def set_bulk_permissions(request): permission_spec = json.loads(request.POST.get('permissions', None)) resource_ids = request.POST.getlist('resources', []) if permission_spec is not None: not_permitted = [] for resource_id in resource_ids: try: resource = resolve_object( request, ResourceBase, {'id': resource_id}, 'base.change_resourcebase_permissions') resource.set_permissions(permission_spec) except PermissionDenied: try: resolve_object(request, ResourceBase, {'id': resource_id}, 'base.change_resourcebase') resource.set_permissions(permission_spec) except PermissionDenied: not_permitted.append( ResourceBase.objects.get(id=resource_id).title) return HttpResponse(json.dumps({ 'success': 'ok', 'not_changed': not_permitted }), status=200, content_type='text/plain') else: return HttpResponse(json.dumps( {'error': _('Wrong permissions specification')}), status=400, content_type='text/plain')
def _resolve_layer(request, typename, permission='base.view_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the layer by the provided typename (which may include service name) and check the optional permission. """ service_typename = typename.split(":", 1) service = Service.objects.filter(name=service_typename[0]) try: if service.count() > 0 and service[0].method != "C": return resolve_object(request, Layer, { 'service': service[0], 'typename': service_typename[1] }, permission=permission, permission_msg=msg, **kwargs) else: return resolve_object(request, Layer, {'typename': typename}, permission=permission, permission_msg=msg, **kwargs) except PermissionDenied: return "permission_denied"
def _filter_actions(action, request): if action == 'all': _actions = Action.objects.filter(public=True)[:1000] else: _actions = Action.objects.filter( public=True, action_object_content_type__model=action)[:1000] _filtered_actions = [] for _action in _actions: if _action.target_object_id: action_object_filter = { 'id': _action.target_object_id } elif _action.action_object_object_id: action_object_filter = { 'id': _action.action_object_object_id } try: resolve_object( request, ResourceBase, action_object_filter, 'base.view_resourcebase') _filtered_actions.append(_action.id) except ResourceBase.DoesNotExist: _filtered_actions.append(_action.id) except (PermissionDenied, Exception) as e: logger.debug(e) return _filtered_actions
def _resolve_layer(request, typename, permission='base.view_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the layer by the provided typename (which may include service name) and check the optional permission. """ service_typename = typename.split(":", 1) service = Service.objects.filter(name=service_typename[0]) try: if service.count() > 0 and service[0].method != "C": return resolve_object(request, Layer, {'service': service[0], 'typename': service_typename[1]}, permission=permission, permission_msg=msg, **kwargs) else: return resolve_object(request, Layer, {'typename': typename}, permission=permission, permission_msg=msg, **kwargs) except PermissionDenied: return "permission_denied"
def _resolve_layer(request, typename, permission='base.view_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the layer by the provided typename (which may include service name) and check the optional permission. """ service_typename = typename.split(":", 1) if Service.objects.filter(name=service_typename[0]).exists(): service = Service.objects.filter(name=service_typename[0]) return resolve_object( request, Layer, { 'service': service[0], 'typename': service_typename[1] if service[0].method != "C" else typename }, permission=permission, permission_msg=msg, **kwargs) else: return resolve_object(request, Layer, { 'typename': typename, 'service': None }, permission=permission, permission_msg=msg, **kwargs)
def _resolve_layer(request, typename, permission='base.view_resourcebase', msg=_PERMISSION_GENERIC, **kwargs): service_typename = typename.split(":", 1) service = Service.objects.filter(name=service_typename[0]) if service.count() > 0: return resolve_object( request, Layer, { 'service': service[0], 'typename': service_typename[1] if service[0].method != "C" else typename }, permission=permission, permission_msg=msg, **kwargs) else: return resolve_object(request, Layer, { 'typename': typename, 'service': None }, permission=permission, permission_msg=msg, **kwargs)
def _resolve_layer(request, typename, permission='layers.change_layer', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the layer by the provided typename and check the optional permission. """ return resolve_object(request, Layer, {'typename':typename}, permission = permission, permission_msg=msg, **kwargs)
def _resolve_analysis(request, identifier, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the Analysis by the provided typename and check the optional permission. """ return resolve_object(request, Analysis, {'pk':identifier}, permission=permission, permission_msg=msg, **kwargs)
def original_link_available(context, resourceid, url): _not_permitted = _("You are not permitted to save or edit this resource.") request = context['request'] instance = resolve_object(request, ResourceBase, {'pk': resourceid}, permission='base.download_resourcebase', permission_msg=_not_permitted) download_url = urljoin(settings.SITEURL, reverse("download", args={resourceid})) if urlsplit(url).netloc != urlsplit(download_url).netloc or \ urlsplit(url).path != urlsplit(download_url).path: return True dataset_files = [] if isinstance(instance, ResourceBase): try: for file in instance.files: dataset_files.append(file) if not storage_manager.exists(file): return False except Exception: traceback.print_exc() return False if dataset_files: return True else: return False
def perform_update(self, serializer): # Check instance permissions with resolve_object mapid = serializer.instance.id key = "urlsuffix" if Map.objects.filter( urlsuffix=mapid).exists() else "pk" map_obj = resolve_object(self.request, Map, {key: mapid}, permission="base.change_resourcebase", permission_msg=_PERMISSION_MSG_SAVE) instance = serializer.instance if instance != map_obj: raise ValidationError() # Thumbnail will be handled later post_change_data = { "thumbnail": serializer.validated_data.pop("thumbnail_url", ""), "dataset_names_before_changes": [lyr.alternate for lyr in instance.datasets], } instance = serializer.save() # thumbnail, events and resouce routines self._post_change_routines( instance=instance, create_action_perfomed=False, additional_data=post_change_data, )
def _resolve_document(request, docid, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the document by the provided primary key and check the optional permission. ''' return resolve_object(request, Document, {'pk': docid}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_map(request, id, permission='maps.change_map', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the Map by the provided typename and check the optional permission. ''' return resolve_object(request, Map, {'pk':id}, permission = permission, permission_msg=msg, **kwargs)
def resource_permissions(request, resource_id): try: resource = resolve_object( request, ResourceBase, { 'id': resource_id}, 'base.change_resourcebase_permissions') except PermissionDenied: # we are handling this in a non-standard way return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, mimetype='text/plain') if request.method == 'POST': permission_spec = json.loads(request.body) resource.set_permissions(permission_spec) return HttpResponse( json.dumps({'success': True}), status=200, mimetype='text/plain' ) elif request.method == 'GET': permission_spec = _perms_info_json(resource) return HttpResponse( json.dumps({'success': True, 'permissions': permission_spec}), status=200, mimetype='text/plain' ) else: return HttpResponse( 'No methods other than get and post are allowed', status=401, mimetype='text/plain')
def thumbnail_upload(request, res_id, template='base/thumbnail_upload.html'): try: res = resolve_object(request, ResourceBase, {'id': res_id}, 'base.change_resourcebase') except PermissionDenied: return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, content_type='text/plain') form = CuratedThumbnailForm() if request.method == 'POST': if 'remove-thumb' in request.POST: if hasattr(res, 'curatedthumbnail'): res.curatedthumbnail.delete() else: form = CuratedThumbnailForm(request.POST, request.FILES) if form.is_valid(): ct = form.save(commit=False) # remove existing thumbnail if any if hasattr(res, 'curatedthumbnail'): res.curatedthumbnail.delete() ct.resource = res ct.save() return HttpResponseRedirect(request.path_info) return render(request, template, context={'resource': res, 'form': form})
def _resolve_document(request, docid, permission='layers.change_layer', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the layer by the provided typename and check the optional permission. ''' return resolve_object(request, Document, {'pk':docid}, permission = permission, permission_msg=msg, **kwargs)
def set_bulk_permissions(request): permission_spec = json.loads(request.POST.get('permissions', None)) resource_ids = request.POST.getlist('resources', []) if permission_spec is not None: not_permitted = [] for resource_id in resource_ids: try: resource = resolve_object( request, ResourceBase, { 'id': resource_id }, 'base.change_resourcebase_permissions') resource.set_permissions(permission_spec) except PermissionDenied: not_permitted.append(ResourceBase.objects.get(id=resource_id).title) return HttpResponse( json.dumps({'success': 'ok', 'not_changed': not_permitted}), status=200, content_type='text/plain' ) else: return HttpResponse( json.dumps({'error': 'Wrong permissions specification'}), status=400, content_type='text/plain')
def _resolve_map(request, id, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the Map by the provided typename and check the optional permission. ''' return resolve_object(request, Map, {'pk':id}, permission = permission, permission_msg=msg, **kwargs)
def _resolve_appinstance(request, appinstanceid, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the document by the provided primary key and check the optional permission. """ return resolve_object(request, AppInstance, {'pk': appinstanceid}, permission=permission, permission_msg=msg, **kwargs)
def original_link_available(context, resourceid, url): _not_permitted = _("You are not permitted to save or edit this resource.") request = context['request'] instance = resolve_object(request, Layer, {'pk': resourceid}, permission='base.download_resourcebase', permission_msg=_not_permitted) download_url = urljoin(settings.SITEURL, reverse("download", args={resourceid})) if urlsplit(url).netloc != urlsplit(download_url).netloc or \ urlsplit(url).path != urlsplit(download_url).path: return True layer_files = [] if isinstance(instance, Layer): try: upload_session = instance.get_upload_session() if upload_session: layer_files = [ item for idx, item in enumerate( LayerFile.objects.filter( upload_session=upload_session)) ] if layer_files: for lyr in layer_files: if not storage.exists(str(lyr.file)): return False except Exception: traceback.print_exc() return False if layer_files: return True else: return False
def _resolve_geoapp(request, id, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the GeoApp by the provided typename and check the optional permission. ''' return resolve_object(request, GeoApp, {"pk": id}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_smap(request, smapid, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the smap by the provided primary key and check the optional permission. ''' return resolve_object(request, StaticMap, {'pk': smapid}, permission=permission, permission_msg=msg, **kwargs)
def featured_map_info(request, site): ''' main view for map resources, dispatches to correct view based on method and query args. ''' map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase', permission_msg=_PERMISSION_MSG_VIEW) return map_detail(request, str(map_obj.id))
def featured_map(request, site): """ The view that returns the map composer opened to the map with the given official site url. """ map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase', permission_msg=_PERMISSION_MSG_VIEW) return map_view(request, str(map_obj.id))
def resource_permissions(request, resource_id): try: resource = resolve_object(request, ResourceBase, {'id': resource_id}, 'base.change_resourcebase_permissions') except PermissionDenied: # we are handling this in a non-standard way return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, content_type='text/plain') if request.method == 'POST': success = True message = "Permissions successfully updated!" try: permission_spec = json.loads(request.body) resource.set_permissions(permission_spec) # Check Users Permissions Consistency info = _perms_info(resource) info_users = dict([(u.username, perms) for u, perms in info['users'].items()]) for user, perms in info_users.items(): if 'download_resourcebase' in perms and 'view_resourcebase' not in perms: success = False message = 'User ' + str(user) + ' has Download permissions but ' \ 'cannot access the resource. ' \ 'Please update permissions consistently!' return HttpResponse(json.dumps({ 'success': success, 'message': message }), status=200, content_type='text/plain') except: success = False message = "Error updating permissions :(" return HttpResponse(json.dumps({ 'success': success, 'message': message }), status=500, content_type='text/plain') elif request.method == 'GET': permission_spec = _perms_info_json(resource) return HttpResponse(json.dumps({ 'success': True, 'permissions': permission_spec }), status=200, content_type='text/plain') else: return HttpResponse('No methods other than get and post are allowed', status=401, content_type='text/plain')
def _resolve_dataset(request, alternate, permission='base.view_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the layer by the provided typename (which may include service name) and check the optional permission. """ service_typename = alternate.split(":", 1) if Service.objects.filter(name=service_typename[0]).count() == 1: query = { 'alternate': service_typename[1], 'remote_service': Service.objects.filter(name=service_typename[0]).get() } return resolve_object(request, Dataset, query, permission=permission, permission_msg=msg, **kwargs) else: if len(service_typename) > 1 and ':' in service_typename[1]: if service_typename[0]: query = { 'store': service_typename[0], 'alternate': service_typename[1] } else: query = {'alternate': service_typename[1]} else: query = {'alternate': alternate} test_query = Dataset.objects.filter(**query) if test_query.count() > 1 and test_query.exclude( subtype='remote').count() == 1: query = {'id': test_query.exclude(subtype='remote').last().id} elif test_query.count() > 1: query = {'id': test_query.last().id} return resolve_object(request, Dataset, query, permission=permission, permission_msg=msg, **kwargs)
def resource_permissions(request, resource_id): try: resource = resolve_object( request, ResourceBase, { 'id': resource_id}, 'base.change_resourcebase_permissions') except PermissionDenied: # we are handling this in a non-standard way return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, content_type='text/plain') if request.method == 'POST': success = True message = "Permissions successfully updated!" try: permission_spec = json.loads(request.body) resource.set_permissions(permission_spec) # Check Users Permissions Consistency info = _perms_info(resource) info_users = dict([(u.username, perms) for u, perms in info['users'].items()]) for user, perms in info_users.items(): if 'download_resourcebase' in perms and 'view_resourcebase' not in perms: success = False message = 'User ' + str(user) + ' has Download permissions but ' \ 'cannot access the resource. ' \ 'Please update permissions consistently!' return HttpResponse( json.dumps({'success': success, 'message': message}), status=200, content_type='text/plain' ) except BaseException: success = False message = "Error updating permissions :(" return HttpResponse( json.dumps({'success': success, 'message': message}), status=500, content_type='text/plain' ) elif request.method == 'GET': permission_spec = _perms_info_json(resource) return HttpResponse( json.dumps({'success': True, 'permissions': permission_spec}), status=200, content_type='text/plain' ) else: return HttpResponse( 'No methods other than get and post are allowed', status=401, content_type='text/plain')
def resource_permissions(request, type, resource_id): try: if type == "layer": resource = resolve_object(request, Layer, {'id': resource_id}, 'layers.change_layer_permissions') elif type == "map": resource = resolve_object(request, Map, {'id': resource_id}, 'maps.change_map_permissions') elif type == "document": resource = resolve_object(request, Document, {'id': resource_id}, 'documents.change_document_permissions') else: return HttpResponse('Invalid resource type', status=401, mimetype='text/plain') except PermissionDenied: # we are handling this in a non-standard way return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, mimetype='text/plain') if request.method == 'POST': permission_spec = json.loads(request.body) resource.set_permissions(permission_spec) return HttpResponse(json.dumps({'success': True}), status=200, mimetype='text/plain') elif request.method == 'GET': permission_spec = json.dumps(resource.get_all_level_info()) return HttpResponse(json.dumps({ 'success': True, 'permissions': permission_spec }), status=200, mimetype='text/plain') else: return HttpResponse('No methods other than get and post are allowed', status=401, mimetype='text/plain')
def resource_permissions(request, type, resource_id): try: if type == "layer": resource = resolve_object(request, Layer, {'id':resource_id}, 'layers.change_layer_permissions') elif type == "map": resource = resolve_object(request, Map, {'id':resource_id}, 'maps.change_map_permissions') elif type == "document": resource = resolve_object(request, Document, {'id':resource_id}, 'documents.change_document_permissions') else: return HttpResponse( 'Invalid resource type', status=401, mimetype='text/plain') except PermissionDenied: # we are handling this in a non-standard way return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, mimetype='text/plain') if request.method == 'POST': permission_spec = json.loads(request.raw_post_data) resource.set_permissions(permission_spec) return HttpResponse( json.dumps({'success': True}), status=200, mimetype='text/plain' ) elif request.method == 'GET': permission_spec = json.dumps(resource.get_all_level_info()) return HttpResponse( json.dumps({'success': True, 'permissions': permission_spec}), status=200, mimetype='text/plain' ) else: return HttpResponse( 'No methods other than get and post are allowed', status=401, mimetype='text/plain')
def _resolve_layer(request, typename, permission="base.view_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the layer by the provided typename (which may include service name) and check the optional permission. """ service_typename = typename.split(":", 1) if Service.objects.filter(name=service_typename[0]).exists(): service = Service.objects.filter(name=service_typename[0]) return resolve_object( request, Layer, {"service": service[0], "typename": service_typename[1] if service[0].method != "C" else typename}, permission=permission, permission_msg=msg, **kwargs ) else: return resolve_object( request, Layer, {"typename": typename, "service": None}, permission=permission, permission_msg=msg, **kwargs )
def _resolve_map(request, id, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the Map by the provided typename and check the optional permission. ''' if id.isdigit(): key = 'pk' else: key = 'urlsuffix' return resolve_object(request, MapStory, {key: id}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_map(request, id, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the Map by the provided typename and check the optional permission. ''' if id.isdigit(): key = 'pk' else: key = 'urlsuffix' return resolve_object(request, Map, {key: id}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_map_custom( request, id, fieldname, permission='base_change.resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the Map by the provided typename and check the optional permission. ''' return resolve_object(request, Map, {fieldname: id}, permission=permission, permission_msg=msg, **kwargs)
def _annotations_get(req, mapid): mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase') cols = ['title', 'content', 'media', 'start_time', 'end_time', 'in_map', 'in_timeline', 'appearance', 'auto_show', 'pause_playback'] ann = Annotation.objects.filter(map=mapid) ann = ann.order_by('start_time', 'end_time', 'title') if bool(req.GET.get('in_map', False)): ann = ann.filter(in_map=True) if bool(req.GET.get('in_timeline', False)): ann = ann.filter(in_timeline=True) if 'page' in req.GET: page = int(req.GET['page']) page_size = 25 start = page * page_size end = start + page_size ann = ann[start:end] if 'csv' in req.GET: response = HttpResponse(content_type='text/csv') response['Content-Disposition'] = 'attachment; filename=map-%s-annotations.csv' % mapobj.id response['Content-Encoding'] = 'utf-8' writer = csv.writer(response) writer.writerow(cols) sidx = cols.index('start_time') eidx = cols.index('end_time') # default csv writer chokes on unicode encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v) get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else '' for a in ann: vals = [encode(get_value(a, c)) for c in cols] vals[sidx] = a.start_time_str vals[eidx] = a.end_time_str writer.writerow(vals) return response # strip the superfluous id, it will be added at the feature level props = [c for c in cols if c != 'id'] def encode(query_set): results = [] for res in query_set: feature = {'id': res.id} if res.the_geom: feature['geometry'] = res.the_geom fp = feature['properties'] = {} for p in props: val = getattr(res, p) if val is not None: fp[p] = val results.append(feature) return results return json_response({'type':'FeatureCollection','features':encode(ann)})
def _resolve_map(request, id, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the Map by the provided typename and check the optional permission. ''' if Map.objects.filter(urlsuffix=id).count() > 0: key = 'urlsuffix' else: key = 'pk' return resolve_object(request, Map, {key: id}, permission=permission, permission_msg=msg, **kwargs)
def _annotations_get(req, mapid): mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase') cols = ['title', 'content', 'media', 'start_time', 'end_time', 'in_map', 'in_timeline', 'appearance', 'auto_show', 'pause_playback'] ann = Marker.objects.filter(map=mapid) ann = ann.order_by('start_time', 'end_time', 'title') if bool(req.GET.get('in_map', False)): ann = ann.filter(in_map=True) if bool(req.GET.get('in_timeline', False)): ann = ann.filter(in_timeline=True) if 'page' in req.GET: page = int(req.GET['page']) page_size = 25 start = page * page_size end = start + page_size ann = ann[start:end] if 'csv' in req.GET: response = HttpResponse(content_type='text/csv') response['Content-Disposition'] = 'attachment; filename=map-%s-annotations.csv' % mapobj.id response['Content-Encoding'] = 'utf-8' writer = csv.writer(response) writer.writerow(cols) sidx = cols.index('start_time') eidx = cols.index('end_time') # default csv writer chokes on unicode encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v) get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else '' for a in ann: vals = [encode(get_value(a, c)) for c in cols] vals[sidx] = a.start_time_str vals[eidx] = a.end_time_str writer.writerow(vals) return response # strip the superfluous id, it will be added at the feature level props = [c for c in cols if c != 'id'] def encode(query_set): results = [] for res in query_set: feature = { 'id' : res.id} if res.the_geom: feature['geometry'] = res.the_geom fp = feature['properties'] = {} for p in props: val = getattr(res, p) if val is not None: fp[p] = val results.append(feature) return results return json_response({'type':'FeatureCollection','features':encode(ann)})
def _resolve_layer(request, typename, permission='base.view_resourcebase', msg=_PERMISSION_GENERIC, **kwargs): service_typename = typename.split(":", 1) service = Service.objects.filter(name=service_typename[0]) if service.count() > 0: return resolve_object(request, Layer, {'service': service[0], 'typename': service_typename[1] if service[0].method != "C" else typename}, permission=permission, permission_msg=msg, **kwargs) else: return resolve_object(request, Layer, {'typename': typename, 'service': None}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_document(request, docid, permission='layers.change_layer', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the layer by the provided typename and check the optional permission. ''' return resolve_object(request, Document, {'pk': docid}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_video(request, vidid, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the video by the provided primary key and check the optional permission. ''' return resolve_object(request, Video, {'pk': vidid}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_document(request, slug, permission='base.change_resourcebase', msg=_PERMISSION_MSG_GENERIC, **kwargs): ''' Resolve the document by the provided primary key and check the optional permission. ''' wfpdoc = WFPDocument.objects.get(slug=slug) return resolve_object(request, WFPDocument, {'pk': wfpdoc.id}, permission=permission, permission_msg=msg, **kwargs)
def _resolve_map(request, id, permission="base.change_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the Map by the provided typename and check the optional permission. """ key = "urlsuffix" if Map.objects.filter(urlsuffix=id).exists() else "pk" map_obj = resolve_object(request, Map, {key: id}, permission=permission, permission_msg=msg, **kwargs) return map_obj
def prefix_xsl_line(req, id): # if the layer is in the catalogue, try to get the distribution urls # that cannot be precalculated. resource = None try: resource = get_object_or_404(ResourceBase, pk=id) query = {'id': resource.get_real_instance().id} resource = resolve_object( req, resource.get_real_instance_class(), query, permission='base.view_resourcebase', permission_msg=_("You are not permitted to view this resource")) catalogue = get_catalogue() record = catalogue.get_record(resource.uuid) if record: logger.debug(record.xml) except PermissionDenied: return HttpResponse(_("Not allowed"), status=403) except Exception: logger.debug(traceback.format_exc()) msg = f'Could not connect to catalogue to save information for layer "{str(resource)}"' return HttpResponse(msg, status=404) try: # generate an XML document (GeoNode's default is ISO) if resource.metadata_uploaded and resource.metadata_uploaded_preserve: md_doc = etree.tostring(dlxml.fromstring(resource.metadata_xml)) else: md_doc = catalogue.catalogue.csw_gen_xml( resource, settings.CATALOG_METADATA_TEMPLATE) xml = md_doc except Exception: logger.debug(traceback.format_exc()) return HttpResponse("Resource Metadata not available!") site_url = settings.SITEURL.rstrip('/') if settings.SITEURL.startswith( 'http') else settings.SITEURL xsl_static = getattr(settings, 'CATALOG_METADATA_XSL', '/static/metadataxsl/metadata.xsl') xsl_path = f'{site_url}{xsl_static}' xsl_line = f'<?xml-stylesheet type="text/xsl" href="{xsl_path}"?>' return HttpResponse(xsl_line + xml, content_type="text/xml")
def resource_permissions(request, resource_id): try: resource = resolve_object(request, ResourceBase, {'id': resource_id}, 'base.change_resourcebase_permissions') except PermissionDenied: # traceback.print_exc() # we are handling this in a non-standard way return HttpResponse( _('You are not allowed to change permissions for this resource'), status=401, content_type='text/plain') if request.method == 'POST': return resource_permissions_handle_post(request, resource) elif request.method == 'GET': return resource_permisions_handle_get(request, resource) else: return HttpResponse('No methods other than get and post are allowed', status=401, content_type='text/plain')
def resource_permissions(request, resource_id): try: resource = resolve_object( request, ResourceBase, { 'id': resource_id}, 'base.change_resourcebase_permissions') resource_content_type = ContentType.objects.get_for_model(resource).id except PermissionDenied: # we are handling this in a non-standard way return HttpResponse( 'You are not allowed to change permissions for this resource', status=401, mimetype='text/plain') if request.method == 'POST': permission_spec = json.loads(request.body) old_permission_spec = resource.get_all_level_info() for user in permission_spec['users']: user = get_user_model().objects.get(username=user) if user not in old_permission_spec['users']: action = Action( actor=request.user, action_object_id=resource.id, action_object_content_type_type=resource_content_type, target=user, verb='permission_granted') action.save() else: old_permission_spec['users'].pop(user) resource.set_permissions(permission_spec) for user in old_permission_spec['users']: action = Action( actor=request.user, action_object_id=resource.id, action_object_content_type=resource_content_type, target=user, verb='permission_revoked') action.save() return HttpResponse( json.dumps({'success': True}), status=200, mimetype='text/plain' ) elif request.method == 'GET': permission_spec = _perms_info_json(resource) return HttpResponse( json.dumps({'success': True, 'permissions': permission_spec}), status=200, mimetype='text/plain' ) else: return HttpResponse( 'No methods other than get and post are allowed', status=401, mimetype='text/plain')
def _resolve_map(request, id, permission="maps.change_map", msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the Map by the provided typename and check the optional permission. """ return resolve_object(request, Map, {"pk": id}, permission=permission, permission_msg=msg, **kwargs)
def _boxes_get(req, mapid): mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase') cols = ['title', 'description', 'start_time', 'end_time', 'center', 'speed', 'interval', 'playback', 'playbackRate', 'intervalRate', 'zoom'] box = StoryBox.objects.filter(map=mapid) box = box.order_by('start_time', 'end_time', 'title') if bool(req.GET.get('in_map', False)): box = box.filter(in_map=True) if bool(req.GET.get('in_timeline', False)): box = box.filter(in_timeline=True) if 'page' in req.GET: page = int(req.GET['page']) page_size = 25 start = page * page_size end = start + page_size box = box[start:end] if 'csv' in req.GET: response = HttpResponse(mimetype='text/csv') response['Content-Disposition'] = 'attachment; filename=map-%s-boxes.csv' % mapobj.id response['Content-Encoding'] = 'utf-8' writer = csv.writer(response) writer.writerow(cols) sidx = cols.index('start_time') eidx = cols.index('end_time') # default csv writer chokes on unicode encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v) get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else '' for a in box: vals = [encode(get_value(a, c)) for c in cols] vals[sidx] = a.start_time_str vals[eidx] = a.end_time_str writer.writerow(vals) return response # strip the superfluous id, it will be added at the feature level props = [c for c in cols if c != 'id'] def encode(query_set): results = [] for res in query_set: feature = { 'id' : res.id} if res.the_geom: feature['geometry'] = res.the_geom fp = feature['properties'] = {} for p in props: val = getattr(res, p) if val is not None: if isinstance(val, unicode) and '{' in val: import ast fp[p] = ast.literal_eval(val) elif isinstance(val, unicode) and '[' in val: import ast fp[p] = ast.literal_eval(val) else: fp[p] = val results.append(feature) return results return json_response({'type':'FeatureCollection','features':encode(box)})
def _boxes_post(req, mapid): mapobj = resolve_object(req, Map, {'id':mapid}, permission='base.change_resourcebase') # default action action = 'upsert' # default for json to unpack properties for each 'row' get_props = lambda r: r['properties'] # operation to run on completion finish = lambda: None # track created boxes created = [] # csv or client to account for differences form_mode = 'client' content_type = None overwrite = False error_format = None def id_collector(form): created.append(form.instance.id) if not req.FILES: # json body data = json.loads(req.body) if isinstance(data, dict): action = data.get('action', action) if 'features' in data: data = data.get('features') else: fp = iter(req.FILES.values()).next() # ugh, builtin csv reader chokes on unicode data = unicode_csv_dict_reader(fp) id_collector = lambda f: None form_mode = 'csv' content_type = 'text/html' get_props = lambda r: r ids = list(StoryBox.objects.filter(map=mapobj).values_list('id', flat=True)) # delete existing, we overwrite finish = lambda: StoryBox.objects.filter(id__in=ids).delete() overwrite = True def error_format(row_errors): response = [] for re in row_errors: row = re[0] + 1 for e in re[1]: response.append('[%s] %s : %s' % (row, e, re[1][e])) return 'The following rows had problems:<ul><li>' + '</li><li>'.join(response) + "</li></ul>" if action == 'delete': StoryBox.objects.filter(pk__in=data['ids'], map=mapobj).delete() return json_response({'success': True}) if action != 'upsert': return HttpResponse('%s not supported' % action, status=400) errors = _write_boxes(data, get_props, id_collector, mapobj, overwrite, form_mode) if errors: transaction.rollback() body = None if error_format: return HttpResponse(error_format(errors), status=400) else: finish() transaction.commit() body = {'success': True} if created: body['ids'] = created return json_response(body=body, errors=errors, content_type=content_type)
def _resolve_document_geo(request, docid, permission="base.change_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs): """ Resolve the document by the provided primary key and check the optional permission. """ return resolve_object(request, Project, {"pk": docid}, permission=permission, permission_msg=msg, **kwargs)
def download(request, resourceid, sender=Layer): instance = resolve_object(request, sender, {'pk': resourceid}, permission='base.download_resourcebase', permission_msg=_("You are not permitted to save or edit this resource.")) if isinstance(instance, Layer): try: upload_session = instance.get_upload_session() layer_files = [item for idx, item in enumerate(LayerFile.objects.filter(upload_session=upload_session))] # Create Target Folder dirpath = tempfile.mkdtemp() dir_time_suffix = get_dir_time_suffix() target_folder = os.path.join(dirpath, dir_time_suffix) if not os.path.exists(target_folder): os.makedirs(target_folder) # Copy all Layer related files into a temporary folder for l in layer_files: if storage.exists(l.file): geonode_layer_path = storage.path(l.file) base_filename, original_ext = os.path.splitext(geonode_layer_path) shutil.copy2(geonode_layer_path, target_folder) # Let's check for associated SLD files (if any) try: for s in instance.styles.all(): sld_file_path = os.path.join(target_folder, "".join([s.name, ".sld"])) sld_file = open(sld_file_path, "w") sld_file.write(s.sld_body.strip()) sld_file.close() try: sld_file = open(sld_file_path, "r") response = requests.get(s.sld_url, timeout=TIMEOUT) sld_remote_content = response.text sld_file_path = os.path.join(target_folder, "".join([s.name, "_remote.sld"])) sld_file = open(sld_file_path, "w") sld_file.write(sld_remote_content.strip()) sld_file.close() except BaseException: traceback.print_exc() tb = traceback.format_exc() logger.debug(tb) except BaseException: traceback.print_exc() tb = traceback.format_exc() logger.debug(tb) # Let's dump metadata target_md_folder = os.path.join(target_folder, ".metadata") if not os.path.exists(target_md_folder): os.makedirs(target_md_folder) try: links = Link.objects.filter(resource=instance.resourcebase_ptr) for link in links: link_name = custom_slugify(link.name) link_file = os.path.join(target_md_folder, "".join([link_name, ".%s" % link.extension])) if link.link_type in ('data'): # Skipping 'data' download links continue elif link.link_type in ('metadata', 'image'): # Dumping metadata files and images link_file = open(link_file, "wb") try: response = requests.get(link.url, stream=True, timeout=TIMEOUT) response.raw.decode_content = True shutil.copyfileobj(response.raw, link_file) except BaseException: traceback.print_exc() tb = traceback.format_exc() logger.debug(tb) finally: link_file.close() elif link.link_type.startswith('OGC'): # Dumping OGC/OWS links link_file = open(link_file, "w") link_file.write(link.url.strip()) link_file.close() except BaseException: traceback.print_exc() tb = traceback.format_exc() logger.debug(tb) # ZIP everything and return target_file_name = "".join([instance.name, ".zip"]) target_file = os.path.join(dirpath, target_file_name) zip_dir(target_folder, target_file) response = HttpResponse( content=open(target_file), status=200, content_type="application/zip") response['Content-Disposition'] = 'attachment; filename="%s"' % target_file_name return response except NotImplementedError: traceback.print_exc() tb = traceback.format_exc() logger.debug(tb) return HttpResponse( json.dumps({ 'error': 'file_not_found' }), status=404, content_type="application/json" ) return HttpResponse( json.dumps({ 'error': 'unauthorized_request' }), status=403, content_type="application/json" )