def user(request): decrypted = booleanize(request.REQUEST.get('decrypted', False)) accepted_scopes = set(['connector_raw.all_data', 'connector_raw.all_data_researcher']) auth = authorization_manager.authenticate_token(request) if 'error' in auth: log.error(audit.message(request, auth)) return HttpResponse(json.dumps(auth), status=401) auth_scopes = set([x for x in auth['scope']]) if len(accepted_scopes & auth_scopes) == 0: log.error(audit.message(request, {'error':'token not authorized for any accepted scope %s'%str(list(accepted_scopes))})) return HttpResponse(json.dumps({'error':'token not authorized for any accepted scope %s'%str(list(accepted_scopes))}), status=401) is_researcher = False for s in auth_scopes: if s == 'connector_raw.all_data_researcher': is_researcher = True users_to_return = buildUsersToReturn(auth['user'], request, is_researcher = is_researcher) roles = [] try: roles = [x.role for x in UserRole.objects.get(user=auth['user']).roles.all()] except: pass own_data = False if len(users_to_return) == 1 and users_to_return[0] == auth['user'].username: own_data = True return userBuild(request, users_to_return, decrypted = decrypted, own_data = own_data, roles = roles)
def upload(request): auth = authorization_manager.authenticate_token(request, 'connector_questionnaire.input_form_data') if 'error' in auth: return HttpResponse(json.dumps(auth), status=401) user = auth['user'] roles = None try: roles = [x.role for x in UserRole.objects.get(user=user).roles.all()] except: pass doc = urllib.unquote(request.REQUEST.get('doc')) doc = json.loads(doc) doc['user'] = user.username probe = 'dk_dtu_compute_questionnaire' backup.backupValue(data=doc, probe=probe, user=user.username) database_helper = db_wrapper.DatabaseHelper() try: doc_id = database_helper.insert(doc, collection=probe, roles=roles) except pymongo.errors.DuplicateKeyError: doc_id = '00' return HttpResponse(json.dumps({'ok':str(doc_id)}), status=200)
def researchers(request): # authenticate the request auth = authorization_manager.authenticate_token(request) if 'error' in auth: response = { 'meta': { 'status': { 'status': 'error', 'code': 401, 'desc': auth['error'] } } } log.error(message(request, response)) return HttpResponse(json.dumps(response), status=401, content_type="application/json") db = database.AuditDB() docs = db.get_agg_accesses_researcher() return HttpResponse(json.dumps(docs), content_type="application/json", status=200)
def endpoint(request, answer): accepted_scopes = [] try: for a in ConnectorAnswerEndpoint.objects.filter(active=True): if answer.split('/')[0] == a.question and answer.split('/')[1] == a.answer: accepted_scopes = [x.scope for x in a.scopes.all()] exec('from questions.available_questions import '+a.question) method = eval(a.question+'.'+a.answer) except: response = {"error":"no such answer installed"} return HttpResponse(json.dumps(response), status=401, content_type="application/json") if len(accepted_scopes) == 0: response = {"error":"no such answer installed or is not configured properly"} return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth = authorization_manager.authenticate_token(request) if 'error' in auth: response = {'meta':{'status':{'status':'error','code':401,'desc':auth['error']}}} return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth_scopes = set([x for x in auth['scope']]) if len(set(accepted_scopes) & auth_scopes) == 0: response = {'meta':{'status':{'status':'error','code':401,'desc':'token not authorized for any accepted scope %s'%str(list(accepted_scopes))}}} return HttpResponse(json.dumps(response), status=401, content_type="application/json") is_researcher = False for s in auth_scopes: #TODO or any of the accepted 'researcher' scopes if s == 'connector_raw.all_data_researcher': is_researcher = True users_to_return = buildUsersToReturn(auth['user'], request, is_researcher = is_researcher) user_roles = [] try: user_roles = [x.role for x in UserRole.objects.get(user=auth['user']).roles.all()] except: pass own_data = False if len(users_to_return) == 1 and users_to_return[0] == auth['user'].username: own_data = True response = method(request=request, user=auth['user'], scopes=auth_scopes, users_to_return=users_to_return, user_roles=user_roles, own_data = own_data) if request.GET.get('format', None) == 'pretty': return render_to_response('pretty_json.html', {'response': json.dumps(response, indent=2)}) if request.GET.get('format', None) == 'csv': return HttpResponse(response, status=200, content_type="text/plain") return HttpResponse(json.dumps(response), status=200, content_type="application/json")
def accesses(request): # authenticate the request auth = authorization_manager.authenticate_token(request) if 'error' in auth: response = {'meta':{'status':{'status':'error','code':401,'desc':auth['error']}}} log.error(message(request, response)) return HttpResponse(json.dumps(response), status=401, content_type="application/json") db = database.AuditDB() docs = db.get_agg_accesses_researcher_for_user(request.user.username) return HttpResponse(json.dumps(docs), content_type="application/json", status=200)
def upload(request): auth = authorization_manager.authenticate_token(request) if 'error' in auth: return HttpResponse(json.dumps(auth), status=401) user = auth['user'] database = Database() doc = urllib.unquote(request.REQUEST.get('doc')) doc = json.loads(doc) doc['user'] = user.username doc_id = database.insert(doc, collection='questionnaire') return HttpResponse(json.dumps({'ok':str(doc_id)}), status=200)
def upload(request): auth = authorization_manager.authenticate_token(request, 'connector_questionnaire.input_form_data') if 'error' in auth: return HttpResponse(json.dumps(auth), status=401) user = auth['user'] database = Database() doc = urllib.unquote(request.REQUEST.get('doc')) doc = json.loads(doc) doc['user'] = user.username doc_id = database.insert(doc, collection='questionnaire') return HttpResponse(json.dumps({'ok':str(doc_id)}), status=200)
def get_data(request, probe_settings): decrypted = booleanize(request.REQUEST.get("decrypted", False)) if decrypted: accepted_scopes = set([probe_settings["scope"], "connector_raw.all_data"]) else: accepted_scopes = set([probe_settings["scope"], "connector_raw.all_data", "connector_raw.all_data_researcher"]) auth = authorization_manager.authenticate_token(request) if "error" in auth: response = {"meta": {"status": {"status": "error", "code": 401, "desc": auth["error"]}}} return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth_scopes = set([x for x in auth["scope"]]) if len(accepted_scopes & auth_scopes) == 0: response = { "meta": { "status": { "status": "error", "code": 401, "desc": "token not authorized for any accepted scope %s" % str(list(accepted_scopes)), } } } return HttpResponse(json.dumps(response), status=401) if "dummy" in request.REQUEST.keys(): return HttpResponse("[]", content_type="application/json") is_researcher = False for s in auth_scopes: if s == "connector_raw.all_data_researcher": is_researcher = True users_to_return = buildUsersToReturn(auth["user"], request, is_researcher=is_researcher) roles = [] try: roles = [x.role for x in UserRole.objects.get(user=auth["user"]).roles.all()] except: pass own_data = False if len(users_to_return) == 1 and users_to_return[0] == auth["user"].username: own_data = True return dataBuild(request, probe_settings, users_to_return, decrypted=decrypted, own_data=own_data, roles=roles)
def get_data(request, probe_settings): decrypted = booleanize(request.REQUEST.get('decrypted', False)) if decrypted: accepted_scopes = set([probe_settings['scope'], 'connector_raw.all_data']) else: accepted_scopes = set([probe_settings['scope'], 'connector_raw.all_data', 'connector_raw.all_data_researcher']) auth = authorization_manager.authenticate_token(request) if 'error' in auth: response = {'meta':{'status':{'status':'error','code':401,'desc':auth['error']}}} log.error(audit.message(request, response)) return HttpResponse(json.dumps(response), status=401, content_type="application/json") if probe_settings['collection'] == 'grades' and auth['user'] not in SECURE_settings: response = {'meta':{'status':{'status':'error','code':401,'desc':'Not allowed to view grades data.'}}} log.error(audit.message(request, response)) return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth_scopes = set([x for x in auth['scope']]) if len(accepted_scopes & auth_scopes) == 0: response = {'meta':{'status':{'status':'error','code':401,'desc':'token not authorized for any accepted scope %s'%str(list(accepted_scopes))}}} log.error(audit.message(request, response)) return HttpResponse(json.dumps(response), status=401) if ('dummy' in request.REQUEST.keys()): return HttpResponse('[]', content_type="application/json") is_researcher = False for s in auth_scopes: if s == 'connector_raw.all_data_researcher': is_researcher = True users_to_return = buildUsersToReturn(auth['user'], request, is_researcher = is_researcher) roles = [] try: roles = [x.role for x in UserRole.objects.get(user=auth['user']).roles.all()] except: pass own_data = False if len(users_to_return) == 1 and users_to_return[0] == auth['user'].username: own_data = True return dataBuild(request, probe_settings, users_to_return, decrypted = decrypted, own_data = own_data, roles = roles)
def bluetooth(request): decrypted = booleanize(request.REQUEST.get('decrypted', False)) if decrypted: accepted_scopes = set(['connector_raw.bluetooth', 'connector_raw.all_data']) else: accepted_scopes = set(['connector_raw.bluetooth', 'connector_raw.all_data', 'connector_raw.all_data_researcher']) auth = authorization_manager.authenticate_token(request) if 'error' in auth: response = {'meta':{'status':{'status':'error','code':401,'desc':auth['error']}}} return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth_scopes = set([x for x in auth['scope']]) if len(accepted_scopes & auth_scopes) == 0: response = {'meta':{'status':{'status':'error','code':401,'desc':'token not authorized for any accepted scope %s'%str(list(accepted_scopes))}}} return HttpResponse(json.dumps(response), status=401) if ('dummy' in request.REQUEST.keys()): return HttpResponse('[]', content_type="application/json") is_researcher = False for s in auth_scopes: if s == 'connector_raw.all_data_researcher': is_researcher = True users_to_return = buildUsersToReturn(auth['user'], request, is_researcher = is_researcher) #return HttpResponse(str((users_to_return)) + ', ' + str(is_researcher)) roles = [] try: roles = [x.role for x in UserRole.objects.get(user=auth['user']).roles.all()] except: pass own_data = False if len(users_to_return) == 1 and users_to_return[0] == auth['user'].username: own_data = True return bluetoothBuild(request, users_to_return, decrypted = decrypted, own_data = own_data, roles = roles)
def on_post(request): if request.method != 'POST': return HttpResponse(content='POST only', status=400) auth = authorization_manager.authenticate_token(request) if 'error' in auth or not auth.get('user'): return HttpResponse(content='authentication failed', status=401) user = auth['user'] try: roles = [x.role for x in UserRole.objects.get(user=auth['user']).roles.all()] except: roles = [] try: appid = request.REQUEST['appid'] events = json.loads(request.REQUEST['events']) if len(events) == 0 or len(events) > 1000: return HttpResponse(content='malformed request', status=400) rows = [] for e in events: rows.append({'appid': appid, 'user': user, 'timestamp': dateutils.epoch_to_mysql_string(e[0]), 'event': e[1]}) except Exception as e: log.error({'type': 'connector_usage', 'message': str(e)}) return HttpResponse(content='malformed request', status=400) db.insert_rows(rows, 'app_usage_statistics', roles=roles) return HttpResponse('success')
def endpoint(request, answer): accepted_scopes = [] try: for a in ConnectorAnswerEndpoint.objects.filter(active=True): if answer.split('/')[0] == a.question and answer.split( '/')[1] == a.answer: accepted_scopes = [x.scope for x in a.scopes.all()] exec('from questions.available_questions import ' + a.question) method = eval(a.question + '.' + a.answer) except: response = {"error": "no such answer installed"} return HttpResponse(json.dumps(response), status=401, content_type="application/json") if len(accepted_scopes) == 0: response = { "error": "no such answer installed or is not configured properly" } return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth = authorization_manager.authenticate_token(request) if 'error' in auth: response = { 'meta': { 'status': { 'status': 'error', 'code': 401, 'desc': auth['error'] } } } return HttpResponse(json.dumps(response), status=401, content_type="application/json") auth_scopes = set([x for x in auth['scope']]) if len(set(accepted_scopes) & auth_scopes) == 0: response = { 'meta': { 'status': { 'status': 'error', 'code': 401, 'desc': 'token not authorized for any accepted scope %s' % str(list(accepted_scopes)) } } } return HttpResponse(json.dumps(response), status=401, content_type="application/json") is_researcher = False for s in auth_scopes: #TODO or any of the accepted 'researcher' scopes if s == 'connector_raw.all_data_researcher': is_researcher = True users_to_return = buildUsersToReturn(auth['user'], request, is_researcher=is_researcher) user_roles = [] try: user_roles = [ x.role for x in UserRole.objects.get(user=auth['user']).roles.all() ] except: pass own_data = False if len(users_to_return ) == 1 and users_to_return[0] == auth['user'].username: own_data = True response = method(request=request, user=auth['user'], scopes=auth_scopes, users_to_return=users_to_return, user_roles=user_roles, own_data=own_data) if request.GET.get('format', None) == 'pretty': return render_to_response('pretty_json.html', {'response': json.dumps(response, indent=2)}) if request.GET.get('format', None) == 'csv': return HttpResponse(response, status=200, content_type="text/plain") return HttpResponse(json.dumps(response), status=200, content_type="application/json")