def mongoSearch(self, params):
self.requireParams(('type', 'q'), params)
allowed = {
'collection': ['_id', 'name', 'description'],
'folder': ['_id', 'name', 'description'],
'item': ['_id', 'name', 'description', 'folderId'],
'user': ['_id', 'firstName', 'lastName', 'login']
}
limit, offset, sort = self.getPagingParameters(params, 'name')
coll = params['type']
events.trigger('mongo_search.allowed_collections', info=allowed)
if coll not in allowed:
raise RestException('Invalid resource type: %s' % coll)
try:
query = bson.json_util.loads(params['q'])
except ValueError:
raise RestException('The query parameter must be a JSON object.')
model = ModelImporter().model(coll)
if hasattr(model, 'filterResultsByPermission'):
cursor = model.find(
query, fields=allowed[coll] + ['public', 'access'])
return list(model.filterResultsByPermission(
cursor, user=self.getCurrentUser(), level=AccessType.READ,
limit=limit, offset=offset, removeKeys=('public', 'access')))
else:
return list(model.find(query, fields=allowed[coll], limit=limit,
offset=offset))
def mongoSearch(self, params):
self.requireParams(('type', 'q'), params)
allowed = {
'collection': ['_id', 'name', 'description'],
'folder': ['_id', 'name', 'description'],
'item': ['_id', 'name', 'description', 'folderId'],
'user': ['_id', 'firstName', 'lastName', 'login']
}
limit, offset, sort = self.getPagingParameters(params, 'name')
coll = params['type']
events.trigger('mongo_search.allowed_collections', info=allowed)
if coll not in allowed:
raise RestException('Invalid resource type: {}'.format(coll))
try:
query = bson.json_util.loads(params['q'])
except ValueError:
raise RestException('The query parameter must be a JSON object.')
model = ModelImporter().model(coll)
if hasattr(model, 'filterResultsByPermission'):
cursor = model.find(
query, fields=allowed[coll] + ['public', 'access'], limit=0)
return [r for r in model.filterResultsByPermission(
cursor, user=self.getCurrentUser(), level=AccessType.READ,
limit=limit, offset=offset, removeKeys=('public', 'access'))]
else:
return [r for r in model.find(query, fields=allowed[coll],
limit=limit, offset=offset)]
def points(self, params):
self.requireParams(('q',), params)
limit, offset, sort = self.getPagingParameters(params, 'name')
latitude = params.get('latitude', 'meta.latitude')
longitude = params.get('longitude', 'meta.longitude')
spec = {
'type': 'point',
'latitude': latitude,
'longitude': longitude,
'keys': ['meta', 'name', 'description', '_id'],
'flatten': ['meta']
}
try:
query = bson.json_util.loads(params['q'])
except ValueError: # pragma: no cover
raise RestException('The query parameter must be a JSON object.')
events.trigger('geojson.points', info={
'spec': spec,
'query': query
})
# make sure the lat/lon are whitelisted keys to prevent private
# data leaking
if spec['latitude'].split('.')[0] not in spec['keys'] or \
spec['longitude'].split('.')[0] not in spec['keys']:
raise RestException('Invalid latitude/longitude key.', code=402)
coll = features.FeatureCollection(points=spec)
item = ModelImporter().model('item')
cursor = item.find(
query,
limit=0
)
cursor = item.filterResultsByPermission(
cursor,
user=self.getCurrentUser(),
level=AccessType.READ,
limit=limit,
offset=offset
)
try:
obj = coll(points=cursor)
except features.GeoJSONException:
raise RestException(
'Could not assemble a geoJSON object from spec.',
code=401
)
return obj
