def dir(self, resource, **kw):
'Read the list of authorization records associated with the parent resource'
#baseuri = request.url
format = kw.pop('format', None)
view = kw.pop('view', None)
recurse = kw.pop('recurse', None)
resource = check_access(resource, RESOURCE_READ)
log.debug("AUTH %s %s", resource, request.environ)
response = etree.Element('resource', uri=request.url)
resource_acl_query(resource, recurse=recurse, response=response)
#for auth, user in DBSession.query(TaggableAcl, Taggable)\
# .filter(TaggableAcl.taggable_id == resource.id)\
# .filter(TaggableAcl.user_id == Taggable.id).all():
# log.debug ("Found %s with user %s", auth, user)
# response.append (_aclelem (resource, user, auth))
if is_admin(): #and resource.owner_id != current_user.id:
current_user = get_user()
admin_auth = _aclelem(resource, current_user)
admin_auth.set('action', 'edit')
response.append(admin_auth)
formatter, content_type = find_formatter(format)
tg.response.headers['Content-Type'] = content_type
return formatter(response)
def new(self, factory, xml, **kw):
"""POST /ds/image : Create a reference to the image in the local database
"""
view = kw.pop('view', None)
format = kw.pop('format', None)
user = kw.pop('user', None)
log.info("NEW: %s ... %s", request.url, xml.tag)
# Create a DB object from the document.
#if not identity.not_anonymous():
# pylons.response.status_int = 401
# return '<response status="FAIL">Permission denied</response>'
parent = self.load_parent()
log.debug("NEW: parent %s ", str(parent))
parent = self.check_access(parent, RESOURCE_EDIT)
if user is not None and identity.is_admin():
self.set_new_identity(user)
resource = bisquik2db(doc=xml, parent=parent)
log.info("NEW: => %s ", str(resource))
if resource is None:
resource = etree.Element('resource')
resource.text = "FAIL"
return self.resource_output(resource, view=view, format=format)
def insert(self, path=None, user=None, **kwargs):
""" Move a resource identified by path
"""
if user is not None and identity.is_admin():
identity.current.set_current_user(user)
resource = self._check_post_body()
if resource is None:
resource = etree.Element('resource', value=path)
else:
path = resource.get('value')
log.info("insert_path() %s %s %s", tg.request.method, path, kwargs)
store, driver = self.mounts.valid_store_ref(resource)
if store is None:
abort(400, "%s is not a valid store " % path)
if resource.get('name') is None:
resource.set('name', path.replace(driver.mount_url, ''))
log.debug("insert %s %s %s", path, driver.mount_url,
etree.tostring(resource))
resource = self.blobsrv.store_blob(resource)
return etree.tostring(resource)
def remove(self, path, delete_blob=True, user=None, **kwargs):
' Delete a resource identified by path '
log.info("delete() called %s", path)
if user is not None and identity.is_admin():
identity.current.set_current_user(user)
resource = data_service.query("file|image",
resource_value=path,
wpublic='1',
cache=False)
for child in resource:
data_service.del_resource(child)
return etree.tostring(resource)
def delete(self, resource, **kw):
"""DELETE /ds/images/1/tags/2 : delete a specific resource
"""
log.info('DELETE %s', request.url)
user = kw.pop('user', None)
if user is not None and identity.is_admin():
self.set_new_identity(user)
resource = self.check_access(resource, RESOURCE_EDIT)
response = etree.Element('resource')
if resource is not None:
uri = resource.uri
resource_delete(resource, user_id=identity.get_user_id())
response.set('uri', uri)
return self.resource_output(resource=None, response=response, **kw)
def setbasicauth(self, username, passwd, **kw):
log.debug("Set basic auth %s", kw)
if not identity.is_admin() and username != identity.get_username():
return "<error msg='failed: not allowed to change password of others' />"
user = tg.request.identity.get('user')
log.debug("Got user %s", user)
if user and user.user_name == username: # sanity check
user = DBSession.merge(user)
user.password = passwd
log.info("Setting new basicauth password for %s", username)
#transaction.commit()
return "<success/>"
log.error("Could not set basicauth password for %s", username)
return "<error msg='Failed to set password'/>"
def append(self, resource, xml, **kw):
'''POST /ds/images/1/ : append the document to the resource
Append value of the resource based on the args
'''
view = kw.pop('view', None)
user = kw.pop('user', None)
if user is not None and identity.is_admin():
self.set_new_identity(user)
log.info('APPEND %s %s', request.url, xml.tag)
resource = self.check_access(resource, RESOURCE_EDIT)
#parent = self.load_parent()
resource = bisquik2db(doc=xml,
parent=resource) #, resource = resource)
log.info('APPEND/update: ==> %s ', str(resource))
return self.resource_output(resource, view=view)
def modify(self, resource, xml, **kw):
'''PUT /ds/image/1 --> Replace all contents with doc
'''
view = kw.pop('view', None)
user = kw.pop('user', None)
if user is not None and identity.is_admin():
self.set_new_identity(user)
log.info('MODIFY %s %s', request.url, xml.tag)
resource = self.check_access(resource, RESOURCE_EDIT)
parent = self.load_parent()
DBSession.autoflush = False
old = resource.clear()
log.debug("MODIFY: parent=%s resource=%s", str(parent), str(resource))
resource = bisquik2db(doc=xml,
resource=resource,
parent=parent,
replace=True)
log.info('MODIFIED: ==> %s ', str(resource))
return self.resource_output(resource, view=view)
def replace_all(self, resource, xml, **kw):
'''PUT /ds/image/1/gobjects --> Replace contents of gobjects with doc
'''
log.info('REPLACE_ALL %s %s', request.url, xml.tag)
user = kw.pop('user', None)
if user is not None and identity.is_admin():
self.set_new_identity(user)
parent = self.load_parent()
resource = None
if parent:
resource = self.check_access(parent, RESOURCE_EDIT)
DBSession.autoflush = False
log.debug('REPLACE %s in %s %s=>%s', self.resource_name,
str(parent), xml.tag, str(resource))
# Here we clear the specific type (tag,gobject) etc. and
parent.clear([self.resource_name])
resource = bisquik2db(doc=xml, parent=parent)
if resource is None:
resource = etree.Element('resource')
resource.text = "FAIL"
return self.resource_output(resource, **kw)
def move(self, path, destination, user=None, **kw):
' Move a resource identified by path '
log.info("move(%s,%s) %s %s", path, destination, tg.request.method, kw)
if user is not None and identity.is_admin():
identity.current.set_current_user(user)
# sanity check
resource = etree.Element('resource', value=destination)
store, driver = self.mounts.valid_store_ref(resource)
if store is None:
abort(400, "%s is not a valid store " % destination)
resource = data_service.query("file|image",
resource_value=path,
wpublic='1',
cache=False)
for child in resource:
old_store, old_driver = self.mounts.valid_store_ref(child)
if old_store is None:
abort(400, "%s is not a valid store " % destination)
# Remove links in directory hierarchy
self.mounts.delete_links(child)
# Change the location
child.set('value', destination)
child.set('name', os.path.basename(destination))
resource = data_service.update(child)
# Update the tag
q1 = data_service.query('tag', parent=resource, name='filename')
if len(q1):
q1[0].set('value', os.path.basename(destination))
data_service.update(q1[0])
# update the links
partial_path = destination.replace(driver.mount_url, '')
self.mounts.insert_mount_path(store, partial_path, resource)
return etree.tostring(resource)
