def item_delete_response(self, coll_id, entity_id, no_entity_msg,
confirm_msg, complete_action_view,
continuation_next):
redirect_uri = None
http_response = None
if entity_id:
# Get user to confirm action before actually doing it
confirmed_action_uri = self.view_uri(complete_action_view,
coll_id=coll_id)
message_vals = {'id': entity_id, 'coll_id': coll_id}
http_response = (ConfirmView.render_form(
self.request,
action_description=confirm_msg % message_vals,
confirmed_action_uri=confirmed_action_uri,
action_params=self.request.POST,
cancel_action_uri=self.get_request_path(),
title=self.site_data()["title"]))
else:
redirect_uri = (self.check_value_supplied(entity_id, no_entity_msg,
continuation_next))
return redirect_uri, http_response
def post(self,
request,
coll_id=None,
type_id=None,
list_id=None,
scope=None):
"""
Handle response from dynamically generated list display form.
"""
log.info("views.entitylist.post: coll_id %s, type_id %s, list_id %s" %
(coll_id, type_id, list_id))
# log.info(" %s"%(self.get_request_path()))
# log.info(" form data %r"%(request.POST))
continuation_next, continuation_here = self.continuation_urls(
request.POST, None
# self.view_uri("AnnalistSiteView")
# self.view_uri("AnnalistCollectionEditView", coll_id=coll_id)
)
if 'close' in request.POST:
return HttpResponseRedirect(
continuation_next.get('continuation_url',
self.view_uri("AnnalistSiteView")))
# Not "Close": set up list parameters
listinfo = self.list_setup(coll_id, type_id, list_id)
if listinfo.http_response:
return listinfo.http_response
# Process requested action
redirect_uri = None
entity_ids = request.POST.getlist('entity_select')
log.debug("entity_ids %r" % (entity_ids))
if len(entity_ids) > 1:
action = ""
redirect_uri = self.check_value_supplied(
None, message.TOO_MANY_ENTITIES_SEL)
else:
(entity_type, entity_id) = (entity_ids[0].split("/") if
len(entity_ids) == 1 else (None, None))
entity_type = entity_type or type_id or listinfo.get_list_type_id()
if "new" in request.POST:
action = "new"
redirect_uri = uri_with_params(
listinfo.get_new_view_uri(coll_id, entity_type),
continuation_here)
if "copy" in request.POST:
action = "copy"
redirect_uri = (self.check_value_supplied(
entity_id,
message.NO_ENTITY_FOR_COPY,
continuation_url=continuation_next) or uri_with_params(
listinfo.get_edit_view_uri(coll_id, entity_type,
entity_id, action),
continuation_here))
if "edit" in request.POST:
action = "edit"
redirect_uri = (self.check_value_supplied(
entity_id,
message.NO_ENTITY_FOR_EDIT,
continuation_url=continuation_next) or uri_with_params(
listinfo.get_edit_view_uri(coll_id, entity_type,
entity_id, action),
continuation_here))
if "delete" in request.POST:
action = "delete"
redirect_uri = (self.check_value_supplied(
entity_id,
message.NO_ENTITY_FOR_DELETE,
continuation_url=continuation_next)
or listinfo.check_collection_entity(
entity_id,
entity_type,
message.SITE_ENTITY_FOR_DELETE %
{'id': entity_id},
continuation_url=continuation_next)
or self.check_delete_type_values(
listinfo,
entity_id,
entity_type,
message.TYPE_VALUES_FOR_DELETE %
{'type_id': entity_id},
continuation_url=continuation_next))
if not redirect_uri:
# Get user to confirm action before actually doing it
confirmed_action_uri = self.view_uri(
"AnnalistEntityDataDeleteView",
coll_id=coll_id,
type_id=entity_type)
# log.info("coll_id %s, type_id %s, confirmed_action_uri %s"%(coll_id, entity_type, confirmed_action_uri))
delete_params = dict_querydict({
"entity_delete": ["Delete"],
"entity_id": [entity_id],
"completion_url":
[continuation_here['continuation_url']],
"continuation_url":
[continuation_next.get('continuation_url')],
"search_for": [request.POST['search_for']]
})
message_vals = {
'id': entity_id,
'type_id': entity_type,
'coll_id': coll_id
}
typeinfo = listinfo.entitytypeinfo
if typeinfo is None:
typeinfo = EntityTypeInfo(listinfo.site,
listinfo.collection,
entity_type)
return (self.form_action_auth(
"delete", listinfo.collection,
typeinfo.permissions_map) or ConfirmView.render_form(
request,
action_description=message.REMOVE_ENTITY_DATA %
message_vals,
confirmed_action_uri=confirmed_action_uri,
action_params=delete_params,
cancel_action_uri=self.get_request_path(),
title=self.site_data()["title"]))
if "default_view" in request.POST:
if listinfo.entitytypeinfo:
permissions_map = listinfo.entitytypeinfo.permissions_map
else:
permissions_map = CONFIG_PERMISSIONS
auth_check = self.form_action_auth("config",
listinfo.collection,
permissions_map)
if auth_check:
return auth_check
listinfo.collection.set_default_list(list_id)
action = "list"
msg = message.DEFAULT_VIEW_UPDATED % {
'coll_id': coll_id,
'list_id': list_id
}
redirect_uri = (uri_with_params(self.get_request_path(),
self.info_params(msg),
continuation_next))
if ("view" in request.POST) or ("view_all" in request.POST):
action = "list"
search = request.POST['search_for']
params = continuation_next
if search:
params = dict(params, search=search)
list_uri_params = ({
'coll_id': coll_id,
'list_id': request.POST['list_choice']
})
if "view_all" in request.POST:
list_uri_params['scope'] = "all"
#@@
# if type_id:
# list_uri_params.update({'type_id': type_id})
#@@
redirect_uri = (uri_with_params(
self.view_uri("AnnalistEntityGenericList",
**list_uri_params), params))
if "customize" in request.POST:
action = "config"
redirect_uri = (uri_with_params(
self.view_uri("AnnalistCollectionEditView",
coll_id=coll_id), continuation_here))
if redirect_uri:
return (listinfo.check_authorization(action)
or HttpResponseRedirect(redirect_uri))
# Report unexpected form data
# This shouldn't happen, but just in case...
# Redirect to continuation with error
log.error("Unexpected form data posted to %s: %r" %
(request.get_full_path(), request.POST))
err_values = self.error_params(
message.UNEXPECTED_FORM_DATA % (request.POST),
message.SYSTEM_ERROR)
redirect_uri = uri_with_params(continuation_next['continuation_url'],
err_values)
return HttpResponseRedirect(redirect_uri)
#
# /c/<coll-id>/l/<list-id>/ specified list of records
# /c/<coll-id>/l/<list-id>/<type-id> specified list of records of specified type
# /c/<coll-id>/v/<view-id>/<type-id>/<entity-id> specified view of record
#
# Suffixes /!new, /!copy, /!edit, /!delete, etc. are used for forms that are part of the
# user interface for editing collections and resources, and do not of themselves identify
# persistent resources.
urlpatterns = [
# Site pages
url(r'^$', AnnalistHomeView.as_view(), name='AnnalistHomeView'),
url(r'^site/$', SiteView.as_view(), name='AnnalistSiteView'),
url(r'^site/!action$', SiteActionView.as_view(), name='AnnalistSiteActionView'),
url(r'^confirm/$', ConfirmView.as_view(), name='AnnalistConfirmView'),
url(r'^serverlog/$', ServerLogView.as_view(), name='AnnalistServerLogView'),
# Special forms for collection view, customize and type/view/list deletion
url(r'^c/(?P<coll_id>\w{1,128})/$',
CollectionView.as_view(),
name='AnnalistCollectionView'),
url(r'^c/(?P<coll_id>\w{1,128})/!edit$',
CollectionEditView.as_view(),
name='AnnalistCollectionEditView'),
url(r'^c/(?P<coll_id>\w{1,128})/d/types/!delete_confirmed$',
RecordTypeDeleteConfirmedView.as_view(),
name='AnnalistRecordTypeDeleteView'),
url(r'^c/(?P<coll_id>\w{1,128})/d/views/!delete_confirmed$',
RecordViewDeleteConfirmedView.as_view(),
name='AnnalistRecordViewDeleteView'),
def post(self, request, coll_id=None, type_id=None, list_id=None):
"""
Handle response from dynamically generated list display form.
"""
log.info("views.entitylist.post: coll_id %s, type_id %s, list_id %s"%(coll_id, type_id, list_id))
log.log(settings.TRACE_FIELD_VALUE, " %s"%(self.get_request_path()))
log.log(settings.TRACE_FIELD_VALUE, " form data %r"%(request.POST))
listinfo = self.list_setup(coll_id, type_id, list_id, request.POST.dict())
if listinfo.http_response:
return listinfo.http_response
if 'close' in request.POST:
return HttpResponseRedirect(listinfo.get_continuation_url() or self.collection_view_url)
# Process requested action
redirect_uri = None
entity_ids = request.POST.getlist('entity_select')
log.debug("entity_ids %r"%(entity_ids))
if len(entity_ids) > 1:
action = ""
redirect_uri = self.check_value_supplied(
None, message.TOO_MANY_ENTITIES_SEL,
continuation_url=listinfo.get_continuation_url()
)
else:
entity_type = type_id or listinfo.get_list_type_id()
entity_id = None
if len(entity_ids) == 1:
(entity_type, entity_id) = split_type_entity_id(entity_ids[0], entity_type)
if "new" in request.POST:
action = "new"
redirect_uri = uri_with_params(
listinfo.get_new_view_uri(coll_id, entity_type),
{'continuation_url': listinfo.get_continuation_here()}
)
if "copy" in request.POST:
action = "copy"
redirect_uri = (
self.check_value_supplied(entity_id,
message.NO_ENTITY_FOR_COPY,
continuation_url=listinfo.get_continuation_url()
)
or
uri_with_params(
listinfo.get_edit_view_uri(
coll_id, entity_type, entity_id, action
),
{'continuation_url': listinfo.get_continuation_here()}
)
)
if "edit" in request.POST:
action = "edit"
redirect_uri = (
self.check_value_supplied(entity_id,
message.NO_ENTITY_FOR_EDIT,
continuation_url=listinfo.get_continuation_url()
)
or
uri_with_params(
listinfo.get_edit_view_uri(
coll_id, entity_type, entity_id, action
),
{'continuation_url': listinfo.get_continuation_here()}
)
)
if "delete" in request.POST:
action = "delete"
redirect_uri = (
self.check_value_supplied(entity_id,
message.NO_ENTITY_FOR_DELETE,
continuation_url=listinfo.get_continuation_url()
)
or
listinfo.check_collection_entity(entity_id, entity_type,
message.SITE_ENTITY_FOR_DELETE%{'id': entity_id}
)
or
self.check_delete_type_values(listinfo,
entity_id, entity_type,
message.TYPE_VALUES_FOR_DELETE%{'type_id': entity_id}
)
)
if not redirect_uri:
# Get user to confirm action before actually doing it
confirmed_action_uri = self.view_uri(
"AnnalistEntityDataDeleteView",
coll_id=coll_id, type_id=entity_type
)
# log.info("coll_id %s, type_id %s, confirmed_action_uri %s"%(coll_id, entity_type, confirmed_action_uri))
delete_params = dict_querydict(
{ "entity_delete": ["Delete"]
, "entity_id": [entity_id]
, "completion_url": [listinfo.get_continuation_here()]
, "search_for": [request.POST['search_for']]
})
curi = listinfo.get_continuation_url()
if curi:
dict_querydict["continuation_url"] = [curi]
message_vals = {'id': entity_id, 'type_id': entity_type, 'coll_id': coll_id}
typeinfo = listinfo.entitytypeinfo
if typeinfo is None:
typeinfo = EntityTypeInfo(listinfo.collection, entity_type)
return (
self.form_action_auth(
"delete", listinfo.collection, typeinfo.permissions_map
) or
ConfirmView.render_form(request,
action_description= message.REMOVE_ENTITY_DATA%message_vals,
confirmed_action_uri= confirmed_action_uri,
action_params= delete_params,
cancel_action_uri= listinfo.get_continuation_here(),
title= self.site_data()["title"]
)
)
if "default_view" in request.POST:
if listinfo.entitytypeinfo:
permissions_map = listinfo.entitytypeinfo.permissions_map
else:
permissions_map = CONFIG_PERMISSIONS
auth_check = self.form_action_auth("config", listinfo.collection, permissions_map)
if auth_check:
return auth_check
listinfo.collection.set_default_list(list_id)
action = "list"
msg = message.DEFAULT_LIST_UPDATED%{'coll_id': coll_id, 'list_id': list_id}
redirect_uri = (
uri_with_params(
self.get_request_path(),
self.info_params(msg),
listinfo.get_continuation_url_dict()
)
)
if ( ("list_type" in request.POST) or ("list_all" in request.POST) ):
action = "list"
redirect_uri = self.get_list_url(
coll_id, extract_entity_id(request.POST['list_choice']),
type_id=None if "list_all" in request.POST else type_id,
scope="all" if "list_scope_all" in request.POST else None,
search=request.POST['search_for'],
query_params=listinfo.get_continuation_url_dict()
)
if "customize" in request.POST:
action = "config"
redirect_uri = (
uri_with_params(
self.view_uri(
"AnnalistCollectionEditView",
coll_id=coll_id
),
{'continuation_url': listinfo.get_continuation_here()}
)
)
if redirect_uri:
return (
listinfo.check_authorization(action) or
HttpResponseRedirect(redirect_uri)
)
# Report unexpected form data
# This shouldn't happen, but just in case...
# Redirect to continuation with error
log.error("Unexpected form data posted to %s: %r"%(request.get_full_path(), request.POST))
err_values = self.error_params(
message.UNEXPECTED_FORM_DATA%(request.POST),
message.SYSTEM_ERROR
)
redirect_uri = uri_with_params(listinfo.get_continuation_next(), err_values)
return HttpResponseRedirect(redirect_uri)
#
# Suffixes /!new, /!copy, /!edit, /!delete, etc. are used for forms that are opart of the
# user interface for editing collections and resources, and do not of themselves identify
# persistent resources.
urlpatterns = patterns(
'',
# Site pages
url(r'^$', AnnalistHomeView.as_view(), name='AnnalistHomeView'),
url(r'^site/$', SiteView.as_view(), name='AnnalistSiteView'),
url(r'^site/!action$',
SiteActionView.as_view(),
name='AnnalistSiteActionView'),
url(r'^profile/$', ProfileView.as_view(), name='AnnalistProfileView'),
url(r'^confirm/$', ConfirmView.as_view(), name='AnnalistConfirmView'),
# Special forms
url(r'^c/(?P<coll_id>\w{0,32})/$',
CollectionView.as_view(),
name='AnnalistCollectionView'),
url(r'^c/(?P<coll_id>\w{0,32})/!edit$',
CollectionEditView.as_view(),
name='AnnalistCollectionEditView'),
url(r'^c/(?P<coll_id>\w{0,32})/_annalist_collection/users/!delete_confirmed$',
AnnalistUserDeleteConfirmedView.as_view(),
name='AnnalistUserDeleteView'),
url(r'^c/(?P<coll_id>\w{0,32})/_annalist_collection/types/!delete_confirmed$',
RecordTypeDeleteConfirmedView.as_view(),
name='AnnalistRecordTypeDeleteView'),
url(r'^c/(?P<coll_id>\w{0,32})/_annalist_collection/views/!delete_confirmed$',
def post(self, request):
"""
Process options to add or remove a collection in an Annalist site
"""
log.debug("site.post: %r" % (request.POST.lists()))
collections = request.POST.getlist("select", [])
coll_id = collections[0] if collections else "_"
coll_ids = {'ids': ", ".join(collections)}
perm_req = None
perm_scope = None
none_msg = None
many_msg = None
redirect_uri = None
http_response = None
# Process POST option
if "view" in request.POST:
# Collection data is considered part of configuration, hence CONFIG_PERMISSIONS:
perm_req = CONFIG_PERMISSIONS["view"]
# Use Collection or Site permissions:
perm_scope = "all"
none_msg = message.NO_COLLECTION_VIEW
many_msg = message.MANY_COLLECTIONS_VIEW
target_uri = self.view_uri("AnnalistEntityEditView",
coll_id=layout.SITEDATA_ID,
view_id="Collection_view",
type_id="_coll",
entity_id=coll_id,
action="view")
redirect_uri = uri_with_params(
target_uri, {'continuation_url': self.continuation_here()})
elif "edit" in request.POST:
perm_req = CONFIG_PERMISSIONS["edit"]
perm_scope = "all"
none_msg = message.NO_COLLECTION_EDIT
many_msg = message.MANY_COLLECTIONS_EDIT
target_uri = self.view_uri("AnnalistEntityEditView",
coll_id=layout.SITEDATA_ID,
view_id="Collection_view",
type_id="_coll",
entity_id=coll_id,
action="edit")
redirect_uri = uri_with_params(
target_uri, {'continuation_url': self.continuation_here()})
elif "remove" in request.POST:
perm_req = "DELETE_COLLECTION"
perm_scope = "all" # Collection or site permissions
none_msg = message.NO_COLLECTIONS_REMOVE
elif "new" in request.POST:
perm_req = "CREATE_COLLECTION"
perm_scope = "site" # Site permission required
new_id = request.POST["new_id"]
new_label = request.POST["new_label"]
# Common checks
if none_msg and not collections:
http_response = self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=none_msg,
info_head=message.NO_ACTION_PERFORMED)
elif many_msg and len(collections) > 1:
http_response = self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=many_msg % coll_ids,
info_head=message.NO_ACTION_PERFORMED)
elif perm_req:
if perm_scope == "all":
# Check collections for permissions
for cid in collections:
if http_response is None:
site = self.site(host=self.get_request_host())
sitedata = self.site_data()
coll = Collection.load(site, cid, altscope="site")
http_response = (
self.authorize("ADMIN", coll)
and # Either of these...
self.authorize(perm_req, coll))
coll = None
else:
# Check site only for permissions
http_response = (self.authorize("ADMIN", None)
and self.authorize(perm_req, None))
if http_response is not None:
return http_response
# Perform selected option
if redirect_uri:
log.info("Redirect to %s" % redirect_uri)
return HttpResponseRedirect(redirect_uri)
if "remove" in request.POST:
if layout.SITEDATA_ID in collections:
log.warning("Attempt to delete site data collection %(ids)s" %
(coll_ids))
http_response = self.error(
self.error403values(scope="DELETE_SITE"))
else:
http_response = ConfirmView.render_form(
request,
action_description=message.REMOVE_COLLECTIONS % coll_ids,
action_params=request.POST,
confirmed_action_uri=self.view_uri(
'AnnalistSiteActionView'),
cancel_action_uri=self.view_uri('AnnalistSiteView'),
title=self.site_data()["title"])
return http_response
if "new" in request.POST:
log.info("New collection %s: %s" % (new_id, new_label))
error_message = None
if not new_id:
error_message = message.MISSING_COLLECTION_ID
elif not util.valid_id(new_id):
error_message = message.INVALID_COLLECTION_ID % {
'coll_id': new_id
}
if error_message:
return self.redirect_error(self.view_uri("AnnalistSiteView"),
error_message=error_message)
coll_meta = ({RDFS.CURIE.label: new_label, RDFS.CURIE.comment: ""})
# Add collection
coll = self.site().add_collection(new_id, coll_meta)
coll.generate_coll_jsonld_context()
user = self.request.user
user_id = user.username
user_uri = "mailto:" + user.email
user_name = "%s %s" % (user.first_name, user.last_name)
user_description = "User %s: permissions for %s in collection %s" % (
user_id, user_name, new_id)
coll.create_user_permissions(user_id,
user_uri,
user_name,
user_description,
user_permissions=[
"VIEW", "CREATE", "UPDATE",
"DELETE", "CONFIG", "ADMIN"
])
return self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=message.CREATED_COLLECTION_ID %
{'coll_id': new_id})
# elif "remove" in request.POST:
# collections = request.POST.getlist("select", [])
# if collections:
# # Check authorization
# if layout.SITEDATA_ID in collections:
# log.warning("Attempt to delete site data collection %r"%(collections))
# auth_required = self.error(self.error403values(scope="DELETE_SITE"))
# else:
# auth_required = (
# self.authorize("ADMIN", None) and # either of these..
# self.authorize("DELETE_COLLECTION", None)
# )
# return (
# # Get user to confirm action before actually doing it
# auth_required or
# ConfirmView.render_form(request,
# action_description= message.REMOVE_COLLECTIONS%{'ids': ", ".join(collections)},
# action_params= request.POST,
# confirmed_action_uri= self.view_uri('AnnalistSiteActionView'),
# cancel_action_uri= self.view_uri('AnnalistSiteView'),
# title= self.site_data()["title"]
# )
# )
# else:
# return self.redirect_info(
# self.view_uri("AnnalistSiteView"),
# info_message=message.NO_COLLECTIONS_REMOVE, info_head=message.NO_ACTION_PERFORMED
# )
# if "new" in request.POST:
# # Create new collection with name and label supplied
# new_id = request.POST["new_id"]
# new_label = request.POST["new_label"]
# log.debug("New collection %s: %s"%(new_id, new_label))
# if not new_id:
# return self.redirect_error(
# self.view_uri("AnnalistSiteView"),
# error_message=message.MISSING_COLLECTION_ID
# )
# if not util.valid_id(new_id):
# return self.redirect_error(
# self.view_uri("AnnalistSiteView"),
# error_message=message.INVALID_COLLECTION_ID%{'coll_id': new_id}
# )
# # Create new collection with name and label supplied
# auth_required = (
# self.authorize("ADMIN", None) and # either of these..
# self.authorize("CREATE_COLLECTION", None)
# )
# if auth_required:
# return auth_required
# coll_meta = (
# { RDFS.CURIE.label: new_label
# , RDFS.CURIE.comment: ""
# })
# coll = self.site().add_collection(new_id, coll_meta)
# # Generate initial context
# coll.generate_coll_jsonld_context()
# # Create full permissions in new collection for creating user
# user = self.request.user
# user_id = user.username
# user_uri = "mailto:"+user.email
# user_name = "%s %s"%(user.first_name, user.last_name)
# user_description = "User %s: permissions for %s in collection %s"%(user_id, user_name, new_id)
# coll.create_user_permissions(
# user_id, user_uri,
# user_name, user_description,
# user_permissions=["VIEW", "CREATE", "UPDATE", "DELETE", "CONFIG", "ADMIN"]
# )
# return self.redirect_info(
# self.view_uri("AnnalistSiteView"),
# info_message=message.CREATED_COLLECTION_ID%{'coll_id': new_id}
# )
log.warning("Invalid POST request: %r" % (request.POST.lists()))
return self.error(self.error400values())
def post(self, request):
"""
Process options to add or remove a collection in an Annalist site
"""
log.debug("site.post: %r" % (request.POST.lists()))
if "remove" in request.POST:
collections = request.POST.getlist("select", [])
if collections:
# Get user to confirm action before actually doing it
auth_required = (
self.authorize("ADMIN", None) and # either of these..
self.authorize("DELETE_COLLECTION", None))
return (auth_required or ConfirmView.render_form(
request,
action_description=message.REMOVE_COLLECTIONS %
{'ids': ", ".join(collections)},
action_params=request.POST,
confirmed_action_uri=self.view_uri(
'AnnalistSiteActionView'),
cancel_action_uri=self.view_uri('AnnalistSiteView'),
title=self.site_data()["title"]))
else:
return self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=message.NO_COLLECTIONS_SELECTED,
info_head=message.NO_ACTION_PERFORMED)
if "new" in request.POST:
# Create new collection with name and label supplied
new_id = request.POST["new_id"]
new_label = request.POST["new_label"]
log.debug("New collection %s: %s" % (new_id, new_label))
if not new_id:
return self.redirect_error(
self.view_uri("AnnalistSiteView"),
error_message=message.MISSING_COLLECTION_ID)
if not util.valid_id(new_id):
return self.redirect_error(
self.view_uri("AnnalistSiteView"),
error_message=message.INVALID_COLLECTION_ID %
{'coll_id': new_id})
# Create new collection with name and label supplied
auth_required = (
self.authorize("ADMIN", None) and # either of these..
self.authorize("CREATE_COLLECTION", None))
if auth_required:
return auth_required
coll_meta = ({RDFS.CURIE.label: new_label, RDFS.CURIE.comment: ""})
coll = self.site().add_collection(new_id, coll_meta)
# Create full permissions in new collection for creating user
user = self.request.user
user_id = user.username
user_uri = "mailto:" + user.email
user_name = "%s %s" % (user.first_name, user.last_name)
user_description = "User %s: permissions for %s in collection %s" % (
user_id, user_name, new_id)
coll.create_user_permissions(user_id,
user_uri,
user_name,
user_description,
user_permissions=[
"VIEW", "CREATE", "UPDATE",
"DELETE", "CONFIG", "ADMIN"
])
return self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=message.CREATED_COLLECTION_ID %
{'coll_id': new_id})
return self.error(self.error400values())
def post(self, request):
"""
Process options to add or remove a collection in an Annalist site
"""
log.debug("site.post: %r"%(request.POST.lists()))
collections = request.POST.getlist("select", [])
coll_id = collections[0] if collections else "_"
coll_ids = {'ids': ", ".join(collections)}
perm_req = None
perm_scope = None
none_msg = None
many_msg = None
redirect_uri = None
http_response = None
# Process POST option
if "view" in request.POST:
# Collection data is considered part of configuration, hence CONFIG_PERMISSIONS:
perm_req = CONFIG_PERMISSIONS["view"]
# Use Collection or Site permissions:
perm_scope = "all"
none_msg = message.NO_COLLECTION_VIEW
many_msg = message.MANY_COLLECTIONS_VIEW
target_uri = self.view_uri("AnnalistEntityEditView",
coll_id=layout.SITEDATA_ID,
view_id="Collection_view",
type_id="_coll",
entity_id=coll_id,
action="view"
)
redirect_uri = uri_with_params(
target_uri,
{'continuation_url': self.continuation_here()}
)
elif "edit" in request.POST:
perm_req = CONFIG_PERMISSIONS["edit"]
perm_scope = "all"
none_msg = message.NO_COLLECTION_EDIT
many_msg = message.MANY_COLLECTIONS_EDIT
target_uri = self.view_uri("AnnalistEntityEditView",
coll_id=layout.SITEDATA_ID,
view_id="Collection_view",
type_id="_coll",
entity_id=coll_id,
action="edit"
)
redirect_uri = uri_with_params(
target_uri,
{'continuation_url': self.continuation_here()}
)
elif "remove" in request.POST:
perm_req = "DELETE_COLLECTION"
perm_scope = "all" # Collection or site permissions
none_msg = message.NO_COLLECTIONS_REMOVE
elif "new" in request.POST:
perm_req = "CREATE_COLLECTION"
perm_scope = "site" # Site permission required
new_id = request.POST["new_id"]
new_label = request.POST["new_label"]
# Common checks
if none_msg and not collections:
http_response = self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=none_msg, info_head=message.NO_ACTION_PERFORMED
)
elif many_msg and len(collections) > 1:
http_response = self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=many_msg%coll_ids,
info_head=message.NO_ACTION_PERFORMED
)
elif perm_req:
if perm_scope == "all":
# Check collections for permissions
for cid in collections:
if http_response is None:
site = self.site(host=self.get_request_host())
sitedata = self.site_data()
coll = Collection.load(site, cid, altscope="site")
http_response = (
self.authorize("ADMIN", coll) and # Either of these...
self.authorize(perm_req, coll)
)
coll = None
else:
# Check site only for permissions
http_response = (
self.authorize("ADMIN", None) and
self.authorize(perm_req, None)
)
if http_response is not None:
return http_response
# Perform selected option
if redirect_uri:
log.info("Redirect to %s"%redirect_uri)
return HttpResponseRedirect(redirect_uri)
if "remove" in request.POST:
if layout.SITEDATA_ID in collections:
log.warning("Attempt to delete site data collection %(ids)s"%(coll_ids))
http_response = self.error(self.error403values(scope="DELETE_SITE"))
else:
http_response = ConfirmView.render_form(request,
action_description= message.REMOVE_COLLECTIONS%coll_ids,
action_params= request.POST,
confirmed_action_uri= self.view_uri('AnnalistSiteActionView'),
cancel_action_uri= self.view_uri('AnnalistSiteView'),
title= self.site_data()["title"]
)
return http_response
if "new" in request.POST:
log.info("New collection %s: %s"%(new_id, new_label))
error_message = None
if not new_id:
error_message = message.MISSING_COLLECTION_ID
elif not util.valid_id(new_id):
error_message = message.INVALID_COLLECTION_ID%{'coll_id': new_id}
if error_message:
return self.redirect_error(
self.view_uri("AnnalistSiteView"),
error_message=error_message
)
coll_meta = (
{ RDFS.CURIE.label: new_label
, RDFS.CURIE.comment: ""
})
# Add collection
coll = self.site().add_collection(new_id, coll_meta)
coll.generate_coll_jsonld_context()
user = self.request.user
user_id = user.username
user_uri = "mailto:"+user.email
user_name = "%s %s"%(user.first_name, user.last_name)
user_description = "User %s: permissions for %s in collection %s"%(user_id, user_name, new_id)
coll.create_user_permissions(
user_id, user_uri,
user_name, user_description,
user_permissions=["VIEW", "CREATE", "UPDATE", "DELETE", "CONFIG", "ADMIN"]
)
return self.redirect_info(
self.view_uri("AnnalistSiteView"),
info_message=message.CREATED_COLLECTION_ID%{'coll_id': new_id}
)
# elif "remove" in request.POST:
# collections = request.POST.getlist("select", [])
# if collections:
# # Check authorization
# if layout.SITEDATA_ID in collections:
# log.warning("Attempt to delete site data collection %r"%(collections))
# auth_required = self.error(self.error403values(scope="DELETE_SITE"))
# else:
# auth_required = (
# self.authorize("ADMIN", None) and # either of these..
# self.authorize("DELETE_COLLECTION", None)
# )
# return (
# # Get user to confirm action before actually doing it
# auth_required or
# ConfirmView.render_form(request,
# action_description= message.REMOVE_COLLECTIONS%{'ids': ", ".join(collections)},
# action_params= request.POST,
# confirmed_action_uri= self.view_uri('AnnalistSiteActionView'),
# cancel_action_uri= self.view_uri('AnnalistSiteView'),
# title= self.site_data()["title"]
# )
# )
# else:
# return self.redirect_info(
# self.view_uri("AnnalistSiteView"),
# info_message=message.NO_COLLECTIONS_REMOVE, info_head=message.NO_ACTION_PERFORMED
# )
# if "new" in request.POST:
# # Create new collection with name and label supplied
# new_id = request.POST["new_id"]
# new_label = request.POST["new_label"]
# log.debug("New collection %s: %s"%(new_id, new_label))
# if not new_id:
# return self.redirect_error(
# self.view_uri("AnnalistSiteView"),
# error_message=message.MISSING_COLLECTION_ID
# )
# if not util.valid_id(new_id):
# return self.redirect_error(
# self.view_uri("AnnalistSiteView"),
# error_message=message.INVALID_COLLECTION_ID%{'coll_id': new_id}
# )
# # Create new collection with name and label supplied
# auth_required = (
# self.authorize("ADMIN", None) and # either of these..
# self.authorize("CREATE_COLLECTION", None)
# )
# if auth_required:
# return auth_required
# coll_meta = (
# { RDFS.CURIE.label: new_label
# , RDFS.CURIE.comment: ""
# })
# coll = self.site().add_collection(new_id, coll_meta)
# # Generate initial context
# coll.generate_coll_jsonld_context()
# # Create full permissions in new collection for creating user
# user = self.request.user
# user_id = user.username
# user_uri = "mailto:"+user.email
# user_name = "%s %s"%(user.first_name, user.last_name)
# user_description = "User %s: permissions for %s in collection %s"%(user_id, user_name, new_id)
# coll.create_user_permissions(
# user_id, user_uri,
# user_name, user_description,
# user_permissions=["VIEW", "CREATE", "UPDATE", "DELETE", "CONFIG", "ADMIN"]
# )
# return self.redirect_info(
# self.view_uri("AnnalistSiteView"),
# info_message=message.CREATED_COLLECTION_ID%{'coll_id': new_id}
# )
log.warning("Invalid POST request: %r"%(request.POST.lists()))
return self.error(self.error400values())
def post(self, request, coll_id=None, type_id=None, list_id=None):
"""
Handle response from dynamically generated list display form.
"""
log.info("views.entitylist.post: coll_id %s, type_id %s, list_id %s" %
(coll_id, type_id, list_id))
log.log(settings.TRACE_FIELD_VALUE, " %s" % (self.get_request_path()))
log.log(settings.TRACE_FIELD_VALUE, " form data %r" % (request.POST))
listinfo = self.list_setup(coll_id, type_id, list_id,
request.POST.dict())
if listinfo.http_response:
return listinfo.http_response
if 'close' in request.POST:
return HttpResponseRedirect(listinfo.get_continuation_url()
or self.collection_view_url)
# Process requested action
redirect_uri = None
entity_ids = request.POST.getlist('entity_select')
log.debug("entity_ids %r" % (entity_ids))
if len(entity_ids) > 1:
action = ""
redirect_uri = self.check_value_supplied(
None,
message.TOO_MANY_ENTITIES_SEL,
continuation_url=listinfo.get_continuation_url())
else:
entity_type = type_id or listinfo.get_list_type_id()
entity_id = None
if len(entity_ids) == 1:
(entity_type,
entity_id) = split_type_entity_id(entity_ids[0], entity_type)
if "new" in request.POST:
action = "new"
redirect_uri = uri_with_params(
listinfo.get_new_view_uri(coll_id, entity_type),
{'continuation_url': listinfo.get_continuation_here()})
if "copy" in request.POST:
action = "copy"
redirect_uri = (
self.check_value_supplied(
entity_id,
message.NO_ENTITY_FOR_COPY,
continuation_url=listinfo.get_continuation_url())
or uri_with_params(
listinfo.get_edit_view_uri(coll_id, entity_type,
entity_id, action),
{'continuation_url': listinfo.get_continuation_here()
}))
if "edit" in request.POST:
action = "edit"
redirect_uri = (
self.check_value_supplied(
entity_id,
message.NO_ENTITY_FOR_EDIT,
continuation_url=listinfo.get_continuation_url())
or uri_with_params(
listinfo.get_edit_view_uri(coll_id, entity_type,
entity_id, action),
{'continuation_url': listinfo.get_continuation_here()
}))
if "delete" in request.POST:
action = "delete"
redirect_uri = (self.check_value_supplied(
entity_id,
message.NO_ENTITY_FOR_DELETE,
continuation_url=listinfo.get_continuation_url())
or listinfo.check_collection_entity(
entity_id, entity_type,
message.SITE_ENTITY_FOR_DELETE %
{'id': entity_id})
or self.check_delete_type_values(
listinfo, entity_id, entity_type,
message.TYPE_VALUES_FOR_DELETE %
{'type_id': entity_id}))
if not redirect_uri:
# Get user to confirm action before actually doing it
confirmed_action_uri = self.view_uri(
"AnnalistEntityDataDeleteView",
coll_id=coll_id,
type_id=entity_type)
# log.info("coll_id %s, type_id %s, confirmed_action_uri %s"%(coll_id, entity_type, confirmed_action_uri))
delete_params = dict_querydict({
"entity_delete": ["Delete"],
"entity_id": [entity_id],
"completion_url": [listinfo.get_continuation_here()],
"search_for": [request.POST['search_for']]
})
curi = listinfo.get_continuation_url()
if curi:
dict_querydict["continuation_url"] = [curi]
message_vals = {
'id': entity_id,
'type_id': entity_type,
'coll_id': coll_id
}
typeinfo = listinfo.entitytypeinfo
if typeinfo is None:
typeinfo = EntityTypeInfo(listinfo.collection,
entity_type)
return (self.form_action_auth(
"delete", listinfo.collection,
typeinfo.permissions_map) or ConfirmView.render_form(
request,
action_description=message.REMOVE_ENTITY_DATA %
message_vals,
confirmed_action_uri=confirmed_action_uri,
action_params=delete_params,
cancel_action_uri=listinfo.get_continuation_here(),
title=self.site_data()["title"]))
if "default_view" in request.POST:
if listinfo.entitytypeinfo:
permissions_map = listinfo.entitytypeinfo.permissions_map
else:
permissions_map = CONFIG_PERMISSIONS
auth_check = self.form_action_auth("config",
listinfo.collection,
permissions_map)
if auth_check:
return auth_check
listinfo.collection.set_default_list(list_id)
action = "list"
msg = message.DEFAULT_LIST_UPDATED % {
'coll_id': coll_id,
'list_id': list_id
}
redirect_uri = (uri_with_params(
self.get_request_path(), self.info_params(msg),
listinfo.get_continuation_url_dict()))
if (("list_type" in request.POST) or ("list_all" in request.POST)):
action = "list"
redirect_uri = self.get_list_url(
coll_id,
extract_entity_id(request.POST['list_choice']),
type_id=None if "list_all" in request.POST else type_id,
scope="all" if "list_scope_all" in request.POST else None,
search=request.POST['search_for'],
query_params=listinfo.get_continuation_url_dict())
if "customize" in request.POST:
action = "config"
redirect_uri = (uri_with_params(
self.view_uri("AnnalistCollectionEditView",
coll_id=coll_id),
{'continuation_url': listinfo.get_continuation_here()}))
if redirect_uri:
return (listinfo.check_authorization(action)
or HttpResponseRedirect(redirect_uri))
# Report unexpected form data
# This shouldn't happen, but just in case...
# Redirect to continuation with error
log.error("Unexpected form data posted to %s: %r" %
(request.get_full_path(), request.POST))
err_values = self.error_params(
message.UNEXPECTED_FORM_DATA % (request.POST),
message.SYSTEM_ERROR)
redirect_uri = uri_with_params(listinfo.get_continuation_next(),
err_values)
return HttpResponseRedirect(redirect_uri)