示例#1
0
    def post(self):
        if not self.user.is_super_admin:
            raise HttpErrorException.not_found()
        if self.json_request.get('clear_indexes'):
            orgs = Organization.query().fetch()
            for org in orgs:
                indexes = org.get_indexes()
                for index in indexes:
                    ttindex.clear_index(index)

            users = User.query(User.organization == None).fetch()
            for user in users:
                indexes = user.get_indexes()
                for index in indexes:
                    ttindex.clear_index(index)

        project_ids = self.json_request.get('project_ids')
        if project_ids:
            if project_ids == 'all':
                self.project_keys = Project.query().fetch(keys_only=True)
            else:
                if type(project_ids) is not list:
                    raise HttpErrorException.bad_request(
                        'project ids must be list')

                for pro_id in project_ids:
                    pro = Project.get_by_id(pro_id)

                    if not pro:
                        raise HttpErrorException.bad_request(
                            'invalid project id given: ' + str(pro_id))
                    self.project_keys.append(pro.key)

            t = background_thread.BackgroundThread(target=self.index_project)
            t.start()
示例#2
0
    def _serve_project_json(self):
        depth = 0
        if self.request.get('depth').strip() != '':
            depth = self._to_int(self.request.get('depth'))

        if self.request.get('project_id').strip() != '':
            project = Project.get_by_id(self.request.get('project_id').strip())

            if not project.has_permission_read(self.user):
                lr = tt_logging.construct_log(
                    msg_short=
                    'User does not have permission to access this project',
                    log_type=tt_logging.SECURITY,
                    request=self.request,
                    artifact=project,
                    request_user=self.user)
                log.info(lr['dict_msg']['msg'], extra=lr)

                raise HttpErrorException.forbidden()

            project_dict = project.to_dict(
                depth,
                self.user,
                get_treeview=self.request.get('get_treeview'))
        else:
            q = Project.query(Project.owner == self.user.key)

            projects = []
            for results in q.iter():
                if results.has_permission_read(self.user):
                    projects.append(results)

            groups = ndb.get_multi(self.user.groups)
            for group in groups:
                pros = ndb.get_multi(group.artifacts)
                index = 0

                for pro in pros:
                    if pro is None:
                        group.artifacts.remove(group.artifacts[index])
                        lr = tt_logging.construct_log(
                            msg_short='Found Broken Project Key',
                            msg=
                            'Found broken project key (%s) in group artifact list'
                            '\n Key has been removed' % group.artifacts[index],
                            log_type=tt_logging.SECURITY,
                            request=self.request,
                            request_user=self.user)
                        log.info(lr['dict_msg']['msg'], extra=lr)

                    if pro.has_permission_read(self.user):
                        if pro not in projects:
                            projects.append(pro)

                    index += 1

            project_dict = []
            for project in projects:
                project_dict.append(project.to_dict(self.user))

        self.write_json_response(project_dict)