def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.data['path'] folders = [] parent = get_object_by_path(path) while parent is None: last_index = path.rfind('/') folders.append(path[last_index + 1:]) path = path[:last_index] parent = get_object_by_path(path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): for folder in reversed(folders): cDriveFolder = CDriveFolder(name=folder, owner=cDriveUser, parent=parent) cDriveFolder.save() parent = cDriveFolder cDriveFile = CDriveFile(cdrive_file=request.data['file'], name=request.data['file'].name, owner=cDriveUser, parent=parent, size=request.data['file'].size) cDriveFile.save() return Response({'file_name': request.data['file'].name}, status=status.HTTP_201_CREATED) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) path = request.data['path'] file_name = request.data['file_name'] parent = get_object_by_path(path) key = path + '/' + file_name if check_permission(parent, cDriveUser, cDriveApp, 'E'): client = boto3.client( 's3', region_name='us-east-1', config=Config(signature_version='s3v4'), aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) mpu = client.create_multipart_upload( Bucket=settings.AWS_STORAGE_BUCKET_NAME, Key=key) return Response({'uploadId': mpu['UploadId']}, status=status.HTTP_200_OK) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) service_url = request.data['serviceUrl'] service_name = request.data['serviceName'] data = {'app_name': service_name, 'redirect_url': service_url} response = requests.post(url='http://authentication/register-app/', data=data) data = response.json() lnd = string.ascii_letters + string.digits code = ''.join(random.choice(lnd) for i in range(12)) hostedService = HostedService(name=service_name, url=service_url, owner=cDriveUser, client_id=data['clientId'], client_secret=data['clientSecret'], code=code) hostedService.save() return Response(status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.query_params['path'] cDriveObject = get_object_by_path(path) if check_permission(cDriveObject, cDriveUser, cDriveApp, 'V'): client = boto3.client( 's3', region_name='us-east-1', config=Config(signature_version='s3v4'), aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) url = client.generate_presigned_url( ClientMethod='get_object', Params={ 'Bucket': settings.AWS_STORAGE_BUCKET_NAME, 'Key': path }, ExpiresIn=300) return Response({'download_url': url}, status=status.HTTP_200_OK) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) upload_id = request.data['uploadId'] data = jwt.decode(upload_id, settings.COLUMBUS_CLIENT_SECRET, algorithms='HS256') path = data['path'] last_index = path.rfind('/') parent_path = path[:path.rfind('/')] file_name = path[last_index + 1:] parent = get_object_by_path(parent_path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): resource = boto3.resource( 's3', region_name='us-east-1', aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) size = resource.Bucket( settings.AWS_STORAGE_BUCKET_NAME).Object(path).content_length cDriveFile = CDriveFile(cdrive_file=path, name=file_name, owner=cDriveUser, parent=parent, size=size) cDriveFile.save() return Response({'file_name': file_name}, status=status.HTTP_201_CREATED) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveApp.name != 'cdrive': return Response(status=status.HTTP_403_FORBIDDEN) path = request.data['path'] target_type = request.data['targetType'] target_name = request.data['name'] permission = request.data['permission'] cDriveObject = get_object_by_path(path) if cDriveObject is None: return Response(status=status.HTTP_403_FORBIDDEN) if target_type == 'application': if check_permission(cDriveObject, cDriveUser, cDriveApp, permission): target_app = get_app(target_name, cDriveUser) if target_app is None: return Response(status=status.HTTP_400_BAD_REQUEST) share_object(cDriveObject, cDriveUser, target_app, permission) else: return Response(status=status.HTTP_403_FORBIDDEN) elif target_type == 'user': if cDriveObject.owner != cDriveUser: return Response(status=status.HTTP_403_FORBIDDEN) target_user = get_user(target_name) if target_user is None: return Response(status=status.HTTP_400_BAD_REQUEST) target_app = get_app('cdrive', target_user) share_object(cDriveObject, target_user, target_app, permission) return Response(status=status.HTTP_200_OK)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.data['path'] file_name = request.data['file_name'] part_number = int(request.data['partNumber']) upload_id = request.data['uploadId'] chunk_data = request.data['chunk'] key = path + '/' + file_name client = boto3.client( 's3', region_name='us-east-1', config=Config(signature_version='s3v4'), aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) part_info = client.upload_part(Bucket=settings.AWS_STORAGE_BUCKET_NAME, Key=key, PartNumber=part_number, UploadId=upload_id, Body=chunk_data) etag = part_info['ETag'].strip('\"') return Response({'ETag': etag}, status=status.HTTP_200_OK)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) username = cDriveUser.username apps = CDriveApplication.objects.filter(owner=username) for app in apps: data = {'username': username, 'appName': app.name} response = requests.post(url='http://app-manager/stop-app', data=data) return Response(status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) username = cDriveUser.username app_name = request.query_params['app_name'] response = requests.get(url='http://app-manager/get-app-status/' + username + '/' + app_name + '/') data = response.json() return Response({'appStatus': data['appStatus']})
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) username = cDriveUser.username app_name = request.data['app_name'] data = {'username': username, 'appName': app_name} response = requests.post(url='http://app-manager/stop-app', data=data) response = requests.post(url='http://app-manager/delete-app-storage', data=data) CDriveApplication.objects.filter(owner=username, name=app_name).delete() return Response(status=status.HTTP_204_NO_CONTENT)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.query_params['path'] parent = get_object_by_path(path) data = {} if check_permission(parent, cDriveUser, cDriveApp, 'E'): data['permission'] = 'Edit' elif check_permission(parent, cDriveUser, cDriveApp, 'V'): data['permission'] = 'View' elif check_permission(parent, cDriveUser, cDriveApp, 'D'): data['permission'] = 'None' else: return Response( { 'message': 'Such a folder does not exist or you do not have permission to view contents of this folder' }, status=status.HTTP_403_FORBIDDEN) data['driveObjects'] = [] folders = CDriveFolder.objects.filter(parent=parent) for f in folders: ser = CDriveFolderSerializer(f).data if check_permission(f, cDriveUser, cDriveApp, 'E'): ser['permission'] = 'Edit' ser['type'] = 'Folder' data['driveObjects'].append(ser) elif check_permission(f, cDriveUser, cDriveApp, 'V'): ser['permission'] = 'View' ser['type'] = 'Folder' data['driveObjects'].append(ser) elif check_permission(f, cDriveUser, cDriveApp, 'D'): ser['permission'] = 'None' ser['type'] = 'Folder' data['driveObjects'].append(ser) files = CDriveFile.objects.filter(parent=parent) for f in files: ser = CDriveFileSerializer(f).data if check_permission(f, cDriveUser, cDriveApp, 'E'): ser['permission'] = 'Edit' ser['type'] = 'File' data['driveObjects'].append(ser) elif check_permission(f, cDriveUser, cDriveApp, 'V'): ser['permission'] = 'View' ser['type'] = 'File' data['driveObjects'].append(ser) return Response(data, status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.query_params['path'] folder = get_object_by_path(path) if folder is None : return Response(status=status.HTTP_403_FORBIDDEN) if not (check_permission(folder, cDriveUser, cDriveApp, 'V') or check_child_permission(folder, cDriveUser, cDriveApp)): return Response(status=status.HTTP_403_FORBIDDEN) data = {} data['driveObjects'] = serialize_folder_recursive(folder, cDriveUser, cDriveApp, path) return Response(data, status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) path = request.query_params['path'] cDriveObject = get_object_by_path(path) if check_permission(cDriveObject, cDriveUser, cDriveApp, 'V'): if cDriveObject.__class__.__name__ == 'CDriveFile': content = cDriveObject.cdrive_file.read() return Response(content, status=status.HTTP_200_OK) else: return Response(status=status.HTTP_403_FORBIDDEN) else: return Response(status=status.HTTP_403_FORBIDDEN)
def delete(self, request): cDriveUser, cDriveApp = introspect_token(request) path = request.query_params['path'] cDriveObject = get_object_by_path(path) if check_permission(cDriveObject, cDriveUser, cDriveApp, 'E'): if cDriveObject.__class__.__name__ == 'CDriveFolder': delete_folder(cDriveObject) else: cDriveObject.delete() return Response(status=status.HTTP_204_NO_CONTENT) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.data['path'] parent_path = path[:path.rfind('/')] folders = [] parent = get_object_by_path(parent_path) while parent is None: last_index = parent_path.rfind('/') folders.append(parent_path[last_index + 1:]) parent_path = parent_path[:last_index] parent = get_object_by_path(parent_path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): for folder in reversed(folders): cDriveFolder, created = CDriveFolder.objects.get_or_create( name=folder, owner=cDriveUser, parent=parent) parent = cDriveFolder client = boto3.client( 's3', region_name='us-east-1', config=Config(signature_version='s3v4'), aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) response = client.generate_presigned_post( settings.AWS_STORAGE_BUCKET_NAME, path, ExpiresIn=3600) upload_id_data = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=1), 'path': path, } upload_id = jwt.encode(upload_id_data, settings.COLUMBUS_CLIENT_SECRET, algorithm='HS256') return Response( { 'url': response['url'], 'fields': response['fields'], 'uploadId': upload_id }, status=status.HTTP_200_OK) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) path = request.data['path'] name = request.data['name'] parent = get_object_by_path(path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): cDriveFolder = CDriveFolder(name=name, owner=cDriveUser, parent=parent) cDriveFolder.save() return Response({'name': name}, status=status.HTTP_201_CREATED) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.data['path'] file_name = request.data['file_name'] upload_id = request.data['uploadId'] parts = request.data['partInfo'] size = request.data['size'] part_info = { 'Parts': [] } parts = parts.split(',') for i, part in enumerate(parts, start=1): info = { 'ETag': part, 'PartNumber': i } part_info['Parts'].append(info) key = path + '/' + file_name client = boto3.client( 's3', region_name = 'us-east-1', config=Config(signature_version='s3v4'), aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) client.complete_multipart_upload( Bucket=settings.AWS_STORAGE_BUCKET_NAME, Key=key, UploadId=upload_id, MultipartUpload=part_info ) parent = get_object_by_path(path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): cDriveFile = CDriveFile( cdrive_file = path + '/' + file_name, name = file_name, owner = cDriveUser, parent = parent, size = size ) cDriveFile.save() return Response({'file_name':file_name}, status=status.HTTP_201_CREATED) else : return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) path = request.data['path'] parent = get_object_by_path(path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): cDriveFile = CDriveFile(cdrive_file=request.data['file'], name=request.data['file'].name, owner=cDriveUser, parent=parent, size=request.data['file'].size) cDriveFile.save() return Response({'file_name': request.data['file'].name}, status=status.HTTP_201_CREATED) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) username = cDriveUser.username app_name = request.data['app_name'] cDriveApplication = CDriveApplication.objects.filter(owner=cDriveUser, name=app_name)[0] data = { 'imagePath': cDriveApplication.image, 'username': username, 'appName': app_name, 'clientId': cDriveApplication.client_id, 'clientSecret': cDriveApplication.client_secret } response = requests.post(url='http://app-manager/start-app', data=data) return Response(status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) path = request.query_params['path'] parent = get_object_by_path(path) data = {} if check_permission(parent, cDriveUser, cDriveApp, 'E'): data['permission'] = 'Edit' else: data['permission'] = 'View' data['driveObjects'] = [] folders = CDriveFolder.objects.filter(parent=parent) for f in folders: ser = CDriveFolderSerializer(f).data if check_permission(f, cDriveUser, cDriveApp, 'E'): ser['permission'] = 'Edit' ser['type'] = 'Folder' data['driveObjects'].append(ser) elif check_permission(f, cDriveUser, cDriveApp, 'V'): ser['permission'] = 'View' ser['type'] = 'Folder' data['driveObjects'].append(ser) elif check_child_permission(f, cDriveUser, cDriveApp): ser['permission'] = 'View' ser['type'] = 'Folder' data['driveObjects'].append(ser) files = CDriveFile.objects.filter(parent=parent) for f in files: ser = CDriveFileSerializer(f).data if check_permission(f, cDriveUser, cDriveApp, 'E'): ser['permission'] = 'Edit' ser['type'] = 'File' data['driveObjects'].append(ser) elif check_permission(f, cDriveUser, cDriveApp, 'V'): ser['permission'] = 'View' ser['type'] = 'File' data['driveObjects'].append(ser) return Response(data, status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) path = request.query_params['path'] cDriveObject = get_object_by_path(path) if check_permission(cDriveObject, cDriveUser, cDriveApp, 'V'): if cDriveObject.__class__.__name__ == 'CDriveFile': data = [] csvString = io.StringIO( cDriveObject.cdrive_file.read().decode("utf-8")) csvReader = csv.DictReader(csvString) for row in csvReader: data.append(row) return Response(data, status=status.HTTP_200_OK) else: return Response(status=status.HTTP_403_FORBIDDEN) else: return Response(status=status.HTTP_403_FORBIDDEN)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) username = cDriveUser.username app_docker_link = request.data['app_docker_link'] start_index = app_docker_link.rfind('/') end_index = app_docker_link.rfind(':') if end_index == -1: end_index = len(app_docker_link) app_name = app_docker_link[start_index + 1:end_index] data = { 'app_name': app_name, 'redirect_url': settings.APPS_ROOT + username + '/' + app_name + '/' } response = requests.post(url='http://authentication/register-app/', data=data) data = response.json() client_id = data['clientId'] client_secret = data['clientSecret'] data = { 'imagePath': app_docker_link, 'username': username, 'appName': app_name, 'clientId': client_id, 'clientSecret': client_secret } response = requests.post(url='http://app-manager/start-app', data=data) cDriveApplication = CDriveApplication(name=app_name, url=settings.APPS_ROOT + username + '/' + app_name + '/', image=app_docker_link, owner=cDriveUser, client_id=client_id, client_secret=client_secret) cDriveApplication.save() return Response({'appName': app_name}, status=status.HTTP_201_CREATED)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) if cDriveUser == None: return Response(status=status.HTTP_401_UNAUTHORIZED) original_path = request.data['path'] file_name = request.data['file_name'] folders = [] path = original_path parent = get_object_by_path(path) while parent is None: last_index = path.rfind('/') folders.append(path[last_index+1:]) path = path[:last_index] parent = get_object_by_path(path) if check_permission(parent, cDriveUser, cDriveApp, 'E'): for folder in reversed(folders): cDriveFolder = CDriveFolder( name = folder, owner = cDriveUser, parent = parent ) cDriveFolder.save() parent = cDriveFolder key = original_path + '/' + file_name client = boto3.client( 's3', region_name = 'us-east-1', config=Config(signature_version='s3v4'), aws_access_key_id=settings.AWS_ACCESS_KEY_ID, aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY, ) mpu = client.create_multipart_upload(Bucket=settings.AWS_STORAGE_BUCKET_NAME, Key=key) return Response({'uploadId': mpu['UploadId']}, status=status.HTTP_200_OK) else : return Response(status=status.HTTP_403_FORBIDDEN)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) queryset = HostedService.objects.filter(owner=cDriveUser) serializer = HostedServiceSerializer(queryset, many=True) return Response(serializer.data, status=status.HTTP_200_OK)
def get(self, request): cDriveUser, cDriveApp = introspect_token(request) queryset = CDriveApplication.objects.filter(owner=cDriveUser).exclude( name='cdrive') serializer = CDriveApplicationSerializer(queryset, many=True) return Response(serializer.data, status=status.HTTP_200_OK)
def post(self, request): cDriveUser, cDriveApp = introspect_token(request) url = request.data['service_url'] HostedService.objects.filter(owner=cDriveUser, url=url).delete() return Response(status=status.HTTP_204_NO_CONTENT)