From 5e5309007ab13260e1635b8c78d2d0b699c1cf5f Mon Sep 17 00:00:00 2001
From: Ambrus Simon <ambrussimon@invenshure.com>
Date: Mon, 26 Jun 2017 15:26:05 +0200
Subject: [PATCH] analysis GET, DELETE and /notes working
---
api/api.py | 4 +--
api/dao/containerstorage.py | 20 ++++++-----
api/handlers/refererhandler.py | 65 ++++++++++------------------------
bin/database.py | 2 ++
4 files changed, 33 insertions(+), 58 deletions(-)
diff --git a/api/api.py b/api/api.py
index d80ea88c..19ae8c42 100644
--- a/api/api.py
+++ b/api/api.py
@@ -248,7 +248,7 @@ endpoints = [
route('/<list_name:files>/<name:{fname}>', FileListHandler, m=['GET', 'DELETE']),
route('/<list_name:files>/<name:{fname}>/info', FileListHandler, h='get_info', m=['GET']),
- route( '/analyses', AnalysesHandler, m=['POST']),
+ route( '/analyses', AnalysesHandler, m=['POST']),
prefix('/analyses', [
route('/<_id:{cid}>', AnalysesHandler, m=['GET', 'DELETE']),
route('/<_id:{cid}>/files', AnalysesHandler, h='download', m=['GET']),
@@ -263,7 +263,7 @@ endpoints = [
# Analysis notes
- prefix('/{cname}/{cid}/<cont_name:analyses>/<cid:{cid}>', [
+ prefix('/<:{cname}>/<:{cid}>/<cont_name:analyses>/<cid:{cid}>', [
route('/<list_name:notes>', NotesListHandler, m=['POST']),
route('/<list_name:notes>/<_id:{nid}>', NotesListHandler, name='notes', m=['GET', 'PUT', 'DELETE']),
]),
diff --git a/api/dao/containerstorage.py b/api/dao/containerstorage.py
index ccd2cb00..0fd27d88 100644
--- a/api/dao/containerstorage.py
+++ b/api/dao/containerstorage.py
@@ -460,20 +460,22 @@ class AnalysisStorage(ContainerStorage):
return files
- @staticmethod
- def fill_values(analysis, cont_name, cid, origin):
+ def fill_values(self, analysis, cont_name, cid, origin):
+ parent = self.get_parent(cont_name, cid)
defaults = {
- 'parent': {
+ 'parent': {
'type': containerutil.singularize(cont_name),
- 'id': bson.objectid.ObjectId(cid)
+ 'id': bson.objectid.ObjectId(cid)
},
- '_id': bson.objectid.ObjectId(),
- 'created': datetime.datetime.utcnow(),
+ '_id': bson.objectid.ObjectId(),
+ 'created': datetime.datetime.utcnow(),
'modified': datetime.datetime.utcnow(),
- 'user': origin.get('id'),
+ 'user': origin.get('id'),
+ 'permissions': parent['permissions'],
+ 'public': parent.get('public', False),
}
- defaults.update(analysis)
- return defaults
+ for key in defaults:
+ analysis.setdefault(key, defaults[key])
def create_job_and_analysis(self, cont_name, cid, analysis, job, origin):
diff --git a/api/handlers/refererhandler.py b/api/handlers/refererhandler.py
index d1675f8f..4d0ff7d7 100644
--- a/api/handlers/refererhandler.py
+++ b/api/handlers/refererhandler.py
@@ -16,7 +16,7 @@ from .. import upload
from .. import util
from .. import validators
from ..auth import containerauth, always_ok
-from ..dao import containerstorage, noop
+from ..dao import APIStorageException, containerstorage, noop
from ..web import base
from ..web.request import log_access, AccessType
@@ -59,6 +59,7 @@ class AnalysesHandler(RefererHandler):
storage_schema_file = 'analysis.json'
payload_schema_file = 'analysis.json'
+
def post(self, cont_name, cid):
"""
Default behavior:
@@ -88,7 +89,6 @@ class AnalysesHandler(RefererHandler):
analysis = upload.process_upload(self.request, upload.Strategy.analysis, origin=self.origin)
self.storage.fill_values(analysis, cont_name, cid, self.origin)
- self.input_validator(analysis, 'POST')
result = self.storage.create_el(analysis)
if result.acknowledged:
@@ -97,57 +97,28 @@ class AnalysesHandler(RefererHandler):
self.abort(500, 'Analysis not added for container {} {}'.format(cont_name, cid))
+ def get(self, cont_name, cid, _id):
+ parent = self.storage.get_parent(cont_name, cid)
+ permchecker = self.get_permchecker(parent)
+ permchecker(noop)('GET')
+ return self._get_container(_id)
+
+
@log_access(AccessType.delete_analysis)
- def delete(self, **kwargs):
- # Overriding base class delete to audit action before completion
- _id = kwargs.pop('cid')
- permchecker, storage, _, _, keycheck = self._initialize_request(cont_name, list_name, _id, query_params=kwargs)
+ def delete(self, cont_name, cid, _id):
+ parent = self.storage.get_parent(cont_name, cid)
+ permchecker = self.get_permchecker(parent)
+ permchecker(noop)('DELETE')
+ self.log_user_access(AccessType.delete_file, cont_name=cont_name, cont_id=cid)
- permchecker(noop)('DELETE', _id=_id, query_params=kwargs)
- self.log_user_access(AccessType.delete_file, cont_name=cont_name, cont_id=_id)
try:
- result = keycheck(storage.exec_op)('DELETE', _id, query_params=kwargs)
+ result = self.storage.delete_el(_id)
except APIStorageException as e:
self.abort(400, e.message)
- if result.modified_count == 1:
- return {'modified': result.modified_count}
- else:
- self.abort(404, 'Element not removed from list {} in container {} {}'.format(storage.list_name, storage.cont_name, _id))
-
-
- def add_note(self, cont_name, cid, child_name, _id):
- _id = kwargs.pop('cid')
- analysis_id = kwargs.get('_id')
- permchecker, storage, _, _, _ = self._initialize_request(cont_name, list_name, _id)
- payload = self.request.json_body
-
- notes_schema_file = list_handler_configurations[cont_name]['notes']['storage_schema_file']
- input_schema_uri = validators.schema_uri('input', notes_schema_file)
- input_validator = validators.from_schema_path(input_schema_uri)
- input_validator(payload, 'POST')
-
- payload['_id'] = str(bson.objectid.ObjectId())
- payload['user'] = payload.get('user', self.uid)
- payload['created'] = datetime.datetime.utcnow()
- permchecker(noop)('POST', _id=_id)
- result = storage.add_note(_id=_id, analysis_id=analysis_id, payload=payload)
- if result.modified_count == 1:
- return {'modified':result.modified_count}
- else:
- self.abort(404, 'Element not added in list {} of container {} {}'.format(storage.list_name, storage.cont_name, _id))
-
-
- def delete_note(self, cont_name, list_name, **kwargs):
- _id = kwargs.pop('cid')
- analysis_id = kwargs.pop('_id')
- permchecker, storage, _, _, _ = self._initialize_request(cont_name, list_name, _id)
- note_id = kwargs.get('note_id')
- permchecker(noop)('DELETE', _id=_id)
- result = storage.delete_note(_id=_id, analysis_id=analysis_id, note_id=note_id)
- if result.modified_count == 1:
- return {'modified': result.modified_count}
+ if result.deleted_count == 1:
+ return {'deleted': result.deleted_count}
else:
- self.abort(404, 'Note not removed from analysis {}'.format(analysis_id))
+ self.abort(404, 'Analysis {} not removed from container {} {}'.format(_id, cont_name, cid))
def download(self, **kwargs):
diff --git a/bin/database.py b/bin/database.py
index 30e7005b..baee1ac3 100755
--- a/bin/database.py
+++ b/bin/database.py
@@ -1121,6 +1121,8 @@ def upgrade_to_32_closure(cont, cont_name):
for analysis in cont['analyses']:
analysis['_id'] = bson.ObjectId(analysis['_id'])
analysis['parent'] = {'type': cont_type, 'id': cont['_id']}
+ analysis['permissions'] = cont['permissions']
+ analysis['public'] = cont.get('public', False)
config.db['analyses'].insert_many(cont['analyses'])
config.db[cont_name].update_one(
{'_id': cont['_id']},
--
GitLab