def delete_triples_from_project(request, uri):
"""Deletes the triples in a graph provided by a request object from the project graph.
Returns an HttpResponse of all the triples which were successfully removed from the graph."""
if request.user.is_authenticated():
if permissions.has_permission_over(uri, user=request.user, permission=NS.perm.mayUpdate):
removed = Graph()
bind_namespaces(removed)
try:
g = parse_request_into_graph(request)
except (ParserError, SyntaxError) as e:
return HttpResponse(status=400, content="Unable to parse serialization.\n%s" % e)
project_g = get_project_graph(uri)
project_metadata_g = get_project_metadata_graph(uri)
for t in g:
if t in project_g:
project_g.remove(t)
removed.add(t)
project_metadata_g.remove(t)
return NegotiatedGraphResponse(request, removed)
else:
return HttpResponseForbidden('User "%s" does not have update permissions over project "%s"' % (request.user.username, uri))
else:
return HttpResponse(status=401)
def inner(request, *args, **kwargs):
project_uri = kwargs['project_uri'] if 'project_uri' in kwargs else kwargs['uri']
if request.user.is_authenticated():
if request.method == 'GET' or request.method == 'HEAD':
if permissions.has_permission_over(project_uri, user=request.user, permission=NS.perm.mayRead):
return fn(request, *args, **kwargs)
else:
return HttpResponseForbidden()
elif request.method in ('POST', 'PUT', 'DELETE'):
if permissions.has_permission_over(project_uri, user=request.user, permission=NS.perm.mayUpdate):
return fn(request, *args, **kwargs)
else:
return HttpResponseForbidden()
else:
return HttpResponse(status=401)
def read_project(request, project_uri):
"""Returns a HttpResponse of the cached project metadata graph"""
project_uri = URIRef(project_uri)
if request.user.is_authenticated():
if permissions.has_permission_over(project_uri, user=request.user, permission=NS.perm.mayRead):
identifier = uris.uri('semantic_store_projects', uri=project_uri)
store_metadata_graph = get_project_metadata_graph(project_uri)
ret_graph = Graph()
ret_graph += store_metadata_graph
add_is_described_bys(request, project_uri, ret_graph)
for permission in ProjectPermission.objects.filter(identifier=project_uri):
user = permission.user
user_uri = uris.uri('semantic_store_users', username=user.username)
perm_uri = permissions.PERMISSION_URIS_BY_MODEL_VALUE[permission.permission]
ret_graph += user_metadata_graph(user=user)
ret_graph.add((user_uri, NS.perm.hasPermissionOver, project_uri))
ret_graph.add((user_uri, perm_uri, project_uri))
if len(ret_graph) > 0:
return NegotiatedGraphResponse(request, ret_graph)
else:
return HttpResponseNotFound()
else:
return HttpResponseForbidden('User "%s" does not have read permissions over project "%s"' % (request.user.username, project_uri))
else:
return HttpResponse(status=401)
def delete_triples_from_project(request, uri):
"""Deletes the triples in a graph provided by a request object from the project graph.
Returns an HttpResponse of all the triples which were successfully removed from the graph."""
if request.user.is_authenticated():
if permissions.has_permission_over(uri, user=request.user, permission=NS.perm.mayUpdate):
removed = Graph()
bind_namespaces(removed)
try:
logger.debug('!!!!!!!!!!!!!!! project_texts.py - delete_triples_from_project')
g = parse_request_into_graph(request)
except (ParserError, SyntaxError) as e:
return HttpResponse(status=400, content="Unable to parse serialization.\n%s" % e)
project_g = get_project_graph(uri)
project_metadata_g = get_project_metadata_graph(uri)
for t in g:
if t in project_g:
project_g.remove(t)
removed.add(t)
project_metadata_g.remove(t)
return NegotiatedGraphResponse(request, removed)
else:
return HttpResponseForbidden('User "%s" does not have update permissions over project "%s"' % (request.user.username, uri))
else:
return HttpResponse(status=401)
def read_project(request, project_uri):
"""Returns a HttpResponse of the cached project metadata graph"""
project_uri = URIRef(project_uri)
if request.user.is_authenticated():
if permissions.has_permission_over(project_uri, user=request.user, permission=NS.perm.mayRead):
identifier = uris.uri('semantic_store_projects', uri=project_uri)
store_metadata_graph = get_project_metadata_graph(project_uri)
ret_graph = Graph()
ret_graph += store_metadata_graph
add_is_described_bys(request, project_uri, ret_graph)
for permission in ProjectPermission.objects.filter(identifier=project_uri):
user = permission.user
user_uri = uris.uri('semantic_store_users', username=user.username)
perm_uri = permissions.PERMISSION_URIS_BY_MODEL_VALUE[permission.permission]
ret_graph += user_metadata_graph(user=user)
ret_graph.add((user_uri, NS.perm.hasPermissionOver, project_uri))
ret_graph.add((user_uri, perm_uri, project_uri))
if len(ret_graph) > 0:
return NegotiatedGraphResponse(request, ret_graph)
else:
return HttpResponseNotFound()
else:
return HttpResponseForbidden('User "%s" does not have read permissions over project "%s"' % (request.user.username, project_uri))
else:
return HttpResponse(status=401)
def permission_updates_are_allowed(request, input_graph):
for perm_predicate in PERMISSION_PREDICATES:
for user, p, project in input_graph.triples((None, perm_predicate, None)):
has_admin_permissions = has_permission_over(project, user=request.user, permission=NS.perm.mayAdminister)
project_graph = Graph(store=rdfstore(), identifier=uris.uri('semantic_store_projects', uri=project))
is_empty_project = (project, NS.ore.aggregates, None) not in project_graph
if not has_admin_permissions and not is_unowned_project(project) and not is_empty_project:
return False
return True
def inner(request, *args, **kwargs):
project_uri = kwargs[
'project_uri'] if 'project_uri' in kwargs else kwargs['uri']
if request.user.is_authenticated():
if request.method == 'GET' or request.method == 'HEAD':
if permissions.has_permission_over(project_uri,
user=request.user,
permission=NS.perm.mayRead):
return fn(request, *args, **kwargs)
else:
return HttpResponseForbidden()
elif request.method in ('POST', 'PUT', 'DELETE'):
if permissions.has_permission_over(
project_uri,
user=request.user,
permission=NS.perm.mayUpdate):
return fn(request, *args, **kwargs)
else:
return HttpResponseForbidden()
else:
return HttpResponse(status=401)
def update_project(request, uri):
"""Updates the project and metadata graph from a put or post request"""
if request.user.is_authenticated():
if permissions.has_permission_over(uri, user=request.user, permission=NS.perm.mayUpdate):
try:
input_graph = parse_request_into_graph(request)
except (ParserError, SyntaxError) as e:
return HttpResponse(status=400, content="Unable to parse serialization.\n%s" % e)
update_project_graph(input_graph, URIRef(uri))
return HttpResponse(status=204)
else:
return HttpResponseForbidden('User "%s" does not have update permissions over project "%s"' % (request.user.username, uri))
else:
return HttpResponse('Unauthorized', status=401)
def update_project(request, uri):
"""Updates the project and metadata graph from a put or post request"""
if request.user.is_authenticated():
if (permissions.has_permission_over(uri, user=request.user, permission=NS.perm.mayUpdate) or
permissions.is_abandoned_project(uri)):
logger.debug("$$$$$$$$$$$ update_project (request)")
logger.debug(request)
try:
logger.debug('!!!!!!!!!!!!!!! project_texts.py - update_project')
input_graph = parse_request_into_graph(request)
except (ParserError, SyntaxError) as e:
return HttpResponse(status=400, content="Unable to parse serialization.\n%s" % e)
update_project_graph(input_graph, URIRef(uri))
return HttpResponse(status=204)
else:
return HttpResponseForbidden('User "%s" does not have update permissions over project "%s"' % (request.user.username, uri))
else:
return HttpResponse('Unauthorized', status=401)