def edit_metadata(request, share, subpath): try: if share.get_path_type(subpath) is None: raise Exception( 'The specified file or folder does not exist in this share.') metadata = MetaData.objects.get_or_create(share=share, subpath=subpath)[0] form = MetaDataForm(request.POST if request.method == 'POST' else request.GET) data = json_form_validate(form) if not form.is_valid(): return json_response(data) #return json_error(form.errors) tags = [] for tag in form.cleaned_data['tags'].split(','): tag = tag.strip() if len(tag) > 2: tags.append(Tag.objects.get_or_create(name=tag)[0]) metadata.tags = tags metadata.notes = form.cleaned_data['notes'] metadata.save() name = os.path.basename(os.path.normpath(subpath)) return json_response({ 'name': name, 'notes': metadata.notes, 'tags': [tag.name for tag in tags] }) except Exception, e: return json_error([str(e)])
def get_group(request): query = request.GET.get('query') try: group = Group.objects.get(name=query) return json_response({'group':{'name':group.name}}) except Exception, e: return json_error([e.message])
def list_directory(request,share,subdir=None): if not share.check_path(subdir=subdir): return render(request,'error.html', {"message": "Unable to locate the files. It is possible that the directory has been moved, renamed, or deleted.","share":share,"subdir":subdir}) files,directories = list_share_dir(share,subdir=subdir,ajax=request.is_ajax()) print files if request.is_ajax(): return json_response({'files':files,'directories':directories.values()}) #Find any shares that point at this directory for s in Share.user_queryset(request.user).filter(real_path__in=directories.keys()).exclude(id=share.id): directories[s.real_path]['share']=s share_perms = share.get_user_permissions(request.user) PATH = share.get_path() subshare = None if subdir is not None: PATH = os.path.join(PATH,subdir) subshare = Share.objects.filter(parent=share,sub_directory=subdir).first() owner = request.user == share.owner all_perms = share.get_permissions(user_specific=True) shared_users = all_perms['user_perms'].keys() shared_groups = [g['group']['name'] for g in all_perms['group_perms']] emails = sorted([u.email for u in share.get_users_with_permissions()]) readme = None #The following block is for markdown rendering if os.path.isfile(os.path.join(PATH,'README.md')): import markdown input_file = codecs.open(os.path.join(PATH,'README.md'), mode="r", encoding="utf-8") text = input_file.read() readme = markdown.markdown(text,extensions=['fenced_code','tables','nl2br']) download_base = reverse('download_file',kwargs={'share':share.id,'subpath':subdir if subdir else ''}) readme = re.sub(r'src="(?!http)',r'src="{0}'.format(download_base),readme) return render(request,'list.html', {"session_cookie":request.COOKIES.get('sessionid'),"files":files,"directories":directories.values(),"path":PATH,"share":share,"subshare":subshare,"subdir": subdir,'rsync_url':get_setting('RSYNC_URL',None),'HOST':get_setting('HOST',None),'SFTP_PORT':get_setting('SFTP_PORT',None),"folder_form":FolderForm(),"metadata_form":MetaDataForm(), "rename_form":RenameForm(),"request":request,"owner":owner,"share_perms":share_perms,"all_perms":all_perms,"share_perms_json":json.dumps(share_perms),"shared_users":shared_users,"shared_groups":shared_groups,"emails":emails, "readme":readme})
def share_with(request,share): query = request.POST.get('query',request.GET.get('query')) exists = [] new_users = [] groups = [] invalid = [] try: emails = [email.strip().lower() for email in query.split(',')] for email in emails: if email == '': continue if email.startswith('group:'): name = email.split('group:')[1].lower() try: group = Group.objects.get(name__iexact=name) groups.append({'group':{'id':group.id,'name':group.name}}) except: invalid.append(name) elif validate_email(email): try: user = User.objects.get(email=email) exists.append({'user':{'username':email}}) except: new_users.append({'user':{'username':email}}) else: invalid.append(email) return json_response({'exists':exists, 'groups':groups,'new_users':new_users,'invalid':invalid}) except Exception, e: return json_error([e.message])
def get_address_book(request): try: emails = User.objects.filter(shareuserobjectpermission__content_object__in=Share.objects.filter(owner=request.user).values_list('id')).values_list('email').distinct().order_by('email') groups = Group.objects.all().order_by('name') return json_response({'emails':[email[0] for email in emails], 'groups':[g.name for g in groups]}) except Exception, e: return json_error([e.message])
def share_with(request,share): query = request.POST.get('query',request.GET.get('query')) exists = [] new_users = [] groups = [] invalid = [] try: emails = [email.strip() for email in query.split(',')] for email in emails: if email == '': continue if email.startswith('Group:'): name = email.split('Group:')[1] try: group = Group.objects.get(name=name) groups.append({'group':{'id':group.id,'name':group.name}}) except: invalid.append(name) elif validate_email(email): try: user = User.objects.get(email=email) exists.append({'user':{'username':email}}) except: new_users.append({'user':{'username':email}}) else: invalid.append(email) return json_response({'exists':exists, 'groups':groups,'new_users':new_users,'invalid':invalid}) except Exception, e: return json_error([e.message])
def get_address_book(request): try: emails = fetchall("SELECT u.email FROM biosharex.guardian_userobjectpermission p join auth_user u on p.user_id = u.id where object_pk in (select id from bioshareX_share where owner_id = %d) group by email;" % int(request.user.id)) groups = Group.objects.all() return json_response({'emails':[email[0] for email in emails], 'groups':[g.name for g in groups]}) except Exception, e: return json_error([e.message])
def email_participants(request, share, subdir=None): try: subject = request.POST.get('subject') emails = request.POST.getlist('emails', []) users = [ u for u in get_users_with_perms(share, attach_perms=False, with_superusers=False, with_group_users=True) ] if len(emails) > 0: users = [ u for u in User.objects.filter( id__in=[u.id for u in users]).filter(email__in=emails) ] body = request.POST.get('body') users.append(share.owner) email_users(users, ctx_dict={}, subject=subject, body=body, from_email=request.user.email, content_subtype='plain') response = {'status': 'success', 'sent_to': [u.email for u in users]} return json_response(response) except Exception, e: return JsonResponse({'errors': [str(e)]}, status=400)
def share_autocomplete(request): terms = [term.strip() for term in request.GET.get('query').split()] query = reduce(lambda q,value: q&Q(name__icontains=value), terms , Q()) try: share_objs = Share.user_queryset(request.user).filter(query).order_by('-created')[:10] shares = [{'id':s.id,'url':reverse('list_directory',kwargs={'share':s.id}),'name':s.name,'notes':s.notes} for s in share_objs] return json_response({'status':'success','shares':shares}) except Exception, e: return json_error([e.message])
def search_share(request,share,subdir=None): from bioshareX.utils import find query = request.GET.get('query',False) response={} if query: response['results'] = find(share,"*%s*"%query,subdir) else: response = {'status':'error'} return json_response(response)
def email_participants(request,share,subdir=None): try: subject = request.POST.get('subject') body = request.POST.get('body') users = [u for u in get_users_with_perms(share, attach_perms=False, with_superusers=False, with_group_users=True)] users.append(share.owner) email_users(users, ctx_dict={}, subject=subject, body=body,from_email=request.user.email) response = {'status':'success','sent_to':[u.email for u in users]} return json_response(response) except Exception, e: return JsonResponse({'errors':[str(e)]},status=400)
def edit_metadata(request, share, subpath): try: if share.get_path_type(subpath) is None: raise Exception('The specified file or folder does not exist in this share.') metadata = MetaData.objects.get_or_create(share=share, subpath=subpath)[0] form = MetaDataForm(request.POST if request.method == 'POST' else request.GET) data = json_form_validate(form) if not form.is_valid(): return json_response(data)#return json_error(form.errors) tags = [] for tag in form.cleaned_data['tags'].split(','): tag = tag.strip() if len(tag) >2 : tags.append(Tag.objects.get_or_create(name=tag)[0]) metadata.tags = tags metadata.notes = form.cleaned_data['notes'] metadata.save() name = os.path.basename(os.path.normpath(subpath)) return json_response({'name':name,'notes':metadata.notes,'tags':[tag.name for tag in tags]}) except Exception, e: return json_error([str(e)])
def list_directory(request,share,subdir=None): if not share.check_path(): return render(request,'index.html', {"message": "Unable to locate the files for this share. Please contact the site administrator."}) from os import listdir, stat from os.path import isfile, join, getsize, normpath import time, datetime PATH = share.get_path() subshare = None if subdir is not None: PATH = join(PATH,subdir) subshare = Share.objects.filter(parent=share,sub_directory=subdir).first() share_perms = share.get_user_permissions(request.user) if not share.secure: share_perms = list(set(share_perms+['view_share_files','download_share_files'])) file_list=[] directories={} regex = r'^%s[^/]+/?' % '' if subdir is None else normpath(subdir)+'/' metadatas = {} for md in MetaData.objects.filter(share=share,subpath__regex=regex): metadatas[md.subpath]= md if not request.is_ajax() else md.json() for name in listdir(PATH): path = join(PATH,name) subpath= name if subdir is None else join(subdir,name) # metadata = MetaData.get_or_none(share=share,subpath=subpath) metadata = metadatas[subpath] if metadatas.has_key(subpath) else {} if isfile(path): (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) = stat(path) file={'name':name,'extension':name.split('.').pop() if '.' in name else None,'size':sizeof_fmt(size),'bytes':size,'modified':datetime.datetime.fromtimestamp(mtime).strftime("%m/%d/%Y %I:%M %p"),'metadata':metadata,'isText':istext(path)} file_list.append(file) else: (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) = stat(path) dir={'name':name,'size':getsize(path),'metadata':metadata,'modified':datetime.datetime.fromtimestamp(mtime).strftime("%m/%d/%Y %I:%M %p")} directories[os.path.realpath(path)]=dir if request.is_ajax(): return json_response({'files':file_list,'directories':directories.values()}) #Find any shares that point at this directory print directories.keys() for s in Share.user_queryset(request.user).filter(real_path__in=directories.keys()).exclude(id=share.id): directories[s.real_path]['share']=s owner = request.user == share.owner all_perms = share.get_permissions(user_specific=True) shared_users = all_perms['user_perms'].keys() shared_groups = [g['group']['name'] for g in all_perms['group_perms']] ftp_user = ShareFTPUser.objects.filter(share=share,user__isnull=True).first() or ShareFTPUser.objects.filter(share=share,user=request.user).first() return render(request,'list.html', {"session_cookie":request.COOKIES.get('sessionid'),"files":file_list,"directories":directories.values(),"path":PATH,"share":share,"subshare":subshare,"subdir": subdir,'rsync_url':get_setting('RSYNC_URL',None),'HOST':get_setting('HOST',None),'SFTP_PORT':get_setting('SFTP_PORT',None),"folder_form":FolderForm(),"metadata_form":MetaDataForm(), "rename_form":RenameForm(),"request":request,"owner":owner,"share_perms":share_perms,"all_perms":all_perms,"share_perms_json":json.dumps(share_perms),"shared_users":shared_users,"shared_groups":shared_groups,'ftp_user':ftp_user})
def update_share(request,share,json=None): share.secure = json['secure'] share.save() ShareFTPUser.update_share_ftp_users(share) return json_response({'status':'okay'})
# subprocess.check_call(command) f = open(AUTHORIZED_KEYS_FILE,"r") lines = f.readlines() f.close() f = open(AUTHORIZED_KEYS_FILE,"w") for line in lines: if line.find(keystring) ==-1: f.write(line) f.close() # subprocess.call(['/bin/chmod','400',AUTHORIZED_KEYS_FILE]) key.delete() SSHKey.objects.filter(key__contains=keystring).delete() response = {'status':'success','deleted':id} except Exception, e: response = {'status':'error','message':'Unable to delete ssh key'+str(e)} return json_response(response) """ Requires: "name", "notes", "filesystem" arguments. Optional: "link_to_path", "read_only" """ @api_view(['POST']) @permission_required('bioshareX.add_share', return_403=True) def create_share(request): form = ShareForm(request.user,request.data) if form.is_valid(): share = form.save(commit=False) share.owner=request.user link_to_path = request.data.get('link_to_path',None) if link_to_path:
def get_tags(request): try: tags = Tag.objects.filter(name__icontains=request.GET.get('tag')) return json_response({'tags':[tag.name for tag in tags]}) except Exception, e: return json_error([e.message])
def get_permissions(request,share): data = share.get_permissions(user_specific=True) return json_response(data)
def set_permissions(request,share,json=None): from smtplib import SMTPException emailed=[] created=[] failed=[] # if not request.user.has_perm('admin',share): # return json_response({'status':'error','error':'You do not have permission to write to this share.'}) if json.has_key('groups'): for group, permissions in json['groups'].iteritems(): g = Group.objects.get(id=group) current_perms = get_perms(g,share) removed_perms = list(set(current_perms) - set(permissions)) added_perms = list(set(permissions) - set(current_perms)) for u in g.user_set.all(): if len(share.get_user_permissions(u,user_specific=True)) == 0 and len(added_perms) > 0 and json['email']: email_users([u],'share/share_subject.txt','share/share_email_body.txt',{'user':u,'share':share,'sharer':request.user,'site_url':SITE_URL}) emailed.append(u.username) for perm in removed_perms: remove_perm(perm,g,share) for perm in added_perms: assign_perm(perm,g,share) if json.has_key('users'): for username, permissions in json['users'].iteritems(): try: u = User.objects.get(username=username) if len(share.get_user_permissions(u,user_specific=True)) == 0 and json['email']: try: email_users([u],'share/share_subject.txt','share/share_email_body.txt',{'user':u,'share':share,'sharer':request.user,'site_url':SITE_URL}) emailed.append(username) except: failed.append(username) except: if len(permissions) > 0: password = User.objects.make_random_password() u = User(username=username,email=username) u.set_password(password) u.save() try: email_users([u],'share/share_subject.txt','share/share_new_email_body.txt',{'user':u,'password':password,'share':share,'sharer':request.user,'site_url':SITE_URL}) created.append(username) except: failed.append(username) u.delete() current_perms = share.get_user_permissions(u,user_specific=True) print 'CURRENT' print current_perms print 'PERMISSIONS' print permissions removed_perms = list(set(current_perms) - set(permissions)) added_perms = list(set(permissions) - set(current_perms)) print 'ADDING: ' print added_perms print 'REMOVING: ' print removed_perms for perm in removed_perms: if u.username not in failed: remove_perm(perm,u,share) for perm in added_perms: if u.username not in failed: assign_perm(perm,u,share) data = share.get_permissions(user_specific=True) data['messages']=[] if len(emailed) > 0: data['messages'].append({'type':'info','content':'%s has/have been emailed'%', '.join(emailed)}) if len(created) > 0: data['messages'].append({'type':'info','content':'Accounts has/have been created and emails have been sent to the following email addresses: %s'%', '.join(created)}) if len(failed) > 0: data['messages'].append({'type':'info','content':'Delivery has failed to the following addresses: %s'%', '.join(failed)}) data['json']=json ShareFTPUser.update_share_ftp_users(share) return json_response(data)
def set_permissions(request,share,json=None): from smtplib import SMTPException emailed=[] created=[] failed=[] # if not request.user.has_perm('admin',share): # return json_response({'status':'error','error':'You do not have permission to write to this share.'}) if json.has_key('groups'): for group, permissions in json['groups'].iteritems(): g = Group.objects.get(id__iexact=group) current_perms = get_perms(g,share) removed_perms = list(set(current_perms) - set(permissions)) added_perms = list(set(permissions) - set(current_perms)) for u in g.user_set.all(): if len(share.get_user_permissions(u,user_specific=True)) == 0 and len(added_perms) > 0 and json['email']: email_users([u],'share/share_subject.txt','share/share_email_body.txt',{'user':u,'share':share,'sharer':request.user,'site_url':SITE_URL}) emailed.append(u.username) for perm in removed_perms: remove_perm(perm,g,share) for perm in added_perms: assign_perm(perm,g,share) if json.has_key('users'): for username, permissions in json['users'].iteritems(): username = username.lower() try: u = User.objects.get(username__iexact=username) if len(share.get_user_permissions(u,user_specific=True)) == 0 and json['email']: try: email_users([u],'share/share_subject.txt','share/share_email_body.txt',{'user':u,'share':share,'sharer':request.user,'site_url':SITE_URL}) emailed.append(username) except: failed.append(username) except: if len(permissions) > 0: password = User.objects.make_random_password() u = User(username=username,email=username) u.set_password(password) u.save() try: email_users([u],'share/share_subject.txt','share/share_new_email_body.txt',{'user':u,'password':password,'share':share,'sharer':request.user,'site_url':SITE_URL}) created.append(username) except: failed.append(username) u.delete() current_perms = share.get_user_permissions(u,user_specific=True) print 'CURRENT' print current_perms print 'PERMISSIONS' print permissions removed_perms = list(set(current_perms) - set(permissions)) added_perms = list(set(permissions) - set(current_perms)) print 'ADDING: ' print added_perms print 'REMOVING: ' print removed_perms for perm in removed_perms: if u.username not in failed: remove_perm(perm,u,share) for perm in added_perms: if u.username not in failed: assign_perm(perm,u,share) data = share.get_permissions(user_specific=True) data['messages']=[] if len(emailed) > 0: data['messages'].append({'type':'info','content':'%s has/have been emailed'%', '.join(emailed)}) if len(created) > 0: data['messages'].append({'type':'info','content':'Accounts has/have been created and emails have been sent to the following email addresses: %s'%', '.join(created)}) if len(failed) > 0: data['messages'].append({'type':'info','content':'Delivery has failed to the following addresses: %s'%', '.join(failed)}) data['json']=json return json_response(data)
def update_share(request,share,json=None): share.secure = json['secure'] share.save() return json_response({'status':'okay'})