURL,
reverse("download", args={resourceid}))
if urlsplit(url).netloc != urlsplit(download_url).netloc or \
urlsplit(url).path != urlsplit(download_url).path:
return True
dataset_files = []
if isinstance(instance, ResourceBase):
try:
for file in instance.files:
dataset_files.append(file)
if not storage_manager.exists(file):
return False
except Exception:
traceback.print_exc()
return False
if dataset_files:
return True
else:
return False
def perform_update(self, serializer):
# Check instance permissions with resolve_object
mapid = serializer.instance.id
key = "urlsuffix" if Map.objects.filter(
urlsuffix=mapid).exists() else "pk"
map_obj = resolve_object(self.request,
Map, {key: mapid},
permission="base.change_resourcebase",
permission_msg=_PERMISSION_MSG_SAVE)
instance = serializer.instance
if instance != map_obj:
raise ValidationError()
# Thumbnail will be handled later
post_change_data = {
"thumbnail":
serializer.validated_data.pop("thumbnail_url", ""),
"dataset_names_before_changes":
[lyr.alternate for lyr in instance.datasets],
}
instance = serializer.save()
# thumbnail, events and resouce routines
self._post_change_routines(
instance=instance,
create_action_perfomed=False,
additional_data=post_change_data,
)
def _resolve_document(request, docid, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the document by the provided primary key and check the optional permission.
'''
return resolve_object(request, Document, {'pk': docid},
permission=permission, permission_msg=msg, **kwargs)
def _resolve_map(request, id, permission='maps.change_map',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the Map by the provided typename and check the optional permission.
'''
return resolve_object(request, Map, {'pk':id}, permission = permission,
permission_msg=msg, **kwargs)
def resource_permissions(request, resource_id):
try:
resource = resolve_object(
request, ResourceBase, {
'id': resource_id}, 'base.change_resourcebase_permissions')
except PermissionDenied:
# we are handling this in a non-standard way
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
mimetype='text/plain')
if request.method == 'POST':
permission_spec = json.loads(request.body)
resource.set_permissions(permission_spec)
return HttpResponse(
json.dumps({'success': True}),
status=200,
mimetype='text/plain'
)
elif request.method == 'GET':
permission_spec = _perms_info_json(resource)
return HttpResponse(
json.dumps({'success': True, 'permissions': permission_spec}),
status=200,
mimetype='text/plain'
)
else:
return HttpResponse(
'No methods other than get and post are allowed',
status=401,
mimetype='text/plain')
def thumbnail_upload(request, res_id, template='base/thumbnail_upload.html'):
try:
res = resolve_object(request, ResourceBase, {'id': res_id},
'base.change_resourcebase')
except PermissionDenied:
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
content_type='text/plain')
form = CuratedThumbnailForm()
if request.method == 'POST':
if 'remove-thumb' in request.POST:
if hasattr(res, 'curatedthumbnail'):
res.curatedthumbnail.delete()
else:
form = CuratedThumbnailForm(request.POST, request.FILES)
if form.is_valid():
ct = form.save(commit=False)
# remove existing thumbnail if any
if hasattr(res, 'curatedthumbnail'):
res.curatedthumbnail.delete()
ct.resource = res
ct.save()
return HttpResponseRedirect(request.path_info)
return render(request, template, context={'resource': res, 'form': form})
def _resolve_document(request, docid, permission='layers.change_layer',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the layer by the provided typename and check the optional permission.
'''
return resolve_object(request, Document, {'pk':docid},
permission = permission, permission_msg=msg, **kwargs)
def set_bulk_permissions(request):
permission_spec = json.loads(request.POST.get('permissions', None))
resource_ids = request.POST.getlist('resources', [])
if permission_spec is not None:
not_permitted = []
for resource_id in resource_ids:
try:
resource = resolve_object(
request, ResourceBase, {
'id': resource_id
},
'base.change_resourcebase_permissions')
resource.set_permissions(permission_spec)
except PermissionDenied:
not_permitted.append(ResourceBase.objects.get(id=resource_id).title)
return HttpResponse(
json.dumps({'success': 'ok', 'not_changed': not_permitted}),
status=200,
content_type='text/plain'
)
else:
return HttpResponse(
json.dumps({'error': 'Wrong permissions specification'}),
status=400,
content_type='text/plain')
def _resolve_layer(request, typename, permission='layers.change_layer',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the layer by the provided typename and check the optional permission.
"""
return resolve_object(request, Layer, {'typename':typename},
permission = permission, permission_msg=msg, **kwargs)
def _resolve_map(request, id, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the Map by the provided typename and check the optional permission.
'''
return resolve_object(request, Map, {'pk':id}, permission = permission,
permission_msg=msg, **kwargs)
def _resolve_appinstance(request, appinstanceid, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the document by the provided primary key and check the optional permission.
"""
return resolve_object(request, AppInstance, {'pk': appinstanceid},
permission=permission, permission_msg=msg, **kwargs)
def _resolve_appinstance(request, appinstanceid, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the document by the provided primary key and check the optional permission.
"""
return resolve_object(request, AppInstance, {'pk': appinstanceid},
permission=permission, permission_msg=msg, **kwargs)
def _resolve_document(request, docid, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the document by the provided primary key and check the optional permission.
'''
return resolve_object(request, Document, {'pk': docid},
permission=permission, permission_msg=msg, **kwargs)
def original_link_available(context, resourceid, url):
_not_permitted = _("You are not permitted to save or edit this resource.")
request = context['request']
instance = resolve_object(request,
Layer, {'pk': resourceid},
permission='base.download_resourcebase',
permission_msg=_not_permitted)
download_url = urljoin(settings.SITEURL,
reverse("download", args={resourceid}))
if urlsplit(url).netloc != urlsplit(download_url).netloc or \
urlsplit(url).path != urlsplit(download_url).path:
return True
layer_files = []
if isinstance(instance, Layer):
try:
upload_session = instance.get_upload_session()
if upload_session:
layer_files = [
item for idx, item in enumerate(
LayerFile.objects.filter(
upload_session=upload_session))
]
if layer_files:
for lyr in layer_files:
if not storage.exists(str(lyr.file)):
return False
except Exception:
traceback.print_exc()
return False
if layer_files:
return True
else:
return False
def _resolve_geoapp(request, id, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the GeoApp by the provided typename and check the optional permission.
'''
return resolve_object(request, GeoApp, {"pk": id}, permission=permission,
permission_msg=msg, **kwargs)
def _resolve_smap(request, smapid, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the smap by the provided primary key and check the optional permission.
'''
return resolve_object(request, StaticMap, {'pk': smapid},
permission=permission, permission_msg=msg, **kwargs)
def featured_map_info(request, site):
'''
main view for map resources, dispatches to correct
view based on method and query args.
'''
map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
permission_msg=_PERMISSION_MSG_VIEW)
return map_detail(request, str(map_obj.id))
def featured_map(request, site):
"""
The view that returns the map composer opened to
the map with the given official site url.
"""
map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
permission_msg=_PERMISSION_MSG_VIEW)
return map_view(request, str(map_obj.id))
def featured_map(request, site):
"""
The view that returns the map composer opened to
the map with the given official site url.
"""
map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
permission_msg=_PERMISSION_MSG_VIEW)
return map_view(request, str(map_obj.id))
def featured_map_info(request, site):
'''
main view for map resources, dispatches to correct
view based on method and query args.
'''
map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
permission_msg=_PERMISSION_MSG_VIEW)
return map_detail(request, str(map_obj.id))
def resource_permissions(request, resource_id):
try:
resource = resolve_object(request, ResourceBase, {'id': resource_id},
'base.change_resourcebase_permissions')
except PermissionDenied:
# we are handling this in a non-standard way
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
content_type='text/plain')
if request.method == 'POST':
success = True
message = "Permissions successfully updated!"
try:
permission_spec = json.loads(request.body)
resource.set_permissions(permission_spec)
# Check Users Permissions Consistency
info = _perms_info(resource)
info_users = dict([(u.username, perms)
for u, perms in info['users'].items()])
for user, perms in info_users.items():
if 'download_resourcebase' in perms and 'view_resourcebase' not in perms:
success = False
message = 'User ' + str(user) + ' has Download permissions but ' \
'cannot access the resource. ' \
'Please update permissions consistently!'
return HttpResponse(json.dumps({
'success': success,
'message': message
}),
status=200,
content_type='text/plain')
except:
success = False
message = "Error updating permissions :("
return HttpResponse(json.dumps({
'success': success,
'message': message
}),
status=500,
content_type='text/plain')
elif request.method == 'GET':
permission_spec = _perms_info_json(resource)
return HttpResponse(json.dumps({
'success': True,
'permissions': permission_spec
}),
status=200,
content_type='text/plain')
else:
return HttpResponse('No methods other than get and post are allowed',
status=401,
content_type='text/plain')
def _resolve_dataset(request,
alternate,
permission='base.view_resourcebase',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
"""
Resolve the layer by the provided typename (which may include service name) and check the optional permission.
"""
service_typename = alternate.split(":", 1)
if Service.objects.filter(name=service_typename[0]).count() == 1:
query = {
'alternate':
service_typename[1],
'remote_service':
Service.objects.filter(name=service_typename[0]).get()
}
return resolve_object(request,
Dataset,
query,
permission=permission,
permission_msg=msg,
**kwargs)
else:
if len(service_typename) > 1 and ':' in service_typename[1]:
if service_typename[0]:
query = {
'store': service_typename[0],
'alternate': service_typename[1]
}
else:
query = {'alternate': service_typename[1]}
else:
query = {'alternate': alternate}
test_query = Dataset.objects.filter(**query)
if test_query.count() > 1 and test_query.exclude(
subtype='remote').count() == 1:
query = {'id': test_query.exclude(subtype='remote').last().id}
elif test_query.count() > 1:
query = {'id': test_query.last().id}
return resolve_object(request,
Dataset,
query,
permission=permission,
permission_msg=msg,
**kwargs)
def resource_permissions(request, resource_id):
try:
resource = resolve_object(
request, ResourceBase, {
'id': resource_id}, 'base.change_resourcebase_permissions')
except PermissionDenied:
# we are handling this in a non-standard way
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
content_type='text/plain')
if request.method == 'POST':
success = True
message = "Permissions successfully updated!"
try:
permission_spec = json.loads(request.body)
resource.set_permissions(permission_spec)
# Check Users Permissions Consistency
info = _perms_info(resource)
info_users = dict([(u.username, perms) for u, perms in info['users'].items()])
for user, perms in info_users.items():
if 'download_resourcebase' in perms and 'view_resourcebase' not in perms:
success = False
message = 'User ' + str(user) + ' has Download permissions but ' \
'cannot access the resource. ' \
'Please update permissions consistently!'
return HttpResponse(
json.dumps({'success': success, 'message': message}),
status=200,
content_type='text/plain'
)
except BaseException:
success = False
message = "Error updating permissions :("
return HttpResponse(
json.dumps({'success': success, 'message': message}),
status=500,
content_type='text/plain'
)
elif request.method == 'GET':
permission_spec = _perms_info_json(resource)
return HttpResponse(
json.dumps({'success': True, 'permissions': permission_spec}),
status=200,
content_type='text/plain'
)
else:
return HttpResponse(
'No methods other than get and post are allowed',
status=401,
content_type='text/plain')
def resource_permissions(request, type, resource_id):
try:
if type == "layer":
resource = resolve_object(request, Layer, {'id': resource_id},
'layers.change_layer_permissions')
elif type == "map":
resource = resolve_object(request, Map, {'id': resource_id},
'maps.change_map_permissions')
elif type == "document":
resource = resolve_object(request, Document, {'id': resource_id},
'documents.change_document_permissions')
else:
return HttpResponse('Invalid resource type',
status=401,
mimetype='text/plain')
except PermissionDenied:
# we are handling this in a non-standard way
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
mimetype='text/plain')
if request.method == 'POST':
permission_spec = json.loads(request.body)
resource.set_permissions(permission_spec)
return HttpResponse(json.dumps({'success': True}),
status=200,
mimetype='text/plain')
elif request.method == 'GET':
permission_spec = json.dumps(resource.get_all_level_info())
return HttpResponse(json.dumps({
'success': True,
'permissions': permission_spec
}),
status=200,
mimetype='text/plain')
else:
return HttpResponse('No methods other than get and post are allowed',
status=401,
mimetype='text/plain')
def resource_permissions(request, type, resource_id):
try:
if type == "layer":
resource = resolve_object(request, Layer, {'id':resource_id}, 'layers.change_layer_permissions')
elif type == "map":
resource = resolve_object(request, Map, {'id':resource_id}, 'maps.change_map_permissions')
elif type == "document":
resource = resolve_object(request, Document, {'id':resource_id}, 'documents.change_document_permissions')
else:
return HttpResponse(
'Invalid resource type',
status=401,
mimetype='text/plain')
except PermissionDenied:
# we are handling this in a non-standard way
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
mimetype='text/plain')
if request.method == 'POST':
permission_spec = json.loads(request.raw_post_data)
resource.set_permissions(permission_spec)
return HttpResponse(
json.dumps({'success': True}),
status=200,
mimetype='text/plain'
)
elif request.method == 'GET':
permission_spec = json.dumps(resource.get_all_level_info())
return HttpResponse(
json.dumps({'success': True, 'permissions': permission_spec}),
status=200,
mimetype='text/plain'
)
else:
return HttpResponse(
'No methods other than get and post are allowed',
status=401,
mimetype='text/plain')
def _resolve_layer(request, typename, permission="base.view_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the layer by the provided typename (which may include service name) and check the optional permission.
"""
service_typename = typename.split(":", 1)
if Service.objects.filter(name=service_typename[0]).exists():
service = Service.objects.filter(name=service_typename[0])
return resolve_object(
request,
Layer,
{"service": service[0], "typename": service_typename[1] if service[0].method != "C" else typename},
permission=permission,
permission_msg=msg,
**kwargs
)
else:
return resolve_object(
request, Layer, {"typename": typename, "service": None}, permission=permission, permission_msg=msg, **kwargs
)
def _resolve_map(request, id, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the Map by the provided typename and check the optional permission.
'''
if id.isdigit():
key = 'pk'
else:
key = 'urlsuffix'
return resolve_object(request, MapStory, {key: id}, permission=permission,
permission_msg=msg, **kwargs)
def _resolve_map(request, id, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the Map by the provided typename and check the optional permission.
'''
if id.isdigit():
key = 'pk'
else:
key = 'urlsuffix'
return resolve_object(request, Map, {key: id}, permission=permission,
permission_msg=msg, **kwargs)
def _resolve_map_custom(
request,
id,
fieldname,
permission='base_change.resourcebase',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
'''
Resolve the Map by the provided typename and check the optional permission.
'''
return resolve_object(request, Map, {fieldname: id}, permission=permission,
permission_msg=msg, **kwargs)
def _annotations_get(req, mapid):
mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase')
cols = ['title', 'content', 'media', 'start_time', 'end_time', 'in_map', 'in_timeline', 'appearance', 'auto_show', 'pause_playback']
ann = Annotation.objects.filter(map=mapid)
ann = ann.order_by('start_time', 'end_time', 'title')
if bool(req.GET.get('in_map', False)):
ann = ann.filter(in_map=True)
if bool(req.GET.get('in_timeline', False)):
ann = ann.filter(in_timeline=True)
if 'page' in req.GET:
page = int(req.GET['page'])
page_size = 25
start = page * page_size
end = start + page_size
ann = ann[start:end]
if 'csv' in req.GET:
response = HttpResponse(content_type='text/csv')
response['Content-Disposition'] = 'attachment; filename=map-%s-annotations.csv' % mapobj.id
response['Content-Encoding'] = 'utf-8'
writer = csv.writer(response)
writer.writerow(cols)
sidx = cols.index('start_time')
eidx = cols.index('end_time')
# default csv writer chokes on unicode
encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v)
get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else ''
for a in ann:
vals = [encode(get_value(a, c)) for c in cols]
vals[sidx] = a.start_time_str
vals[eidx] = a.end_time_str
writer.writerow(vals)
return response
# strip the superfluous id, it will be added at the feature level
props = [c for c in cols if c != 'id']
def encode(query_set):
results = []
for res in query_set:
feature = {'id': res.id}
if res.the_geom:
feature['geometry'] = res.the_geom
fp = feature['properties'] = {}
for p in props:
val = getattr(res, p)
if val is not None:
fp[p] = val
results.append(feature)
return results
return json_response({'type':'FeatureCollection','features':encode(ann)})
def _resolve_map(request, id, permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC, **kwargs):
'''
Resolve the Map by the provided typename and check the optional permission.
'''
if Map.objects.filter(urlsuffix=id).count() > 0:
key = 'urlsuffix'
else:
key = 'pk'
return resolve_object(request, Map, {key: id}, permission=permission,
permission_msg=msg, **kwargs)
def _annotations_get(req, mapid):
mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase')
cols = ['title', 'content', 'media', 'start_time', 'end_time', 'in_map', 'in_timeline', 'appearance', 'auto_show', 'pause_playback']
ann = Marker.objects.filter(map=mapid)
ann = ann.order_by('start_time', 'end_time', 'title')
if bool(req.GET.get('in_map', False)):
ann = ann.filter(in_map=True)
if bool(req.GET.get('in_timeline', False)):
ann = ann.filter(in_timeline=True)
if 'page' in req.GET:
page = int(req.GET['page'])
page_size = 25
start = page * page_size
end = start + page_size
ann = ann[start:end]
if 'csv' in req.GET:
response = HttpResponse(content_type='text/csv')
response['Content-Disposition'] = 'attachment; filename=map-%s-annotations.csv' % mapobj.id
response['Content-Encoding'] = 'utf-8'
writer = csv.writer(response)
writer.writerow(cols)
sidx = cols.index('start_time')
eidx = cols.index('end_time')
# default csv writer chokes on unicode
encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v)
get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else ''
for a in ann:
vals = [encode(get_value(a, c)) for c in cols]
vals[sidx] = a.start_time_str
vals[eidx] = a.end_time_str
writer.writerow(vals)
return response
# strip the superfluous id, it will be added at the feature level
props = [c for c in cols if c != 'id']
def encode(query_set):
results = []
for res in query_set:
feature = { 'id' : res.id}
if res.the_geom:
feature['geometry'] = res.the_geom
fp = feature['properties'] = {}
for p in props:
val = getattr(res, p)
if val is not None:
fp[p] = val
results.append(feature)
return results
return json_response({'type':'FeatureCollection','features':encode(ann)})
def _resolve_layer(request, typename, permission='base.view_resourcebase',
msg=_PERMISSION_GENERIC, **kwargs):
service_typename = typename.split(":", 1)
service = Service.objects.filter(name=service_typename[0])
if service.count() > 0:
return resolve_object(request,
Layer,
{'service': service[0],
'typename': service_typename[1] if service[0].method != "C" else typename},
permission=permission,
permission_msg=msg,
**kwargs)
else:
return resolve_object(request,
Layer,
{'typename': typename,
'service': None},
permission=permission,
permission_msg=msg,
**kwargs)
def _resolve_document(request,
docid,
permission='layers.change_layer',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
'''
Resolve the layer by the provided typename and check the optional permission.
'''
return resolve_object(request,
Document, {'pk': docid},
permission=permission,
permission_msg=msg,
**kwargs)
def _resolve_video(request,
vidid,
permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
'''
Resolve the video by the provided primary key and check the optional permission.
'''
return resolve_object(request,
Video, {'pk': vidid},
permission=permission,
permission_msg=msg,
**kwargs)
def _resolve_document(request,
slug,
permission='base.change_resourcebase',
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
'''
Resolve the document by the provided primary key and check the optional permission.
'''
wfpdoc = WFPDocument.objects.get(slug=slug)
return resolve_object(request,
WFPDocument, {'pk': wfpdoc.id},
permission=permission,
permission_msg=msg,
**kwargs)
def _resolve_map(request,
id,
permission="base.change_resourcebase",
msg=_PERMISSION_MSG_GENERIC,
**kwargs):
"""
Resolve the Map by the provided typename and check the optional permission.
"""
key = "urlsuffix" if Map.objects.filter(urlsuffix=id).exists() else "pk"
map_obj = resolve_object(request,
Map, {key: id},
permission=permission,
permission_msg=msg,
**kwargs)
return map_obj
def prefix_xsl_line(req, id):
# if the layer is in the catalogue, try to get the distribution urls
# that cannot be precalculated.
resource = None
try:
resource = get_object_or_404(ResourceBase, pk=id)
query = {'id': resource.get_real_instance().id}
resource = resolve_object(
req,
resource.get_real_instance_class(),
query,
permission='base.view_resourcebase',
permission_msg=_("You are not permitted to view this resource"))
catalogue = get_catalogue()
record = catalogue.get_record(resource.uuid)
if record:
logger.debug(record.xml)
except PermissionDenied:
return HttpResponse(_("Not allowed"), status=403)
except Exception:
logger.debug(traceback.format_exc())
msg = f'Could not connect to catalogue to save information for layer "{str(resource)}"'
return HttpResponse(msg, status=404)
try:
# generate an XML document (GeoNode's default is ISO)
if resource.metadata_uploaded and resource.metadata_uploaded_preserve:
md_doc = etree.tostring(dlxml.fromstring(resource.metadata_xml))
else:
md_doc = catalogue.catalogue.csw_gen_xml(
resource, settings.CATALOG_METADATA_TEMPLATE)
xml = md_doc
except Exception:
logger.debug(traceback.format_exc())
return HttpResponse("Resource Metadata not available!")
site_url = settings.SITEURL.rstrip('/') if settings.SITEURL.startswith(
'http') else settings.SITEURL
xsl_static = getattr(settings, 'CATALOG_METADATA_XSL',
'/static/metadataxsl/metadata.xsl')
xsl_path = f'{site_url}{xsl_static}'
xsl_line = f'<?xml-stylesheet type="text/xsl" href="{xsl_path}"?>'
return HttpResponse(xsl_line + xml, content_type="text/xml")
def resource_permissions(request, resource_id):
try:
resource = resolve_object(request, ResourceBase, {'id': resource_id},
'base.change_resourcebase_permissions')
except PermissionDenied:
# traceback.print_exc()
# we are handling this in a non-standard way
return HttpResponse(
_('You are not allowed to change permissions for this resource'),
status=401,
content_type='text/plain')
if request.method == 'POST':
return resource_permissions_handle_post(request, resource)
elif request.method == 'GET':
return resource_permisions_handle_get(request, resource)
else:
return HttpResponse('No methods other than get and post are allowed',
status=401,
content_type='text/plain')
def resource_permissions(request, resource_id):
try:
resource = resolve_object(
request, ResourceBase, {
'id': resource_id}, 'base.change_resourcebase_permissions')
resource_content_type = ContentType.objects.get_for_model(resource).id
except PermissionDenied:
# we are handling this in a non-standard way
return HttpResponse(
'You are not allowed to change permissions for this resource',
status=401,
mimetype='text/plain')
if request.method == 'POST':
permission_spec = json.loads(request.body)
old_permission_spec = resource.get_all_level_info()
for user in permission_spec['users']:
user = get_user_model().objects.get(username=user)
if user not in old_permission_spec['users']:
action = Action(
actor=request.user,
action_object_id=resource.id,
action_object_content_type_type=resource_content_type,
target=user,
verb='permission_granted')
action.save()
else:
old_permission_spec['users'].pop(user)
resource.set_permissions(permission_spec)
for user in old_permission_spec['users']:
action = Action(
actor=request.user,
action_object_id=resource.id,
action_object_content_type=resource_content_type,
target=user,
verb='permission_revoked')
action.save()
return HttpResponse(
json.dumps({'success': True}),
status=200,
mimetype='text/plain'
)
elif request.method == 'GET':
permission_spec = _perms_info_json(resource)
return HttpResponse(
json.dumps({'success': True, 'permissions': permission_spec}),
status=200,
mimetype='text/plain'
)
else:
return HttpResponse(
'No methods other than get and post are allowed',
status=401,
mimetype='text/plain')
def _resolve_map(request, id, permission="maps.change_map", msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the Map by the provided typename and check the optional permission.
"""
return resolve_object(request, Map, {"pk": id}, permission=permission, permission_msg=msg, **kwargs)
def _boxes_get(req, mapid):
mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase')
cols = ['title', 'description', 'start_time', 'end_time', 'center', 'speed',
'interval', 'playback', 'playbackRate', 'intervalRate', 'zoom']
box = StoryBox.objects.filter(map=mapid)
box = box.order_by('start_time', 'end_time', 'title')
if bool(req.GET.get('in_map', False)):
box = box.filter(in_map=True)
if bool(req.GET.get('in_timeline', False)):
box = box.filter(in_timeline=True)
if 'page' in req.GET:
page = int(req.GET['page'])
page_size = 25
start = page * page_size
end = start + page_size
box = box[start:end]
if 'csv' in req.GET:
response = HttpResponse(mimetype='text/csv')
response['Content-Disposition'] = 'attachment; filename=map-%s-boxes.csv' % mapobj.id
response['Content-Encoding'] = 'utf-8'
writer = csv.writer(response)
writer.writerow(cols)
sidx = cols.index('start_time')
eidx = cols.index('end_time')
# default csv writer chokes on unicode
encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v)
get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else ''
for a in box:
vals = [encode(get_value(a, c)) for c in cols]
vals[sidx] = a.start_time_str
vals[eidx] = a.end_time_str
writer.writerow(vals)
return response
# strip the superfluous id, it will be added at the feature level
props = [c for c in cols if c != 'id']
def encode(query_set):
results = []
for res in query_set:
feature = { 'id' : res.id}
if res.the_geom:
feature['geometry'] = res.the_geom
fp = feature['properties'] = {}
for p in props:
val = getattr(res, p)
if val is not None:
if isinstance(val, unicode) and '{' in val:
import ast
fp[p] = ast.literal_eval(val)
elif isinstance(val, unicode) and '[' in val:
import ast
fp[p] = ast.literal_eval(val)
else:
fp[p] = val
results.append(feature)
return results
return json_response({'type':'FeatureCollection','features':encode(box)})
def _boxes_post(req, mapid):
mapobj = resolve_object(req, Map, {'id':mapid}, permission='base.change_resourcebase')
# default action
action = 'upsert'
# default for json to unpack properties for each 'row'
get_props = lambda r: r['properties']
# operation to run on completion
finish = lambda: None
# track created boxes
created = []
# csv or client to account for differences
form_mode = 'client'
content_type = None
overwrite = False
error_format = None
def id_collector(form):
created.append(form.instance.id)
if not req.FILES:
# json body
data = json.loads(req.body)
if isinstance(data, dict):
action = data.get('action', action)
if 'features' in data:
data = data.get('features')
else:
fp = iter(req.FILES.values()).next()
# ugh, builtin csv reader chokes on unicode
data = unicode_csv_dict_reader(fp)
id_collector = lambda f: None
form_mode = 'csv'
content_type = 'text/html'
get_props = lambda r: r
ids = list(StoryBox.objects.filter(map=mapobj).values_list('id', flat=True))
# delete existing, we overwrite
finish = lambda: StoryBox.objects.filter(id__in=ids).delete()
overwrite = True
def error_format(row_errors):
response = []
for re in row_errors:
row = re[0] + 1
for e in re[1]:
response.append('[%s] %s : %s' % (row, e, re[1][e]))
return 'The following rows had problems:<ul><li>' + '</li><li>'.join(response) + "</li></ul>"
if action == 'delete':
StoryBox.objects.filter(pk__in=data['ids'], map=mapobj).delete()
return json_response({'success': True})
if action != 'upsert':
return HttpResponse('%s not supported' % action, status=400)
errors = _write_boxes(data, get_props, id_collector, mapobj, overwrite, form_mode)
if errors:
transaction.rollback()
body = None
if error_format:
return HttpResponse(error_format(errors), status=400)
else:
finish()
transaction.commit()
body = {'success': True}
if created:
body['ids'] = created
return json_response(body=body, errors=errors, content_type=content_type)
def _resolve_document_geo(request, docid, permission="base.change_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs):
"""
Resolve the document by the provided primary key and check the optional permission.
"""
return resolve_object(request, Project, {"pk": docid}, permission=permission, permission_msg=msg, **kwargs)
def download(request, resourceid, sender=Layer):
instance = resolve_object(request,
sender,
{'pk': resourceid},
permission='base.download_resourcebase',
permission_msg=_("You are not permitted to save or edit this resource."))
if isinstance(instance, Layer):
try:
upload_session = instance.get_upload_session()
layer_files = [item for idx, item in enumerate(LayerFile.objects.filter(upload_session=upload_session))]
# Create Target Folder
dirpath = tempfile.mkdtemp()
dir_time_suffix = get_dir_time_suffix()
target_folder = os.path.join(dirpath, dir_time_suffix)
if not os.path.exists(target_folder):
os.makedirs(target_folder)
# Copy all Layer related files into a temporary folder
for l in layer_files:
if storage.exists(l.file):
geonode_layer_path = storage.path(l.file)
base_filename, original_ext = os.path.splitext(geonode_layer_path)
shutil.copy2(geonode_layer_path, target_folder)
# Let's check for associated SLD files (if any)
try:
for s in instance.styles.all():
sld_file_path = os.path.join(target_folder, "".join([s.name, ".sld"]))
sld_file = open(sld_file_path, "w")
sld_file.write(s.sld_body.strip())
sld_file.close()
try:
sld_file = open(sld_file_path, "r")
response = requests.get(s.sld_url, timeout=TIMEOUT)
sld_remote_content = response.text
sld_file_path = os.path.join(target_folder, "".join([s.name, "_remote.sld"]))
sld_file = open(sld_file_path, "w")
sld_file.write(sld_remote_content.strip())
sld_file.close()
except BaseException:
traceback.print_exc()
tb = traceback.format_exc()
logger.debug(tb)
except BaseException:
traceback.print_exc()
tb = traceback.format_exc()
logger.debug(tb)
# Let's dump metadata
target_md_folder = os.path.join(target_folder, ".metadata")
if not os.path.exists(target_md_folder):
os.makedirs(target_md_folder)
try:
links = Link.objects.filter(resource=instance.resourcebase_ptr)
for link in links:
link_name = custom_slugify(link.name)
link_file = os.path.join(target_md_folder, "".join([link_name, ".%s" % link.extension]))
if link.link_type in ('data'):
# Skipping 'data' download links
continue
elif link.link_type in ('metadata', 'image'):
# Dumping metadata files and images
link_file = open(link_file, "wb")
try:
response = requests.get(link.url, stream=True, timeout=TIMEOUT)
response.raw.decode_content = True
shutil.copyfileobj(response.raw, link_file)
except BaseException:
traceback.print_exc()
tb = traceback.format_exc()
logger.debug(tb)
finally:
link_file.close()
elif link.link_type.startswith('OGC'):
# Dumping OGC/OWS links
link_file = open(link_file, "w")
link_file.write(link.url.strip())
link_file.close()
except BaseException:
traceback.print_exc()
tb = traceback.format_exc()
logger.debug(tb)
# ZIP everything and return
target_file_name = "".join([instance.name, ".zip"])
target_file = os.path.join(dirpath, target_file_name)
zip_dir(target_folder, target_file)
response = HttpResponse(
content=open(target_file),
status=200,
content_type="application/zip")
response['Content-Disposition'] = 'attachment; filename="%s"' % target_file_name
return response
except NotImplementedError:
traceback.print_exc()
tb = traceback.format_exc()
logger.debug(tb)
return HttpResponse(
json.dumps({
'error': 'file_not_found'
}),
status=404,
content_type="application/json"
)
return HttpResponse(
json.dumps({
'error': 'unauthorized_request'
}),
status=403,
content_type="application/json"
)
