in api/pages/views.py [0:0]
def run(API, environ, indata, session):
# We need to be logged in for this!
if not session.user:
raise API.exception(403, "You must be logged in to use this API endpoint! %s")
method = environ['REQUEST_METHOD']
dOrg = session.user['defaultOrganisation'] or "apache"
# Are we adding a view?
if method == 'PUT':
viewID = hashlib.sha224( ("%s-%s-%s" % (time.time(), session.user['email'], dOrg) ).encode('utf-8') ).hexdigest()
sources = indata.get('sources', [])
name = indata.get('name', "unknown view")
public = indata.get('public', False)
if public:
if not (session.user['userlevel'] == 'admin' or dOrg in session.user['ownerships']):
raise API.exception(403, "Only owners of an organisation may create public views.")
doc = {
'id': viewID,
'email': session.user['email'],
'organisation': dOrg,
'sourceList': sources,
'name': name,
'created': int(time.time()),
'publicView': public
}
session.DB.ES.index(index=session.DB.dbname, doc_type="view", id = viewID, body = doc)
yield json.dumps({'okay': True, 'message': "View created"})
# Are we editing (patching) a view?
if method == 'PATCH':
viewID = indata.get('id')
if viewID and session.DB.ES.exists(index=session.DB.dbname, doc_type="view", id = viewID):
doc = session.DB.ES.get(index=session.DB.dbname, doc_type="view", id = viewID)
if session.user['userlevel'] == 'admin' or doc['_source']['email'] == session.user['email']:
sources = indata.get('sources', [])
doc['_source']['sourceList'] = sources
session.DB.ES.index(index=session.DB.dbname, doc_type="view", id = viewID, body = doc['_source'])
yield json.dumps({'okay': True, 'message': "View updated"})
else:
raise API.exception(403, "You don't own this view, and cannot edit it.")
else:
raise API.exception(404, "We couldn't find a view with this ID.")
# Removing a view?
if method == 'DELETE':
viewID = indata.get('id')
if viewID and session.DB.ES.exists(index=session.DB.dbname, doc_type="view", id = viewID):
doc = session.DB.ES.get(index=session.DB.dbname, doc_type="view", id = viewID)
if session.user['userlevel'] == 'admin' or doc['_source']['email'] == session.user['email']:
session.DB.ES.delete(index=session.DB.dbname, doc_type="view", id = viewID)
yield json.dumps({'okay': True, 'message': "View deleted"})
else:
raise API.exception(403, "You don't own this view, and cannot delete it.")
else:
raise API.exception(404, "We couldn't find a view with this ID.")
if method in ['GET', 'POST']:
# Fetch all views for default org
res = session.DB.ES.search(
index=session.DB.dbname,
doc_type="view",
size = 5000,
body = {
'query': {
'term': {
'email': session.user['email']
}
}
}
)
# Are we looking at someone elses view?
if indata.get('view'):
viewID = indata.get('view')
if session.DB.ES.exists(index=session.DB.dbname, doc_type="view", id = viewID):
blob = session.DB.ES.get(index=session.DB.dbname, doc_type="view", id = viewID)
if blob['_source']['email'] != session.user['email'] and not blob['_source']['publicView']:
blob['_source']['name'] += " (shared by " + blob['_source']['email'] + ")"
res['hits']['hits'].append(blob)
sources = []
# Include public views??
if not indata.get('sources', False):
pres = session.DB.ES.search(
index=session.DB.dbname,
doc_type="view",
size = 5000,
body = {
'query': {
'bool': {
'must': [
{'term':
{
'publicView': True
}
},
{
'term': {
'organisation': dOrg
}
}
]
}
}
}
)
for hit in pres['hits']['hits']:
if hit['_source']['email'] != session.user['email']:
hit['_source']['name'] += " (shared view)"
res['hits']['hits'].append(hit)
for hit in res['hits']['hits']:
doc = hit['_source']
if doc['organisation'] != dOrg:
continue
if indata.get('quick'):
xdoc = {
'id': doc['id'],
'name': doc['name'],
'organisation': doc['organisation']
}
sources.append(xdoc)
else:
sources.append(doc)
allsources = []
if indata.get('sources', False):
res = session.DB.ES.search(
index=session.DB.dbname,
doc_type="source",
size = 5000,
body = {
'query': {
'term': {
'organisation': dOrg
}
}
}
)
for zdoc in res['hits']['hits']:
doc = zdoc['_source']
xdoc = {
'sourceID': doc['sourceID'],
'type': doc['type'],
'sourceURL': doc['sourceURL']
}
allsources.append(xdoc)
JSON_OUT = {
'views': sources,
'sources': allsources,
'okay': True,
'organisation': dOrg
}
yield json.dumps(JSON_OUT)