def experiment_stats(request, epn): """Get stats about an experiment associated with the given EPN. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param epn: the EPN (proposal number) of the experiment to be edited :type epn: string :rtype: :class:`django.http.HttpResponse` """ if not (request.META['REMOTE_ADDR'] == '114.30.64.13' or request.META['REMOTE_USER'] == 'admin'): return return_response_error(request) try: epn_param = models.ExperimentParameter.objects.get(name__name__exact='EPN', string_value=epn) experiment_id = epn_param.parameterset.experiment.pk #experiment = models.Experiment.safe.get(request, experiment_id) except PermissionDenied: return return_response_error(request) except models.ExperimentParameter.DoesNotExist: return return_response_not_found(request) # calculate the sum of the datafile sizes datafile_sizes = models.Dataset_File.objects.filter(dataset__experiment=experiment_id).values_list('size', flat=True) json_dict = {} json_dict['total_file_count'] = len(datafile_sizes) json_dict['total_file_size'] = sum(map(long, datafile_sizes)) response = HttpResponse(json.dumps(json_dict), mimetype='application/json') response['Pragma'] = 'no-cache' response['Cache-Control'] = 'no-cache, must-revalidate' return response
def view_rifcs(request, experiment_id): """View the rif-cs of an existing experiment. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param experiment_id: the ID of the experiment to be viewed :type experiment_id: string :rtype: :class:`django.http.HttpResponse` """ try: experiment = Experiment.safe.get(request.user, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) try: rifcs_provs = settings.RIFCS_PROVIDERS except AttributeError: rifcs_provs = () from tardis.tardis_portal.publish.publishservice import PublishService pservice = PublishService(rifcs_provs, experiment) context = pservice.get_context() if context is None: # return error page or something return return_response_error(request) template = pservice.get_template() return HttpResponse(render_response_index(request, template, context), content_type="text/xml")
def get(self, request, *args, **kwargs): """ View an existing experiment. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param experiment_id: the ID of the experiment :rtype: :class:`django.http.HttpResponse` """ experiment_id = kwargs.get('experiment_id', None) if experiment_id is None: return return_response_error(request) try: experiment = Experiment.safe.get(request.user, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) if not experiment: return return_response_not_found(request) view_override = self.find_custom_view_override(request, experiment) if view_override is not None: return view_override c = self.get_context_data(request, experiment) template_name = kwargs.get('template_name', None) if template_name is None: template_name = self.template_name return HttpResponse(render_response_index(request, template_name, c))
def table(request, experiment_id): # http://datatables.net/usage/server-side if len(request.GET) == 0: return return_response_error(request) sort_col_index = '' sort_col_name = '' sort_desc = '' try: if int(request.GET['iSortingCols']) != 1: return return_response_error(request) sort_col_index = request.GET['iSortCol_0'] sort_col_name = request.GET['mDataProp_' + sort_col_index] sort_desc = request.GET['sSortDir_0'] == 'desc' except: return return_response_error(request) experiment = Experiment.objects.get(pk=experiment_id) parameter_names = ParameterName.objects.filter(datafileparameter__parameterset__dataset_file__dataset__experiment=experiment).distinct() datafiles = Dataset_File.objects.filter(dataset__experiment=experiment) if sort_col_name == 'filename': if sort_desc: datafiles = datafiles.order_by('-filename') else: datafiles = datafiles.order_by('filename') post_filter = False else: datafiles = datafiles.order_by('filename') post_filter = True filter = '' limit = '' offset = '' try: filter = request.GET['sSearch'] limit = int(request.GET['iDisplayLength']) offset = int(request.GET['iDisplayStart']) except: return return_response_error(request) filtered_datafiles = _filter(datafiles, filter) dfs = [(x.id, x.filename) for x in filtered_datafiles[offset:offset+limit]] df_ids = [x[0] for x in dfs] params_by_file = _params_by_file(df_ids, parameter_names) rows = _get_rows(dfs, parameter_names, params_by_file, sort_desc, post_filter, sort_col_name) resp = {} resp['sEcho'] = int(request.GET['sEcho']) resp['aaData'] = rows resp['iTotalRecords'] = datafiles.count() resp['iTotalDisplayRecords'] = filtered_datafiles.count() return HttpResponse(json.dumps(resp), mimetype='application/json')
def change_user_permissions(request, experiment_id, username): try: user = User.objects.get(username=username) except User.DoesNotExist: return return_response_error(request) try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return return_response_error(request) try: expt_acls = Experiment.safe.user_acls(experiment_id) acl = None for eacl in expt_acls: if eacl.pluginId == 'django_user' and \ eacl.get_related_object().id == user.id: acl = eacl #acl = expt_acls.filter(entityId=str(user.id)) if acl is None: raise ObjectACL.DoesNotExist owner_acls = [oacl for oacl in expt_acls if oacl.isOwner] except ObjectACL.DoesNotExist: return return_response_error(request) if request.method == 'POST': form = ChangeUserPermissionsForm(request.POST, instance=acl) if form.is_valid(): if 'isOwner' in form.changed_data and \ form.cleaned_data['isOwner'] is False and \ len(owner_acls) == 1: owner = owner_acls[0].get_related_object() plugin = owner_acls[0].pluginId if plugin == 'django_user' and owner.id == user.id: return render_error_message( request, 'Cannot remove ownership, every experiment must have at ' 'least one user owner.', status=409) form.save() url = reverse('tardis.tardis_portal.views.control_panel') return HttpResponseRedirect(url) else: form = ChangeUserPermissionsForm(instance=acl) c = { 'form': form, 'header': "Change User Permissions for '%s'" % user.username } return HttpResponse( render_response_index(request, 'tardis_portal/form_template.html', c))
def change_user_permissions(request, experiment_id, username): try: user = User.objects.get(username=username) except User.DoesNotExist: return return_response_error(request) try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return return_response_error(request) try: expt_acls = Experiment.safe.user_acls(experiment_id) acl = None for eacl in expt_acls: if eacl.pluginId == 'django_user' and \ eacl.get_related_object().id == user.id: acl = eacl #acl = expt_acls.filter(entityId=str(user.id)) if acl is None: raise ObjectACL.DoesNotExist owner_acls = [oacl for oacl in expt_acls if oacl.isOwner] except ObjectACL.DoesNotExist: return return_response_error(request) if request.method == 'POST': form = ChangeUserPermissionsForm(request.POST, instance=acl) if form.is_valid(): if 'isOwner' in form.changed_data and \ form.cleaned_data['isOwner'] is False and \ len(owner_acls) == 1: owner = owner_acls[0].get_related_object() plugin = owner_acls[0].pluginId if plugin == 'django_user' and owner.id == user.id: return render_error_message( request, 'Cannot remove ownership, every experiment must have at ' 'least one user owner.', status=409) form.save() url = reverse('tardis.tardis_portal.views.control_panel') return HttpResponseRedirect(url) else: form = ChangeUserPermissionsForm(instance=acl) c = {'form': form, 'header': "Change User Permissions for '%s'" % user.username} return HttpResponse(render_response_index( request, 'tardis_portal/form_template.html', c))
def change_group_permissions(request, experiment_id, group_id): try: group = Group.objects.get(pk=group_id) except Group.DoesNotExist: return return_response_error(request) try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return return_response_error(request) try: acl = ObjectACL.objects.get(content_type=experiment.get_ct(), object_id=experiment.id, pluginId='django_group', entityId=str(group.id), aclOwnershipType=ObjectACL.OWNER_OWNED) except ObjectACL.DoesNotExist: return return_response_error(request) if request.method == 'POST': form = ChangeGroupPermissionsForm(request.POST) if form.is_valid(): acl.canRead = form.cleaned_data['canRead'] acl.canWrite = form.cleaned_data['canWrite'] acl.canDelete = form.cleaned_data['canDelete'] acl.effectiveDate = form.cleaned_data['effectiveDate'] acl.expiryDate = form.cleaned_data['expiryDate'] acl.save() return HttpResponseRedirect('/experiment/control_panel/') else: form = ChangeGroupPermissionsForm( initial={ 'canRead': acl.canRead, 'canWrite': acl.canWrite, 'canDelete': acl.canDelete, 'effectiveDate': acl.effectiveDate, 'expiryDate': acl.expiryDate }) c = { 'form': form, 'header': "Change Group Permissions for '%s'" % group.name } return HttpResponse( render_response_index(request, 'tardis_portal/form_template.html', c))
def wrap(request, *args, **kwargs): if not request.user.groups.filter( name=getattr( settings, 'PUBLICATION_OWNER_GROUP', default_settings.PUBLICATION_OWNER_GROUP)).exists(): return return_response_error(request) return f(request, *args, **kwargs)
def get(self, request, *args, **kwargs): """ :param request: a HTTP request object :type request: :class:`django.http.HttpRequest` :return: The Django response object :rtype: :class:`django.http.HttpResponse` """ dataset_id = kwargs.get('dataset_id', None) if dataset_id is None: return return_response_error(request) dataset = Dataset.objects.get(id=dataset_id) if not dataset: return return_response_not_found(request) c = self.get_context_data(request, dataset, **kwargs) template_name = kwargs.get('template_name', None) if template_name is None: template_name = self.template_name return HttpResponse(render_response_index(request, template_name, c))
def new_sample(request, experiment_id): try: experiment = Experiment.safe.get(request, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) c = Context() c['experiment'] = experiment samples = Sample.objects.filter(experiment=experiment_id) c['sample_count'] = samples.count() + 1 if request.method == 'POST': form = SampleForm(request.POST) if form.is_valid(): sample = form.save(experiment_id, commit=False) sample.save_m2m() request.POST = {'status': "Sample Created."} return _redirect(experiment_id) c['status'] = "Errors exist in form." c["error"] = 'true' else: form = SampleForm(extra=1) c['form'] = form c['status'] = form.errors return HttpResponse(render_response_index(request, 'tardis_portal/experiment_sample.html', c))
def wrap(request, *args, **kwargs): dataset_id = kwargs['dataset_id'] if not has_dataset_write(request, dataset_id): if request.is_ajax(): return HttpResponse("") return return_response_error(request) return f(request, *args, **kwargs)
def get(self, request, *args, **kwargs): """ :param request: a HTTP request object :type request: :class:`django.http.HttpRequest` :return: The Django response object :rtype: :class:`django.http.HttpResponse` """ dataset_id = kwargs.get('dataset_id', None) if dataset_id is None: return return_response_error(request) dataset = Dataset.objects.get(id=dataset_id) if not dataset: return return_response_not_found(request) c = self.get_context_data(request, dataset, **kwargs) template_name = kwargs.get('template_name', None) if template_name is None: template_name = self.template_name return HttpResponse(render_response_index( request, template_name, c) )
def edit_datafile_par(request, parameterset_id): parameterset = DatafileParameterSet.objects.get(id=parameterset_id) if authz.has_write_permissions( request, parameterset.dataset_file.dataset.experiment.id): return edit_parameters_alt(request, parameterset, otype="datafile") else: return return_response_error(request)
def edit_datafile_par(request, parameterset_id): parameterset = DatafileParameterSet.objects.get(id=parameterset_id) if authz.has_write_permissions(request, parameterset.dataset_file.dataset.experiment.id): return edit_parameters_alt(request, parameterset, otype="datafile") else: return return_response_error(request)
def get(self, request, *args, **kwargs): """ The index view, intended to render the front page of the MyTardis site listing recent experiments. This default view can be overriden by defining a dictionary INDEX_VIEWS in settings which maps SITE_ID's or domain names to an alternative view function (similar to the DATASET_VIEWS or EXPERIMENT_VIEWS overrides). :param request: a HTTP request object :type request: :class:`django.http.HttpRequest` :return: The Django response object :rtype: :class:`django.http.HttpResponse` """ dataset_id = kwargs.get('dataset_id', None) if dataset_id is None: return return_response_error(request) dataset = Dataset.objects.get(id=dataset_id) if not dataset: return return_response_not_found(request) view_override = self.find_custom_view_override(request, dataset) if view_override is not None: return view_override c = self.get_context_data(request, dataset, **kwargs) template_name = kwargs.get('template_name', None) if template_name is None: template_name = self.template_name return HttpResponse(render_response_index(request, template_name, c))
def load_experiment_image(request, parameter_id): parameter = ExperimentParameter.objects.get(pk=parameter_id) experiment_id = parameter.parameterset.experiment.id if authz.has_experiment_access(request, experiment_id): return load_image(request, parameter) else: return return_response_error(request)
def load_dataset_image(request, parameter_id): parameter = DatasetParameter.objects.get(pk=parameter_id) dataset = parameter.parameterset.dataset if authz.has_dataset_access(request, dataset.id): return load_image(request, parameter) else: return return_response_error(request)
def add_experiment_par(request, experiment_id): parentObject = Experiment.objects.get(id=experiment_id) if authz.has_write_permissions(request, parentObject.id): return add_par_alt(request, parentObject, otype="experiment", stype=Schema.EXPERIMENT) else: return return_response_error(request)
def add_dataset_par(request, dataset_id): parentObject = Dataset.objects.get(id=dataset_id) if authz.has_write_permissions(request, parentObject.experiment.id): return add_par_alt(request, parentObject, otype="dataset", stype=Schema.DATASET) else: return return_response_error(request)
def _list_related_info(request, experiment_id): if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) sets = ExperimentParameterSet.objects.filter(schema__namespace=SCHEMA_URI) return HttpResponse(json.dumps([_get_dict_from_ps(ps) for ps in sets]), content_type='application/json; charset=utf-8')
def edit_sample(request, experiment_id, sample_id): try: experiment = Experiment.safe.get(request, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) c = Context() c['experiment'] = experiment sample = Sample.objects.get(id=sample_id) c['sample_count'] = sample.name if request.POST: form = SampleForm(request.POST, instance=sample, extra=0) if form.is_valid(): full_sample = form.save(experiment_id, commit=False) full_sample.save_m2m() request.POST = {'status': "Sample Created."} return _redirect(experiment_id) c['status'] = "Errors exist in form." c["error"] = 'true' else: form = SampleForm(instance=sample, extra=0) c['form'] = form c['status'] = form.errors return HttpResponse(render_response_index(request, 'tardis_portal/experiment_sample.html', c))
def change_group_permissions(request, experiment_id, group_id): try: group = Group.objects.get(pk=group_id) except Group.DoesNotExist: return return_response_error(request) try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return return_response_error(request) try: acl = ObjectACL.objects.get( content_type=experiment.get_ct(), object_id=experiment.id, pluginId='django_group', entityId=str(group.id), aclOwnershipType=ObjectACL.OWNER_OWNED) except ObjectACL.DoesNotExist: return return_response_error(request) if request.method == 'POST': form = ChangeGroupPermissionsForm(request.POST) if form.is_valid(): acl.canRead = form.cleaned_data['canRead'] acl.canWrite = form.cleaned_data['canWrite'] acl.canDelete = form.cleaned_data['canDelete'] acl.effectiveDate = form.cleaned_data['effectiveDate'] acl.expiryDate = form.cleaned_data['expiryDate'] acl.save() return HttpResponseRedirect('/experiment/control_panel/') else: form = ChangeGroupPermissionsForm( initial={'canRead': acl.canRead, 'canWrite': acl.canWrite, 'canDelete': acl.canDelete, 'effectiveDate': acl.effectiveDate, 'expiryDate': acl.expiryDate}) c = {'form': form, 'header': "Change Group Permissions for '%s'" % group.name} return HttpResponse(render_response_index( request, 'tardis_portal/form_template.html', c))
def _create_download_response(request, datafile_id, disposition='attachment'): # too complex # noqa # Get datafile (and return 404 if absent) try: datafile = DataFile.objects.get(pk=datafile_id) except DataFile.DoesNotExist: return return_response_not_found(request) # Check users has access to datafile if not has_datafile_download_access(request=request, datafile_id=datafile.id): return return_response_error(request) # Send an image that can be seen in the browser if disposition == 'inline' and datafile.is_image(): from tardis.tardis_portal.iiif import download_image args = (request, datafile.id, 'full', 'full', '0', 'native') # Send unconverted image if web-compatible if datafile.get_mimetype() in ('image/gif', 'image/jpeg', 'image/png'): return download_image(*args) # Send converted image return download_image(*args, format='png') # Send local file try: verified_only = True # Query parameter to allow download of unverified files ignore_verif = request.GET.get('ignore_verification_status', '0') # Ensure ignore_verification_status=0 etc works as expected # a bare ?ignore_verification_status is True if ignore_verif.lower() in [u'', u'1', u'true']: verified_only = False # Get file object for datafile file_obj = datafile.get_file(verified_only=verified_only) if not file_obj: # If file path doesn't resolve, return not found if verified_only: return render_error_message(request, "File is unverified, " "please try again later.", status=503) return return_response_not_found(request) wrapper = FileWrapper(file_obj, blksize=65535) response = StreamingHttpResponse(wrapper, content_type=datafile.get_mimetype()) response['Content-Disposition'] = \ '%s; filename="%s"' % (disposition, datafile.filename) return response except IOError: # If we can't read the file, return not found return return_response_not_found(request) except ValueError: # raised when replica not verified TODO: custom excptn redirect = request.META.get( 'HTTP_REFERER', 'http://%s/' % request.META.get('HTTP_HOST')) message = """The file you are trying to access has not yet been verified. Verification is an automated background process. Please try again later or contact the system administrator if the issue persists.""" message = ' '.join(message.split()) # removes spaces redirect = redirect + '#error:' + message return HttpResponseRedirect(redirect)
def _create_download_response(request, datafile_id, disposition='attachment'): # too complex # noqa # Get datafile (and return 404 if absent) try: datafile = DataFile.objects.get(pk=datafile_id) except DataFile.DoesNotExist: return return_response_not_found(request) # Check users has access to datafile if not has_datafile_download_access(request=request, datafile_id=datafile.id): return return_response_error(request) # Send an image that can be seen in the browser if disposition == 'inline' and datafile.is_image(): from tardis.tardis_portal.iiif import download_image args = (request, datafile.id, 'full', 'full', '0', 'native') # Send unconverted image if web-compatible if datafile.get_mimetype() in ('image/gif', 'image/jpeg', 'image/png'): return download_image(*args) # Send converted image return download_image(*args, format='png') # Send local file try: verified_only = True # Query parameter to allow download of unverified files ignore_verif = request.GET.get('ignore_verification_status', '0') # Ensure ignore_verification_status=0 etc works as expected # a bare ?ignore_verification_status is True if ignore_verif.lower() in [u'', u'1', u'true']: verified_only = False # Get file object for datafile file_obj = datafile.get_file(verified_only=verified_only) if not file_obj: # If file path doesn't resolve, return not found if verified_only: return render_error_message(request, "File is unverified, " "please try again later.", status=503) return return_response_not_found(request) wrapper = FileWrapper(file_obj, blksize=65535) response = StreamingHttpResponse(wrapper, content_type=datafile.get_mimetype()) response['Content-Disposition'] = \ '%s; filename="%s"' % (disposition, datafile.filename) return response except IOError: # If we can't read the file, return not found return return_response_not_found(request) except ValueError: # raised when replica not verified TODO: custom excptn redirect = request.META.get('HTTP_REFERER', 'http://%s/' % request.META.get('HTTP_HOST')) message = """The file you are trying to access has not yet been verified. Verification is an automated background process. Please try again later or contact the system administrator if the issue persists.""" message = ' '.join(message.split()) # removes spaces redirect = redirect + '#error:' + message return HttpResponseRedirect(redirect)
def wrap(request, *args, **kwargs): user = request.user if not request.user.is_authenticated(): return HttpResponseRedirect('/login?next=%s' % request.path) if not (is_group_admin(request, kwargs['group_id']) or user.is_superuser): return return_response_error(request) return f(request, *args, **kwargs)
def wrap(request, *args, **kwargs): user = request.user if not user.is_authenticated(): return HttpResponseRedirect('/login?next=%s' % request.path) if not (has_experiment_ownership(request, kwargs['experiment_id']) or user.is_superuser): return return_response_error(request) return f(request, *args, **kwargs)
def experiment_description(request, experiment_id): """View an existing experiment's description. To be loaded via ajax. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param experiment_id: the ID of the experiment to be edited :type experiment_id: string :rtype: :class:`django.http.HttpResponse` """ c = {} try: experiment = Experiment.safe.get(request.user, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) c['experiment'] = experiment c['subtitle'] = experiment.title c['nav'] = [{ 'name': 'Data', 'link': '/experiment/view/' }, { 'name': experiment.title, 'link': experiment.get_absolute_url() }] c['authors'] = experiment.experimentauthor_set.all() c['datafiles'] = \ DataFile.objects.filter(dataset__experiments=experiment_id) c['owners'] = experiment.get_owners() # calculate the sum of the datafile sizes c['size'] = DataFile.sum_sizes(c['datafiles']) c['has_download_permissions'] = \ authz.has_experiment_download_access(request, experiment_id) c['has_write_permissions'] = \ authz.has_write_permissions(request, experiment_id) if request.user.is_authenticated(): c['is_owner'] = authz.has_experiment_ownership(request, experiment_id) _add_protocols_and_organizations(request, experiment, c) if 'status' in request.GET: c['status'] = request.GET['status'] if 'error' in request.GET: c['error'] = request.GET['error'] return HttpResponse( render_response_index( request, 'tardis_portal/ajax/experiment_description.html', c))
def add_user_to_group(request, group_id, username): if username == settings.TOKEN_USERNAME: return HttpResponse('User does not exist: %s' % username) authMethod = localdb_auth_key isAdmin = False if 'isAdmin' in request.GET: if request.GET['isAdmin'] == 'true': isAdmin = True try: authMethod = request.GET['authMethod'] if authMethod == localdb_auth_key: user = User.objects.get(username=username) else: user = UserAuthentication.objects.get( username=username, authenticationMethod=authMethod).userProfile.user except User.DoesNotExist: return return_response_error(request) except UserAuthentication.DoesNotExist: return return_response_error(request) try: group = Group.objects.get(pk=group_id) except Group.DoesNotExist: return HttpResponse('Group does not exist.') if user.groups.filter(name=group.name).count() > 0: return HttpResponse('User %s is already member of that group.' % username) user.groups.add(group) user.save() if isAdmin: groupadmin = GroupAdmin(user=user, group=group) groupadmin.save() c = {'user': user, 'group_id': group_id, 'isAdmin': isAdmin} return HttpResponse(render_response_index( request, 'tardis_portal/ajax/add_user_to_group_result.html', c))
def authorize(request): # TODO real state randomly generated, URL in settings url = aaf_settings.AAF_OAUTH2_CODE_URL code = '' state = '' c = Context({}) if 'code' in request.GET: c['authorization_code'] = request.GET['code'] code = request.GET['code'] if 'state' in request.GET: c['state'] = request.GET['state'] state = request.GET['state'] response = request_aaf_info(url=url, code=code, state=state) c['response'] = response if response is None: return return_response_error(request) response_dict = json.loads(response) # check if response contains error or none if 'error' in response_dict: return return_response_error(request) # check if response doesn't contain mail or cn attributes if 'mail' not in response_dict or 'cn' not in response_dict: return return_response_error(request) username = get_username_from_aaf_email(response_dict['mail']) first_name = response_dict['cn'].split(" ")[:1][0] last_name = ' '.join(response_dict['cn'].split(" ")[1:]) mail = response_dict['mail'] c['first_name'] = first_name user = authenticate(username, first_name, last_name, mail) login(request, user) return HttpResponse(render_response_index( request, 'aaf/aaf.html', c))
def load_datafile_image(request, parameter_id): try: parameter = DatafileParameter.objects.get(pk=parameter_id) except DatafileParameter.DoesNotExist: return HttpResponseNotFound() datafile = parameter.parameterset.datafile if authz.has_datafile_access(request, datafile.id): return load_image(request, parameter) return return_response_error(request)
def add_datafile_par(request, datafile_id): parentObject = DataFile.objects.get(id=datafile_id) if authz.has_dataset_write(request, parentObject.dataset.id): return add_par(request, parentObject, otype="datafile", stype=Schema.DATAFILE) else: return return_response_error(request)
def mint_key(request, exp_id): experiment = Experiment.objects.get(id=exp_id) try: key_service = ExperimentKeyService() except Schema.DoesNotExist: logger.exception("No ExperimentKeyService Schema found") return return_response_error(request) except ParameterName.DoesNotExist: logger.exception("No ExperimentKeyService ParameterName found") return return_response_error(request) key = key_service.get_key(experiment) if not key: key = key_service.mint_key(experiment) return HttpResponse(json.dumps(key), mimetype='application/json')
def authorize(request): # TODO real state randomly generated, URL in settings url = aaf_settings.AAF_OAUTH2_CODE_URL code = '' state = '' c = Context({}) if 'code' in request.GET: c['authorization_code'] = request.GET['code'] code = request.GET['code'] if 'state' in request.GET: c['state'] = request.GET['state'] state = request.GET['state'] response = request_aaf_info(url=url, code=code, state=state) c['response'] = response if response is None: return return_response_error(request) response_dict = json.loads(response) # check if response contains error or none if 'error' in response_dict: return return_response_error(request) # check if response doesn't contain mail or cn attributes if 'mail' not in response_dict or 'cn' not in response_dict: return return_response_error(request) username = get_username_from_aaf_email(response_dict['mail']) first_name = response_dict['cn'].split(" ")[:1][0] last_name = ' '.join(response_dict['cn'].split(" ")[1:]) mail = response_dict['mail'] c['first_name'] = first_name user = authenticate(username, first_name, last_name, mail) login(request, user) return HttpResponse(render_response_index(request, 'aaf/aaf.html', c))
def _get_related_info(request, experiment_id, related_info_id): if not authz.has_experiment_access(request, experiment_id): return return_response_error(request) try: ps = ExperimentParameterSet.objects.get(schema__namespace=SCHEMA_URI, id=related_info_id) return HttpResponse(json.dumps(_get_dict_from_ps(ps)), content_type='application/json; charset=utf-8') except: return return_response_not_found(request)
def token_login(request, token): django_logout(request) from tardis.tardis_portal.auth import login, token_auth logger.debug('token login') user = token_auth.authenticate(request, token) if not user: return return_response_error(request) login(request, user) experiment = Experiment.objects.get(token__token=token) return HttpResponseRedirect(experiment.get_absolute_url())
def display_datafile_image( request, datafile_id, parameterset_id, parameter_name): # TODO handle not exist if not authz.has_datafile_access(request, datafile_id): return return_response_error(request) image = DatafileParameter.objects.get(name__name=parameter_name, parameterset=parameterset_id) return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def experiment_description(request, experiment_id): """View an existing experiment's description. To be loaded via ajax. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param experiment_id: the ID of the experiment to be edited :type experiment_id: string :rtype: :class:`django.http.HttpResponse` """ c = {} try: experiment = Experiment.safe.get(request.user, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) c['experiment'] = experiment c['subtitle'] = experiment.title c['nav'] = [{'name': 'Data', 'link': '/experiment/view/'}, {'name': experiment.title, 'link': experiment.get_absolute_url()}] c['authors'] = experiment.experimentauthor_set.all() c['datafiles'] = \ DataFile.objects.filter(dataset__experiments=experiment_id) c['owners'] = experiment.get_owners() # calculate the sum of the datafile sizes c['size'] = DataFile.sum_sizes(c['datafiles']) c['has_download_permissions'] = \ authz.has_experiment_download_access(request, experiment_id) c['has_write_permissions'] = \ authz.has_write_permissions(request, experiment_id) if request.user.is_authenticated(): c['is_owner'] = authz.has_experiment_ownership(request, experiment_id) _add_protocols_and_organizations(request, experiment, c) if 'status' in request.GET: c['status'] = request.GET['status'] if 'error' in request.GET: c['error'] = request.GET['error'] return HttpResponse(render_response_index(request, 'tardis_portal/ajax/experiment_description.html', c))
def list_trips(request): ''' List trips for driving data ''' driving_admins = getattr(settings, 'DRIVING_ADMIN_GROUP', default_settings.DRIVING_ADMIN_GROUP) # Logged-in user needs to be a member of driving admin group # or they need to be a superuser to view this page: if not request.user.groups.filter(name=driving_admins).exists() and \ not request.user.is_superuser: return return_response_error(request) trips = [] driving_instrument_names = getattr(settings, 'DRIVING_INSTRUMENTS', default_settings.DRIVING_INSTRUMENTS) csv_dir_prefix = getattr(settings, 'DRIVING_CSV_DIR_PREFIX', default_settings.DRIVING_CSV_DIR_PREFIX) instruments = Instrument.objects.filter(name__in=driving_instrument_names) datasets = Dataset.objects.filter(instrument__in=instruments) for dataset in datasets: exp = dataset.experiments.first() study = exp.title exp_id = exp.id participant = dataset.description dfs = DataFile.objects.filter(dataset=dataset, directory__startswith=csv_dir_prefix, filename__endswith='.csv') for datafile in dfs: with datafile.file_object as fileobj: reader = csv.reader(fileobj) rows = list(reader) for row in rows: if len(row) < 7: continue try: trip_number = int(row[0]) except ValueError: continue trip = dict(exp_id=exp_id, dataset_id=dataset.id, study=study, participant=participant, number=trip_number, start=row[1], end=row[2], duration=row[3], distance=row[4]) trips.append(trip) context = dict(trips=trips) return render_response_index(request, 'trips.html', context)
def get(self, request, *args, **kwargs): """ View an existing experiment. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param list args: :param dict kwargs: in kwargs: param int experiment_id: the ID of the experiment :returns: an HttpResponse :rtype: :class:`django.http.HttpResponse` """ experiment_id = kwargs.get('experiment_id', None) if experiment_id is None: return return_response_error(request) try: experiment = Experiment.safe.get(request.user, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) if not experiment: return return_response_not_found(request) view_override = self.find_custom_view_override(request, experiment) if view_override is not None: return view_override c = self.get_context_data(request, experiment) template_name = kwargs.get('template_name', None) if template_name is None: template_name = self.template_name return HttpResponse(render_response_index(request, template_name, c))
def _create_related_info(request, experiment_id): if not authz.has_write_permissions(request, experiment_id): return return_response_error(request) form = RelatedInfoForm(json.loads(request.body)) if not form.is_valid(): return HttpResponse('', status=400) ps = ExperimentParameterSet(experiment_id=experiment_id, schema=_get_schema()) ps.save() ParameterSetManager(ps).set_params_from_dict(form.cleaned_data) return HttpResponse(json.dumps(_get_dict_from_ps(ps)), content_type='application/json; charset=utf-8', status=201)
def display_datafile_image(request, datafile_id, parameterset_id, parameter_name): # TODO handle not exist if not authz.has_datafile_access(request, datafile_id): return return_response_error(request) image = DatafileParameter.objects.get(name__name=parameter_name, parameterset=parameterset_id) return HttpResponse(b64decode(image.string_value), content_type='image/jpeg')
def _delete_related_info(request, experiment_id, related_info_id): if not authz.has_write_permissions(request, experiment_id): return return_response_error(request) try: ps = ExperimentParameterSet.objects.get(experiment_id=experiment_id, id=related_info_id) except ExperimentParameterSet.DoesNotExist: return HttpResponse('', status=404) obj = _get_dict_from_ps(ps) ps.delete() return HttpResponse(json.dumps(obj), content_type='application/json; charset=utf-8')
def wrap(*args, **kwargs): # We find the request as either the first or second argument. # This is so it can be used for the 'get' method on class-based # views (where the first argument is 'self') and also with traditional # view functions (where the first argument is the request). # TODO: An alternative would be to create a mixin for the DatasetView # and similar classes, like AccessRequiredMixin request = args[0] if not isinstance(request, HttpRequest): request = args[1] if not has_dataset_access(request, kwargs['dataset_id']): return return_response_error(request) return f(*args, **kwargs)
def index(request, experiment_id): try: experiment = Experiment.safe.get(request, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) c = Context({'experiment': experiment}) if authz.has_write_permissions(request, experiment_id): template = 'related_info/index.html' else: template = 'related_info/index_ro.html' return HttpResponse(render_response_index(request, template, c))
def wrap(request, *args, **kwargs): from django.utils import timezone session_id = request.POST.get( 'session_id', request.COOKIES.get(settings.SESSION_COOKIE_NAME, None)) sessions = Session.objects.filter(pk=session_id) if sessions and sessions[0].expire_date > timezone.now(): try: request.user = User.objects.get( pk=sessions[0].get_decoded()['_auth_user_id']) except: if request.is_ajax(): return HttpResponse("") return return_response_error(request) return f(request, *args, **kwargs)
def index(request, experiment_id): logger.debug('aaa %s' % experiment_id) try: experiment = Experiment.safe.get(request.user, experiment_id) except PermissionDenied: return return_response_error(request) except Experiment.DoesNotExist: return return_response_not_found(request) logger.debug('%s' % experiment) c = {'experiment': experiment} logger.debug('%s' % c) template = 'mongoquery/index.html' logger.debug('%s' % template) return HttpResponse(render_response_index(request, template, c))