Пример #1
0
def set_bulk_permissions(request):
    permission_spec = json.loads(request.POST.get('permissions', None))
    resource_ids = request.POST.getlist('resources', [])
    if permission_spec is not None:
        not_permitted = []
        for resource_id in resource_ids:
            try:
                resource = resolve_object(
                    request, ResourceBase, {'id': resource_id},
                    'base.change_resourcebase_permissions')
                resource.set_permissions(permission_spec)
            except PermissionDenied:
                try:
                    resolve_object(request, ResourceBase, {'id': resource_id},
                                   'base.change_resourcebase')
                    resource.set_permissions(permission_spec)
                except PermissionDenied:
                    not_permitted.append(
                        ResourceBase.objects.get(id=resource_id).title)

        return HttpResponse(json.dumps({
            'success': 'ok',
            'not_changed': not_permitted
        }),
                            status=200,
                            content_type='text/plain')
    else:
        return HttpResponse(json.dumps(
            {'error': _('Wrong permissions specification')}),
                            status=400,
                            content_type='text/plain')
Пример #2
0
def _resolve_layer(request,
                   typename,
                   permission='base.view_resourcebase',
                   msg=_PERMISSION_MSG_GENERIC,
                   **kwargs):
    """
    Resolve the layer by the provided typename (which may include service name) and check the optional permission.
    """
    service_typename = typename.split(":", 1)
    service = Service.objects.filter(name=service_typename[0])
    try:
        if service.count() > 0 and service[0].method != "C":
            return resolve_object(request,
                                  Layer, {
                                      'service': service[0],
                                      'typename': service_typename[1]
                                  },
                                  permission=permission,
                                  permission_msg=msg,
                                  **kwargs)
        else:
            return resolve_object(request,
                                  Layer, {'typename': typename},
                                  permission=permission,
                                  permission_msg=msg,
                                  **kwargs)
    except PermissionDenied:
        return "permission_denied"
Пример #3
0
        def _filter_actions(action, request):
            if action == 'all':
                _actions = Action.objects.filter(public=True)[:1000]
            else:
                _actions = Action.objects.filter(
                    public=True, action_object_content_type__model=action)[:1000]
            _filtered_actions = []
            for _action in _actions:
                if _action.target_object_id:
                    action_object_filter = {
                        'id': _action.target_object_id
                    }
                elif _action.action_object_object_id:
                    action_object_filter = {
                        'id': _action.action_object_object_id
                    }
                try:
                    resolve_object(
                        request,
                        ResourceBase,
                        action_object_filter,
                        'base.view_resourcebase')
                    _filtered_actions.append(_action.id)
                except ResourceBase.DoesNotExist:
                    _filtered_actions.append(_action.id)
                except (PermissionDenied, Exception) as e:
                    logger.debug(e)

            return _filtered_actions
Пример #4
0
def _resolve_layer(request, typename, permission='base.view_resourcebase',
                   msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the layer by the provided typename (which may include service name) and check the optional permission.
    """
    service_typename = typename.split(":", 1)
    service = Service.objects.filter(name=service_typename[0])
    try:
        if service.count() > 0 and service[0].method != "C":
            return resolve_object(request,
                                  Layer,
                                  {'service': service[0],
                                   'typename': service_typename[1]},
                                  permission=permission,
                                  permission_msg=msg,
                                  **kwargs)
        else:
            return resolve_object(request,
                                  Layer,
                                  {'typename': typename},
                                  permission=permission,
                                  permission_msg=msg,
                                  **kwargs)
    except PermissionDenied:
        return "permission_denied"
Пример #5
0
def _resolve_layer(request,
                   typename,
                   permission='base.view_resourcebase',
                   msg=_PERMISSION_MSG_GENERIC,
                   **kwargs):
    """
    Resolve the layer by the provided typename (which may include service name) and check the optional permission.
    """
    service_typename = typename.split(":", 1)

    if Service.objects.filter(name=service_typename[0]).exists():
        service = Service.objects.filter(name=service_typename[0])
        return resolve_object(
            request,
            Layer, {
                'service':
                service[0],
                'typename':
                service_typename[1] if service[0].method != "C" else typename
            },
            permission=permission,
            permission_msg=msg,
            **kwargs)
    else:
        return resolve_object(request,
                              Layer, {
                                  'typename': typename,
                                  'service': None
                              },
                              permission=permission,
                              permission_msg=msg,
                              **kwargs)
Пример #6
0
def _resolve_layer(request,
                   typename,
                   permission='base.view_resourcebase',
                   msg=_PERMISSION_GENERIC,
                   **kwargs):

    service_typename = typename.split(":", 1)
    service = Service.objects.filter(name=service_typename[0])

    if service.count() > 0:
        return resolve_object(
            request,
            Layer, {
                'service':
                service[0],
                'typename':
                service_typename[1] if service[0].method != "C" else typename
            },
            permission=permission,
            permission_msg=msg,
            **kwargs)
    else:
        return resolve_object(request,
                              Layer, {
                                  'typename': typename,
                                  'service': None
                              },
                              permission=permission,
                              permission_msg=msg,
                              **kwargs)
Пример #7
0
def _resolve_layer(request, typename, permission='layers.change_layer',
                   msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the layer by the provided typename and check the optional permission.
    """
    return resolve_object(request, Layer, {'typename':typename},
                          permission = permission, permission_msg=msg, **kwargs)
Пример #8
0
def _resolve_analysis(request, identifier, permission='base.change_resourcebase',
                      msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the Analysis by the provided typename and check the optional permission.
    """
    return resolve_object(request, Analysis, {'pk':identifier}, permission=permission,
                          permission_msg=msg, **kwargs)
Пример #9
0
def original_link_available(context, resourceid, url):
    _not_permitted = _("You are not permitted to save or edit this resource.")
    request = context['request']
    instance = resolve_object(request,
                              ResourceBase, {'pk': resourceid},
                              permission='base.download_resourcebase',
                              permission_msg=_not_permitted)

    download_url = urljoin(settings.SITEURL,
                           reverse("download", args={resourceid}))
    if urlsplit(url).netloc != urlsplit(download_url).netloc or \
            urlsplit(url).path != urlsplit(download_url).path:
        return True

    dataset_files = []
    if isinstance(instance, ResourceBase):
        try:
            for file in instance.files:
                dataset_files.append(file)
                if not storage_manager.exists(file):
                    return False
        except Exception:
            traceback.print_exc()
            return False
    if dataset_files:
        return True
    else:
        return False
Пример #10
0
    def perform_update(self, serializer):
        # Check instance permissions with resolve_object
        mapid = serializer.instance.id
        key = "urlsuffix" if Map.objects.filter(
            urlsuffix=mapid).exists() else "pk"
        map_obj = resolve_object(self.request,
                                 Map, {key: mapid},
                                 permission="base.change_resourcebase",
                                 permission_msg=_PERMISSION_MSG_SAVE)
        instance = serializer.instance
        if instance != map_obj:
            raise ValidationError()
        # Thumbnail will be handled later
        post_change_data = {
            "thumbnail":
            serializer.validated_data.pop("thumbnail_url", ""),
            "dataset_names_before_changes":
            [lyr.alternate for lyr in instance.datasets],
        }

        instance = serializer.save()

        # thumbnail, events and resouce routines
        self._post_change_routines(
            instance=instance,
            create_action_perfomed=False,
            additional_data=post_change_data,
        )
Пример #11
0
def _resolve_document(request, docid, permission='base.change_resourcebase',
                      msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the document by the provided primary key and check the optional permission.
    '''
    return resolve_object(request, Document, {'pk': docid},
                          permission=permission, permission_msg=msg, **kwargs)
Пример #12
0
def _resolve_map(request, id, permission='maps.change_map',
                 msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the Map by the provided typename and check the optional permission.
    '''
    return resolve_object(request, Map, {'pk':id}, permission = permission,
                          permission_msg=msg, **kwargs)
Пример #13
0
def resource_permissions(request, resource_id):
    try:
        resource = resolve_object(
            request, ResourceBase, {
                'id': resource_id}, 'base.change_resourcebase_permissions')

    except PermissionDenied:
        # we are handling this in a non-standard way
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            mimetype='text/plain')

    if request.method == 'POST':
        permission_spec = json.loads(request.body)
        resource.set_permissions(permission_spec)

        return HttpResponse(
            json.dumps({'success': True}),
            status=200,
            mimetype='text/plain'
        )

    elif request.method == 'GET':
        permission_spec = _perms_info_json(resource)
        return HttpResponse(
            json.dumps({'success': True, 'permissions': permission_spec}),
            status=200,
            mimetype='text/plain'
        )
    else:
        return HttpResponse(
            'No methods other than get and post are allowed',
            status=401,
            mimetype='text/plain')
Пример #14
0
def thumbnail_upload(request, res_id, template='base/thumbnail_upload.html'):
    try:
        res = resolve_object(request, ResourceBase, {'id': res_id},
                             'base.change_resourcebase')
    except PermissionDenied:
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            content_type='text/plain')

    form = CuratedThumbnailForm()

    if request.method == 'POST':
        if 'remove-thumb' in request.POST:
            if hasattr(res, 'curatedthumbnail'):
                res.curatedthumbnail.delete()
        else:
            form = CuratedThumbnailForm(request.POST, request.FILES)
            if form.is_valid():
                ct = form.save(commit=False)
                # remove existing thumbnail if any
                if hasattr(res, 'curatedthumbnail'):
                    res.curatedthumbnail.delete()
                ct.resource = res
                ct.save()
        return HttpResponseRedirect(request.path_info)

    return render(request, template, context={'resource': res, 'form': form})
Пример #15
0
def _resolve_document(request, docid, permission='layers.change_layer',
                   msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the layer by the provided typename and check the optional permission.
    '''
    return resolve_object(request, Document, {'pk':docid},
                          permission = permission, permission_msg=msg, **kwargs)
Пример #16
0
def set_bulk_permissions(request):
    permission_spec = json.loads(request.POST.get('permissions', None))
    resource_ids = request.POST.getlist('resources', [])
    if permission_spec is not None:
        not_permitted = []
        for resource_id in resource_ids:
            try:
                resource = resolve_object(
                    request, ResourceBase, {
                        'id': resource_id
                    },
                    'base.change_resourcebase_permissions')
                resource.set_permissions(permission_spec)
            except PermissionDenied:
                not_permitted.append(ResourceBase.objects.get(id=resource_id).title)

        return HttpResponse(
            json.dumps({'success': 'ok', 'not_changed': not_permitted}),
            status=200,
            content_type='text/plain'
        )
    else:
        return HttpResponse(
            json.dumps({'error': 'Wrong permissions specification'}),
            status=400,
            content_type='text/plain')
Пример #17
0
def _resolve_layer(request, typename, permission='layers.change_layer',
                   msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the layer by the provided typename and check the optional permission.
    """
    return resolve_object(request, Layer, {'typename':typename},
                          permission = permission, permission_msg=msg, **kwargs)
Пример #18
0
def _resolve_map(request, id, permission='base.change_resourcebase',
                 msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the Map by the provided typename and check the optional permission.
    '''
    return resolve_object(request, Map, {'pk':id}, permission = permission,
                          permission_msg=msg, **kwargs)
Пример #19
0
def _resolve_appinstance(request, appinstanceid, permission='base.change_resourcebase',
                         msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the document by the provided primary key and check the optional permission.
    """
    return resolve_object(request, AppInstance, {'pk': appinstanceid},
                          permission=permission, permission_msg=msg, **kwargs)
Пример #20
0
def _resolve_appinstance(request, appinstanceid, permission='base.change_resourcebase',
                         msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the document by the provided primary key and check the optional permission.
    """
    return resolve_object(request, AppInstance, {'pk': appinstanceid},
                          permission=permission, permission_msg=msg, **kwargs)
Пример #21
0
def _resolve_document(request, docid, permission='base.change_resourcebase',
                      msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the document by the provided primary key and check the optional permission.
    '''
    return resolve_object(request, Document, {'pk': docid},
                          permission=permission, permission_msg=msg, **kwargs)
Пример #22
0
def original_link_available(context, resourceid, url):
    _not_permitted = _("You are not permitted to save or edit this resource.")
    request = context['request']
    instance = resolve_object(request,
                              Layer, {'pk': resourceid},
                              permission='base.download_resourcebase',
                              permission_msg=_not_permitted)

    download_url = urljoin(settings.SITEURL,
                           reverse("download", args={resourceid}))
    if urlsplit(url).netloc != urlsplit(download_url).netloc or \
    urlsplit(url).path != urlsplit(download_url).path:
        return True

    layer_files = []
    if isinstance(instance, Layer):
        try:
            upload_session = instance.get_upload_session()
            if upload_session:
                layer_files = [
                    item for idx, item in enumerate(
                        LayerFile.objects.filter(
                            upload_session=upload_session))
                ]
                if layer_files:
                    for lyr in layer_files:
                        if not storage.exists(str(lyr.file)):
                            return False
        except Exception:
            traceback.print_exc()
            return False
    if layer_files:
        return True
    else:
        return False
Пример #23
0
def _resolve_geoapp(request, id, permission='base.change_resourcebase',
                    msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the GeoApp by the provided typename and check the optional permission.
    '''

    return resolve_object(request, GeoApp, {"pk": id}, permission=permission,
                          permission_msg=msg, **kwargs)
Пример #24
0
def _resolve_smap(request, smapid, permission='base.change_resourcebase',
                      msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the smap by the provided primary key and check the optional permission.
    '''

    return resolve_object(request, StaticMap, {'pk': smapid},
                          permission=permission, permission_msg=msg, **kwargs)
Пример #25
0
def featured_map_info(request, site):
    '''
    main view for map resources, dispatches to correct
    view based on method and query args.
    '''
    map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
                             permission_msg=_PERMISSION_MSG_VIEW)
    return map_detail(request, str(map_obj.id))
Пример #26
0
def featured_map(request, site):
    """
    The view that returns the map composer opened to
    the map with the given official site url.
    """
    map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
                             permission_msg=_PERMISSION_MSG_VIEW)
    return map_view(request, str(map_obj.id))
Пример #27
0
def featured_map(request, site):
    """
    The view that returns the map composer opened to
    the map with the given official site url.
    """
    map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
                             permission_msg=_PERMISSION_MSG_VIEW)
    return map_view(request, str(map_obj.id))
Пример #28
0
def featured_map_info(request, site):
    '''
    main view for map resources, dispatches to correct
    view based on method and query args.
    '''
    map_obj = resolve_object(request, Map, {'featuredurl': site}, permission='base.view_resourcebase',
                             permission_msg=_PERMISSION_MSG_VIEW)
    return map_detail(request, str(map_obj.id))
Пример #29
0
def resource_permissions(request, resource_id):
    try:
        resource = resolve_object(request, ResourceBase, {'id': resource_id},
                                  'base.change_resourcebase_permissions')

    except PermissionDenied:
        # we are handling this in a non-standard way
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            content_type='text/plain')

    if request.method == 'POST':
        success = True
        message = "Permissions successfully updated!"
        try:
            permission_spec = json.loads(request.body)
            resource.set_permissions(permission_spec)

            # Check Users Permissions Consistency
            info = _perms_info(resource)
            info_users = dict([(u.username, perms)
                               for u, perms in info['users'].items()])
            for user, perms in info_users.items():
                if 'download_resourcebase' in perms and 'view_resourcebase' not in perms:
                    success = False
                    message = 'User ' + str(user) + ' has Download permissions but ' \
                              'cannot access the resource. ' \
                              'Please update permissions consistently!'

            return HttpResponse(json.dumps({
                'success': success,
                'message': message
            }),
                                status=200,
                                content_type='text/plain')
        except:
            success = False
            message = "Error updating permissions :("
            return HttpResponse(json.dumps({
                'success': success,
                'message': message
            }),
                                status=500,
                                content_type='text/plain')

    elif request.method == 'GET':
        permission_spec = _perms_info_json(resource)
        return HttpResponse(json.dumps({
            'success': True,
            'permissions': permission_spec
        }),
                            status=200,
                            content_type='text/plain')
    else:
        return HttpResponse('No methods other than get and post are allowed',
                            status=401,
                            content_type='text/plain')
Пример #30
0
def _resolve_dataset(request,
                     alternate,
                     permission='base.view_resourcebase',
                     msg=_PERMISSION_MSG_GENERIC,
                     **kwargs):
    """
    Resolve the layer by the provided typename (which may include service name) and check the optional permission.
    """
    service_typename = alternate.split(":", 1)
    if Service.objects.filter(name=service_typename[0]).count() == 1:
        query = {
            'alternate':
            service_typename[1],
            'remote_service':
            Service.objects.filter(name=service_typename[0]).get()
        }
        return resolve_object(request,
                              Dataset,
                              query,
                              permission=permission,
                              permission_msg=msg,
                              **kwargs)
    else:
        if len(service_typename) > 1 and ':' in service_typename[1]:
            if service_typename[0]:
                query = {
                    'store': service_typename[0],
                    'alternate': service_typename[1]
                }
            else:
                query = {'alternate': service_typename[1]}
        else:
            query = {'alternate': alternate}
        test_query = Dataset.objects.filter(**query)
        if test_query.count() > 1 and test_query.exclude(
                subtype='remote').count() == 1:
            query = {'id': test_query.exclude(subtype='remote').last().id}
        elif test_query.count() > 1:
            query = {'id': test_query.last().id}
        return resolve_object(request,
                              Dataset,
                              query,
                              permission=permission,
                              permission_msg=msg,
                              **kwargs)
Пример #31
0
def resource_permissions(request, resource_id):
    try:
        resource = resolve_object(
            request, ResourceBase, {
                'id': resource_id}, 'base.change_resourcebase_permissions')

    except PermissionDenied:
        # we are handling this in a non-standard way
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            content_type='text/plain')

    if request.method == 'POST':
        success = True
        message = "Permissions successfully updated!"
        try:
            permission_spec = json.loads(request.body)
            resource.set_permissions(permission_spec)

            # Check Users Permissions Consistency
            info = _perms_info(resource)
            info_users = dict([(u.username, perms) for u, perms in info['users'].items()])
            for user, perms in info_users.items():
                if 'download_resourcebase' in perms and 'view_resourcebase' not in perms:
                    success = False
                    message = 'User ' + str(user) + ' has Download permissions but ' \
                              'cannot access the resource. ' \
                              'Please update permissions consistently!'

            return HttpResponse(
                json.dumps({'success': success, 'message': message}),
                status=200,
                content_type='text/plain'
            )
        except BaseException:
            success = False
            message = "Error updating permissions :("
            return HttpResponse(
                json.dumps({'success': success, 'message': message}),
                status=500,
                content_type='text/plain'
            )

    elif request.method == 'GET':
        permission_spec = _perms_info_json(resource)
        return HttpResponse(
            json.dumps({'success': True, 'permissions': permission_spec}),
            status=200,
            content_type='text/plain'
        )
    else:
        return HttpResponse(
            'No methods other than get and post are allowed',
            status=401,
            content_type='text/plain')
Пример #32
0
def resource_permissions(request, type, resource_id):
    try:
        if type == "layer":
            resource = resolve_object(request, Layer, {'id': resource_id},
                                      'layers.change_layer_permissions')
        elif type == "map":
            resource = resolve_object(request, Map, {'id': resource_id},
                                      'maps.change_map_permissions')
        elif type == "document":
            resource = resolve_object(request, Document, {'id': resource_id},
                                      'documents.change_document_permissions')
        else:
            return HttpResponse('Invalid resource type',
                                status=401,
                                mimetype='text/plain')
    except PermissionDenied:
        # we are handling this in a non-standard way
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            mimetype='text/plain')

    if request.method == 'POST':
        permission_spec = json.loads(request.body)
        resource.set_permissions(permission_spec)

        return HttpResponse(json.dumps({'success': True}),
                            status=200,
                            mimetype='text/plain')

    elif request.method == 'GET':
        permission_spec = json.dumps(resource.get_all_level_info())
        return HttpResponse(json.dumps({
            'success': True,
            'permissions': permission_spec
        }),
                            status=200,
                            mimetype='text/plain')
    else:
        return HttpResponse('No methods other than get and post are allowed',
                            status=401,
                            mimetype='text/plain')
Пример #33
0
def resource_permissions(request, type, resource_id):
    try:
        if type == "layer":
            resource = resolve_object(request, Layer, {'id':resource_id}, 'layers.change_layer_permissions')
        elif type == "map":
            resource = resolve_object(request, Map, {'id':resource_id}, 'maps.change_map_permissions')
        elif type == "document":
            resource = resolve_object(request, Document, {'id':resource_id}, 'documents.change_document_permissions')
        else:
            return HttpResponse(
                'Invalid resource type',
                status=401,
                mimetype='text/plain')
    except PermissionDenied:
        # we are handling this in a non-standard way
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            mimetype='text/plain')

    if request.method == 'POST':
        permission_spec = json.loads(request.raw_post_data)
        resource.set_permissions(permission_spec)

        return HttpResponse(
            json.dumps({'success': True}),
            status=200,
            mimetype='text/plain'
        )

    elif request.method == 'GET':
        permission_spec = json.dumps(resource.get_all_level_info())
        return HttpResponse(
            json.dumps({'success': True, 'permissions': permission_spec}),
            status=200,
            mimetype='text/plain'
        )
    else:
        return HttpResponse(
            'No methods other than get and post are allowed',
            status=401,
            mimetype='text/plain')
Пример #34
0
def _resolve_layer(request, typename, permission="base.view_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the layer by the provided typename (which may include service name) and check the optional permission.
    """
    service_typename = typename.split(":", 1)

    if Service.objects.filter(name=service_typename[0]).exists():
        service = Service.objects.filter(name=service_typename[0])
        return resolve_object(
            request,
            Layer,
            {"service": service[0], "typename": service_typename[1] if service[0].method != "C" else typename},
            permission=permission,
            permission_msg=msg,
            **kwargs
        )
    else:
        return resolve_object(
            request, Layer, {"typename": typename, "service": None}, permission=permission, permission_msg=msg, **kwargs
        )
Пример #35
0
def _resolve_map(request, id, permission='base.change_resourcebase',
                 msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the Map by the provided typename and check the optional permission.
    '''
    if id.isdigit():
        key = 'pk'
    else:
        key = 'urlsuffix'
    return resolve_object(request, MapStory, {key: id}, permission=permission,
                          permission_msg=msg, **kwargs)
Пример #36
0
def _resolve_map(request, id, permission='base.change_resourcebase',
                 msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the Map by the provided typename and check the optional permission.
    '''
    if id.isdigit():
        key = 'pk'
    else:
        key = 'urlsuffix'
    return resolve_object(request, Map, {key: id}, permission=permission,
                          permission_msg=msg, **kwargs)
Пример #37
0
def _resolve_map_custom(
        request,
        id,
        fieldname,
        permission='base_change.resourcebase',
        msg=_PERMISSION_MSG_GENERIC,
        **kwargs):
    '''
    Resolve the Map by the provided typename and check the optional permission.
    '''
    return resolve_object(request, Map, {fieldname: id}, permission=permission,
                          permission_msg=msg, **kwargs)
Пример #38
0
def _annotations_get(req, mapid):
    mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase')
    cols = ['title', 'content', 'media', 'start_time', 'end_time', 'in_map', 'in_timeline', 'appearance', 'auto_show', 'pause_playback']
    ann = Annotation.objects.filter(map=mapid)
    ann = ann.order_by('start_time', 'end_time', 'title')
    if bool(req.GET.get('in_map', False)):
        ann = ann.filter(in_map=True)
    if bool(req.GET.get('in_timeline', False)):
        ann = ann.filter(in_timeline=True)
    if 'page' in req.GET:
        page = int(req.GET['page'])
        page_size = 25
        start = page * page_size
        end = start + page_size
        ann = ann[start:end]

    if 'csv' in req.GET:
        response = HttpResponse(content_type='text/csv')
        response['Content-Disposition'] = 'attachment; filename=map-%s-annotations.csv' % mapobj.id
        response['Content-Encoding'] = 'utf-8'
        writer = csv.writer(response)
        writer.writerow(cols)
        sidx = cols.index('start_time')
        eidx = cols.index('end_time')
        # default csv writer chokes on unicode
        encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v)
        get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else ''
        for a in ann:
            vals = [encode(get_value(a, c)) for c in cols]
            vals[sidx] = a.start_time_str
            vals[eidx] = a.end_time_str
            writer.writerow(vals)
        return response

    # strip the superfluous id, it will be added at the feature level
    props = [c for c in cols if c != 'id']

    def encode(query_set):
        results = []
        for res in query_set:
            feature = {'id': res.id}
            if res.the_geom:
                feature['geometry'] = res.the_geom

            fp = feature['properties'] = {}
            for p in props:
                val = getattr(res, p)
                if val is not None:
                    fp[p] = val
            results.append(feature)
        return results

    return json_response({'type':'FeatureCollection','features':encode(ann)})
Пример #39
0
def _resolve_map(request, id, permission='base.change_resourcebase',
                 msg=_PERMISSION_MSG_GENERIC, **kwargs):
    '''
    Resolve the Map by the provided typename and check the optional permission.
    '''
    if Map.objects.filter(urlsuffix=id).count() > 0:
        key = 'urlsuffix'
    else:
        key = 'pk'

    return resolve_object(request, Map, {key: id}, permission=permission,
                          permission_msg=msg, **kwargs)
Пример #40
0
def _annotations_get(req, mapid):
    mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase')
    cols = ['title', 'content', 'media', 'start_time', 'end_time', 'in_map', 'in_timeline', 'appearance', 'auto_show', 'pause_playback']
    ann = Marker.objects.filter(map=mapid)
    ann = ann.order_by('start_time', 'end_time', 'title')
    if bool(req.GET.get('in_map', False)):
        ann = ann.filter(in_map=True)
    if bool(req.GET.get('in_timeline', False)):
        ann = ann.filter(in_timeline=True)
    if 'page' in req.GET:
        page = int(req.GET['page'])
        page_size = 25
        start = page * page_size
        end = start + page_size
        ann = ann[start:end]

    if 'csv' in req.GET:
        response = HttpResponse(content_type='text/csv')
        response['Content-Disposition'] = 'attachment; filename=map-%s-annotations.csv' % mapobj.id
        response['Content-Encoding'] = 'utf-8'
        writer = csv.writer(response)
        writer.writerow(cols)
        sidx = cols.index('start_time')
        eidx = cols.index('end_time')
        # default csv writer chokes on unicode
        encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v)
        get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else ''
        for a in ann:
            vals = [encode(get_value(a, c)) for c in cols]
            vals[sidx] = a.start_time_str
            vals[eidx] = a.end_time_str
            writer.writerow(vals)
        return response

    # strip the superfluous id, it will be added at the feature level
    props = [c for c in cols if c != 'id']

    def encode(query_set):
        results = []
        for res in query_set:
            feature = { 'id' : res.id}
            if res.the_geom:
                feature['geometry'] = res.the_geom

            fp = feature['properties'] = {}
            for p in props:
                val = getattr(res, p)
                if val is not None:
                    fp[p] = val
            results.append(feature)
        return results

    return json_response({'type':'FeatureCollection','features':encode(ann)})
Пример #41
0
def _resolve_layer(request, typename, permission='base.view_resourcebase',
                   msg=_PERMISSION_GENERIC, **kwargs):
                       
    service_typename = typename.split(":", 1)
    service = Service.objects.filter(name=service_typename[0])

    if service.count() > 0:
        return resolve_object(request,
                              Layer,
                              {'service': service[0],
                               'typename': service_typename[1] if service[0].method != "C" else typename},
                              permission=permission,
                              permission_msg=msg,
                              **kwargs)
    else:
        return resolve_object(request,
                              Layer,
                              {'typename': typename,
                               'service': None},
                              permission=permission,
                              permission_msg=msg,
                              **kwargs)
Пример #42
0
def _resolve_document(request,
                      docid,
                      permission='layers.change_layer',
                      msg=_PERMISSION_MSG_GENERIC,
                      **kwargs):
    '''
    Resolve the layer by the provided typename and check the optional permission.
    '''
    return resolve_object(request,
                          Document, {'pk': docid},
                          permission=permission,
                          permission_msg=msg,
                          **kwargs)
Пример #43
0
def _resolve_video(request,
                   vidid,
                   permission='base.change_resourcebase',
                   msg=_PERMISSION_MSG_GENERIC,
                   **kwargs):
    '''
    Resolve the video by the provided primary key and check the optional permission.
    '''
    return resolve_object(request,
                          Video, {'pk': vidid},
                          permission=permission,
                          permission_msg=msg,
                          **kwargs)
Пример #44
0
def _resolve_document(request,
                      slug,
                      permission='base.change_resourcebase',
                      msg=_PERMISSION_MSG_GENERIC,
                      **kwargs):
    '''
    Resolve the document by the provided primary key and check the optional permission.
    '''
    wfpdoc = WFPDocument.objects.get(slug=slug)
    return resolve_object(request,
                          WFPDocument, {'pk': wfpdoc.id},
                          permission=permission,
                          permission_msg=msg,
                          **kwargs)
Пример #45
0
def _resolve_map(request,
                 id,
                 permission="base.change_resourcebase",
                 msg=_PERMISSION_MSG_GENERIC,
                 **kwargs):
    """
    Resolve the Map by the provided typename and check the optional permission.
    """
    key = "urlsuffix" if Map.objects.filter(urlsuffix=id).exists() else "pk"

    map_obj = resolve_object(request,
                             Map, {key: id},
                             permission=permission,
                             permission_msg=msg,
                             **kwargs)
    return map_obj
Пример #46
0
def prefix_xsl_line(req, id):
    # if the layer is in the catalogue, try to get the distribution urls
    # that cannot be precalculated.
    resource = None
    try:
        resource = get_object_or_404(ResourceBase, pk=id)
        query = {'id': resource.get_real_instance().id}
        resource = resolve_object(
            req,
            resource.get_real_instance_class(),
            query,
            permission='base.view_resourcebase',
            permission_msg=_("You are not permitted to view this resource"))
        catalogue = get_catalogue()
        record = catalogue.get_record(resource.uuid)
        if record:
            logger.debug(record.xml)
    except PermissionDenied:
        return HttpResponse(_("Not allowed"), status=403)
    except Exception:
        logger.debug(traceback.format_exc())
        msg = f'Could not connect to catalogue to save information for layer "{str(resource)}"'
        return HttpResponse(msg, status=404)

    try:
        # generate an XML document (GeoNode's default is ISO)
        if resource.metadata_uploaded and resource.metadata_uploaded_preserve:
            md_doc = etree.tostring(dlxml.fromstring(resource.metadata_xml))
        else:
            md_doc = catalogue.catalogue.csw_gen_xml(
                resource, settings.CATALOG_METADATA_TEMPLATE)
        xml = md_doc
    except Exception:
        logger.debug(traceback.format_exc())
        return HttpResponse("Resource Metadata not available!")
    site_url = settings.SITEURL.rstrip('/') if settings.SITEURL.startswith(
        'http') else settings.SITEURL
    xsl_static = getattr(settings, 'CATALOG_METADATA_XSL',
                         '/static/metadataxsl/metadata.xsl')
    xsl_path = f'{site_url}{xsl_static}'
    xsl_line = f'<?xml-stylesheet type="text/xsl" href="{xsl_path}"?>'

    return HttpResponse(xsl_line + xml, content_type="text/xml")
Пример #47
0
def resource_permissions(request, resource_id):
    try:
        resource = resolve_object(request, ResourceBase, {'id': resource_id},
                                  'base.change_resourcebase_permissions')
    except PermissionDenied:
        # traceback.print_exc()
        # we are handling this in a non-standard way
        return HttpResponse(
            _('You are not allowed to change permissions for this resource'),
            status=401,
            content_type='text/plain')

    if request.method == 'POST':
        return resource_permissions_handle_post(request, resource)
    elif request.method == 'GET':
        return resource_permisions_handle_get(request, resource)
    else:
        return HttpResponse('No methods other than get and post are allowed',
                            status=401,
                            content_type='text/plain')
Пример #48
0
def resource_permissions(request, resource_id):
    try:
        resource = resolve_object(
            request, ResourceBase, {
                'id': resource_id}, 'base.change_resourcebase_permissions')
        resource_content_type = ContentType.objects.get_for_model(resource).id

    except PermissionDenied:
        # we are handling this in a non-standard way
        return HttpResponse(
            'You are not allowed to change permissions for this resource',
            status=401,
            mimetype='text/plain')

    if request.method == 'POST':
        permission_spec = json.loads(request.body)
        old_permission_spec = resource.get_all_level_info()

        for user in permission_spec['users']:
            user = get_user_model().objects.get(username=user)
            if user not in old_permission_spec['users']:
                action = Action(
                    actor=request.user, 
                    action_object_id=resource.id,
                    action_object_content_type_type=resource_content_type,
                    target=user,
                    verb='permission_granted')
                action.save()
            else:
                old_permission_spec['users'].pop(user)

        resource.set_permissions(permission_spec)

        for user in old_permission_spec['users']:
            action = Action(
                actor=request.user, 
                action_object_id=resource.id,
                action_object_content_type=resource_content_type,
                target=user,
                verb='permission_revoked')
            action.save()


        return HttpResponse(
            json.dumps({'success': True}),
            status=200,
            mimetype='text/plain'
        )

    elif request.method == 'GET':
        permission_spec = _perms_info_json(resource)
        return HttpResponse(
            json.dumps({'success': True, 'permissions': permission_spec}),
            status=200,
            mimetype='text/plain'
        )
    else:
        return HttpResponse(
            'No methods other than get and post are allowed',
            status=401,
            mimetype='text/plain')
Пример #49
0
def _resolve_map(request, id, permission="maps.change_map", msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the Map by the provided typename and check the optional permission.
    """
    return resolve_object(request, Map, {"pk": id}, permission=permission, permission_msg=msg, **kwargs)
Пример #50
0
def _boxes_get(req, mapid):
    mapobj = resolve_object(req, Map, {'id': mapid}, permission='base.view_resourcebase')
    cols = ['title', 'description', 'start_time', 'end_time', 'center', 'speed',
            'interval', 'playback', 'playbackRate', 'intervalRate', 'zoom']
    box = StoryBox.objects.filter(map=mapid)
    box = box.order_by('start_time', 'end_time', 'title')
    if bool(req.GET.get('in_map', False)):
        box = box.filter(in_map=True)
    if bool(req.GET.get('in_timeline', False)):
        box = box.filter(in_timeline=True)
    if 'page' in req.GET:
        page = int(req.GET['page'])
        page_size = 25
        start = page * page_size
        end = start + page_size
        box = box[start:end]

    if 'csv' in req.GET:
        response = HttpResponse(mimetype='text/csv')
        response['Content-Disposition'] = 'attachment; filename=map-%s-boxes.csv' % mapobj.id
        response['Content-Encoding'] = 'utf-8'
        writer = csv.writer(response)
        writer.writerow(cols)
        sidx = cols.index('start_time')
        eidx = cols.index('end_time')
        # default csv writer chokes on unicode
        encode = lambda v: v.encode('utf-8') if isinstance(v, basestring) else str(v)
        get_value = lambda a, c: getattr(a, c) if c not in ('start_time', 'end_time') else ''
        for a in box:
            vals = [encode(get_value(a, c)) for c in cols]
            vals[sidx] = a.start_time_str
            vals[eidx] = a.end_time_str
            writer.writerow(vals)
        return response

    # strip the superfluous id, it will be added at the feature level
    props = [c for c in cols if c != 'id']

    def encode(query_set):
        results = []
        for res in query_set:
            feature = { 'id' : res.id}
            if res.the_geom:
                feature['geometry'] = res.the_geom

            fp = feature['properties'] = {}
            for p in props:
                val = getattr(res, p)
                if val is not None:
                    if isinstance(val, unicode) and '{' in val:
                        import ast
                        fp[p] = ast.literal_eval(val)
                    elif isinstance(val, unicode) and '[' in val:
                        import ast
                        fp[p] = ast.literal_eval(val)

                    else:
                        fp[p] = val
            results.append(feature)
        return results

    return json_response({'type':'FeatureCollection','features':encode(box)})
Пример #51
0
def _boxes_post(req, mapid):
    mapobj = resolve_object(req, Map, {'id':mapid}, permission='base.change_resourcebase')

    # default action
    action = 'upsert'
    # default for json to unpack properties for each 'row'
    get_props = lambda r: r['properties']
    # operation to run on completion
    finish = lambda: None
    # track created boxes
    created = []
    # csv or client to account for differences
    form_mode = 'client'
    content_type = None
    overwrite = False
    error_format = None

    def id_collector(form):
        created.append(form.instance.id)

    if not req.FILES:
        # json body
        data = json.loads(req.body)
        if isinstance(data, dict):
            action = data.get('action', action)
        if 'features' in data:
            data = data.get('features')
    else:
        fp = iter(req.FILES.values()).next()
        # ugh, builtin csv reader chokes on unicode
        data = unicode_csv_dict_reader(fp)
        id_collector = lambda f: None
        form_mode = 'csv'
        content_type = 'text/html'
        get_props = lambda r: r
        ids = list(StoryBox.objects.filter(map=mapobj).values_list('id', flat=True))
        # delete existing, we overwrite
        finish = lambda: StoryBox.objects.filter(id__in=ids).delete()
        overwrite = True

        def error_format(row_errors):
            response = []
            for re in row_errors:
                row = re[0] + 1
                for e in re[1]:
                    response.append('[%s] %s : %s' % (row, e, re[1][e]))
            return 'The following rows had problems:<ul><li>' + '</li><li>'.join(response) + "</li></ul>"

    if action == 'delete':
        StoryBox.objects.filter(pk__in=data['ids'], map=mapobj).delete()
        return json_response({'success': True})

    if action != 'upsert':
        return HttpResponse('%s not supported' % action, status=400)

    errors = _write_boxes(data, get_props, id_collector, mapobj, overwrite, form_mode)

    if errors:
        transaction.rollback()
        body = None
        if error_format:
            return HttpResponse(error_format(errors), status=400)
    else:
        finish()
        transaction.commit()
        body = {'success': True}
        if created:
            body['ids'] = created

    return json_response(body=body, errors=errors, content_type=content_type)
Пример #52
0
def _resolve_document_geo(request, docid, permission="base.change_resourcebase", msg=_PERMISSION_MSG_GENERIC, **kwargs):
    """
    Resolve the document by the provided primary key and check the optional permission.
    """

    return resolve_object(request, Project, {"pk": docid}, permission=permission, permission_msg=msg, **kwargs)
Пример #53
0
def download(request, resourceid, sender=Layer):

    instance = resolve_object(request,
                              sender,
                              {'pk': resourceid},
                              permission='base.download_resourcebase',
                              permission_msg=_("You are not permitted to save or edit this resource."))

    if isinstance(instance, Layer):
        try:
            upload_session = instance.get_upload_session()
            layer_files = [item for idx, item in enumerate(LayerFile.objects.filter(upload_session=upload_session))]

            # Create Target Folder
            dirpath = tempfile.mkdtemp()
            dir_time_suffix = get_dir_time_suffix()
            target_folder = os.path.join(dirpath, dir_time_suffix)
            if not os.path.exists(target_folder):
                os.makedirs(target_folder)

            # Copy all Layer related files into a temporary folder
            for l in layer_files:
                if storage.exists(l.file):
                    geonode_layer_path = storage.path(l.file)
                    base_filename, original_ext = os.path.splitext(geonode_layer_path)
                    shutil.copy2(geonode_layer_path, target_folder)

            # Let's check for associated SLD files (if any)
            try:
                for s in instance.styles.all():
                    sld_file_path = os.path.join(target_folder, "".join([s.name, ".sld"]))
                    sld_file = open(sld_file_path, "w")
                    sld_file.write(s.sld_body.strip())
                    sld_file.close()

                    try:
                        sld_file = open(sld_file_path, "r")
                        response = requests.get(s.sld_url, timeout=TIMEOUT)
                        sld_remote_content = response.text
                        sld_file_path = os.path.join(target_folder, "".join([s.name, "_remote.sld"]))
                        sld_file = open(sld_file_path, "w")
                        sld_file.write(sld_remote_content.strip())
                        sld_file.close()
                    except BaseException:
                        traceback.print_exc()
                        tb = traceback.format_exc()
                        logger.debug(tb)

            except BaseException:
                traceback.print_exc()
                tb = traceback.format_exc()
                logger.debug(tb)

            # Let's dump metadata
            target_md_folder = os.path.join(target_folder, ".metadata")
            if not os.path.exists(target_md_folder):
                os.makedirs(target_md_folder)

            try:
                links = Link.objects.filter(resource=instance.resourcebase_ptr)
                for link in links:
                    link_name = custom_slugify(link.name)
                    link_file = os.path.join(target_md_folder, "".join([link_name, ".%s" % link.extension]))
                    if link.link_type in ('data'):
                        # Skipping 'data' download links
                        continue
                    elif link.link_type in ('metadata', 'image'):
                        # Dumping metadata files and images
                        link_file = open(link_file, "wb")
                        try:
                            response = requests.get(link.url, stream=True, timeout=TIMEOUT)
                            response.raw.decode_content = True
                            shutil.copyfileobj(response.raw, link_file)
                        except BaseException:
                            traceback.print_exc()
                            tb = traceback.format_exc()
                            logger.debug(tb)
                        finally:
                            link_file.close()
                    elif link.link_type.startswith('OGC'):
                        # Dumping OGC/OWS links
                        link_file = open(link_file, "w")
                        link_file.write(link.url.strip())
                        link_file.close()
            except BaseException:
                traceback.print_exc()
                tb = traceback.format_exc()
                logger.debug(tb)

            # ZIP everything and return
            target_file_name = "".join([instance.name, ".zip"])
            target_file = os.path.join(dirpath, target_file_name)
            zip_dir(target_folder, target_file)
            response = HttpResponse(
                content=open(target_file),
                status=200,
                content_type="application/zip")
            response['Content-Disposition'] = 'attachment; filename="%s"' % target_file_name
            return response
        except NotImplementedError:
            traceback.print_exc()
            tb = traceback.format_exc()
            logger.debug(tb)
            return HttpResponse(
                json.dumps({
                    'error': 'file_not_found'
                }),
                status=404,
                content_type="application/json"
            )

    return HttpResponse(
        json.dumps({
            'error': 'unauthorized_request'
        }),
        status=403,
        content_type="application/json"
    )