def callback(): next_url = url_for('base.index') resp = oauth_provider.authorized_response() if resp is None or isinstance(resp, OAuthException): # FIXME: notify the user, somehow. return redirect(next_url) session['oauth'] = resp Role.create_defaults() session['roles'] = [Role.SYSTEM_GUEST, Role.SYSTEM_USER] if 'googleapis.com' in oauth_provider.base_url: me = oauth_provider.get('userinfo') user_id = 'google:%s' % me.data.get('id') role = Role.load_or_create(user_id, Role.USER, me.data.get('name'), email=me.data.get('email')) elif 'occrp.org' in oauth_provider.base_url or \ 'investigativedashboard.org' in oauth_provider.base_url: me = oauth_provider.get('api/2/accounts/profile/') user_id = 'idashboard:user:%s' % me.data.get('id') role = Role.load_or_create(user_id, Role.USER, me.data.get('display_name'), email=me.data.get('email'), is_admin=me.data.get('is_admin')) for group in me.data.get('groups', []): group_id = 'idashboard:%s' % group.get('id') Role.load_or_create(group_id, Role.GROUP, group.get('name')) session['roles'].append(group_id) else: raise RuntimeError("Unknown OAuth URL: %r" % oauth_provider.base_url) session['roles'].append(user_id) session['user'] = role.id session['is_admin'] = role.is_admin db_session.commit() return redirect(next_url)
def get_session(): role = Role.by_id(request.auth_user) if role is not None: apikey = role.apikey role = role.to_dict() role['apikey'] = apikey return jsonify({ 'logged_in': request.logged_in, 'user': role, 'roles': list(request.auth_roles), 'login_uri': url_for('auth.authorize'), 'sources': request.authz_sources, 'collections': request.authz_collections })
def execute_query(args, q, facets): """ Execute the query and return a set of results. """ result = get_es().search(index=get_es_index(), body=q) hits = result.get('hits', {}) output = { 'status': 'ok', 'results': [], 'offset': q['from'], 'limit': q['size'], 'took': result.get('took'), 'total': hits.get('total'), 'next': None, 'facets': {} } next_offset = output['offset'] + output['limit'] if output['total'] > next_offset: params = {'offset': next_offset} for k, v in args.iterlists(): if k in ['facet', 'offset']: continue params[k] = v output['next'] = url_for('base.search', **params) for doc in hits.get('hits', []): hlt = doc.get('highlight', {}).get('$text', None) doc = result_entity(doc) if hlt is not None: doc['$highlight'] = hlt output['results'].append(doc) # traverse and get all facets. aggs = result.get('aggregations') for facet in facets: scoped = aggs.get('scoped').get(facet, {}) value = aggs.get(facet, scoped.get(facet, {})) data = { 'total': scoped.get('doc_count', hits.get('total')), 'values': value.get('buckets', []) } output['facets'][facet] = data return output
def reset(): authz.require(authz.logged_in()) session.clear() return redirect(url_for('base.index'))
def authorize(): return oauth_provider.authorize(callback=url_for('auth.callback'))