def experiment_stats(request, epn):
"""Get stats about an experiment associated with the given EPN.
:param request: a HTTP Request instance
:type request: :class:`django.http.HttpRequest`
:param epn: the EPN (proposal number) of the experiment to be edited
:type epn: string
:rtype: :class:`django.http.HttpResponse`
"""
if not (request.META['REMOTE_ADDR'] == '114.30.64.13' or request.META['REMOTE_USER'] == 'admin'):
return return_response_error(request)
try:
epn_param = models.ExperimentParameter.objects.get(name__name__exact='EPN', string_value=epn)
experiment_id = epn_param.parameterset.experiment.pk
#experiment = models.Experiment.safe.get(request, experiment_id)
except PermissionDenied:
return return_response_error(request)
except models.ExperimentParameter.DoesNotExist:
return return_response_not_found(request)
# calculate the sum of the datafile sizes
datafile_sizes = models.Dataset_File.objects.filter(dataset__experiment=experiment_id).values_list('size', flat=True)
json_dict = {}
json_dict['total_file_count'] = len(datafile_sizes)
json_dict['total_file_size'] = sum(map(long, datafile_sizes))
response = HttpResponse(json.dumps(json_dict), mimetype='application/json')
response['Pragma'] = 'no-cache'
response['Cache-Control'] = 'no-cache, must-revalidate'
return response
def view_rifcs(request, experiment_id):
"""View the rif-cs of an existing experiment.
:param request: a HTTP Request instance
:type request: :class:`django.http.HttpRequest`
:param experiment_id: the ID of the experiment to be viewed
:type experiment_id: string
:rtype: :class:`django.http.HttpResponse`
"""
try:
experiment = Experiment.safe.get(request.user, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
try:
rifcs_provs = settings.RIFCS_PROVIDERS
except AttributeError:
rifcs_provs = ()
from tardis.tardis_portal.publish.publishservice import PublishService
pservice = PublishService(rifcs_provs, experiment)
context = pservice.get_context()
if context is None:
# return error page or something
return return_response_error(request)
template = pservice.get_template()
return HttpResponse(render_response_index(request,
template, context), content_type="text/xml")
def get(self, request, *args, **kwargs):
"""
View an existing experiment.
:param request: a HTTP Request instance
:type request: :class:`django.http.HttpRequest`
:param experiment_id: the ID of the experiment
:rtype: :class:`django.http.HttpResponse`
"""
experiment_id = kwargs.get('experiment_id', None)
if experiment_id is None:
return return_response_error(request)
try:
experiment = Experiment.safe.get(request.user, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
if not experiment:
return return_response_not_found(request)
view_override = self.find_custom_view_override(request, experiment)
if view_override is not None:
return view_override
c = self.get_context_data(request, experiment)
template_name = kwargs.get('template_name', None)
if template_name is None:
template_name = self.template_name
return HttpResponse(render_response_index(request, template_name, c))
def table(request, experiment_id):
# http://datatables.net/usage/server-side
if len(request.GET) == 0:
return return_response_error(request)
sort_col_index = ''
sort_col_name = ''
sort_desc = ''
try:
if int(request.GET['iSortingCols']) != 1:
return return_response_error(request)
sort_col_index = request.GET['iSortCol_0']
sort_col_name = request.GET['mDataProp_' + sort_col_index]
sort_desc = request.GET['sSortDir_0'] == 'desc'
except:
return return_response_error(request)
experiment = Experiment.objects.get(pk=experiment_id)
parameter_names = ParameterName.objects.filter(datafileparameter__parameterset__dataset_file__dataset__experiment=experiment).distinct()
datafiles = Dataset_File.objects.filter(dataset__experiment=experiment)
if sort_col_name == 'filename':
if sort_desc:
datafiles = datafiles.order_by('-filename')
else:
datafiles = datafiles.order_by('filename')
post_filter = False
else:
datafiles = datafiles.order_by('filename')
post_filter = True
filter = ''
limit = ''
offset = ''
try:
filter = request.GET['sSearch']
limit = int(request.GET['iDisplayLength'])
offset = int(request.GET['iDisplayStart'])
except:
return return_response_error(request)
filtered_datafiles = _filter(datafiles, filter)
dfs = [(x.id, x.filename) for x in filtered_datafiles[offset:offset+limit]]
df_ids = [x[0] for x in dfs]
params_by_file = _params_by_file(df_ids, parameter_names)
rows = _get_rows(dfs, parameter_names, params_by_file, sort_desc, post_filter, sort_col_name)
resp = {}
resp['sEcho'] = int(request.GET['sEcho'])
resp['aaData'] = rows
resp['iTotalRecords'] = datafiles.count()
resp['iTotalDisplayRecords'] = filtered_datafiles.count()
return HttpResponse(json.dumps(resp), mimetype='application/json')
def change_user_permissions(request, experiment_id, username):
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
return return_response_error(request)
try:
experiment = Experiment.objects.get(pk=experiment_id)
except Experiment.DoesNotExist:
return return_response_error(request)
try:
expt_acls = Experiment.safe.user_acls(experiment_id)
acl = None
for eacl in expt_acls:
if eacl.pluginId == 'django_user' and \
eacl.get_related_object().id == user.id:
acl = eacl
#acl = expt_acls.filter(entityId=str(user.id))
if acl is None:
raise ObjectACL.DoesNotExist
owner_acls = [oacl for oacl in expt_acls if oacl.isOwner]
except ObjectACL.DoesNotExist:
return return_response_error(request)
if request.method == 'POST':
form = ChangeUserPermissionsForm(request.POST, instance=acl)
if form.is_valid():
if 'isOwner' in form.changed_data and \
form.cleaned_data['isOwner'] is False and \
len(owner_acls) == 1:
owner = owner_acls[0].get_related_object()
plugin = owner_acls[0].pluginId
if plugin == 'django_user' and owner.id == user.id:
return render_error_message(
request,
'Cannot remove ownership, every experiment must have at '
'least one user owner.',
status=409)
form.save()
url = reverse('tardis.tardis_portal.views.control_panel')
return HttpResponseRedirect(url)
else:
form = ChangeUserPermissionsForm(instance=acl)
c = {
'form': form,
'header': "Change User Permissions for '%s'" % user.username
}
return HttpResponse(
render_response_index(request, 'tardis_portal/form_template.html', c))
def change_user_permissions(request, experiment_id, username):
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
return return_response_error(request)
try:
experiment = Experiment.objects.get(pk=experiment_id)
except Experiment.DoesNotExist:
return return_response_error(request)
try:
expt_acls = Experiment.safe.user_acls(experiment_id)
acl = None
for eacl in expt_acls:
if eacl.pluginId == 'django_user' and \
eacl.get_related_object().id == user.id:
acl = eacl
#acl = expt_acls.filter(entityId=str(user.id))
if acl is None:
raise ObjectACL.DoesNotExist
owner_acls = [oacl for oacl in expt_acls if oacl.isOwner]
except ObjectACL.DoesNotExist:
return return_response_error(request)
if request.method == 'POST':
form = ChangeUserPermissionsForm(request.POST, instance=acl)
if form.is_valid():
if 'isOwner' in form.changed_data and \
form.cleaned_data['isOwner'] is False and \
len(owner_acls) == 1:
owner = owner_acls[0].get_related_object()
plugin = owner_acls[0].pluginId
if plugin == 'django_user' and owner.id == user.id:
return render_error_message(
request,
'Cannot remove ownership, every experiment must have at '
'least one user owner.', status=409)
form.save()
url = reverse('tardis.tardis_portal.views.control_panel')
return HttpResponseRedirect(url)
else:
form = ChangeUserPermissionsForm(instance=acl)
c = {'form': form,
'header':
"Change User Permissions for '%s'" % user.username}
return HttpResponse(render_response_index(
request, 'tardis_portal/form_template.html', c))
def change_group_permissions(request, experiment_id, group_id):
try:
group = Group.objects.get(pk=group_id)
except Group.DoesNotExist:
return return_response_error(request)
try:
experiment = Experiment.objects.get(pk=experiment_id)
except Experiment.DoesNotExist:
return return_response_error(request)
try:
acl = ObjectACL.objects.get(content_type=experiment.get_ct(),
object_id=experiment.id,
pluginId='django_group',
entityId=str(group.id),
aclOwnershipType=ObjectACL.OWNER_OWNED)
except ObjectACL.DoesNotExist:
return return_response_error(request)
if request.method == 'POST':
form = ChangeGroupPermissionsForm(request.POST)
if form.is_valid():
acl.canRead = form.cleaned_data['canRead']
acl.canWrite = form.cleaned_data['canWrite']
acl.canDelete = form.cleaned_data['canDelete']
acl.effectiveDate = form.cleaned_data['effectiveDate']
acl.expiryDate = form.cleaned_data['expiryDate']
acl.save()
return HttpResponseRedirect('/experiment/control_panel/')
else:
form = ChangeGroupPermissionsForm(
initial={
'canRead': acl.canRead,
'canWrite': acl.canWrite,
'canDelete': acl.canDelete,
'effectiveDate': acl.effectiveDate,
'expiryDate': acl.expiryDate
})
c = {
'form': form,
'header': "Change Group Permissions for '%s'" % group.name
}
return HttpResponse(
render_response_index(request, 'tardis_portal/form_template.html', c))
def wrap(request, *args, **kwargs):
if not request.user.groups.filter(
name=getattr(
settings, 'PUBLICATION_OWNER_GROUP',
default_settings.PUBLICATION_OWNER_GROUP)).exists():
return return_response_error(request)
return f(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
"""
:param request: a HTTP request object
:type request: :class:`django.http.HttpRequest`
:return: The Django response object
:rtype: :class:`django.http.HttpResponse`
"""
dataset_id = kwargs.get('dataset_id', None)
if dataset_id is None:
return return_response_error(request)
dataset = Dataset.objects.get(id=dataset_id)
if not dataset:
return return_response_not_found(request)
c = self.get_context_data(request, dataset, **kwargs)
template_name = kwargs.get('template_name', None)
if template_name is None:
template_name = self.template_name
return HttpResponse(render_response_index(request, template_name, c))
def new_sample(request, experiment_id):
try:
experiment = Experiment.safe.get(request, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
c = Context()
c['experiment'] = experiment
samples = Sample.objects.filter(experiment=experiment_id)
c['sample_count'] = samples.count() + 1
if request.method == 'POST':
form = SampleForm(request.POST)
if form.is_valid():
sample = form.save(experiment_id, commit=False)
sample.save_m2m()
request.POST = {'status': "Sample Created."}
return _redirect(experiment_id)
c['status'] = "Errors exist in form."
c["error"] = 'true'
else:
form = SampleForm(extra=1)
c['form'] = form
c['status'] = form.errors
return HttpResponse(render_response_index(request,
'tardis_portal/experiment_sample.html', c))
def wrap(request, *args, **kwargs):
dataset_id = kwargs['dataset_id']
if not has_dataset_write(request, dataset_id):
if request.is_ajax():
return HttpResponse("")
return return_response_error(request)
return f(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
"""
:param request: a HTTP request object
:type request: :class:`django.http.HttpRequest`
:return: The Django response object
:rtype: :class:`django.http.HttpResponse`
"""
dataset_id = kwargs.get('dataset_id', None)
if dataset_id is None:
return return_response_error(request)
dataset = Dataset.objects.get(id=dataset_id)
if not dataset:
return return_response_not_found(request)
c = self.get_context_data(request, dataset, **kwargs)
template_name = kwargs.get('template_name', None)
if template_name is None:
template_name = self.template_name
return HttpResponse(render_response_index(
request,
template_name,
c)
)
def wrap(request, *args, **kwargs):
if not request.user.groups.filter(
name=getattr(
settings, 'PUBLICATION_OWNER_GROUP',
default_settings.PUBLICATION_OWNER_GROUP)).exists():
return return_response_error(request)
return f(request, *args, **kwargs)
def wrap(request, *args, **kwargs):
dataset_id = kwargs['dataset_id']
if not has_dataset_write(request, dataset_id):
if request.is_ajax():
return HttpResponse("")
return return_response_error(request)
return f(request, *args, **kwargs)
def edit_datafile_par(request, parameterset_id):
parameterset = DatafileParameterSet.objects.get(id=parameterset_id)
if authz.has_write_permissions(
request, parameterset.dataset_file.dataset.experiment.id):
return edit_parameters_alt(request, parameterset, otype="datafile")
else:
return return_response_error(request)
def edit_datafile_par(request, parameterset_id):
parameterset = DatafileParameterSet.objects.get(id=parameterset_id)
if authz.has_write_permissions(request,
parameterset.dataset_file.dataset.experiment.id):
return edit_parameters_alt(request, parameterset, otype="datafile")
else:
return return_response_error(request)
def get(self, request, *args, **kwargs):
"""
The index view, intended to render the front page of the MyTardis site
listing recent experiments.
This default view can be overriden by defining a dictionary INDEX_VIEWS in
settings which maps SITE_ID's or domain names to an alternative view
function (similar to the DATASET_VIEWS or EXPERIMENT_VIEWS overrides).
:param request: a HTTP request object
:type request: :class:`django.http.HttpRequest`
:return: The Django response object
:rtype: :class:`django.http.HttpResponse`
"""
dataset_id = kwargs.get('dataset_id', None)
if dataset_id is None:
return return_response_error(request)
dataset = Dataset.objects.get(id=dataset_id)
if not dataset:
return return_response_not_found(request)
view_override = self.find_custom_view_override(request, dataset)
if view_override is not None:
return view_override
c = self.get_context_data(request, dataset, **kwargs)
template_name = kwargs.get('template_name', None)
if template_name is None:
template_name = self.template_name
return HttpResponse(render_response_index(request, template_name, c))
def load_experiment_image(request, parameter_id):
parameter = ExperimentParameter.objects.get(pk=parameter_id)
experiment_id = parameter.parameterset.experiment.id
if authz.has_experiment_access(request, experiment_id):
return load_image(request, parameter)
else:
return return_response_error(request)
def load_dataset_image(request, parameter_id):
parameter = DatasetParameter.objects.get(pk=parameter_id)
dataset = parameter.parameterset.dataset
if authz.has_dataset_access(request, dataset.id):
return load_image(request, parameter)
else:
return return_response_error(request)
def add_experiment_par(request, experiment_id):
parentObject = Experiment.objects.get(id=experiment_id)
if authz.has_write_permissions(request, parentObject.id):
return add_par_alt(request, parentObject, otype="experiment",
stype=Schema.EXPERIMENT)
else:
return return_response_error(request)
def add_dataset_par(request, dataset_id):
parentObject = Dataset.objects.get(id=dataset_id)
if authz.has_write_permissions(request, parentObject.experiment.id):
return add_par_alt(request, parentObject, otype="dataset",
stype=Schema.DATASET)
else:
return return_response_error(request)
def _list_related_info(request, experiment_id):
if not authz.has_experiment_access(request, experiment_id):
return return_response_error(request)
sets = ExperimentParameterSet.objects.filter(schema__namespace=SCHEMA_URI)
return HttpResponse(json.dumps([_get_dict_from_ps(ps)
for ps in sets]),
content_type='application/json; charset=utf-8')
def get(self, request, *args, **kwargs):
"""
The index view, intended to render the front page of the MyTardis site
listing recent experiments.
This default view can be overriden by defining a dictionary INDEX_VIEWS in
settings which maps SITE_ID's or domain names to an alternative view
function (similar to the DATASET_VIEWS or EXPERIMENT_VIEWS overrides).
:param request: a HTTP request object
:type request: :class:`django.http.HttpRequest`
:return: The Django response object
:rtype: :class:`django.http.HttpResponse`
"""
dataset_id = kwargs.get('dataset_id', None)
if dataset_id is None:
return return_response_error(request)
dataset = Dataset.objects.get(id=dataset_id)
if not dataset:
return return_response_not_found(request)
view_override = self.find_custom_view_override(request, dataset)
if view_override is not None:
return view_override
c = self.get_context_data(request, dataset, **kwargs)
template_name = kwargs.get('template_name', None)
if template_name is None:
template_name = self.template_name
return HttpResponse(render_response_index(request, template_name, c))
def edit_sample(request, experiment_id, sample_id):
try:
experiment = Experiment.safe.get(request, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
c = Context()
c['experiment'] = experiment
sample = Sample.objects.get(id=sample_id)
c['sample_count'] = sample.name
if request.POST:
form = SampleForm(request.POST, instance=sample, extra=0)
if form.is_valid():
full_sample = form.save(experiment_id, commit=False)
full_sample.save_m2m()
request.POST = {'status': "Sample Created."}
return _redirect(experiment_id)
c['status'] = "Errors exist in form."
c["error"] = 'true'
else:
form = SampleForm(instance=sample, extra=0)
c['form'] = form
c['status'] = form.errors
return HttpResponse(render_response_index(request,
'tardis_portal/experiment_sample.html', c))
def change_group_permissions(request, experiment_id, group_id):
try:
group = Group.objects.get(pk=group_id)
except Group.DoesNotExist:
return return_response_error(request)
try:
experiment = Experiment.objects.get(pk=experiment_id)
except Experiment.DoesNotExist:
return return_response_error(request)
try:
acl = ObjectACL.objects.get(
content_type=experiment.get_ct(),
object_id=experiment.id,
pluginId='django_group',
entityId=str(group.id),
aclOwnershipType=ObjectACL.OWNER_OWNED)
except ObjectACL.DoesNotExist:
return return_response_error(request)
if request.method == 'POST':
form = ChangeGroupPermissionsForm(request.POST)
if form.is_valid():
acl.canRead = form.cleaned_data['canRead']
acl.canWrite = form.cleaned_data['canWrite']
acl.canDelete = form.cleaned_data['canDelete']
acl.effectiveDate = form.cleaned_data['effectiveDate']
acl.expiryDate = form.cleaned_data['expiryDate']
acl.save()
return HttpResponseRedirect('/experiment/control_panel/')
else:
form = ChangeGroupPermissionsForm(
initial={'canRead': acl.canRead,
'canWrite': acl.canWrite,
'canDelete': acl.canDelete,
'effectiveDate': acl.effectiveDate,
'expiryDate': acl.expiryDate})
c = {'form': form,
'header': "Change Group Permissions for '%s'" % group.name}
return HttpResponse(render_response_index(
request, 'tardis_portal/form_template.html', c))
def _create_download_response(request,
datafile_id,
disposition='attachment'): # too complex # noqa
# Get datafile (and return 404 if absent)
try:
datafile = DataFile.objects.get(pk=datafile_id)
except DataFile.DoesNotExist:
return return_response_not_found(request)
# Check users has access to datafile
if not has_datafile_download_access(request=request,
datafile_id=datafile.id):
return return_response_error(request)
# Send an image that can be seen in the browser
if disposition == 'inline' and datafile.is_image():
from tardis.tardis_portal.iiif import download_image
args = (request, datafile.id, 'full', 'full', '0', 'native')
# Send unconverted image if web-compatible
if datafile.get_mimetype() in ('image/gif', 'image/jpeg', 'image/png'):
return download_image(*args)
# Send converted image
return download_image(*args, format='png')
# Send local file
try:
verified_only = True
# Query parameter to allow download of unverified files
ignore_verif = request.GET.get('ignore_verification_status', '0')
# Ensure ignore_verification_status=0 etc works as expected
# a bare ?ignore_verification_status is True
if ignore_verif.lower() in [u'', u'1', u'true']:
verified_only = False
# Get file object for datafile
file_obj = datafile.get_file(verified_only=verified_only)
if not file_obj:
# If file path doesn't resolve, return not found
if verified_only:
return render_error_message(request, "File is unverified, "
"please try again later.",
status=503)
return return_response_not_found(request)
wrapper = FileWrapper(file_obj, blksize=65535)
response = StreamingHttpResponse(wrapper,
content_type=datafile.get_mimetype())
response['Content-Disposition'] = \
'%s; filename="%s"' % (disposition, datafile.filename)
return response
except IOError:
# If we can't read the file, return not found
return return_response_not_found(request)
except ValueError: # raised when replica not verified TODO: custom excptn
redirect = request.META.get(
'HTTP_REFERER', 'http://%s/' % request.META.get('HTTP_HOST'))
message = """The file you are trying to access has not yet been
verified. Verification is an automated background process.
Please try again later or contact the system
administrator if the issue persists."""
message = ' '.join(message.split()) # removes spaces
redirect = redirect + '#error:' + message
return HttpResponseRedirect(redirect)
def _create_download_response(request, datafile_id, disposition='attachment'): # too complex # noqa
# Get datafile (and return 404 if absent)
try:
datafile = DataFile.objects.get(pk=datafile_id)
except DataFile.DoesNotExist:
return return_response_not_found(request)
# Check users has access to datafile
if not has_datafile_download_access(request=request,
datafile_id=datafile.id):
return return_response_error(request)
# Send an image that can be seen in the browser
if disposition == 'inline' and datafile.is_image():
from tardis.tardis_portal.iiif import download_image
args = (request, datafile.id, 'full', 'full', '0', 'native')
# Send unconverted image if web-compatible
if datafile.get_mimetype() in ('image/gif', 'image/jpeg', 'image/png'):
return download_image(*args)
# Send converted image
return download_image(*args, format='png')
# Send local file
try:
verified_only = True
# Query parameter to allow download of unverified files
ignore_verif = request.GET.get('ignore_verification_status', '0')
# Ensure ignore_verification_status=0 etc works as expected
# a bare ?ignore_verification_status is True
if ignore_verif.lower() in [u'', u'1', u'true']:
verified_only = False
# Get file object for datafile
file_obj = datafile.get_file(verified_only=verified_only)
if not file_obj:
# If file path doesn't resolve, return not found
if verified_only:
return render_error_message(request,
"File is unverified, "
"please try again later.",
status=503)
return return_response_not_found(request)
wrapper = FileWrapper(file_obj, blksize=65535)
response = StreamingHttpResponse(wrapper,
content_type=datafile.get_mimetype())
response['Content-Disposition'] = \
'%s; filename="%s"' % (disposition, datafile.filename)
return response
except IOError:
# If we can't read the file, return not found
return return_response_not_found(request)
except ValueError: # raised when replica not verified TODO: custom excptn
redirect = request.META.get('HTTP_REFERER',
'http://%s/' %
request.META.get('HTTP_HOST'))
message = """The file you are trying to access has not yet been
verified. Verification is an automated background process.
Please try again later or contact the system
administrator if the issue persists."""
message = ' '.join(message.split()) # removes spaces
redirect = redirect + '#error:' + message
return HttpResponseRedirect(redirect)
def wrap(request, *args, **kwargs):
user = request.user
if not request.user.is_authenticated():
return HttpResponseRedirect('/login?next=%s' % request.path)
if not (is_group_admin(request, kwargs['group_id']) or
user.is_superuser):
return return_response_error(request)
return f(request, *args, **kwargs)
def wrap(request, *args, **kwargs):
user = request.user
if not user.is_authenticated():
return HttpResponseRedirect('/login?next=%s' % request.path)
if not (has_experiment_ownership(request, kwargs['experiment_id'])
or user.is_superuser):
return return_response_error(request)
return f(request, *args, **kwargs)
def wrap(request, *args, **kwargs):
user = request.user
if not user.is_authenticated():
return HttpResponseRedirect('/login?next=%s' % request.path)
if not (has_experiment_ownership(request, kwargs['experiment_id']) or
user.is_superuser):
return return_response_error(request)
return f(request, *args, **kwargs)
def wrap(request, *args, **kwargs):
user = request.user
if not request.user.is_authenticated():
return HttpResponseRedirect('/login?next=%s' % request.path)
if not (is_group_admin(request, kwargs['group_id'])
or user.is_superuser):
return return_response_error(request)
return f(request, *args, **kwargs)
def experiment_description(request, experiment_id):
"""View an existing experiment's description. To be loaded via ajax.
:param request: a HTTP Request instance
:type request: :class:`django.http.HttpRequest`
:param experiment_id: the ID of the experiment to be edited
:type experiment_id: string
:rtype: :class:`django.http.HttpResponse`
"""
c = {}
try:
experiment = Experiment.safe.get(request.user, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
c['experiment'] = experiment
c['subtitle'] = experiment.title
c['nav'] = [{
'name': 'Data',
'link': '/experiment/view/'
}, {
'name': experiment.title,
'link': experiment.get_absolute_url()
}]
c['authors'] = experiment.experimentauthor_set.all()
c['datafiles'] = \
DataFile.objects.filter(dataset__experiments=experiment_id)
c['owners'] = experiment.get_owners()
# calculate the sum of the datafile sizes
c['size'] = DataFile.sum_sizes(c['datafiles'])
c['has_download_permissions'] = \
authz.has_experiment_download_access(request, experiment_id)
c['has_write_permissions'] = \
authz.has_write_permissions(request, experiment_id)
if request.user.is_authenticated():
c['is_owner'] = authz.has_experiment_ownership(request, experiment_id)
_add_protocols_and_organizations(request, experiment, c)
if 'status' in request.GET:
c['status'] = request.GET['status']
if 'error' in request.GET:
c['error'] = request.GET['error']
return HttpResponse(
render_response_index(
request, 'tardis_portal/ajax/experiment_description.html', c))
def add_user_to_group(request, group_id, username):
if username == settings.TOKEN_USERNAME:
return HttpResponse('User does not exist: %s' % username)
authMethod = localdb_auth_key
isAdmin = False
if 'isAdmin' in request.GET:
if request.GET['isAdmin'] == 'true':
isAdmin = True
try:
authMethod = request.GET['authMethod']
if authMethod == localdb_auth_key:
user = User.objects.get(username=username)
else:
user = UserAuthentication.objects.get(
username=username,
authenticationMethod=authMethod).userProfile.user
except User.DoesNotExist:
return return_response_error(request)
except UserAuthentication.DoesNotExist:
return return_response_error(request)
try:
group = Group.objects.get(pk=group_id)
except Group.DoesNotExist:
return HttpResponse('Group does not exist.')
if user.groups.filter(name=group.name).count() > 0:
return HttpResponse('User %s is already member of that group.'
% username)
user.groups.add(group)
user.save()
if isAdmin:
groupadmin = GroupAdmin(user=user, group=group)
groupadmin.save()
c = {'user': user, 'group_id': group_id, 'isAdmin': isAdmin}
return HttpResponse(render_response_index(
request,
'tardis_portal/ajax/add_user_to_group_result.html', c))
def authorize(request):
# TODO real state randomly generated, URL in settings
url = aaf_settings.AAF_OAUTH2_CODE_URL
code = ''
state = ''
c = Context({})
if 'code' in request.GET:
c['authorization_code'] = request.GET['code']
code = request.GET['code']
if 'state' in request.GET:
c['state'] = request.GET['state']
state = request.GET['state']
response = request_aaf_info(url=url, code=code, state=state)
c['response'] = response
if response is None:
return return_response_error(request)
response_dict = json.loads(response)
# check if response contains error or none
if 'error' in response_dict:
return return_response_error(request)
# check if response doesn't contain mail or cn attributes
if 'mail' not in response_dict or 'cn' not in response_dict:
return return_response_error(request)
username = get_username_from_aaf_email(response_dict['mail'])
first_name = response_dict['cn'].split(" ")[:1][0]
last_name = ' '.join(response_dict['cn'].split(" ")[1:])
mail = response_dict['mail']
c['first_name'] = first_name
user = authenticate(username, first_name, last_name, mail)
login(request, user)
return HttpResponse(render_response_index(
request, 'aaf/aaf.html', c))
def add_user_to_group(request, group_id, username):
if username == settings.TOKEN_USERNAME:
return HttpResponse('User does not exist: %s' % username)
authMethod = localdb_auth_key
isAdmin = False
if 'isAdmin' in request.GET:
if request.GET['isAdmin'] == 'true':
isAdmin = True
try:
authMethod = request.GET['authMethod']
if authMethod == localdb_auth_key:
user = User.objects.get(username=username)
else:
user = UserAuthentication.objects.get(
username=username,
authenticationMethod=authMethod).userProfile.user
except User.DoesNotExist:
return return_response_error(request)
except UserAuthentication.DoesNotExist:
return return_response_error(request)
try:
group = Group.objects.get(pk=group_id)
except Group.DoesNotExist:
return HttpResponse('Group does not exist.')
if user.groups.filter(name=group.name).count() > 0:
return HttpResponse('User %s is already member of that group.'
% username)
user.groups.add(group)
user.save()
if isAdmin:
groupadmin = GroupAdmin(user=user, group=group)
groupadmin.save()
c = {'user': user, 'group_id': group_id, 'isAdmin': isAdmin}
return HttpResponse(render_response_index(
request,
'tardis_portal/ajax/add_user_to_group_result.html', c))
def load_datafile_image(request, parameter_id):
try:
parameter = DatafileParameter.objects.get(pk=parameter_id)
except DatafileParameter.DoesNotExist:
return HttpResponseNotFound()
datafile = parameter.parameterset.datafile
if authz.has_datafile_access(request, datafile.id):
return load_image(request, parameter)
return return_response_error(request)
def add_dataset_par(request, dataset_id):
parentObject = Dataset.objects.get(id=dataset_id)
if authz.has_write_permissions(request, parentObject.experiment.id):
return add_par_alt(request,
parentObject,
otype="dataset",
stype=Schema.DATASET)
else:
return return_response_error(request)
def add_experiment_par(request, experiment_id):
parentObject = Experiment.objects.get(id=experiment_id)
if authz.has_write_permissions(request, parentObject.id):
return add_par_alt(request,
parentObject,
otype="experiment",
stype=Schema.EXPERIMENT)
else:
return return_response_error(request)
def load_datafile_image(request, parameter_id):
try:
parameter = DatafileParameter.objects.get(pk=parameter_id)
except DatafileParameter.DoesNotExist:
return HttpResponseNotFound()
datafile = parameter.parameterset.datafile
if authz.has_datafile_access(request, datafile.id):
return load_image(request, parameter)
return return_response_error(request)
def add_datafile_par(request, datafile_id):
parentObject = DataFile.objects.get(id=datafile_id)
if authz.has_dataset_write(request, parentObject.dataset.id):
return add_par(request,
parentObject,
otype="datafile",
stype=Schema.DATAFILE)
else:
return return_response_error(request)
def mint_key(request, exp_id):
experiment = Experiment.objects.get(id=exp_id)
try:
key_service = ExperimentKeyService()
except Schema.DoesNotExist:
logger.exception("No ExperimentKeyService Schema found")
return return_response_error(request)
except ParameterName.DoesNotExist:
logger.exception("No ExperimentKeyService ParameterName found")
return return_response_error(request)
key = key_service.get_key(experiment)
if not key:
key = key_service.mint_key(experiment)
return HttpResponse(json.dumps(key), mimetype='application/json')
def authorize(request):
# TODO real state randomly generated, URL in settings
url = aaf_settings.AAF_OAUTH2_CODE_URL
code = ''
state = ''
c = Context({})
if 'code' in request.GET:
c['authorization_code'] = request.GET['code']
code = request.GET['code']
if 'state' in request.GET:
c['state'] = request.GET['state']
state = request.GET['state']
response = request_aaf_info(url=url, code=code, state=state)
c['response'] = response
if response is None:
return return_response_error(request)
response_dict = json.loads(response)
# check if response contains error or none
if 'error' in response_dict:
return return_response_error(request)
# check if response doesn't contain mail or cn attributes
if 'mail' not in response_dict or 'cn' not in response_dict:
return return_response_error(request)
username = get_username_from_aaf_email(response_dict['mail'])
first_name = response_dict['cn'].split(" ")[:1][0]
last_name = ' '.join(response_dict['cn'].split(" ")[1:])
mail = response_dict['mail']
c['first_name'] = first_name
user = authenticate(username, first_name, last_name, mail)
login(request, user)
return HttpResponse(render_response_index(request, 'aaf/aaf.html', c))
def _get_related_info(request, experiment_id, related_info_id):
if not authz.has_experiment_access(request, experiment_id):
return return_response_error(request)
try:
ps = ExperimentParameterSet.objects.get(schema__namespace=SCHEMA_URI,
id=related_info_id)
return HttpResponse(json.dumps(_get_dict_from_ps(ps)),
content_type='application/json; charset=utf-8')
except:
return return_response_not_found(request)
def _get_related_info(request, experiment_id, related_info_id):
if not authz.has_experiment_access(request, experiment_id):
return return_response_error(request)
try:
ps = ExperimentParameterSet.objects.get(schema__namespace=SCHEMA_URI,
id=related_info_id)
return HttpResponse(json.dumps(_get_dict_from_ps(ps)),
content_type='application/json; charset=utf-8')
except:
return return_response_not_found(request)
def mint_key(request, exp_id):
experiment = Experiment.objects.get(id=exp_id)
try:
key_service = ExperimentKeyService()
except Schema.DoesNotExist:
logger.exception("No ExperimentKeyService Schema found")
return return_response_error(request)
except ParameterName.DoesNotExist:
logger.exception("No ExperimentKeyService ParameterName found")
return return_response_error(request)
key = key_service.get_key(experiment)
if not key:
key = key_service.mint_key(experiment)
return HttpResponse(json.dumps(key),
mimetype='application/json')
def token_login(request, token):
django_logout(request)
from tardis.tardis_portal.auth import login, token_auth
logger.debug('token login')
user = token_auth.authenticate(request, token)
if not user:
return return_response_error(request)
login(request, user)
experiment = Experiment.objects.get(token__token=token)
return HttpResponseRedirect(experiment.get_absolute_url())
def display_datafile_image(
request, datafile_id, parameterset_id, parameter_name):
# TODO handle not exist
if not authz.has_datafile_access(request, datafile_id):
return return_response_error(request)
image = DatafileParameter.objects.get(name__name=parameter_name,
parameterset=parameterset_id)
return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def token_login(request, token):
django_logout(request)
from tardis.tardis_portal.auth import login, token_auth
logger.debug('token login')
user = token_auth.authenticate(request, token)
if not user:
return return_response_error(request)
login(request, user)
experiment = Experiment.objects.get(token__token=token)
return HttpResponseRedirect(experiment.get_absolute_url())
def experiment_description(request, experiment_id):
"""View an existing experiment's description. To be loaded via ajax.
:param request: a HTTP Request instance
:type request: :class:`django.http.HttpRequest`
:param experiment_id: the ID of the experiment to be edited
:type experiment_id: string
:rtype: :class:`django.http.HttpResponse`
"""
c = {}
try:
experiment = Experiment.safe.get(request.user, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
c['experiment'] = experiment
c['subtitle'] = experiment.title
c['nav'] = [{'name': 'Data', 'link': '/experiment/view/'},
{'name': experiment.title,
'link': experiment.get_absolute_url()}]
c['authors'] = experiment.experimentauthor_set.all()
c['datafiles'] = \
DataFile.objects.filter(dataset__experiments=experiment_id)
c['owners'] = experiment.get_owners()
# calculate the sum of the datafile sizes
c['size'] = DataFile.sum_sizes(c['datafiles'])
c['has_download_permissions'] = \
authz.has_experiment_download_access(request, experiment_id)
c['has_write_permissions'] = \
authz.has_write_permissions(request, experiment_id)
if request.user.is_authenticated():
c['is_owner'] = authz.has_experiment_ownership(request, experiment_id)
_add_protocols_and_organizations(request, experiment, c)
if 'status' in request.GET:
c['status'] = request.GET['status']
if 'error' in request.GET:
c['error'] = request.GET['error']
return HttpResponse(render_response_index(request,
'tardis_portal/ajax/experiment_description.html', c))
def list_trips(request):
'''
List trips for driving data
'''
driving_admins = getattr(settings, 'DRIVING_ADMIN_GROUP',
default_settings.DRIVING_ADMIN_GROUP)
# Logged-in user needs to be a member of driving admin group
# or they need to be a superuser to view this page:
if not request.user.groups.filter(name=driving_admins).exists() and \
not request.user.is_superuser:
return return_response_error(request)
trips = []
driving_instrument_names = getattr(settings, 'DRIVING_INSTRUMENTS',
default_settings.DRIVING_INSTRUMENTS)
csv_dir_prefix = getattr(settings, 'DRIVING_CSV_DIR_PREFIX',
default_settings.DRIVING_CSV_DIR_PREFIX)
instruments = Instrument.objects.filter(name__in=driving_instrument_names)
datasets = Dataset.objects.filter(instrument__in=instruments)
for dataset in datasets:
exp = dataset.experiments.first()
study = exp.title
exp_id = exp.id
participant = dataset.description
dfs = DataFile.objects.filter(dataset=dataset,
directory__startswith=csv_dir_prefix,
filename__endswith='.csv')
for datafile in dfs:
with datafile.file_object as fileobj:
reader = csv.reader(fileobj)
rows = list(reader)
for row in rows:
if len(row) < 7:
continue
try:
trip_number = int(row[0])
except ValueError:
continue
trip = dict(exp_id=exp_id,
dataset_id=dataset.id,
study=study,
participant=participant,
number=trip_number,
start=row[1],
end=row[2],
duration=row[3],
distance=row[4])
trips.append(trip)
context = dict(trips=trips)
return render_response_index(request, 'trips.html', context)
def get(self, request, *args, **kwargs):
"""
View an existing experiment.
:param request: a HTTP Request instance
:type request: :class:`django.http.HttpRequest`
:param list args:
:param dict kwargs:
in kwargs: param int experiment_id: the ID of the experiment
:returns: an HttpResponse
:rtype: :class:`django.http.HttpResponse`
"""
experiment_id = kwargs.get('experiment_id', None)
if experiment_id is None:
return return_response_error(request)
try:
experiment = Experiment.safe.get(request.user, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
if not experiment:
return return_response_not_found(request)
view_override = self.find_custom_view_override(request, experiment)
if view_override is not None:
return view_override
c = self.get_context_data(request, experiment)
template_name = kwargs.get('template_name', None)
if template_name is None:
template_name = self.template_name
return HttpResponse(render_response_index(request,
template_name, c))
def _create_related_info(request, experiment_id):
if not authz.has_write_permissions(request, experiment_id):
return return_response_error(request)
form = RelatedInfoForm(json.loads(request.body))
if not form.is_valid():
return HttpResponse('', status=400)
ps = ExperimentParameterSet(experiment_id=experiment_id,
schema=_get_schema())
ps.save()
ParameterSetManager(ps).set_params_from_dict(form.cleaned_data)
return HttpResponse(json.dumps(_get_dict_from_ps(ps)),
content_type='application/json; charset=utf-8',
status=201)
def display_datafile_image(request, datafile_id, parameterset_id,
parameter_name):
# TODO handle not exist
if not authz.has_datafile_access(request, datafile_id):
return return_response_error(request)
image = DatafileParameter.objects.get(name__name=parameter_name,
parameterset=parameterset_id)
return HttpResponse(b64decode(image.string_value),
content_type='image/jpeg')
def _delete_related_info(request, experiment_id, related_info_id):
if not authz.has_write_permissions(request, experiment_id):
return return_response_error(request)
try:
ps = ExperimentParameterSet.objects.get(experiment_id=experiment_id,
id=related_info_id)
except ExperimentParameterSet.DoesNotExist:
return HttpResponse('', status=404)
obj = _get_dict_from_ps(ps)
ps.delete()
return HttpResponse(json.dumps(obj),
content_type='application/json; charset=utf-8')
def _create_related_info(request, experiment_id):
if not authz.has_write_permissions(request, experiment_id):
return return_response_error(request)
form = RelatedInfoForm(json.loads(request.body))
if not form.is_valid():
return HttpResponse('', status=400)
ps = ExperimentParameterSet(experiment_id=experiment_id,
schema=_get_schema())
ps.save()
ParameterSetManager(ps).set_params_from_dict(form.cleaned_data)
return HttpResponse(json.dumps(_get_dict_from_ps(ps)),
content_type='application/json; charset=utf-8',
status=201)
def wrap(*args, **kwargs):
# We find the request as either the first or second argument.
# This is so it can be used for the 'get' method on class-based
# views (where the first argument is 'self') and also with traditional
# view functions (where the first argument is the request).
# TODO: An alternative would be to create a mixin for the DatasetView
# and similar classes, like AccessRequiredMixin
request = args[0]
if not isinstance(request, HttpRequest):
request = args[1]
if not has_dataset_access(request, kwargs['dataset_id']):
return return_response_error(request)
return f(*args, **kwargs)
def index(request, experiment_id):
try:
experiment = Experiment.safe.get(request, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
c = Context({'experiment': experiment})
if authz.has_write_permissions(request, experiment_id):
template = 'related_info/index.html'
else:
template = 'related_info/index_ro.html'
return HttpResponse(render_response_index(request, template, c))
def wrap(request, *args, **kwargs):
from django.utils import timezone
session_id = request.POST.get(
'session_id',
request.COOKIES.get(settings.SESSION_COOKIE_NAME, None))
sessions = Session.objects.filter(pk=session_id)
if sessions and sessions[0].expire_date > timezone.now():
try:
request.user = User.objects.get(
pk=sessions[0].get_decoded()['_auth_user_id'])
except:
if request.is_ajax():
return HttpResponse("")
return return_response_error(request)
return f(request, *args, **kwargs)
def index(request, experiment_id):
logger.debug('aaa %s' % experiment_id)
try:
experiment = Experiment.safe.get(request.user, experiment_id)
except PermissionDenied:
return return_response_error(request)
except Experiment.DoesNotExist:
return return_response_not_found(request)
logger.debug('%s' % experiment)
c = {'experiment': experiment}
logger.debug('%s' % c)
template = 'mongoquery/index.html'
logger.debug('%s' % template)
return HttpResponse(render_response_index(request, template, c))
