def get(self, request, *args, **kwargs): model = self.resource.model try: if request.user.is_authenticated(): # take the user data from the authentication. return request.user.get_profile() # look up based on the NetworkHost of this request profile = None ip = request.META['REMOTE_ADDR'] mac = get_mac_address(ip) if mac == None: # unknown MAC raise ErrorResponse(status.HTTP_404_NOT_FOUND) try: h = NetworkHost.objects.get(mac_address__iexact=mac) if h.user_profile == None: # no user associated with this host raise ErrorResponse(status.HTTP_404_NOT_FOUND) return h.user_profile except: # networkhost record does not exist raise ErrorResponse(status.HTTP_404_NOT_FOUND) except: pass # other error raise ErrorResponse(status.HTTP_500_INTERNAL_SERVER_ERROR)
def check_placeholder_html_id(html_id, extras_id=[]):
"""
Check if the placeholder html ID is valid and return split of ID.
Valid IDs examples are : 'header-placeholder-1' or
'clipboard-placeholder'.
If ID doesn't valid, raise a response 400.
Parameters :
- extras_id : List of additional id value.
If list is empty, just int value is accepted.
"""
# Extra ID accepted, eg placeholder default.
if html_id in extras_id:
return html_id
# Check structure of html id
items_html_id = html_id.rsplit(settings.SLUG_SEP, 2)
if len(items_html_id) != 3 or\
items_html_id[1] != settings.SLUG_PLACEHOLDER:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST,
{'msg': MESSAGES.get('default_error', "")})
# Last item must be an int
try:
int(items_html_id[2])
except ValueError:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST,
{'msg': MESSAGES.get('default_error', "")})
return items_html_id
def filter_response(self, obj):
"""
Given the response content, paginate and then serialize.
The response is modified to include to useful data relating to the number
of objects, number of pages, next/previous urls etc. etc.
The serialised objects are put into `results` on this new, modified
response
"""
# We don't want to paginate responses for anything other than GET requests
if self.method.upper() != 'GET':
return self._resource.filter_response(obj)
paginator = Paginator(obj, self.get_limit())
try:
page_num = int(self.request.GET.get('page', '1'))
except ValueError:
raise ErrorResponse(status.HTTP_404_NOT_FOUND,
{'detail': 'That page contains no results'})
if page_num not in paginator.page_range:
raise ErrorResponse(status.HTTP_404_NOT_FOUND,
{'detail': 'That page contains no results'})
page = paginator.page(page_num)
serialized_object_list = self._resource.filter_response(page.object_list)
serialized_page_info = self.serialize_page_info(page)
serialized_page_info['results'] = serialized_object_list
return serialized_page_info
def unpack_data_blob(data):
"""
Input is a mapping. Find a key named 'data', decode it as a JSON
blob, and merge the result into the mapping (in place; returns
None).
"""
import json
from djangorestframework.response import ErrorResponse
# Don't let the CSRF middleware token muck up our data.
if 'csrfmiddlewaretoken' in data:
del data['csrfmiddlewaretoken']
# Handle the JSON data blob submitted through a form.
if 'data' in data:
try:
data_blob = json.loads(data['data'])
except ValueError:
raise ErrorResponse(
status.HTTP_400_BAD_REQUEST,
{'detail': 'data blob must be a valid JSON object string'})
if not isinstance(data_blob, dict):
raise ErrorResponse(
status.HTTP_400_BAD_REQUEST,
{'detail': 'data blob must be a valid JSON object string'})
del data['data']
data.update(data_blob)
def _get_instance_by_id(self, model, mid):
try:
id = int(mid)
except ValueError:
raise ErrorResponse(status.HTTP_404_NOT_FOUND)
try:
instance = model.objects.get(pk=id)
except model.DoesNotExist:
raise ErrorResponse(status.HTTP_404_NOT_FOUND)
return instance
def post(self, request, number):
car = get_model_or_404(Car, number=number)
try:
car.sell_to(self.user)
except Car.NotAllowedException:
raise ErrorResponse(
403, {'detail': 'You are not allowed to purchase this car'})
except UserProfile.InsufficientFundsException:
raise ErrorResponse(403, {'detail': 'You cannot afford this car'})
else:
return {'status': 'ok'}
def base_view(self, request, html_id_object, url_action):
"""
Basic View of actions admin.
This method gets the object related to the request
and return the action asked.
"""
# Get and check app/plugin object HTML ID
# Types accepted : PluginRelation or App
# If slug not valid => raise HTTP_400_BAD_REQUEST
object_type, object_id = check_object_html_id(
html_id_object, types=[settings.SLUG_PLUGIN, settings.SLUG_APP])
# Case #1 - Object Type : PluginRelation
if object_type == settings.SLUG_PLUGIN:
# Get plugin relation
try:
obj_relation = PluginRelation.objects\
.get(id__exact=object_id)
except PluginRelation.DoesNotExist:
# If the plugin is not found => 404
raise ErrorResponse(status.HTTP_404_NOT_FOUND,
{'msg': MESSAGES.get('default_error', "")})
# Get plugin object
obj = obj_relation.content_object
# Case #2 - Object Type : App
# Necessarily : object_type == settings.SLUG_APP:
else:
# Get app object
obj = request.page.app_page_object
# We check that slug parameter is correct
if obj.pk != int(object_id):
raise ErrorResponse(status.HTTP_404_NOT_FOUND,
{'msg': MESSAGES.get('default_error', "")})
# Formatting url action
# (add '/' at the begining and the ending)
if url_action[0] != '/':
url_action = '/' + url_action
if url_action[-1] != '/':
url_action = url_action + '/'
# Dispatcher View
try:
match = resolve(url_action, urlconf=obj.get_actions_urlconf())
return match.func(request, html_id_object, obj, **match.kwargs)
except Http404:
raise ErrorResponse(status.HTTP_404_NOT_FOUND,
{'msg': MESSAGES.get('action_not_found', "")})
def get_model_or_404(model, *args, **kwargs):
try:
return model.objects.get(*args, **kwargs)
except ObjectDoesNotExist:
raise ErrorResponse(404,
{'detail': '{model} not found'.format(
model=model.__name__)})
def get(self, request, page_pk=None):
"""
Return the form to edit a app page.
If 'page_pk' parameter is None, returns the edit form
of the current page (ie request.page),
else returns the edit form of the page with the id 'page_pk'.
"""
# Get page with ID 'page_pk'
if page_pk is not None:
try:
page = request.website.pages.select_related()\
.get(pk=page_pk)
app_page = page.app_page_object
except Page.DoesNotExist:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST,
{'msg': MESSAGES.get('default_error', "")})
else:
page = request.page
app_page = request.page.app_page_object
# Page App Admin Form
PageAppForm = app_page.get_admin_form()
form = PageAppForm(instance=app_page)
data_context = {'form': form, 'object': app_page}
if page_pk:
data_context['page'] = page
content = render_to_string('administration/app/app-edit.html',
data_context,
context_instance=RequestContext(request))
response = Response(status.HTTP_200_OK, {
'html': content,
})
return self.render(response)
def post(self, request, relation_id, plugin, action_pk=None):
links_html_id = request.POST.getlist('links_id[]')
if links_html_id:
# New ordering items
order = 1
for link_id in map(lambda s: s.split('-')[1], links_html_id):
try:
obj = Link.objects.get(pk=link_id)
if obj.plugin == plugin:
obj.order = order
obj.save()
order += 1
except Link.DoesNotExist:
pass
# Rendering new content
html = request.page.render_page(request).content
if isinstance(html, HTMLRendering):
html = html.content
response = Response(
status.HTTP_200_OK, {
'msg': MESSAGES.get('items_edit_success', ""),
'html': html,
'placeholder_type': placeholder_type,
'html_id': relation_id
})
return self.render(response)
else:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST,
{'msg': MESSAGES.get('default_error', "")})
def post(self, request):
user = request.user
parentNode = self.CONTENT.get('parent')
text = self.CONTENT.get('text')
reType = self.CONTENT.get('type')
description = self.CONTENT.get('description')
for node in parentNode.node_set.all():
if node.text == text:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST, 'Duplicated name under ' + parentNode.text)
site, parentRelativePath = parentNode.get_site_and_path()
nodeRelativePath = os.path.join(parentRelativePath, text)
nodeFolder = os.path.join(parentNode.get_full_path(), text)
if(reType == 'R'):
if(User.has_perm(user, 'repo.add_repository', None)):
p2_folder = p2.Folder(nodeFolder)
p2_folder.addRepositoryFolder()
repo = dbhandler.create_repository(text, nodeRelativePath, description, site, parentNode)
node = repo.node
else:
raise PermissionDenied
if(reType == 'C'):
if(User.has_perm(user, 'repo.add_composite', None)):
p2_folder = p2.Folder(nodeFolder)
p2_folder.addCompositeFolder()
com = dbhandler.create_composite(text, nodeRelativePath, site, parentNode)
node = com.node
else:
raise PermissionDenied
return node.as_node()
def delete(self, request, *args, **kwargs):
"""
Only the creator should be able to delete an instance.
"""
model = self.resource.model
query_kwargs = self.get_query_kwargs(request, *args, **kwargs)
try:
instance = self.get_instance(**query_kwargs)
except model.DoesNotExist:
raise ErrorResponse(status.HTTP_404_NOT_FOUND, None, {})
if instance.created_by == self.user:
instance.delete()
else:
raise ErrorResponse(status.HTTP_401_UNAUTHORIZED, None, {})
def get(self, request, lat, lon):
try:
location = (float(lon), float(lat))
except ValueError:
raise ErrorResponse(400, {'detail': 'Invalid Coordinates'})
return Stop.objects.find_nearby(location)[:settings.STOP_SEARCH_LIMIT]
def delete(self,request, site_id):
if not request.user.is_superuser:
raise PermissionDenied
site = self._get_instance_by_id(Site, site_id)
node = self._get_instance_by_id(Node, site_id)
composites = getReferredComRepoForSite(site)
if(len(composites) != 0):
restr = ''
for x in composites:
restr = restr+','
restr = restr + x.name+'in site'+x.site.name
raise ErrorResponse(status.HTTP_412_PRECONDITION_FAILED,
'Repository is referenced by composite ' + restr)
if site.name in conf.CONF.get('REPOSITORY_SITES'):
del conf.CONF.get('REPOSITORY_SITES')[site.name]
conf.CONF.save()
if os.path.isdir(site.get_location()):
oldName=site.get_location()
newName = site.get_location()+time.strftime('%Y%m%d%H%I%S',time.localtime(time.time()))
os.rename(oldName, newName)
#cascading delete site, site's node, repo and repo'nodes, composites and composites' nodes
dbhandler.delete_site(site.id)
return site
def check_permission(self, user):
if (not user.is_staff and
self.view.method not in SAFE_METHODS):
raise ErrorResponse(status.HTTP_403_FORBIDDEN,
{'detail':
'You do not have permission to access this resource. ' +
'Only staff members may perform the requested action.'})
def http_method_not_allowed(self, request, *args, **kwargs):
"""
Return an HTTP 405 error if an operation is called which does not have a handler method.
"""
raise ErrorResponse(status.HTTP_405_METHOD_NOT_ALLOWED, {
'detail':
'Method \'%s\' not allowed on this resource.' % self.method
})
def get(self, request, number):
model = self.resource.model
model_instance = get_model_or_404(model, number=number)
#Only the car's owner can view detailed information
if not model_instance.owner == self.user.get_profile():
raise ErrorResponse(403, {'detail': 'You do not own this car'})
return model_instance
def post(self, request):
data = self.get_data(request)
try:
value = int(self.CONTENT["value"])
except (KeyError, TypeError):
raise ErrorResponse(status.BAD_REQUEST)
data.add(value)
request.session.modified = True
return Response(status.CREATED, data)
def get(self, request, *args, **kwargs):
model = self.resource.model
query_kwargs = self.get_query_kwargs(request, *args, **kwargs)
try:
self.model_instance = self.get_instance(**query_kwargs)
except model.DoesNotExist:
raise ErrorResponse(status.HTTP_404_NOT_FOUND)
return self.model_instance
def delete(self, request, *args, **kwargs):
model = self.resource.model
try:
instance = model.objects.get(self.build_query(*args, **kwargs))
except model.DoesNotExist:
raise ErrorResponse(status.HTTP_404_NOT_FOUND, None, {})
instance.delete()
return
def post(self, request):
data = self.get_data(request)
try:
key = self.CONTENT["key"]
value = self.CONTENT["value"]
except KeyError:
raise ErrorResponse(status.BAD_REQUEST)
data[key] = value
request.session.modified = True
return Response(status.CREATED, data)
def get(self, request, operation_id):
op = self._get_instance_by_id(Operation, operation_id)
commit_id = op.commit_id
if commit_id:
repository = op.repository
p2_repo = p2.Repo(repository.get_full_path())
diff = p2_repo.get_commit_diff(commit_id)
return diff
else:
raise ErrorResponse(status.HTTP_404_NOT_FOUND, 'No diff information.')
def post(self, request, site_id):
if not request.user.is_superuser:
raise PermissionDenied
site = self._get_instance_by_id(Site, site_id)
p2_site = p2.Site(site.get_location())
returncode, output = p2_site.recover()
if returncode:
raise ErrorResponse(status.HTTP_500_INTERNAL_SERVER_ERROR, output)
else:
return output
def raise_forbidden(self):
"""
Raise a 403 forbidden HTTP error.
"""
raise ErrorResponse(
status.HTTP_403_FORBIDDEN, {
'detail': ('You do not have permission to access this '
'resource. You may need to login or otherwise '
'authenticate the request.')
})
def post(self, request, number):
car = get_model_or_404(Car, number=number)
try:
# import pdb; pdb.set_trace()
car.buy_back(self.user)
except Car.NotAllowedException:
raise ErrorResponse(403,
{'detail': 'This car does not belong to you'})
else:
return {'status': 'ok'}
def get(self, request, *args, **kwargs):
"""Gets post data. If ?html option is specified, method will return
only post html without any other fields.
"""
try:
post = self.model.objects.get(**kwargs)
if request.GET.get("html"):
return {"html": post.html}
return post
except self.model.DoesNotExist:
raise ErrorResponse(status.NOT_FOUND)
def post(self, request, repository_id):
user = request.user
if(User.has_perm(user, 'repo.change_repository', None)):
repository = self._get_instance_by_id(Repository, repository_id)
#check if the rollback operation can be done, operations should be ordered by commit_time desc
operations = repository.operation_set.filter(committer=request.user).order_by('commit_time').reverse()
flag = p2.check_rollback(operations)
if flag == False:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST, 'Last operation can not be rolled back.')
p2_repo = p2.Repo(repository.get_full_path())
try:
p2_repo.rollback()
op = repository.operation_set.create(message='Repository rollback by user.', type='R', committer=request.user)
op.save()
return op.to_resource()
except P2Exception:
raise ErrorResponse(status.HTTP_400_BAD_REQUEST, 'Not able to rollback')
else:
raise PermissionDenied
def delete(self, request, *args, **kwargs):
"""Deletes post."""
try:
post = self.model.objects.get(id=kwargs["id"])
except self.model.DoesNotExist:
raise ErrorResponse(status.NOT_FOUND)
key = get_key(request.GET["password"])
if post.password == key:
post.remove()
elif is_mod(request, post.section_slug()):
mod_delete_post(request, post)
post.remove()
else:
raise ErrorResponse(status.FORBIDDEN, content={
"detail": u"{0}{1}. {2}".format(
_("Error on deleting post #"), post.pid,
_("Password mismatch")
)
})
return Response(status.NO_CONTENT)
def post(self, request, *args, **kwargs):
# Users should only be able to support a plan once, and this is enforced
# by the ORM/DB. Gracefully handle the integrity error.
try:
return super(PlanSupportListView,
self).post(request, *args, **kwargs)
except IntegrityError:
raise ErrorResponse(
status.HTTP_409_CONFLICT,
{'detail': ('User has already supported '
'that plan.')})
def post(self, request, relation_html_id):
"""
Update plugin modifications.
If modifications are correct return confirmation message
and the new render of the layout section;
if not, return the plugin form with error messages
Parameters :
- relation_html_id : PluginRelation Id
POST parameters :
- form fields
- csrf token
"""
pk = check_object_html_id(relation_html_id)[1]
try:
plugin_relation = PluginRelation.objects.filter(
pages__website__exact=request.website,
id__exact=pk)[0]
except IndexError:
raise Http404
# Create the plugin form
plugin = plugin_relation.content_object
PluginFormClass = plugin.get_admin_form()
form = PluginFormClass(request.POST, instance=plugin)
if form.is_valid():
plugin = form.save()
placeholder_slug_items = check_placeholder_html_id(
plugin_relation.placeholder_slug)
layout_section_slug = placeholder_slug_items[0]
rendering_context = RenderingContext(request)
html_rendering = rendering_context.get_html_layout(layout_section_slug)
response = Response(status.HTTP_200_OK,
{"msg": MESSAGES.get('item_edit_success',""),
'html': html_rendering,
'layout_section_slug': layout_section_slug})
return self.render(response)
else:
# Invalid form => 400 BAD REQUEST
# with forms (and errors..)
html = render_to_string('administration/plugin/plugin-edit.html',
{'form': form,
'plugin': plugin,
'plugin_relation_html_id': relation_html_id},
context_instance = RequestContext(request))
raise ErrorResponse(status.HTTP_400_BAD_REQUEST,
{'msg': MESSAGES.get('invalid_data', ""),
'html': html})
