def has_permission(self, request, view):
try:
get_repo(view.kwargs['repo_slug'], request.user.id)
except NotFound:
raise Http404()
except PermissionDenied:
return False
return True
def test_get_repo(self):
"""repo does not exist"""
# this should not fail
api.get_repo(self.repo.slug, self.user.id)
self.assertRaises(api.NotFound, api.get_repo, "nonexistent_repo",
self.user.id)
self.assertRaises(api.PermissionDenied, api.get_repo, self.repo.slug,
self.user_norepo.id)
def create_task(session, user_id, task_type, task_info):
"""
Start a new Celery task from REST API.
Args:
session (SessionStore): The request session.
user_id (int): The id for user creating task.
task_type (unicode): The type of task being started.
task_info (dict): Extra information about the task.
Returns:
dict: The initial task data (will also be stored in session).
"""
if task_type == EXPORT_TASK_TYPE:
try:
repo_slug = task_info['repo_slug']
except KeyError:
raise ValidationError("Missing repo_slug")
# Verify repository ownership.
get_repo(repo_slug, user_id)
try:
exports = set(session[EXPORTS_KEY][repo_slug])
except KeyError:
exports = set()
try:
ids = task_info['ids']
except KeyError:
raise ValidationError("Missing ids")
for resource_id in ids:
if resource_id not in exports:
raise ValidationError("id {id} is not in export list".format(
id=resource_id
))
learning_resources = LearningResource.objects.filter(id__in=ids).all()
user = User.objects.get(id=user_id)
result = export_resources.delay(learning_resources, user.username)
# Put new task in session.
initial_data = track_task(session, result, task_type, task_info)
return initial_data
else:
raise ValidationError("Unknown task_type {task_type}".format(
task_type=task_type
))
def create_task(session, user_id, task_type, task_info):
"""
Start a new Celery task from REST API.
Args:
session (SessionStore): The request session.
user_id (int): The id for user creating task.
task_type (unicode): The type of task being started.
task_info (dict): Extra information about the task.
Returns:
dict: The initial task data (will also be stored in session).
"""
if task_type == EXPORT_TASK_TYPE:
try:
repo_slug = task_info['repo_slug']
except KeyError:
raise ValidationError("Missing repo_slug")
# Verify repository ownership.
get_repo(repo_slug, user_id)
try:
exports = set(session[EXPORTS_KEY][repo_slug])
except KeyError:
exports = set()
try:
ids = task_info['ids']
except KeyError:
raise ValidationError("Missing ids")
for resource_id in ids:
if resource_id not in exports:
raise ValidationError(
"id {id} is not in export list".format(id=resource_id))
learning_resources = LearningResource.objects.filter(id__in=ids).all()
user = User.objects.get(id=user_id)
result = export_resources.delay(learning_resources, user.username)
# Put new task in session.
initial_data = track_task(session, result, task_type, task_info)
return initial_data
else:
raise ValidationError(
"Unknown task_type {task_type}".format(task_type=task_type))
def test_get_repo(self):
"""repo does not exist"""
# this should not fail
api.get_repo(self.repo.slug, self.user.id)
self.assertRaises(
api.NotFound,
api.get_repo,
"nonexistent_repo",
self.user.id
)
self.assertRaises(
api.PermissionDenied,
api.get_repo,
self.repo.slug,
self.user_norepo.id
)
def upload(request, repo_slug):
"""
Upload a OLX archive.
"""
repo = get_repo(repo_slug, request.user.id)
form = UploadForm()
if request.method == "POST":
form = UploadForm(
data=request.POST, files=request.FILES)
if form.is_valid():
try:
form.save(request.user.id, repo.id)
return redirect("/repositories/{0}/".format(repo_slug))
except ValueError as ex:
# Coverage exception reasoning: After successful upload,
# extraction, and validation, any error *should* be
# "Duplicate course," and if it's not, it will be re-raised
# and we'll code for it then.
if "Duplicate course" not in ex.args: # pragma: no cover
raise ex
form.add_error("course_file", "Duplicate course")
return render(
request,
"upload.html",
{'form': form, "repo": repo},
)
def upload(request, repo_slug):
"""
Upload a OLX archive.
"""
repo = get_repo(repo_slug, request.user.id)
form = UploadForm()
if request.method == "POST":
form = UploadForm(data=request.POST, files=request.FILES)
if form.is_valid():
try:
form.save(request.user.id, repo.id)
return redirect("/repositories/{0}/".format(repo_slug))
except ValueError as ex:
# Coverage exception reasoning: After successful upload,
# extraction, and validation, any error *should* be
# "Duplicate course," and if it's not, it will be re-raised
# and we'll code for it then.
if "Duplicate course" not in ex.args: # pragma: no cover
raise ex
form.add_error("course_file", "Duplicate course")
return render(
request,
"upload.html",
{
'form': form,
"repo": repo
},
)
def has_permission(self, request, view):
try:
repo = get_repo(view.kwargs['repo_slug'], request.user.id)
except NotFound:
raise Http404()
except PermissionDenied:
return False
if request.method in SAFE_METHODS:
return True
return RepoPermission.import_course[0] in get_perms(request.user, repo)
def repository_view(request, repo_slug):
"""
View for repository page.
"""
try:
repo = get_repo(repo_slug, request.user.id)
except NotFound:
raise Http404
except LorePermissionDenied:
raise PermissionDenied
exports = request.session.get(
'learning_resource_exports', {}).get(repo.slug, [])
sortby = dict(request.GET.copy()).get('sortby', [])
if (len(sortby) > 0 and
sortby[0] in LoreSortingFields.all_sorting_fields()):
sortby_field = sortby[0]
else:
# default value
sortby_field = LoreSortingFields.DEFAULT_SORTING_FIELD
sorting_options = {
"current": LoreSortingFields.get_sorting_option(
sortby_field),
"all": LoreSortingFields.all_sorting_options_but(
sortby_field)
}
try:
page_size = int(request.GET.get(LorePagination.page_size_query_param))
except (ValueError, KeyError, TypeError):
page_size = LorePagination.page_size
if page_size <= 0:
page_size = LorePagination.page_size
elif page_size > LorePagination.max_page_size:
page_size = LorePagination.max_page_size
context = {
"repo": repo,
"perms_on_cur_repo": get_perms(request.user, repo),
"sorting_options_json": json.dumps(sorting_options),
"exports_json": json.dumps(exports),
"page_size_json": json.dumps(page_size)
}
return render(
request,
"repository.html",
context
)
def has_permission(self, request, view):
# verify repo just in case we haven't done this earlier
try:
get_repo(view.kwargs['repo_slug'], request.user.id)
except NotFound:
raise Http404()
except PermissionDenied:
return False
if request.method in SAFE_METHODS:
return True
else:
repo_slug = view.kwargs['repo_slug']
try:
repo = Repository.objects.get(slug=repo_slug)
except Repository.DoesNotExist:
raise NotFound()
return (
RepoPermission.manage_taxonomy[0]
in get_perms(request.user, repo)
)
def repository_data_view(request, repo_slug):
"""
View for repository page.
"""
try:
repo = get_repo(repo_slug, request.user.id)
except NotFound:
raise Http404
except LorePermissionDenied:
raise PermissionDenied
context = {"repo": repo}
return render(request, "data.html", context)
def repository_data_view(request, repo_slug):
"""
View for repository page.
"""
try:
repo = get_repo(repo_slug, request.user.id)
except NotFound:
raise Http404
except LorePermissionDenied:
raise PermissionDenied
context = {"repo": repo}
return render(request, "data.html", context)
def repository_view(request, repo_slug):
"""
View for repository page.
"""
try:
repo = get_repo(repo_slug, request.user.id)
except NotFound:
raise Http404
except LorePermissionDenied:
raise PermissionDenied
exports = request.session.get('learning_resource_exports',
{}).get(repo.slug, [])
sortby = dict(request.GET.copy()).get('sortby', [])
if (len(sortby) > 0
and sortby[0] in LoreSortingFields.all_sorting_fields()):
sortby_field = sortby[0]
else:
# default value
sortby_field = LoreSortingFields.DEFAULT_SORTING_FIELD
sorting_options = {
"current": LoreSortingFields.get_sorting_option(sortby_field),
"all": LoreSortingFields.all_sorting_options_but(sortby_field)
}
try:
page_size = int(request.GET.get(LorePagination.page_size_query_param))
except (ValueError, KeyError, TypeError):
page_size = LorePagination.page_size
if page_size <= 0:
page_size = LorePagination.page_size
elif page_size > LorePagination.max_page_size:
page_size = LorePagination.max_page_size
context = {
"repo": repo,
"perms_on_cur_repo": get_perms(request.user, repo),
"sorting_options_json": json.dumps(sorting_options),
"exports_json": json.dumps(exports),
"page_size_json": json.dumps(page_size)
}
return render(request, "repository.html", context)
def get_vocabulary(repo_slug, user_id, vocab_slug):
"""
Lookup vocabulary given its slug, using repo_slug to validate ownership.
Args:
repo_id (int): Repository id
user_id (int): User id
vocab_slug (unicode): Vocabulary slug
Returns:
Vocabulary (Vocabulary): The vocabulary from the database
"""
repo = get_repo(repo_slug, user_id)
try:
return repo.vocabulary_set.get(slug=vocab_slug)
except Vocabulary.DoesNotExist:
raise NotFound()
def __call__(self, request, repo_slug):
# Get arguments from the URL
# It's a subclass of an external class, so we don't have
# repo_slug in __init__.
# pylint: disable=attribute-defined-outside-init
try:
self.repo = get_repo(repo_slug, request.user.id)
except NotFound:
raise Http404()
except LorePermissionDenied:
raise PermissionDenied('unauthorized')
# get sorting from params if it's there
sortby = dict(request.GET.copy()).get('sortby', [])
if (len(sortby) > 0 and
sortby[0] in LoreSortingFields.all_sorting_fields()):
self.sortby = sortby[0]
else:
# default value
self.sortby = LoreSortingFields.DEFAULT_SORTING_FIELD
return super(RepositoryView, self).__call__(request)
def get_term(repo_slug, user_id, vocab_slug, term_slug):
"""
Get Term with existing slug, validating ownership for repo_slug
and vocab_slug.
Args:
term_id (int): Term slug
Returns:
Term (Term): The Term with the id
"""
repo = get_repo(repo_slug, user_id)
try:
return repo.vocabulary_set.get(
slug=vocab_slug
).term_set.get(
slug=term_slug
)
except Vocabulary.DoesNotExist:
raise NotFound()
except Term.DoesNotExist:
raise NotFound()
