def record_phas(request, record):
""" List userapps bound to a given record.
request.GET may optionally contain:
* *type*: An XML schema namespace. If specified, only apps which
explicitly declare themselves as supporting that namespace will
be returned.
Will return :http:statuscode:`200` with a list of JSON manifests
for the matching apps on success.
"""
phas = record.phas
# are we filtering by schema?
type = request.GET.get('type', None)
if type:
schema = DocumentSchema.objects.get(type=type)
phas = [pha for pha in phas if pha.schema == schema]
# interpolate the the start_url_template into start_url
manifests = []
for pha in phas:
pha.start_url = utils.url_interpolate(pha.start_url_template, {'record_id' : record.id})
manifests.append(pha.to_manifest(as_string=False))
return manifests
def record_phas(request, record):
""" List userapps bound to a given record.
request.GET may optionally contain:
* *type*: An XML schema namespace. If specified, only apps which
explicitly declare themselves as supporting that namespace will
be returned.
Will return :http:statuscode:`200` with the list of matching apps
on success.
"""
phas = record.phas
# are we filtering by schema?
type = request.GET.get("type", None)
if type:
schema = DocumentSchema.objects.get(type=type)
phas = [pha for pha in phas if pha.schema == schema]
# interpolate the the start_url_template into start_url
for pha in phas:
pha.start_url = utils.url_interpolate(pha.start_url_template, {"record_id": record.id})
return render_template("phas", {"phas": phas})
def record_pha(request, record, pha):
try:
pha = record.shares.get(with_pha__email = pha.email).with_pha
except Share.DoesNotExist:
raise Http404
pha.start_url = utils.url_interpolate(pha.start_url_template, {'record_id' : record.id})
return render_template('pha', {'pha':pha})
def record_phas(request, record):
""" List userapps bound to a given record.
request.GET may optionally contain:
* *type*: An XML schema namespace. If specified, only apps which
explicitly declare themselves as supporting that namespace will
be returned.
Will return :http:statuscode:`200` with the list of matching apps
on success.
"""
phas = record.phas
# are we filtering by schema?
type = request.GET.get('type', None)
if type:
schema = DocumentSchema.objects.get(type=type)
phas = [pha for pha in phas if pha.schema == schema]
# interpolate the the start_url_template into start_url
for pha in phas:
pha.start_url = utils.url_interpolate(pha.start_url_template,
{'record_id': record.id})
return render_template('phas', {'phas': phas})
def record_phas(request, record):
""" List userapps bound to a given record.
request.GET may optionally contain:
* *type*: An XML schema namespace. If specified, only apps which
explicitly declare themselves as supporting that namespace will
be returned.
Will return :http:statuscode:`200` with a list of JSON manifests
for the matching apps on success.
"""
phas = record.phas
# are we filtering by schema?
type = request.GET.get('type', None)
if type:
schema = DocumentSchema.objects.get(type=type)
phas = [pha for pha in phas if pha.schema == schema]
# interpolate the the start_url_template into start_url
manifests = []
newlist = sorted(phas, key=lambda x: x.name, reverse=False)
for pha in newlist:
# return ("{'name':'"+pha.name+"'}")
pha.start_url = utils.url_interpolate(pha.start_url_template, {'record_id' : record.id})
manifests.append(pha.to_manifest(as_string=False))
return manifests
def record_pha(request, record, pha):
try:
pha = record.shares.get(with_pha__email=pha.email).with_pha
except Share.DoesNotExist:
raise Http404
pha.start_url = utils.url_interpolate(pha.start_url_template,
{'record_id': record.id})
return render_template('pha', {'pha': pha})
def record_pha(request, record, pha):
""" Get information about a given userapp bound to a record.
Will return :http:statuscode:`200` with a JSON manifest for the app on success,
:http:statuscode:`404` if the app isn't actually bound to the record.
"""
try:
pha = record.pha_shares.get(with_pha__email = pha.email).with_pha
except PHAShare.DoesNotExist:
raise Http404
pha.start_url = utils.url_interpolate(pha.start_url_template, {'record_id' : record.id})
return pha.to_manifest(as_string=False)
def record_phas(request, record):
phas = record.phas
# are we filtering by schema?
type = request.GET.get('type', None)
if type:
schema = DocumentSchema.objects.get(type=type)
phas = [pha for pha in phas if pha.schema == schema]
# interpolate the the start_url_template into start_url
for pha in phas:
pha.start_url = utils.url_interpolate(pha.start_url_template, {'record_id' : record.id})
return render_template('phas', {'phas':phas})
def record_pha(request, record, pha):
""" Get information about a given userapp bound to a record.
Will return :http:statuscode:`200` with a JSON manifest for the app on success,
:http:statuscode:`404` if the app isn't actually bound to the record.
"""
try:
pha = record.pha_shares.get(with_pha__email = pha.email).with_pha
except PHAShare.DoesNotExist:
raise Http404
pha.start_url = utils.url_interpolate(pha.start_url_template, {'record_id' : record.id})
return pha.to_manifest(as_string=False)
def record_pha(request, record, pha):
""" Get information about a given userapp bound to a record.
Will return :http:statuscode:`200` with information about the app on success,
:http:statuscode:`404` if the app isn't actually bound to the record.
"""
try:
pha = record.pha_shares.get(with_pha__email=pha.email).with_pha
except PHAShare.DoesNotExist:
raise Http404
pha.start_url = utils.url_interpolate(pha.start_url_template, {"record_id": record.id})
return render_template("pha", {"pha": pha})
def record_phas(request, record):
phas = record.phas
# are we filtering by schema?
type = request.GET.get('type', None)
if type:
schema = DocumentSchema.objects.get(type=type)
phas = [pha for pha in phas if pha.schema == schema]
# interpolate the the start_url_template into start_url
for pha in phas:
pha.start_url = utils.url_interpolate(pha.start_url_template,
{'record_id': record.id})
return render_template('phas', {'phas': phas})
def get_connect_credentials(request, account, pha):
""" Get oAuth credentials for an app to run in Connect or SMART REST mode.
Generates access tokens for *pha* to run against the *record_id* specified in ``request.POST``, authorized by
*account*. Generates 2 tokens: one for SMART Connect use, and one for SMART REST use.
If the app is not yet enabled for the record/carenet, this will return a :http:statuscode:`403`.
"""
carenet = record = None
carenet_id = request.POST.get('carenet_id', None)
record_id = request.POST.get('record_id', None)
if carenet_id:
try:
carenet = Carenet.objects.get(id=carenet_id)
except Carenet.DoesNotExist:
raise Http404
except Carenet.MultipleObjectsReturned:
raise Exception(
"Multiple carenets with same id--database is corrupt")
elif record_id:
try:
record = Record.objects.get(id=record_id)
except Record.DoesNotExist:
raise Http404
except Record.MultipleObjectsReturned:
raise Exception(
"Multiple records with same id--database is corrupt")
# Make sure that the app is enabled
if (record and not PHAShare.objects.filter(record=record, with_pha=pha).exists()) or \
(carenet and not CarenetPHA.objects.filter(carenet=carenet, pha=pha).exists()):
raise PermissionDenied(
"Cannot generate credentials before app is enabled")
# Generate the tokens
from indivo.accesscontrol.oauth_servers import OAUTH_SERVER
rest_token = OAUTH_SERVER.generate_and_preauthorize_access_token(
pha, record=record, carenet=carenet, account=account)
connect_token = OAUTH_SERVER.generate_and_preauthorize_access_token(
pha, record=record, carenet=carenet, account=account)
connect_token.connect_auth_p = True
connect_token.save()
# Generate a 2-legged oauth header for the rest token, based on the pha's start_url
url = utils.url_interpolate(pha.start_url_template, {
'record_id': record_id or '',
'carenet_id': carenet_id or ''
})
request = HTTPRequest("GET", url, HTTPRequest.FORM_URLENCODED_TYPE, '', {})
oauth_params = {
'smart_container_api_base': settings.SITE_URL_PREFIX,
'smart_oauth_token': rest_token.token,
'smart_oauth_token_secret': rest_token.token_secret,
'smart_user_id': account.email,
'smart_app_id': pha.email,
'smart_record_id': record_id,
}
oauth_request = OAuthRequest(
consumer=pha,
token=None, # no access tokens: 2-legged request
http_request=request,
oauth_parameters=oauth_params)
oauth_request.sign()
auth_header = oauth_request.to_header()["Authorization"]
return render_template('connect_credentials', {
'connect_token': connect_token,
'rest_token': rest_token,
'api_base': settings.SITE_URL_PREFIX,
'oauth_header': auth_header,
'app_email': pha.email
},
type='xml')
def get_connect_credentials(request, account, pha):
""" Get oAuth credentials for an app to run in Connect or SMART REST mode.
Generates access tokens for *pha* to run against the *record_id* specified in ``request.POST``, authorized by
*account*. Generates 2 tokens: one for SMART Connect use, and one for SMART REST use.
If the app is not yet enabled for the record/carenet, this will return a :http:statuscode:`403`.
"""
carenet = record = None
carenet_id = request.POST.get('carenet_id', None)
record_id = request.POST.get('record_id', None)
if carenet_id:
try:
carenet=Carenet.objects.get(id=carenet_id)
except Carenet.DoesNotExist:
raise Http404
except Carenet.MultipleObjectsReturned:
raise Exception("Multiple carenets with same id--database is corrupt")
elif record_id:
try:
record = Record.objects.get(id=record_id)
except Record.DoesNotExist:
raise Http404
except Record.MultipleObjectsReturned:
raise Exception("Multiple records with same id--database is corrupt")
# Make sure that the app is enabled
if (record and not PHAShare.objects.filter(record=record, with_pha=pha).exists()) or \
(carenet and not CarenetPHA.objects.filter(carenet=carenet, pha=pha).exists()):
raise PermissionDenied("Cannot generate credentials before app is enabled")
# Generate the tokens
from indivo.accesscontrol.oauth_servers import OAUTH_SERVER
rest_token = OAUTH_SERVER.generate_and_preauthorize_access_token(pha, record=record,
carenet=carenet, account=account)
connect_token = OAUTH_SERVER.generate_and_preauthorize_access_token(pha, record=record,
carenet=carenet, account=account)
connect_token.connect_auth_p = True
connect_token.save()
# Generate a 2-legged oauth header for the rest token, based on the pha's start_url
url = utils.url_interpolate(pha.start_url_template, {'record_id':record_id or '', 'carenet_id':carenet_id or ''})
request = HTTPRequest("GET", url, HTTPRequest.FORM_URLENCODED_TYPE, '', {})
oauth_params = {
'smart_container_api_base': settings.SITE_URL_PREFIX,
'smart_oauth_token': rest_token.token,
'smart_oauth_token_secret': rest_token.token_secret,
'smart_user_id': account.email,
'smart_app_id': pha.email,
'smart_record_id': record_id,
}
oauth_request = OAuthRequest(consumer=pha,
token=None, # no access tokens: 2-legged request
http_request=request,
oauth_parameters=oauth_params)
oauth_request.sign()
auth_header = oauth_request.to_header()["Authorization"]
return render_template('connect_credentials',
{ 'connect_token': connect_token,
'rest_token': rest_token,
'api_base': settings.SITE_URL_PREFIX,
'oauth_header': auth_header,
'app_email':pha.email},
type='xml')
