Skip to content
Snippets Groups Projects
Commit 15cb0d29 authored by Gunnar Schaefer's avatar Gunnar Schaefer
Browse files

simplify group routes and id handling

parent da862153
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
api.py
+ 11
11
View file @ 15cb0d29
...@@ -31,45 +31,45 @@ routes = [ ...@@ -31,45 +31,45 @@ routes = [
webapp2.Route(r'/count', users.Users, handler_method='count', methods=['OPTIONS', 'GET']), webapp2.Route(r'/count', users.Users, handler_method='count', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/listschema', users.Users, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/listschema', users.Users, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/schema', users.User, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/schema', users.User, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/<uid>', users.User, name='user'), webapp2.Route(r'/<_id>', users.User, name='user'),
webapp2.Route(r'/<uid>/groups', users.Groups, name='groups'), webapp2.Route(r'/<_id>/groups', users.Groups, name='groups'),
]), ]),
webapp2.Route(r'/nimsapi/groups', users.Groups), webapp2.Route(r'/nimsapi/groups', users.Groups),
webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/groups', [ webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/groups', [
webapp2.Route(r'/count', users.Groups, handler_method='count', methods=['OPTIONS', 'GET']), webapp2.Route(r'/count', users.Groups, handler_method='count', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/listschema', users.Groups, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/listschema', users.Groups, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/schema', users.Group, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/schema', users.Group, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/<gid>', users.Group, name='group'), webapp2.Route(r'/<_id>', users.Group, name='group'),
]), ]),
webapp2.Route(r'/nimsapi/experiments', experiments.Experiments), webapp2.Route(r'/nimsapi/experiments', experiments.Experiments),
webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/experiments', [ webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/experiments', [
webapp2.Route(r'/count', experiments.Experiments, handler_method='count', methods=['OPTIONS', 'GET']), webapp2.Route(r'/count', experiments.Experiments, handler_method='count', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/listschema', experiments.Experiments, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/listschema', experiments.Experiments, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/schema', experiments.Experiment, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/schema', experiments.Experiment, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/<_id:[0-9a-f]{24}>', experiments.Experiment, name='experiment'), webapp2.Route(r'/<xid:[0-9a-f]{24}>', experiments.Experiment, name='experiment'),
webapp2.Route(r'/<_id:[0-9a-f]{24}>/sessions', experiments.Sessions, name='sessions'), webapp2.Route(r'/<xid:[0-9a-f]{24}>/sessions', experiments.Sessions, name='sessions'),
]), ]),
webapp2.Route(r'/nimsapi/collections', collections_.Collections), webapp2.Route(r'/nimsapi/collections', collections_.Collections),
webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/collections', [ webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/collections', [
webapp2.Route(r'/count', collections_.Collections, handler_method='count', methods=['OPTIONS', 'GET']), webapp2.Route(r'/count', collections_.Collections, handler_method='count', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/listschema', collections_.Collections, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/listschema', collections_.Collections, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/schema', collections_.Collection, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/schema', collections_.Collection, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/<_id:[0-9a-f]{24}>', collections_.Collection, name='collection'), webapp2.Route(r'/<cid:[0-9a-f]{24}>', collections_.Collection, name='collection'),
webapp2.Route(r'/<_id:[0-9a-f]{24}>/sessions', collections_.Sessions, name='vp_sessions'), webapp2.Route(r'/<cid:[0-9a-f]{24}>/sessions', collections_.Sessions, name='vp_sessions'),
webapp2.Route(r'/<_id:[0-9a-f]{24}>/epochs', collections_.Epochs, name='vp_epochs'), webapp2.Route(r'/<cid:[0-9a-f]{24}>/epochs', collections_.Epochs, name='vp_epochs'),
]), ]),
webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/sessions', [ webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/sessions', [
webapp2.Route(r'/count', experiments.Sessions, handler_method='count', methods=['OPTIONS', 'GET']), webapp2.Route(r'/count', experiments.Sessions, handler_method='count', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/listschema', experiments.Sessions, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/listschema', experiments.Sessions, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/schema', experiments.Session, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/schema', experiments.Session, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/<_id:[0-9a-f]{24}>', experiments.Session, name='session'), webapp2.Route(r'/<sid:[0-9a-f]{24}>', experiments.Session, name='session'),
webapp2.Route(r'/<_id:[0-9a-f]{24}>/epochs', experiments.Epochs, name='epochs'), webapp2.Route(r'/<sid:[0-9a-f]{24}>/epochs', experiments.Epochs, name='epochs'),
]), ]),
webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/epochs', [ webapp2_extras.routes.PathPrefixRoute(r'/nimsapi/epochs', [
webapp2.Route(r'/count', experiments.Epochs, handler_method='count', methods=['OPTIONS', 'GET']), webapp2.Route(r'/count', experiments.Epochs, handler_method='count', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/listschema', experiments.Epochs, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/listschema', experiments.Epochs, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/schema', experiments.Epoch, handler_method='schema', methods=['OPTIONS', 'GET']), webapp2.Route(r'/schema', experiments.Epoch, handler_method='schema', methods=['OPTIONS', 'GET']),
webapp2.Route(r'/<_id:[0-9a-f]{24}>', experiments.Epoch, name='epoch'), webapp2.Route(r'/<eid:[0-9a-f]{24}>', experiments.Epoch, name='epoch'),
]), ]),
] ]
......
base.py
+ 15
0
View file @ 15cb0d29
...@@ -42,6 +42,21 @@ ROLES = [ ...@@ -42,6 +42,21 @@ ROLES = [
INTEGER_ROLES = {r['rid']: r['sort'] for r in ROLES} INTEGER_ROLES = {r['rid']: r['sort'] for r in ROLES}
class NoNoneDict(dict):
def __init__(self, *args, **kwargs):
dict.__init__(self, *args, **kwargs)
for key in self.keys():
if self[key] is None:
del self[key]
def __setitem__(self, key, val):
if val is not None:
dict.__setitem__(self, key, val)
elif key in self:
dict.__delitem__(self, key)
class RequestHandler(webapp2.RequestHandler): class RequestHandler(webapp2.RequestHandler):
"""fetches pubkey from own self.db.remotes. needs to be aware of OWN site uid""" """fetches pubkey from own self.db.remotes. needs to be aware of OWN site uid"""
......
collections_.py
+ 40
37
View file @ 15cb0d29
...@@ -53,10 +53,10 @@ class Collections(base.RequestHandler): ...@@ -53,10 +53,10 @@ class Collections(base.RequestHandler):
"""Create a new Collection.""" """Create a new Collection."""
name = self.request.get('name') or 'innominate' name = self.request.get('name') or 'innominate'
epoch_ids = [bson.ObjectId(eid) for eid in self.request.get_all('epochs[]', [])] epoch_ids = [bson.ObjectId(eid) for eid in self.request.get_all('epochs[]', [])]
[self.get_epoch(eid) for eid in epoch_ids] # ensure permissions [self.get_epoch(e_id) for e_id in epoch_ids] # ensure permissions
cid = self.app.db.collections.insert({'curator': self.uid, 'name': name, 'permissions': [{'uid': self.uid, 'role': 'admin'}]}) _id = self.app.db.collections.insert({'curator': self.uid, 'name': name, 'permissions': [{'uid': self.uid, 'role': 'admin'}]})
for eid in epoch_ids: for e_id in epoch_ids:
self.app.db.epochs.update({'_id': eid}, {'$push': {'collections': cid}}) self.app.db.epochs.update({'_id': e_id}, {'$push': {'collections': _id}})
def get(self): def get(self):
"""Return the list of Collections.""" """Return the list of Collections."""
...@@ -65,9 +65,10 @@ class Collections(base.RequestHandler): ...@@ -65,9 +65,10 @@ class Collections(base.RequestHandler):
collections = list(self.app.db.collections.find(query, projection)) collections = list(self.app.db.collections.find(query, projection))
if self.debug: if self.debug:
for coll in collections: for coll in collections:
coll['metadata'] = self.uri_for('collection', _id=str(coll['_id']), _full=True) + '?' + self.request.query_string cid = str(coll['_id'])
coll['sessions'] = self.uri_for('vp_sessions', _id=str(coll['_id']), _full=True) + '?' + self.request.query_string coll['metadata'] = self.uri_for('collection', cid=cid, _full=True) + '?' + self.request.query_string
coll['epochs'] = self.uri_for('vp_epochs', _id=str(coll['_id']), _full=True) + '?' + self.request.query_string coll['sessions'] = self.uri_for('vp_sessions', cid=cid, _full=True) + '?' + self.request.query_string
coll['epochs'] = self.uri_for('vp_epochs', cid=cid, _full=True) + '?' + self.request.query_string
return collections return collections
def put(self): def put(self):
...@@ -115,33 +116,33 @@ class Collection(base.RequestHandler): ...@@ -115,33 +116,33 @@ class Collection(base.RequestHandler):
'required': ['_id', 'group', 'name'], #FIXME 'required': ['_id', 'group', 'name'], #FIXME
} }
def get(self, _id): def get(self, cid):
"""Return one Collection, conditionally with details.""" """Return one Collection, conditionally with details."""
cid = bson.ObjectId(_id) _id = bson.ObjectId(cid)
coll = self.get_collection(cid) coll = self.get_collection(_id)
if self.debug: if self.debug:
coll['sessions'] = self.uri_for('vp_sessions', _id=_id, _full=True) + '?' + self.request.query_string coll['sessions'] = self.uri_for('vp_sessions', cid=cid, _full=True) + '?' + self.request.query_string
return coll return coll
def put(self, _id): def put(self, cid):
"""Update an existing Collection.""" """Update an existing Collection."""
cid = bson.ObjectId(_id) _id = bson.ObjectId(cid)
self.get_collection(cid, 'admin') # ensure permissions self.get_collection(_id, 'admin') # ensure permissions
add_epoch_ids = [bson.ObjectId(eid) for eid in self.request.get_all('add_epochs[]', [])] add_epoch_ids = [bson.ObjectId(eid) for eid in self.request.get_all('add_epochs[]', [])]
del_epoch_ids = [bson.ObjectId(eid) for eid in self.request.get_all('del_epochs[]', [])] del_epoch_ids = [bson.ObjectId(eid) for eid in self.request.get_all('del_epochs[]', [])]
[self.get_epoch(eid) for eid in add_epoch_ids] # ensure permissions [self.get_epoch(e_id) for e_id in add_epoch_ids] # ensure permissions
[self.get_epoch(eid) for eid in del_epoch_ids] # ensure permissions [self.get_epoch(e_id) for e_id in del_epoch_ids] # ensure permissions
for eid in add_epoch_ids: for e_id in add_epoch_ids:
self.app.db.epochs.update({'_id': eid}, {'$addToSet': {'collections': bson.ObjectId(cid)}}) self.app.db.epochs.update({'_id': e_id}, {'$addToSet': {'collections': _id}})
for eid in del_epoch_ids: for e_id in del_epoch_ids:
self.app.db.epochs.update({'_id': eid}, {'$pull': {'collections': bson.ObjectId(cid)}}) self.app.db.epochs.update({'_id': e_id}, {'$pull': {'collections': _id}})
def delete(self, _id): def delete(self, cid):
"""Delete a Collection.""" """Delete a Collection."""
cid = bson.ObjectId(_id) _id = bson.ObjectId(cid)
self.get_collection(cid, 'admin') # ensure permissions self.get_collection(_id, 'admin') # ensure permissions
self.app.db.epochs.update({'collections': cid}, {'$pull': {'collections': cid}}, multi=True) self.app.db.epochs.update({'collections': _id}, {'$pull': {'collections': _id}}, multi=True)
self.app.db.collections.remove({'_id': cid}) self.app.db.collections.remove({'_id': _id})
class Sessions(base.RequestHandler): class Sessions(base.RequestHandler):
...@@ -185,12 +186,12 @@ class Sessions(base.RequestHandler): ...@@ -185,12 +186,12 @@ class Sessions(base.RequestHandler):
"""Create a new Session""" """Create a new Session"""
self.response.write('sessions post\n') self.response.write('sessions post\n')
def get(self, _id): def get(self, cid):
"""Return the list of Session Epochs.""" """Return the list of Session Epochs."""
cid = bson.ObjectId(_id) _id = bson.ObjectId(cid)
self.get_collection(cid) # ensure permissions self.get_collection(_id) # ensure permissions
aggregated_epochs = self.app.db.epochs.aggregate([ aggregated_epochs = self.app.db.epochs.aggregate([
{'$match': {'collections': cid}}, {'$match': {'collections': _id}},
{'$group': {'_id': '$session'}}, {'$group': {'_id': '$session'}},
])['result'] ])['result']
query = {'_id': {'$in': [agg_epoch['_id'] for agg_epoch in aggregated_epochs]}} query = {'_id': {'$in': [agg_epoch['_id'] for agg_epoch in aggregated_epochs]}}
...@@ -200,8 +201,9 @@ class Sessions(base.RequestHandler): ...@@ -200,8 +201,9 @@ class Sessions(base.RequestHandler):
sess['site'] = self.app.config['site_id'] sess['site'] = self.app.config['site_id']
if self.debug: if self.debug:
for sess in sessions: for sess in sessions:
sess['metadata'] = self.uri_for('session', _id=str(sess['_id']), _full=True) + '?user=' + self.request.get('user') sid = str(sess['_id'])
sess['epochs'] = self.uri_for('vp_epochs', _id=_id, _full=True) + '?session=%s&user=%s' % (sess['_id'], self.request.get('user')) sess['metadata'] = self.uri_for('session', sid=sid, _full=True) + '?user=' + self.request.get('user')
sess['epochs'] = self.uri_for('vp_epochs', cid=cid, _full=True) + '?session=%s&user=%s' % (sid, self.request.get('user'))
return sessions return sessions
def put(self): def put(self):
...@@ -250,11 +252,11 @@ class Epochs(base.RequestHandler): ...@@ -250,11 +252,11 @@ class Epochs(base.RequestHandler):
"""Create a new Epoch.""" """Create a new Epoch."""
self.response.write('epochs post\n') self.response.write('epochs post\n')
def get(self, _id): def get(self, cid):
"""Return the list of Session Epochs.""" """Return the list of Session Epochs."""
cid = bson.ObjectId(_id) _id = bson.ObjectId(cid)
self.get_collection(cid) # ensure permissions self.get_collection(_id) # ensure permissions
query = {'collections': cid} query = {'collections': _id}
sid = self.request.get('session') sid = self.request.get('session')
if bson.ObjectId.is_valid(sid): if bson.ObjectId.is_valid(sid):
query['session'] = bson.ObjectId(sid) query['session'] = bson.ObjectId(sid)
...@@ -264,7 +266,8 @@ class Epochs(base.RequestHandler): ...@@ -264,7 +266,8 @@ class Epochs(base.RequestHandler):
epochs = list(self.app.db.epochs.find(query, projection)) epochs = list(self.app.db.epochs.find(query, projection))
if self.debug: if self.debug:
for epoch in epochs: for epoch in epochs:
epoch['metadata'] = self.uri_for('epoch', _id=str(epoch['_id']), _full=True) + '?user=' + self.request.get('user') eid = str(epoch['_id'])
epoch['metadata'] = self.uri_for('epoch', eid=eid, _full=True) + '?user=' + self.request.get('user')
return epochs return epochs
def put(self): def put(self):
......
core.py
+ 2
2
View file @ 15cb0d29
...@@ -174,7 +174,7 @@ class Core(base.RequestHandler): ...@@ -174,7 +174,7 @@ class Core(base.RequestHandler):
experiment_spec = {'group': group['_id'], 'name': experiment_name} experiment_spec = {'group': group['_id'], 'name': experiment_name}
experiment = self.app.db.experiments.find_and_modify( experiment = self.app.db.experiments.find_and_modify(
experiment_spec, experiment_spec,
{'$setOnInsert': dict(group_name=group['name'], permissions=group['roles'], files=[])}, {'$setOnInsert': base.NoNoneDict(group_name=group.get('name'), permissions=group['roles'], files=[])},
upsert=True, upsert=True,
new=True, new=True,
) )
...@@ -209,7 +209,7 @@ class Core(base.RequestHandler): ...@@ -209,7 +209,7 @@ class Core(base.RequestHandler):
@staticmethod @staticmethod
def entity_metadata(dataset, properties, presets={}): def entity_metadata(dataset, properties, presets={}):
metadata = [(prop, getattr(dataset, attrs['attribute'])) for prop, attrs in properties.iteritems() if 'attribute' in attrs] metadata = [(prop, getattr(dataset, attrs['attribute'])) for prop, attrs in properties.iteritems() if 'attribute' in attrs]
return {key: value for key, value in (metadata + presets.items()) if value is not None} return base.NoNoneDict(metadata, **presets)
def download(self): def download(self):
if self.request.method == 'OPTIONS': if self.request.method == 'OPTIONS':
......
experiments.py
+ 42
39
View file @ 15cb0d29
...@@ -67,7 +67,7 @@ class Experiments(base.RequestHandler): ...@@ -67,7 +67,7 @@ class Experiments(base.RequestHandler):
else: else:
query = {'permissions': {'$elemMatch': {'uid': self.uid, 'site': self.source_site}}} query = {'permissions': {'$elemMatch': {'uid': self.uid, 'site': self.source_site}}}
projection = { projection = {
'group': 1, 'group_name': 1, 'name': 1, 'timestamp': 1, 'notes': 1, 'group': 1, 'group_name': 1, 'name': 1, 'notes': 1,
'permissions': {'$elemMatch': {'uid': self.uid, 'site': self.source_site}}, 'permissions': {'$elemMatch': {'uid': self.uid, 'site': self.source_site}},
} }
experiments = list(self.app.db.experiments.find(query, projection)) experiments = list(self.app.db.experiments.find(query, projection))
...@@ -76,8 +76,9 @@ class Experiments(base.RequestHandler): ...@@ -76,8 +76,9 @@ class Experiments(base.RequestHandler):
exp['site_name'] = self.app.config['site_name'] exp['site_name'] = self.app.config['site_name']
if self.debug: if self.debug:
for exp in experiments: for exp in experiments:
exp['metadata'] = self.uri_for('experiment', _id=str(exp['_id']), _full=True) + '?' + self.request.query_string xid = str(exp['_id'])
exp['sessions'] = self.uri_for('sessions', _id=str(exp['_id']), _full=True) + '?' + self.request.query_string exp['metadata'] = self.uri_for('experiment', xid=xid, _full=True) + '?' + self.request.query_string
exp['sessions'] = self.uri_for('sessions', xid=xid, _full=True) + '?' + self.request.query_string
return experiments return experiments
def put(self): def put(self):
...@@ -128,23 +129,23 @@ class Experiment(base.RequestHandler): ...@@ -128,23 +129,23 @@ class Experiment(base.RequestHandler):
'required': ['_id', 'group', 'name'], #FIXME 'required': ['_id', 'group', 'name'], #FIXME
} }
def get(self, _id): def get(self, xid):
"""Return one Experiment, conditionally with details.""" """Return one Experiment, conditionally with details."""
xid = bson.ObjectId(_id) _id = bson.ObjectId(xid)
exp = self.get_experiment(xid) exp = self.get_experiment(_id)
if self.debug: if self.debug:
exp['sessions'] = self.uri_for('sessions', _id=_id, _full=True) + '?' + self.request.query_string exp['sessions'] = self.uri_for('sessions', xid=xid, _full=True) + '?' + self.request.query_string
return exp return exp
def put(self, _id): def put(self, xid):
"""Update an existing Experiment.""" """Update an existing Experiment."""
xid = bson.ObjectId(_id) _id = bson.ObjectId(xid)
self.get_experiment(xid, 'read-write') # ensure permissions self.get_experiment(_id, 'read-write') # ensure permissions
updates = {'$set': {}, '$unset': {}} updates = {'$set': {}, '$unset': {}}
for k, v in self.request.params.iteritems(): for k, v in self.request.params.iteritems():
if k in ['notes']: if k in ['notes']:
updates['$set'][k] = v # FIXME: do appropriate type conversion updates['$set'][k] = v # FIXME: do appropriate type conversion
self.app.db.experiments.update({'_id': xid}, updates) self.app.db.experiments.update({'_id': _id}, updates)
def delete(self, xid): def delete(self, xid):
"""Delete an Experiment.""" """Delete an Experiment."""
...@@ -192,17 +193,18 @@ class Sessions(base.RequestHandler): ...@@ -192,17 +193,18 @@ class Sessions(base.RequestHandler):
"""Create a new Session""" """Create a new Session"""
self.response.write('sessions post\n') self.response.write('sessions post\n')
def get(self, _id): def get(self, xid):
"""Return the list of Experiment Sessions.""" """Return the list of Experiment Sessions."""
xid = bson.ObjectId(_id) _id = bson.ObjectId(xid)
self.get_experiment(xid) # ensure permissions self.get_experiment(_id) # ensure permissions
query = {'experiment': xid} query = {'experiment': _id}
projection = ['name', 'subject', 'notes'] projection = ['name', 'subject', 'notes']
sessions = list(self.app.db.sessions.find(query, projection)) sessions = list(self.app.db.sessions.find(query, projection))
if self.debug: if self.debug:
for sess in sessions: for sess in sessions:
sess['metadata'] = self.uri_for('session', _id=str(sess['_id']), _full=True) + '?' + self.request.query_string sid = str(sess['_id'])
sess['epochs'] = self.uri_for('epochs', _id=str(sess['_id']), _full=True) + '?' + self.request.query_string sess['metadata'] = self.uri_for('session', sid=sid, _full=True) + '?' + self.request.query_string
sess['epochs'] = self.uri_for('epochs', sid=sid, _full=True) + '?' + self.request.query_string
return sessions return sessions
def put(self): def put(self):
...@@ -251,25 +253,25 @@ class Session(base.RequestHandler): ...@@ -251,25 +253,25 @@ class Session(base.RequestHandler):
json_schema['properties'].update(nimsdata.NIMSData.session_properties) json_schema['properties'].update(nimsdata.NIMSData.session_properties)
return json_schema return json_schema
def get(self, _id): def get(self, sid):
"""Return one Session, conditionally with details.""" """Return one Session, conditionally with details."""
sid = bson.ObjectId(_id) _id = bson.ObjectId(sid)
sess = self.get_session(sid) sess = self.get_session(_id)
if self.debug: if self.debug:
sess['epochs'] = self.uri_for('epochs', _id=_id, _full=True) + '?' + self.request.query_string sess['epochs'] = self.uri_for('epochs', sid=sid, _full=True) + '?' + self.request.query_string
return sess return sess
def put(self, _id): def put(self, sid):
"""Update an existing Session.""" """Update an existing Session."""
sid = bson.ObjectId(_id) _id = bson.ObjectId(sid)
self.get_session(sid, 'read-write') # ensure permissions self.get_session(_id, 'read-write') # ensure permissions
updates = {'$set': {}, '$unset': {}} updates = {'$set': {}, '$unset': {}}
for k, v in self.request.params.iteritems(): for k, v in self.request.params.iteritems():
if k in ['notes']: if k in ['notes']:
updates['$set'][k] = v # FIXME: do appropriate type conversion updates['$set'][k] = v # FIXME: do appropriate type conversion
self.app.db.sessions.update({'_id': sid}, updates) self.app.db.sessions.update({'_id': _id}, updates)
def delete(self, _id): def delete(self, sid):
"""Delete a Session.""" """Delete a Session."""
self.abort(501) self.abort(501)
...@@ -315,16 +317,17 @@ class Epochs(base.RequestHandler): ...@@ -315,16 +317,17 @@ class Epochs(base.RequestHandler):
"""Create a new Epoch.""" """Create a new Epoch."""
self.response.write('epochs post\n') self.response.write('epochs post\n')
def get(self, _id): def get(self, sid):
"""Return the list of Session Epochs.""" """Return the list of Session Epochs."""
sid = bson.ObjectId(_id) _id = bson.ObjectId(sid)
self.get_session(sid) # ensure permissions self.get_session(_id) # ensure permissions
query = {'session': sid} query = {'session': _id}
projection = ['name', 'description', 'datatype', 'notes'] projection = ['name', 'description', 'datatype', 'notes']
epochs = list(self.app.db.epochs.find(query, projection)) epochs = list(self.app.db.epochs.find(query, projection))
if self.debug: if self.debug:
for epoch in epochs: for epoch in epochs:
epoch['metadata'] = self.uri_for('epoch', _id=str(epoch['_id']), _full=True) + '?' + self.request.query_string eid = str(epoch['_id'])
epoch['metadata'] = self.uri_for('epoch', eid=eid, _full=True) + '?' + self.request.query_string
return epochs return epochs
def put(self): def put(self):
...@@ -369,21 +372,21 @@ class Epoch(base.RequestHandler): ...@@ -369,21 +372,21 @@ class Epoch(base.RequestHandler):
json_schema['properties'].update(nimsdata.nimsdicom.NIMSDicom.epoch_properties) json_schema['properties'].update(nimsdata.nimsdicom.NIMSDicom.epoch_properties)
return json_schema return json_schema
def get(self, _id): def get(self, eid):
"""Return one Epoch, conditionally with details.""" """Return one Epoch, conditionally with details."""
eid = bson.ObjectId(_id) _id = bson.ObjectId(eid)
return self.get_epoch(eid) return self.get_epoch(_id)
def put(self, _id): def put(self, eid):
"""Update an existing Epoch.""" """Update an existing Epoch."""
eid = bson.ObjectId(_id) _id = bson.ObjectId(eid)
self.get_epoch(eid, 'read-write') # ensure permissions self.get_epoch(_id, 'read-write') # ensure permissions
updates = {'$set': {}, '$unset': {}} updates = {'$set': {}, '$unset': {}}
for k, v in self.request.params.iteritems(): for k, v in self.request.params.iteritems():
if k in ['notes']: if k in ['notes']:
updates['$set'][k] = v # FIXME: do appropriate type conversion updates['$set'][k] = v # FIXME: do appropriate type conversion
self.app.db.epochs.update({'_id': eid}, updates) self.app.db.epochs.update({'_id': _id}, updates)
def delete(self, _id): def delete(self, eid):
"""Delete an Epoch.""" """Delete an Epoch."""
self.abort(501) self.abort(501)
users.py
+ 29
29
View file @ 15cb0d29
...@@ -65,7 +65,7 @@ class Users(base.RequestHandler): ...@@ -65,7 +65,7 @@ class Users(base.RequestHandler):
users = list(self.app.db.users.find({}, ['firstname', 'lastname', 'email_hash'])) users = list(self.app.db.users.find({}, ['firstname', 'lastname', 'email_hash']))
if self.debug: if self.debug:
for user in users: for user in users:
user['metadata'] = self.uri_for('user', uid=str(user['_id']), _full=True) + '?' + self.request.query_string user['metadata'] = self.uri_for('user', _id=str(user['_id']), _full=True) + '?' + self.request.query_string
return users return users
def put(self): def put(self):
...@@ -75,7 +75,7 @@ class Users(base.RequestHandler): ...@@ -75,7 +75,7 @@ class Users(base.RequestHandler):
class User(base.RequestHandler): class User(base.RequestHandler):
"""/nimsapi/users/<uid> """ """/nimsapi/users/<_id> """
json_schema = { json_schema = {
'$schema': 'http://json-schema.org/draft-04/schema#', '$schema': 'http://json-schema.org/draft-04/schema#',
...@@ -114,7 +114,7 @@ class User(base.RequestHandler): ...@@ -114,7 +114,7 @@ class User(base.RequestHandler):
'required': ['_id'], 'required': ['_id'],
} }
def get(self, uid): def get(self, _id):
"""Return User details.""" """Return User details."""
if self.uid == '@public': if self.uid == '@public':
self.abort(403, 'must be logged in to retrieve User info') self.abort(403, 'must be logged in to retrieve User info')
...@@ -123,37 +123,37 @@ class User(base.RequestHandler): ...@@ -123,37 +123,37 @@ class User(base.RequestHandler):
projection += ['remotes'] projection += ['remotes']
if self.request.get('status') in ('1', 'true'): if self.request.get('status') in ('1', 'true'):
projection += ['status'] projection += ['status']
user = self.app.db.users.find_one({'_id': uid}, projection or None) user = self.app.db.users.find_one({'_id': _id}, projection or None)
if not user: if not user:
self.abort(404, 'no such User') self.abort(404, 'no such User')
if self.debug: if self.debug:
user['groups'] = self.uri_for('groups', uid=uid, _full=True) + '?' + self.request.query_string user['groups'] = self.uri_for('groups', _id=_id, _full=True) + '?' + self.request.query_string
return user return user
def put(self, uid): def put(self, _id):
"""Update an existing User.""" """Update an existing User."""
user = self.app.db.users.find_one({'_id': uid}) user = self.app.db.users.find_one({'_id': _id})
if not user: if not user:
self.abort(404) self.abort(404)
if uid == self.uid or self.user_is_superuser: # users can only update their own info if _id == self.uid or self.user_is_superuser: # users can only update their own info
updates = {'$set': {'_id': uid}, '$unset': {'__null__': ''}} updates = {'$set': {'_id': _id}, '$unset': {'__null__': ''}}
for k, v in self.request.params.iteritems(): for k, v in self.request.params.iteritems():
if k != 'superuser' and k in []:#user_fields: if k != 'superuser' and k in []:#user_fields:
updates['$set'][k] = v # FIXME: do appropriate type conversion updates['$set'][k] = v # FIXME: do appropriate type conversion
elif k == 'superuser' and uid == self.uid and self.user_is_superuser is not None: # toggle superuser for requesting user elif k == 'superuser' and _id == self.uid and self.user_is_superuser is not None: # toggle superuser for requesting user
updates['$set'][k] = v.lower() in ('1', 'true') updates['$set'][k] = v.lower() in ('1', 'true')
elif k == 'superuser' and uid != self.uid and self.user_is_superuser: # enable/disable superuser for other user elif k == 'superuser' and _id != self.uid and self.user_is_superuser: # enable/disable superuser for other user
if v.lower() in ('1', 'true') and user.get('superuser') is None: if v.lower() in ('1', 'true') and user.get('superuser') is None:
updates['$set'][k] = False # superuser is tri-state: False indicates granted, but disabled, superuser privileges updates['$set'][k] = False # superuser is tri-state: False indicates granted, but disabled, superuser privileges
elif v.lower() not in ('1', 'true'): elif v.lower() not in ('1', 'true'):
updates['$unset'][k] = '' updates['$unset'][k] = ''
self.app.db.users.update({'_id': uid}, updates) self.app.db.users.update({'_id': _id}, updates)
else: else:
self.abort(403) self.abort(403)
def delete(self, uid): def delete(self, _id):
"""Delete an User.""" """Delete an User."""
self.response.write('user %s delete, %s\n' % (uid, self.request.params)) self.response.write('user %s delete, %s\n' % (_id, self.request.params))
class Groups(base.RequestHandler): class Groups(base.RequestHandler):
...@@ -186,13 +186,13 @@ class Groups(base.RequestHandler): ...@@ -186,13 +186,13 @@ class Groups(base.RequestHandler):
"""Create a new Group""" """Create a new Group"""
self.response.write('groups post\n') self.response.write('groups post\n')
def get(self, uid=None): def get(self, _id=None):
"""Return the list of Groups.""" """Return the list of Groups."""
query = None query = None
if uid is not None: if _id is not None:
if uid != self.uid and not self.user_is_superuser: if _id != self.uid and not self.user_is_superuser:
self.abort(403, 'User ' + self.uid + ' may not see the Groups of User ' + uid) self.abort(403, 'User ' + self.uid + ' may not see the Groups of User ' + _id)
query = {'roles.uid': uid} query = {'roles.uid': _id}
else: else:
if not self.user_is_superuser: if not self.user_is_superuser:
if self.request.get('admin').lower() in ('1', 'true'): if self.request.get('admin').lower() in ('1', 'true'):
...@@ -202,7 +202,7 @@ class Groups(base.RequestHandler): ...@@ -202,7 +202,7 @@ class Groups(base.RequestHandler):
groups = list(self.app.db.groups.find(query, ['name'])) groups = list(self.app.db.groups.find(query, ['name']))
if self.debug: if self.debug:
for group in groups: for group in groups:
group['metadata'] = self.uri_for('group', gid=str(group['_id']), _full=True) + '?' + self.request.query_string group['metadata'] = self.uri_for('group', _id=str(group['_id']), _full=True) + '?' + self.request.query_string
return groups return groups
def put(self): def put(self):
...@@ -212,7 +212,7 @@ class Groups(base.RequestHandler): ...@@ -212,7 +212,7 @@ class Groups(base.RequestHandler):
class Group(base.RequestHandler): class Group(base.RequestHandler):
"""/nimsapi/groups/<gid>""" """/nimsapi/groups/<_id>"""
json_schema = { json_schema = {
'$schema': 'http://json-schema.org/draft-04/schema#', '$schema': 'http://json-schema.org/draft-04/schema#',
...@@ -250,20 +250,20 @@ class Group(base.RequestHandler): ...@@ -250,20 +250,20 @@ class Group(base.RequestHandler):
'required': ['_id'], 'required': ['_id'],
} }
def get(self, gid): def get(self, _id):
"""Return Group details.""" """Return Group details."""
group = self.app.db.groups.find_one({'_id': gid}) group = self.app.db.groups.find_one({'_id': _id})
if not group: if not group:
self.abort(404, 'no such Group: ' + gid) self.abort(404, 'no such Group: ' + _id)
if not self.user_is_superuser: if not self.user_is_superuser:
group = self.app.db.groups.find_one({'_id': gid, 'roles': {'$elemMatch': {'uid': self.uid, 'role': 'admin'}}}) group = self.app.db.groups.find_one({'_id': _id, 'roles': {'$elemMatch': {'uid': self.uid, 'role': 'admin'}}})
if not group: if not group:
self.abort(403, 'User ' + self.uid + ' is not an admin on Group ' + gid) self.abort(403, 'User ' + self.uid + ' is not an admin on Group ' + _id)
return group return group
def put(self, gid): def put(self, _id):
"""Update an existing Group.""" """Update an existing Group."""
self.response.write('group %s put, %s\n' % (gid, self.request.params)) self.response.write('group %s put, %s\n' % (_id, self.request.params))
def delete(self, gid): def delete(self, _id):
"""Delete an Group.""" """Delete an Group."""
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment