def wrapped(*args, **kwargs): if not rest.getCurrentToken(): raise AccessException( 'You must be logged in or have a valid auth token.') if required: Token().requireScope(rest.getCurrentToken(), scope) return fun(*args, **kwargs)
def _uploadComplete(event): """ Called after an upload finishes. We check if our current token is a special authorized upload token, and if so, delete it. TODO we could alternatively keep a reference count inside each token that authorized more than a single upload at a time, and just decrement it here. """ token = getCurrentToken() if token and 'authorizedUploadId' in token: user = User().load(token['userId'], force=True) item = Item().load(event.info['file']['itemId'], force=True) # Save the metadata on the item item['description'] = token['authorizedUploadDescription'] item['authorizedUploadEmail'] = token['authorizedUploadEmail'] Item().save(item) text = mail_utils.renderTemplate('authorized_upload.uploadFinished.mako', { 'itemId': item['_id'], 'itemName': item['name'], 'itemDescription': item.get('description', '') }) mail_utils.sendMail('Authorized upload complete', text, [user['email']]) Token().remove(token)
def _authorizeUploadStep(event): """ Called before any requests dealing with partially completed uploads. Sets the request thread user to the authorized upload token creator if the requested upload is an authorized upload. """ token = getCurrentToken() try: uploadId = ObjectId(event.info['params'].get('uploadId', '')) except InvalidId: # Take no action, 'uploadId' will be validated again by the endpoint return if token and 'authorizedUploadId' in token and token['authorizedUploadId'] == uploadId: user = User().load(token['userId'], force=True) setCurrentUser(user)
def _authorizeInitUpload(event): """ Called when initializing an upload, prior to the default handler. Checks if the user is passing an authorized upload token, and if so, sets the current request-thread user to be whoever created the token. """ token = getCurrentToken() params = event.info['params'] tokenModel = Token() parentType = params.get('parentType') parentId = params.get('parentId', '') requiredScopes = {TOKEN_SCOPE_AUTHORIZED_UPLOAD, 'authorized_upload_folder_%s' % parentId} if parentType == 'folder' and tokenModel.hasScope(token=token, scope=requiredScopes): user = User().load(token['userId'], force=True) setCurrentUser(user)
def _storeUploadId(event): """ Called after an upload is first initialized successfully. Sets the authorized upload ID in the token, ensuring it can be used for only this upload. """ returnVal = event.info['returnVal'] token = getCurrentToken() tokenModel = Token() isAuthorizedUpload = tokenModel.hasScope(token, TOKEN_SCOPE_AUTHORIZED_UPLOAD) if isAuthorizedUpload and returnVal.get('_modelType', 'upload') == 'upload': params = event.info['params'] token['scope'].remove(TOKEN_SCOPE_AUTHORIZED_UPLOAD) token['authorizedUploadId'] = returnVal['_id'] token['authorizedUploadDescription'] = params.get('authorizedUploadDescription', '') token['authorizedUploadEmail'] = params.get('authorizedUploadEmail') tokenModel.save(token)
def finalizeUpload(self, upload, assetstore=None): """ This should only be called manually in the case of creating an empty file, i.e. one that has no chunks. :param upload: The upload document. :type upload: dict :param assetstore: If known, the containing assetstore for the upload. :type assetstore: dict :returns: The file object that was created. """ from girderformindlogger.models.assetstore import Assetstore from girderformindlogger.models.file import File from girderformindlogger.models.item import Item from girderformindlogger.utility import assetstore_utilities events.trigger('model.upload.finalize', upload) if assetstore is None: assetstore = Assetstore().load(upload['assetstoreId']) if 'fileId' in upload: # Updating an existing file's contents file = File().load(upload['fileId'], force=True) # Delete the previous file contents from the containing assetstore assetstore_utilities.getAssetstoreAdapter(Assetstore().load( file['assetstoreId'])).deleteFile(file) item = Item().load(file['itemId'], force=True) File().propagateSizeChange(item, upload['size'] - file['size']) # Update file info file['creatorId'] = upload['userId'] file['created'] = datetime.datetime.utcnow() file['assetstoreId'] = assetstore['_id'] file['size'] = upload['size'] # If the file was previously imported, it is no longer. if file.get('imported'): file['imported'] = False else: # Creating a new file record if upload.get('attachParent'): item = None elif upload['parentType'] == 'folder': # Create a new item with the name of the file. item = Item().createItem(name=upload['name'], creator={'_id': upload['userId']}, folder={'_id': upload['parentId']}) elif upload['parentType'] == 'item': item = Item().load(id=upload['parentId'], force=True) else: item = None file = File().createFile(item=item, name=upload['name'], size=upload['size'], creator={'_id': upload['userId']}, assetstore=assetstore, mimeType=upload['mimeType'], saveFile=False) if upload.get('attachParent'): if upload['parentType'] and upload['parentId']: file['attachedToType'] = upload['parentType'] file['attachedToId'] = upload['parentId'] adapter = assetstore_utilities.getAssetstoreAdapter(assetstore) file = adapter.finalizeUpload(upload, file) event_document = {'file': file, 'upload': upload} events.trigger('model.file.finalizeUpload.before', event_document) file = File().save(file) events.trigger('model.file.finalizeUpload.after', event_document) if '_id' in upload: self.remove(upload) logger.info('Upload complete. Upload=%s File=%s User=%s' % (upload['_id'], file['_id'], upload['userId'])) # Add an async event for handlers that wish to process this file. eventParams = { 'file': file, 'assetstore': assetstore, 'currentToken': rest.getCurrentToken(), 'currentUser': rest.getCurrentUser() } if 'reference' in upload: eventParams['reference'] = upload['reference'] events.daemon.trigger('data.process', eventParams) return file