def get_filters():
filters = {}
if is_anonymous():
filters['delay'] = request.args.get('d', 1) == 1
else:
filters['delay'] = request.args.get('d', 0) == 1
if is_anonymous() or current_user.role not in ['validation', 'admin']:
filters['use_validation'] = [False]
if request.args.get('southWestBounds') is not None and request.args.get(
'northEastBounds') is not None:
filters['northEastBounds'] = request.args.get('northEastBounds')
filters['southWestBounds'] = request.args.get('southWestBounds')
if request.args.get('ndvi_limit_upper') is not None and request.args.get(
'ndvi_limit_lower') is not None:
filters['ndvi_limit_upper'] = request.args.get('ndvi_limit_upper')
filters['ndvi_limit_lower'] = request.args.get('ndvi_limit_lower')
if len(filters['ndvi_limit_upper'].split(',')) != 23 or len(
filters['ndvi_limit_lower'].split(',')) != 23:
raise FieldError(description="Invalid Array Bounds Length")
for name, column in categorical_columns.iteritems():
values = request.args.getlist(name)
if values:
filters[name] = values
return filters
def image_view():
"""
This view allows users to upload photos of locations from their mobile device.
"""
# get the accompanying data
data = request.form
for field in ['location_id', 'lat', 'lon', 'date_acquired']:
if field not in data:
print "missing %s" % field
raise BadRequest(description='Image requires %s.' % field)
if 'file' in request.files and request.files['file'] is not None:
# get the file from the request object
f = request.files['file']
# sanitize the file name
filename = secure_filename(f.filename)
# check that file type is allowed NAIVE check
if not allowed_file(filename):
print "bad file type"
raise BadRequest('Bad File Type')
# get file for processing and uploading
f_io = cStringIO.StringIO()
f.save(dst=f_io)
# create key for file
url = 'images/mobile/' + str(uuid.uuid4()) + '.jpg'
# upload image to s3 bucket
upload_image(f_io, encoded_image=False, filename=url)
elif 'url' in data:
url = data['url']
else:
raise BadRequest(description='Not enough data')
# save to database
image = Image(location_id=data['location_id'], lat=data['lat'], lon=data['lon'],
url=url,
date_acquired=data['date_acquired'])
# get the user from the token
if not is_anonymous():
image.user_id = current_user.id
if 'source' in data:
image.source = data['source']
db.session.add(image)
db.session.commit()
return jsonify(to_dict(image)), 201
def check_for_me(data=None, **kwargs):
"""
:param data:
:param kwargs:
:return: None
"""
if is_anonymous():
raise Unauthorized(description="Must send token.")
if kwargs['instance_id'] == 'me':
kwargs['instance_id'] = current_user.id
def cannot_edit_other_user_rating(data=None, **kwargs):
"""
This function raises an exception is a user tries to edit another user's rating.
:param data: rating
:param kwargs: catch all
:return: None
"""
if is_anonymous():
raise Unauthorized(description="Cannot change another user's rating.")
rating = RecordRating.query.filter_by(
id=int(kwargs['instance_id'])).first()
if current_user.id != rating.user_id:
raise Unauthorized(description="Cannot change another user's rating.")
def can_edit_the_user(data=None, **kwargs):
"""
Determines if the current user can modify the specified user account.
:param data:
:param kwargs:
:return: None
"""
if is_anonymous():
raise Unauthorized()
if hasattr(current_user, 'id') and current_user.id == int(
kwargs['instance_id']):
return
if verify_role('admin'):
return
raise Unauthorized()
def add_user_to_posted_data(data=None, **kwargs):
"""
Appends user_id to data if user is not none.
:param data: data from api endpoint
:param kwargs:
:return: None
"""
if not is_anonymous():
data['user_id'] = current_user.id
#TODO Improve method of applying user_id to sub models
# perhaps using get_related_model? looping through entities of array?
if 'records' in data:
for record in data['records']:
record['user_id'] = current_user.id
if 'images' in data:
for image in data['images']:
image['user_id'] = current_user.id
def registered():
"""
Removes limit if user is registered and using a token.
:return:
"""
return not is_anonymous()