def delete_extract(request):
user_id = request.authenticated_userid
discussion_id = int(request.matchdict['discussion_id'])
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(token,
request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
if not (user_has_permission(discussion_id, user_id, P_EDIT_EXTRACT) or
(user_has_permission(discussion_id, user_id, P_EDIT_MY_EXTRACT)
and user_id == extract.owner_id)):
raise HTTPForbidden()
if not extract:
return HTTPNoContent()
# TODO: Tombstonable extracts???
extract.delete()
return HTTPNoContent()
def delete_extract(request):
user_id = authenticated_userid(request)
discussion = request.context
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(token,
request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
permissions = get_permissions(user_id, discussion.id, extract)
if P_EDIT_EXTRACT not in permissions:
raise HTTPForbidden()
if not extract:
return HTTPNoContent()
# TODO: Tombstonable extracts???
extract.delete()
return HTTPNoContent()
def account_timezone(request):
if request.POST["timezone"] in timezones:
Session.query(User).filter(User.id == request.user.id).update({
"timezone":
request.POST["timezone"],
})
return HTTPNoContent()
def get_egrid_ident(self):
"""
Returns a list with the matched EGRIDs for the given NBIdent and property number.
Returns:
pyramid.response.Response: The `getegrid` response.
"""
params = Parameter('json' if self._is_json() else 'xml')
identdn = self._request.matchdict.get('identdn')
number = self._request.matchdict.get('number')
try:
if identdn and number:
records = self._real_estate_reader.read(
params, **{
'nb_ident': identdn,
'number': number
})
response = self.__get_egrid_response__(records)
else:
raise HTTPBadRequest('IDENTDN and NUMBER must be defined.')
except HTTPNoContent as err:
response = HTTPNoContent('{}'.format(err))
except HTTPBadRequest as err:
response = HTTPBadRequest('{}'.format(err))
response.extras = OerebStats(service='GetEgridIdent',
params={
'identdn': identdn,
'number': number
})
return response
def get_egrid_coord(self):
"""
Returns a list with the matched EGRIDs for the given coordinates.
Returns:
pyramid.response.Response: The `getegrid` response.
"""
params = Parameter('json' if self._is_json() else 'xml')
xy = self._params.get('XY')
gnss = self._params.get('GNSS')
try:
if xy or gnss:
geom_wkt = 'SRID={0};{1}'
if xy:
geom_wkt = geom_wkt.format(
Config.get('srid'),
self.__parse_xy__(xy, buffer_dist=1.0).wkt)
elif gnss:
geom_wkt = geom_wkt.format(Config.get('srid'),
self.__parse_gnss__(gnss).wkt)
records = self._real_estate_reader.read(
params, **{'geometry': geom_wkt})
response = self.__get_egrid_response__(records)
else:
raise HTTPBadRequest('XY or GNSS must be defined.')
except HTTPNoContent as err:
response = HTTPNoContent('{}'.format(err))
except HTTPBadRequest as err:
response = HTTPBadRequest('{}'.format(err))
response.extras = OerebStats(service='GetEgridCoord',
params={
'xy': xy,
'gnss': gnss
})
return response
def activate_by_email(self,
activation_code: str,
location: str = None) -> Response:
"""Active a user after user after the activation email.
* User clicks link in the activation email
* User enters the activation code on the form by hand
:param activation_code: Activation code for user account.
:param location: URL to redirect the user to, after activation.
:raise: HTTPNotFound is activation_code is invalid.
:return: Redirect to location.
"""
request = self.request
settings = request.registry.settings
user_registry = UserRegistry(request)
login_after_activation = asbool(
settings.get('tm.registry.login_after_activation', False))
user = user_registry.activate_user_by_email_token(activation_code)
if not user:
raise HTTPNotFound("Activation code not found",
json={'message': 'Activation code not found.'})
if login_after_activation:
login_service = LoginService(self.request)
return login_service.authenticate_user(user, login_source="email")
else:
self.request.registry.notify(
RegistrationActivatedEvent(self.request, user, None))
return HTTPNoContent(json=None)
def submit_view(request):
api_key = request.GET.get('key', None)
heka_client = get_heka_client()
if api_key is None:
# we don't require API keys for submit yet
heka_client.incr('submit.no_api_key')
else:
heka_client.incr('submit.api_key.%s' % api_key.replace('.', '__'))
data, errors = preprocess_request(
request,
schema=SubmitSchema(),
extra_checks=(submit_validator, ),
)
items = data['items']
nickname = request.headers.get('X-Nickname', u'')
if isinstance(nickname, str):
nickname = nickname.decode('utf-8', 'ignore')
# batch incoming data into multiple tasks, in case someone
# manages to submit us a huge single request
for i in range(0, len(items), 100):
insert_measures.delay(
# TODO convert items to json with support for decimal/datetime
items=dumps(items[i:i + 100]),
nickname=nickname,
)
return HTTPNoContent()
def delete_journal_aop(request):
try:
request.services["remove_ahead_of_print_bundle_from_journal"](
id=request.matchdict["journal_id"])
except exceptions.DoesNotExist as exc:
return HTTPNotFound(str(exc))
return HTTPNoContent()
def get(self):
"""Return user settings."""
objects = ObjectSettings.list_db(self.user)
settings = [x.marshall_dict() for x in objects]
if settings:
return settings[0]
raise HTTPNoContent()
def put_asset(request):
"""Adiciona ou atualiza registro de ativo do documento. A atualização do
ativo é idempotente.
A semântica desta view-function está definida conforme a especificação:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.6
"""
assets_list = get_assets_list(request)
assets_map = {asset["slug"]: asset["id"] for asset in assets_list["assets"]}
asset_slug = request.matchdict["asset_slug"]
try:
asset_id = assets_map[asset_slug]
except KeyError:
raise HTTPNotFound(
'cannot fetch asset with slug "%s": asset does not exist' % asset_slug
)
asset_url = request.validated["asset_url"]
try:
request.services["register_asset_version"](
id=request.matchdict["document_id"], asset_id=asset_id, asset_url=asset_url
)
except exceptions.VersionAlreadySet as exc:
LOGGER.info(
'skipping request to add version to "%s/assets/%s": %s',
request.matchdict["document_id"],
request.matchdict["asset_slug"],
exc,
)
return HTTPNoContent("asset updated successfully")
def __get_egrid_response__(self, records):
"""
Creates a valid GetEGRID response from a list of real estate records.
Args:
records (list of pyramid_oereb.lib.records.real_estate.RealEstateRecord): List of real
estate records.
Returns:
pyramid.response.Response: The `getegrid` response.
"""
if len(records) == 0:
return HTTPNoContent()
real_estates = list()
for r in records:
real_estates.append({
'egrid': getattr(r, 'egrid'),
'number': getattr(r, 'number'),
'identDN': getattr(r, 'identdn')
})
egrid = {'GetEGRIDResponse': real_estates}
renderer_name = 'json' if self._is_json() else 'pyramid_oereb_getegrid_xml'
response = render_to_response(renderer_name, egrid, request=self._request)
if self._is_json():
response.content_type = 'application/json; charset=UTF-8'
return response
def delete(context, request):
context.annotation.moderation = None
event = events.AnnotationEvent(request, context.annotation.id, "update")
request.notify_after_commit(event)
return HTTPNoContent()
def create(context, request):
svc = request.find_service(name="flag")
svc.create(request.user, context.annotation)
_email_group_admin(request, context.annotation)
return HTTPNoContent()
def delete(self):
"""Remove the identity"""
self.request.identity_provider.delete(self.request.identity)
headers = forget(self.request)
self.request.response.headers.extend(headers)
return HTTPNoContent()
def put_document(request):
"""Adiciona ou atualiza registro de documento. A atualização do documento é
idempotente.
A semântica desta view-function está definida conforme a especificação:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.6
"""
data_url = request.validated["data"]
assets = {
asset["asset_id"]: asset["asset_url"]
for asset in request.validated.get("assets", [])
}
try:
request.services["register_document"](
id=request.matchdict["document_id"],
data_url=data_url,
assets=assets)
except exceptions.AlreadyExists:
try:
request.services["register_document_version"](
id=request.matchdict["document_id"],
data_url=data_url,
assets=assets)
except exceptions.VersionAlreadySet as exc:
LOGGER.info(
'skipping request to add version to "%s": %s',
request.matchdict["document_id"],
exc,
)
return HTTPNoContent("document updated successfully")
else:
return HTTPCreated("document created successfully")
def _get_egrid_address(self, params):
"""
Returns a list with the matched EGRIDs for the given postal address.
Args:
params (pyramid_oereb.views.webservice.Parameter): The parameter object.
Returns:
list of pyramid_oereb.core.records.real_estate.RealEstateRecord:
The list of all found records filtered by the passed criteria.
"""
postalcode = self._params.get('POSTALCODE')
localisation = self._params.get('LOCALISATION')
number = self._params.get('NUMBER')
if postalcode and localisation and number:
reader = AddressReader(
Config.get_address_config().get('source').get('class'),
**Config.get_address_config().get('source').get('params'))
addresses = reader.read(params, localisation, int(postalcode),
number)
if len(addresses) == 0:
raise HTTPNoContent()
geometry = 'SRID={srid};{wkt}'.format(srid=Config.get('srid'),
wkt=addresses[0].geom.wkt)
processor = create_processor()
return processor.real_estate_reader.read(params,
**{'geometry': geometry})
else:
raise HTTPBadRequest(
'POSTALCODE, LOCALISATION and NUMBER must be defined.')
def patch_documents_bundle(request):
try:
request.services["update_documents_bundle_metadata"](
request.matchdict["bundle_id"], metadata=request.validated)
except exceptions.DoesNotExist as exc:
return HTTPNotFound(str(exc))
else:
return HTTPNoContent("bundle updated successfully")
def put_documents_bundle(request):
try:
request.services["create_documents_bundle"](
request.matchdict["bundle_id"], metadata=request.validated)
except exceptions.AlreadyExists:
return HTTPNoContent("bundle updated successfully")
else:
return HTTPCreated("bundle created successfully")
def mark(context, request):
svc = request.find_service(name="mark")
svc.mark(request.user, context.annotation)
event = AnnotationEvent(request, context.annotation.id, "mark")
request.notify_after_commit(event)
return HTTPNoContent()
def chat_delete(request):
chat, own_chat_user = _get_chat(request, ongoing=False)
if chat.status == "ongoing":
_post_end_message(request, chat, own_chat_user)
Session.delete(own_chat_user)
if request.is_xhr:
return HTTPNoContent()
return HTTPFound(request.route_path("chat_list"))
def send_account_verification(request):
ctx = request.context
instance = ctx._instance
if instance.verified:
return HTTPNoContent("No need to verify email <%s>" % (instance.email))
request.matchdict = {}
send_confirmation_email(request, instance)
return {}
def downvote(context, request):
svc = request.find_service(name="downvote")
svc.downvote(request.user, context.annotation)
event = AnnotationEvent(request, context.annotation.id, "downvote")
request.notify_after_commit(event)
return HTTPNoContent()
def default_options_view(resource, request, methods=None):
"""Default OPTIONS view for resources."""
response = HTTPNoContent()
if methods is None:
state = RestState.from_resource(resource)
methods = state.supported_methods()
response.headers['Access-Control-Allow-Methods'] = ', '.join(methods)
return response
def patch_journal_issues(request):
try:
if request.validated.get("index") is not None:
request.services["insert_issue_to_journal"](
id=request.matchdict["journal_id"],
index=request.validated["index"],
issue=request.validated["issue"],
)
else:
request.services["add_issue_to_journal"](
id=request.matchdict["journal_id"], issue=request.validated["issue"]
)
except exceptions.DoesNotExist as exc:
return HTTPNotFound(str(exc))
except exceptions.AlreadyExists as exc:
return HTTPNoContent("issue added to journal successfully.")
else:
return HTTPNoContent("issue added to journal successfully.")
def patch_journal_aop(request):
try:
request.services["set_ahead_of_print_bundle_to_journal"](
id=request.matchdict["journal_id"], aop=request.validated["aop"])
except exceptions.DoesNotExist:
return HTTPNotFound('cannot find journal with id "%s"' %
request.matchdict["journal_id"])
return HTTPNoContent("aop added to journal successfully")
def delete(context, request):
svc = request.find_service(name="annotation_moderation")
svc.unhide(context.annotation)
event = events.AnnotationEvent(request, context.annotation.id, "update")
request.notify_after_commit(event)
return HTTPNoContent()
def create(context, request):
svc = request.find_service(name='annotation_moderation')
svc.hide(context.annotation)
event = events.AnnotationEvent(request, context.annotation.id, 'update')
request.notify_after_commit(event)
return HTTPNoContent()
def delete_journal_issues(request):
try:
request.services["remove_issue_from_journal"](
id=request.matchdict["journal_id"], issue=request.validated["issue"]
)
except exceptions.DoesNotExist as exc:
return HTTPNotFound(str(exc))
else:
return HTTPNoContent("issue removed from journal successfully.")
def logout(self) -> Response:
"""Log out user from the site.
:return: HTTPNoContent empty Authorization header.
"""
# headers = forget(request)
headers = {'Authorization': ''}
return HTTPNoContent(headers=headers, json=None)
def submit_view(request):
stats_client = request.registry.stats_client
api_key_log = getattr(request, 'api_key_log', False)
api_key_name = getattr(request, 'api_key_name', None)
try:
data, errors = preprocess_request(
request,
schema=SubmitSchema(),
extra_checks=(submit_validator, ),
response=JSONError,
)
except JSONError:
# capture JSON exceptions for submit calls
request.registry.raven_client.captureException()
raise
items = data['items']
nickname = request.headers.get('X-Nickname', u'')
if isinstance(nickname, str):
nickname = nickname.decode('utf-8', 'ignore')
email = request.headers.get('X-Email', u'')
if isinstance(email, str):
email = email.decode('utf-8', 'ignore')
# count the number of batches and emit a pseudo-timer to capture
# the number of reports per batch
length = len(items)
stats_client.incr('items.uploaded.batches')
stats_client.timing('items.uploaded.batch_size', length)
if api_key_log:
stats_client.incr('items.api_log.%s.uploaded.batches' % api_key_name)
stats_client.timing(
'items.api_log.%s.uploaded.batch_size' % api_key_name, length)
# batch incoming data into multiple tasks, in case someone
# manages to submit us a huge single request
for i in range(0, length, 100):
batch = kombu_dumps(items[i:i + 100])
# insert observations, expire the task if it wasn't processed
# after six hours to avoid queue overload
try:
insert_measures.apply_async(kwargs={
'email': email,
'items': batch,
'nickname': nickname,
'api_key_log': api_key_log,
'api_key_name': api_key_name,
},
expires=21600)
except ConnectionError: # pragma: no cover
return HTTPServiceUnavailable()
return HTTPNoContent()
