def abort(status_code=None, detail='', headers=None, comment=None): '''Abort the current request immediately by returning an HTTP exception. This is a wrapper for :py:func:`pylons.controllers.util.abort` that adds some CKAN custom behavior, including allowing :py:class:`~ckan.plugins.interfaces.IAuthenticator` plugins to alter the abort response, and showing flash messages in the web interface. ''' if status_code == 403: # Allow IAuthenticator plugins to alter the abort for item in p.PluginImplementations(p.IAuthenticator): result = item.abort(status_code, detail, headers, comment) (status_code, detail, headers, comment) = result if detail and status_code != 503: h.flash_error(detail) # #1267 Convert detail to plain text, since WebOb 0.9.7.1 (which comes # with Lucid) causes an exception when unicode is received. detail = detail.encode('utf8') if is_flask_request(): flask_abort(status_code, detail) return _abort(status_code=status_code, detail=detail, headers=headers, comment=comment)
def _prepare(self, id): # FIXME 403 error for invalid key is a non helpful page context = { u'model': model, u'session': model.Session, u'user': id, u'keep_email': True } try: logic.check_access(u'user_reset', context) except logic.NotAuthorized: base.abort(403, _(u'Unauthorized to reset password.')) try: user_dict = logic.get_action(u'user_show')(context, {u'id': id}) except logic.NotFound: base.abort(404, _(u'User not found')) user_obj = context[u'user_obj'] g.reset_key = request.params.get(u'key') if not mailer.verify_reset_link(user_obj, g.reset_key): msg = _(u'Invalid reset key. Please try again.') h.flash_error(msg) base.abort(403, msg) return context, user_dict
def logged_in(self): came_from = request.params.get('came_from', '') if c.user: context = None data_dict = {'id': c.user, 'link_wotkit': True} try: user_dict = get_action('user_show')(context, data_dict) except logic.NotAuthorized as e: return self.login(error=str(e)) h.flash_success(_("%s is now logged in") % user_dict['display_name']) if came_from and "logged_in" not in came_from: """Mark: HACK redirect to ignore the base URL /data. This used to use url_for, but doing so always appends the /data path which we won't want Thus had to change it to redirect_to """ return routes.redirect_to(str(came_from)) return self.me() else: err = _('Login failed. Bad username or password.') if g.openid_enabled: err += _(' (Or if using OpenID, it hasn\'t been associated ' 'with a user account.)') if h.asbool(config.get('ckan.legacy_templates', 'false')): h.flash_error(err) h.redirect_to(locale=lang, controller='user', action='login', came_from=came_from) else: return self.login(error=err)
def post(self, id): context, user_dict = self._prepare(id) context[u'reset_password'] = True user_state = user_dict[u'state'] try: new_password = self._get_form_password() user_dict[u'password'] = new_password username = request.form.get(u'name') if (username is not None and username != u''): user_dict[u'name'] = username user_dict[u'reset_key'] = g.reset_key user_dict[u'state'] = model.State.ACTIVE logic.get_action(u'user_update')(context, user_dict) mailer.create_reset_key(context[u'user_obj']) h.flash_success(_(u'Your password has been reset.')) return h.redirect_to(u'home.index') except logic.NotAuthorized: h.flash_error(_(u'Unauthorized to edit user %s') % id) except logic.NotFound: h.flash_error(_(u'User not found')) except dictization_functions.DataError: h.flash_error(_(u'Integrity Error')) except logic.ValidationError as e: h.flash_error(u'%r' % e.error_dict) except ValueError as e: h.flash_error(text_type(e)) user_dict[u'state'] = user_state return base.render(u'user/perform_reset.html', { u'user_dict': user_dict })
def remove_pipe(self, id, pipeline_id): assert id assert pipeline_id try: data_dict = {'id': id} context = {'model': model, 'session': model.Session, 'user': c.user or c.author, 'auth_user_obj': c.userobj} check_access('package_update', context, data_dict) package = get_action('package_show')(context, data_dict) # id is most probably is package.name so we have to get actual id pipe = Pipelines(package['id'], pipeline_id).get() if not pipe: h.flash_error(_(u"Couldn't remove pipeline, because there is no such pipeline assigned to this dataset.")) base.redirect(h.url_for('pipe_assign', id=id)) else: pipe_id = pipe.pipeline_id pipe.delete() pipe.commit() h.flash_success(_(u'Pipeline removed from dataset successfully')) disable_schedules_for_pipe(pipe_id) except NotFound: abort(404, _(u'Dataset not found')) except NotAuthorized: abort(401, _(u'User {user} not authorized to edit {id}').format(user=c.user, id=id)) base.redirect(h.url_for('pipe_assign', id=id))
def remove_project_admin(self): ''' Remove a user from the project Admin list. ''' context = {'model': model, 'session': model.Session, 'user': c.user or c.author} try: check_access('sysadmin', context, {}) except NotAuthorized: abort(401, _('User not authorized to view page')) if 'cancel' in request.params: tk.redirect_to(controller='ckanext.project.controller:projectController', action='manage_project_admins') user_id = request.params['user'] if request.method == 'POST' and user_id: user_id = request.params['user'] try: get_action('ckanext_project_admin_remove')(data_dict={'username': user_id}) except NotAuthorized: abort(401, _('Unauthorized to perform that action')) except NotFound: h.flash_error(_('The user is not a project Admin')) else: h.flash_success(_('The user is no longer a project Admin')) return redirect(h.url_for(controller='ckanext.project.controller:projectController', action='manage_project_admins')) c.user_dict = get_action('user_show')(data_dict={'id': user_id}) c.user_id = user_id return render('admin/confirm_remove_project_admin.html')
def index(self, dsname): context = {'model': ckan.model, 'session': ckan.model.Session, 'user': pylons.c.user or pylons.c.author} pk_info = package_info(dsname, context) #flash messages no_view_msg = dsname + ', might not exist or you might not have permission to view or edit this dataset' no_edit_msg = 'you do not have permission or need to be logged-in to reorder this dataset' #if package doesn't exist if not pk_info: flash_error(no_view_msg) #package exists else: if not pk_info['edit']: flash_notice(no_edit_msg) if pk_info['view']: plugins.toolkit.c.name = dsname plugins.toolkit.c.view = pk_info['view'] plugins.toolkit.c.edit = pk_info['edit'] plugins.toolkit.c.resources = [item['name'] for item in pk_info['package']['resources']] return plugins.toolkit.render('index.html')
def logged_in(self): # redirect if needed came_from = request.params.get('came_from', '') if self._sane_came_from(came_from): return h.redirect_to(str(came_from)) if c.user: context = None data_dict = {'id': c.user} user_dict = get_action('user_show')(context, data_dict) h.flash_success( _("%s is now logged in") % user_dict['display_name']) return self.me() else: err = _('Login failed. Bad username or password.') if g.openid_enabled: err += _(' (Or if using OpenID, it hasn\'t been associated ' 'with a user account.)') if h.asbool(config.get('ckan.legacy_templates', 'false')): h.flash_error(err) h.redirect_to( controller='user', action='login', came_from=came_from) else: return self.login(error=err)
def abort(status_code=None, detail="", headers=None, comment=None): if detail and status_code != 503: h.flash_error(detail) # #1267 Convert detail to plain text, since WebOb 0.9.7.1 (which comes # with Lucid) causes an exception when unicode is received. detail = detail.encode("utf8") return _abort(status_code=status_code, detail=detail, headers=headers, comment=comment)
def create_users(self): # extra_vars has to contain 'data' or the template will crash. # Replace data with a non-empty dict to pre-fill the form fields. extra_vars = {'data': {}} if toolkit.request.method == 'POST': params = dict(toolkit.request.params) data = params.copy() data.pop('Password') data.pop('confirm-password') extra_vars['data'] = data try: confirm = params.pop('confirm-password') if confirm != params['Password']: raise toolkit.ValidationError({'Password': '******'}) context = {'model': model, 'session': model.Session} data_dict = params.copy() data_dict['IsRegisteredUser'] = False request = toolkit.get_action('ec_user_create')(context, data_dict) extra_vars['data'] = None except ECAPINotFound, e: helpers.flash_error('Error CTPEC platform returned an error: {}'.format(str(e))) except ECAPINotAuthorized, e: helpers.flash_error('Error CTPEC platform returned an authorization error: {}'.format(str(e)))
def report(self, dataset_id, issue_number): dataset = self._before_dataset(dataset_id) if request.method == 'POST': if not c.user: msg = _('You must be logged in to report issues') toolkit.abort(401, msg) try: report_info = toolkit.get_action('issue_report')( data_dict={ 'issue_number': issue_number, 'dataset_id': dataset_id } ) if report_info: # we have this info if it is an admin msgs = [_('Report acknowledged.')] if report_info['abuse_status'] == \ issuemodel.AbuseStatus.abuse.value: msgs.append(_('Marked as abuse/spam.')) msgs.append(_('Issue is visible.') if report_info['visibility'] == 'visible' else _('Issue is invisible to normal users.')) h.flash_success(' '.join(msgs)) else: h.flash_success(_('Issue reported to an administrator')) except toolkit.ValidationError: toolkit.abort(404) except toolkit.ObjectNotFound: toolkit.abort(404) except ReportAlreadyExists, e: h.flash_error(e.message) h.redirect_to('issues_show', dataset_id=dataset_id, issue_number=issue_number)
def logged_in(self): # we need to set the language via a redirect lang = session.pop("lang", None) session.save() came_from = request.params.get("came_from", "") # we need to set the language explicitly here or the flash # messages will not be translated. i18n.set_lang(lang) if c.user: context = None data_dict = {"id": c.user} user_dict = get_action("user_show")(context, data_dict) h.flash_success(_("%s is now logged in") % user_dict["display_name"]) if came_from: return h.redirect_to(str(came_from)) return self.me() else: err = _("Login failed. Bad username or password.") if g.openid_enabled: err += _(" (Or if using OpenID, it hasn't been associated " "with a user account.)") if h.asbool(config.get("ckan.legacy_templates", "false")): h.flash_error(err) h.redirect_to(locale=lang, controller="user", action="login", came_from=came_from) else: return self.login(error=err)
def _listener_route(self, action, id, resource_id): if not c.userobj or not c.userobj.sysadmin: base.abort(404) if action == 'terminate': task = session.query(model.TaskStatus)\ .filter( model.TaskStatus.task_type=='twitter_streaming', model.TaskStatus.entity_id==resource_id)\ .first() if not task: h.flash_error("Can't find listener") if task: pid = task.error or '' if not pid: h.flash_error("Can't get PID of process") else: h.flash_success('Success') toolkit.get_action('task_status_update')(None, { 'entity_id': resource_id, 'task_type': 'twitter_streaming', 'key': 'celery_task_id', 'state': 'Terminated', 'value': 'Ready for start', 'error': pid, 'last_updated': datetime.datetime.now().isoformat(), 'entity_type': 'resource' }) if os.system('kill -9 %s' % pid): toolkit.get_action('celery_revoke')(self.context, {'id': pid, 'resource': resource_id}) base.redirect(h.url_for('getting_tweets', id=id, resource_id=resource_id))
def unfollow(package_type, id): """Stop following this dataset. """ context = { u'model': model, u'session': model.Session, u'user': g.user, u'auth_user_obj': g.userobj } data_dict = {u'id': id} try: get_action(u'unfollow_dataset')(context, data_dict) package_dict = get_action(u'package_show')(context, data_dict) id = package_dict['name'] except ValidationError as e: error_message = (e.message or e.error_summary or e.error_dict) h.flash_error(error_message) except (NotFound, NotAuthorized) as e: error_message = e.message h.flash_error(error_message) else: h.flash_success( _(u"You are no longer following {0}").format( package_dict[u'title'] ) ) return h.redirect_to(u'dataset.read', id=id)
def manage_showcase_admins(self): ''' A ckan-admin page to list and add showcase admin users. ''' context = {'model': model, 'session': model.Session, 'user': c.user or c.author} try: check_access('sysadmin', context, {}) except NotAuthorized: abort(401, _('User not authorized to view page')) # We're trying to add a user to the showcase admins list. if request.method == 'POST' and request.params['username']: username = request.params['username'] try: get_action('ckanext_showcase_admin_add')( data_dict={'username': username}) except NotAuthorized: abort(401, _('Unauthorized to perform that action')) except NotFound: h.flash_error(_("User '{user_name}' not found.").format( user_name=username)) except ValidationError as e: h.flash_notice(e.error_summary) else: h.flash_success(_("The user is now a Showcase Admin")) return redirect(h.url_for( controller='ckanext.showcase.controller:ShowcaseController', action='manage_showcase_admins')) c.showcase_admins = get_action('ckanext_showcase_admin_list')() return render('admin/manage_showcase_admins.html')
def login(self, error=None): # Do any plugin login stuff for item in p.PluginImplementations(p.IAuthenticator): item.login() if 'error' in request.params: h.flash_error(request.params['error']) if request.environ['SCRIPT_NAME'] and g.openid_enabled: # #1662 restriction log.warn('Cannot mount CKAN at a URL and login with OpenID.') g.openid_enabled = False if not c.user: came_from = request.params.get('came_from') if not came_from: came_from = h.url_for( controller='user', action='logged_in', __ckan_no_root=True) c.login_handler = h.url_for( self._get_repoze_handler('login_handler_path'), came_from=came_from) if error: vars = {'error_summary': {'': error}} else: vars = {} return render('user/login.html', extra_vars=vars) else: return render('user/logout_first.html')
def logged_in(self): # we need to set the language via a redirect lang = session.pop('lang', None) session.save() came_from = request.params.get('came_from', '') # we need to set the language explicitly here or the flash # messages will not be translated. i18n.set_lang(lang) if c.user: context = None data_dict = {'id': c.user} user_dict = get_action('user_show')(context, data_dict) h.flash_success(_("%s is now logged in") % user_dict['display_name']) if came_from: return h.redirect_to(str(came_from)) return self.me() else: err = _('Login failed. Bad username or password.') if g.openid_enabled: err += _(' (Or if using OpenID, it hasn\'t been associated ' 'with a user account.)') if h.asbool(config.get('ckan.legacy_templates', 'false')): h.flash_error(err) h.redirect_to(locale=lang, controller='user', action='login', came_from=came_from) else: return self.login(error=err)
def login(self, error=None): lang = session.pop('lang', None) if lang: session.save() return h.redirect_to(locale=str(lang), controller='user', action='login') if 'error' in request.params: h.flash_error(request.params['error']) if request.environ['SCRIPT_NAME'] and g.openid_enabled: # #1662 restriction log.warn('Cannot mount CKAN at a URL and login with OpenID.') g.openid_enabled = False if not c.user: came_from = request.params.get('came_from', '') c.login_handler = h.url_for( self._get_repoze_handler('login_handler_path'), came_from=came_from) if error: vars = {'error_summary': {'': error}} else: vars = {} return render('user/login.html', extra_vars=vars) else: return render('user/logout_first.html')
def flash_errors_for_ext_cat(errors): if errors: msg = '<p>Error occured while synchronizing external catalog:</p><ul>' for err in errors: msg += '<li>{0}</li>'.format(err) msg += '</ul>' h.flash_error(msg, True)
def post(self, group_type, is_organization, id=None): set_org(is_organization) context = self._prepare(id) try: _action(u'group_delete')(context, {u'id': id}) if group_type == u'organization': h.flash_notice(_(u'Organization has been deleted.')) elif group_type == u'group': h.flash_notice(_(u'Group has been deleted.')) else: h.flash_notice( _(u'%s has been deleted.') % _(group_type.capitalize())) group_dict = _action(u'group_show')(context, {u'id': id}) except NotAuthorized: base.abort(403, _(u'Unauthorized to delete group %s') % u'') except NotFound: base.abort(404, _(u'Group not found')) except ValidationError as e: h.flash_error(e.error_dict['message']) return h.redirect_to(u'organization.read', id=id) return h.redirect_to(u'{}.read'.format(group_type), id=id) # TODO: Remove g.group_dict = group_dict return h.redirect_to(u'{}.index'.format(group_type))
def request_reset(self): context = {'model': model, 'session': model.Session, 'user': c.user, 'auth_user_obj': c.userobj} data_dict = {'id': request.params.get('user')} try: check_access('request_reset', context) except NotAuthorized: abort(401, _('Unauthorized to request reset password.')) if request.method == 'POST': id = request.params.get('user') context = {'model': model, 'user': c.user} data_dict = {'id': id} user_obj = None try: user_dict = get_action('user_show')(context, data_dict) user_obj = context['user_obj'] except NotFound: # Show success regardless of outcome to prevent scanning h.flash_success(_('Please check your inbox for ' 'a reset code.')) if user_obj: try: mailer.send_reset_link(user_obj) h.flash_success(_('Please check your inbox for ' 'a reset code.')) h.redirect_to('/') except mailer.MailerException, e: h.flash_error(_('Could not send reset link: %s') % unicode(e))
def member_new(self, id): context = {'model': model, 'session': model.Session, 'user': c.user or c.author} #self._check_access('group_delete', context, {'id': id}) try: if request.method == 'POST': data_dict = clean_dict(dict_fns.unflatten( tuplize_dict(parse_params(request.params)))) data_dict['id'] = id c.group_dict = self._action('group_member_create')(context, data_dict) self._redirect_to(controller='group', action='members', id=id) else: user = request.params.get('user') if user: c.user_dict = get_action('user_show')(context, {'id': user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member' else: c.user_role = 'member' c.group_dict = self._action('group_show')(context, {'id': id}) c.roles = self._action('member_roles_list')(context, {}) except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: abort(404, _('Group not found')) except ValidationError, e: h.flash_error(e.error_summary)
def callback(self): log.debug('calledback') try: token = self.oauth2helper.get_token() log.debug('token {}'.format(token)) user_name = self.oauth2helper.identify(token) self.oauth2helper.remember(user_name) self.oauth2helper.update_token(user_name, token) self.oauth2helper.redirect_from_callback() except Exception as e: # If the callback is called with an error, we must show the message error_description = toolkit.request.GET.get('error_description') if not error_description: if e.message: error_description = e.message elif hasattr(e, 'description') and e.description: error_description = e.description elif hasattr(e, 'error') and e.error: error_description = e.error else: error_description = type(e).__name__ toolkit.response.status_int = 302 redirect_url = oauth2.get_came_from(toolkit.request.params.get('state')) redirect_url = '/' if redirect_url == constants.INITIAL_PAGE else redirect_url toolkit.response.location = redirect_url helpers.flash_error(error_description)
def review(self, id): """ sends review notification to all journal admins """ context = self._context() try: tk.check_access('package_update', context, {'id': id}) except tk.NotAuthorized: tk.abort(403, 'Unauthorized') c.pkg_dict = tk.get_action('package_show')(context, {'id': id}) # avoid multiple notifications (eg. when someone calls review directly) if c.pkg_dict.get('dara_edawax_review', 'false') == 'true': h.flash_error("Package has already been sent to review") redirect(id) user_name = tk.c.userobj.fullname or tk.c.userobj.email admins = get_group_or_org_admin_ids(c.pkg_dict['owner_org']) addresses = map(lambda admin_id: model.User.get(admin_id).email, admins) note = n.review(addresses, user_name, id) if note: c.pkg_dict['dara_edawax_review'] = 'true' tk.get_action('package_update')(context, c.pkg_dict) h.flash_success('Notification to Editors sent.') else: h.flash_error('ERROR: Mail could not be sent. Please try again later or contact the site admin.') redirect(id)
def refresh(self, id): try: context = {'model': model, 'user': c.user, 'session': model.Session} p.toolkit.get_action('harvest_job_create')( context, {'source_id': id, 'run': True} ) h.flash_success( _('Harvest will start shortly. Refresh this page for updates.') ) except p.toolkit.ObjectNotFound: abort(404, _('Harvest source not found')) except p.toolkit.NotAuthorized: abort(401, self.not_auth_message) except HarvestSourceInactiveError: h.flash_error( _( 'Cannot create new harvest jobs on inactive ' 'sources. First, please change the source status ' 'to "active".' ) ) except HarvestJobExists: h.flash_notice( _('A harvest job has already been scheduled for ' 'this source') ) except Exception as e: msg = 'An error occurred: [%s]' % str(e) h.flash_error(msg) h.redirect_to(h.url_for('{0}_admin'.format(DATASET_TYPE_NAME), id=id))
def logged_in(self): # redirect if needed came_from = request.params.get('came_from', '') if c.user: context = None data_dict = {'id': c.user} user_dict = get_action('user_show')(context, data_dict) user_ref = c.userobj.get_reference_preferred_for_uri() if h.url_is_local(came_from) and came_from != '/': return h.redirect_to(str(came_from)) h.redirect_to(locale=None, controller='user', action='dashboard_datasets', id=user_ref) else: err = _('Login failed. Wrong email or password.') if h.asbool(config.get('ckan.legacy_templates', 'false')): h.flash_error(err) h.redirect_to(controller='user', action='login', came_from=came_from) else: return self.login(error=err)
def request_reset(self): context = {'model': model, 'session': model.Session, 'user': c.user, 'auth_user_obj': c.userobj} try: check_access('request_reset', context) except NotAuthorized: abort(401, _('Unauthorized to request reset password.')) if request.method == 'POST': email = request.params.get('email') users = model.User.by_email(email) if not users: h.flash_error(_('Email not registered: %s') % email) else: try: mailer.send_reset_link(users[0]) h.flash_success(_('Please check your inbox for ' 'a reset code.')) h.redirect_to('/') except mailer.MailerException, e: h.flash_error(_('Could not send reset link: %s') % unicode(e))
def post(self, group_type, is_organization, id=None): set_org(is_organization) context = self._prepare(id) data_dict = clean_dict( dict_fns.unflatten(tuplize_dict(parse_params(request.form)))) data_dict['id'] = id email = data_dict.get(u'email') if email: user_data_dict = { u'email': email, u'group_id': data_dict['id'], u'role': data_dict['role'] } del data_dict['email'] user_dict = _action(u'user_invite')(context, user_data_dict) data_dict['username'] = user_dict['name'] try: group_dict = _action(u'group_member_create')(context, data_dict) except NotAuthorized: base.abort(403, _(u'Unauthorized to add member to group %s') % u'') except NotFound: base.abort(404, _(u'Group not found')) except ValidationError as e: h.flash_error(e.error_summary) # TODO: Remove g.group_dict = group_dict return h.redirect_to(u'{}.members'.format(group_type), id=id)
def delete(self, id): group_type = self._ensure_controller_matches_group_type(id) if 'cancel' in request.params: h.redirect_to(group_type + '_edit', id=id) context = {'model': model, 'session': model.Session, 'user': c.user} try: self._check_access('group_delete', context, {'id': id}) except NotAuthorized: abort(403, _('Unauthorized to delete group %s') % '') try: if request.method == 'POST': self._action('group_delete')(context, {'id': id}) if group_type == 'organization': h.flash_notice(_('Organization has been deleted.')) elif group_type == 'group': h.flash_notice(_('Group has been deleted.')) else: h.flash_notice(_('%s has been deleted.') % _(group_type.capitalize())) h.redirect_to(group_type + '_index') c.group_dict = self._action('group_show')(context, {'id': id}) except NotAuthorized: abort(403, _('Unauthorized to delete group %s') % '') except NotFound: abort(404, _('Group not found')) except ValidationError as e: h.flash_error(e.error_dict['message']) h.redirect_to(controller='organization', action='read', id=id) return self._render_template('group/confirm_delete.html', group_type)
def abort(status_code=None, detail='', headers=None, comment=None): if detail: h.flash_error(detail) return _abort(status_code=status_code, detail=detail, headers=headers, comment=comment)
def login(self, error=None): # Do any plugin login stuff for item in p.PluginImplementations(p.IAuthenticator): item.login() if 'error' in request.params: h.flash_error(request.params['error']) if not c.user: came_from = request.params.get('came_from') if not came_from: came_from = h.url_for(controller='user', action='logged_in', __ckan_no_root=True) c.login_handler = h.url_for( self._get_repoze_handler('login_handler_path'), came_from=came_from) if error: vars = {'error_summary': {'': error}} else: vars = {} return render('user/login.html', extra_vars=vars) else: return render('user/logout_first.html')
def follow(package_type, id): """Start following this dataset. """ context = { u'model': model, u'session': model.Session, u'user': g.user, u'auth_user_obj': g.userobj } data_dict = {u'id': id} try: get_action(u'follow_dataset')(context, data_dict) package_dict = get_action(u'package_show')(context, data_dict) except ValidationError as e: error_message = (e.message or e.error_summary or e.error_dict) h.flash_error(error_message) except NotAuthorized as e: h.flash_error(e.message) else: h.flash_success( _(u"You are now following {0}").format(package_dict[u'title'])) return h.redirect_to(u'dataset.read', id=id)
def refresh(self, id): try: context = { 'model': model, 'user': c.user, 'session': model.Session } p.toolkit.get_action('harvest_job_create')(context, { 'source_id': id, 'run': True }) h.flash_success( _('Harvest will start shortly. Refresh this page for updates.') ) except p.toolkit.ObjectNotFound: abort(404, _('Harvest source not found')) except p.toolkit.NotAuthorized: abort(401, self.not_auth_message) except HarvestSourceInactiveError, e: h.flash_error( _('Cannot create new harvest jobs on inactive ' 'sources. First, please change the source status ' 'to \'active\'.'))
def delete(id): u''' Theme delete view function ''' context = _get_context() try: check_access(u'theme_delete', context) except NotAuthorized: return base.abort(403, _(u'Unauthorized' u' to create a theme')) data_dict = {u'id': id} try: if request.method == u'POST': get_action(u'theme_delete')(context, data_dict) h.flash_notice(_(u'Theme has been deleted.')) except NotAuthorized: base.abort(403, _(u'Unauthorized to delete theme.')) except NotFound: base.abort(404, _(u'Theme not found')) except ValidationError as e: h.flash_error(e.error_dict['message']) return h.redirect_to(u'theme.edit', name=id) return h.redirect_to(u'theme.index')
def assign(self, dataset_id, issue_id): dataset = self._before(dataset_id) if request.method == 'POST': try: assignee_id = request.POST.get('assignee') assignee = toolkit.get_action('user_show')( data_dict={'id': assignee_id}) except toolkit.ObjectNotFound: h.flash_error(_('User {0} does not exist'.format(assignee_id))) return p.toolkit.redirect_to('issues_show', id=issue_id, package_id=dataset_id) try: toolkit.get_action('issue_update')( data_dict={'id': issue_id, 'assignee_id': assignee['id'], 'dataset_id': dataset_id}) except toolkit.NotAuthorized: msg = _('Unauthorized to assign users to issue'.format( issue_id)) toolkit.abort(401, msg) except toolkit.ValidationError, e: toolkit.abort(404)
def publish_package(id): context = _get_context() try: result = toolkit.get_action('datacite_publish_package')(context, { 'id': id }) except toolkit.ObjectNotFound: toolkit.abort(404, 'Dataset not found') except toolkit.NotAuthorized: toolkit.abort(403, 'Not authorized') if result.get('success', True): h.flash_notice( 'DOI successfully reserved. Your publication request will be approved by an EnviDat admin as soon as ' 'possible.') else: error_message = 'Error publishing dataset: \n' + result.get( 'error', 'Internal Exception, please contact the portal ' 'admin.') h.flash_error(error_message) return toolkit.redirect_to(controller='dataset', action='read', id=id)
def _save_new(self, context): came_from = request.params.get('came_from') try: data_dict = logic.clean_dict( unflatten( logic.tuplize_dict(logic.parse_params(request.params)))) context['message'] = data_dict.get('log_message', '') recaptcha_response = data_dict['g-recaptcha-response'] remote_ip = request.environ.get('REMOTE_ADDR', 'Unknown IP Address') if (_check_recaptcha(remote_ip, recaptcha_response)): user = get_action('user_create')(context, data_dict) else: error_msg = _(u'Bad Captcha. Please try again.') h.flash_error(error_msg) return self.new(data_dict) except NotAuthorized: abort(403, _('Unauthorized to create user %s') % '') except NotFound, e: abort(404, _('User not found'))
def post(self, group_type: str, is_organization: bool, id: Optional[str] = None) -> Response: set_org(is_organization) context = self._prepare(id) try: _action(u'group_delete')(context, {u'id': id}) group_label = h.humanize_entity_type( u'group', group_type, u'has been deleted') or _(u'Group') h.flash_notice( _(u'%s has been deleted.') % _(group_label)) except NotAuthorized: base.abort(403, _(u'Unauthorized to delete group %s') % u'') except NotFound: base.abort(404, _(u'Group not found')) except ValidationError as e: h.flash_error(e.error_dict['message']) return h.redirect_to(u'{}.read'.format(group_type), id=id) return h.redirect_to(u'{}.index'.format(group_type))
def unfollow(self, id): '''Stop following this user.''' context = { 'model': model, 'session': model.Session, 'user': c.user or c.author, 'auth_user_obj': c.userobj } data_dict = {'id': id} try: get_action('unfollow_user')(context, data_dict) user_dict = get_action('user_show')(context, data_dict) h.flash_success( _("You are no longer following {0}").format( user_dict['display_name'])) except (NotFound, NotAuthorized) as e: error_message = e.extra_msg or e.message h.flash_error(error_message) except ValidationError as e: error_message = (e.error_summary or e.message or e.extra_msg or e.error_dict) h.flash_error(error_message) h.redirect_to(controller='user', action='read', id=id)
def get_all_pipelines(only_visible=False): assert uv_api_url try: if c.userobj: user_external_id = c.userobj.id else: # raise error err_msg = _('Error: Only logged in user can associate pipelines.') log.error(err_msg) h.flash_error(err_msg) return [] uv_api = UVRestAPIWrapper(uv_api_url, uv_api_auth) if only_visible: pipes = uv_api.get_visible_pipelines(user_external_id) else: pipes = uv_api.get_pipelines(user_external_id) return pipes except urllib2.HTTPError, e: error_msg =_("Couldn't retrieve information about pipelines: {error}").format(error=e.msg) h.flash_error(error_msg) log.error(e) return None
def callback(id): # Blueprints act strangely after user is logged in once. It will skip # SSO and user/login when trying to log in from different account and # directly get here. This is a workaround to force login user if not # redirected from loging page (as it sets important values in session) if not session.get('from_login'): return sso(id) session['from_login'] = False g_ = model.Group.get(session.get('organization_id', id)) client = Clients.get_client(g_) org_url = str(url_for(controller="organization", action='read', id=g_.name)) try: # Grab state from query parameter if session does not have it session['state'] = session.get('state', request.params.get('state')) userinfo, app_admin, app_user, access_token, id_token \ = client.callback(session['state'], request.args ) session['access_token'] = access_token session['id_token'] = id_token session.save() except OIDCError, e: flash_error('Login failed') return redirect_to(org_url, qualified=True)
def reauthor(self, id): """reset dataset to private and leave review state. Should also send email to author """ context = self._context() msg = tk.request.params.get('msg', '') c.pkg_dict = tk.get_action('package_show')(context, {'id': id}) creator_mail = model.User.get(c.pkg_dict['creator_user_id']).email note = n.reauthor(id, creator_mail, msg, context) if note: c.pkg_dict.update({ 'private': True, 'dara_edawax_review': 'reauthor' }) tk.get_action('package_update')(context, c.pkg_dict) h.flash_success( 'Notification sent. Dataset can now be re-edited by author') else: h.flash_error( 'ERROR: Mail could not be sent. Please try again later or contact the site admin.' ) redirect(id)
def sync_irods(params, id): """ Fetches a resource from database with the same path as user specified and that matches an existing resource in CKAN. """ from irods import getFileUserMetadata, rcModAccessControl rev = model.repo.new_revision() conn = get_connection_from_params(params) resource = Resource.get(id) path = params['path'] extras = {} # Lets handle only resources with file names if resource.name: fname = "%s/%s" % (path, resource.name.split('/')[-1]) log.debug(fname) i = 0 access = rcModAccessControl() log.debug(access.getPath()) if conn: for met in getFileUserMetadata(conn, fname): i += 1 key, value, _ = met extras[key] = value resource.extras = extras Session.add(resource) conn.disconnect() model.repo.commit() rev.message = "Update from iRODS, matched file %s" % fname h.flash_success( "iRODS import to resource OK! Imported %s metadatas" % i) else: h.flash_error("Could not connect to iRODS!") else: h.flash_error("Resource is an URL, cannot import!") h.redirect_to(controller='package', action='resource_read', \ id=resource.resource_group.package.name, \ resource_id=resource.id)
def remove_showcase_admin(self): ''' Remove a user from the Showcase Admin list. ''' context = {'model': model, 'session': model.Session, 'user': c.user or c.author} try: check_access('sysadmin', context, {}) except NotAuthorized: abort(401, _('User not authorized to view page')) if 'cancel' in request.params: tk.redirect_to( controller='ckanext.showcase.controller:ShowcaseController', action='manage_showcase_admins') user_id = request.params['user'] if request.method == 'POST' and user_id: user_id = request.params['user'] try: get_action('ckanext_showcase_admin_remove')( data_dict={'username': user_id}) except NotAuthorized: abort(401, _('Unauthorized to perform that action')) except NotFound: h.flash_error(_('The user is not a Showcase Admin')) else: h.flash_success(_('The user is no longer a Showcase Admin')) return redirect(h.url_for( controller='ckanext.showcase.controller:ShowcaseController', action='manage_showcase_admins')) c.user_dict = get_action('user_show')(data_dict={'id': user_id}) c.user_id = user_id return render('admin/confirm_remove_showcase_admin.html')
def post(self, package_type, id): context = {u'model': model, u'user': g.user} try: form_dict = logic.clean_dict( dict_fns.unflatten( logic.tuplize_dict( logic.parse_params(request.form)))) user = get_action(u'user_show')( context, {u'id': form_dict[u'username']} ) data_dict = { u'id': id, u'user_id': user[u'id'], u'capacity': form_dict[u'capacity'] } get_action(u'package_collaborator_create')( context, data_dict) except dict_fns.DataError: return base.abort(400, _(u'Integrity Error')) except NotAuthorized: message = _(u'Unauthorized to edit collaborators {}').format(id) return base.abort(401, _(message)) except NotFound as e: h.flash_error(_('User not found')) return h.redirect_to(u'dataset.new_collaborator', id=id) except ValidationError as e: h.flash_error(e.error_summary) return h.redirect_to(u'dataset.new_collaborator', id=id) else: h.flash_success(_(u'User added to collaborators')) return h.redirect_to(u'dataset.collaborators_read', id=id)
def abort(status_code=None, detail='', headers=None, comment=None): '''Abort the current request immediately by returning an HTTP exception. This is a wrapper for :py:func:`pylons.controllers.util.abort` that adds some CKAN custom behavior, including allowing :py:class:`~ckan.plugins.interfaces.IAuthenticator` plugins to alter the abort response, and showing flash messages in the web interface. ''' if status_code == 403: # Allow IAuthenticator plugins to alter the abort for item in p.PluginImplementations(p.IAuthenticator): result = item.abort(status_code, detail, headers, comment) (status_code, detail, headers, comment) = result if detail and status_code != 503: h.flash_error(detail) # #1267 Convert detail to plain text, since WebOb 0.9.7.1 (which comes # with Lucid) causes an exception when unicode is received. detail = detail.encode('utf8') return _abort(status_code=status_code, detail=detail, headers=headers, comment=comment)
def follow(id: str, group_type: str, is_organization: bool) -> Response: u'''Start following this group.''' set_org(is_organization) context = cast( Context, { u'model': model, u'session': model.Session, u'user': current_user.name } ) data_dict = {u'id': id} try: get_action(u'follow_group')(context, data_dict) group_dict = get_action(u'group_show')(context, data_dict) h.flash_success( _(u"You are now following {0}").format(group_dict['title'])) id = group_dict['name'] except ValidationError as e: error_message = (e.message or e.error_summary or e.error_dict) h.flash_error(error_message) except NotAuthorized as e: h.flash_error(e.message) return h.redirect_to(u'group.read', id=id)
def thread_add(self): if not c.userobj: tk.redirect_to( tk.url_for(controller='user', action='login', came_from=full_current_url())) if BannedUser.check_by_id(c.userobj): flash_error(tk._('You are banned')) tk.redirect_to(tk.url_for('forum_index')) form = CreateThreadForm(tk.request.POST) if tk.request.POST: if form.validate(): thread = tk.get_action('forum_create_thread')( { 'auth_user_obj': c.userobj }, form.data) log.debug("Form data is valid. Content: %s", thread.content) flash_success(tk._('You successfully create thread')) tk.redirect_to(thread.get_absolute_url()) else: flash_error(tk._('You have errors in form')) log.error("Validate errors: %s", form.errors) context = {'form': form, 'board_can_post': Board.filter_can_post()} return self.__render('create_thread.html', context)
def close_app(self, id): if c.userobj is None or not c.userobj.sysadmin: tk.redirect_to(tk.url_for(controller='user', action='login')) app = App.get_by_id(id=id) if not app: tk.redirect_to(tk.url_for('apps_activity')) form = CloseAppForm(tk.request.POST) if tk.request.POST: if form.validate(): form.populate_obj(app) app.status = "close" app.save() log.debug("Closed app") jobs.enqueue( send_notifications_on_change_app_status, [app, 'close', tk.request.environ.get('CKAN_LANG')]) flash_success(tk._('You successfully closed app')) tk.redirect_to(tk.url_for('apps_activity')) else: flash_error(tk._('You have errors in form')) log.debug("Validate errors: %s", form.errors) context = {'form': form} return self.__render('close_app.html', context)
def frontpage_featured_orgs(self, path=None, data=None, errors=None, error_summary=None): msg = '' if p.toolkit.request.method == 'POST' and not data: data = MultiDict(p.toolkit.request.POST) data = data.getall('featured_orgs') if len(data) < 1: msg = 'At least one featured org must be selected' h.flash_error(msg, allow_html=False) else: forgs = '' for i in range(len(data)): data[i] = data[i].encode('utf-8') forgs += data[i] if i < len(data) - 1: forgs += ' ' try: junk = p.toolkit.get_action('config_option_update')( { 'user': c.user }, { 'ckan.featured_orgs': forgs }) except p.toolkit.ValidationError, e: errors = e.error_dict error_summary = e.error_summary return self.frontpage_featured_orgs( '', data, errors, error_summary) p.toolkit.redirect_to('/frontpage')
def request_editor_for_org(self, org_id): ''' user_email, name of user, username, organization name, list with org-admins emails, ''' try: msg = _('Please allow me to submit data to this organization ') user = hdx_h.hdx_get_user_info(c.user) context = { 'model': model, 'session': model.Session, 'user': c.user or c.author } org_admins = tk.get_action('member_list')(context, { 'id': org_id, 'capacity': 'admin', 'object_type': 'user' }) admins = [] for admin_tuple in org_admins: admin_id = admin_tuple[0] admins.append(hdx_h.hdx_get_user_info(admin_id)) admins_with_email = [admin for admin in admins if admin['email']] data_dict = { 'display_name': user['display_name'], 'name': user['name'], 'email': user['email'], 'organization': org_id, 'message': msg, 'admins': admins_with_email } tk.get_action('hdx_send_editor_request_for_org')(context, data_dict) h.flash_success(_('Message sent')) except hdx_mail.NoRecipientException, e: h.flash_error(_(str(e)))
def logged_in(self): # redirect if needed came_from = request.params.get('came_from', '') if h.url_is_local(came_from): return h.redirect_to(str(came_from)) if c.user: context = None data_dict = {'id': c.user} user_dict = get_action('user_show')(context, data_dict) return self.me() else: err = _('Login failed. Bad username or password.') if g.openid_enabled: err += _(' (Or if using OpenID, it hasn\'t been associated ' 'with a user account.)') if h.asbool(config.get('ckan.legacy_templates', 'false')): h.flash_error(err) h.redirect_to(controller='user', action='login', came_from=came_from) else: return self.login(error=err)
def new_dataset_feedback(self): data = request.POST if not data.get('came_from'): base.abort(400) source_url = data['came_from'] feedback = data.get('feedback', '').strip() email = data.get('email', '').strip() if not feedback: h.flash_error(_('Please provide your feedback')) h.redirect_to(str(source_url)) msg = get_new_dataset_feedback_body(feedback, email) subject = _('Proposition for new dataaset') mail_from = config.get('smtp.mail_from') _mail_recipient(g.site_title, mail_from, g.site_title, g.site_url, subject, msg) h.flash_success(_('Thank you for your feedback!')) h.redirect_to(str(source_url))
def post(self): if u'cancel' in request.form: return h.redirect_to(u'admin.trash') req_action = request.form.get(u'action') if req_action == u'all': d = { u'dataset_purge': self.deleted_packages, u'group_purge': self.deleted_groups, u'organization_purge': self.deleted_orgs } for action, deleted_entities in d.items(): for ent in deleted_entities: logic.get_action(action)({ u'user': g.user }, { u'id': ent.id }) model.Session.remove() h.flash_success(_(u'Massive purge complete')) elif req_action in (u'package', u'organization', u'group'): entities = self.deleted_entities[req_action] number = entities.count() for ent in entities: logic.get_action(ent.type + u'_purge')({ u'user': g.user }, { u'id': ent.id }) model.Session.remove() h.flash_success( _(self.messages[u'success'][req_action].format(number=number))) else: h.flash_error(_(u'Action not implemented.')) return h.redirect_to(u'admin.trash')
def form(self): ''' Form based interaction, if called as a POST request the request params are used to send the email, if not then the form template is rendered. :return: a page, either the form page or the success page if the email was sent successfully ''' # dict of context values for the template renderer extra_vars = { u'data': {}, u'errors': {}, u'error_summary': {}, } if request.method == u'POST': result = self._submit() if result.get(u'success', False): return p.toolkit.render(u'contact/success.html') else: # the form page isn't setup to handle this error so we need to flash it here for it if result[u'recaptcha_error'] is not None: h.flash_error(result[u'recaptcha_error']) # note that this copies over an recaptcha error key/value present in the submit # result extra_vars.update(result) else: # try and use logged in user values for default values try: extra_vars[u'data'][ u'name'] = base.c.userobj.fullname or base.c.userobj.name extra_vars[u'data'][u'email'] = base.c.userobj.email except AttributeError: extra_vars[u'data'][u'name'] = extra_vars[u'data'][ u'email'] = None return p.toolkit.render(u'contact/form.html', extra_vars=extra_vars)
def manage(self, id): context, controller = self._get_context_controller() username = toolkit.request.params.get('username') dataset_type = toolkit.request.params.get("field-dataset_type") classification = toolkit.request.params.get('field-classification') group_object = model.Group.get(id) groupname = group_object.name toolkit.c.group_dict = group_object if toolkit.request.method == 'POST': if username: user_object = model.User.get(username) if not user_object: helpers.flash_error( "User \"{0}\" not exist!".format(username)) else: self._action( 'security_member_create', context, username, groupname, dataset_type, classification, "User \"{0}\" is now a Member of Security on type \"{1}\"" .format(username, dataset_type)) else: helpers.flash_error("Please input username first.") return toolkit.redirect_to( toolkit.url_for(controller=controller, action='manage', id=id)) security_members_list = toolkit.get_action('security_member_list')( context, data_dict={ 'groupname': groupname }) return toolkit.render('organization/manage_security_members.html', extra_vars={ 'security_members_list': security_members_list, })
def request_reset(self): if request.method == 'POST': id = request.params.get('user') context = {'model': model, 'user': c.user} data_dict = {'id': id} user_obj = None try: user_dict = get_action('user_show')(context, data_dict) user_obj = context['user_obj'] except NotFound: # Try searching the user del data_dict['id'] data_dict['q'] = id if id and len(id) > 2: user_list = get_action('user_list')(context, data_dict) if len(user_list) == 1: # This is ugly, but we need the user object for the # mailer, # and user_list does not return them del data_dict['q'] data_dict['id'] = user_list[0]['id'] user_dict = get_action('user_show')(context, data_dict) user_obj = context['user_obj'] elif len(user_list) > 1: h.flash_error(_('"%s" matched several users') % (id)) else: h.flash_error(_('No such user: %s') % id) else: h.flash_error(_('No such user: %s') % id) if user_obj: try: mailer.send_reset_link(user_obj) h.flash_success(_('Please check your inbox for ' 'a reset code.')) h.redirect_to('/') except mailer.MailerException, e: h.flash_error(_('Could not send reset link: %s') % unicode(e))
def setup_template_variables(self, context, data_dict): resource = data_dict['resource'] same_domain = datapreview.on_same_domain(data_dict) format_lower = resource.get('format', '').lower() resource.setdefault('auth_type', 'none') url = resource['url'] if format_lower == NGSI_FORMAT and not check_query(resource): details = "</br></br>This is not a ContextBroker query, please check <a href='https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Publish/Subscribe_Broker_-_Orion_Context_Broker_-_User_and_Programmers_Guide'>Orion Context Broker documentation</a></br></br></br>" f_details = "This is not a ContextBroker query, please check Orion Context Broker documentation." h.flash_error(f_details, allow_html=False) view_enable = [False, details] elif not same_domain and not self.proxy_is_enabled: details = "</br></br>Enable resource_proxy</br></br></br>" f_details = "Enable resource_proxy." h.flash_error(f_details, allow_html=False) view_enable = [False, details] url = '' else: url = self.get_proxified_ngsi_url(data_dict) if resource['auth_type'] != 'none' and not p.toolkit.c.user: details = "</br></br>In order to see this resource properly, you need to be logged in.</br></br></br>" f_details = "In order to see this resource properly, you need to be logged in." h.flash_error(f_details, allow_html=False) view_enable = [False, details] elif resource['auth_type'] != 'none' and not self.oauth2_is_enabled: details = "</br></br>In order to see this resource properly, enable oauth2 extension</br></br></br>" f_details = "In order to see this resource properly, enable oauth2 extension." h.flash_error(f_details, allow_html=False) view_enable = [False, details] else: data_dict['resource']['url'] = url view_enable = [True, 'OK'] return { 'resource_json': json.dumps(data_dict['resource']), 'resource_url': json.dumps(url), 'view_enable': json.dumps(view_enable) }
def post(self): context, data_dict = self._prepare() id = data_dict[u'id'] context = {u'model': model, u'user': g.user} user_obj = None try: logic.get_action(u'user_show')(context, data_dict) user_obj = context[u'user_obj'] except logic.NotFound: # Try searching the user if id and len(id) > 2: user_list = logic.get_action(u'user_list')(context, { u'id': id }) if len(user_list) == 1: # This is ugly, but we need the user object for the # mailer, # and user_list does not return them data_dict[u'id'] = user_list[0][u'id'] logic.get_action(u'user_show')(context, data_dict) user_obj = context[u'user_obj'] elif len(user_list) > 1: h.flash_error(_(u'"%s" matched several users') % (id)) else: h.flash_error(_(u'No such user: %s') % id) else: h.flash_error(_(u'No such user: %s') % id) if user_obj: try: # FIXME: How about passing user.id instead? Mailer already # uses model and it allow to simplify code above mailer.send_reset_link(user_obj) h.flash_success( _(u'Please check your inbox for ' u'a reset code.')) return h.redirect_to(u'/') except mailer.MailerException as e: h.flash_error( _(u'Could not send reset link: %s') % text_type(e)) return self.get()
def setup_template_variables(self, context, data_dict): resource = data_dict['resource'] format_lower = resource.get('format', '').lower() resource.setdefault('auth_type', 'none') url = resource['url'] if not self.proxy_is_enabled: details = "</br></br>Activar resource_proxy</br></br></br>" f_details = "Enable resource_proxy." h.flash_error(f_details, allow_html=False) view_enable = [False, details] elif resource['auth_type'] != 'none' and not self.oauth2_is_enabled: details = "</br></br>Para ver este recurso correctamente, active la extensión oauth2</br></br></br>" f_details = "In order to see this resource properly, enable oauth2 extension." h.flash_error(f_details, allow_html=False) view_enable = [False, details] elif format_lower == NGSI_FORMAT and not check_query(resource): details = "</br></br>Esto no es una consulta de ContextBroker, por favor, compruebe <a href='https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Publish/Subscribe_Broker_-_Orion_Context_Broker_-_User_and_Programmers_Guide'>Documentación de Orion Context Broker</a></br></br></br>" f_details = "This is not a ContextBroker query, please check Orion Context Broker documentation." h.flash_error(f_details, allow_html=False) view_enable = [False, details] elif resource['auth_type'] != 'none' and not p.toolkit.c.user: details = "</br></br>Para poder ver este recurso correctamente, debe estar conectado.</br></br></br>" f_details = "In order to see this resource properly, you need to be logged in." h.flash_error(f_details, allow_html=False) view_enable = [False, details] else: # All checks passed url = self.get_proxified_ngsi_url(data_dict) data_dict['resource']['url'] = url view_enable = [True, 'OK'] return { 'resource_json': json.dumps(data_dict['resource']), 'resource_url': json.dumps(url), 'view_enable': json.dumps(view_enable) }