def mutate(self, info, id): with ScopedSession() as local_db_session: id = from_global_id(id)[1] stage = local_db_session.query(StageModel).filter( StageModel.id == id).first() if stage: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == stage.owner_id: raise Exception( "Only stage owner or admin can delete this stage!") local_db_session.query(ParentStage).filter( ParentStage.stage_id == id).delete( synchronize_session=False) local_db_session.query(StageAttributeModel).filter( StageAttributeModel.stage_id == id).delete( synchronize_session=False) for performance in local_db_session.query( PerformanceModel).filter( PerformanceModel.stage_id == id).all(): local_db_session.query(EventModel).filter( EventModel.performance_id == performance.id).delete( synchronize_session=False) local_db_session.delete(performance) local_db_session.delete(stage) local_db_session.flush() local_db_session.commit() else: raise Exception("Stage not found!") return DeleteStage(success=True)
def mutate(self, info, stage_id, name=None, description=None): if not name: raise Exception("Please pick a name!") current_user_id = get_jwt_identity() with ScopedSession() as local_db_session: id = from_global_id(stage_id)[1] stage = local_db_session.query(Stage).filter( Stage.id == id).first() if stage: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == stage.owner_id: raise Exception( "Only stage owner or Admin can start a recording on this stage!" ) else: raise Exception("Stage does not exist!") performance = PerformanceModel(stage=stage, name=name, description=description, recording=True) local_db_session.add(performance) local_db_session.flush() local_db_session.commit() recording = local_db_session.query(PerformanceModel).filter( PerformanceModel.id == performance.id).first() return StartRecording(recording=recording)
def mutate(self, info, inbound): data = graphql_utils.input_to_dictionary(inbound) code,error,user,timezone = current_user() if not user.role in (ADMIN,SUPER_ADMIN) : if not user.id == int(data['id']): raise Exception("Permission denied!") if not data['email'] and data['role'] != GUEST: raise Exception("Email is required!") with ScopedSession() as local_db_session: user = local_db_session.query(UserModel)\ .filter(UserModel.id==data['id']).first() if (data['password']): data['password'] = encrypt(data['password']) else: del data['password'] for key, value in data.items(): if key == 'active': if value and not user.active and not user.deactivated_on: send(user.email, f"Registration approved for user {user.username}", user_approved(user)) if not value and user.active: user.deactivated_on = datetime.now() if hasattr(user, key): setattr(user, key, value) user = DBSession.query(UserModel).filter(UserModel.id==data['id']).first() return UpdateUser(user=user)
def mutate(self, info, subject, body, recipients): code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): raise Exception( "Only Admin can send notification emails!") send(recipients, subject, body) return SendEmail(success=True)
def mutate(self, info, id): with ScopedSession() as local_db_session: id = from_global_id(id)[1] asset = local_db_session.query(AssetModel).filter( AssetModel.id == id).first() if asset: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == asset.owner_id: return DeleteMedia(success=False, message="Only media owner or admin can delete this media!") if asset.description: attributes = json.loads(asset.description) if 'frames' in attributes and attributes['frames']: # Delete frames that was assigned only to this media for frame in attributes['frames']: frame_asset = local_db_session.query(AssetModel).filter( or_(AssetModel.file_location == frame, AssetModel.description.contains(frame))).first() if not frame_asset: physical_path = os.path.join( absolutePath, storagePath, frame) if os.path.exists(physical_path): os.remove(physical_path) physical_path = os.path.join( absolutePath, storagePath, asset.file_location) local_db_session.query(ParentStage).filter( ParentStage.child_asset_id == id).delete(synchronize_session=False) local_db_session.query(MediaTag).filter( MediaTag.asset_id == id).delete(synchronize_session=False) local_db_session.query(AssetLicense).filter( AssetLicense.asset_id == id).delete(synchronize_session=False) local_db_session.query(AssetUsage).filter( AssetUsage.asset_id == id).delete(synchronize_session=False) for multiframe_media in local_db_session.query(AssetModel).filter(AssetModel.description.like(f"%{asset.file_location}%")).all(): attributes = json.loads(multiframe_media.description) for i, frame in enumerate(attributes['frames']): if "?" in frame: attributes['frames'][i] = frame[:frame.index("?")] if asset.file_location in attributes['frames']: attributes['frames'].remove(asset.file_location) multiframe_media.description = json.dumps(attributes) local_db_session.flush() local_db_session.delete(asset) local_db_session.flush() local_db_session.commit() else: return DeleteMedia(success=False, message="Media not found!") if os.path.exists(physical_path): os.remove(physical_path) else: return DeleteMedia(success=True, message="Media deleted successfully but file not existed on storage!") return DeleteMedia(success=True, message="Media deleted successfully!")
def role_super_admin(fn, instance, args, kwargs): code, error, user, x, y, t = current_user() if code != 200: abort(code, error) if (user.role & SUPER_ADMIN) != 0: return fn(*args, **kwargs) app.logger.warning( "Denied access to fn {0} for user {1}:{2}, user is not role {3}". format(str(fn), user.id, user.email, ROLES[SUPER_ADMIN]))
def role_participant(fn, instance, args, kwargs): code, error, user, x, y, t = current_user() if code != 200: abort(code, error) if (user.role & PARTICIPANT) != 0: return fn(*args, **kwargs) app.logger.warning( "Denied access to fn {0} for user {1}:{2}, user is not role {3}". format(str(fn), user.id, user.email, ROLES[PROVIDER]))
def role_attendee(fn, instance, args, kwargs): code, error, user, x, y, t = current_user() if code != 200: abort(code, error) if (user.role & ATTENDEE) != 0: return fn(*args, **kwargs) app.logger.warning( "Denied access to fn {0} for user {1}:{2}, user is not role {3}". format(str(fn), user.id, user.email, ROLES[RESIDENT]))
def resolve_notifications(self, info): code, error, user, timezone = current_user() notifications = [] if user: mediaUsages = [ Notification(type=NotificationType.MEDIA_USAGE, mediaUsage=x) for x in DBSession.query(AssetUsageModel).filter( AssetUsageModel.approved == False).filter( AssetUsageModel.asset.has(owner_id=user.id)).all() ] notifications += mediaUsages return notifications
def mutate(self, info, id, stage_id): id = from_global_id(id)[1] with ScopedSession() as local_db_session: asset = local_db_session.query(AssetModel).get(id) if asset: code, error, user, timezone = current_user() stage = local_db_session.query(StageModel).get(stage_id) if stage: asset.stages.append(ParentStage(stage_id=stage_id)) local_db_session.flush() local_db_session.commit() return QuickAssignMutation(success=True) return QuickAssignMutation(success=False, message="Stage not found")
def mutate(self, info, id, name): with ScopedSession() as local_db_session: code, error, user, timezone = current_user() id = from_global_id(id)[1] stage = local_db_session.query(StageModel).filter( StageModel.id == id).first() if stage: local_db_session.expunge(stage) make_transient(stage) original_stage_id = id stage.id = None stage.name = name stage.owner_id = user.id shortname = re.sub('\s+', '-', re.sub('[^A-Za-z0-9 ]+', '', name)).lower() suffix = "" while True: existedStages = DBSession.query(StageModel).filter( StageModel.file_location == f"{shortname}{suffix}").first() if existedStages: suffix = int(suffix or 0) + 1 else: break stage.file_location = f"{shortname}{suffix}" local_db_session.add(stage) local_db_session.flush() new_stage_id = stage.id # Clone media and attributes, player accesses,... for ps in local_db_session.query(ParentStage).filter( ParentStage.stage_id == original_stage_id).all(): local_db_session.add( ParentStage(stage_id=new_stage_id, child_asset_id=ps.child_asset_id)) for attribute in local_db_session.query( StageAttributeModel).filter( StageAttributeModel.stage_id == original_stage_id).all(): local_db_session.add( StageAttributeModel(stage_id=new_stage_id, name=attribute.name, description=attribute.description)) local_db_session.flush() local_db_session.commit() return DuplicateStage(success=True, new_stage_id=to_global_id( 'Stage', new_stage_id)) else: raise Exception("Stage not found!")
def mutate(self, info, asset_id, note=None): asset_id = from_global_id(asset_id)[1] with ScopedSession() as local_db_session: asset = local_db_session.query(AssetModel).get(asset_id) if asset: code, error, user, timezone = current_user() asset_usage = AssetUsageModel(user_id=user.id, asset_id=asset_id, note=note) if asset.copyright_level == 2: asset_usage.approved = False else: asset_usage.approved = True local_db_session.add(asset_usage) local_db_session.flush() local_db_session.commit() return ConfirmPermission(success=True)
def mutate(self, info, base64, filename): code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN, PLAYER): raise Exception("You don't have permission to upload media") # Save base64 to file filename, file_extension = os.path.splitext(filename) unique_filename = uuid.uuid4().hex + file_extension subpath = 'media' mediaDirectory = os.path.join(absolutePath, storagePath, subpath) if not os.path.exists(mediaDirectory): os.makedirs(mediaDirectory) with open(os.path.join(mediaDirectory, unique_filename), "wb") as fh: fh.write(b64decode(base64.split(',')[1])) file_location = os.path.join(subpath, unique_filename) return UploadFile(url=file_location)
def mutate(self, info, inbound): data = graphql_utils.input_to_dictionary(inbound) code,error,user,timezone = current_user() if not user.role in (ADMIN,SUPER_ADMIN) : raise Exception("Permission denied!") with ScopedSession() as local_db_session: # Delete all existed user's sessions local_db_session.query(UserSession).filter(UserSession.user_id==data['id']).delete() # Delete all stages created by this user local_db_session.query(StageAttributeModel).filter(StageAttributeModel.stage.has(StageModel.owner_id==data['id'])).delete(synchronize_session='fetch') local_db_session.query(StageModel).filter(StageModel.owner_id==data['id']).delete() # Change the owner of media uploaded by this user to the one who process the delete # Because delete the media would cause impact to other stage, this would be a workaround for now local_db_session.query(AssetModel).filter(AssetModel.owner_id==data['id']).update({AssetModel.owner_id: user.id}) # Delete the actual user local_db_session.query(UserModel).filter(UserModel.id==data['id']).delete() local_db_session.commit() return DeleteUser(success=True)
def mutate(self, info, users, stageIds=[]): code,error,user,timezone = current_user() if not user.role in (ADMIN,SUPER_ADMIN) : raise Exception("Permission denied!") ids = [] with ScopedSession() as local_db_session: duplicated = [] for i in range(len(users) - 1): for j in range(i + 1, len(users)): if users[i].username == users[j].username: duplicated.append(users[i].username) if duplicated: raise Exception('Duplicated username: '******', '.join(duplicated)) existed = [user.username for user in DBSession.query(UserModel).filter(UserModel.username.in_([x.username for x in users])).all()] if existed: raise Exception('Username already existed: ' + ', '.join(existed)) for item in users: user = UserModel( username=item.username, active=True, role=GUEST ) # Add validation for non-empty passwords, etc. user.password = encrypt(item.password) local_db_session.add(user) local_db_session.flush() ids.append(user.id) # Now assigns users into stages stages = DBSession.query(StageModel).filter(StageModel.id.in_(stageIds)).all() for stage in stages: player_access = stage.attributes.filter(StageAttributeModel.name == 'playerAccess').first() if player_access: accesses = json.loads(player_access.description) for user_id in ids: if user_id not in accesses[0]: accesses[0].append(user_id) # append user id to player ids player_access.description = json.dumps(accesses) local_db_session.flush() local_db_session.commit() users = DBSession.query(UserModel).filter(UserModel.id.in_(ids)).all() return BatchUserCreation(users=users)
def resolve_search(self, info, inbound): """ Get user from JWT token. """ code,error,this_user,timezone = current_user() if code != 200: raise Exception(error) """ Compare it with params. If current user is an admin, allow lookup of other users. """ if inbound: data = graphql_utils.input_to_dictionary(inbound) lookup_user = DBSession.query(UserModel).filter_by(data).first() access_token = request.headers.get(app.config['JWT_HEADER_NAME'],None) #app.logger.info("access token:{0}".format(access_token)) # If latest user session access token doesn't match, kick them out. user_session = DBSession.query(UserSession).filter( UserSession.user_id==user.id).order_by( UserSession.recorded_time.desc()).first() if not user_session: raise Exception('Bad user session') if (user_session.access_token != access_token): TNL.add(access_token) # No. user session may be valid, from a newer login on a different device. #TNL.add(user_session.refresh_token) #TNL.add(user_session.access_token) raise Exception('Access token is invalid') self.result = { 'user_id':user.id,'role':user.role, 'phone':user.phone, 'first_name':user.first_name, 'last_name': user.last_name, 'email':user.email, 'timezone':timezone, 'groups':[], 'username':user.username, } #return result return graphql_utils.json2obj(self.result)
def mutate(self, info, id): with ScopedSession() as local_db_session: scene = local_db_session.query(SceneModel).filter( SceneModel.id == id).first() if scene: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == scene.owner_id: return DeleteScene( success=False, message= "Only scene owner or admin can delete this scene!") scene.active = False local_db_session.flush() local_db_session.commit() else: return DeleteScene(success=False, message="Scene not found!") return DeleteScene(success=True, message="Scene deleted successfully!")
def mutate(self, info, id): with ScopedSession() as local_db_session: performance = local_db_session.query(PerformanceModel).filter( PerformanceModel.id == id).first() if performance: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == performance.owner_id: raise Exception( "Only stage owner or Admin can delete this record!" ) local_db_session.query(Event).filter( Event.performance_id == id).delete( synchronize_session=False) local_db_session.delete(performance) local_db_session.flush() local_db_session.commit() else: raise Exception("Performance not found!") return DeletePerformance(success=True)
def mutate(self, info, id): current_user_id = get_jwt_identity() with ScopedSession() as local_db_session: performance = local_db_session.query(PerformanceModel).filter( PerformanceModel.id == id).first() if performance: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == performance.stage.owner_id: raise Exception( "Only stage owner or Admin can save a recording!") saved_on = datetime.utcnow() events = local_db_session.query(Event)\ .filter(Event.topic.like("%/{}/%".format(performance.stage.file_location)))\ .filter(Event.created > performance.created_on)\ .filter(Event.created < saved_on) if events.count() > 0: # Clone each events that happend between the recording session for event in events.all(): local_db_session.expunge(event) make_transient(event) event.id = None event.performance_id = performance.id local_db_session.add(event) else: raise Exception("Nothing to record!") performance.saved_on = saved_on local_db_session.flush() local_db_session.commit() else: raise Exception("Performance not found!") recording = local_db_session.query(PerformanceModel).filter( PerformanceModel.id == performance.id).first() return SaveRecording(recording=recording)
def mutate(self, info, id, approved): id = from_global_id(id)[1] with ScopedSession() as local_db_session: asset_usage = local_db_session.query(AssetUsageModel).get(id) asset_id = asset_usage.asset_id if asset_usage: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == asset_usage.asset.owner_id: return ConfirmPermission( success=False, message= "Only media owner or admin can delete this media!") if approved: asset_usage.approved = True asset_usage.seen = True else: local_db_session.delete(asset_usage) local_db_session.flush() permissions = DBSession.query(AssetUsageModel).filter( AssetUsageModel.asset_id == asset_id).all() return ConfirmPermission(success=True, permissions=permissions)
def mutate(self, info, id, name=None, description=None): if not name: raise Exception("Please pick a name!") current_user_id = get_jwt_identity() with ScopedSession() as local_db_session: performance = local_db_session.query(PerformanceModel).filter( PerformanceModel.id == id).first() if performance: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == performance.stage.owner_id: raise Exception( "Only stage owner or Admin can update archived performance information!" ) performance.name = name performance.description = description local_db_session.flush() local_db_session.commit() else: raise Exception("Performance not found!") return UpdatePerformance(success=True)
def resolve_whoami(self, info): code, error, user, timezone = current_user() return user
def resolve_currentUser(self, info): code,error,user,timezone = current_user() if error: raise Exception(error) return user
def mutate(self, info, input): name, urls, media_type, copyright_level, user_ids, stage_ids, tags, w, h = itemgetter( 'name', 'urls', 'media_type', 'copyright_level', 'user_ids', 'stage_ids', 'tags', 'w', 'h')(input) current_user_id = get_jwt_identity() with ScopedSession() as local_db_session: asset_type = local_db_session.query(AssetTypeModel).filter( AssetTypeModel.name == media_type).first() if not asset_type: asset_type = AssetTypeModel(name=media_type, file_location=media_type) local_db_session.add(asset_type) local_db_session.flush() if 'id' in input: id = from_global_id(input['id'])[1] asset = local_db_session.query(AssetModel).filter( AssetModel.id == id).first() if asset: code, error, user, timezone = current_user() if not user.role in (ADMIN, SUPER_ADMIN): if not user.id == asset.owner_id: raise Exception( "You don't have permission to edit this media") else: asset = AssetModel(owner_id=current_user_id) local_db_session.add(asset) if asset: asset.name = name asset.asset_type = asset_type file_location = urls[0] if file_location: if "?" in file_location: file_location = file_location[:file_location.index("?" )] if asset.id and file_location != asset.file_location and '/' not in file_location: existedAsset = local_db_session.query( AssetModel).filter( AssetModel.file_location == file_location ).filter(AssetModel.id != asset.id).first() if existedAsset: raise Exception( "Stream with the same key already existed, please pick another unique key!" ) asset.file_location = file_location else: asset.file_location = uuid.uuid4() asset.copyright_level = copyright_level asset.updated_on = datetime.utcnow() local_db_session.flush() if urls: if not asset.description: asset.description = "{}" attributes = json.loads(asset.description) if not 'frame' in attributes or attributes['frames']: attributes['frames'] = [] asset.size = 0 for url in urls: attributes['frames'].append(url) full_path = os.path.join(absolutePath, storagePath, url) try: size = os.path.getsize(full_path) except: size = 0 # file not exist asset.size += size if len(urls) > 1: attributes['multi'] = True else: attributes['multi'] = False attributes['frames'] = [] attributes['w'] = w attributes['h'] = h if asset_type.name == 'stream' and '/' not in file_location: attributes['isRTMP'] = True if 'voice' in input: voice = input['voice'] if voice and voice.voice: attributes['voice'] = voice elif 'voice' in attributes: del attributes['voice'] if 'link' in input: link = input['link'] if link and link.url: attributes['link'] = link elif 'link' in attributes: del attributes['link'] asset.description = json.dumps(attributes) local_db_session.flush() if stage_ids != None: asset.stages.delete() for id in stage_ids: asset.stages.append(ParentStage(stage_id=id)) if user_ids != None: granted_permissions = asset.permissions.all() for permission in granted_permissions: if isinstance(permission, AssetUsageModel): if permission.user_id not in user_ids and permission.approved == True: asset.permissions.remove(permission) local_db_session.delete(permission) for user_id in user_ids: permission = local_db_session.query( AssetUsageModel).filter( AssetUsageModel.asset_id == asset.id, AssetUsageModel.user_id == user_id).first() if not permission: permission = AssetUsageModel(user_id=user_id) asset.permissions.append(permission) permission.approved = True local_db_session.flush() if tags: asset.tags.delete() for tag in tags: tag_model = local_db_session.query(Tag).filter( Tag.name == tag).first() if not tag_model: tag_model = Tag(name=tag) local_db_session.add(tag_model) local_db_session.flush() asset.tags.append(MediaTag(tag_id=tag_model.id)) local_db_session.flush() local_db_session.commit() asset = local_db_session.query(AssetModel).filter( AssetModel.id == asset.id).first() return SaveMedia(asset=asset)