def get_languages(request): """ Get the list of languages for the entities in JSON """ lang = translation.get_language() cache_name = 'languages:%s' % lang languages = cache_manager.get('main', cache_name) if languages: return HttpResponseRest(request, languages) languages = [] for language in Language.objects.all().order_by('code'): languages.append({ 'id': language.code, 'value': language.code, 'label': language.get_label() }) # cache for 24h cache_manager.set('main', cache_name, languages, 60 * 60 * 24) return HttpResponseRest(request, languages)
def create_storage_location(request): """ Create a storage location. """ name = request.data['name'] label = request.data['label'] if isinstance(request.data['parent_storage_location'], int): parent_storage_location = StorageLocation.objects.get(id=request.data['parent_storage_location']) else: parent_storage_location = None lang = translation.get_language() storage_location = StorageLocation.objects.create( name=name, parent=parent_storage_location, label={lang: label}, ) result = { 'id': storage_location.id, 'name': storage_location.name, 'label': storage_location.get_label() } return HttpResponseRest(request, result)
def update_self_settings(request): """ Update or create a user setting. """ update_setting(request.user, request.data['name'], request.data['setting'], request.data['version']) return HttpResponseRest(request, {})
def get_classification_entry_children_list_count(request, cls_id): """ Return the count of direct children for the given classification entry. """ classification_entry = get_object_or_404(ClassificationEntry, id=int(cls_id)) from main.cursor import CursorQuery cq = CursorQuery(ClassificationEntry) cq.set_synonym_model(ClassificationEntrySynonym) # if only children if request.GET.get('deeply', False): cq.filter(parent_list__in=[classification_entry.id]) else: cq.filter(parent=classification_entry.id) if request.GET.get('filters'): cq.filter(json.loads(request.GET['filters'])) count = cq.count() results = {'count': count} return HttpResponseRest(request, results)
def get_action_list_for_entity_id_count(request, ent_id): # @todo from main.cursor import CursorQuery cq = CursorQuery(ActionToEntity) # cq = ActionToEntity.objects.filter(entity_id=int(ent_id)) # @todo filter for action relating cq.inner_join(Action, related_name='id', to_related_name='action_id', entity=int(ent_id)) cq.filter(entity=int(ent_id)) if request.GET.get('search'): search = json.loads(request.GET['search']) cq.filter(search) if request.GET.get('filters'): filters = json.loads(request.GET['filters']) cq.filter(filters) # print(cq.sql()) count = cq.count() # cq.filter(input_batches__in=int(bat_id)) results = { 'count': count } return HttpResponseRest(request, results)
def get_entity(request): """ Retrieve an entity (generic details) from an app_label, model and object identifier. In others words from its content type and its uniquer identifier. @note Returned name if the natural name (it can be a name field or a code, the display label...). """ app_label = request.GET['app_label'] model = request.GET['model'] object_id = int(request.GET['object_id']) if app_label and model and object_id: content_type = ContentType.objects.get_by_natural_key(app_label, model) entity = content_type.get_object_for_this_type(id=object_id) results = { 'id': entity.id, 'uuid': str(entity.uuid), 'name': entity.natural_name(), 'content_type': "%s.%s" % (app_label, model), 'created_date': entity.created_date, 'modified_date': entity.modified_date, 'entity_status': entity.entity_status } return HttpResponseRest(request, results)
def delete_value_for_descriptor(request, des_id, val_id): """ Delete a single value for a descriptor. """ descriptor = get_object_or_404(Descriptor, id=int(des_id)) if descriptor.in_usage(): raise SuspiciousOperation(_("There is some data using the descriptor")) format_type = descriptor.format # internally stored values if descriptor.values is not None: values = descriptor.values if format_type['trans']: for lvalues in values: del lvalues[val_id] else: del values[val_id] descriptor.values = values else: # table stored values values = descriptor.values_set.filter(code=val_id) values.delete() return HttpResponseRest(request, {})
def create_index(request): descriptor_id = int(request.data.get('descriptor')) target = request.data.get('target') index_type = JSONBFieldIndexType(request.data.get('type', 0)) descriptor = Descriptor.objects.get(id=descriptor_id) app_label, model = target.split('.') target = ContentType.objects.get_by_natural_key(app_label, model) index = DescriptorIndex.objects.create(descriptor=descriptor, target=target, type=index_type.value) with transaction.atomic(): index.save() index.create_or_drop_index() response = { 'id': index.id, 'descriptor': index.descriptor.name, 'target': index.target.name.capitalize(), 'type': JSONBFieldIndexType(index.type).name } return HttpResponseRest(request, response)
def delete_accession(request, acc_id): accession = get_object_or_404(Accession, id=int(acc_id)) accession.synonyms.all().delete() accession.delete() return HttpResponseRest(request, {})
def get_accession_list_count(request): from main.cursor import CursorQuery cq = CursorQuery(Accession) if request.GET.get('search'): search = json.loads(request.GET['search']) cq.filter(search) if request.GET.get('filters'): filters = json.loads(request.GET['filters']) cq.filter(filters) cq.m2m_to_array_field(relationship=AccessionPanel.accessions, selected_field='accessionpanel_id', from_related_field='id', to_related_field='accession_id', alias='panels') cq.m2m_to_array_field(relationship=Accession.classifications_entries, selected_field='classification_entry_id', from_related_field='id', to_related_field='accession_id', alias='classifications') cq.set_synonym_model(AccessionSynonym) count = cq.count() results = {'count': count} return HttpResponseRest(request, results)
def change_all_labels_of_classification_rank(request, crk_id): """ Changes all the label, for each language related to the user interface. Returns only the local label. """ classification_rank = get_object_or_404(ClassificationRank, id=int(crk_id)) if not classification_rank.classification.can_modify: raise PermissionDenied(_("The classification owning this rank is locked")) labels = request.data languages_values = [lang[0] for lang in InterfaceLanguages.choices()] for lang, label in labels.items(): if lang not in languages_values: raise SuspiciousOperation(_("Unsupported language identifier")) classification_rank.label = labels classification_rank.update_field('label') classification_rank.save() result = { 'label': classification_rank.get_label() } return HttpResponseRest(request, result)
def delete_classification_rank(request, crk_id): """ If possible delete a classification rank. It is not possible if there is data using the classification or the status is valid. """ classification_rank = get_object_or_404(ClassificationRank, id=int(crk_id)) if not classification_rank.classification.can_modify: raise PermissionDenied(_("The classification owning this rank is locked")) if classification_rank.in_usage(): raise SuspiciousOperation(_("There is one or more entities using this classification rank")) # l-shift next ranks level with transaction.atomic(): ranks = classification_rank.classification.ranks.filter(level__gt=classification_rank.level).order_by('level') classification_rank.delete() # could use a set constraints level DEFERRED; but how with django and non raw ? # fake with a minus level temporary for rank in ranks: rank.level = rank.level - 1 rank.save() return HttpResponseRest(request, {})
def create_classification(request): """ Create a new classification with a label in the current language. """ parameters = request.data language = translation.get_language() if not Language.objects.filter(code=language).exists(): raise SuspiciousOperation(_("The language is not supported")) if Classification.objects.filter(name=parameters['name']).exists(): raise SuspiciousOperation(_("A classification already exists with this name")) classification = Classification() classification.name = parameters['name'] classification.set_label(language, parameters['label']) classification.description = parameters['description'] classification.save() response = { 'id': classification.pk, 'name': classification.name, 'can_modify': classification.can_modify, 'can_delete': classification.can_delete, 'label': classification.get_label(), 'description': classification.description, 'num_classification_ranks': 0 } return HttpResponseRest(request, response)
def add_city(request): external_id = int_arg(request.data['external_id']) lang = get_language() manager = instance.geolocation_app.geolocation_manager mgr_result = manager.create_city(external_id, lang) country_r = manager.get_country(country_id=mgr_result['cou_id'], lang=lang) response = { 'id': mgr_result['cit_id'], 'name': mgr_result['name'], 'lat': mgr_result['lat'], 'long': mgr_result['long'], 'display_names': mgr_result['alt_name'], 'country': { 'id': country_r['cou_id'], 'name': country_r['name'], 'code3': country_r['code3'], 'lat': country_r['lat'], 'long': country_r['long'], 'display_names': country_r['alt_name'], 'preferred_names': country_r['preferred_name'], 'short_names': country_r['short_name'] }, 'preferred_names': mgr_result['preferred_name'], 'short_names': mgr_result['short_name'] } return HttpResponseRest(request, response)
def city(request, cit_id): lang = get_language() manager = instance.geolocation_app.geolocation_manager city_r = manager.get_city(city_id=int(cit_id), lang=lang) country_r = manager.get_country(country_id=city_r['cou_id'], lang=lang) result = { 'id': city_r['cit_id'], 'name': city_r['name'], 'lat': city_r['lat'], 'long': city_r['long'], 'display_names': city_r['alt_name'], 'country': { 'id': country_r['cou_id'], 'name': country_r['name'], 'code3': country_r['code3'], 'lat': country_r['lat'], 'long': country_r['long'], 'display_names': country_r['alt_name'], 'preferred_names': country_r['preferred_name'], 'short_names': country_r['short_name'] }, 'preferred_names': city_r['preferred_name'], 'short_names': city_r['short_name'] } return HttpResponseRest(request, result)
def add_user_permission(request, username): permission = request.data['permission'] content_type = request.data['content_type'] object_id = int( request.data['object']) if 'object' in request.data else None if content_type == "auth.permission" and not request.user.is_superuser: raise PermissionDenied( _("Only a superuser can change an auth.permission")) user = get_object_or_404(User, username=username) app_label, model = content_type.split('.') # content_type = get_object_or_404(ContentType, app_label=app_label, model=model) content_type = ContentType.objects.get_by_natural_key(app_label, model) if not object_id: perm = get_object_or_404(Permission, codename=permission, content_type=content_type) user.user_permissions.add(perm) else: obj = get_object_or_404(content_type.model, id=object_id) UserObjectPermission.objects.assign_perm(permission, user=user, obj=obj) return HttpResponseRest(request, {})
def add_group_permission(request, grp_id): permission = request.data['permission'] content_type = request.data['content_type'] object_id = int( request.data['object']) if 'object' in request.data else None if content_type == "auth.permission" and not request.user.is_superuser: raise PermissionDenied( _("Only a superuser can change an auth.permission")) group = get_object_or_404(Group, id=int(grp_id)) app_label, model = content_type.split('.') content_type = ContentType.objects.get_by_natural_key(app_label, model) if not object_id: perm = get_object_or_404(Permission, codename=permission, content_type=content_type) group.permissions.add(perm) else: obj = get_object_or_404(content_type.model, id=object_id) GroupObjectPermission.objects.assign_perm(permission, group=group, obj=obj) return HttpResponseRest(request, {})
def get_format_type_list(request): """ Return the list of format of action type """ groups = {} items = {} for ft in ActionStepFormatManager.values(): if ft.group: if ft.group.name not in groups: groups[ft.group.name] = { 'group': ft.group.name, 'label': str(ft.group.verbose_name) } if ft.name in items: raise SuspiciousOperation( "Already registered format of action type %s" % ft.name) items[ft.name] = { 'id': ft.name, 'group': ft.group.name, 'value': ft.name, 'label': str(ft.verbose_name) } groups_list = sorted(list(groups.values()), key=lambda x: x['group']) items_list = sorted(list(items.values()), key=lambda x: x['label']) results = {'groups': groups_list, 'items': items_list} return HttpResponseRest(request, results)
def get_descriptor_values(request, des_id): """ Get the list of values for a given descriptor and according to the current language. """ results_per_page = int_arg(request.GET.get('more', 30)) cursor = request.GET.get('cursor') limit = results_per_page sort_by = request.GET.get('sort_by', 'id') descriptor = get_object_or_404(Descriptor, id=int(des_id)) if sort_by.startswith('-'): order_by = sort_by[1:] reverse = True elif sort_by.startswith('+'): order_by = sort_by[1:] reverse = False else: order_by = sort_by reverse = False prev_cursor, next_cursor, values_list = descriptor.get_values( order_by, reverse, cursor, limit) results = { 'sort_by': sort_by, 'prev': prev_cursor, 'cursor': cursor, 'next': next_cursor, 'format': descriptor.format, 'items': values_list, } return HttpResponseRest(request, results)
def get_count_classification_entry_related(request, cls_id): """ Return the list of related classification entries for the given classification entry. """ classification_entry = get_object_or_404(ClassificationEntry, id=int(cls_id)) from main.cursor import CursorQuery cq = CursorQuery(ClassificationEntry) cq.inner_join(ClassificationEntry, related_name='related', to_related_name='to_classificationentry', from_classificationentry=classification_entry.pk) if request.GET.get('search'): cq.filter(json.loads(request.GET['search'])) if request.GET.get('filters'): cq.filter(json.loads(request.GET['filters'])) count = cq.count() results = {'count': count} return HttpResponseRest(request, results)
def post_entity_synonym_type(request): """ Create an new entity synonym type. """ name = request.data['name'] label = request.data['label'] target_model_name = request.data['target_model'] app_label, model = target_model_name.split('.') content_type = get_object_or_404(ContentType, app_label=app_label, model=model) lang = translation.get_language() entity_synonym_type = EntitySynonymType() entity_synonym_type.name = name entity_synonym_type.set_label(lang, label) entity_synonym_type.target_model = content_type entity_synonym_type.save() results = { 'id': entity_synonym_type.pk, 'value': entity_synonym_type.pk, # st.name 'name': entity_synonym_type.name, 'label': entity_synonym_type.get_label(), 'unique': entity_synonym_type.unique, 'multiple_entry': entity_synonym_type.multiple_entry, 'has_language': entity_synonym_type.has_language, 'target_model': ".".join(entity_synonym_type.target_model.natural_key()), 'can_delete': entity_synonym_type.can_delete, 'can_modify': entity_synonym_type.can_modify } return HttpResponseRest(request, results)
def accession_batches_list_count(request, acc_id): accession = get_object_or_404(Accession, id=int(acc_id)) # check permission on accession object perms = get_permissions_for(request.user, accession.content_type.app_label, accession.content_type.model, accession.pk) if 'accession.get_accession' not in perms: raise PermissionDenied( _('Invalid permission to access to this accession')) from main.cursor import CursorQuery cq = CursorQuery(Batch) if request.GET.get('search'): search = json.loads(request.GET['search']) cq.filter(search) if request.GET.get('filters'): filters = json.loads(request.GET['filters']) cq.filter(filters) cq.filter(accession=accession.id) count = cq.count() results = {'count': count} return HttpResponseRest(request, results)
def get_batch_parents_batches_list(request, bat_id): results_per_page = int_arg(request.GET.get('more', 30)) cursor = request.GET.get('cursor') limit = results_per_page parent_batch = get_object_or_404(Batch, id=int(bat_id)) # check permission on accession object perms = get_permissions_for(request.user, parent_batch.accession.content_type.app_label, parent_batch.accession.content_type.model, parent_batch.accession.pk) if 'accession.get_accession' not in perms: raise PermissionDenied( _('Invalid permission to access to this accession')) if cursor: cursor = json.loads(cursor) cursor_name, cursor_id = cursor batches = parent_batch.batches.filter(Q(name__gt=cursor_name)) else: batches = parent_batch.batches.all() batches = batches.order_by('name')[:limit] items_list = [] for batch in batches: b = { 'id': batch.pk, 'name': batch.name, 'accession': batch.accession_id, 'layout': batch.layout_id, 'descriptors': batch.descriptors, 'location': batch.location } items_list.append(b) if len(items_list) > 0: # prev cursor (asc order) obj = items_list[0] prev_cursor = (obj['name'], obj['id']) # next cursor (asc order) obj = items_list[-1] next_cursor = (obj['name'], obj['id']) else: prev_cursor = None next_cursor = None results = { 'perms': [], 'items': items_list, 'prev': prev_cursor, 'cursor': cursor, 'next': next_cursor, } return HttpResponseRest(request, results)
def get_media(request, uuid): """ Returns the media details (mime-type, file name, size...) but not the file content. """ media = get_object_or_404(Media, uuid=uuid) # check user permission on the media if media.owner_content_type == "auth.user": if media.owner_object_id != request.user.pk: raise PermissionDenied(_('Your are not the owner of the media')) else: perms = get_permissions_for(request.user, media.owner_content_type.app_label, media.owner_content_type.model, media.owner_object_id) if len(perms) == 0: raise PermissionDenied(_('No permissions to the owner entity')) result = { 'id': media.pk, 'uuid': media.uuid, 'name': media.name, 'created_date': media.created_date, 'modified_date': media.modified_date, 'file_name': media.file_name, 'file_size': media.file_size, 'mime_type': media.mime_type } return HttpResponseRest(request, result)
def create_classification_entry(request): """ Create a new classification entry with a primary synonym in the current language. """ parameters = request.data parent = None if parameters.get('parent'): parent_id = int_arg(parameters['parent']) parent = get_object_or_404(ClassificationEntry, id=parent_id) rank_id = int_arg(parameters['rank']) language = parameters['language'] layout = request.data.get('layout') descriptors = request.data.get('descriptors') if not Language.objects.filter(code=language).exists(): raise SuspiciousOperation(_("The language is not supported")) if layout is not None and descriptors is not None: layout_id = int_arg(layout) content_type = get_object_or_404(ContentType, app_label="classification", model="classificationentry") layout = get_object_or_404(Layout, id=layout_id, target=content_type) else: # @todo do we allow that ? layout = None classification_entry = None try: with transaction.atomic(): classification_entry = ClassificationEntryManager.create_classification_entry( parameters['name'], rank_id, parent, language, layout, descriptors) except IntegrityError as e: Descriptor.integrity_except(ClassificationEntry, e) response = { 'id': classification_entry.id, 'name': classification_entry.name, 'rank': classification_entry.rank_id, 'parent': classification_entry.parent_id if parent else None, 'parent_list': classification_entry.parent_list, 'synonyms': [], 'layout': classification_entry.layout_id if layout else None, 'descriptors': classification_entry.descriptors } for s in classification_entry.synonyms.all(): response['synonyms'].append({ 'id': s.id, 'name': s.name, 'synonym_type': s.synonym_type_id, 'language': s.language }) return HttpResponseRest(request, response)
def get_self_permissions_for_entity(request, content_type, ent_id): """ User get its own permissions for its session for a specific entity """ user = get_object_or_404(User, username=request.user.username) permissions = [] app_label, model = content_type.split('.') content_type = ContentType.objects.get_by_natural_key(app_label, model) entity = get_object_or_404(content_type.model_class(), int(ent_id)) perms = get_perms(user, entity) permission_details = Permission.objects.find(codename__in=perms) lookup = {} for perm in permission_details: lookup[perm.codename] = perm.name for perm in perms: perm_detail = lookup.get(perm) if perm_detail: permissions.append({ 'id': perm, 'name': perm_detail, 'app_label': app_label }) return HttpResponseRest(request, permissions)
def get_format_unit_list(request): """ Return the list of units of format. """ groups = {} items = {} for fu in DescriptorFormatUnitManager.values(): if fu.group: if fu.group.name not in groups: groups[fu.group.name] = { 'group': fu.group.name, 'label': str(fu.group.verbose_name) } if fu.name in items: raise SuspiciousOperation( "Already registered descriptor format unit %s" % fu.name) items[fu.name] = { 'id': fu.name, 'group': fu.group.name, 'value': fu.name, 'label': str(fu.verbose_name) } groups_list = sorted(list(groups.values()), key=lambda x: x['group']) items_list = sorted(list(items.values()), key=lambda x: x['id']) results = {'groups': groups_list, 'items': items_list} return HttpResponseRest(request, results)
def get_permission_types(request): """ Get the list of permissions type in JSON """ logger.debug("Cache miss for permission.permission-type") ignore_list = [ 'admin.', 'contenttypes.', 'guardian.', 'main.profile.', 'main.settings.', 'sessions.', 'sites.', ] for module in module_manager.modules: if hasattr(module, 'ignored_permission_types'): ignore_list.extend(module.ignored_permission_types) types = [] for perm in Permission.objects.all().select_related('content_type'): pid = "%s.%s.%s" % (perm.content_type.app_label, perm.content_type.model, perm.codename) add = True for ignore_pattern in ignore_list: if pid.startswith(ignore_pattern): add = False break if add: types.append({'id': perm.id, 'value': pid, 'label': perm.name}) return HttpResponseRest(request, types)
def get_session_status(request): """ Get current session status. Returns true if the session still authenticated. """ result = {'is_auth': request.user.is_authenticated} return HttpResponseRest(request, result)
def patch_user(request, username): user = get_object_or_404(User, username=username) update = False result = {'id': user.pk} if 'is_active' in request.data: update = True user.is_active = request.data['is_active'] result['is_active'] = user.is_active # update the pending state if necessary try: profile = Profile.objects.get(user=user) if user.is_active and profile.pending: profile.pending = False profile.save() except Profile.DoesNotExist: pass if 'is_staff' in request.data: update = True user.is_staff = request.data['is_staff'] result['is_staff'] = user.is_staff if 'is_superuser' in request.data: update = True user.is_superuser = request.data['is_superuser'] result['is_superuser'] = user.is_superuser if update: user.save() return HttpResponseRest(request, result)