def delete_extract(request):
user_id = authenticated_userid(request)
discussion_id = int(request.matchdict['discussion_id'])
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(
token, request.registry.settings['session.secret'])
if token:
user_id = token['userId']
if not user_id:
user_id = Everyone
if not user_has_permission(discussion_id, user_id, P_DELETE_EXTRACT):
return HTTPForbidden()
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
if not extract:
return {'ok': False}
with transaction.manager:
Extract.db.delete(extract)
return {'ok': True}
def delete_extract(request):
user_id = authenticated_userid(request)
discussion = request.context
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(token,
request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
permissions = get_permissions(user_id, discussion.id, extract)
if P_EDIT_EXTRACT not in permissions:
raise HTTPForbidden()
if not extract:
return HTTPNoContent()
# TODO: Tombstonable extracts???
extract.delete()
return HTTPNoContent()
def delete_extract(request):
user_id = authenticated_userid(request)
discussion_id = int(request.matchdict['discussion_id'])
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(
token, request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
if not (user_has_permission(discussion_id, user_id, P_EDIT_EXTRACT)
or (user_has_permission(discussion_id, user_id, P_EDIT_MY_EXTRACT)
and user_id == extract.owner_id)):
raise HTTPForbidden()
if not extract:
return HTTPNoContent()
with transaction.manager:
# TODO: Tombstonable extracts???
Extract.default_db.delete(extract)
request.response.status = HTTPNoContent.code
return HTTPNoContent()
def delete_extract(request):
user_id = request.authenticated_userid
discussion_id = int(request.matchdict['discussion_id'])
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(token,
request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
if not (user_has_permission(discussion_id, user_id, P_EDIT_EXTRACT) or
(user_has_permission(discussion_id, user_id, P_EDIT_MY_EXTRACT)
and user_id == extract.owner_id)):
raise HTTPForbidden()
if not extract:
return HTTPNoContent()
# TODO: Tombstonable extracts???
extract.delete()
return HTTPNoContent()
def put_extract(request):
"""
Updating an Extract
"""
extract_id = request.matchdict['id']
user_id = authenticated_userid(request)
updated_extract_data = json.loads(request.body)
extract = Extract.get_instance(extract_id)
if not extract:
raise HTTPNotFound("Extract with id '%s' not found." % extract_id)
extract.owner_id = user_id or get_database_id("User", extract.owner_id)
extract.order = updated_extract_data.get('order', extract.order)
idea_id = updated_extract_data.get('idIdea', None)
if idea_id:
idea = Idea.get_instance(idea_id)
if(idea.get_discussion_id() != extract.get_discussion_id()):
raise HTTPBadRequest(
"Extract from discussion %s cannot be associated with an idea from a different discussion." % extract.get_discussion_id())
extract.idea = idea
else:
extract.idea = None
Extract.db.add(extract)
#TODO: Merge ranges. Sigh.
return {'ok': True}
def get_extract(request):
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
view_def = request.GET.get('view') or 'default'
user_id = authenticated_userid(request) or Everyone
permissions = request.permissions
if extract is None:
raise HTTPNotFound("Extract with id '%s' not found." % extract_id)
return extract.generic_json(view_def, user_id, permissions)
def delete_extract(request):
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
if not extract:
return {'ok': False}
with transaction.manager:
Extract.db.delete(extract)
return {'ok': True}
def get_extract(request):
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
view_def = request.GET.get('view')
if extract is None:
raise HTTPNotFound(
"Extract with id '%s' not found." % extract_id)
if view_def:
return extract.generic_json(view_def)
else:
return extract.serializable()
def get_extract(request):
extract_id = request.matchdict['id']
extract = Extract.get_instance(extract_id)
view_def = request.GET.get('view') or 'default'
discussion_id = int(request.matchdict['discussion_id'])
user_id = authenticated_userid(request) or Everyone
permissions = get_permissions(user_id, discussion_id)
if extract is None:
raise HTTPNotFound(
"Extract with id '%s' not found." % extract_id)
return extract.generic_json(view_def, user_id, permissions)
def put_extract(request):
"""
Updating an Extract
"""
extract_id = request.matchdict['id']
user_id = authenticated_userid(request)
discussion = request.context
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(token,
request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
extract = Extract.get_instance(extract_id)
if not extract:
raise HTTPNotFound("Extract with id '%s' not found." % extract_id)
permissions = get_permissions(user_id, discussion.id, extract)
if P_EDIT_EXTRACT not in permissions:
raise HTTPForbidden()
updated_extract_data = json.loads(request.body)
extract.owner_id = user_id or AgentProfile.get_database_id(
extract.owner_id)
extract.order = updated_extract_data.get('order', extract.order)
extract.important = updated_extract_data.get('important',
extract.important)
idea_id = updated_extract_data.get('idIdea', None)
if idea_id:
idea = Idea.get_instance(idea_id)
if (idea.discussion != extract.discussion):
raise HTTPBadRequest(
"Extract from discussion %s cannot be associated with an idea from a different discussion."
% extract.get_discussion_id())
if not idea.has_permission_req(P_ASSOCIATE_EXTRACT):
raise HTTPForbidden("Cannot associate extact with this idea")
extract.idea = idea
else:
extract.idea = None
Extract.default_db.add(extract)
#TODO: Merge ranges. Sigh.
return {'ok': True}
def put_extract(request):
"""
Updating an Extract
"""
extract_id = request.matchdict['id']
user_id = request.authenticated_userid
discussion_id = int(request.matchdict['discussion_id'])
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(token,
request.registry.settings['session.secret'])
if token:
user_id = token['userId']
user_id = user_id or Everyone
updated_extract_data = json.loads(request.body)
extract = Extract.get_instance(extract_id)
if not extract:
raise HTTPNotFound("Extract with id '%s' not found." % extract_id)
if not (user_has_permission(discussion_id, user_id, P_EDIT_EXTRACT) or
(user_has_permission(discussion_id, user_id, P_EDIT_MY_EXTRACT)
and user_id == extract.owner_id)):
return HTTPForbidden()
extract.owner_id = user_id or get_database_id("User", extract.owner_id)
extract.order = updated_extract_data.get('order', extract.order)
extract.important = updated_extract_data.get('important',
extract.important)
idea_id = updated_extract_data.get('idIdea', None)
if idea_id:
idea = Idea.get_instance(idea_id)
if (idea.discussion != extract.discussion):
raise HTTPBadRequest(
"Extract from discussion %s cannot be associated with an idea from a different discussion."
% extract.get_discussion_id())
extract.idea = idea
else:
extract.idea = None
Extract.default_db.add(extract)
#TODO: Merge ranges. Sigh.
return {'ok': True}
def put_extract(request):
"""
Updating an Extract
"""
extract_id = request.matchdict['id']
user_id = authenticated_userid(request)
discussion_id = int(request.matchdict['discussion_id'])
if not user_id:
# Straight from annotator
token = request.headers.get('X-Annotator-Auth-Token')
if token:
token = decode_token(
token, request.registry.settings['session.secret'])
if token:
user_id = token['userId']
if not user_id:
user_id = Everyone
updated_extract_data = json.loads(request.body)
extract = Extract.get_instance(extract_id)
if not extract:
raise HTTPNotFound("Extract with id '%s' not found." % extract_id)
if not (user_has_permission(discussion_id, user_id, P_EDIT_EXTRACT)
or (user_has_permission(discussion_id, user_id, P_EDIT_MY_EXTRACT)
and user_id == extract.owner_id)):
return HTTPForbidden()
extract.owner_id = user_id or get_database_id("User", extract.owner_id)
extract.order = updated_extract_data.get('order', extract.order)
extract.important = updated_extract_data.get('important', extract.important)
idea_id = updated_extract_data.get('idIdea', None)
if idea_id:
idea = Idea.get_instance(idea_id)
if(idea.discussion != extract.discussion):
raise HTTPBadRequest(
"Extract from discussion %s cannot be associated with an idea from a different discussion." % extract.get_discussion_id())
extract.idea = idea
else:
extract.idea = None
Extract.db.add(extract)
#TODO: Merge ranges. Sigh.
return {'ok': True}
