Exemplo n.º 1
0
def make_name(dataset, label):
    from openspending.lib.util import slugify
    from itertools import count
    name = name_orig = slugify(label)
    view = View.by_name(dataset, name)
    for i in count():
        if view is None:
            return name
        name = name_orig + str(i)
        view = View.by_name(dataset, name)
Exemplo n.º 2
0
    def update(self, dataset, name):
        """
        Update dataset. Does nothing at the moment.
        """
        # Get the dataset for the view
        self._get_dataset(dataset)

        # Get the named view
        view = View.by_name(c.dataset, name)
        # User must be allowed to update the named view
        require.view.update(c.dataset, view)

        # Possible update values
        # We don't update the view's name because it might have been embedded
        view.label = request.params.get('label', view.label)
        try:
            # Try to load the state
            view.state = json.loads(request.params['state'])
        except:
            pass
        view.description = request.params.get('description', view.description)

        # Commit the changes
        db.session.commit()

        # Redirect to the view page for this view
        redirect(h.url_for(controller='view', action='view',
                           dataset=c.dataset.name, name=view.name))
Exemplo n.º 3
0
 def index(self, dataset, format='html'):
     self._get_dataset(dataset)
     handle_request(request, c, c.dataset)
     c.views = View.all_by_dataset(c.dataset)
     if format == 'json':
         return to_jsonp([v.as_dict() for v in c.views])
     else:
         return templating.render('view/index.html')
Exemplo n.º 4
0
 def create(self, dataset):
     self._get_dataset(dataset)
     require.view.create(c.dataset)
     handle_request(request, c, c.dataset)
     try:
         data = CreateView().deserialize(request.params)
         view = View(c.dataset, c.account, data['widget'],
                     data['state'])
         view.name = make_name(c.dataset, data['label'])
         view.label = data['label']
         view.description = data['description']
         view.public = True
         db.session.add(view)
         db.session.commit()
         redirect(h.url_for(controller='view', action='view',
             dataset=c.dataset.name, name=view.name))
     except colander.Invalid as inv:
         return self.new(dataset, errors=inv.asdict())
Exemplo n.º 5
0
 def create(self, dataset):
     self._get_dataset(dataset)
     require.view.create(c.dataset)
     handle_request(request, c, c.dataset)
     try:
         data = CreateView().deserialize(request.params)
         view = View()
         view.dataset = c.dataset
         view.account = c.account
         view.widget = data['widget']
         view.state = data['state']
         view.name = make_name(c.dataset, data['label'])
         view.label = data['label']
         view.description = data['description']
         view.public = True
         db.session.add(view)
         db.session.commit()
         redirect(
             h.url_for(controller='view',
                       action='view',
                       dataset=c.dataset.name,
                       name=view.name))
     except colander.Invalid as inv:
         return self.new(dataset, errors=inv.asdict())
Exemplo n.º 6
0
 def test_delete(self):
     # TODO: Create the view using a fixture
     self.app.post(url(controller='view', action='create',
                                 dataset='cra'),
                     params={'widget': 'treemap',
                             'label': 'I am a banana!',
                             'state': '{"foo":"banana"}'},
                     extra_environ={'REMOTE_USER': '******'})
     response = self.app.delete(url(controller='view',
         action='delete', dataset='cra', name='i-am-a-banana'),
         extra_environ={'REMOTE_USER': '******'})
     dataset = Dataset.by_name('cra')
     view = View.by_name(dataset, 'i-am-a-banana')
     assert view is None
     assert '302' in response.status
Exemplo n.º 7
0
 def sitemap(self, dataset):
     self._get_dataset(dataset)
     pages = []
     for action in ['view', 'about']:
         pages.append({
             'loc': h.url_for(controller='dataset', action=action,
                              dataset=c.dataset.name, qualified=True),
             'lastmod': c.dataset.updated_at,
             'priority': 0.8})
     for view in View.all_by_dataset(c.dataset):
         pages.append({
             'loc': h.url_for(controller='view', action='view',
                              dataset=dataset, name=view.name,
                              qualified=True),
             'lastmod': view.updated_at
             })
     return sitemap(pages)
Exemplo n.º 8
0
 def test_delete(self):
     # TODO: Create the view using a fixture
     self.app.post(url(controller='view', action='create', dataset='cra'),
                   params={
                       'widget': 'treemap',
                       'label': 'I am a banana!',
                       'state': '{"foo":"banana"}'
                   },
                   extra_environ={'REMOTE_USER': '******'})
     response = self.app.delete(url(controller='view',
                                    action='delete',
                                    dataset='cra',
                                    name='i-am-a-banana'),
                                extra_environ={'REMOTE_USER': '******'})
     dataset = Dataset.by_name('cra')
     view = View.by_name(dataset, 'i-am-a-banana')
     assert view is None
     assert '302' in response.status
Exemplo n.º 9
0
 def sitemap(self, dataset):
     self._get_dataset(dataset)
     pages = []
     for action in ["view", "about"]:
         pages.append(
             {
                 "loc": h.url_for(controller="dataset", action=action, dataset=c.dataset.name, qualified=True),
                 "lastmod": c.dataset.updated_at,
                 "priority": 0.8,
             }
         )
     for view in View.all_by_dataset(c.dataset):
         pages.append(
             {
                 "loc": h.url_for(controller="view", action="view", dataset=dataset, name=view.name, qualified=True),
                 "lastmod": view.updated_at,
             }
         )
     return sitemap(pages)
Exemplo n.º 10
0
 def _get_named_view(self, dataset, name):
     self._get_dataset(dataset)
     c.named_view = View.by_name(c.dataset, name)
     if c.named_view is None:
         abort(404, _('Sorry, there is no view %r') % name)
     require.view.read(c.dataset, c.named_view)
Exemplo n.º 11
0
def create_view(dataset, view_config):
    """
    Create view for a provided dataset from a view provided as dict
    """

    # Check if it exists (if not we create it)
    existing = View.by_name(dataset, view_config['name'])
    if existing is None:
        # Create the view
        view = View()

        # Set saved configurations
        view.widget = view_config['widget']
        view.state = view_config['state']
        view.name = view_config['name']
        view.label = view_config['label']
        view.description = view_config['description']
        view.public = view_config['public']
        
        # Set the dataset as the current dataset
        view.dataset = dataset

        # Try and set the account provided but if it doesn't exist
        # revert to shell account
        view.account = Account.by_name(view_config['account'])
        if view.account is None:
            view.account = shell_account()

        # Commit view to database
        db.session.add(view)
        db.session.commit()
Exemplo n.º 12
0
    def test_update(self):
        """
        Test the update function of a view.
        """
        # Create the view (we do it via a controller but it would be
        # better to create it manually (or via a fixture)
        self.app.post(url(controller='view', action='create',
                          dataset='cra'),
                      params={'widget': 'treemap',
                              'label': 'I am a banana!',
                              'state': '{"foo":"banana"}'},
                      extra_environ={'REMOTE_USER': '******'})

        # Check whether a non-user can update the view
        response = self.app.post(url(controller='view', action='update',
                                     dataset='cra', name='i-am-a-banana'),
                                 params={'label': 'I am an apple',
                                         'state': '{"foo":"apple"}',
                                         'description': 'An apple!'},
                                 expect_errors=True)
        # The user should receive a 403 Forbidden (actually should get 401)
        assert '403' in response.status, \
            "A non-user was able to update a view"

        dataset = Dataset.by_name('cra')
        view = View.by_name(dataset, 'i-am-a-banana')
        assert view.label == 'I am a banana!', \
            "View's label was changed by a non-user"
        assert view.state['foo'] == 'banana', \
            "View's state was changed by a non-user"
        assert view.description is None, \
            "View's description was changed by a non-user"

        # Check whether an unauthorized user can update the view
        response = self.app.post(url(controller='view', action='update',
                                     dataset='cra', name='i-am-a-banana'),
                                 params={'label': 'I am an apple',
                                         'state': '{"foo":"apple"}',
                                         'description': 'An apple!'},
                                 expect_errors=True,
                                 extra_environ={'REMOTE_USER': '******'})
        # The user should receive a 403 (Forbidden)
        assert '403' in response.status, \
            "Unauthorized user was able to update a view"

        dataset = Dataset.by_name('cra')
        view = View.by_name(dataset, 'i-am-a-banana')
        assert view.label == 'I am a banana!', \
            "View's label was changed by an unauthorized user"
        assert view.state['foo'] == 'banana', \
            "View's state was changed by an unauthorized user"
        assert view.description is None, \
            "View's description was changed by an unauthorized user"

        # Check whether a managing user can update the view
        response = self.app.post(url(controller='view', action='update',
                                     dataset='cra', name='i-am-a-banana'),
                                 params={'label': 'I am an apple',
                                         'name': 'can-i-be-an-apple',
                                         'state': '{"foo":"apple"}',
                                         'description': 'An apple!'},
                                 extra_environ={'REMOTE_USER': '******'})

        dataset = Dataset.by_name('cra')
        view = View.by_name(dataset, 'i-am-a-banana')
        # Name cannot have been changed because the view might have been
        # embedded elsewhere (cannot be changed by params nor be re-slugified)
        assert view is not None, \
            "View's name was changed by update"
        assert view.label == 'I am an apple', \
            "View's label wasn't changed by the managing user"
        assert view.state['foo'] == 'apple', \
            "View's state wasn't changed by the managing user"
        assert view.description == 'An apple!', \
            "View's description wasn't changed by the managing user"
Exemplo n.º 13
0
 def _get_named_view(self, dataset, name):
     self._get_dataset(dataset)
     c.named_view = View.by_name(c.dataset, name)
     if c.named_view is None:
         abort(404, _('Sorry, there is no view %r') % name)
     require.view.read(c.dataset, c.named_view)
Exemplo n.º 14
0
def create_view(dataset, view_config):
    """
    Create view for a provided dataset from a view provided as dict
    """

    # Check if it exists (if not we create it)
    existing = View.by_name(dataset, view_config['name'])
    if existing is None:
        # Create the view
        view = View()

        # Set saved configurations
        view.widget = view_config['widget']
        view.state = view_config['state']
        view.name = view_config['name']
        view.label = view_config['label']
        view.description = view_config['description']
        view.public = view_config['public']

        # Set the dataset as the current dataset
        view.dataset = dataset

        # Try and set the account provided but if it doesn't exist
        # revert to shell account
        view.account = Account.by_name(view_config['account'])
        if view.account is None:
            view.account = shell_account()

        # Commit view to database
        db.session.add(view)
        db.session.commit()
Exemplo n.º 15
0
    def test_update(self):
        """
        Test the update function of a view.
        """
        # Create the view (we do it via a controller but it would be
        # better to create it manually (or via a fixture)
        self.app.post(url(controller='view', action='create', dataset='cra'),
                      params={
                          'widget': 'treemap',
                          'label': 'I am a banana!',
                          'state': '{"foo":"banana"}'
                      },
                      extra_environ={'REMOTE_USER': '******'})

        # Check whether a non-user can update the view
        response = self.app.post(url(controller='view',
                                     action='update',
                                     dataset='cra',
                                     name='i-am-a-banana'),
                                 params={
                                     'label': 'I am an apple',
                                     'state': '{"foo":"apple"}',
                                     'description': 'An apple!'
                                 },
                                 expect_errors=True)
        # The user should receive a 403 Forbidden (actually should get 401)
        assert '403' in response.status, \
            "A non-user was able to update a view"

        dataset = Dataset.by_name('cra')
        view = View.by_name(dataset, 'i-am-a-banana')
        assert view.label == 'I am a banana!', \
            "View's label was changed by a non-user"
        assert view.state['foo'] == 'banana', \
            "View's state was changed by a non-user"
        assert view.description is None, \
            "View's description was changed by a non-user"

        # Check whether an unauthorized user can update the view
        response = self.app.post(url(controller='view',
                                     action='update',
                                     dataset='cra',
                                     name='i-am-a-banana'),
                                 params={
                                     'label': 'I am an apple',
                                     'state': '{"foo":"apple"}',
                                     'description': 'An apple!'
                                 },
                                 expect_errors=True,
                                 extra_environ={'REMOTE_USER': '******'})
        # The user should receive a 403 (Forbidden)
        assert '403' in response.status, \
            "Unauthorized user was able to update a view"

        dataset = Dataset.by_name('cra')
        view = View.by_name(dataset, 'i-am-a-banana')
        assert view.label == 'I am a banana!', \
            "View's label was changed by an unauthorized user"
        assert view.state['foo'] == 'banana', \
            "View's state was changed by an unauthorized user"
        assert view.description is None, \
            "View's description was changed by an unauthorized user"

        # Check whether a managing user can update the view
        response = self.app.post(url(controller='view',
                                     action='update',
                                     dataset='cra',
                                     name='i-am-a-banana'),
                                 params={
                                     'label': 'I am an apple',
                                     'name': 'can-i-be-an-apple',
                                     'state': '{"foo":"apple"}',
                                     'description': 'An apple!'
                                 },
                                 extra_environ={'REMOTE_USER': '******'})

        dataset = Dataset.by_name('cra')
        view = View.by_name(dataset, 'i-am-a-banana')
        # Name cannot have been changed because the view might have been
        # embedded elsewhere (cannot be changed by params nor be re-slugified)
        assert view is not None, \
            "View's name was changed by update"
        assert view.label == 'I am an apple', \
            "View's label wasn't changed by the managing user"
        assert view.state['foo'] == 'apple', \
            "View's state wasn't changed by the managing user"
        assert view.description == 'An apple!', \
            "View's description wasn't changed by the managing user"