def _setCommonCORSHeaders():
"""
Set CORS headers that should be passed back with either a preflight OPTIONS
or a simple CORS request. We set these headers anytime there is an Origin
header present since browsers will simply ignore them if the request is not
cross-origin.
"""
origin = cherrypy.request.headers.get('origin')
if not origin:
# If there is no origin header, this is not a cross origin request
return
allowed = Setting().get(SettingKey.CORS_ALLOW_ORIGIN)
if allowed:
setResponseHeader('Access-Control-Allow-Credentials', 'true')
setResponseHeader('Access-Control-Expose-Headers',
Setting().get(SettingKey.CORS_EXPOSE_HEADERS))
allowedList = {o.strip() for o in allowed.split(',')}
if origin in allowedList:
setResponseHeader('Access-Control-Allow-Origin', origin)
elif '*' in allowedList:
setResponseHeader('Access-Control-Allow-Origin', '*')
def _setCommonCORSHeaders():
"""
Set CORS headers that should be passed back with either a preflight OPTIONS
or a simple CORS request. We set these headers anytime there is an Origin
header present since browsers will simply ignore them if the request is not
cross-origin.
"""
origin = cherrypy.request.headers.get('origin')
if not origin:
# If there is no origin header, this is not a cross origin request
return
allowed = Setting().get(SettingKey.CORS_ALLOW_ORIGIN)
if allowed:
setResponseHeader('Access-Control-Allow-Credentials', 'true')
setResponseHeader(
'Access-Control-Expose-Headers', Setting().get(SettingKey.CORS_EXPOSE_HEADERS))
allowed_list = [o.strip() for o in allowed.split(',')]
key = 'Access-Control-Allow-Origin'
if len(allowed_list) == 1:
setResponseHeader(key, allowed_list[0])
elif origin in allowed_list:
setResponseHeader(key, origin)
def load(self, info):
plugin.getPlugin('jobs').load(info)
plugin.getPlugin('slicer_cli_web').load(info)
plugin.getPlugin('large_image_annotation').load(info)
# Python's http cookie parser fails for all cookies when there are some
# invalid cookies. Work around some of that.
patchCookieParsing()
ModelImporter.registerModel('aperio', Aperio, 'histomicsui')
ModelImporter.registerModel('case', Case, 'histomicsui')
ModelImporter.registerModel('cohort', Cohort, 'histomicsui')
ModelImporter.registerModel('image', Image, 'histomicsui')
ModelImporter.registerModel('pathology', Pathology, 'histomicsui')
ModelImporter.registerModel('slide', Slide, 'histomicsui')
rest.addEndpoints(info['apiRoot'])
info['serverRoot'].updateHtmlVars(
{'brandName': Setting().get(SettingKey.BRAND_NAME)})
global originalChildItems
if not getattr(Folder, '_childItemsBeforeHUI', None):
Folder._childItemsBeforeHUI = Folder.childItems
Folder.childItems = childItems
girderRoot = info['serverRoot']
huiRoot = WebrootHistomicsUI(_template)
huiRoot.updateHtmlVars(girderRoot.vars)
# The interface is always available under hui and also available
# under the specified path.
info['serverRoot'].hui = huiRoot
webrootPath = Setting().get(PluginSettings.HUI_WEBROOT_PATH)
alternateWebrootPath = Setting().get(
PluginSettings.HUI_ALTERNATE_WEBROOT_PATH)
setattr(info['serverRoot'], webrootPath, huiRoot)
if alternateWebrootPath:
for alt_webroot_path in alternateWebrootPath.split(','):
if alt_webroot_path:
setattr(info['serverRoot'], alt_webroot_path, huiRoot)
info['serverRoot'].girder = girderRoot
# auto-ingest annotations into database when a .anot file is uploaded
events.bind('data.process', 'histomicsui', process_annotations)
events.bind('model.job.save', 'histomicsui', _saveJob)
def updateWebroot(event):
"""
If the webroot path setting is changed, bind the new path to the
hui webroot resource. Note that a change to the alternate webroot
requires a restart.
"""
if event.info.get('key') == PluginSettings.HUI_WEBROOT_PATH:
setattr(info['serverRoot'], event.info['value'], huiRoot)
events.bind('model.setting.save.after', 'histomicsui', updateWebroot)
curConfig = config.getConfig().get('histomicsui', {})
if curConfig.get('restrict_downloads'):
# Change some endpoints to require token access
endpoints = [
('collection', 'GET', (':id', 'download')),
('file', 'GET', (':id', 'download')),
('file', 'GET', (':id', 'download', ':name')),
('folder', 'GET', (':id', 'download')),
('item', 'GET', (':id', 'download')),
('resource', 'GET', ('download', )),
('resource', 'POST', ('download', )),
('item', 'GET', (':itemId', 'tiles', 'images', ':image')),
]
for resource, method, route in endpoints:
cls = getattr(info['apiRoot'], resource)
func = cls.getRouteHandler(method, route)
if func.accessLevel == 'public':
func = access.token(func)
cls.removeRoute(method, route)
cls.route(method, route, func)
