Exemplo n.º 1
0
class FileController(Controller):
    """
    Endpoints for File Content
    """

    # File data
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder, HTTPStatus.BAD_REQUEST)  # nopep8
    @hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
    @require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(ContentDigestSchema())
    @hapic.input_forms(FileCreationFormSchema())
    @hapic.input_files(SimpleFileSchema())
    def create_file(self, context, request: TracimRequest, hapic_data=None):
        """
        Create a file .This will create 2 new revision.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        _file = hapic_data.files.files
        parent_id = hapic_data.forms.parent_id
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config
        )

        parent = None  # type: typing.Optional['Content']
        if parent_id:
            try:
                parent = api.get_one(content_id=parent_id, content_type=content_type_list.Any_SLUG)  # nopep8
            except ContentNotFound as exc:
                raise ParentNotFound(
                    'Parent with content_id {} not found'.format(parent_id)
                ) from exc
        content = api.create(
            filename=_file.filename,
            content_type_slug=FILE_TYPE,
            workspace=request.current_workspace,
            parent=parent,
        )
        api.save(content, ActionDescription.CREATION)
        with new_revision(
                session=request.dbsession,
                tm=transaction.manager,
                content=content
        ):
            api.update_file_data(
                content,
                new_filename=_file.filename,
                new_mimetype=_file.type,
                new_content=_file.file,
            )

        return api.get_content_in_context(content)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder, HTTPStatus.BAD_REQUEST)  # nopep8
    @hapic.input_path(FilePathSchema())
    @hapic.input_files(SimpleFileSchema())
    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def upload_file(self, context, request: TracimRequest, hapic_data=None):
        """
        Upload a new version of raw file of content. This will create a new
        revision.
        Good pratice for filename is filename is `{label}{file_extension}` or `{filename}`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        _file = hapic_data.files.files
        with new_revision(
                session=request.dbsession,
                tm=transaction.manager,
                content=content
        ):
            api.update_file_data(
                content,
                new_filename=_file.filename,
                new_mimetype=_file.type,
                new_content=_file.file,
            )
        api.save(content)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.input_query(FileQuerySchema())
    @hapic.input_path(FilePathSchema())
    @hapic.output_file([])
    def download_file(self, context, request: TracimRequest, hapic_data=None):
        """
        Download raw file of last revision of content.
        Good pratice for filename is filename is `{label}{file_extension}` or `{filename}`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        file = DepotManager.get().get(content.depot_file)
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = content.file_name
        return HapicFile(
            file_object=file,
            mimetype=file.content_type,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.input_query(FileQuerySchema())
    @hapic.input_path(FileRevisionPathSchema())
    @hapic.output_file([])
    def download_revisions_file(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Download raw file for specific revision of content.
        Good pratice for filename is filename is `{label}_r{revision_id}{file_extension}`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id,
            content=content
        )
        file = DepotManager.get().get(revision.depot_file)
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_r{revision_id}{file_extension}".format(
                label=revision.file_name,
                revision_id=revision.revision_id,
                file_extension=revision.file_extension
            )
        return HapicFile(
            file_object=file,
            mimetype=file.content_type,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    # preview
    # pdf
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(TracimUnavailablePreviewType, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.input_query(PageQuerySchema())
    @hapic.input_path(FilePathSchema())
    @hapic.output_file([])
    def preview_pdf(self, context, request: TracimRequest, hapic_data=None):
        """
        Obtain a specific page pdf preview of last revision of content.
        Good pratice for filename is filename is `{label}_page_{page_number}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        pdf_preview_path = api.get_pdf_preview_path(
            content.content_id,
            content.revision_id,
            page_number=hapic_data.query.page,
            file_extension=content.file_extension,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_page_{page_number}.pdf".format(
                label=content.label,
                page_number=hapic_data.query.page
            )
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(TracimUnavailablePreviewType, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.input_query(FileQuerySchema())
    @hapic.input_path(FilePathSchema())
    @hapic.output_file([])
    def preview_pdf_full(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Obtain a full pdf preview (all page) of last revision of content.
        Good pratice for filename is filename is `{label}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        pdf_preview_path = api.get_full_pdf_preview_path(
            content.revision_id,
            file_extension=content.file_extension,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}.pdf".format(label=content.label)
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(TracimUnavailablePreviewType, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FileRevisionPathSchema())
    @hapic.input_query(FileQuerySchema())
    @hapic.output_file([])
    def preview_pdf_full_revision(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Obtain full pdf preview of a specific revision of content.
        Good pratice for filename is filename is `{label}_r{revision_id}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id,
            content=content
        )
        pdf_preview_path = api.get_full_pdf_preview_path(
            revision.revision_id,
            file_extension=revision.file_extension,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_r{revision_id}.pdf".format(
                revision_id=revision.revision_id,
                label=revision.label
            )
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(TracimUnavailablePreviewType, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FileRevisionPathSchema())
    @hapic.input_query(PageQuerySchema())
    @hapic.output_file([])
    def preview_pdf_revision(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Obtain a specific page pdf preview of a specific revision of content.
        Good pratice for filename is filename is `{label}_page_{page_number}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id,
            content=content
        )
        pdf_preview_path = api.get_pdf_preview_path(
            revision.content_id,
            revision.revision_id,
            page_number=hapic_data.query.page,
            file_extension=revision.file_extension,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_page_{page_number}.pdf".format(
                label=content.label,
                page_number=hapic_data.query.page
            )
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    # jpg
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FilePathSchema())
    @hapic.input_query(PageQuerySchema())
    @hapic.output_file([])
    def preview_jpg(self, context, request: TracimRequest, hapic_data=None):
        """
        Obtain normally sized jpg preview of last revision of content.
        Good pratice for filename is `filename is {label}_page_{page_number}.jpg`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        allowed_dim = api.get_jpg_preview_allowed_dim()
        jpg_preview_path = api.get_jpg_preview_path(
            content_id=content.content_id,
            revision_id=content.revision_id,
            page_number=hapic_data.query.page,
            file_extension=content.file_extension,
            width=allowed_dim.dimensions[0].width,
            height=allowed_dim.dimensions[0].height,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_page_{page_number}.jpg".format(
                label=content.label,
                page_number=hapic_data.query.page
            )
        return HapicFile(
            file_path=jpg_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PreviewDimNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.input_query(PageQuerySchema())
    @hapic.input_path(FilePreviewSizedPathSchema())
    @hapic.output_file([])
    def sized_preview_jpg(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Obtain resized jpg preview of last revision of content.
        Good pratice for filename is filename is `{label}_page_{page_number}_{width}x{height}.jpg`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        jpg_preview_path = api.get_jpg_preview_path(
            content_id=content.content_id,
            revision_id=content.revision_id,
            file_extension=content.file_extension,
            page_number=hapic_data.query.page,
            height=hapic_data.path.height,
            width=hapic_data.path.width,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_page_{page_number}_{width}x{height}.jpg".format(
                label=content.label,
                page_number=hapic_data.query.page,
                width=hapic_data.path.width,
                height=hapic_data.path.height
            )
        return HapicFile(
            file_path=jpg_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PreviewDimNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FileRevisionPreviewSizedPathSchema())
    @hapic.input_query(PageQuerySchema())
    @hapic.output_file([])
    def sized_preview_jpg_revision(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Obtain resized jpg preview of a specific revision of content.
        Good pratice for filename is filename is `{label}_r{revision_id}_page_{page_number}_{width}x{height}.jpg`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id,
            content=content
        )
        jpg_preview_path = api.get_jpg_preview_path(
            content_id=content.content_id,
            revision_id=revision.revision_id,
            page_number=hapic_data.query.page,
            height=hapic_data.path.height,
            width=hapic_data.path.width,
            file_extension=revision.file_extension,
        )
        filename = hapic_data.path.filename
        if not filename or filename == 'raw':
            filename = "{label}_r{revision_id}_page_{page_number}_{width}x{height}.jpg".format(  # nopep8
                revision_id=revision.revision_id,
                label=revision.label,
                page_number=hapic_data.query.page,
                width=hapic_data.path.width,
                height=hapic_data.path.height
            )
        return HapicFile(
            file_path=jpg_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(AllowedJpgPreviewDimSchema())
    def allowed_dim_preview_jpg(self, context, request: TracimRequest, hapic_data=None):  # nopep8
        """
        Get allowed dimensions of jpg preview. If restricted is true,
        only those dimensions are strictly accepted.
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        return api.get_jpg_preview_allowed_dim()

    # File infos
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(FileContentSchema())
    def get_file_infos(self, context, request: TracimRequest, hapic_data=None) -> ContentInContext:  # nopep8
        """
        Get thread content
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        return api.get_content_in_context(content)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder, HTTPStatus.BAD_REQUEST)
    @require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
    @require_content_types([FILE_TYPE])
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.input_body(FileContentModifySchema())
    @hapic.output_body(FileContentSchema())
    def update_file_info(self, context, request: TracimRequest, hapic_data=None) -> ContentInContext:  # nopep8
        """
        update thread
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        with new_revision(
                session=request.dbsession,
                tm=transaction.manager,
                content=content
        ):
            api.update_content(
                item=content,
                new_label=hapic_data.body.label,
                new_content=hapic_data.body.raw_content,

            )
            api.save(content)
        return api.get_content_in_context(content)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @require_content_types([FILE_TYPE])
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(FileRevisionSchema(many=True))
    def get_file_revisions(
            self,
            context,
            request: TracimRequest,
            hapic_data=None
    ) -> typing.List[RevisionInContext]:
        """
        get file revisions
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        revisions = content.revisions
        return [
            api.get_revision_in_context(revision)
            for revision in revisions
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
    @require_content_types([FILE_TYPE])
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.input_body(SetContentStatusSchema())
    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def set_file_status(self, context, request: TracimRequest, hapic_data=None) -> None:  # nopep8
        """
        set file status
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            hapic_data.path.content_id,
            content_type=content_type_list.Any_SLUG
        )
        with new_revision(
                session=request.dbsession,
                tm=transaction.manager,
                content=content
        ):
            api.set_status(
                content,
                hapic_data.body.status,
            )
            api.save(content)
        return

    def bind(self, configurator: Configurator) -> None:
        """
        Add route to configurator.
        """

        # file info #
        # Get file info
        configurator.add_route(
            'file_info',
            '/workspaces/{workspace_id}/files/{content_id}',
            request_method='GET'
        )
        configurator.add_view(self.get_file_infos, route_name='file_info')  # nopep8
        # update file
        configurator.add_route(
            'update_file_info',
            '/workspaces/{workspace_id}/files/{content_id}',
            request_method='PUT'
        )  # nopep8
        configurator.add_view(self.update_file_info, route_name='update_file_info')  # nopep8

        # raw file #
        # create file
        configurator.add_route(
            'create_file',
            '/workspaces/{workspace_id}/files',  # nopep8
            request_method='POST'
        )
        configurator.add_view(self.create_file, route_name='create_file')  # nopep8
        # upload raw file
        configurator.add_route(
            'upload_file',
            '/workspaces/{workspace_id}/files/{content_id}/raw/{filename:[^/]*}',  # nopep8
            request_method='PUT'
        )
        configurator.add_view(self.upload_file, route_name='upload_file')  # nopep8
        # download raw file
        configurator.add_route(
            'download_file',
            '/workspaces/{workspace_id}/files/{content_id}/raw/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.download_file, route_name='download_file')  # nopep8
        # download raw file of revision
        configurator.add_route(
            'download_revision',
            '/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/raw/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.download_revisions_file, route_name='download_revision')  # nopep8

        # previews #
        # get preview pdf full
        configurator.add_route(
            'preview_pdf_full',
            '/workspaces/{workspace_id}/files/{content_id}/preview/pdf/full/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.preview_pdf_full, route_name='preview_pdf_full')  # nopep8
        # get preview pdf
        configurator.add_route(
            'preview_pdf',
            '/workspaces/{workspace_id}/files/{content_id}/preview/pdf/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.preview_pdf, route_name='preview_pdf')  # nopep8
        # get preview jpg allowed dims
        configurator.add_route(
            'allowed_dim_preview_jpg',
            '/workspaces/{workspace_id}/files/{content_id}/preview/jpg/allowed_dims',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.allowed_dim_preview_jpg, route_name='allowed_dim_preview_jpg')  # nopep8
        # get preview jpg
        configurator.add_route(
            'preview_jpg',
            '/workspaces/{workspace_id}/files/{content_id}/preview/jpg/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.preview_jpg, route_name='preview_jpg')  # nopep8
        # get preview jpg with size
        configurator.add_route(
            'sized_preview_jpg',
            '/workspaces/{workspace_id}/files/{content_id}/preview/jpg/{width}x{height}/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.sized_preview_jpg, route_name='sized_preview_jpg')  # nopep8
        # get jpg preview for revision
        configurator.add_route(
            'sized_preview_jpg_revision',
            '/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/preview/jpg/{width}x{height}/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.sized_preview_jpg_revision, route_name='sized_preview_jpg_revision')  # nopep8
        # get full pdf preview for revision
        configurator.add_route(
            'preview_pdf_full_revision',
            '/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/preview/pdf/full/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.preview_pdf_full_revision, route_name='preview_pdf_full_revision')  # nopep8
        # get pdf preview for revision
        configurator.add_route(
            'preview_pdf_revision',
            '/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/preview/pdf/{filename:[^/]*}',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.preview_pdf_revision, route_name='preview_pdf_revision')  # nopep8
        # others #
        # get file revisions
        configurator.add_route(
            'file_revisions',
            '/workspaces/{workspace_id}/files/{content_id}/revisions',  # nopep8
            request_method='GET'
        )
        configurator.add_view(self.get_file_revisions, route_name='file_revisions')  # nopep8

        # get file status
        configurator.add_route(
            'set_file_status',
            '/workspaces/{workspace_id}/files/{content_id}/status',  # nopep8
            request_method='PUT'
        )
        configurator.add_view(self.set_file_status, route_name='set_file_status')  # nopep8
Exemplo n.º 2
0
class WorkspaceController(Controller):
    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.READER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(WorkspaceSchema())
    def workspace(self, context, request: TracimRequest, hapic_data=None):
        """
        Get workspace informations
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        return wapi.get_workspace_with_context(request.current_workspace)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @require_profile(Group.TIM_ADMIN)
    @hapic.output_body(
        WorkspaceSchema(many=True), )
    def workspaces(self, context, request: TracimRequest, hapic_data=None):
        """
        Returns the list of all workspaces. This route is for admin only.
        Standard users must use their own route: /api/v2/users/me/workspaces
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )

        workspaces = wapi.get_all()
        return [
            wapi.get_workspace_with_context(workspace)
            for workspace in workspaces
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(WorkspaceModifySchema())
    @hapic.output_body(WorkspaceSchema())
    def update_workspace(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):  # nopep8
        """
        Update a workspace. This route is for trusted users and administrators.
        Note : a trusted user can only update spaces on which he/she is space manager
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        wapi.update_workspace(
            request.current_workspace,
            label=hapic_data.body.label,
            description=hapic_data.body.description,
            save_now=True,
        )
        return wapi.get_workspace_with_context(request.current_workspace)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(WorkspaceLabelAlreadyUsed, HTTPStatus.BAD_REQUEST)
    @require_profile(Group.TIM_MANAGER)
    @hapic.input_body(WorkspaceCreationSchema())
    @hapic.output_body(WorkspaceSchema())
    def create_workspace(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):  # nopep8
        """
        Create a workspace. This route is for trusted users and administrators.
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        workspace = wapi.create_workspace(
            label=hapic_data.body.label,
            description=hapic_data.body.description,
            save_now=True,
        )
        return wapi.get_workspace_with_context(workspace)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_MANAGER,
        minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def delete_workspace(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):  # nopep8
        """
        Delete a workspace. This route is for trusted users and administrators.
        Note : a trusted user can only delete spaces on which he/she is space manager
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        wapi.delete(request.current_workspace, flush=True)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_MANAGER,
        minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def undelete_workspace(self,
                           context,
                           request: TracimRequest,
                           hapic_data=None):  # nopep8
        """
        Restore a deleted space.
        Note : a trusted user can only restore spaces on which he/she is space manager
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
            show_deleted=True,
        )
        wapi.undelete(request.current_workspace, flush=True)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.READER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(WorkspaceMemberSchema(many=True))
    def workspaces_members(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[UserRoleWorkspaceInContext]:
        """
        Returns the list of space members with their role, avatar, etc.
        """
        app_config = request.registry.settings['CFG']
        rapi = RoleApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )

        roles = rapi.get_all_for_workspace(request.current_workspace)
        return [
            rapi.get_user_role_workspace_with_context(user_role)
            for user_role in roles
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.READER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.output_body(WorkspaceMemberSchema())
    def workspaces_member_role(self,
                               context,
                               request: TracimRequest,
                               hapic_data=None) -> UserRoleWorkspaceInContext:
        """
        Returns given space member with its role, avatar, etc.
        """
        app_config = request.registry.settings['CFG']
        rapi = RoleApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )

        role = rapi.get_one(
            user_id=hapic_data.path.user_id,
            workspace_id=hapic_data.path.workspace_id,
        )
        return rapi.get_user_role_workspace_with_context(role)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.input_body(RoleUpdateSchema())
    @hapic.output_body(WorkspaceMemberSchema())
    def update_workspaces_members_role(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> UserRoleWorkspaceInContext:
        """
        Update role of the given space member.
        This feature is for workspace managers, trusted users and administrators.
        """
        app_config = request.registry.settings['CFG']
        rapi = RoleApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )

        role = rapi.get_one(
            user_id=hapic_data.path.user_id,
            workspace_id=hapic_data.path.workspace_id,
        )
        workspace_role = WorkspaceRoles.get_role_from_slug(
            hapic_data.body.role)
        role = rapi.update_role(role, role_level=workspace_role.level)
        return rapi.get_user_role_workspace_with_context(role)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
        allow_superadmin=True)
    @hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserCantRemoveHisOwnRoleInWorkspace,
                            HTTPStatus.BAD_REQUEST)  # nopep8
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def delete_workspaces_members_role(self,
                                       context,
                                       request: TracimRequest,
                                       hapic_data=None) -> None:
        """
        Remove the user from the space.
        This feature is for workspace managers and administrators.
        """

        app_config = request.registry.settings['CFG']
        rapi = RoleApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        rapi.delete_one(
            user_id=hapic_data.path.user_id,
            workspace_id=hapic_data.path.workspace_id,
        )
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @hapic.handle_exception(EmailValidationFailed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserDoesNotExist, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserIsNotActive, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserIsDeleted, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
    @require_profile_and_workspace_role(
        minimal_profile=Group.TIM_USER,
        minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
        allow_superadmin=True)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(WorkspaceMemberInviteSchema())
    @hapic.output_body(WorkspaceMemberCreationSchema())
    def create_workspaces_members_role(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> UserRoleWorkspaceInContext:
        """
        Add a member to this workspace.
        This feature is for workspace managers and administrators.
        """
        newly_created = False
        email_sent = False
        app_config = request.registry.settings['CFG']
        rapi = RoleApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        uapi = UserApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_deactivated=True,
            show_deleted=True,
        )
        try:
            _, user = uapi.find(user_id=hapic_data.body.user_id,
                                email=hapic_data.body.user_email,
                                public_name=hapic_data.body.user_public_name)
            if user.is_deleted:
                raise UserIsDeleted(
                    'This user has been deleted. Unable to invite him.'
                )  # nopep8
            if not user.is_active:
                raise UserIsNotActive(
                    'This user is not activated. Unable to invite him'
                )  # nopep8
        except UserDoesNotExist as exc:
            if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email):
                raise exc

            user = uapi.create_user(email=hapic_data.body.user_email,
                                    password=password_generator(),
                                    do_notify=True)
            newly_created = True
            if app_config.EMAIL_NOTIFICATION_ACTIVATED and \
                app_config.EMAIL_NOTIFICATION_PROCESSING_MODE.lower() == 'sync':
                email_sent = True

        role = rapi.create_one(
            user=user,
            workspace=request.current_workspace,
            role_level=WorkspaceRoles.get_role_from_slug(
                hapic_data.body.role).level,  # nopep8
            with_notif=False,
            flush=True,
        )
        return rapi.get_user_role_workspace_with_context(
            role,
            newly_created=newly_created,
            email_sent=email_sent,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_query(FilterContentQuerySchema())
    @hapic.output_body(ContentDigestSchema(many=True))
    def workspace_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> typing.List[ContentInContext]:
        """
        return a list of contents of the space.
        This is NOT the full content list: by default, returned contents are the ones at root level.
        In order to get contents in a given folder, then use parent_id query filter.
        You can also show.hide archived/deleted contents.
        """
        app_config = request.registry.settings['CFG']
        content_filter = hapic_data.query
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_archived=content_filter.show_archived,
            show_deleted=content_filter.show_deleted,
            show_active=content_filter.show_active,
        )
        contents = api.get_all(parent_id=content_filter.parent_id,
                               workspace=request.current_workspace,
                               content_type=content_filter.content_type
                               or content_type_list.Any_SLUG,
                               label=content_filter.label,
                               order_by_properties=[Content.label])
        contents = [
            api.get_content_in_context(content) for content in contents
        ]
        return contents

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(ContentCreationSchema())
    @hapic.output_body(ContentDigestSchema())
    def create_generic_empty_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> ContentInContext:
        """
        Creates a generic empty content. The minimum viable content has a label and a content type.
        Creating a content generally starts with a request to this endpoint.
        For specific contents like files, it is recommended to use the dedicated endpoint.
        This feature is accessible to contributors and higher role only.
        """
        app_config = request.registry.settings['CFG']
        creation_data = hapic_data.body
        api = ContentApi(current_user=request.current_user,
                         session=request.dbsession,
                         config=app_config)
        parent = None
        if creation_data.parent_id:
            try:
                parent = api.get_one(
                    content_id=creation_data.parent_id,
                    content_type=content_type_list.Any_SLUG)  # nopep8
            except ContentNotFound as exc:
                raise ParentNotFound(
                    'Parent with content_id {} not found'.format(
                        creation_data.parent_id)) from exc
        content = api.create(
            label=creation_data.label,
            content_type_slug=creation_data.content_type,
            workspace=request.current_workspace,
            parent=parent,
        )
        api.save(content, ActionDescription.CREATION)
        content = api.get_content_in_context(content)
        return content

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @require_workspace_role(UserRoleInWorkspace.READER)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.FOUND)  # nopep8
    def get_content_from_workspace(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> None:
        """
        Convenient route allowing to get detail about a content without to known routes associated to its content type.
        This route generate a HTTP 302 with the right url
        """
        app_config = request.registry.settings['CFG']
        content = request.current_content
        content_type = content_type_list.get_one_by_slug(content.type).slug
        # TODO - G.M - 2018-08-03 - Jsonify redirect response ?
        raise HTTPFound(
            "{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
            format(
                base_url=BASE_API_V2,
                workspace_id=content.workspace_id,
                content_type=content_type,
                content_id=content.content_id,
            ))

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @hapic.input_path(ContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.FOUND)  # nopep8
    def get_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> None:
        """
        Convenient route allowing to get detail about a content without to known routes associated to its content type.
        This route generate a HTTP 302 with the right url
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(content_id=hapic_data.path['content_id'],
                              content_type=content_type_list.Any_SLUG)
        content_type = content_type_list.get_one_by_slug(content.type).slug
        # TODO - G.M - 2018-08-03 - Jsonify redirect response ?
        raise HTTPFound(
            "{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
            format(
                base_url=BASE_API_V2,
                workspace_id=content.workspace_id,
                content_type=content_type,
                content_id=content.content_id,
            ))

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @hapic.handle_exception(WorkspacesDoNotMatch, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
    @require_candidate_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.input_body(ContentMoveSchema())
    @hapic.output_body(ContentDigestSchema())
    def move_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> ContentInContext:
        """
        Move a content to specified new place.
        This requires to be content manager in both input and output spaces (which may be the same)
        """
        app_config = request.registry.settings['CFG']
        path_data = hapic_data.path
        move_data = hapic_data.body

        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        new_parent = api.get_one(move_data.new_parent_id,
                                 content_type=content_type_list.Any_SLUG)

        new_workspace = request.candidate_workspace

        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.move(
                content,
                new_parent=new_parent,
                new_workspace=new_workspace,
                must_stay_in_same_workspace=False,
            )
        updated_content = api.get_one(path_data.content_id,
                                      content_type=content_type_list.Any_SLUG)
        return api.get_content_in_context(updated_content)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS])  # nopep8
    @require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def delete_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> None:
        """
        Move a content to the trash. After that, the content will be invisible by default.
        This action requires the user to be a content manager.
        Note: the content is still accessible but becomes read-only.
        """
        app_config = request.registry.settings['CFG']
        path_data = hapic_data.path
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.delete(content)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS])  # nopep8
    @require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def undelete_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> None:
        """
        Restore a content from the trash. The content will be visible and editable again.
        """
        app_config = request.registry.settings['CFG']
        path_data = hapic_data.path
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_deleted=True,
            show_archived=True,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.undelete(content)
        return

    @hapic.with_api_doc(tags=[
        SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS
    ])  # nopep8
    @require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def archive_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> None:
        """
        Archives a content. The content will be invisible but still available.
        Difference with delete is that optimizing workspace will not delete archived contents
        This action requires the user to be a content manager.
        Note: the content is still accessible but becomes read-only.
        the difference with delete is that optimizing workspace will not delete archived contents
        """
        app_config = request.registry.settings['CFG']
        path_data = hapic_data.path
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(
            path_data.content_id,
            content_type=content_type_list.Any_SLUG)  # nopep8
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.archive(content)
        return

    @hapic.with_api_doc(tags=[
        SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS
    ])  # nopep8
    @require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def unarchive_content(
        self,
        context,
        request: TracimRequest,
        hapic_data=None,
    ) -> None:
        """
        Restore a content from archive. The content will be visible and editable again.
        """
        app_config = request.registry.settings['CFG']
        path_data = hapic_data.path
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_archived=True,
            show_deleted=True,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.unarchive(content)
        return

    def bind(self, configurator: Configurator) -> None:
        """
        Create all routes and views using
        pyramid configurator for this controller
        """

        # Workspaces
        configurator.add_route('workspaces',
                               '/workspaces',
                               request_method='GET')  # nopep8
        configurator.add_view(self.workspaces, route_name='workspaces')
        # Workspace
        configurator.add_route('workspace',
                               '/workspaces/{workspace_id}',
                               request_method='GET')  # nopep8
        configurator.add_view(self.workspace, route_name='workspace')
        # Create workspace
        configurator.add_route('create_workspace',
                               '/workspaces',
                               request_method='POST')  # nopep8
        configurator.add_view(self.create_workspace,
                              route_name='create_workspace')  # nopep8
        # Delete/Undelete workpace
        configurator.add_route('delete_workspace',
                               '/workspaces/{workspace_id}/trashed',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.delete_workspace,
                              route_name='delete_workspace')  # nopep8
        configurator.add_route('undelete_workspace',
                               '/workspaces/{workspace_id}/trashed/restore',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.undelete_workspace,
                              route_name='undelete_workspace')  # nopep8
        # Update Workspace
        configurator.add_route('update_workspace',
                               '/workspaces/{workspace_id}',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.update_workspace,
                              route_name='update_workspace')  # nopep8
        # Workspace Members (Roles)
        configurator.add_route('workspace_members',
                               '/workspaces/{workspace_id}/members',
                               request_method='GET')  # nopep8
        configurator.add_view(self.workspaces_members,
                              route_name='workspace_members')  # nopep8
        # Workspace Members (Role) Individual
        configurator.add_route('workspace_member_role',
                               '/workspaces/{workspace_id}/members/{user_id}',
                               request_method='GET')  # nopep8
        configurator.add_view(self.workspaces_member_role,
                              route_name='workspace_member_role')  # nopep8
        # Update Workspace Members roles
        configurator.add_route('update_workspace_member',
                               '/workspaces/{workspace_id}/members/{user_id}',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.update_workspaces_members_role,
                              route_name='update_workspace_member')  # nopep8
        # Create Workspace Members roles
        configurator.add_route('create_workspace_member',
                               '/workspaces/{workspace_id}/members',
                               request_method='POST')  # nopep8
        configurator.add_view(self.create_workspaces_members_role,
                              route_name='create_workspace_member')  # nopep8
        # Delete Workspace Members roles
        configurator.add_route('delete_workspace_member',
                               '/workspaces/{workspace_id}/members/{user_id}',
                               request_method='DELETE')  # nopep8
        configurator.add_view(self.delete_workspaces_members_role,
                              route_name='delete_workspace_member')  # nopep8
        # Workspace Content
        configurator.add_route('workspace_content',
                               '/workspaces/{workspace_id}/contents',
                               request_method='GET')  # nopep8
        configurator.add_view(self.workspace_content,
                              route_name='workspace_content')  # nopep8
        # Create Generic Content
        configurator.add_route('create_generic_content',
                               '/workspaces/{workspace_id}/contents',
                               request_method='POST')  # nopep8
        configurator.add_view(self.create_generic_empty_content,
                              route_name='create_generic_content')  # nopep8
        # Get Content
        configurator.add_route('get_content',
                               '/contents/{content_id}',
                               request_method='GET')  # nopep8
        configurator.add_view(self.get_content, route_name='get_content')
        # Get Content From workspace
        configurator.add_route(
            'get_content_from_workspace',
            '/workspaces/{workspace_id}/contents/{content_id}',
            request_method='GET')  # nopep8
        configurator.add_view(
            self.get_content_from_workspace,
            route_name='get_content_from_workspace')  # nopep8
        # Move Content
        configurator.add_route(
            'move_content',
            '/workspaces/{workspace_id}/contents/{content_id}/move',
            request_method='PUT')  # nopep8
        configurator.add_view(self.move_content,
                              route_name='move_content')  # nopep8
        # Delete/Undelete Content
        configurator.add_route(
            'delete_content',
            '/workspaces/{workspace_id}/contents/{content_id}/trashed',
            request_method='PUT')  # nopep8
        configurator.add_view(self.delete_content,
                              route_name='delete_content')  # nopep8
        configurator.add_route(
            'undelete_content',
            '/workspaces/{workspace_id}/contents/{content_id}/trashed/restore',
            request_method='PUT')  # nopep8
        configurator.add_view(self.undelete_content,
                              route_name='undelete_content')  # nopep8
        # # Archive/Unarchive Content
        configurator.add_route(
            'archive_content',
            '/workspaces/{workspace_id}/contents/{content_id}/archived',
            request_method='PUT')  # nopep8
        configurator.add_view(self.archive_content,
                              route_name='archive_content')  # nopep8
        configurator.add_route(
            'unarchive_content',
            '/workspaces/{workspace_id}/contents/{content_id}/archived/restore',
            request_method='PUT')  # nopep8
        configurator.add_view(self.unarchive_content,
                              route_name='unarchive_content')  # nopep8
Exemplo n.º 3
0
class RadicaleProxyController(Controller):
    def __init__(
        self, proxy_base_address, radicale_base_path, radicale_user_path, radicale_workspace_path
    ):
        self._authorization = CaldavAuthorizationDeterminer()
        self.radicale_base_path_dir = radicale_base_path
        self.radicale_path_user_dir = radicale_user_path
        self.radicale_path_workspace_dir = radicale_workspace_path
        self._proxy = Proxy(base_address=proxy_base_address, auth=HTTPBasicAuth("tracim", "tracim"))

    @hapic.with_api_doc(disable_doc=True)
    @check_right(can_access_user_agenda)
    @hapic.input_path(UserIdPathSchema())
    def radicale_proxy__user(
        self, context, request: TracimRequest, hapic_data: HapicData
    ) -> Response:
        """
        proxy user agenda
        example: /agenda/user/1/ to radicale path /agenda/user/1/
        """
        path = "{}{}/".format(self.radicale_path_user_dir, request.candidate_user.user_id)
        return self._proxy.get_response_for_request(request, path)

    @hapic.with_api_doc(disable_doc=True)
    @check_right(can_access_user_agenda)
    @hapic.input_path(RadicaleUserSubItemPathSchema())
    def radicale_proxy__user_subitems(
        self, context, request: TracimRequest, hapic_data: HapicData
    ) -> Response:
        """
        proxy user agenda
        example: /agenda/user/1/blabla.ics/ to radicale path /agenda/user/1/blabla.ics
        """
        path = "{}{}/{}".format(
            self.radicale_path_user_dir, request.candidate_user.user_id, hapic_data.path.sub_item
        )
        return self._proxy.get_response_for_request(request, path)

    @hapic.with_api_doc(disable_doc=True)
    @check_right(can_access_to_agenda_list)
    def radicale_proxy__users(self, context, request: TracimRequest) -> Response:
        """
        proxy users agendas list
        example: /agenda/user/ to radicale path /agenda/user/
        """
        return self._proxy.get_response_for_request(request, self.radicale_path_user_dir)

    @hapic.with_api_doc(disable_doc=True)
    @hapic.handle_exception(WorkspaceAgendaDisabledException, http_code=HTTPStatus.NOT_FOUND)
    @check_right(can_access_workspace_root_agenda)
    @hapic.input_path(WorkspaceIdPathSchema())
    def radicale_proxy__workspace(
        self, context, request: TracimRequest, hapic_data: HapicData
    ) -> Response:
        """
        proxy workspace agenda
        example: /agenda/workspace/1.ics/ to radicale path /agenda/workspace/1.ics/
        """
        path = "{}{}/".format(
            self.radicale_path_workspace_dir, request.current_workspace.workspace_id
        )
        return self._proxy.get_response_for_request(request, path)

    @hapic.with_api_doc(disable_doc=True)
    @hapic.handle_exception(WorkspaceAgendaDisabledException, http_code=HTTPStatus.NOT_FOUND)
    @check_right(can_access_workspace_event_agenda)
    @hapic.input_path(RadicaleWorkspaceSubItemPathSchema())
    def radicale_proxy__workspace_subitems(
        self, context, request: TracimRequest, hapic_data: HapicData
    ) -> Response:
        """
        proxy workspace agenda
        example: /agenda/workspace/1.ics/blabla.ics to radicale path /agenda/workspace/1.ics/blabla.ics
        """
        path = "{}{}/{}".format(
            self.radicale_path_workspace_dir,
            request.current_workspace.workspace_id,
            hapic_data.path.sub_item,
        )
        return self._proxy.get_response_for_request(request, path)

    @hapic.with_api_doc(disable_doc=True)
    @check_right(can_access_to_agenda_list)
    def radicale_proxy__workspaces(self, context, request: TracimRequest) -> Response:
        """
         proxy users agendas list
         example: /agenda/user/ to radicale path /agenda/user/
         """
        path = self.radicale_path_workspace_dir
        return self._proxy.get_response_for_request(request, path)

    def bind(self, configurator: Configurator) -> None:
        """
        Create all routes and views using pyramid configurator
        for this controller
        """
        # Radicale user agenda
        configurator.add_route("radicale_proxy__users", self.radicale_path_user_dir)
        configurator.add_view(self.radicale_proxy__users, route_name="radicale_proxy__users")

        configurator.add_route(
            "radicale_proxy__user",
            self.radicale_path_user_dir + "{user_id:[0-9]+}{trailing_slash:[/]?}",
        )
        configurator.add_view(self.radicale_proxy__user, route_name="radicale_proxy__user")

        configurator.add_route(
            "radicale_proxy__user_x",
            self.radicale_path_user_dir
            + "{user_id:[0-9]+}/{sub_item:[^\/]+\.ics}{trailing_slash:[/]?}",  # noqa: W605
        )
        configurator.add_view(
            self.radicale_proxy__user_subitems, route_name="radicale_proxy__user_x"
        )

        # Radicale workspace agenda
        configurator.add_route("radicale_proxy__workspaces", self.radicale_path_workspace_dir)
        configurator.add_view(
            self.radicale_proxy__workspaces, route_name="radicale_proxy__workspaces"
        )

        configurator.add_route(
            "radicale_proxy__workspace",
            self.radicale_path_workspace_dir + "{workspace_id:[0-9]+}{trailing_slash:[/]?}",
        )
        configurator.add_view(
            self.radicale_proxy__workspace, route_name="radicale_proxy__workspace"
        )

        configurator.add_route(
            "radicale_proxy__workspace_x",
            self.radicale_path_workspace_dir + "{workspace_id:[0-9]+}/{sub_item:.*}",
        )
        configurator.add_view(
            self.radicale_proxy__workspace_subitems, route_name="radicale_proxy__workspace_x"
        )
Exemplo n.º 4
0
class WorkspaceController(Controller):
    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @check_right(can_see_workspace_information)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(WorkspaceSchema())
    def workspace(self, context, request: TracimRequest, hapic_data=None):
        """
        Get workspace informations
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config  # User
        )
        return wapi.get_workspace_with_context(request.current_workspace)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @check_right(can_see_workspace_information)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(WorkspaceDiskSpaceSchema())
    def workspace_disk_space(self,
                             context,
                             request: TracimRequest,
                             hapic_data=None):
        """
        Get workspace space info
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config  # User
        )
        return wapi.get_workspace_with_context(request.current_workspace)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @check_right(is_administrator)
    @hapic.input_query(WorkspaceFilterQuerySchema())
    @hapic.output_body(WorkspaceSchema(many=True))
    def workspaces(self, context, request: TracimRequest, hapic_data=None):
        """
        Returns the list of all workspaces. This route is for admin only.
        Standard users must use their own route: /api/users/me/workspaces
        Filtering by parent_ids is possible through this endpoint
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config  # User
        )

        workspaces = wapi.get_all_children(
            parent_ids=hapic_data.query.parent_ids)
        return [
            wapi.get_workspace_with_context(workspace)
            for workspace in workspaces
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(DisallowedWorkspaceAccessType,
                            HTTPStatus.BAD_REQUEST)
    @check_right(can_modify_workspace)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(WorkspaceModifySchema())
    @hapic.output_body(WorkspaceSchema())
    def update_workspace(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):
        """
        Update a workspace. This route is for trusted users and administrators.
        Note : a trusted user can only update spaces on which he/she is space manager
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config  # User
        )
        wapi.update_workspace(
            request.current_workspace,
            label=hapic_data.body.label,
            description=hapic_data.body.description,
            agenda_enabled=hapic_data.body.agenda_enabled,
            public_download_enabled=hapic_data.body.public_download_enabled,
            public_upload_enabled=hapic_data.body.public_upload_enabled,
            default_user_role=hapic_data.body.default_user_role,
            save_now=True,
        )
        wapi.execute_update_workspace_actions(request.current_workspace)
        return wapi.get_workspace_with_context(request.current_workspace)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(DisallowedWorkspaceAccessType,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserNotAllowedToCreateMoreWorkspace,
                            HTTPStatus.BAD_REQUEST)
    @check_right(is_trusted_user)
    @hapic.input_body(WorkspaceCreationSchema())
    @hapic.output_body(WorkspaceSchema())
    def create_workspace(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):
        """
        Create a workspace. This route is for trusted users and administrators.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config  # User
        )
        parent = None
        if hapic_data.body.parent_id:
            parent = wapi.get_one(workspace_id=hapic_data.body.parent_id)
        workspace = wapi.create_workspace(
            label=hapic_data.body.label,
            description=hapic_data.body.description,
            access_type=hapic_data.body.access_type,
            save_now=True,
            agenda_enabled=hapic_data.body.agenda_enabled,
            public_download_enabled=hapic_data.body.public_download_enabled,
            public_upload_enabled=hapic_data.body.public_upload_enabled,
            default_user_role=hapic_data.body.default_user_role,
            parent=parent,
        )
        wapi.execute_created_workspace_actions(workspace)
        return wapi.get_workspace_with_context(workspace)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @check_right(can_delete_workspace)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def delete_workspace(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):
        """
        Delete a workspace. This route is for trusted users and administrators.
        Note : a trusted user can only delete spaces on which he/she is space manager
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config  # User
        )
        wapi.delete(request.current_workspace, flush=True)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @check_right(can_delete_workspace)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def undelete_workspace(self,
                           context,
                           request: TracimRequest,
                           hapic_data=None):
        """
        Restore a deleted space.
        Note : a trusted user can only restore spaces on which he/she is space manager
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
            show_deleted=True,
        )
        wapi.undelete(request.current_workspace, flush=True)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @check_right(can_see_workspace_information)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_query(WorkspaceMemberFilterQuerySchema())
    @hapic.output_body(WorkspaceMemberSchema(many=True))
    def workspaces_members(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[UserRoleWorkspaceInContext]:
        """
        Returns the list of space members with their role, avatar, etc.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        rapi = RoleApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_disabled_user=hapic_data.query.show_disabled_user,
        )

        roles = rapi.get_all_for_workspace(workspace=request.current_workspace)
        return [
            rapi.get_user_role_workspace_with_context(user_role)
            for user_role in roles
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @check_right(can_see_workspace_information)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.output_body(WorkspaceMemberSchema())
    def workspaces_member_role(self,
                               context,
                               request: TracimRequest,
                               hapic_data=None) -> UserRoleWorkspaceInContext:
        """
        Returns given space member with its role, avatar, etc.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        rapi = RoleApi(current_user=request.current_user,
                       session=request.dbsession,
                       config=app_config)

        role = rapi.get_one(user_id=hapic_data.path.user_id,
                            workspace_id=hapic_data.path.workspace_id)
        return rapi.get_user_role_workspace_with_context(role)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
    @check_right(can_modify_workspace)
    @hapic.handle_exception(LastWorkspaceManagerRoleCantBeModified,
                            HTTPStatus.BAD_REQUEST)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.input_body(RoleUpdateSchema())
    @hapic.output_body(WorkspaceMemberSchema())
    def update_workspaces_members_role(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> UserRoleWorkspaceInContext:
        """
        Update role of the given space member.
        This feature is for workspace managers, trusted users and administrators.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        rapi = RoleApi(current_user=request.current_user,
                       session=request.dbsession,
                       config=app_config)

        role = rapi.get_one(user_id=hapic_data.path.user_id,
                            workspace_id=hapic_data.path.workspace_id)
        role = rapi.update_role(role, role_level=hapic_data.body.role.level)
        return rapi.get_user_role_workspace_with_context(role)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @check_right(can_leave_workspace)
    @hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(LastWorkspaceManagerRoleCantBeModified,
                            HTTPStatus.BAD_REQUEST)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def delete_workspaces_members_role(self,
                                       context,
                                       request: TracimRequest,
                                       hapic_data=None) -> None:
        """
        Remove the user from the space.
        This feature is for workspace managers and administrators.
        """

        app_config = request.registry.settings["CFG"]  # type: CFG
        rapi = RoleApi(current_user=request.current_user,
                       session=request.dbsession,
                       config=app_config)
        rapi.delete_one(user_id=hapic_data.path.user_id,
                        workspace_id=hapic_data.path.workspace_id)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
    @hapic.handle_exception(EmailValidationFailed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserIsNotActive, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UserIsDeleted, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
    @check_right(can_modify_workspace)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(WorkspaceMemberInviteSchema())
    @hapic.output_body(WorkspaceMemberCreationSchema())
    def create_workspaces_members_role(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> UserRoleWorkspaceInContext:
        """
        Add a member to this workspace.
        This feature is for workspace managers and administrators.
        """
        newly_created = False
        email_sent = False
        app_config = request.registry.settings["CFG"]  # type: CFG
        rapi = RoleApi(current_user=request.current_user,
                       session=request.dbsession,
                       config=app_config)
        uapi = UserApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_deactivated=True,
            show_deleted=True,
        )
        try:
            if hapic_data.body.user_id:
                user = uapi.get_one(hapic_data.body.user_id)
            elif hapic_data.body.user_email:
                user = uapi.get_one_by_email(hapic_data.body.user_email)
            else:
                user = uapi.get_one_by_username(hapic_data.body.user_username)
            if user.is_deleted:
                raise UserIsDeleted(
                    "This user has been deleted. Unable to invite him.")
            if not user.is_active:
                raise UserIsNotActive(
                    "This user is not activated. Unable to invite him")
        except UserDoesNotExist as exc:
            if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email):
                raise exc

            if app_config.NEW_USER__INVITATION__DO_NOTIFY:
                user = uapi.create_user(
                    auth_type=AuthType.UNKNOWN,
                    email=hapic_data.body.user_email,
                    password=password_generator(),
                    do_notify=True,
                )
                if (app_config.EMAIL__NOTIFICATION__ACTIVATED
                        and app_config.NEW_USER__INVITATION__DO_NOTIFY
                        and app_config.JOBS__PROCESSING_MODE
                        == app_config.CST.SYNC):
                    email_sent = True
            else:
                user = uapi.create_user(
                    auth_type=AuthType.UNKNOWN,
                    email=hapic_data.body.user_email,
                    password=None,
                    do_notify=False,
                )
            uapi.execute_created_user_actions(user)
            newly_created = True

        role = rapi.create_one(
            user=user,
            workspace=request.current_workspace,
            role_level=WorkspaceRoles.get_role_from_slug(
                hapic_data.body.role).level,
            with_notif=app_config.EMAIL__NOTIFICATION__ENABLED_ON_INVITATION,
            flush=True,
        )
        return rapi.get_user_role_workspace_with_context(
            role, newly_created=newly_created, email_sent=email_sent)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_SUBSCRIPTION_ENDPOINTS])
    @check_right(can_modify_workspace)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(WorkspaceSubscriptionSchema(many=True))
    def workspace_subscriptions(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[WorkspaceSubscription]:
        subscription_lib = SubscriptionLib(
            current_user=request.current_user,
            session=request.dbsession,
            config=request.app_config,
        )
        return subscription_lib.get_workspace_subscriptions(
            request.current_workspace.workspace_id)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_SUBSCRIPTION_ENDPOINTS])
    @check_right(can_modify_workspace)
    @hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.input_body(RoleUpdateSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def accept_subscription(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[WorkspaceSubscription]:
        subscription_lib = SubscriptionLib(
            current_user=request.current_user,
            session=request.dbsession,
            config=request.app_config,
        )
        subscription = subscription_lib.get_one(
            author_id=hapic_data.path.user_id,
            workspace_id=hapic_data.path.workspace_id)
        subscription_lib.accept_subscription(subscription=subscription,
                                             user_role=hapic_data.body.role)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_SUBSCRIPTION_ENDPOINTS])
    @check_right(can_modify_workspace)
    @hapic.input_path(WorkspaceAndUserIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def reject_subscription(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[WorkspaceSubscription]:
        subscription_lib = SubscriptionLib(
            current_user=request.current_user,
            session=request.dbsession,
            config=request.app_config,
        )
        subscription = subscription_lib.get_one(
            author_id=hapic_data.path.user_id,
            workspace_id=hapic_data.path.workspace_id)
        subscription_lib.reject_subscription(subscription=subscription)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @check_right(is_reader)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_query(FilterContentQuerySchema())
    @hapic.output_body(ContentDigestSchema(many=True))
    def workspace_content(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None) -> typing.List[ContentInContext]:
        """
        return a list of contents of the space.
        This is NOT the full content list: by default, returned contents are the ones at root level.
        In order to get contents in a given folder, then use parent_id query filter.
        You can also show.hide archived/deleted contents.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        content_filter = hapic_data.query
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            namespaces_filter=content_filter.namespaces_filter
            or [ContentNamespaces.CONTENT],
            show_archived=content_filter.show_archived,
            show_deleted=content_filter.show_deleted,
            show_active=content_filter.show_active,
        )
        contents = api.get_all(
            parent_ids=content_filter.parent_ids,
            complete_path_to_id=content_filter.complete_path_to_id,
            workspace=request.current_workspace,
            content_type=content_filter.content_type
            or content_type_list.Any_SLUG,
            label=content_filter.label,
            order_by_properties=[Content.label],
        )
        contents = [
            api.get_content_in_context(content) for content in contents
        ]
        return contents

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
    @check_right(can_create_content)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(ContentCreationSchema())
    @hapic.output_body(ContentDigestSchema())
    def create_generic_empty_content(self,
                                     context,
                                     request: TracimRequest,
                                     hapic_data=None) -> ContentInContext:
        """
        Creates a generic empty content. The minimum viable content has a label and a content type.
        Creating a content generally starts with a request to this endpoint.
        For specific contents like files, it is recommended to use the dedicated endpoint.
        This feature is accessible to contributors and higher role only.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        creation_data = hapic_data.body
        api = ContentApi(current_user=request.current_user,
                         session=request.dbsession,
                         config=app_config)
        parent = None
        if creation_data.parent_id:
            try:
                parent = api.get_one(content_id=creation_data.parent_id,
                                     content_type=content_type_list.Any_SLUG)
            except ContentNotFound as exc:
                raise ParentNotFound(
                    "Parent with content_id {} not found".format(
                        creation_data.parent_id)) from exc
        content = api.create(
            label=creation_data.label,
            content_type_slug=creation_data.content_type,
            workspace=request.current_workspace,
            parent=parent,
        )
        api.save(content, ActionDescription.CREATION)
        api.execute_created_content_actions(content)
        content = api.get_content_in_context(content)
        return content

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @check_right(is_reader)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.FOUND)
    def get_content_from_workspace(self,
                                   context,
                                   request: TracimRequest,
                                   hapic_data=None) -> None:
        """
        Convenient route allowing to get detail about a content without to known routes associated to its content type.
        This route generate a HTTP 302 with the right url
        """
        content = request.current_content
        content_type = content_type_list.get_one_by_slug(content.type).slug
        # TODO - G.M - 2018-08-03 - Jsonify redirect response ?
        raise HTTPFound(
            "{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
            format(
                base_url=BASE_API,
                workspace_id=content.workspace_id,
                content_type=content_type,
                content_id=content.content_id,
            ))

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @hapic.input_path(ContentIdPathSchema())
    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.FOUND)
    def get_content(self,
                    context,
                    request: TracimRequest,
                    hapic_data=None) -> None:
        """
        Convenient route allowing to get detail about a content without to known routes associated to its content type.
        This route generate a HTTP 302 with the right url
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(current_user=request.current_user,
                         session=request.dbsession,
                         config=app_config)
        content = api.get_one(content_id=hapic_data.path["content_id"],
                              content_type=content_type_list.Any_SLUG)
        content_type = content_type_list.get_one_by_slug(content.type).slug
        # TODO - G.M - 2018-08-03 - Jsonify redirect response ?
        raise HTTPFound(
            "{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
            format(
                base_url=BASE_API,
                workspace_id=content.workspace_id,
                content_type=content_type,
                content_id=content.content_id,
            ))

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
    @hapic.handle_exception(WorkspacesDoNotMatch, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ConflictingMoveInItself, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ConflictingMoveInChild, HTTPStatus.BAD_REQUEST)
    @check_right(can_move_content)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.input_body(ContentMoveSchema())
    @hapic.output_body(ContentDigestSchema())
    def move_content(self,
                     context,
                     request: TracimRequest,
                     hapic_data=None) -> ContentInContext:
        """
        Move a content to specified new place.
        This requires to be content manager in both input and output spaces (which may be the same)
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        path_data = hapic_data.path
        move_data = hapic_data.body

        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        new_parent = api.get_one(move_data.new_parent_id,
                                 content_type=content_type_list.Any_SLUG)

        new_workspace = request.candidate_workspace

        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.move(
                content,
                new_parent=new_parent,
                new_workspace=new_workspace,
                new_content_namespace=ContentNamespaces.CONTENT,
                must_stay_in_same_workspace=False,
            )
            api.execute_update_content_actions(content)
        updated_content = api.get_one(path_data.content_id,
                                      content_type=content_type_list.Any_SLUG)
        return api.get_content_in_context(updated_content)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS])
    @check_right(is_content_manager)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def delete_content(self,
                       context,
                       request: TracimRequest,
                       hapic_data=None) -> None:
        """
        Move a content to the trash. After that, the content will be invisible by default.
        This action requires the user to be a content manager.
        Note: the content is still accessible but becomes read-only.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        path_data = hapic_data.path
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.delete(content)
            api.execute_update_content_actions(content)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS])
    @check_right(is_content_manager)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def undelete_content(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None) -> None:
        """
        Restore a content from the trash. The content will be visible and editable again.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        path_data = hapic_data.path
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_deleted=True,
            show_archived=True,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.undelete(content)
            api.execute_update_content_actions(content)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS])
    @check_right(is_content_manager)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def archive_content(self,
                        context,
                        request: TracimRequest,
                        hapic_data=None) -> None:
        """
        Archives a content. The content will be invisible but still available.
        Difference with delete is that optimizing workspace will not delete archived contents
        This action requires the user to be a content manager.
        Note: the content is still accessible but becomes read-only.
        the difference with delete is that optimizing workspace will not delete archived contents
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        path_data = hapic_data.path
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.archive(content)
            api.execute_update_content_actions(content)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS])
    @check_right(is_content_manager)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def unarchive_content(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None) -> None:
        """
        Restore a content from archive. The content will be visible and editable again.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        path_data = hapic_data.path
        api = ContentApi(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_archived=True,
            show_deleted=True,
        )
        content = api.get_one(path_data.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.unarchive(content)
            api.execute_update_content_actions(content)
        return

    def bind(self, configurator: Configurator) -> None:
        """
        Create all routes and views using
        pyramid configurator for this controller
        """

        # Workspaces
        configurator.add_route("workspaces",
                               "/workspaces",
                               request_method="GET")
        configurator.add_view(self.workspaces, route_name="workspaces")
        # Workspace
        configurator.add_route("workspace",
                               "/workspaces/{workspace_id}",
                               request_method="GET")
        configurator.add_view(self.workspace, route_name="workspace")
        # Workspace space
        configurator.add_route("workspace_disk_space",
                               "/workspaces/{workspace_id}/disk_space",
                               request_method="GET")
        configurator.add_view(self.workspace_disk_space,
                              route_name="workspace_disk_space")
        # Create workspace
        configurator.add_route("create_workspace",
                               "/workspaces",
                               request_method="POST")
        configurator.add_view(self.create_workspace,
                              route_name="create_workspace")
        # Delete/Undelete workpace
        configurator.add_route("delete_workspace",
                               "/workspaces/{workspace_id}/trashed",
                               request_method="PUT")
        configurator.add_view(self.delete_workspace,
                              route_name="delete_workspace")
        configurator.add_route("undelete_workspace",
                               "/workspaces/{workspace_id}/trashed/restore",
                               request_method="PUT")
        configurator.add_view(self.undelete_workspace,
                              route_name="undelete_workspace")
        # Update Workspace
        configurator.add_route("update_workspace",
                               "/workspaces/{workspace_id}",
                               request_method="PUT")
        configurator.add_view(self.update_workspace,
                              route_name="update_workspace")
        # Workspace Members (Roles)
        configurator.add_route("workspace_members",
                               "/workspaces/{workspace_id}/members",
                               request_method="GET")
        configurator.add_view(self.workspaces_members,
                              route_name="workspace_members")
        # Workspace Members (Role) Individual
        configurator.add_route(
            "workspace_member_role",
            "/workspaces/{workspace_id}/members/{user_id}",
            request_method="GET",
        )
        configurator.add_view(self.workspaces_member_role,
                              route_name="workspace_member_role")
        # Update Workspace Members roles
        configurator.add_route(
            "update_workspace_member",
            "/workspaces/{workspace_id}/members/{user_id}",
            request_method="PUT",
        )
        configurator.add_view(self.update_workspaces_members_role,
                              route_name="update_workspace_member")
        # Create Workspace Members roles
        configurator.add_route("create_workspace_member",
                               "/workspaces/{workspace_id}/members",
                               request_method="POST")
        configurator.add_view(self.create_workspaces_members_role,
                              route_name="create_workspace_member")
        # Delete Workspace Members roles
        configurator.add_route(
            "delete_workspace_member",
            "/workspaces/{workspace_id}/members/{user_id}",
            request_method="DELETE",
        )
        configurator.add_view(self.delete_workspaces_members_role,
                              route_name="delete_workspace_member")
        # Workspace Content
        configurator.add_route("workspace_content",
                               "/workspaces/{workspace_id}/contents",
                               request_method="GET")
        configurator.add_view(self.workspace_content,
                              route_name="workspace_content")
        # Create Generic Content
        configurator.add_route("create_generic_content",
                               "/workspaces/{workspace_id}/contents",
                               request_method="POST")
        configurator.add_view(self.create_generic_empty_content,
                              route_name="create_generic_content")
        # Get Content
        configurator.add_route("get_content",
                               "/contents/{content_id}",
                               request_method="GET")
        configurator.add_view(self.get_content, route_name="get_content")
        # Get Content From workspace
        configurator.add_route(
            "get_content_from_workspace",
            "/workspaces/{workspace_id}/contents/{content_id}",
            request_method="GET",
        )
        configurator.add_view(self.get_content_from_workspace,
                              route_name="get_content_from_workspace")
        # Move Content
        configurator.add_route(
            "move_content",
            "/workspaces/{workspace_id}/contents/{content_id}/move",
            request_method="PUT",
        )
        configurator.add_view(self.move_content, route_name="move_content")
        # Delete/Undelete Content
        configurator.add_route(
            "delete_content",
            "/workspaces/{workspace_id}/contents/{content_id}/trashed",
            request_method="PUT",
        )
        configurator.add_view(self.delete_content, route_name="delete_content")
        configurator.add_route(
            "undelete_content",
            "/workspaces/{workspace_id}/contents/{content_id}/trashed/restore",
            request_method="PUT",
        )
        configurator.add_view(self.undelete_content,
                              route_name="undelete_content")
        # # Archive/Unarchive Content
        configurator.add_route(
            "archive_content",
            "/workspaces/{workspace_id}/contents/{content_id}/archived",
            request_method="PUT",
        )
        configurator.add_view(self.archive_content,
                              route_name="archive_content")
        configurator.add_route(
            "unarchive_content",
            "/workspaces/{workspace_id}/contents/{content_id}/archived/restore",
            request_method="PUT",
        )
        configurator.add_view(self.unarchive_content,
                              route_name="unarchive_content")

        # Subscriptions
        configurator.add_route(
            "workspace_subscriptions",
            "/workspaces/{workspace_id}/subscriptions",
            request_method="GET",
        )
        configurator.add_view(self.workspace_subscriptions,
                              route_name="workspace_subscriptions")
        configurator.add_route(
            "accept_subscription",
            "/workspaces/{workspace_id}/subscriptions/{user_id}/accept",
            request_method="PUT",
        )
        configurator.add_view(self.accept_subscription,
                              route_name="accept_subscription")

        configurator.add_route(
            "reject_subscription",
            "/workspaces/{workspace_id}/subscriptions/{user_id}/reject",
            request_method="PUT",
        )
        configurator.add_view(self.reject_subscription,
                              route_name="reject_subscription")
Exemplo n.º 5
0
class UploadPermissionController(Controller):
    """
    Endpoints for Upload Permission
    """
    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_UPLOAD_PERMISSION_ENDPOINTS])
    @hapic.handle_exception(WorkspacePublicUploadDisabledException,
                            HTTPStatus.BAD_REQUEST)
    @check_right(is_content_manager)
    @check_right(has_public_upload_enabled)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_body(UploadPermissionCreationBodySchema())
    @hapic.output_body(UploadPermissionSchema(many=True))
    def add_upload_permission(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[UploadPermissionInContext]:
        """
        Allow to add permission for upload to external person
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = UploadPermissionLib(current_user=request.current_user,
                                  session=request.dbsession,
                                  config=app_config)
        upload_permission = api.add_permission_to_workspace(
            request.current_workspace,
            hapic_data.body.emails,
            hapic_data.body.password,
            do_notify=app_config.EMAIL__NOTIFICATION__ACTIVATED,
        )
        return api.get_upload_permissions_in_context(upload_permission)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_UPLOAD_PERMISSION_ENDPOINTS])
    @hapic.handle_exception(WorkspacePublicUploadDisabledException,
                            HTTPStatus.BAD_REQUEST)
    @check_right(is_content_manager)
    @check_right(has_public_upload_enabled)
    @hapic.input_query(UploadPermissionListQuerySchema())
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(UploadPermissionSchema(many=True))
    def get_upload_permission(
            self,
            context,
            request: TracimRequest,
            hapic_data=None) -> typing.List[UploadPermissionInContext]:
        """
        Get all upload permission of this workspace
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = UploadPermissionLib(
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
            show_disabled=hapic_data.query.show_disabled,
        )
        upload_permissions = api.get_upload_permissions(
            request.current_workspace)
        return api.get_upload_permissions_in_context(upload_permissions)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_UPLOAD_PERMISSION_ENDPOINTS])
    @hapic.handle_exception(WorkspacePublicUploadDisabledException,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UploadPermissionNotFound, HTTPStatus.BAD_REQUEST)
    @check_right(is_content_manager)
    @check_right(has_public_upload_enabled)
    @hapic.input_path(UploadPermissionIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def disable_upload_permission(self,
                                  context,
                                  request: TracimRequest,
                                  hapic_data=None) -> None:
        """
        remove an upload permission
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = UploadPermissionLib(current_user=request.current_user,
                                  session=request.dbsession,
                                  config=app_config)
        api.disable_upload_permission(request.current_workspace,
                                      hapic_data.path.upload_permission_id)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_UPLOAD_PERMISSION_ENDPOINTS])
    @hapic.handle_exception(WorkspacePublicUploadDisabledException,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UploadPermissionNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(UploadPermissionTokenPath())
    @hapic.output_body(UploadPermissionPublicInfoSchema())
    def guest_upload_info(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None) -> UploadPermissionInContext:
        """
        get somes informations about upload permission
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = UploadPermissionLib(current_user=None,
                                  session=request.dbsession,
                                  config=app_config)
        upload_permission = api.get_upload_permission_by_token(
            upload_permission_token=hapic_data.path.upload_permission_token
        )  # type: UploadPermission
        workspace_api = WorkspaceApi(current_user=None,
                                     session=request.dbsession,
                                     config=app_config)
        workspace = workspace_api.get_one(upload_permission.workspace_id)
        workspace_api.check_public_upload_enabled(workspace)
        return api.get_upload_permission_in_context(upload_permission)

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_UPLOAD_PERMISSION_ENDPOINTS])
    @hapic.handle_exception(WrongSharePassword, HTTPStatus.FORBIDDEN)
    @hapic.handle_exception(UploadPermissionNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(WorkspacePublicUploadDisabledException,
                            HTTPStatus.BAD_REQUEST)
    @hapic.input_path(UploadPermissionTokenPath())
    @hapic.input_body(UploadPermissionPasswordBodySchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def guest_upload_check(self,
                           context,
                           request: TracimRequest,
                           hapic_data=None) -> None:
        """
        check upload password and token validity
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = UploadPermissionLib(current_user=None,
                                  session=request.dbsession,
                                  config=app_config)
        upload_permission = api.get_upload_permission_by_token(
            upload_permission_token=hapic_data.path.upload_permission_token
        )  # type: UploadPermission
        # TODO - G.M - 2019-08-01 - verify in access to upload_permission can be granted
        # we should considered do these check at decorator level
        workspace_api = WorkspaceApi(current_user=None,
                                     session=request.dbsession,
                                     config=app_config)
        workspace = workspace_api.get_one(upload_permission.workspace_id)
        workspace_api.check_public_upload_enabled(workspace)
        api.check_password(upload_permission,
                           password=hapic_data.body.password)
        return

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__WORKSPACE_UPLOAD_PERMISSION_ENDPOINTS])
    @hapic.handle_exception(WrongSharePassword, HTTPStatus.FORBIDDEN)
    @hapic.handle_exception(UploadPermissionNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(NoFileValidationError, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(WorkspacePublicUploadDisabledException,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverWorkspaceEmptySpace,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverOwnerEmptySpace,
                            HTTPStatus.BAD_REQUEST)
    @hapic.input_path(UploadPermissionTokenPath())
    @hapic.input_forms(UploadDataFormSchema())
    @hapic.input_files(UploadFileSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def guest_upload_file(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None) -> None:
        """
        upload files as guest
        """
        # TODO - G.M - 2019-08-14 - replace UploadFiles Object hack to proper hapic support
        # see
        upload_files = UploadFiles(request, prefix_pattern="file_")
        # INFO - G.M - 2019-09-03 - check validation of file here, because hapic can't
        # handle them. verify if almost one file as been given.
        if len(upload_files.files) < 1:
            raise NoFileValidationError(
                "No files given at input, validation failed.")
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = UploadPermissionLib(current_user=None,
                                  session=request.dbsession,
                                  config=app_config)
        upload_permission = api.get_upload_permission_by_token(
            upload_permission_token=hapic_data.path.upload_permission_token
        )  # type: UploadPermission
        # TODO - G.M - 2019-08-01 - verify in access to upload_permission can be granted
        # we should considered do these check at decorator level
        workspace_api = WorkspaceApi(current_user=None,
                                     session=request.dbsession,
                                     config=app_config)
        workspace = workspace_api.get_one(upload_permission.workspace_id)
        workspace_api.check_public_upload_enabled(workspace)
        api.check_password(upload_permission,
                           password=hapic_data.forms.password)
        content_api = ContentApi(current_user=None,
                                 session=request.dbsession,
                                 config=app_config)
        content_api.check_workspace_size_limitation(
            content_length=request.content_length, workspace=workspace)
        content_api.check_owner_size_limitation(
            content_length=request.content_length, workspace=workspace)
        api.upload_files(
            upload_permission=upload_permission,
            uploader_username=hapic_data.forms.username,
            message=hapic_data.forms.message,
            files=upload_files.files,
            do_notify=app_config.EMAIL__NOTIFICATION__ACTIVATED,
        )
        return

    def bind(self, configurator: Configurator) -> None:
        # allow external person to upload file
        configurator.add_route(
            "add_upload_permission",
            "/workspaces/{workspace_id}/upload_permissions",
            request_method="POST",
        )
        configurator.add_view(self.add_upload_permission,
                              route_name="add_upload_permission")
        configurator.add_route(
            "get_upload_permissions",
            "/workspaces/{workspace_id}/upload_permissions",
            request_method="GET",
        )
        configurator.add_view(self.get_upload_permission,
                              route_name="get_upload_permissions")
        configurator.add_route(
            "delete_upload_permission",
            "/workspaces/{workspace_id}/upload_permissions/{upload_permission_id}",
            request_method="DELETE",
        )
        configurator.add_view(self.disable_upload_permission,
                              route_name="delete_upload_permission")

        # public upload api
        configurator.add_route(
            "guest_upload_check",
            "/public/guest-upload/{upload_permission_token}/check",
            request_method="POST",
        )
        configurator.add_view(self.guest_upload_check,
                              route_name="guest_upload_check")
        configurator.add_route(
            "guest_upload_file",
            "/public/guest-upload/{upload_permission_token}",
            request_method="POST",
        )
        configurator.add_view(self.guest_upload_file,
                              route_name="guest_upload_file")
        configurator.add_route(
            "guest_upload_info",
            "/public/guest-upload/{upload_permission_token}",
            request_method="GET",
        )
        configurator.add_view(self.guest_upload_info,
                              route_name="guest_upload_info")
Exemplo n.º 6
0
class AccountController(Controller):
    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_ENDPOINTS])
    @check_right(is_user)
    @hapic.output_body(UserSchema())
    def account(self, context, request: TracimRequest, hapic_data=None):
        """
        Get user infos.
        """
        app_config = request.registry.settings['CFG']
        uapi = UserApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        return uapi.get_user_with_context(request.current_user)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_body(SetUserInfoSchema())
    @hapic.output_body(UserSchema())
    def set_account_infos(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None):
        """
        Set user info data
        """
        app_config = request.registry.settings['CFG']
        uapi = UserApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        user = uapi.update(request.current_user,
                           name=hapic_data.body.public_name,
                           timezone=hapic_data.body.timezone,
                           lang=hapic_data.body.lang,
                           do_save=True)
        return uapi.get_user_with_context(user)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_query(KnownMemberQuerySchema())
    @hapic.output_body(UserDigestSchema(many=True))
    def account_known_members(self,
                              context,
                              request: TracimRequest,
                              hapic_data=None):
        """
        Get known users list
        """
        app_config = request.registry.settings['CFG']
        uapi = UserApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
            show_deactivated=False,
        )
        users = uapi.get_known_user(
            acp=hapic_data.query.acp,
            exclude_user_ids=hapic_data.query.exclude_user_ids,
            exclude_workspace_ids=hapic_data.query.exclude_workspace_ids,
        )
        context_users = [uapi.get_user_with_context(user) for user in users]
        return context_users

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_ENDPOINTS])
    @hapic.handle_exception(WrongUserPassword, HTTPStatus.FORBIDDEN)
    @hapic.handle_exception(EmailAlreadyExistInDb, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ExternalAuthUserEmailModificationDisallowed,
                            HTTPStatus.BAD_REQUEST)  # nopep8
    @check_right(is_user)
    @hapic.input_body(SetEmailSchema())
    @hapic.output_body(UserSchema())
    def set_account_email(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None):
        """
        Set user Email
        """
        app_config = request.registry.settings['CFG']
        uapi = UserApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        user = uapi.set_email(request.current_user,
                              hapic_data.body.loggedin_user_password,
                              hapic_data.body.email,
                              do_save=True)
        return uapi.get_user_with_context(user)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_ENDPOINTS])
    @hapic.handle_exception(WrongUserPassword, HTTPStatus.FORBIDDEN)
    @hapic.handle_exception(PasswordDoNotMatch, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ExternalAuthUserPasswordModificationDisallowed,
                            HTTPStatus.BAD_REQUEST)  # nopep8
    @check_right(is_user)
    @hapic.input_body(SetPasswordSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def set_account_password(self,
                             context,
                             request: TracimRequest,
                             hapic_data=None):  # nopep8
        """
        Set user password
        """
        app_config = request.registry.settings['CFG']
        uapi = UserApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        uapi.set_password(request.current_user,
                          hapic_data.body.loggedin_user_password,
                          hapic_data.body.new_password,
                          hapic_data.body.new_password2,
                          do_save=True)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_CONTENT_ENDPOINTS])
    @check_right(is_user)
    @hapic.output_body(
        WorkspaceDigestSchema(many=True), )
    def account_workspace(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None):
        """
        Get list of auth user workspaces
        """
        app_config = request.registry.settings['CFG']
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )

        workspaces = wapi.get_all_for_user(request.current_user)
        return [
            wapi.get_workspace_with_context(workspace)
            for workspace in workspaces
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_CONTENT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_query(ActiveContentFilterQuerySchema())
    @hapic.output_body(ContentDigestSchema(many=True))
    def account_last_active_content(self,
                                    context,
                                    request: TracimRequest,
                                    hapic_data=None):  # nopep8
        """
        Get last_active_content for user
        """
        app_config = request.registry.settings['CFG']
        content_filter = hapic_data.query
        api = ContentApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        workspace = None
        if hapic_data.path.workspace_id:
            workspace = wapi.get_one(hapic_data.path.workspace_id)
        before_content = None
        if content_filter.before_content_id:
            before_content = api.get_one(
                content_id=content_filter.before_content_id,
                workspace=workspace,
                content_type=content_type_list.Any_SLUG)
        last_actives = api.get_last_active(
            workspace=workspace,
            limit=content_filter.limit or None,
            before_content=before_content,
        )
        return [
            api.get_content_in_context(content) for content in last_actives
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_CONTENT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.input_query(ContentIdsQuerySchema())
    @hapic.output_body(ReadStatusSchema(many=True))  # nopep8
    def account_contents_read_status(self,
                                     context,
                                     request: TracimRequest,
                                     hapic_data=None):  # nopep8
        """
        get user_read status of contents
        """
        app_config = request.registry.settings['CFG']
        content_filter = hapic_data.query
        api = ContentApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        workspace = None
        if hapic_data.path.workspace_id:
            workspace = wapi.get_one(hapic_data.path.workspace_id)
        last_actives = api.get_last_active(
            workspace=workspace,
            limit=None,
            before_content=None,
            content_ids=hapic_data.query.content_ids or None)
        return [
            api.get_content_in_context(content) for content in last_actives
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_CONTENT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def set_account_content_as_read(self,
                                    context,
                                    request: TracimRequest,
                                    hapic_data=None):  # nopep8
        """
        set user_read status of content to read
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        api.mark_read(request.current_content, do_flush=True)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_CONTENT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def set_account_content_as_unread(self,
                                      context,
                                      request: TracimRequest,
                                      hapic_data=None):  # nopep8
        """
        set user_read status of content to unread
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        api.mark_unread(request.current_content, do_flush=True)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_CONTENT_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def set_account_workspace_as_read(self,
                                      context,
                                      request: TracimRequest,
                                      hapic_data=None):  # nopep8
        """
        set user_read status of all content of workspace to read
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        api.mark_read__workspace(request.current_workspace)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_NOTIFICATION_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def enable_account_workspace_notification(self,
                                              context,
                                              request: TracimRequest,
                                              hapic_data=None):  # nopep8
        """
        enable workspace notification
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        workspace = wapi.get_one(hapic_data.path.workspace_id)
        wapi.enable_notifications(request.current_user, workspace)
        rapi = RoleApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        role = rapi.get_one(request.current_user.user_id,
                            workspace.workspace_id)  # nopep8
        wapi.save(workspace)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__ACCOUNT_NOTIFICATION_ENDPOINTS])
    @check_right(is_user)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
    def disable_account_workspace_notification(self,
                                               context,
                                               request: TracimRequest,
                                               hapic_data=None):  # nopep8
        """
        disable workspace notification
        """
        app_config = request.registry.settings['CFG']
        api = ContentApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        wapi = WorkspaceApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        workspace = wapi.get_one(hapic_data.path.workspace_id)
        wapi.disable_notifications(request.current_user, workspace)
        wapi.save(workspace)
        return

    def bind(self, configurator: Configurator) -> None:
        """
        Create all routes and views using pyramid configurator
        for this controller
        """

        # account workspace
        configurator.add_route('account_workspace',
                               '/users/me/workspaces',
                               request_method='GET')  # nopep8
        configurator.add_view(self.account_workspace,
                              route_name='account_workspace')

        # account info
        configurator.add_route('account', '/users/me',
                               request_method='GET')  # nopep8
        configurator.add_view(self.account, route_name='account')
        #
        #
        # known members lists
        configurator.add_route('account_known_members',
                               '/users/me/known_members',
                               request_method='GET')  # nopep8
        configurator.add_view(self.account_known_members,
                              route_name='account_known_members')
        #
        # set account email
        configurator.add_route('set_account_email',
                               '/users/me/email',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.set_account_email,
                              route_name='set_account_email')

        # set account password
        configurator.add_route('set_account_password',
                               '/users/me/password',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.set_account_password,
                              route_name='set_account_password')  # nopep8

        # set account_infos
        configurator.add_route('set_account_info',
                               '/users/me',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.set_account_infos,
                              route_name='set_account_info')

        # account content
        configurator.add_route(
            'account_contents_read_status',
            '/users/me/workspaces/{workspace_id}/contents/read_status',
            request_method='GET')  # nopep8
        configurator.add_view(
            self.account_contents_read_status,
            route_name='account_contents_read_status')  # nopep8
        # last active content for user
        configurator.add_route(
            'account_last_active_content',
            '/users/me/workspaces/{workspace_id}/contents/recently_active',
            request_method='GET')  # nopep8
        configurator.add_view(
            self.account_last_active_content,
            route_name='account_last_active_content')  # nopep8

        # set content as read/unread
        configurator.add_route(
            'account_read_content',
            '/users/me/workspaces/{workspace_id}/contents/{content_id}/read',
            request_method='PUT')  # nopep8
        configurator.add_view(self.set_account_content_as_read,
                              route_name='account_read_content')  # nopep8

        configurator.add_route(
            'account_unread_content',
            '/users/me/workspaces/{workspace_id}/contents/{content_id}/unread',
            request_method='PUT')  # nopep8
        configurator.add_view(self.set_account_content_as_unread,
                              route_name='account_unread_content')  # nopep8

        # set workspace as read
        configurator.add_route('account_read_workspace',
                               '/users/me/workspaces/{workspace_id}/read',
                               request_method='PUT')  # nopep8
        configurator.add_view(self.set_account_workspace_as_read,
                              route_name='account_read_workspace')  # nopep8

        # enable workspace notification
        configurator.add_route(
            'enable_account_workspace_notification',
            '/users/me/workspaces/{workspace_id}/notifications/activate',
            request_method='PUT')  # nopep8
        configurator.add_view(
            self.enable_account_workspace_notification,
            route_name='enable_account_workspace_notification')  # nopep8

        # disable workspace notification
        configurator.add_route(
            'disable_account_workspace_notification',
            '/users/me/workspaces/{workspace_id}/notifications/deactivate',
            request_method='PUT')  # nopep8
        configurator.add_view(
            self.disable_account_workspace_notification,
            route_name='disable_account_workspace_notification')  # nopep8
Exemplo n.º 7
0
class FileController(Controller):
    """
    Endpoints for File Content
    """

    # File data
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverMaxLimitation, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverWorkspaceEmptySpace,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverOwnerEmptySpace,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(NoFileValidationError, HTTPStatus.BAD_REQUEST)
    @check_right(can_create_file)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(ContentDigestSchema())
    @hapic.input_forms(FileCreationFormSchema())
    @hapic.input_files(SimpleFileSchema())
    def create_file(self, context, request: TracimRequest, hapic_data=None):
        """
        Create a file .This will create 2 new revision.
        """
        # INFO - G.M - 2019-09-03 - check validation of file here, because marshmallow
        # required doesn't work correctly with cgi_fieldstorage.
        # check is done with None because cgi_fieldstorage cannot be converted to bool
        if hapic_data.files.files is None:
            raise NoFileValidationError(
                'No file "files" given at input, validation failed.')
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        api.check_upload_size(request.content_length,
                              request.current_workspace)
        _file = hapic_data.files.files
        parent_id = hapic_data.forms.parent_id
        parent = None  # type: typing.Optional['Content']
        if parent_id:
            try:
                parent = api.get_one(content_id=parent_id,
                                     content_type=content_type_list.Any_SLUG)
            except ContentNotFound as exc:
                raise ParentNotFound(
                    "Parent with content_id {} not found".format(
                        parent_id)) from exc
        content = api.create(
            filename=_file.filename,
            content_type_slug=FILE_TYPE,
            workspace=request.current_workspace,
            parent=parent,
        )
        api.save(content, ActionDescription.CREATION)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.update_file_data(
                content,
                new_filename=_file.filename,
                new_mimetype=_file.type,
                new_content=_file.file,
            )
        api.execute_created_content_actions(content)
        return api.get_content_in_context(content)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_contributor)
    @check_right(is_file_content)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverMaxLimitation, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverWorkspaceEmptySpace,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileSizeOverOwnerEmptySpace,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(NoFileValidationError, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FilePathSchema())
    @hapic.input_files(SimpleFileSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    def upload_file(self, context, request: TracimRequest, hapic_data=None):
        """
        Upload a new version of raw file of content. This will create a new
        revision.
        Good pratice for filename is filename is `{label}{file_extension}` or `{filename}`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        # INFO - G.M - 2019-09-03 - check validation of file here, because marshmallow
        # required doesn't work correctly with cgi_fieldstorage.
        # check is done with None because cgi_fieldstorage cannot be converted to bool
        if hapic_data.files.files is None:
            raise NoFileValidationError(
                'No file "files" given at input, validation failed.')
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        api.check_upload_size(request.content_length, content.workspace)
        _file = hapic_data.files.files
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.update_file_data(
                content,
                new_filename=_file.filename,
                new_mimetype=_file.type,
                new_content=_file.file,
            )

        api.save(content)
        api.execute_update_content_actions(content)
        return

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.input_query(FileQuerySchema())
    @hapic.input_path(FilePathSchema())
    @hapic.output_file([])
    def download_file(self, context, request: TracimRequest, hapic_data=None):
        """
        Download raw file of last revision of content.
        Good pratice for filename is filename is `{label}{file_extension}` or `{filename}`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        try:
            file = DepotManager.get().get(content.depot_file)
        except IOError as exc:
            raise TracimFileNotFound(
                "file related to revision {} of content {} not found in depot."
                .format(content.cached_revision_id,
                        content.content_id)) from exc
        filename = hapic_data.path.filename

        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will be original file one.
        if not filename or filename == "raw":
            filename = content.file_name
        return HapicFile(
            file_object=file,
            mimetype=file.content_type,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
            content_length=file.content_length,
            last_modified=content.updated,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.input_query(FileQuerySchema())
    @hapic.input_path(FileRevisionPathSchema())
    @hapic.output_file([])
    def download_revisions_file(self,
                                context,
                                request: TracimRequest,
                                hapic_data=None):
        """
        Download raw file for specific revision of content.
        Good pratice for filename is filename is `{label}_r{revision_id}{file_extension}`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id, content=content)
        try:
            file = DepotManager.get().get(revision.depot_file)
        except IOError as exc:
            raise TracimFileNotFound(
                "file related to revision {} of content {} not found in depot."
                .format(revision.revision_id, revision.content_id)) from exc

        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will be a custom one.
        if not filename or filename == "raw":
            filename = "{label}_r{revision_id}{file_extension}".format(
                label=revision.file_name,
                revision_id=revision.revision_id,
                file_extension=revision.file_extension,
            )
        return HapicFile(
            file_object=file,
            mimetype=file.content_type,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
            content_length=file.content_length,
            last_modified=revision.updated,
        )

    # preview
    # pdf
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(TracimUnavailablePreviewType,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.input_query(PageQuerySchema())
    @hapic.input_path(FilePathSchema())
    @hapic.output_file([])
    def preview_pdf(self, context, request: TracimRequest, hapic_data=None):
        """
        Obtain a specific page pdf preview of last revision of content.
        Good pratice for filename is filename is `{label}_page_{page_number}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        pdf_preview_path = api.get_pdf_preview_path(
            content.content_id,
            content.cached_revision_id,
            page_number=hapic_data.query.page,
            file_extension=content.file_extension,
        )
        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will a custom one.
        if not filename or filename == "raw":
            filename = "{label}_page_{page_number}.pdf".format(
                label=content.label, page_number=hapic_data.query.page)
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(TracimUnavailablePreviewType,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.input_query(FileQuerySchema())
    @hapic.input_path(FilePathSchema())
    @hapic.output_file([])
    def preview_pdf_full(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None):
        """
        Obtain a full pdf preview (all page) of last revision of content.
        Good pratice for filename is filename is `{label}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        pdf_preview_path = api.get_full_pdf_preview_path(
            content.cached_revision_id, file_extension=content.file_extension)
        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will be a custom one.
        if not filename or filename == "raw":
            filename = "{label}.pdf".format(label=content.label)
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(TracimUnavailablePreviewType,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FileRevisionPathSchema())
    @hapic.input_query(FileQuerySchema())
    @hapic.output_file([])
    def preview_pdf_full_revision(self,
                                  context,
                                  request: TracimRequest,
                                  hapic_data=None):
        """
        Obtain full pdf preview of a specific revision of content.
        Good pratice for filename is filename is `{label}_r{revision_id}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id, content=content)
        pdf_preview_path = api.get_full_pdf_preview_path(
            revision.revision_id, file_extension=revision.file_extension)
        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will be a custom one.
        if not filename or filename == "raw":
            filename = "{label}_r{revision_id}.pdf".format(
                revision_id=revision.revision_id, label=revision.label)
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(TracimUnavailablePreviewType,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FileRevisionPathSchema())
    @hapic.input_query(PageQuerySchema())
    @hapic.output_file([])
    def preview_pdf_revision(self,
                             context,
                             request: TracimRequest,
                             hapic_data=None):
        """
        Obtain a specific page pdf preview of a specific revision of content.
        Good pratice for filename is filename is `{label}_page_{page_number}.pdf`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id, content=content)
        pdf_preview_path = api.get_pdf_preview_path(
            revision.content_id,
            revision.revision_id,
            page_number=hapic_data.query.page,
            file_extension=revision.file_extension,
        )
        filename = hapic_data.path.filename

        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will a custom one.
        if not filename or filename == "raw":
            filename = "{label}_page_{page_number}.pdf".format(
                label=content.label, page_number=hapic_data.query.page)
        return HapicFile(
            file_path=pdf_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    # jpg
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FilePathSchema())
    @hapic.input_query(PageQuerySchema())
    @hapic.output_file([])
    def preview_jpg(self, context, request: TracimRequest, hapic_data=None):
        """
        Obtain normally sized jpg preview of last revision of content.
        Good pratice for filename is `filename is {label}_page_{page_number}.jpg`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        allowed_dim = api.get_jpg_preview_allowed_dim()
        jpg_preview_path = api.get_jpg_preview_path(
            content_id=content.content_id,
            revision_id=content.cached_revision_id,
            page_number=hapic_data.query.page,
            file_extension=content.file_extension,
            width=allowed_dim.dimensions[0].width,
            height=allowed_dim.dimensions[0].height,
        )
        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will a custom one.
        if not filename or filename == "raw":
            filename = "{label}_page_{page_number}.jpg".format(
                label=content.label, page_number=hapic_data.query.page)
        return HapicFile(
            file_path=jpg_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PreviewDimNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.input_query(PageQuerySchema())
    @hapic.input_path(FilePreviewSizedPathSchema())
    @hapic.output_file([])
    def sized_preview_jpg(self,
                          context,
                          request: TracimRequest,
                          hapic_data=None):
        """
        Obtain resized jpg preview of last revision of content.
        Good pratice for filename is filename is `{label}_page_{page_number}_{width}x{height}.jpg`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        jpg_preview_path = api.get_jpg_preview_path(
            content_id=content.content_id,
            revision_id=content.cached_revision_id,
            file_extension=content.file_extension,
            page_number=hapic_data.query.page,
            height=hapic_data.path.height,
            width=hapic_data.path.width,
        )
        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will a custom one.
        if not filename or filename == "raw":
            filename = "{label}_page_{page_number}_{width}x{height}.jpg".format(
                label=content.label,
                page_number=hapic_data.query.page,
                width=hapic_data.path.width,
                height=hapic_data.path.height,
            )
        return HapicFile(
            file_path=jpg_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.handle_exception(UnavailablePreview, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PageOfPreviewNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(PreviewDimNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.input_path(FileRevisionPreviewSizedPathSchema())
    @hapic.input_query(PageQuerySchema())
    @hapic.output_file([])
    def sized_preview_jpg_revision(self,
                                   context,
                                   request: TracimRequest,
                                   hapic_data=None):
        """
        Obtain resized jpg preview of a specific revision of content.
        Good pratice for filename is filename is `{label}_r{revision_id}_page_{page_number}_{width}x{height}.jpg`.
        Default filename value is 'raw' (without file extension) or nothing.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        revision = api.get_one_revision(
            revision_id=hapic_data.path.revision_id, content=content)
        jpg_preview_path = api.get_jpg_preview_path(
            content_id=content.content_id,
            revision_id=revision.revision_id,
            page_number=hapic_data.query.page,
            height=hapic_data.path.height,
            width=hapic_data.path.width,
            file_extension=revision.file_extension,
        )
        filename = hapic_data.path.filename
        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", where filename returned will a custom one.
        if not filename or filename == "raw":
            filename = "{label}_r{revision_id}_page_{page_number}_{width}x{height}.jpg".format(
                revision_id=revision.revision_id,
                label=revision.label,
                page_number=hapic_data.query.page,
                width=hapic_data.path.width,
                height=hapic_data.path.height,
            )
        return HapicFile(
            file_path=jpg_preview_path,
            filename=filename,
            as_attachment=hapic_data.query.force_download,
        )

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(AllowedJpgPreviewDimSchema())
    def allowed_dim_preview_jpg(self,
                                context,
                                request: TracimRequest,
                                hapic_data=None):
        """
        Get allowed dimensions of jpg preview. If restricted is true,
        only those dimensions are strictly accepted.
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        return api.get_jpg_preview_allowed_dim()

    # File infos
    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(FileContentSchema())
    def get_file_infos(self,
                       context,
                       request: TracimRequest,
                       hapic_data=None) -> ContentInContext:
        """
        Get thread content
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        return api.get_content_in_context(content)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @check_right(is_contributor)
    @check_right(is_file_content)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.input_body(FileContentModifySchema())
    @hapic.output_body(FileContentSchema())
    def update_file_info(self,
                         context,
                         request: TracimRequest,
                         hapic_data=None) -> ContentInContext:
        """
        update thread
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.update_content(
                item=content,
                new_label=hapic_data.body.label,
                new_content=hapic_data.body.raw_content,
            )
            api.save(content)
            api.execute_update_content_actions(content)
        return api.get_content_in_context(content)

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @check_right(is_reader)
    @check_right(is_file_content)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.output_body(FileRevisionSchema(many=True))
    def get_file_revisions(self,
                           context,
                           request: TracimRequest,
                           hapic_data=None) -> typing.List[RevisionInContext]:
        """
        get file revisions
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        revisions = content.revisions
        return [
            api.get_revision_in_context(revision) for revision in revisions
        ]

    @hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_FILE_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @check_right(is_contributor)
    @check_right(is_file_content)
    @hapic.input_path(WorkspaceAndContentIdPathSchema())
    @hapic.input_body(SetContentStatusSchema())
    @hapic.output_body(NoContentSchema(),
                       default_http_code=HTTPStatus.NO_CONTENT)
    @hapic.handle_exception(ContentStatusException, HTTPStatus.BAD_REQUEST)
    def set_file_status(self,
                        context,
                        request: TracimRequest,
                        hapic_data=None) -> None:
        """
        set file status
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(
            show_archived=True,
            show_deleted=True,
            current_user=request.current_user,
            session=request.dbsession,
            config=app_config,
        )
        content = api.get_one(hapic_data.path.content_id,
                              content_type=content_type_list.Any_SLUG)
        if content.status == request.json_body.get("status"):
            raise ContentStatusException(
                "Content id {} already have status {}".format(
                    content.content_id, content.status))
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            api.set_status(content, hapic_data.body.status)
            api.save(content)
            api.execute_update_content_actions(content)
        return

    def bind(self, configurator: Configurator) -> None:
        """
        Add route to configurator.
        """

        # file info #
        # Get file info
        configurator.add_route("file_info",
                               "/workspaces/{workspace_id}/files/{content_id}",
                               request_method="GET")
        configurator.add_view(self.get_file_infos, route_name="file_info")
        # update file
        configurator.add_route(
            "update_file_info",
            "/workspaces/{workspace_id}/files/{content_id}",
            request_method="PUT",
        )
        configurator.add_view(self.update_file_info,
                              route_name="update_file_info")

        # raw file #
        # create file
        configurator.add_route("create_file",
                               "/workspaces/{workspace_id}/files",
                               request_method="POST")
        configurator.add_view(self.create_file, route_name="create_file")

        # upload raw file
        configurator.add_route(
            "upload_file",
            "/workspaces/{workspace_id}/files/{content_id}/raw/{filename:[^/]*}",
            request_method="PUT",
        )
        configurator.add_view(self.upload_file, route_name="upload_file")
        # download raw file
        configurator.add_route(
            "download_file",
            "/workspaces/{workspace_id}/files/{content_id}/raw/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.download_file, route_name="download_file")
        # download raw file of revision
        configurator.add_route(
            "download_revision",
            "/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/raw/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.download_revisions_file,
                              route_name="download_revision")

        # previews #
        # get preview pdf full
        configurator.add_route(
            "preview_pdf_full",
            "/workspaces/{workspace_id}/files/{content_id}/preview/pdf/full/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.preview_pdf_full,
                              route_name="preview_pdf_full")
        # get preview pdf
        configurator.add_route(
            "preview_pdf",
            "/workspaces/{workspace_id}/files/{content_id}/preview/pdf/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.preview_pdf, route_name="preview_pdf")
        # get preview jpg allowed dims
        configurator.add_route(
            "allowed_dim_preview_jpg",
            "/workspaces/{workspace_id}/files/{content_id}/preview/jpg/allowed_dims",
            request_method="GET",
        )
        configurator.add_view(self.allowed_dim_preview_jpg,
                              route_name="allowed_dim_preview_jpg")
        # get preview jpg
        configurator.add_route(
            "preview_jpg",
            "/workspaces/{workspace_id}/files/{content_id}/preview/jpg/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.preview_jpg, route_name="preview_jpg")
        # get preview jpg with size
        configurator.add_route(
            "sized_preview_jpg",
            "/workspaces/{workspace_id}/files/{content_id}/preview/jpg/{width}x{height}/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.sized_preview_jpg,
                              route_name="sized_preview_jpg")
        # get jpg preview for revision
        configurator.add_route(
            "sized_preview_jpg_revision",
            "/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/preview/jpg/{width}x{height}/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.sized_preview_jpg_revision,
                              route_name="sized_preview_jpg_revision")
        # get full pdf preview for revision
        configurator.add_route(
            "preview_pdf_full_revision",
            "/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/preview/pdf/full/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.preview_pdf_full_revision,
                              route_name="preview_pdf_full_revision")
        # get pdf preview for revision
        configurator.add_route(
            "preview_pdf_revision",
            "/workspaces/{workspace_id}/files/{content_id}/revisions/{revision_id}/preview/pdf/{filename:[^/]*}",
            request_method="GET",
        )
        configurator.add_view(self.preview_pdf_revision,
                              route_name="preview_pdf_revision")
        # others #
        # get file revisions
        configurator.add_route(
            "file_revisions",
            "/workspaces/{workspace_id}/files/{content_id}/revisions",
            request_method="GET",
        )
        configurator.add_view(self.get_file_revisions,
                              route_name="file_revisions")

        # get file status
        configurator.add_route(
            "set_file_status",
            "/workspaces/{workspace_id}/files/{content_id}/status",
            request_method="PUT",
        )
        configurator.add_view(self.set_file_status,
                              route_name="set_file_status")
Exemplo n.º 8
0
class CollaborativeDocumentEditionController(Controller):
    """
    Endpoints for Collaborative Edition API
    """
    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__COLLABORATIVE_DOCUMENT_EDITION_ENDPOINTS])
    @check_right(is_user)
    @hapic.output_body(CollaborativeDocumentEditionTokenSchema())
    def collaborative_document_edition_token(
            self,
            context: DefaultRootFactory,
            request: TracimRequest,
            hapic_data: HapicData = None) -> CollaborativeDocumentEditionToken:
        app_config = request.registry.settings["CFG"]  # type: CFG
        collaborative_document_edition_lib = CollaborativeDocumentEditionFactory(
        ).get_lib(current_user=request.current_user,
                  session=request.dbsession,
                  config=app_config)
        access_token = request.current_user.ensure_auth_token(
            app_config.USER__AUTH_TOKEN__VALIDITY)
        return collaborative_document_edition_lib.get_token(
            access_token=access_token)

    # File template infor
    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__COLLABORATIVE_DOCUMENT_EDITION_ENDPOINTS])
    @hapic.output_body(FileTemplateInfoSchema())
    def get_file_template_infos(
            self,
            context: DefaultRootFactory,
            request: TracimRequest,
            hapic_data: HapicData = None) -> FileTemplateList:
        """
        Get file template list
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        collaborative_document_edition_api = CollaborativeDocumentEditionFactory(
        ).get_lib(current_user=request.current_user,
                  session=request.dbsession,
                  config=app_config)
        return collaborative_document_edition_api.get_file_template_list()

    @hapic.with_api_doc(
        tags=[SWAGGER_TAG__COLLABORATIVE_DOCUMENT_EDITION_ENDPOINTS])
    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
                            HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
    @hapic.handle_exception(FileTemplateNotAvailable, HTTPStatus.BAD_REQUEST)
    @check_right(can_create_file)
    @hapic.input_path(WorkspaceIdPathSchema())
    @hapic.output_body(ContentDigestSchema())
    @hapic.input_body(FileCreateFromTemplateSchema())
    def create_file_from_template(
            self,
            context: DefaultRootFactory,
            request: TracimRequest,
            hapic_data: HapicData = None) -> ContentInContext:
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ContentApi(current_user=request.current_user,
                         session=request.dbsession,
                         config=app_config)
        collaborative_document_edition_api = CollaborativeDocumentEditionFactory(
        ).get_lib(current_user=request.current_user,
                  session=request.dbsession,
                  config=app_config)
        collaborative_document_edition_api.check_template_available(
            hapic_data.body.template)
        parent = None  # type: typing.Optional['Content']
        if hapic_data.body.parent_id:
            try:
                parent = api.get_one(content_id=hapic_data.body.parent_id,
                                     content_type=content_type_list.Any_SLUG)
            except ContentNotFound as exc:
                raise ParentNotFound(
                    "Parent with content_id {} not found".format(
                        hapic_data.body.parent_id)) from exc
        content = api.create(
            filename=hapic_data.body.filename,
            content_type_slug=FILE_TYPE,
            workspace=request.current_workspace,
            parent=parent,
        )
        api.save(content, ActionDescription.CREATION)
        with new_revision(session=request.dbsession,
                          tm=transaction.manager,
                          content=content):
            collaborative_document_edition_api.update_content_from_template(
                content=content, template_filename=hapic_data.body.template)
        api.execute_created_content_actions(content)
        return api.get_content_in_context(content)

    def bind(self, configurator: Configurator) -> None:

        # Get file template info
        configurator.add_route(
            "file_template_info",
            "/{}/templates".format(COLLABORATIVE_DOCUMENT_EDITION_BASE),
            request_method="GET",
        )
        configurator.add_view(self.get_file_template_infos,
                              route_name="file_template_info")

        # Create file from template
        configurator.add_route(
            "create_file_from_template",
            "/{}/".format(COLLABORATIVE_DOCUMENT_EDITION_BASE) +
            "workspaces/{workspace_id}/files",
            request_method="POST",
        )
        configurator.add_view(self.create_file_from_template,
                              route_name="create_file_from_template")

        # token
        configurator.add_route(
            "collaborative_document_edition_token",
            "/{}/token".format(COLLABORATIVE_DOCUMENT_EDITION_BASE),
            request_method="GET",
        )
        configurator.add_view(
            self.collaborative_document_edition_token,
            route_name="collaborative_document_edition_token",
        )