def read_detail(self, object_list, bundle): # noqa # too complex if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return True if isinstance(bundle.obj, Experiment): return has_experiment_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, ExperimentParameterSet): return has_experiment_access( bundle.request, bundle.obj.experiment.id) elif isinstance(bundle.obj, ExperimentParameter): return has_experiment_access( bundle.request, bundle.obj.parameterset.experiment.id) elif isinstance(bundle.obj, Dataset): return has_dataset_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, DatasetParameterSet): return has_dataset_access(bundle.request, bundle.obj.dataset.id) elif isinstance(bundle.obj, DatasetParameter): return has_dataset_access( bundle.request, bundle.obj.parameterset.dataset.id) elif isinstance(bundle.obj, DataFile): return has_datafile_access(bundle.request, bundle.obj.id) elif isinstance(bundle.obj, DatafileParameterSet): return has_datafile_access( bundle.request, bundle.obj.datafile.id) elif isinstance(bundle.obj, DatafileParameter): return has_datafile_access( bundle.request, bundle.obj.parameterset.datafile.id) elif isinstance(bundle.obj, User): # allow all authenticated users to read public user info # the dehydrate function also adds/removes some information authenticated = bundle.request.user.is_authenticated() public_user = bundle.obj.experiment_set.filter( public_access__gt=1).count() > 0 return public_user or authenticated elif isinstance(bundle.obj, Schema): return True elif isinstance(bundle.obj, ParameterName): return True elif isinstance(bundle.obj, StorageBox): return bundle.request.user.is_authenticated() elif isinstance(bundle.obj, StorageBoxOption): return bundle.request.user.is_authenticated() and \ bundle.obj.key in StorageBoxOptionResource.accessible_keys elif isinstance(bundle.obj, StorageBoxAttribute): return bundle.request.user.is_authenticated() elif isinstance(bundle.obj, Group): return bundle.obj in bundle.request.user.groups.all() elif isinstance(bundle.obj, Facility): return bundle.obj in facilities_managed_by(bundle.request.user) elif isinstance(bundle.obj, Instrument): facilities = facilities_managed_by(bundle.request.user) return bundle.obj.facility in facilities raise NotImplementedError(type(bundle.obj))
def load_dataset_image(request, parameter_id): parameter = DatasetParameter.objects.get(pk=parameter_id) dataset = parameter.parameterset.dataset if authz.has_dataset_access(request, dataset.id): return load_image(request, parameter) else: return return_response_error(request)
def display_dataset_image( request, dataset_id, parameterset_id, parameter_name): # TODO handle not exist if not authz.has_dataset_access(request, dataset_id): return return_response_error(request) image = DatasetParameter.objects.get(name__name=parameter_name, parameterset=parameterset_id) return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def display_dataset_image(request, dataset_id, parameterset_id, parameter_name): # TODO handle not exist if not authz.has_dataset_access(request, dataset_id): return return_response_error(request) image = DatasetParameter.objects.get(name__name=parameter_name, parameterset=parameterset_id) return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def read_detail(self, object_list, bundle): if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return True if type(bundle.obj) == Experiment: return has_experiment_access(bundle.request, bundle.obj.id) elif type(bundle.obj) == ExperimentParameterSet: return has_experiment_access( bundle.request, bundle.obj.experiment.id) elif type(bundle.obj) == ExperimentParameter: return has_experiment_access( bundle.request, bundle.obj.parameterset.experiment.id) elif type(bundle.obj) == Dataset: return has_dataset_access(bundle.request, bundle.obj.id) elif type(bundle.obj) == DatasetParameterSet: return has_dataset_access(bundle.request, bundle.obj.dataset.id) elif type(bundle.obj) == DatasetParameter: return has_dataset_access( bundle.request, bundle.obj.parameterset.dataset.id) elif type(bundle.obj) == Dataset_File: return has_datafile_access(bundle.request, bundle.obj.id) elif type(bundle.obj) == DatafileParameterSet: return has_datafile_access( bundle.request, bundle.obj.dataset_file.id) elif type(bundle.obj) == DatafileParameter: return has_datafile_access( bundle.request, bundle.obj.parameterset.dataset_file.id) elif type(bundle.obj) == User: # allow all authenticated users to read user list return bundle.request.user.is_authenticated() elif type(bundle.obj) == Schema: return bundle.request.user.is_authenticated() elif type(bundle.obj) == ParameterName: return bundle.request.user.is_authenticated() elif type(bundle.obj) == Location: return bundle.request.user.is_authenticated() raise NotImplementedError(type(bundle.obj))
def read_list(self, object_list, bundle): # noqa # too complex obj_ids = [obj.id for obj in object_list] if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return object_list if isinstance(bundle.obj, Experiment): experiments = Experiment.safe.all(bundle.request.user) return experiments.filter(id__in=obj_ids) elif isinstance(bundle.obj, ExperimentParameterSet): experiments = Experiment.safe.all(bundle.request.user) return ExperimentParameterSet.objects.filter( experiment__in=experiments, id__in=obj_ids) elif isinstance(bundle.obj, ExperimentParameter): experiments = Experiment.safe.all(bundle.request.user) return ExperimentParameter.objects.filter( parameterset__experiment__in=experiments, id__in=obj_ids ) elif isinstance(bundle.obj, Dataset): dataset_ids = [ds.id for ds in object_list if has_dataset_access(bundle.request, ds.id)] return Dataset.objects.filter(id__in=dataset_ids) elif isinstance(bundle.obj, DatasetParameterSet): return [dps for dps in object_list if has_dataset_access(bundle.request, dps.dataset.id)] elif isinstance(bundle.obj, DatasetParameter): return [dp for dp in object_list if has_dataset_access(bundle.request, dp.parameterset.dataset.id)] elif isinstance(bundle.obj, DataFile): all_files = get_accessible_datafiles_for_user(bundle.request) return all_files.filter(id__in=obj_ids) elif isinstance(bundle.obj, DatafileParameterSet): datafiles = get_accessible_datafiles_for_user(bundle.request) return DatafileParameterSet.objects.filter( datafile__in=datafiles, id__in=obj_ids ) elif isinstance(bundle.obj, DatafileParameter): datafiles = get_accessible_datafiles_for_user(bundle.request) return DatafileParameter.objects.filter( parameterset__datafile__in=datafiles, id__in=obj_ids) elif isinstance(bundle.obj, Schema): return object_list elif isinstance(bundle.obj, ParameterName): return object_list elif isinstance(bundle.obj, ObjectACL): experiment_ids = Experiment.safe.all( bundle.request.user).values_list('id', flat=True) return ObjectACL.objects.filter( content_type__model='experiment', object_id__in=experiment_ids, id__in=obj_ids ) elif bundle.request.user.is_authenticated() and \ isinstance(bundle.obj, User): if len(facilities_managed_by(bundle.request.user)) > 0: return object_list else: return [user for user in object_list if (user == bundle.request.user or user.experiment_set.filter(public_access__gt=1) .count() > 0)] elif isinstance(bundle.obj, Group): if facilities_managed_by(bundle.request.user).count() > 0: return object_list else: return bundle.request.user.groups.filter(id__in=obj_ids) elif isinstance(bundle.obj, Facility): facilities = facilities_managed_by(bundle.request.user) return [facility for facility in object_list if facility in facilities] elif isinstance(bundle.obj, Instrument): facilities = facilities_managed_by(bundle.request.user) instruments = Instrument.objects.filter(facility__in=facilities) return [instrument for instrument in object_list if instrument in instruments] elif isinstance(bundle.obj, StorageBox): return object_list elif isinstance(bundle.obj, StorageBoxOption): return [option for option in object_list if option.key in StorageBoxOptionResource.accessible_keys] elif isinstance(bundle.obj, StorageBoxAttribute): return object_list else: return []
def read_list(self, object_list, bundle): # noqa # too complex obj_ids = [obj.id for obj in object_list] if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return object_list if isinstance(bundle.obj, Experiment): experiments = Experiment.safe.all(bundle.request.user) return experiments.filter(id__in=obj_ids) elif isinstance(bundle.obj, ExperimentParameterSet): experiments = Experiment.safe.all(bundle.request.user) return ExperimentParameterSet.objects.filter( experiment__in=experiments, id__in=obj_ids) elif isinstance(bundle.obj, ExperimentParameter): experiments = Experiment.safe.all(bundle.request.user) return ExperimentParameter.objects.filter( parameterset__experiment__in=experiments, id__in=obj_ids) elif isinstance(bundle.obj, Dataset): dataset_ids = [ ds.id for ds in object_list if has_dataset_access(bundle.request, ds.id) ] return Dataset.objects.filter(id__in=dataset_ids) elif isinstance(bundle.obj, DatasetParameterSet): return [ dps for dps in object_list if has_dataset_access(bundle.request, dps.dataset.id) ] elif isinstance(bundle.obj, DatasetParameter): return [ dp for dp in object_list if has_dataset_access( bundle.request, dp.parameterset.dataset.id) ] elif isinstance(bundle.obj, DataFile): all_files = get_accessible_datafiles_for_user(bundle.request) return all_files.filter(id__in=obj_ids) elif isinstance(bundle.obj, DatafileParameterSet): datafiles = get_accessible_datafiles_for_user(bundle.request) return DatafileParameterSet.objects.filter(datafile__in=datafiles, id__in=obj_ids) elif isinstance(bundle.obj, DatafileParameter): datafiles = get_accessible_datafiles_for_user(bundle.request) return DatafileParameter.objects.filter( parameterset__datafile__in=datafiles, id__in=obj_ids) elif isinstance(bundle.obj, Schema): return object_list elif isinstance(bundle.obj, ParameterName): return object_list elif isinstance(bundle.obj, ObjectACL): experiment_ids = Experiment.safe.all( bundle.request.user).values_list('id', flat=True) return ObjectACL.objects.filter(content_type__model='experiment', object_id__in=experiment_ids, id__in=obj_ids) elif bundle.request.user.is_authenticated() and \ isinstance(bundle.obj, User): if len(facilities_managed_by(bundle.request.user)) > 0: return object_list else: return [ user for user in object_list if (user == bundle.request.user or user.experiment_set. filter(public_access__gt=1).count() > 0) ] elif isinstance(bundle.obj, Group): if facilities_managed_by(bundle.request.user).count() > 0: return object_list else: return bundle.request.user.groups.filter(id__in=obj_ids) elif isinstance(bundle.obj, Facility): facilities = facilities_managed_by(bundle.request.user) return [ facility for facility in object_list if facility in facilities ] elif isinstance(bundle.obj, Instrument): facilities = facilities_managed_by(bundle.request.user) instruments = Instrument.objects.filter(facility__in=facilities) return [ instrument for instrument in object_list if instrument in instruments ] elif isinstance(bundle.obj, StorageBox): return object_list elif isinstance(bundle.obj, StorageBoxOption): return [ option for option in object_list if option.key in StorageBoxOptionResource.accessible_keys ] elif isinstance(bundle.obj, StorageBoxAttribute): return object_list else: return []
def read_list(self, object_list, bundle): if bundle.request.user.is_authenticated() and \ bundle.request.user.is_superuser: return object_list if type(bundle.obj) == Experiment: return type(bundle.obj).safe.all(bundle.request.user) elif type(bundle.obj) == ExperimentParameterSet: experiments = Experiment.safe.all(bundle.request.user) eps_list = [] for eps in object_list: exp = eps.experiment if exp in experiments: eps_list.append(eps) return eps_list elif type(bundle.obj) == ExperimentParameter: experiments = Experiment.safe.all(bundle.request.user) ep_list = [] for ep in object_list: exp = ep.experiment if exp in experiments: ep_list.append(ep) return eps_list elif type(bundle.obj) == Dataset: datasets = [] for ds in object_list: if has_dataset_access(bundle.request, ds.id): datasets.append(ds) return datasets elif type(bundle.obj) == DatasetParameterSet: dps_list = [] for dps in object_list: if has_dataset_access(bundle.request, dps.dataset.id): dps_list.append(dps) return dps_list elif type(bundle.obj) == DatasetParameter: dp_list = [] for dp in object_list: if has_dataset_access(bundle.request, dp.parameterset.dataset.id): dp_list.append(dp) return dp_list elif type(bundle.obj) == Dataset_File: all_dfs = set( get_accessible_datafiles_for_user(bundle.request)) return list(all_dfs.intersection(object_list)) elif type(bundle.obj) == DatafileParameterSet: datafiles = get_accessible_datafiles_for_user(bundle.request) dfps_list = [] for dfps in object_list: if dfps.dataset_file in datafiles: dfps_list.append(dfps) return dfps_list elif type(bundle.obj) == DatafileParameter: datafiles = get_accessible_datafiles_for_user(bundle.request) dfp_list = [] for dfp in object_list: if dfp.parameterset.dataset_file in datafiles: dfp_list.append(dfp) return dfp_list else: return []
def load_dataset_image(request, parameter_id): parameter = DatasetParameter.objects.get(pk=parameter_id) dataset = parameter.parameterset.dataset if authz.has_dataset_access(request, dataset.id): return load_image(request, parameter) return return_response_error(request)