def put(self):
if not self.json_request.get('organization') and \
not Organization.valid_id(self.json_request.get('organization')):
raise HttpErrorException.bad_request('invalid organization id')
org = Organization.get_by_id(self.json_request.get('organization'))
if not org:
raise HttpErrorException.bad_request('invalid organization id')
name = self.json_request.get('name', None)
hidden = self.json_request.get('hidden', False)
description = self.json_request.get('description', '')
if not name or name == 'super_admin' or name == 'admin':
raise HttpErrorException.bad_request('invalid group name')
if type(hidden) != bool:
raise HttpErrorException.bad_request('invalid hidden type must be boolean')
if Group.query(ndb.AND(Group.organization == org.key, Group.name == name)).count() > 0:
raise HttpErrorException.bad_request('group name taken')
group = Group(key=Group.create_key(), name=name, description=description, organization=org.key, active=True)
if hidden:
org.hidden_groups.append(group.key)
else:
org.groups.append(group.key)
ndb.put_multi([group, org])
if self.json_request.get('return', '') == 'group_dict':
self.write_json_response(group.to_dict())
def _serve_site_organizations(self):
orgs_dict = []
orgs = Organization.query()
for o in orgs.iter():
orgs_dict.append(o.to_dict())
self.write_json_response(orgs_dict)
def _gen_analytics(self):
log.info('Hourly Analytic Generator Stated')
hours = int(self.request.get('hours', 1))
for h in reversed(xrange(hours)):
log.info('Generation for hour %s', h)
start = datetime.now().replace(minute=0, second=0,
microsecond=0) - timedelta(hours=h)
log.info('Start Time: %s', start)
ana_count = 0
orgs = Organization.query()
for org in orgs.iter(keys_only=True, limit=3):
log.info('Generating Analytics for %s', org.id())
users = User.query(User.organization == org).order(
User.first_name)
for usr in users.iter(keys_only=True, limit=3):
ana_count += self._create_analytic(start=start,
org=org,
usr=usr)
ana_count += self._create_analytic(start=start)
log.info(
'Hourly Analytic Generator Finished: %s Analytics created',
ana_count)
def post(self, organization):
if not organization and not Organization.valid_id(organization):
raise HttpErrorException.bad_request('invalid organization id')
organization = Organization.get_by_id(organization)
if organization is None:
raise HttpErrorException.bad_request('invalid organization id')
user = user_user.User.get_by_id(self.json_request.get('username'))
if user is None:
raise HttpErrorException.bad_request('bad username')
if not self.user.is_admin:
lr = tt_logging.construct_log(
msg_short='Non-Admin User Tried Adding Org Admin',
msg='A Non-Admin user try setting another user as admin',
log_type=tt_logging.SECURITY, request_user=self.user,
affected_user=user, request=self.request,
artifact=organization
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
is_admin = self.json_request.get('is_admin')
if is_admin is None and not type(is_admin) == bool:
raise HttpErrorException.bad_request('invalid admin settings')
if is_admin:
if user.key not in organization.admins:
organization.admins.append(user.key)
organization.put()
lr = tt_logging.construct_log(
msg_short='User was made organization admin',
log_type=tt_logging.USER, request_user=self.user, affected_user=user,
artifact=organization, request=self.request
)
log.info(lr['dict_msg']['msg'], extra=lr)
else:
if user.key in organization.admins:
organization.admins.remove(user.key)
organization.put()
lr = tt_logging.construct_log(
msg_short='User was removed as organization admin',
log_type=tt_logging.USER, request_user=self.user, affected_user=user,
artifact=organization, request=self.request
)
log.info(lr['dict_msg']['msg'], extra=lr)
def post(self, org_id=None):
if not org_id:
raise HttpErrorException.bad_request('no org_id given')
org = Organization.get_by_id(org_id)
if not org:
raise HttpErrorException.bad_request('invalid org_id given')
org.edit(self.request, self.json_request, self.user)
def get(self, organization=None):
if organization:
self.organization = Organization.get_by_id(organization)
if not self.organization:
raise HttpErrorException.bad_request('invalid organization id')
if (not self.user.is_super_admin
or (self.organization and not self.user.is_org_admin
and self.organization.key != self.user.organization)):
raise HttpErrorException.forbidden()
temp_data = {}
template_index = JINJA_ENVIRONMENT.get_template(
'admin_panel/thinktank/analytics.html')
self.response.write(template_index.render(temp_data))
def get(self):
if self.request.get('organization_groups') is not '':
if self.request.get('organization_groups') == 'all':
organization = Organization.get_by_id(self.request.get('organization'))
if organization.is_user(self.user) or self.user.is_super_admin:
hidden = False
if self.request.get('hidden') is not '':
hidden = self.request.get('hidden')
group_array = organization.get_all_groups()
if hidden and self.user.is_admin:
hidden_group_array = organization.get_all_hidden_groups()
group_array = group_array + hidden_group_array
elif self.user.is_admin:
hidden_group_array = organization.get_all_hidden_groups()
group_array = group_array + hidden_group_array
else:
user_hidden_groups = organization.get_user_hidden_groups(self.user)
for group in user_hidden_groups:
group_array.append(group.to_dict())
self.write_json_response(group_array)
else:
lr = tt_logging.construct_log(
msg_short='User Tried Access Organization Groups',
msg='User (%s) tried to access groups that belongs to organization '
'(%s) and they are not in this organization' %
(self.user.key.id(), organization.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
artifact=organization, request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
elif self.request.get('organization_groups') == 'mine':
user_groups = self.user.get_groups()
user_groups = ndb.get_multi(user_groups)
user_groups_dict_list = []
for group in user_groups:
user_groups_dict_list.append(group.to_dict())
self.write_json_response(user_groups_dict_list)
else:
self._serve_user_groups()
def put(self, user_id=None):
if not self.user.is_admin:
lr = tt_logging.construct_log(
msg_short='Non-Admin User Try Create New User',
msg='User (%s) attemped to create a new user' % (self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
if self.json_request.get('username'):
org = None
if self.json_request.get('organization'):
org = Organization.get_by_id(self.json_request.get('organization'))
User.new(self.json_request, verify_email=False, request=self.request,
worldshare_group=Group.get_worldshare_key(), organization=org)
def get(self, organization=None):
if organization:
self.organization = Organization.get_by_id(organization)
if not self.organization:
raise HttpErrorException.bad_request('invalid organization id')
if (not self.user.is_super_admin
or (self.organization and not self.user.is_org_admin
and self.organization.key != self.user.organization)):
raise HttpErrorException.forbidden()
start_time = self.request.get('start_time', None)
try:
start_time = AnalyticsDailyStat.get_start_time(
datetime.fromtimestamp(int(start_time) / 1000))
except ValueError:
raise HttpErrorException.bad_request(
'start_time must be javascript timestamps')
end_time = AnalyticsDailyStat.get_end_time(start_time)
self.write_json_response(
self._get_analyticstats_json(AnalyticsHourlyStat,
OrgAnalyticsHourlyStat, start_time,
end_time))
def get(self):
term = self.request.get('term', '')
if term == '':
raise HttpErrorException.bad_request('no search term given')
limit = 10
if self.request.get('limit', '') != '':
try:
limit = int(self.request.get('limit'))
except ValueError:
raise HttpErrorException.bad_request('limit must be integer')
if self.user.is_super_admin and self.request.get('organization', '') != '':
org = Organization.get_by_id(self.request.get('organization'))
if not org:
raise HttpErrorException.bad_request('invalid org id')
else:
if not self.user.organization:
raise HttpErrorException.bad_request('user has not organization')
org = self.user.organization.get()
groups = org.get_all_group_objects()
if self.user.is_admin:
groups += org.get_all_hidden_group_objects()
else:
groups += org.get_user_hidden_groups(self.user)
matched_groups = []
for group in groups:
if len(matched_groups) == limit:
break
if term.lower() in group.name.lower():
matched_groups.append(group.to_dict())
if self.request.get('callback', '') != '':
self.response.write(self.request.get('callback') + '(%s)' % json.dumps(matched_groups))
else:
self.write_json_response(matched_groups)
def put(self, org_id=None):
self.write_json_response(Organization.new(self, self.json_request, self.user))
def get(self, user_id=None):
# TODO: This handler needs broken down into smaller methods. No point cleaning
# this up until that is complete.
if self.request.get('user_info') is not '':
if self.request.get('user_info') == self.user.username or self.user.is_admin:
user = User.get_by_id(self.request.get('user_info'))
if not user:
raise HttpErrorException.bad_request('invalid user id')
self.write_json_response(user.to_dict(user=self.user))
elif self.request.get('user_perms') is not '':
user = User.get_by_id(self.request.get('user_perms'))
if not user:
raise HttpErrorException.bad_request('invalid username')
if not user.is_admin and not self.user == user:
lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Another User',
msg='User (%s) attemped to access user\'s (%s) data ' %
(self.user.key.id(), user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user,
request=self.request)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
user_perms_dict = {}
for group_key in user.groups:
group = group_key.get()
if group is None:
user.groups.remove(group_key)
user.put()
lr = tt_logging.construct_log(msg_short='Broken Group Key in User Group List',
msg='Found a broken group key (%s) in the user\'s group list\n'
'Key has been removed' %
str(group_key),
log_type=tt_logging.USER, request_user=self.user, affected_user=user,
request=self.request)
log.error(lr['dict_msg']['msg'], extra=lr)
elif (group.has_permission(self.user, 'set_user_perms') or
group.has_permission(self.user, 'remove_user_perms') or
user.key == self.user.key):
perms = user.get_group_perms_dict(group)
if perms is not None:
user_perms_dict[group.key.id()] = perms
self.write_json_response(user_perms_dict)
elif self.request.get('organization_users') is not '':
if self.request.get('organization_users') == 'all':
organization = Organization.get_by_id(self.request.get('organization_id'))
if organization.is_admin(self.user) or Group.get_by_id('super_admin').key in self.user.groups:
user_array = User.get_all_users(organization, request_user=self.user)
self.write_json_response(user_array)
else:
lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Org Users',
msg='User (%s) attemped to access all Organization\'s users' %
(self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request, artifact=organization)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
elif self.request.get('non_org') is not '':
if not self.user.is_super_admin:
lr = tt_logging.construct_log(msg_short='Non-Admin User Try Accessing Org Users',
msg='User (%s) attemped to access all Organization\'s users' %
(self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
else:
users = User.query(User.organization == None).fetch()
users_dicts = []
for user in users:
users_dicts.append(user.to_dict())
self.write_json_response(users_dicts)
def get(self, organization=None):
if organization:
self.organization = Organization.get_by_id(organization)
if not self.organization:
raise HttpErrorException.bad_request('invalid organization id')
if (not self.user.is_super_admin
or (self.organization and not self.user.is_org_admin
and self.organization.key != self.user.organization)):
raise HttpErrorException.forbidden()
start_time = self.request.get('start_time', None)
limit = self.request.get('limit', 10)
ana_type = self.request.get('type', 'concept')
if ana_type not in ['concept', 'user']:
raise HttpErrorException.bad_request('invalid type')
if ana_type == 'user':
ana_type = UserAnalyticsMonthlyStat
else:
ana_type = ConceptAnalyticsMonthlyStat
try:
limit = int(limit)
except ValueError:
raise HttpErrorException.bad_request('limit must be int')
if limit > 100:
limit = 100
if not start_time:
raise HttpErrorException.bad_request('no start_time given')
try:
start_time = ana_type.get_start_time(
datetime.fromtimestamp(int(start_time) / 1000))
except ValueError:
raise HttpErrorException.bad_request(
'start_time must be javascript timestamps')
log.debug('start_time: %s', start_time)
if not self.organization:
top_total = ana_type.query(ana_type.start_time == start_time
).order(-ana_type.total).fetch(limit)
top_consumption = ana_type.query(
ana_type.start_time == start_time).order(
-ana_type.total_consumption).fetch(limit)
top_production = ana_type.query(
ana_type.start_time == start_time).order(
ana_type.total_production).fetch(limit)
else:
top_total = ana_type.query(
ndb.AND(
ana_type.start_time == start_time,
ana_type.entity_organization ==
self.organization.key)).order(-ana_type.total).fetch(limit)
top_consumption = ana_type.query(
ndb.AND(ana_type.start_time == start_time,
ana_type.entity_organization == self.organization.key)
).order(-ana_type.total_consumption).fetch(limit)
top_production = ana_type.query(
ndb.AND(ana_type.start_time == start_time,
ana_type.entity_organization == self.organization.key)
).order(-ana_type.total_production).fetch(limit)
top_total_json = []
for s in top_total:
if ana_type == ConceptAnalyticsMonthlyStat:
d = s.to_dict()
con = s.entity.get()
if con:
phr = con.get_phrasing()
else:
phr = 'Concept no longer exists'
d['phrasing'] = phr
top_total_json.append(d)
else:
d = s.to_dict()
user = s.entity.get()
if user:
username = user.username
else:
username = '******'
d['username'] = username
top_total_json.append(d)
top_consumption_json = []
for s in top_consumption:
if ana_type == ConceptAnalyticsMonthlyStat:
d = s.to_dict()
con = s.entity.get()
if con:
phr = con.get_phrasing()
else:
phr = 'Concept no longer exists'
d['phrasing'] = phr
top_consumption_json.append(d)
else:
d = s.to_dict()
user = s.entity.get()
if user:
username = user.username
else:
username = '******'
d['username'] = username
top_consumption_json.append(d)
top_production_json = []
for s in top_production:
if ana_type == ConceptAnalyticsMonthlyStat:
d = s.to_dict()
con = s.entity.get()
if con:
phr = con.get_phrasing()
else:
phr = 'Concept no longer exists'
d['phrasing'] = phr
top_production_json.append(d)
else:
d = s.to_dict()
user = s.entity.get()
if user:
username = user.username
else:
username = '******'
d['username'] = username
top_production_json.append(d)
response = {
'start_time': time.mktime(start_time.timetuple()) * 1000,
'start_time_str': str(start_time),
'top_total': top_total_json,
'top_consumption': top_consumption_json,
'top_production': top_production_json,
}
self.write_json_response(response)