def workbook(request, workbook_id=0):
template = 'workbooks/workbook.html'
command = request.path.rsplit('/',1)[1]
if request.method == "POST" :
if command == "create" :
workbook_model = Workbook.createDefault(name="Untitled Workbook", description="", user=request.user)
elif command == "edit" :
workbook_model = Workbook.edit(id=workbook_id, name=request.POST.get('name'), description=request.POST.get('description'))
elif command == "copy" :
workbook_model = Workbook.copy(id=workbook_id, user=request.user)
elif command == "delete" :
Workbook.destroy(id=workbook_id)
if command == "delete":
redirect_url = reverse('workbooks')
return redirect(redirect_url)
else :
redirect_url = reverse('workbook_detail', kwargs={'workbook_id':workbook_model.id})
return redirect(redirect_url)
elif request.method == "GET" :
if workbook_id:
try :
ownedWorkbooks = request.user.workbook_set.all().filter(active=True)
sharedWorkbooks = Workbook.objects.filter(shared__matched_user=request.user, shared__active=True, active=True)
publicWorkbooks = Workbook.objects.all().filter(is_public=True,active=True)
workbooks = ownedWorkbooks | sharedWorkbooks | publicWorkbooks
workbooks = workbooks.distinct()
workbook_model = workbooks.get(id=workbook_id)
workbook_model.worksheets = workbook_model.get_deep_worksheets()
is_shareable = workbook_model.is_shareable(request)
shared = None
if workbook_model.owner.id != request.user.id and not workbook_model.is_public:
shared = request.user.shared_resource_set.get(workbook__id=workbook_id)
plot_types = Analysis.get_types()
return render(request, template, {'workbook' : workbook_model,
'datatypes' : get_gene_datatypes(),
'is_shareable': is_shareable,
'shared' : shared,
'plot_types' : plot_types})
except ObjectDoesNotExist:
redirect_url = reverse('workbooks')
return redirect(redirect_url)
else :
redirect_url = reverse('workbooks')
return redirect(redirect_url)
def workbook(request, workbook_id=0):
template = 'workbooks/workbook.html'
command = request.path.rsplit('/',1)[1]
if request.method == "POST":
if command == "create":
workbook_model = Workbook.createDefault(name="Untitled Workbook", description="", user=request.user)
elif command == "edit":
workbook_name = request.POST.get('name')
workbook_desc = request.POST.get('description')
whitelist = re.compile(WHITELIST_RE, re.UNICODE)
match_name = whitelist.search(unicode(workbook_name))
match_desc = whitelist.search(unicode(workbook_desc))
if match_name or match_desc:
# XSS risk, log and fail this cohort save
matches = ""
fields = ""
if match_name:
match_name = whitelist.findall(unicode(workbook_name))
logger.error('[ERROR] While saving a workbook, saw a malformed name: ' + workbook_name + ', characters: ' + match_name.__str__())
matches = "name contains"
fields = "name"
if match_desc:
match_desc = whitelist.findall(unicode(workbook_desc))
logger.error('[ERROR] While saving a workbook, saw a malformed description: ' + workbook_desc + ', characters: ' + match_desc.__str__())
matches = "name and description contain" if match_name else "description contains"
fields += (" and description" if match_name else "description")
err_msg = "Your workbook's %s invalid characters; please choose another %s." % (matches, fields,)
messages.error(request, err_msg)
redirect_url = reverse('workbook_detail', kwargs={'workbook_id':workbook_id})
return redirect(redirect_url)
workbook_model = Workbook.edit(id=workbook_id, name=workbook_name, description=workbook_desc)
elif command == "copy":
workbook_model = Workbook.copy(id=workbook_id, user=request.user)
elif command == "delete":
Workbook.destroy(id=workbook_id)
if command == "delete":
redirect_url = reverse('workbooks')
else:
redirect_url = reverse('workbook_detail', kwargs={'workbook_id':workbook_model.id})
return redirect(redirect_url)
elif request.method == "GET" :
if workbook_id:
try :
ownedWorkbooks = request.user.workbook_set.all().filter(active=True)
sharedWorkbooks = Workbook.objects.filter(shared__matched_user=request.user, shared__active=True, active=True)
publicWorkbooks = Workbook.objects.all().filter(is_public=True,active=True)
workbooks = ownedWorkbooks | sharedWorkbooks | publicWorkbooks
workbooks = workbooks.distinct()
workbook_model = workbooks.get(id=workbook_id)
workbook_model.worksheets = workbook_model.get_deep_worksheets()
is_shareable = workbook_model.is_shareable(request)
shared = None
if workbook_model.owner.id != request.user.id and not workbook_model.is_public:
shared = request.user.shared_resource_set.get(workbook__id=workbook_id)
plot_types = Analysis.get_types()
return render(request, template, {'workbook' : workbook_model,
'datatypes' : get_gene_datatypes(),
'is_shareable': is_shareable,
'shared' : shared,
'plot_types' : plot_types})
except ObjectDoesNotExist:
redirect_url = reverse('workbooks')
return redirect(redirect_url)
else :
redirect_url = reverse('workbooks')
return redirect(redirect_url)
def workbook(request, workbook_id=0):
template = 'workbooks/workbook.html'
command = request.path.rsplit('/', 1)[1]
workbook_model = None
try:
if request.method == "POST":
if command == "create":
workbook_model = Workbook.createDefault(
name="Untitled Workbook",
description="",
user=request.user)
elif command == "edit":
# Truncate incoming name and desc fields in case someone tried to send ones which were too long
workbook_name = request.POST.get('name')[0:2000]
workbook_desc = request.POST.get('description')[0:2000]
workbook_build = request.POST.get('build')
blacklist = re.compile(BLACKLIST_RE, re.UNICODE)
match_name = blacklist.search(unicode(workbook_name))
match_desc = blacklist.search(unicode(workbook_desc))
if match_name or match_desc:
# XSS risk, log and fail this cohort save
matches = ""
fields = ""
if match_name:
match_name = blacklist.findall(unicode(workbook_name))
logger.error(
'[ERROR] While saving a workbook, saw a malformed name: '
+ workbook_name + ', characters: ' +
str(match_name))
matches = "name contains"
fields = "name"
if match_desc:
match_desc = blacklist.findall(unicode(workbook_desc))
logger.error(
'[ERROR] While saving a workbook, saw a malformed description: '
+ workbook_desc + ', characters: ' +
str(match_desc))
matches = "name and description contain" if match_name else "description contains"
fields += (" and description"
if match_name else "description")
err_msg = "Your workbook's %s invalid characters; please choose another %s." % (
matches,
fields,
)
messages.error(request, err_msg)
redirect_url = reverse('workbook_detail',
kwargs={'workbook_id': workbook_id})
return redirect(redirect_url)
workbook_model = Workbook.edit(id=workbook_id,
name=workbook_name,
description=workbook_desc,
build=workbook_build)
elif command == "copy":
workbook_model = Workbook.copy(id=workbook_id,
user=request.user)
elif command == "delete":
Workbook.destroy(id=workbook_id)
if command == "delete":
redirect_url = reverse('workbooks')
else:
redirect_url = reverse(
'workbook_detail',
kwargs={'workbook_id': workbook_model.id})
return redirect(redirect_url)
elif request.method == "GET":
if workbook_id:
try:
ownedWorkbooks = request.user.workbook_set.filter(
active=True)
sharedWorkbooks = Workbook.objects.filter(
shared__matched_user=request.user,
shared__active=True,
active=True)
publicWorkbooks = Workbook.objects.filter(is_public=True,
active=True)
workbooks = ownedWorkbooks | sharedWorkbooks | publicWorkbooks
workbooks = workbooks.distinct()
workbook_model = workbooks.get(id=workbook_id)
workbook_model.worksheets = workbook_model.get_deep_worksheets(
)
is_shareable = workbook_model.is_shareable(request)
shared = None
if workbook_model.owner.id != request.user.id and not workbook_model.is_public:
shared = request.user.shared_resource_set.get(
workbook__id=workbook_id)
plot_types = Analysis.get_types()
return render(
request, template, {
'workbook': workbook_model,
'datatypes': get_gene_datatypes(
workbook_model.build),
'is_shareable': is_shareable,
'shared': shared,
'plot_types': plot_types
})
except ObjectDoesNotExist:
redirect_url = reverse('workbooks')
return redirect(redirect_url)
else:
redirect_url = reverse('workbooks')
return redirect(redirect_url)
except Exception as e:
logger.error("[ERROR] Exception when viewing a workbook: ")
logger.exception(e)
messages.error(
request,
"An error was encountered while trying to view this workbook.")
finally:
redirect_url = reverse('workbooks')
return redirect(redirect_url)
