def getVisibleUsers(users, request):
"""
Search users
Return a list of persons of the system, optionaly filtered using the available
modifiers.
The objects returned by this endpoint are intended for user listing and
searching, so only username and displayName attributes of a person are returned. If you
need the full profile of a user, use the `GET` endpoint of the `User` resource.
"""
query = {}
search_params = searchParams(request)
filter_fields = ["username", "displayName", "objectType", 'subscribedTo']
if asbool(search_params.get('twitter_enabled', False)):
filter_fields.append("twitterUsername")
found_users = users.search(query, show_fields=filter_fields, sort_by_field="username", flatten=0, **search_params)
# Filter user results. User
filtered_users = [user for user in found_users if request.actor.is_allowed_to_see(user)]
handler = JSONResourceRoot(request, flatten(filtered_users, squash=['subscribedTo']), remaining=found_users.remaining)
return handler.buildResponse()
def revokePermission(self, subscription, permission, permanent=DEFAULT_CONTEXT_PERMISSIONS_PERMANENCY):
"""
Revoke a permission on a context's user subscription.
Revokes will persist over context default permission changes based on permanent parameter.
Non permanent permission revoke will remove grants!
"""
criteria = {}
new_permissions = []
# Add current permissions except revoked one
new_permissions = [p for p in subscription['permissions'] if permission != p]
if permanent:
# Add permission to vetos if not present
subscription.setdefault('_vetos', [])
if permission not in subscription['_vetos']:
subscription['_vetos'].append(permission)
# Remove permission from grants if present
subscription.setdefault('_grants', [])
subscription['_grants'] = [granted for granted in subscription['_grants'] if granted != permission]
# Get a dummy context from subscription to determine the fields to update
ContextClass = getMaxModelByObjectType(subscription['objectType'])
context_unique_field = ContextClass.unique.lstrip('_')
temp_context = ContextClass.from_object(
self.request,
{
context_unique_field: subscription[context_unique_field],
'objectType': subscription['objectType']
}
)
context_storage_field = temp_context.user_subscription_storage
subscription_unique_field = '{}.{}'.format(context_storage_field, context_unique_field)
criteria.update({subscription_unique_field: subscription[context_unique_field]}) # update object that matches hash
criteria.update({'_id': self['_id']}) # of collection entry with _id
# overwrite permissions
what = {
'$set': {
'{}.$.permissions'.format(context_storage_field): new_permissions,
'{}.$._grants'.format(context_storage_field): subscription.get('_grants', []),
'{}.$._vetos'.format(context_storage_field): subscription.get('_vetos', [])
}
}
subscription['permissions'] = new_permissions
fields_to_squash = ['published', 'owner', 'creator', 'tags', 'vetos', 'grants']
subscription = flatten(subscription, squash=fields_to_squash)
self.mdb_collection.update(criteria, what)
return subscription
def from_object(cls, request, source):
instance = cls(request)
instance.update(source)
instance.old.update(source)
instance.old = deepcopy(flatten(instance.old))
if 'id' in source:
instance['_id'] = source['id']
instance._post_init_from_object(source)
instance.asleep = True
return instance
def getPublicContexts(contexts, request):
"""
Get all public contexts
Returns a list of all public subscribable contexts
"""
found_contexts = contexts.search({'permissions.subscribe': 'public'}, **searchParams(request))
handler = JSONResourceRoot(request, flatten(found_contexts, squash=['owner', 'creator', 'published']))
return handler.buildResponse()
def getConversationMessages(conversation, request):
"""
Get all messages from a conversation
"""
query = {'contexts.id': str(conversation['_id'])}
# Sorting by _id, as id is indeed the same as published
messages = request.db.messages.search(query, sort_direction=DESCENDING, sort_by_field="_id", keep_private_fields=False, **searchParams(request))
inverted = flatten(messages, reverse=True)
handler = JSONResourceRoot(request, inverted, remaining=messages.remaining)
return handler.buildResponse()
def getActivityComments(activity, request):
"""
Get activity comments
Return the comments for an activity.
"""
replies = activity.get('replies', {})
items = replies
result = flatten(items, keep_private_fields=False)
handler = JSONResourceRoot(request, result)
return handler.buildResponse()
def wake(self):
"""
Tries to recover a lazy object from the database.
Instances marked as asleep = True, are the only ones that
will be waked up.
"""
if self.asleep:
obj = self.alreadyExists()
if obj:
self.update(obj)
self.old.update(obj)
self.old = deepcopy(flatten(self.old))
def flatten(self, **kwargs):
"""
Recursively transforms non-json-serializable values and simplifies
$oid and $data BISON structures. Intended for final output
Also removes fields starting with underscore _fieldname
"""
def permission_filter(field):
"""
Is the field NOT visible on the current request?
"""
return not(self.has_field_permission(field, 'view') or field == 'objectType')
return_dict = flatten(self, filter_method=permission_filter, **kwargs)
return return_dict
def prepareUserSubscription(self):
"""
"""
fields_to_squash = ['published', 'owner', 'creator', 'participants', 'tags', 'displayName']
if '_id' != self.unique:
fields_to_squash.append('_id')
subscription = flatten(self, squash=fields_to_squash)
# If we are subscribing the user, read permission is granted
user_permissions = ['read']
# Add subscription permissions based on defaults and context values
user_permissions = self.subscription_permissions(base=user_permissions)
# Assign permissions to the subscription object before adding it
subscription['permissions'] = user_permissions
return subscription
def reset_permissions(self, subscription, context):
subscription['_grants'] = []
subscription['_vetos'] = []
subscription['permissions'] = context.subscription_permissions()
criteria = {}
criteria.update({'subscribedTo.hash': subscription['hash']}) # update object that matches hash
criteria.update({'_id': self['_id']}) # of collection entry with _id
# overwrite permissions
what = {
'$set': {
'subscribedTo.$.permissions': subscription['permissions'],
'subscribedTo.$._grants': subscription['_grants'],
'subscribedTo.$._vetos': subscription['_vetos'],
}
}
self.mdb_collection.update(criteria, what)
fields_to_squash = ['published', 'owner', 'creator', 'tags', 'vetos', 'grants']
subscription = flatten(subscription, squash=fields_to_squash)
return subscription
def buildObject(self):
"""
Updates the dict content with the activity structure,
with data parsed from the request
"""
ob = {'actor': {'objectType': 'person',
'displayName': self.data['actor']['displayName'],
'username': self.data['actor']['username']
},
'verb': self.data['verb'],
'object': None,
}
wrapper = self.getObjectWrapper(self.data['object']['objectType'])
subobject = wrapper(self.request, self.data['object'])
ob['object'] = subobject
# Append actor as username if object has keywords and actor is a Person
if ob['object'].get('_keywords', None):
ob['object']['_keywords'].append(self.data['actor']['username'])
if 'contexts' in self.data:
ob['contexts'] = [flatten(self.data['contexts'][0], preserve=MESSAGE_CONTEXT_FIELDS)]
self.update(ob)
# Set defaults
properties = {}
for key, value in self.schema.items():
default = value.get('default', None)
# Value is in the request but not set yet, set it please.
if key in self.data and key not in self:
properties[key] = self.data[key]
# Value is not in the request and we have a default, set it please
elif 'default' in value.keys():
properties[key] = default
self.update(properties)
def test_flatten_with_preserve_and_squash(self):
from max.utils.dicts import flatten
md = {'key_one': 'Hello', 'key_two': 'World'}
flattened = flatten(md, preserve=['key_two'], squash=['key_two'])
self.assertIn('key_two', flattened)
self.assertNotIn('key_one', flattened)
