def new_map_json(request): if request.method == 'GET': config = new_map_config(request) if isinstance(config, HttpResponse): return config else: return HttpResponse(config) elif request.method == 'POST': if not request.user.is_authenticated(): return HttpResponse( 'You must be logged in to save new maps', mimetype="text/plain", status=401 ) map_obj = Map(owner=request.user, zoom=0, center_x=0, center_y=0) map_obj.save() map_obj.set_default_permissions() try: map_obj.update_from_viewer(request.body) MapSnapshot.objects.create(config=clean_config(request.body),map=map_obj,user=request.user) except ValueError, e: return HttpResponse(str(e), status=400) else: return HttpResponse( json.dumps({'id':map_obj.id }), status=200, mimetype='application/json' )
def new_map_json(request): if request.method == 'GET': config = new_map_config(request) if isinstance(config, HttpResponse): return config else: return HttpResponse(config) elif settings.RESOURCE_PUBLISHING: return HttpResponse( _PERMISSION_MSG_SAVE, status=401, mimetype="text/plain" ) elif request.method == 'POST': if not request.user.is_authenticated(): return HttpResponse( 'You must be logged in to save new maps', mimetype="text/plain", status=401 ) map_obj = Map(owner=request.user, zoom=0, center_x=0, center_y=0) map_obj.save() map_obj.set_default_permissions() # If the body has been read already, use an empty string. # See https://github.com/django/django/commit/58d555caf527d6f1bdfeab14527484e4cca68648 # for a better exception to catch when we move to Django 1.7. try: body = request.body except Exception: body = '' try: map_obj.update_from_viewer(body) MapSnapshot.objects.create( config=clean_config(body), map=map_obj, user=request.user) except ValueError as e: return HttpResponse(str(e), status=400) else: return HttpResponse( json.dumps({'id': map_obj.id}), status=200, mimetype='application/json' ) else: return HttpResponse(status=405)
def new_map_json(request): if request.method == "GET": config = new_map_config(request) if isinstance(config, HttpResponse): return config else: return HttpResponse(config) elif request.method == "POST": if not request.user.is_authenticated(): return HttpResponse("You must be logged in to save new maps", mimetype="text/plain", status=401) map_obj = Map(owner=request.user, zoom=0, center_x=0, center_y=0) map_obj.save() map_obj.set_default_permissions() try: map_obj.update_from_viewer(request.raw_post_data) except ValueError, e: return HttpResponse(str(e), status=400) else: return HttpResponse(json.dumps({"id": map_obj.id}), status=200, mimetype="application/json")
def new_map_json(request): if request.method == 'GET': config = new_map_config(request) if isinstance(config, HttpResponse): return config else: return HttpResponse(config) elif request.method == 'POST': if not request.user.is_authenticated(): return HttpResponse( 'You must be logged in to save new maps', content_type="text/plain", status=401 ) data = json.loads(request.body) title = data['about']['title'] category_id = int(data['about']['category']) organization_id = int(data['about']['organization']) group = GroupProfile.objects.get(id=organization_id) map_obj = Map(owner=request.user, zoom=0, center_x=0, center_y=0, category=TopicCategory.objects.get(id=category_id), group=group, title=title) map_obj.save() map_obj.set_default_permissions() permissions = _perms_info_json(map_obj) perm_dict = json.loads(permissions) if 'download_resourcebase' in perm_dict['groups']['anonymous']: perm_dict['groups']['anonymous'].remove('download_resourcebase') if 'view_resourcebase' in perm_dict['groups']['anonymous']: perm_dict['groups']['anonymous'].remove('view_resourcebase') # map_obj.set_permissions(perm_dict) # If the body has been read already, use an empty string. # See https://github.com/django/django/commit/58d555caf527d6f1bdfeab14527484e4cca68648 # for a better exception to catch when we move to Django 1.7. try: body = request.body except Exception: body = '' try: map_obj.update_from_viewer(body) # notify layer owners that this layer is used to create this map layers = map_obj.layers layer_owners = [layer.owner for layer in map_obj.local_layers] notify.send(request.user, recipient_list=layer_owners, actor=request.user, verb='created map using your layer', target=map_obj) MapSnapshot.objects.create( config=clean_config(body), map=map_obj, user=request.user) except ValueError as e: return HttpResponse(str(e), status=400) else: return HttpResponse( json.dumps({'id': map_obj.id}), status=200, content_type='application/json' ) else: return HttpResponse(status=405)
def testPrintProxy(self): """ Test the PrintProxyMiddleware if activated. It should respect the permissions on private layers. """ if 'geonode.middleware.PrintProxyMiddleware' in settings.MIDDLEWARE_CLASSES: # STEP 1: Import a layer from django.contrib.auth.models import User from geonode.maps.models import Map client = Client() client.login(username='******', password='******') #TODO: Would be nice to ensure the name is available before #running the test... norman = User.objects.get(username="******") saved_layer = save("san_andres_y_providencia_poi_by_norman", os.path.join(gisdata.VECTOR_DATA, "san_andres_y_providencia_poi.shp"), norman, overwrite=True, ) # Set the layer private saved_layer.set_gen_level(ANONYMOUS_USERS, saved_layer.LEVEL_NONE) url = reverse('layer_metadata', args=[saved_layer.typename]) # check is accessible while logged in resp = client.get(url) self.assertEquals(resp.status_code, 200) # check is inaccessible when not logged in client.logout() resp = client.get(url) self.assertEquals(resp.status_code, 302) # STEP 2: Create a Map with that layer map_obj = Map(owner=norman, zoom=0, center_x=0, center_y=0) map_obj.create_from_layer_list(norman, [saved_layer], 'title','') map_obj.set_default_permissions() # STEP 3: Print the map print_url = settings.OGC_SERVER['default']['LOCATION'] + 'pdf/create.json' post_payload = { 'dpi': 75, 'layers': [ { 'baseURL': settings.OGC_SERVER['default']['LOCATION'] + 'wms?SERVICE=WMS&', 'format': "image/png", 'customParams': { 'TILED': True, 'TRANSPARENT': True }, 'layers': [saved_layer.typename], 'opacity': 1, 'singleTile': False, 'type': 'WMS' } ], 'layout': 'A4 portrait', 'mapTitle': 'test', 'outputFilename': 'print', 'srs': 'EPSG:900913', 'units': 'm' } client.post(print_url, post_payload) # Test the layer is still inaccessible as non authenticated resp = client.get(url) self.assertEquals(resp.status_code, 302) else: pass