def _space_detail(self, space_id):
try:
schema = SpotSchema().get()
space_model = Space.objects.get(id=space_id)
if space_model.is_deleted:
raise Space.DoesNotExist
if space_model.spot_id:
spot = Spot().get(space_model.spot_id)
else:
spot = self._spacemap.pending_spot(space_model, schema)
Permitted().can_edit(self._request.user, space_model, spot)
return self.json_response(
json.dumps(self._spacemap.space_rep(space_model, spot,
schema)))
except PermittedException:
return self.error_response(401, "Unauthorized")
except Space.DoesNotExist:
self.error404_response()
except (SpaceMapException, SpotException, SpotSchemaException) as e:
return self.error_response(e.args[0]['status_code'],
e.args[0]['status_text'])
def POST(self, request, space_id):
try:
space = Space.objects.get(id=space_id)
Permitted().can_edit(request.user, space, {})
links = SpotImageLink.objects.filter(space=space_id)
imgs = SpaceImage.objects.filter(space=space_id)
except PermittedException:
return self.error_response(401, "Unauthorized")
except Space.DoesNotExist:
self.error404_response() # no return
img = SpaceImage(description="",
space=space,
display_index=len(links) + len(imgs),
upload_user=request.user,
upload_application="admin")
if "image" in request.FILES:
img.image = request.FILES["image"]
if "description" in request.POST:
img.description = request.POST["description"]
img.save()
return self.json_response(json.dumps({'id': img.id}))
def page_context(request, context):
context['remote_user'] = request.user
context['IS_MOBILE'] = request.MOBILE
context['STATIC_URL'] = settings.STATIC_URL
context['APP_URL_ROOT'] = settings.APP_URL_ROOT
auth = Permitted()
try:
auth.is_admin(request.user)
context['IS_ADMIN'] = True
except PermittedException:
context['IS_ADMIN'] = False
try:
auth.can_create(request.user)
context['CAN_CREATE'] = True
except PermittedException:
context['CAN_CREATE'] = False
return context
def PUT(self, request, space_id, image_id):
try:
if image_id[0] == '-':
img = SpotImageLink.objects.get(id=image_id[1:])
links = SpotImageLink.objects.filter(space=space_id).exclude(
id=img.id)
imgs = SpaceImage.objects.filter(space=space_id)
else:
img = SpaceImage.objects.get(pk=image_id)
imgs = SpaceImage.objects.filter(space=space_id).exclude(
id=img.id)
links = SpotImageLink.objects.filter(space=space_id)
space = img.space
if int(space.pk) != int(space_id):
raise SpaceImage.DoesNotExist()
space = Space.objects.get(id=space_id)
Permitted().can_edit(request.user, space, {})
except PermittedException:
return self.error_response(401, "Unauthorized")
except (Space.DoesNotExist, SpaceImage.DoesNotExist):
self.error404_response() # no return
body = json.loads(request.body)
if "display_index" in body:
img.display_index = body["display_index"]
for n in range(len(links) + len(imgs)):
for l in links:
if l.display_index >= img.display_index:
l.display_index += 1
l.save()
for i in imgs:
if i.display_index >= img.display_index:
i.display_index += 1
i.save()
if "description" in body and 'description' in img:
img.description = body["description"]
img.save()
return self.json_response(json.dumps({'id': img.id}))
def _update_reviews(request):
Permitted().is_admin(request.user)
consumer, client = oauth_initialization()
for key in request.POST:
m = re.search('review_([\d]+)', key)
if m:
review_id = m.group(1)
publish = False
delete = False
review = request.POST["review_%s" % review_id]
if ("publish_%s" % review_id) in request.POST:
publish = True if request.POST["publish_%s" %
review_id] else False
if ("delete_%s" % review_id) in request.POST:
delete = True if request.POST["delete_%s" %
review_id] else False
url = "{0}/api/v1/reviews/unpublished".format(
settings.SS_WEB_SERVER_HOST)
headers = {
"X-OAuth-User": "******" % request.user.username,
'Content-Type': 'application/json',
'Accept': 'application/json'
}
body = json.dumps({
"review_id": review_id,
"review": review,
"publish": publish,
"delete": delete,
})
resp, content = client.request(url,
'POST',
body=body,
headers=headers)
if resp.status != 200:
raise Exception("Error loading reviews: %s" % content)
return HttpResponseRedirect(
reverse('spacescout_admin.views.reviews.unpublished'))
def DELETE(self, args, **kwargs):
try:
space_id = kwargs['space_id']
schema = SpotSchema().get()
space = Space.objects.get(id=space_id)
if space.is_deleted:
raise Space.DoesNotExist
if space.spot_id:
spot = Spot().get(space.spot_id)
else:
spot = self._spacemap.pending_spot(space, schema)
Permitted().can_edit(self._request.user, space, spot)
space.is_deleted = True
space.save()
return self.json_response(json.dumps('{}'))
except Space.DoesNotExist:
self.error404_response()
def POST(self, args, **kwargs):
try:
Permitted().can_create(self._request.user)
schema = SpotSchema().get()
space = Space(manager=self._request.user,
modified_by=self._request.user)
spot = self._spacemap.pending_spot(space, schema)
data = json.loads(self._request.read())
fields, missing_fields = self._validate(spot, data)
pending = {}
for field in fields:
if field == 'editors':
for username in fields[field].split(','):
editor = username.strip()
if len(editor):
space_editor = SpaceEditor(editor=username.strip(),
space=space)
space_editor.save()
else:
pending[field] = fields[field]
if len(missing_fields) > 0:
space.is_complete = None
pending['_missing_fields'] = missing_fields
else:
space.is_complete = True
for field in space_creation_fields():
if 'value' in field and 'key' in field['value']:
key = field['value']['key']
if 'required' in field and (key not in data
or bool(data[key]) == False):
return self.error_response(400, "Bad Request")
space.pending = json.dumps(pending) if len(pending) > 0 else None
space.save()
return self.json_response('{"id": "%s"}' % space.id)
except PermittedException:
return self.error_response(401, "Unauthorized")
def _show_unpublished(request):
Permitted().is_admin(request.user)
consumer, client = oauth_initialization()
url = "{0}/api/v1/reviews/unpublished".format(settings.SS_WEB_SERVER_HOST)
headers = {
"X-OAuth-User": "******" % request.user.username,
'Content-Type': 'application/json',
'Accept': 'application/json'
}
resp, content = client.request(url, 'GET', headers=headers)
if resp.status != 200:
raise Exception("Error loading reviews: %s" % content)
reviews = json.loads(content)
return render_to_response('spacescout_admin/reviews/unpublished.html',
{"reviews": reviews},
context_instance=RequestContext(request))
def DELETE(self, request, space_id, image_id):
try:
if image_id[0] == '-':
link = SpotImageLink.objects.get(id=image_id[1:])
link.is_deleted = True
link.save()
else:
img = SpaceImage.objects.get(pk=image_id)
space = img.space
Permitted().can_edit(request.user, space, {})
if int(space.pk) != int(space_id):
raise SpaceImage.DoesNotExist()
space = Space.objects.get(id=space_id)
img.delete()
except PermittedException:
return self.error_response(401, "Unauthorized")
self.error404_response() # no return
except (Space.DoesNotExist, SpaceImage.DoesNotExist,
SpotImageLink.DoesNotExist):
self.error404_response() # no return
return HttpResponse(status=200)
def page_context(request, context):
context['remote_user'] = request.user
context['IS_MOBILE'] = request.MOBILE
context['STATIC_URL'] = settings.STATIC_URL
context['APP_URL_ROOT'] = settings.APP_URL_ROOT
auth = Permitted()
try:
auth.is_admin(request.user)
context['IS_ADMIN'] = True
except PermittedException:
context['IS_ADMIN'] = False
try:
auth.can_create(request.user)
context['CAN_CREATE'] = True
except PermittedException:
context['CAN_CREATE'] = False
return context
def _space_list(self):
filter = {}
published = True
complete = True
json_rep = []
seen = {}
permitted = Permitted()
try:
is_admin = permitted.is_admin(self._request.user)
except PermittedException:
is_admin = False
try:
schema = SpotSchema().get()
except SpotSchemaException as e:
return self.error_response(e.args[0]['status_code'],
e.args[0]['status_text'])
if 'published' in self._request.GET:
p = self._request.GET.get('published')
published = True if (p == '1' or p.lower() == 'true') else False
filter['spot_id__isnull'] = True if (not published) else False
if 'complete' in self._request.GET:
i = self._request.GET.get('complete')
complete = (i == '1' or i.lower() == 'true')
filter['spot_id__isnull'] = True
if not complete:
filter['is_complete__isnull'] = True
else:
filter['is_complete'] = True
if published:
search_args = {
#'manager': '',
#'editors': '',
'limit': '0'
}
try:
spots = self._get_spots(search_args)
except Exception, errstr:
return self.error_response(500, ("%s" % (errstr)))
for spot in spots:
try:
spot_id = spot.get('id')
try:
space = Space.objects.get(spot_id=spot_id)
if space.is_deleted:
continue
except Space.DoesNotExist:
space = Space(spot_id=spot_id,
manager=spot.get('manager'),
is_complete=True)
space.save()
if not is_admin:
permitted.can_edit(self._request.user, space, spot)
if str(spot_id) not in seen:
seen[str(spot_id)] = 1
json_rep.append(self._spacemap.space_rep(space, spot, schema))
except PermittedException:
pass
except SpaceMapException as e:
return self.error_response(e.args[0]['status_code'],
e.args[0]['status_text'])
def PUT(self, args, **kwargs):
try:
schema = SpotSchema().get()
space_id = kwargs['space_id']
space = Space.objects.get(id=space_id)
if space.is_deleted:
self.error404_response()
if space.spot_id:
spot = Spot().get(space.spot_id)
else:
spot = self._spacemap.pending_spot(space, schema)
Permitted().can_edit(self._request.user, space, spot)
data = json.loads(self._request.read())
for field in data:
if field and field.startswith("extended_info.has_"):
data[field] = data[field].lower()
fields, missing_fields = self._validate(spot, data)
pending = json.loads(space.pending) if space.pending else {}
for field in fields:
if field == 'editors':
try:
for editor in SpaceEditor.objects.filter(space=space):
editor.delete()
except SpaceEditor.DoesNotExist:
pass
for username in fields[field].split(','):
editor = username.strip()
if len(editor):
space_editor = SpaceEditor(editor=username.strip(),
space=space)
space_editor.save()
else:
pending[field] = fields[field]
pending[field] = fields[field]
if len(missing_fields) > 0:
space.is_complete = None
space.is_pending_publication = None
pending['_missing_fields'] = missing_fields
else:
space.is_complete = True
# SPOT-1303
if 'manager' in data:
space.manager = data['manager']
if 'is_published' in data:
if data.get('is_published') == True:
space_images = SpaceImage.objects.filter(space=space.id)
image_links = SpotImageLink.objects.filter(
space=space.id, is_deleted__isnull=False)
if space.is_complete and (
space.pending and len(space.pending) != 0
or len(space_images) or len(image_links)):
# create/update modified spot
spot = self._spacemap.apply_pending(spot, space)
if space.spot_id:
Spot().put(spot, self._request.user)
else:
spot = Spot().post(spot, self._request.user)
space.spot_id = spot.get('id')
# fix up images, adding new, updating spot images
for img in image_links:
if img.is_deleted:
Image(space.spot_id).delete(img.image_id)
img.delete()
else:
Image(space.spot_id).put(
img.image_id,
{'display_index': img.display_index},
self._request.user)
for img in space_images:
spotimage = Image(space.spot_id).post(
img.image.path, img.description,
self._request.user)
link = SpotImageLink(
space=space,
spot_id=space.spot_id,
image_id=spotimage.get('id'),
display_index=img.display_index)
link.save()
img.delete()
pending = {}
space.is_complete = None
space.is_pending_publication = None
else: # unpublish
# pull spot data into space.pending
# remove spot from spot server
# spot().delete(spot.id)
# images?
pass
elif 'is_pending_publication' in data:
if data.get('is_pending_publication') == True:
if space.is_pending_publication != True:
space.is_pending_publication = True
if hasattr(settings, 'SS_PUBLISHER_EMAIL'):
send_mail('Space Publishing Request',
'A request has been made to publish space\n\t http%s://%s%sspace/%s/' \
% ('s' if self._request.is_secure() else '',
self._request.get_host(),
settings.APP_URL_ROOT,
space.id),
settings.SS_PUBLISHER_FROM,
settings.SS_PUBLISHER_EMAIL,
fail_silently=False)
else:
space.is_pending_publication = False
space.modified_by = self._request.user.username
space.pending = json.dumps(pending) if len(pending) > 0 else None
space.save()
return self.json_response('{"id": "%s"}' % space.id)
except PermittedException:
return self.error_response(401, "Unauthorized")
except Space.DoesNotExist:
if e.args[0]['status_code'] == 404:
self.error404_response()
# no return
except (SpaceMapException, SpotException, SpotSchemaException) as e:
return self.error_response(e.args[0]['status_code'],
e.args[0]['status_text'])
except Exception as ex:
return self.error_response(400, "Unknown error: %s" % ex)
def _space_list(self):
filter = {}
published = True
complete = True
json_rep = []
seen = {}
permitted = Permitted()
try:
is_admin = permitted.is_admin(self._request.user)
except PermittedException:
is_admin = False
try:
schema = SpotSchema().get()
except SpotSchemaException as e:
return self.error_response(e.args[0]['status_code'],
e.args[0]['status_text'])
if 'published' in self._request.GET:
p = self._request.GET.get('published')
published = True if (p == '1' or p.lower() == 'true') else False
filter['spot_id__isnull'] = True if (not published) else False
if 'complete' in self._request.GET:
i = self._request.GET.get('complete')
complete = (i == '1' or i.lower() == 'true')
filter['spot_id__isnull'] = True
if not complete:
filter['is_complete__isnull'] = True
else:
filter['is_complete'] = True
if published:
search_args = {
#'manager': '',
#'editors': '',
'limit': '0'
}
try:
spots = self._get_spots(search_args)
except Exception, errstr:
return self.error_response(500, ("%s" % (errstr)))
for spot in spots:
try:
spot_id = spot.get('id')
try:
space = Space.objects.get(spot_id=spot_id)
if space.is_deleted:
continue
except Space.DoesNotExist:
space = Space(spot_id=spot_id,
manager=spot.get('manager'),
is_complete=True)
space.save()
if not is_admin:
permitted.can_edit(self._request.user, space, spot)
if str(spot_id) not in seen:
seen[str(spot_id)] = 1
json_rep.append(
self._spacemap.space_rep(space, spot, schema))
except PermittedException:
pass
except SpaceMapException as e:
return self.error_response(e.args[0]['status_code'],
e.args[0]['status_text'])
