def rest_get(namespace, ctype=None, _id=None):
#get the session (security)
account = get_account()
limit = int(request.params.get('limit', default=20))
page = int(request.params.get('page', default=0))
start = int(request.params.get('start', default=0))
groups = request.params.get('groups', default=None)
search = request.params.get('search', default=None)
filter = request.params.get('filter', default=None)
sort = request.params.get('sort', default=None)
query = request.params.get('query', default=None)
onlyWritable = request.params.get('onlyWritable', default=False)
noInternal = request.params.get('noInternal', default=False)
ids = request.params.get('ids', default=[])
get_id = request.params.get('_id', default=None)
fields = request.params.get('fields', default=None)
if not _id and get_id:
_id = get_id
if not isinstance(ids, list):
try:
ids = json.loads(ids)
except Exception, err:
logger.error("Impossible to decode ids: %s: %s" % (ids, err))
def rest_delete(namespace, ctype, _id=None):
account = get_account()
storage = get_storage(namespace=namespace)
logger.debug("DELETE:")
if not _id:
data = request.body.readline()
if not data:
return HTTPError(400, "No data received")
logger.debug(" + data: %s" % data)
logger.debug(" + data-type: %s" % type(data))
if isinstance(data, str):
try:
data = json.loads(data)
except Exception, err:
logger.error("DELETE: Impossible to parse data (%s)" % err)
return HTTPError(404, "Impossible to parse data")
_id = None
try:
_id = str(data['_id'])
except:
pass
try:
_id = str(data['id'])
except:
pass
def add_file():
# Must be set as text/html cause of extjs upload file method
# http://docs.sencha.com/extjs/4.0.7/#!/api/Ext.form.Basic-method-hasUpload
# A json in a string will be return to avoid Bottle to automatically set header to json
response.headers['Content-Type'] = 'text/html'
data = request.files['file-path']
if data.filename and data.file:
if allowed_mimetypes.get(data.filename.split('.')[-1], False):
content_type = allowed_mimetypes[data.filename.split('.')[-1]]
account = get_account()
storage = get_storage(account=account, namespace=namespace)
cfile_record = cfile(storage=storage)
cfile_record.put_data(data.file.read(), file_name=data.filename, content_type=content_type)
try:
file_id = storage.put(cfile_record)
data = {'success': True, 'data': {'code': 200, 'message': 'File uploaded', 'filename': data.filename, 'file_id': str(file_id)}}
except Exception as err:
data = {'success': False, 'data': {'code': 500, 'message': err}}
else:
data = {'success': False, 'data': {'code': 415, 'message': 'Unsupported Media Type'}}
else:
data = {'success': False, 'data': {'code': 400, 'message': 'Bad request'}}
return json.dumps(data)
def rest_get(namespace, ctype=None, _id=None):
#get the session (security)
account = get_account()
limit = int(request.params.get('limit', default=20))
page = int(request.params.get('page', default=0))
start = int(request.params.get('start', default=0))
groups = request.params.get('groups', default=None)
search = request.params.get('search', default=None)
filter = request.params.get('filter', default=None)
sort = request.params.get('sort', default=None)
query = request.params.get('query', default=None)
onlyWritable = request.params.get('onlyWritable', default=False)
ids = request.params.get('ids', default=[])
get_id = request.params.get('_id', default=None)
if not _id and get_id:
_id = get_id
if not isinstance(ids, list):
try:
ids = json.loads(ids)
except Exception, err:
logger.error("Impossible to decode ids: %s: %s" % (ids, err))
def account_delete(_id=None):
account = get_account()
storage = get_storage(namespace='object')
logger.debug("DELETE:")
data = request.body.readline()
if data:
try:
data = json.loads(data)
except:
logger.warning('Invalid data in request payload')
data = None
if data:
logger.debug(" + Data: %s" % data)
if isinstance(data, list):
logger.debug(" + Attempt to remove %i item from db" % len(data))
_id = []
for item in data:
if isinstance(item, str):
_id.append(item)
if isinstance(item, dict):
item_id = item.get('_id', item.get('id', None))
if item_id:
_id.append(item_id)
if isinstance(data, str):
_id = data
if isinstance(data, dict):
_id = data.get('_id', data.get('id', None))
if not _id:
return HTTPError(404, "No '_id' field in header ...")
logger.debug(" + _id: %s " % _id)
try:
storage.remove(_id, account=account)
delete_session(_id)
except:
return HTTPError(404, _id + " Not Found")
#delete all object
if not isinstance(_id, list):
_id = [_id]
mfilter = {'aaa_owner': {'$in': _id}}
record_list = storage.find(mfilter=mfilter, account=account)
record_id_list = [record._id for record in record_list]
try:
storage.remove(record_id_list, account=account)
except Exception as err:
log.error('Error While suppressing account items: %s' % err)
logger.debug('account removed')
def rest_put(namespace, ctype, _id=None):
#get the session (security)
account = get_account()
storage = get_storage(namespace=namespace, logging_level=logger.level)
#check rights on specific ctype (check ctype_to_group_access variable below)
if ctype in ctype_to_group_access:
if not check_group_rights(account, ctype_to_group_access[ctype]):
return HTTPError(403, 'Insufficient rights')
logger.debug("PUT:")
data = request.body.readline()
if not data:
return HTTPError(400, "No data received")
logger.debug(" + data: %s" % data)
logger.debug(" + data-type: %s" % type(data))
if isinstance(data, str):
try:
data = json.loads(data)
except Exception, err:
logger.error("PUT: Impossible to parse data (%s)" % err)
return HTTPError(404, "Impossible to parse data")
def delete_file(metaId=None):
account = get_account()
storage = get_storage(account=account, namespace=namespace)
rfiles = []
data = request.body.readline()
items = []
try:
items = json.loads(data)
except:
logger.warning('Invalid data in request payload')
## Only accept list for multiremove
if not isinstance(items, list):
items = []
if metaId and not items:
rfile = get_cfile(metaId, storage)
rfiles.append(rfile)
else:
logger.debug('Multi-remove: %s' % data)
for item in items:
rfile = get_cfile(item['id'], storage)
rfiles.append(rfile)
logger.debug('Remove %s files' % len(rfiles))
try:
for rfile in rfiles:
rfile.remove()
return {'total': len(rfiles),"data": [] ,"success":True}
except:
logger.error('Failed to remove file')
return HTTPError(500, "Failed to remove file")
def update_file(metaId=None):
data = json.loads(request.body.readline())
if not metaId:
metaId = data.get('id', None)
file_name = data.get('file_name', None)
logger.debug("Update file")
if not metaId:
logger.error('No file Id specified')
return HTTPError(405, " No file Id specified")
if not file_name:
logger.error('No file_name specified')
return HTTPError(405, " No file_name specified")
logger.debug(" + metaId: %s" % metaId)
logger.debug(" + file name: %s" % file_name)
account = get_account()
storage = get_storage(account=account, namespace=namespace)
try:
record = storage.get(metaId)
if record:
record.data['file_name'] = file_name
record.name = file_name
storage.put(record)
except Exception, err:
logger.error("Error when updating report %s: %s" % (metaId,err))
return HTTPError(500, "Failed to update report")
def exportView(_id=None):
logger.debug('Prepare to return view json file')
account = get_account()
storage = get_storage(namespace='object', account=account)
if not _id:
_id = request.params.get('_id', default=None)
try:
logger.debug(' + Try to get view from database')
record = storage.get(_id, account=account)
logger.debug(' + %s found' % record.name)
response.headers['Content-Disposition'] = 'attachment; filename="%s.json"' % record.name
response.headers['Content-Type'] = 'application/json'
record.parent = []
record._id = None
dump = record.dump()
output = {}
for item in dump:
if item in export_fields:
output[item] = dump[item]
return json.dumps(output, sort_keys=True, indent=4)
except Exception,err:
logger.error(' + Error while fetching view : %s' % err)
return {"total": 0, "success": False, "data": {}}
def export_objects():
logger.debug('Prepare to return objects json file')
account = get_account()
storage = get_storage(namespace='object', account=account)
ids = request.params.getall('ids')
try:
records = []
for _id in ids:
logger.debug(' + Try to get object: %s' % _id)
record = storage.get(_id, account=account)
logger.debug(' + %s found' % record.name)
dump = record.dump()
del dump['_id']
records.append(dump)
response.headers[
'Content-Disposition'] = 'attachment; filename="objects.json"'
response.headers['Content-Type'] = 'application/json'
return json.dumps(records, sort_keys=True, indent=4)
except Exception, err:
logger.error(' + Error while fetching objects : %s' % err)
return json.dumps({'error': str(err)}, sort_keys=True, indent=4)
def export_object(_id=None):
logger.debug('Prepare to return object json file')
account = get_account()
storage = get_storage(namespace='object', account=account)
if not _id:
_id = request.params.get('_id', default=None)
try:
logger.debug(' + Try to get object from database')
record = storage.get(_id, account=account)
logger.debug(' + %s found' % record.name)
response.headers[
'Content-Disposition'] = 'attachment; filename="%s.json"' % record.name
response.headers['Content-Type'] = 'application/json'
dump = record.dump()
del dump['_id']
return json.dumps(dump, sort_keys=True, indent=4)
except Exception, err:
logger.error(' + Error while fetching object : %s' % err)
return json.dumps({'error': str(err)}, sort_keys=True, indent=4)
def rest_put(namespace, ctype, _id=None):
#get the session (security)
account = get_account()
storage = get_storage(namespace=namespace)
#check rights on specific ctype (check ctype_to_group_access variable below)
if ctype in ctype_to_group_access:
if not check_group_rights(account,ctype_to_group_access[ctype]):
return HTTPError(403, 'Insufficient rights')
logger.debug("PUT:")
data = request.body.readline()
if not data:
return HTTPError(400, "No data received")
logger.debug(" + data: %s" % data)
logger.debug(" + data-type: %s" % type(data))
if isinstance(data, str):
try:
data = json.loads(data)
except Exception, err:
logger.error("PUT: Impossible to parse data (%s)" % err)
return HTTPError(404, "Impossible to parse data")
def export_object(_id=None):
logger.debug('Prepare to return object json file')
account = get_account()
storage = get_storage(namespace='object', account=account)
if not _id:
_id = request.params.get('_id', default=None)
try:
logger.debug(' + Try to get object from database')
record = storage.get(_id, account=account)
logger.debug(' + %s found' % record.name)
response.headers['Content-Disposition'] = 'attachment; filename="%s.json"' % record.name
response.headers['Content-Type'] = 'application/json'
dump = record.dump()
del dump['_id']
return json.dumps(dump, sort_keys=True, indent=4)
except Exception,err:
logger.error(' + Error while fetching object : %s' % err)
return json.dumps({'error': str(err)}, sort_keys=True, indent=4)
def account_delete(_id=None):
account = get_account()
storage = get_storage(namespace='object')
logger.debug("DELETE:")
data = request.body.readline()
if data:
try:
data = json.loads(data)
except:
logger.warning('Invalid data in request payload')
data = None
if data:
logger.debug(" + Data: %s" % data)
if isinstance(data, list):
logger.debug(" + Attempt to remove %i item from db" % len(data))
_id = []
for item in data:
if isinstance(item,str):
_id.append(item)
if isinstance(item,dict):
item_id = item.get('_id', item.get('id', None))
if item_id:
_id.append(item_id)
if isinstance(data, str):
_id = data
if isinstance(data, dict):
_id = data.get('_id', data.get('id', None))
if not _id:
return HTTPError(404, "No '_id' field in header ...")
logger.debug(" + _id: %s " % _id)
try:
storage.remove(_id, account=account)
delete_session(_id)
except:
return HTTPError(404, _id+" Not Found")
#delete all object
if not isinstance(_id, list):
_id = [_id]
mfilter = {'aaa_owner':{'$in':_id}}
record_list = storage.find(mfilter=mfilter,account=account)
record_id_list = [record._id for record in record_list]
try:
storage.remove(record_id_list,account=account)
except Exception as err:
log.error('Error While suppressing account items: %s' % err)
logger.debug('account removed')
def export_objects():
logger.debug('Prepare to return objects json file')
account = get_account()
storage = get_storage(namespace='object', account=account)
ids = request.params.getall('ids')
try:
records = []
for _id in ids:
logger.debug(' + Try to get object: %s' % _id)
record = storage.get(_id, account=account)
logger.debug(' + %s found' % record.name)
dump = record.dump()
del dump['_id']
records.append(dump)
response.headers['Content-Disposition'] = 'attachment; filename="objects.json"'
response.headers['Content-Type'] = 'application/json'
return json.dumps(records, sort_keys=True, indent=4)
except Exception, err:
logger.error(' + Error while fetching objects : %s' % err)
return json.dumps({'error': str(err)}, sort_keys=True, indent=4)
def add_file():
# Must be set as text/html cause of extjs upload file method
# http://docs.sencha.com/extjs/4.0.7/#!/api/Ext.form.Basic-method-hasUpload
# A json in a string will be return to avoid Bottle to automatically set header to json
response.headers['Content-Type'] = 'text/html'
data = request.files['file-path']
if data.filename and data.file:
if allowed_mimetypes.get(data.filename.split('.')[-1], False):
content_type = allowed_mimetypes[data.filename.split('.')[-1]]
account = get_account()
storage = get_storage(account=account, namespace=namespace)
cfile_record = cfile(storage=storage)
cfile_record.put_data(data.file.read(), file_name=data.filename, content_type=content_type)
try:
file_id = storage.put(cfile_record)
data = {'success': True, 'data': {'code': 200, 'message': 'File uploaded', 'filename': data.filename, 'file_id': str(file_id)}}
except Exception as err:
data = {'success': False, 'data': {'code': 500, 'message': err}}
else:
data = {'success': False, 'data': {'code': 415, 'message': 'Unsupported Media Type'}}
else:
data = {'success': False, 'data': {'code': 400, 'message': 'Bad request'}}
return json.dumps(data)
def send_report():
account = get_account()
reportStorage = cstorage(account=account, namespace='files')
recipients = request.params.get('recipients', default=None)
_id = request.params.get('_id', default=None)
body = request.params.get('body', default=None)
subject = request.params.get('subject', default=None)
meta = reportStorage.get(_id)
meta.__class__ = cfile
mail = {
'account': account,
'attachments': meta,
'recipients': recipients,
'subject': subject,
'body': body,
}
try:
task = task_mail.send.delay(**mail)
output = task.get()
return {'success': True, 'total': '1', 'data': {'output': output}}
except Exception, err:
logger.error('Error when run subtask mail : %s' % err)
return {
'success': False,
'total': '1',
'data': {
'output': 'Mail sending failed'
}
}
def account_newAuthKey(dest_account):
if not dest_account:
return HTTPError(404, 'No account specified')
#------------------------get accounts----------------------
account = get_account()
storage = get_storage(namespace='object',account=account)
_id = 'account.%s' % dest_account
try:
aim_account = caccount(storage.get(_id,account=account))
except:
logger.debug('aimed account not found')
return HTTPError(404, 'Wrong account name or no enough rights')
#---------------------generate new key-------------------
logger.debug('Change AuthKey for : %s' % aim_account.user)
try:
aim_account.generate_new_authkey()
storage.put(aim_account,account=account)
logger.debug('New auth key is : %s' % aim_account.get_authkey())
return {'total': 0, 'success': True, 'data': {'authkey': aim_account.get_authkey(),'account':aim_account.user}}
except Exception,err:
logger.error('Error while updating auth key : %s' % err)
return {'total': 0, 'success': False, 'data': {}}
def tree_delete(name=None):
namespace = "object"
account = get_account()
storage = get_storage(namespace=namespace, account=account, logging_level=logging.DEBUG)
record = storage.get(name, account=account)
if isinstance(record, crecord):
if len(record.children) == 0:
if record.check_write(account=account):
# remove record from its parent child list
for parent in record.parent:
parent_rec = storage.get(parent, account=account)
parent_rec.remove_children(record)
if parent_rec.check_write(account=account):
storage.put(parent_rec, account=account)
else:
logger.debug("Access Denied")
return HTTPError(403, "Access Denied")
try:
storage.remove(record, account=account)
except Exception, err:
logger.error(err)
return HTTPError(404, "Error while removing: %s" % err)
else:
logger.debug("Access Denied")
return HTTPError(403, "Access Denied")
else:
logger.warning("This record have children, remove those child before")
def files(metaId=None):
if metaId:
account = get_account()
storage = get_storage(account=account, namespace=namespace)
logger.debug("Get file '%s'" % metaId)
rfile = get_cfile(metaId, storage)
file_name = rfile.data['file_name']
content_type = rfile.data['content_type']
logger.debug(" + File name: %s" % file_name)
logger.debug(" + Content type: %s" % content_type)
logger.debug(" + Bin Id: %s" % rfile.get_binary_id())
data = rfile.get()
if data:
response.headers['Content-Disposition'] = 'attachment; filename="%s"' % file_name
response.headers['Content-Type'] = content_type
try:
return data
except Exception, err:
logger.error(err)
else:
logger.error('No report found in gridfs')
return HTTPError(404, " Not Found")
def account_get_me():
namespace = 'object'
ctype = 'account'
#get the session (security)
account = get_account()
storage = get_storage(namespace=namespace)
#try:
logger.debug(" + Try to get '%s' ... " % account._id)
record = storage.get(account._id, account=account)
#logger.debug(" + Result: '%s'" % record)
#except Exception, err:
# self.logger.error("Exception !\nReason: %s" % err)
# return HTTPError(404, _id+" Not Found")
if record:
data = record.dump(json=True)
data['id'] = data['_id']
output = [data]
reload_account(account._id, record)
output = {'total': 1, 'success': True, 'data': output}
logger.debug(" + Output: " + str(output))
logger.debug('Response status: %s' % response.status)
return output
def update_file(metaId=None):
data = json.loads(request.body.readline())
if not metaId:
metaId = data.get('id', None)
file_name = data.get('file_name', None)
logger.debug("Update file")
if not metaId:
logger.error('No file Id specified')
return HTTPError(405, " No file Id specified")
if not file_name:
logger.error('No file_name specified')
return HTTPError(405, " No file_name specified")
logger.debug(" + metaId: %s" % metaId)
logger.debug(" + file name: %s" % file_name)
account = get_account()
storage = get_storage(account=account, namespace=namespace)
try:
record = storage.get(metaId)
if record:
record.data['file_name'] = file_name
record.name = file_name
storage.put(record)
except Exception, err:
logger.error("Error when updating report %s: %s" % (metaId,err))
return HTTPError(500, "Failed to update report")
def remove_account_from_group(group_id=None, account_id=None):
session_account = get_account()
storage = get_storage(namespace='object', account=session_account)
if not group_id or not account_id:
return HTTPError(400, 'Bad request, must specified group and account')
#get group && account
if group_id.find('group.') == -1:
group_id = 'group.%s' % group_id
if account_id.find('account.') == -1:
account_id = 'account.%s' % account_id
logger.debug('Try to get %s and %s' % (account_id, group_id))
try:
account_record = storage.get(account_id, account=session_account)
account = caccount(account_record)
group_record = storage.get(group_id, account=session_account)
group = cgroup(group_record)
except Exception, err:
logger.error('error while fetching %s and %s : %s' %
(account_id, group_id, err))
return HTTPError(403, 'Record not found or insufficient rights')
def delete_file(metaId=None):
account = get_account()
storage = get_storage(account=account, namespace=namespace)
rfiles = []
data = request.body.readline()
items = []
try:
items = json.loads(data)
except:
logger.warning('Invalid data in request payload')
## Only accept list for multiremove
if not isinstance(items, list):
items = []
if metaId and not items:
rfile = get_cfile(metaId, storage)
rfiles.append(rfile)
else:
logger.debug('Multi-remove: %s' % data)
for item in items:
rfile = get_cfile(item['id'], storage)
rfiles.append(rfile)
logger.debug('Remove %s files' % len(rfiles))
try:
for rfile in rfiles:
rfile.remove()
return {'total': len(rfiles),"data": [] ,"success":True}
except:
logger.error('Failed to remove file')
return HTTPError(500, "Failed to remove file")
def account_newAuthKey(dest_account):
if not dest_account:
return HTTPError(404, 'No account specified')
#------------------------get accounts----------------------
account = get_account()
storage = get_storage(namespace='object', account=account)
_id = 'account.%s' % dest_account
try:
aim_account = caccount(storage.get(_id, account=account))
except:
logger.debug('aimed account not found')
return HTTPError(404, 'Wrong account name or no enough rights')
#---------------------generate new key-------------------
logger.debug('Change AuthKey for : %s' % aim_account.user)
try:
aim_account.generate_new_authkey()
storage.put(aim_account, account=account)
logger.debug('New auth key is : %s' % aim_account.get_authkey())
return {
'total': 0,
'success': True,
'data': {
'authkey': aim_account.get_authkey(),
'account': aim_account.user
}
}
except Exception, err:
logger.error('Error while updating auth key : %s' % err)
return {'total': 0, 'success': False, 'data': {}}
def files(metaId=None):
if metaId:
account = get_account()
storage = cstorage(account=account, namespace=namespace)
logger.debug("Get file '%s'" % metaId)
meta = storage.get(metaId)
meta.__class__ = cfile
file_name = meta.data['file_name']
content_type = meta.data['content_type']
logger.debug(" + File name: %s" % file_name)
logger.debug(" + Content type: %s" % content_type)
report = meta.get(storage)
if report:
response.headers['Content-Disposition'] = 'attachment; filename="%s"' % file_name
response.headers['Content-Type'] = content_type
try:
return report
except Exception, err:
logger.error(err)
else:
logger.error('No report found in gridfs')
return HTTPError(404, " Not Found")
def account_get_me():
namespace = 'object'
ctype= 'account'
#get the session (security)
account = get_account()
storage = get_storage(namespace=namespace)
#try:
logger.debug(" + Try to get '%s' ... " % account._id)
record = storage.get(account._id, account=account)
#logger.debug(" + Result: '%s'" % record)
#except Exception, err:
# self.logger.error("Exception !\nReason: %s" % err)
# return HTTPError(404, _id+" Not Found")
if record:
data = record.dump(json=True)
data['id'] = data['_id']
output = [data]
reload_account(account._id,record)
output={'total': 1, 'success': True, 'data': output}
logger.debug(" + Output: "+str(output))
logger.debug('Response status: %s' % response.status)
return output
def send_report():
account = get_account()
reportStorage = cstorage(account=account, namespace='files')
recipients = request.params.get('recipients', default=None)
_id = request.params.get('_id', default=None)
body = request.params.get('body', default=None)
subject = request.params.get('subject', default=None)
meta = reportStorage.get(_id)
meta.__class__ = cfile
mail = {
'account':account,
'attachments': meta,
'recipients':recipients,
'subject':subject,
'body': body,
}
try:
task = task_mail.send.delay(**mail)
output = task.get()
return {'success':True,'total':'1','data':{'output':output}}
except Exception, err:
logger.error('Error when run subtask mail : %s' % err)
return {'success':False,'total':'1','data':{'output':'Mail sending failed'}}
def remove_account_from_group(group_id=None,account_id=None):
session_account = get_account()
storage = get_storage(namespace='object',account=session_account)
if not group_id or not account_id:
return HTTPError(400, 'Bad request, must specified group and account')
#get group && account
if group_id.find('group.') == -1:
group_id = 'group.%s' % group_id
if account_id.find('account.') == -1:
account_id = 'account.%s' % account_id
logger.debug('Try to get %s and %s' % (account_id,group_id))
try:
account_record = storage.get(account_id,account=session_account)
account = caccount(account_record)
group_record = storage.get(group_id,account=session_account)
group = cgroup(group_record)
except Exception,err:
logger.error('error while fetching %s and %s : %s' % (account_id,group_id,err))
return HTTPError(403, 'Record not found or insufficient rights')
def tree_delete(_id=None):
logger.debug('DELETE:')
account = get_account()
storage = get_storage(namespace='object',
account=account,
logging_level=logging.DEBUG)
ids = []
try:
data = json.loads(request.body.readline())
if not isinstance(data, list):
data = [data]
for view in data:
ids.append(view['_id'])
except:
logger.debug('No payload for delete action')
ids.append(_id)
output = {}
for _id in ids:
try:
record = storage.get(_id, account=account)
except Exception, err:
logger.info(' + Record not found: %s' % _id)
output[_id] = {'success': False, 'output': 'Record not found'}
continue
if len(record.children) == 0:
if record.check_write(account=account):
#remove record from its parent child list
for parent in record.parent:
parent_rec = storage.get(parent, account=account)
parent_rec.remove_children(record)
if parent_rec.check_write(account=account):
storage.put(parent_rec, account=account)
else:
logger.info(' + No sufficient rights on parent %s' %
parent_rec.name)
output[parent_rec.name] = {
'success': False,
'output': 'No right to remove children'
}
#remove the record
try:
storage.remove(record, account=account)
output[record.name] = {'success': True, 'output': ''}
except Exception, err:
logger.error(err)
output[record.name] = {'success': False, 'output': err}
else:
logger.info(' + No sufficient rights on %s' %
parent_rec.crecord_name)
output[record.name] = {
'success': False,
'output': 'No sufficient rights'
}
def delete_file(metaId):
account = get_account()
storage = cstorage(account=account, namespace=namespace)
try :
storage.remove(metaId,account=account)
except:
logger.error('Failed to remove file')
return HTTPError(500, "Failed to remove file")
def get_timeline(start=None, stop=None):
#get user and access to mongo
account = get_account()
storage = get_storage(namespace='events_log')
#get data in payload
start = request.params.get('start', default=None)
stop = request.params.get('stop', default=None)
#set returned variable
output = {}
total = None
#build filter for mongo request (put advanced option in it)
mfilter = {'$and': [{'crecord_type': 'event'}]}
if start:
mfilter['and'].append({'timestamp': {'$gt': start}})
if stop:
mfilter['and'].append({'timestamp': {'$lt': stop}})
#clean mfilter
mfilter = clean_mfilter(mfilter)
records = storage.find(mfilter, account=account)
tmp_output = {}
for record in records:
dump = record.dump()
if not tmp_output.has_key(dump['event_id']):
tmp_output[dump['event_id']] = []
tmp_output[dump['event_id']].append(dump)
events = {}
for tag in tmp_output.keys():
prev_id = None
for record in tmp_output[tag]:
item = {}
if (prev_id != None):
events[prev_id]['end'] = datetime.fromtimestamp(
record['timestamp']).isoformat(
) #strftime('%Y-%m-%d %H:%M:%S')
item['title'] = str(dump['component'])
if 'long_output' in record:
item['description'] = record['long_output']
item['start'] = datetime.fromtimestamp(
record['timestamp']).isoformat(
) #strftime('%Y-%m-%d %H:%M:%S')
item['durationEvent'] = True
events[record['_id']] = item
prev_id = record['_id']
output['events'] = events.values()
output['dateTimeFormat'] = 'iso8601'
output['wiki-url'] = "http://simile.mit.edu/shelf/"
output['wiki-section'] = "Simile JFK Timeline"
#return the total, the success of function and the requested data in output
return output
def generate_report(startTime, stopTime,view_name,mail=None):
account = get_account()
storage = cstorage(account=account, namespace='object')
if(isinstance(mail,str)):
try:
mail = json.loads(mail)
except Exception, err:
logger.error('Error while transform string mail to object' % err)
def update_view_relatives(_id=None):
logger.debug('PUT:')
account = get_account()
storage = get_storage(namespace='object', account=account)
data = json.loads(request.body.readline())
output = update_view(data, storage, account)
return {"total": len(data), "success": True, "data": output}
def generate_report(startTime, stopTime,view_name,mail=None):
account = get_account()
if not check_group_rights(account,group_managing_access):
return HTTPError(403, 'Insufficient rights')
storage = cstorage(account=account, namespace='object')
if(isinstance(mail,str)):
try:
mail = json.loads(mail)
except Exception, err:
logger.error('Error while transform string mail to object' % err)
def get_rights(namespace,crecord_id=None):
account = get_account()
storage = get_storage(namespace=namespace, account=account, logging_level=logging.DEBUG)
if(crecord_id != None):
record = storage.get(crecord_id, account=account)
if isinstance(record, crecord):
return {"success": True, "data": record.dump(json=True)}
else:
logger.warning('The record doesn\'t exist')
def get_all_menu():
_id = request.params.get('node', default=[])
#if _id == 'root' means we want all menu
if _id == 'root':
_id = []
account = get_account()
storage = get_storage(namespace='object')
#if _id == 'menu.view' catch all view, parsed them and give them in json
if _id == 'menu.view':
logger.debug('menu.view catched ------------------------------------------------->')
mfilter = {'crecord_type': 'view'}
records = storage.find(mfilter,account=account)
#logger.debug(str(records))
output = []
for record in records:
## Check if view is not pointed by menu
mfilter = { 'crecord_type': 'menu', 'view': record._id }
item = storage.find_one(mfilter,account=account)
if not item:
logger.debug(str(record.dump()))
data = record.data
#data['id'] = str(record._id)
data['text'] = record.name
data['view'] = record._id
data['leaf'] = True
if 'template' in data:
if not data['template'] == True:
output.append(data)
else:
output.append(data)
output = json.dumps(output)
#logger.debug(" + Output: "+str(output))
return output
###############
logger.debug("Get menu:")
logger.debug(" + Node: "+str(_id))
records = storage.get_childs_of_parent(_id, rtype='menu', account=account)
output = []
for record in records:
data = record.data
data['id'] = str(record._id)
data['text'] = record.name
output.append(data)
output = json.dumps(output)
return output
def account_delete(_id):
account = get_account()
storage = get_storage(namespace='object')
logger.debug("DELETE:")
logger.debug(" + _id: "+str(_id))
try:
storage.remove(_id, account=account)
#storage.remove('directory.root.%s' % _id.split('.')[1], account=account)
logger.debug('account removed')
except:
return HTTPError(404, _id+" Not Found")
def get_timeline(start=None,stop=None):
#get user and access to mongo
account = get_account()
storage = get_storage(namespace='events_log')
#get data in payload
start = request.params.get('start', default=None)
stop = request.params.get('stop', default=None)
#set returned variable
output = { }
total = None
#build filter for mongo request (put advanced option in it)
mfilter = {'$and':[{'crecord_type':'event'}]}
if start :
mfilter['and'].append({'timestamp': {'$gt': start}})
if stop :
mfilter['and'].append({'timestamp': {'$lt': stop}})
#clean mfilter
mfilter = clean_mfilter(mfilter)
records = storage.find(mfilter, account=account)
tmp_output = {}
for record in records:
dump = record.dump()
if not tmp_output.has_key(dump['event_id']) :
tmp_output[dump['event_id']] = []
tmp_output[dump['event_id']].append(dump)
events = {}
for tag in tmp_output.keys() :
prev_id = None
for record in tmp_output[tag] :
item = {}
if ( prev_id != None ) :
events[prev_id]['end'] = datetime.fromtimestamp(record['timestamp']).isoformat()#strftime('%Y-%m-%d %H:%M:%S')
item['title'] = str(dump['component'])
if 'long_output' in record :
item['description'] = record['long_output']
item['start'] = datetime.fromtimestamp(record['timestamp']).isoformat()#strftime('%Y-%m-%d %H:%M:%S')
item['durationEvent'] = True
events[record['_id']] = item
prev_id = record['_id']
output['events'] = events.values()
output['dateTimeFormat'] = 'iso8601'
output['wiki-url'] = "http://simile.mit.edu/shelf/"
output['wiki-section'] = "Simile JFK Timeline"
#return the total, the success of function and the requested data in output
return output
def generate_report(startTime, stopTime,view_name,mail=None, timezone=time.timezone):
stopTime = int(stopTime)
startTime = int(startTime)
account = get_account()
storage = cstorage(account=account, namespace='object')
if mail:
try:
mail = json.loads(mail)
except Exception, err:
logger.error('Error while transform string mail to object' % err)
mail = None
def generate_report(startTime, stopTime, view_name, mail=None):
stopTime = int(stopTime)
startTime = int(startTime)
account = get_account()
storage = cstorage(account=account, namespace='object')
if mail:
try:
mail = json.loads(mail)
except Exception, err:
logger.error('Error while transform string mail to object' % err)
mail = None
def files(metaId=None):
# Arg option for attachement http option (default: True)
as_attachment = True
if request.params.get('as_attachment') in ['false', 'False', '0']:
as_attachment = False
if metaId:
account = get_account()
storage = get_storage(account=account, namespace=namespace)
logger.debug("Get file '%s'" % metaId)
try:
rfile = get_cfile(metaId, storage)
except Exception as err:
logger.error('File not found: %s' % err)
return HTTPError(404, "File not found")
file_name = rfile.data['file_name']
content_type = rfile.data['content_type'] or 'application/octet-stream'
logger.debug(" + File name: %s" % file_name)
logger.debug(" + Content type: %s" % content_type)
logger.debug(" + Bin Id: %s" % rfile.get_binary_id())
try:
data = rfile.get()
except Exception as err:
logger.error('Error while file fetching: %s' % err)
if data:
if as_attachment:
try:
response.headers[
'Content-Disposition'] = 'attachment; filename="%s"' % file_name.encode(
"utf8")
except Exception as err:
logger.error(err)
return HTTPError(500, "Impossible to encode file_name.")
response.headers['Content-Type'] = content_type
try:
return data
except Exception as err:
logger.error(err)
else:
logger.error('File not found in gridfs')
return HTTPError(404, "File not found")
else:
return list_files()
def rest_delete(namespace, ctype, _id=None):
account = get_account()
storage = get_storage(namespace=namespace)
logger.debug("DELETE:")
data = request.body.readline()
if data:
try:
data = json.loads(data)
except:
logger.warning('Invalid data in request payload')
if isinstance(data,list):
logger.debug(" + Attempt to remove %i item from db" % len(data))
if _id:
_id = [_id]
else:
_id = []
for item in data:
if isinstance(item,str):
_id = item
if isinstance(item,dict):
if '_id' in item:
_id.append(item['_id'])
if 'id' in item:
_id.append(item['id'])
if not _id:
if isinstance(data,str):
_id = data
if isinstance(data,dict):
if '_id' in data:
_id = str(data['_id'])
if 'id' in data:
_id = str(data['id'])
if not _id:
logger.error("DELETE: No '_id' field in header ...")
return HTTPError(404, "No '_id' field in header ...")
logger.debug(" + _id: %s" % _id)
try:
storage.remove(_id, account=account)
except:
return HTTPError(404, _id+" Not Found")
def files(metaId=None):
# Arg option for attachement http option (default: True)
as_attachment = True
if request.params.get('as_attachment') in ['false', 'False', '0']:
as_attachment = False
if metaId:
account = get_account()
storage = get_storage(account=account, namespace=namespace)
logger.debug("Get file '%s'" % metaId)
try:
rfile = get_cfile(metaId, storage)
except Exception as err:
logger.error('File not found: %s' % err)
return HTTPError(404, "File not found")
file_name = rfile.data['file_name']
content_type = rfile.data['content_type'] or 'application/octet-stream'
logger.debug(" + File name: %s" % file_name)
logger.debug(" + Content type: %s" % content_type)
logger.debug(" + Bin Id: %s" % rfile.get_binary_id())
try:
data = rfile.get()
except Exception as err:
logger.error('Error while file fetching: %s' % err)
if data:
if as_attachment:
try:
response.headers['Content-Disposition'] = 'attachment; filename="%s"' % file_name.encode("utf8")
except Exception as err:
logger.error(err)
return HTTPError(500, "Impossible to encode file_name.")
response.headers['Content-Type'] = content_type
try:
return data
except Exception as err:
logger.error(err)
else:
logger.error('File not found in gridfs')
return HTTPError(404, "File not found")
else:
return list_files()
def tree_delete(_id=None):
logger.debug('DELETE:')
account = get_account()
storage = get_storage(namespace='object', account=account, logging_level=logging.DEBUG)
ids = []
try:
data = json.loads(request.body.readline())
if not isinstance(data,list):
data = [data]
for view in data:
ids.append(view['_id'])
except:
logger.debug('No payload for delete action')
ids.append(_id)
output = {}
for _id in ids:
try:
record = storage.get(_id, account=account)
except Exception, err:
logger.info(' + Record not found: %s' %_id)
output[_id] = {'success':False, 'output':'Record not found'}
continue
if len(record.children) == 0:
if record.check_write(account=account):
#remove record from its parent child list
for parent in record.parent:
parent_rec = storage.get(parent, account=account)
parent_rec.remove_children(record )
if parent_rec.check_write(account=account):
storage.put(parent_rec,account=account)
else:
logger.info(' + No sufficient rights on parent %s' % parent_rec.name)
output[parent_rec.name] = {'success':False,'output':'No right to remove children'}
#remove the record
try:
storage.remove(record, account=account)
output[record.name] = {'success':True,'output':''}
except Exception, err:
logger.error(err)
output[record.name] = {'success':False,'output':err}
else:
logger.info(' + No sufficient rights on %s' % parent_rec.crecord_name)
output[record.name] = {'success':False,'output':'No sufficient rights'}
def account_setConfig(_id):
account = get_account()
storage = get_storage(namespace='object')
value = request.params.get('value', default=None)
logger.debug(" + setConfig '%s' => '%s'" % (_id, value))
if value:
account.data[_id] = value
storage.put(account, account=account)
output = {'total': 0, 'success': True, 'data': []}
else:
output = {'total': 0, 'success': False, 'data': []}
return output
def check_exist(name=None):
account = get_account()
storage = get_storage(namespace='object', account=account)
mfilter = {'crecord_name':name}
try:
logger.debug('try to get view')
record_child = storage.find_one(mfilter=mfilter, account=account)
if record_child:
return {"total": 1, "success": True, "data": {'exist' : True}}
else:
return {"total": 0, "success": True, "data": {'exist' : False}}
except Exception,err:
logger.error('Error while fetching view : %s' % err)
return {"total": 0, "success": False, "data": {}}
def rest_delete(namespace, ctype, _id=None):
account = get_account()
storage = get_storage(namespace=namespace, logging_level=logger.level)
logger.debug("DELETE:")
data = request.body.readline()
if data:
try:
data = json.loads(data)
except:
logger.warning('Invalid data in request payload')
data = None
if data:
logger.debug(" + Data: %s" % data)
if isinstance(data, list):
logger.debug(" + Attempt to remove %i item from db" % len(data))
_id = []
for item in data:
if isinstance(item, str):
_id.append(item)
if isinstance(item, dict):
item_id = item.get('_id', item.get('id', None))
if item_id:
_id.append(item_id)
if isinstance(data, str):
_id = data
if isinstance(data, dict):
_id = data.get('_id', data.get('id', None))
if not _id:
logger.error("DELETE: No '_id' field in header ...")
return HTTPError(404, "No '_id' field in header ...")
logger.debug(" + _id: %s" % _id)
try:
storage.remove(_id, account=account)
except:
return HTTPError(404, _id + " Not Found")
def tree_get():
namespace = 'object'
account = get_account()
storage = get_storage(namespace=namespace, account=account, logging_level=logging.DEBUG)
node = request.params.get('node', default= None)
output = []
total = 0
if node:
parentNode = storage.get('directory.root', account=account)
storage.recursive_get(parentNode,account=account)
output = parentNode.recursive_dump(json=True)
return output
def files(metaId=None):
if metaId:
account = get_account()
storage = get_storage(account=account, namespace=namespace)
logger.debug("Get file '%s'" % metaId)
try:
rfile = get_cfile(metaId, storage)
except Exception as err:
logger.error('File not found: %s' % err)
return HTTPError(404, "File not found")
file_name = rfile.data['file_name']
content_type = rfile.data['content_type']
logger.debug(" + File name: %s" % file_name)
logger.debug(" + Content type: %s" % content_type)
logger.debug(" + Bin Id: %s" % rfile.get_binary_id())
try:
data = rfile.get()
except Exception as err:
logger.error('Error while file fetching: %s' % err)
if data:
try:
response.headers[
'Content-Disposition'] = 'attachment; filename="%s"' % file_name.encode(
"utf8")
except Exception as err:
logger.error(err)
return HTTPError(500, "Impossible to encode file_name.")
response.headers['Content-Type'] = content_type
try:
return data
except Exception as err:
logger.error(err)
else:
logger.error('File not found in gridfs')
return HTTPError(404, "File not found")
else:
return list_files()
def account_get_avatar(_id=None):
account = get_account()
storage = get_storage(namespace='object', account=account)
if not _id:
_id = account._id
logger.debug('getAvatar of: %s' % _id)
record = storage.get(_id, account=caccount(user="******", group="root"))
if not record or not record.data.get('avatar_id', None):
redirect("/static/canopsis/widgets/stream/logo/ui.png")
avatar_id = record.data.get('avatar_id')
logger.debug(' + avatar_id: %s' % avatar_id)
redirect("/files/%s" % avatar_id)
def list_files():
limit = int(request.params.get('limit', default=20))
start = int(request.params.get('start', default=0))
sort = request.params.get('sort', default=None)
filter = request.params.get('filter', default={})
###########account and storage
account = get_account()
storage = get_storage(account=account, namespace=namespace)
logger.debug("List files")
###########load filter
if filter:
try:
filter = json.loads(filter)
except Exception, err:
logger.error("Filter decode: %s" % err)
filter = {}
def rest_get_media(namespace, _id):
account = get_account()
storage = get_storage(namespace=namespace, logging_level=logger.level)
logger.debug("Get media '%s' from '%s':" % (_id, namespace))
try:
raw = storage.get(_id,
account=account,
namespace=namespace,
mfields=["media_bin", "media_name", "media_type"],
ignore_bin=False)
media_type = raw.get('media_type', None)
media_name = raw.get('media_name', None)
media_bin = raw.get('media_bin', None)
except Exception, err:
logger.error(err)
return HTTPError(404, err)
def account_get(_id=None):
namespace = 'object'
ctype = 'account'
#get the session (security)
account = get_account()
if not check_group_rights(account, 'group.account_managing'):
return HTTPError(403, 'Insufficient rights')
limit = int(request.params.get('limit', default=20))
#page = int(request.params.get('page', default=0))
start = int(request.params.get('start', default=0))
#groups = request.params.get('groups', default=None)
search = request.params.get('search', default=None)
logger.debug("GET:")
logger.debug(" + User: "******" + Group(s): " + str(account.groups))
logger.debug(" + namespace: " + str(namespace))
logger.debug(" + Ctype: " + str(ctype))
logger.debug(" + _id: " + str(_id))
logger.debug(" + Limit: " + str(limit))
#logger.debug(" + Page: "+str(page))
logger.debug(" + Start: " + str(start))
#logger.debug(" + Groups: "+str(groups))
logger.debug(" + Search: " + str(search))
storage = get_storage(namespace=namespace)
total = 0
mfilter = {}
if ctype:
mfilter = {'crecord_type': ctype}
if _id:
try:
records = [storage.get(_id, account=account)]
total = 1
except Exception, err:
self.logger.error("Exception !\nReason: %s" % err)
return HTTPError(404, _id + " Not Found")
def account_post():
#get the session (security)
account = get_account()
storage = get_storage(namespace='object', account=account)
logger.debug("POST:")
data = request.body.readline()
if not data:
return HTTPError(400, "No data received")
data = json.loads(data)
## Clean data
try:
del data['_id']
del data['id']
del data['crecord_type']
except:
pass
if data['user']:
#check if already exist
already_exist = False
_id = "account.%s" % data['user']
try:
record = storage.get(_id, account=account)
logger.debug('Update account %s' % _id)
already_exist = True
except:
logger.debug('Create account %s' % _id)
if already_exist:
return HTTPError(
405, "Account already exist, use put method for update !")
#----------------------------CREATION--------------------------
create_account(data)
else:
logger.warning('WARNING : no user specified ...')
def change_rights(namespace,crecord_id=None):
account = get_account()
storage = get_storage(namespace=namespace, account=account, logging_level=logging.DEBUG)
#get put data
aaa_owner = request.params.get('aaa_owner', default=None)
aaa_group = request.params.get('aaa_group', default=None)
aaa_access_owner = request.params.get('aaa_access_owner', default=None)
aaa_access_group = request.params.get('aaa_access_group', default=None)
aaa_access_other = request.params.get('aaa_access_other', default=None)
if(crecord_id != None):
record = storage.get(crecord_id, account=account)
if isinstance(record, crecord):
logger.debug('record found, changing rights/owner')
#change owner and group
if aaa_owner is not None:
record.chown(aaa_owner)
if aaa_group is not None:
record.chgrp(aaa_group)
#change rights
if aaa_access_owner is not None:
record.access_owner = json.loads(aaa_access_owner)
if aaa_access_group is not None:
record.access_group = json.loads(aaa_access_group)
if aaa_access_other is not None:
record.access_other = json.loads(aaa_access_other)
#logger.debug(json.dumps(record.dump(json=True), sort_keys=True, indent=4))
try:
storage.put(record,account=account)
except:
logger.error('Access denied')
return HTTPError(403, "Access denied")
else:
logger.warning('The record doesn\'t exist')
def account_getAuthKey(dest_account):
if not dest_account:
return HTTPError(404, 'No account specified')
#------------------------get accounts----------------------
account = get_account()
storage = get_storage(namespace='object', account=account)
_id = 'account.%s' % dest_account
try:
aim_account = caccount(storage.get(_id, account=account))
return {
'total': 1,
'success': True,
'data': {
'authkey': aim_account.get_authkey()
}
}
except Exception, err:
logger.debug('Error while fetching account : %s' % err)
return {'total': 0, 'success': False, 'data': {'output': str(err)}}
