def test_load_session(self): from lingcod.common.utils import load_session request = TestRequest() load_session(request, '0') self.assertEquals(request.session, None) load_session(request, md5('blah').hexdigest()) self.assertEquals(request.session.__class__.__name__, 'SessionStore')
def shared_public(request, kmz=False, session_key='0'): """ Shows all publically shared arrays Must be shared with a special set of public groups defined in settings.SHARING_TO_PUBLIC_GROUPS """ load_session(request, session_key) user = request.user features, collections = get_public_data() styles = get_styles(features,collections) # determine content types for sharing t = get_template('kmlapp/public.kml') kml = t.render(Context({'loggedin_user': request.user, 'user': request.user, 'features': features, 'collections': collections, 'styles': styles, 'use_network_links': True, 'request_path': request.path, 'session_key': session_key})) mime = mimetypes.KML if kmz: mime = mimetypes.KMZ kml = create_kmz(kml, 'mm/doc.kml') response = HttpResponse(kml, mimetype=mime) response['Content-Disposition'] = 'attachment' return response
def get_privatekml(request, pk, session_key='0'): load_session(request, session_key) user = request.user if user.is_anonymous() or not user.is_authenticated(): return HttpResponse('You must be logged in', status=401) layer = PrivateKml.objects.get(pk=pk) viewable, response = is_privatekml_viewable(layer, user) if not viewable: return response else: mimetype, encoding = _mimetypes.guess_type(layer.base_kml) mimetype = mimetype or 'application/octet-stream' response = HttpResponse(open(layer.base_kml,'rb').read(), status=200, mimetype=mimetype) response['Content-Disposition'] = 'filename=privatekml_%s.kml' % pk return response
def create_kml(request, input_username=None, input_uid=None, input_shareuser=None, input_sharegroup=None, links=False, kmz=False, session_key='0'): """ Returns a KML/KMZ containing Feautures/FeatureCollections owned by user """ load_session(request, session_key) user = request.user if input_username and user.username != input_username: log.warn(request.get_full_path()) log.warn("Failed: Input username from the URL is %r but the request.user.username is %r" % (input_username, user.username)) return HttpResponse('Access denied', status=401) if input_username: features, collections = get_user_data(user) elif input_uid: features, collections = get_data_for_feature(user, input_uid) elif input_shareuser and input_sharegroup: features, collections = get_shared_data(input_shareuser, input_sharegroup, user) else: raise Http404 if not features and isinstance(collections, HttpResponse): return collections # We got an http error going on styles = get_styles(features,collections,links) t = get_template('kmlapp/myshapes.kml') context = Context({ 'user': user, 'features': features, 'collections': collections, 'use_network_links': links, 'request_path': request.path, 'styles': styles, 'session_key': session_key, 'shareuser': input_shareuser, 'sharegroup': input_sharegroup, 'feature_id': input_uid, }) kml = t.render(context) mime = mimetypes.KML if kmz: mime = mimetypes.KMZ kml = create_kmz(kml, 'mm/doc.kml') response = HttpResponse(kml, mimetype=mime) response['Content-Disposition'] = 'attachment' return response
def get_privatekml(request, pk, session_key='0'): load_session(request, session_key) user = request.user if user.is_anonymous() or not user.is_authenticated(): return HttpResponse('You must be logged in', status=401) layer = PrivateKml.objects.get(pk=pk) viewable, response = is_privatekml_viewable(layer, user) if not viewable: return response else: mimetype, encoding = _mimetypes.guess_type(layer.base_kml) mimetype = mimetype or 'application/octet-stream' response = HttpResponse(open(layer.base_kml, 'rb').read(), status=200, mimetype=mimetype) response['Content-Disposition'] = 'filename=privatekml_%s.kml' % pk return response
def get_privatekml_list(request, session_key='0'): load_session(request, session_key) user = request.user if user.is_anonymous() or not user.is_authenticated(): return HttpResponse('You must be logged in', status=401) all_kmls = PrivateKml.objects.all() accessible_kmls = [] for kml in all_kmls: viewable, response = is_privatekml_viewable(kml, user) if viewable: accessible_kmls.append(kml) t = get_template('layers/private.kml') kml = t.render(RequestContext( request, {'session_key': session_key, 'kmls': accessible_kmls})) response = HttpResponse(kml, mimetype=mimetypes.KML) response['Content-Disposition'] = 'filename=privatekml_%s.kml' % user.username return response
def get_kml_file(request, uid, session_key='0', input_username=None): load_session(request, session_key) user = request.user if input_username and user.username != input_username: return HttpResponse('Access denied', status=401) instance = get_object_for_viewing(request, uid) if isinstance(instance, HttpResponse): return instance full = instance.kml_full response = HttpResponse(full) if is_text(full): response['Content-Type'] = mimetypes.KML else: response['Content-Type'] = mimetypes.KMZ return response
def create_shared_kml(request, input_username, kmz=False, session_key='0'): """ Returns a KML/KMZ containing shared MPAs (organized into folders by groups and users who have shared them) """ load_session(request, session_key) user = request.user if input_username and user.username != input_username: return HttpResponse('Access denied', status=401) from lingcod.features import groups_users_sharing_with sharing_with = groups_users_sharing_with(user) t = get_template('kmlapp/shared.kml') kml = t.render(Context({'user': request.user, 'groups_users': sharing_with, 'request_path': request.path, 'session_key': session_key})) mime = mimetypes.KML if kmz: mime = mimetypes.KMZ kml = create_kmz(kml, 'mm/doc.kml') response = HttpResponse(kml, mimetype=mime) response['Content-Disposition'] = 'attachment' return response
def get_privatekml_list(request, session_key='0'): load_session(request, session_key) user = request.user if user.is_anonymous() or not user.is_authenticated(): return HttpResponse('You must be logged in', status=401) all_kmls = PrivateKml.objects.all() accessible_kmls = [] for kml in all_kmls: viewable, response = is_privatekml_viewable(kml, user) if viewable: accessible_kmls.append(kml) t = get_template('layers/private.kml') kml = t.render( RequestContext(request, { 'session_key': session_key, 'kmls': accessible_kmls })) response = HttpResponse(kml, mimetype=mimetypes.KML) response[ 'Content-Disposition'] = 'filename=privatekml_%s.kml' % user.username return response
def get_relative_to_privatekml(request, pk, path, session_key='0'): load_session(request, session_key) user = request.user if user.is_anonymous() or not user.is_authenticated(): return HttpResponse('You must be logged in', status=401) layer = PrivateKml.objects.get(pk=pk) viewable, response = is_privatekml_viewable(layer, user) if not viewable: return response # From django.views.static path = posixpath.normpath(urllib.unquote(path)) path = path.lstrip('/') newpath = '' for part in path.split('/'): if not part: # Strip empty path components. continue drive, part = os.path.splitdrive(part) head, part = os.path.split(part) if part in (os.curdir, os.pardir): # Strip '.' and '..' in path. continue newpath = os.path.join(newpath, part).replace('\\', '/') # newpath is different from path any time path is unsafe. if newpath and path == newpath: basedir = os.path.dirname(layer.base_kml) requested_file = os.path.join(basedir, newpath) if not os.path.exists(requested_file): raise Http404 mimetype, encoding = _mimetypes.guess_type(requested_file) mimetype = mimetype or 'application/octet-stream' return HttpResponse(open(requested_file, 'rb').read(), status=200, mimetype=mimetype) else: return HttpResponse("Nice try", status=403)
def get_relative_to_privatekml(request, pk, path, session_key='0'): load_session(request, session_key) user = request.user if user.is_anonymous() or not user.is_authenticated(): return HttpResponse('You must be logged in', status=401) layer = PrivateKml.objects.get(pk=pk) viewable, response = is_privatekml_viewable(layer, user) if not viewable: return response # From django.views.static path = posixpath.normpath(urllib.unquote(path)) path = path.lstrip('/') newpath = '' for part in path.split('/'): if not part: # Strip empty path components. continue drive, part = os.path.splitdrive(part) head, part = os.path.split(part) if part in (os.curdir, os.pardir): # Strip '.' and '..' in path. continue newpath = os.path.join(newpath, part).replace('\\', '/') # newpath is different from path any time path is unsafe. if newpath and path == newpath: basedir = os.path.dirname(layer.base_kml) requested_file = os.path.join(basedir,newpath) if not os.path.exists(requested_file): raise Http404 mimetype, encoding = _mimetypes.guess_type(requested_file) mimetype = mimetype or 'application/octet-stream' return HttpResponse(open(requested_file,'rb').read(), status=200, mimetype=mimetype) else: return HttpResponse("Nice try", status=403)