Gitlab CSE Unil

views.py 12.5 KB
Newer Older
Julien Furrer's avatar
Julien Furrer committed
1
2
3
# coding=utf-8
from __future__ import unicode_literals

Julien Furrer's avatar
Julien Furrer committed
4
5
import json
import os
6
import ldap
Julien Furrer's avatar
Julien Furrer committed
7
from django.conf import settings
8
from django.core.exceptions import PermissionDenied
Julien Furrer's avatar
Julien Furrer committed
9
from django.core.urlresolvers import reverse
10
11
from django.core.cache import cache
from django.db.models import Q
Julien Furrer's avatar
Julien Furrer committed
12
13
14
15
from django.http.response import HttpResponse, HttpResponseBadRequest, HttpResponseRedirect, Http404, \
    HttpResponseForbidden
from django.shortcuts import render, get_object_or_404
from django.contrib.auth.decorators import login_required
16
from django.contrib.auth.models import User
Julien Furrer's avatar
Julien Furrer committed
17
from django.views.decorators.http import require_POST
18
from django.views.decorators.cache import cache_control
19
from adim.models import AnObj, AnObjMembership
Julien Furrer's avatar
Julien Furrer committed
20
from adim.permissions import get_permission_class, has_anobj_access, SHARING_MODE_NONE
21

Julien Furrer's avatar
Julien Furrer committed
22
23
from .forms import UploadImageFileForm
from sendfile import sendfile
Julien Furrer's avatar
Julien Furrer committed
24
25
from .utils import add_image_border, create_image_thumbnail

Julien Furrer's avatar
Julien Furrer committed
26
27
28
29
30
31
32
33
34
35

def home(request):
    """
    Home page
    :param request:
    :return:
    """
    context = {}
    if request.user.is_anonymous():
        context['next'] = request.GET.get('next', "")
Julien Furrer's avatar
Julien Furrer committed
36
    return render(request, "adim/home.html", context)
Julien Furrer's avatar
Julien Furrer committed
37
38
39
40


def handle_404(request):
    if request.user.is_authenticated():
41
        return HttpResponseRedirect(reverse("adim_app:annotate-new"))
Julien Furrer's avatar
Julien Furrer committed
42
    else:
43
        return HttpResponseRedirect(reverse('adim_app:home'))
Julien Furrer's avatar
Julien Furrer committed
44
45
46
47
48
49
50
51
52


@login_required()
def essai(request):
    """
    Page d'essais
    :param request:
    :return:
    """
Julien Furrer's avatar
Julien Furrer committed
53
    return render(request, "adim/essai.html", {})
Julien Furrer's avatar
Julien Furrer committed
54
55
56
57
58
59
60
61
62
63
64
65
66
    # return render(request, "adim_app/essai.html", {})


@login_required
def _get_anobj(request, anobj_uuid=None, anobj_id=None):
    """
    Returns an AnObj with the uuid or id passed in parameters if
    the request.user has sufficient permissions for it
    Raise a 404 if it cannot return the AnObj

    :param request:
    :param anobj_uuid:
    :return: AnObj
67
    :raise: PermissionDenied
Julien Furrer's avatar
Julien Furrer committed
68
69
70
71
72
73
74
75
76
    """
    q = {}
    if anobj_uuid is not None:
        q['uuid'] = anobj_uuid
    elif anobj_id is not None:
        q['id'] = anobj_id
    if not q:
        raise Http404()
    anobj = get_object_or_404(AnObj, **q)
77
78
79
80

    if not has_anobj_access(request, anobj):
        raise PermissionDenied()

Julien Furrer's avatar
Julien Furrer committed
81
82
83
84
    return anobj


@login_required
85
@cache_control(public=True, max_age=120)
Julien Furrer's avatar
Julien Furrer committed
86
87
88
89
90
91
92
93
def send_anobj_img(request, anobj_uuid):
    try:
        anobj = _get_anobj(request, anobj_uuid=anobj_uuid)
        return sendfile(request, anobj.image.path)
    except Http404:
        return HttpResponseForbidden('Sorry, you cannot access this file')


94
95
96
97
98
99
100
101
@login_required
def anobj_thumb(request, anobj_uuid):
    if request.method == 'GET':
        return send_anobj_thumb(request, anobj_uuid=anobj_uuid)
    elif request.method == 'POST':
        return upload_anobj_thumb(request, anobj_uuid=anobj_uuid)


Julien Furrer's avatar
Julien Furrer committed
102
@login_required
Julien Furrer's avatar
Julien Furrer committed
103
@cache_control(public=True, max_age=1)
Julien Furrer's avatar
Julien Furrer committed
104
105
106
def send_anobj_thumb(request, anobj_uuid):
    try:
        anobj = _get_anobj(request, anobj_uuid=anobj_uuid)
107
        thumb_name = "{name}__{user}.png".format(name=os.path.splitext(anobj.image.name)[0], user=request.user.id)
Julien Furrer's avatar
Julien Furrer committed
108
109
        thumb_path = os.path.join(
            settings.MEDIA_ROOT,
110
            thumb_name
Julien Furrer's avatar
Julien Furrer committed
111
        )
112
113
114
115
116
117
118
119
        # If there is not yet a thumbnail for the current user
        # return the original one
        if not os.path.isfile(thumb_path):
            thumb_name = "{name}__.png".format(name=os.path.splitext(anobj.image.name)[0])
            thumb_path = os.path.join(
                settings.MEDIA_ROOT,
                thumb_name
            )
Julien Furrer's avatar
Julien Furrer committed
120
121
122
123
124
125
126
        return sendfile(request, thumb_path)
    except Http404:
        return HttpResponseForbidden('Sorry, you cannot access this file')


@login_required
def annotate_new(request):
Julien Furrer's avatar
Julien Furrer committed
127
    return render(request, "adim/annotation_new.html", {})
Julien Furrer's avatar
Julien Furrer committed
128
129
130
131
132
133
134
135
136
137


@login_required
def annotate(request, anobj_uuid=None):
    """
    Annotation page
    :param request:
    :param anobj_uuid:
    :return:
    """
138
139
140
    context = {
        'membership': False
    }
Julien Furrer's avatar
Julien Furrer committed
141

142
143
144
145
    try:
        anobj = AnObj.objects.select_related('owner').get(uuid__startswith=anobj_uuid)
    except AnObj.DoesNotExist:
        raise Http404()
146
147
148
149

    # In case of fragmentary uuid, redirect to the url with full uuid
    if len(anobj_uuid) < 32:
        return HttpResponseRedirect(reverse('adim_app:annotate', kwargs={'anobj_uuid': anobj.uuid}))
150

151
152
153
    # is_owner = request.user == anobj.owner
    # is_owner = request.user in anobj.owners.all()
    is_owner = anobj.is_owned(request.user.id)
154
155
    context.update({'is_owner': is_owner})

156
    # Detailed check for permissions
157
    membership = None
158
    if is_owner:
159
160
161
        if anobj.sharing_mode != SHARING_MODE_NONE:
            membership, _ = AnObjMembership.objects.get_or_create(anobj=anobj, user=request.user)
    else:
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
        # User is guest
        perm_class = get_permission_class(anobj.sharing_mode)

        if perm_class is None:
            # AnObj not shared
            raise Http404()
            # raise PermissionDenied()

        elif not perm_class.has_permission(request, anobj):
            # AnObj shared but user has no permission
            if perm_class.has_interactive_registration:
                # Interactive registration exists, call it
                return perm_class.get_interactive_registration_response(request, anobj)

            # No interactive registration
            raise PermissionDenied()

        else:
            # AnObj shared, user registred, go on
            pass

183
        membership = AnObjMembership.objects.get(anobj=anobj, user=request.user)
184

185
186
187
    if request.method == 'POST':
        return HttpResponseRedirect(reverse('adim_app:annotate', kwargs={'anobj_uuid': anobj_uuid}))

Julien Furrer's avatar
Julien Furrer committed
188
    context.update({
189
        'membership': membership,
Julien Furrer's avatar
Julien Furrer committed
190
191
        'anobj': anobj
    })
192
193

    # Determine if we may display shared annotations
194
    if is_owner:
195
        owner_membership = membership
196
197
    else:
        try:
198
            owner_membership = AnObjMembership.objects.get(anobj=anobj, user=anobj.owner)
199
        except AnObjMembership.DoesNotExist:
200
            owner_membership = None
201

202
203
204
    context.update({'display_shared_annotations':
        (anobj.sharing_mode != SHARING_MODE_NONE) and
        (
205
206
            # (request.user == anobj.owner) or
            anobj.is_owned(request.user.id) or
207
208
            anobj.allow_public_publishing or
            (
209
                owner_membership and owner_membership.publish_mode == 2
210
            )
211
212
213
        )
    })

Julien Furrer's avatar
Julien Furrer committed
214
    return render(request, "adim/annotation.html", context)
Julien Furrer's avatar
Julien Furrer committed
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245


@login_required
def upload_file(request, anobj_uuid=None):
    """

    -- inspired by: https://github.com/miki725/Django-jQuery-File-Uploader-Integration-demo/blob/master/upload/views.py
    :param request:
    :return:
    """
    if request.method != 'POST':
        return HttpResponseBadRequest()

    response_type = "application/json"
    response_data = {}

    form = UploadImageFileForm(request.POST, request.FILES)
    if form.is_valid():
        image_file = request.FILES['image_file']
        file_response = _validate_uploaded_file(image_file)
        response_data.update({
            'error': file_response.get('error'),
            'files': [file_response],
        })

        # Create AnObj
        if not file_response['error']:
            try:
                anobj = _get_anobj(request, anobj_uuid=anobj_uuid)
                anobj.image = image_file
                anobj.save()
Julien Furrer's avatar
Julien Furrer committed
246

Julien Furrer's avatar
Julien Furrer committed
247
248
249
250
251
252
            except Http404:
                anobj = AnObj.objects.create(
                    owner=request.user,
                    name=os.path.splitext(image_file.name)[0],
                    image=image_file
                )
Julien Furrer's avatar
Julien Furrer committed
253

254
            # Create original thumbnail, returned to user who has not yet annotated
Julien Furrer's avatar
Julien Furrer committed
255
            create_image_thumbnail(anobj.image.path)
256
            response_data['next'] = reverse('adim_app:annotate', kwargs={'anobj_uuid': anobj.uuid})
Julien Furrer's avatar
Julien Furrer committed
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301

        # Needed when using iFrame transport
        if "text/html" in request.META["HTTP_ACCEPT"]:
            response_type = "text/html"
    else:
        response_data['error'] = "invalid"

    if request.is_ajax():
        return HttpResponse(json.dumps(response_data), content_type=response_type)
    else:
        return HttpResponseRedirect(response_data['next'])
    

def _validate_uploaded_file(image_file):
    options = {
        # the maximum file size (must be in bytes)
        "maxfilesize": settings.ADIM_UPLOAD_MAX_FILESIZE * 2 ** 20,  # 2 Mb
        # the file types which are going to be allowed for upload
        # must be a mimetype
        "acceptedformats": (
            "image/jpeg",
            "image/jpg",
            "image/png",
        )
    }

    error_id = False
    if image_file.size > options["maxfilesize"]:
        error_id = "maxFileSize"
    # allowed file type
    if image_file.content_type not in options["acceptedformats"]:
        error_id = "acceptFileTypes"

    response_data = {
        "name": image_file.name,
        "size": image_file.size,
        "type": image_file.content_type,
        "error": error_id,
    }

    return response_data


@login_required
@require_POST
302
303
304
305
306
307
308
309
310
def upload_anobj_thumb(request, anobj_uuid=None):
    if anobj_uuid:
        anobj = _get_anobj(request, anobj_uuid=anobj_uuid)
    else:
        try:
            anobj_id = int(request.POST.get('aid'))
            anobj = _get_anobj(request, anobj_id=anobj_id)
        except TypeError:
            return HttpResponseBadRequest()
Julien Furrer's avatar
Julien Furrer committed
311

312
313
    thumb_name = "{name}__{user}.png".format(name=os.path.splitext(anobj.image.name)[0], user=request.user.id)
    # thumb_name = "{name}__.png".format(name=os.path.splitext(anobj.image.name)[0])
Julien Furrer's avatar
Julien Furrer committed
314
    thumb_path = os.path.join(settings.MEDIA_ROOT, thumb_name)
315

Julien Furrer's avatar
Julien Furrer committed
316
    # thumb_url = reverse('adim.app:ao_thumb', kwargs={'anobj_uuid': anobj.uuid})
Julien Furrer's avatar
Julien Furrer committed
317
318
319
320
321
322
323
324
325
326

    thumb_file = request.FILES['file']
    response_data = _validate_uploaded_file(thumb_file)
    if response_data['error']:
        return HttpResponseBadRequest()

    with open(thumb_path, 'wb+') as destination:
        for chunk in thumb_file.chunks():
            destination.write(chunk)

Julien Furrer's avatar
Julien Furrer committed
327
328
    add_image_border(thumb_path, save=True)
    return HttpResponse()
Julien Furrer's avatar
Julien Furrer committed
329
330
331
332
333
334
335


def _handle_uploaded_file(image_file, destination):
    destination_path = os.path.join(settings.MEDIA_ROOT, destination, image_file.name)
    with open(destination_path, 'wb+') as destination:
        for chunk in image_file.chunks():
            destination.write(chunk)
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355


@login_required
def suggest_users(request):
    """
    Return a list of usernames that match a query passed in as a query string
    This is the end point for the Bloodhound suggestion engine used for user suggestion
    while adding users to a shared AnObj
    :param request:
    :return:
    """
    query_str = request.GET.get('q', "")
    # tokens = filter(bool, re.compile("\W+").split(query_str))  ## Use this for nonword limit instead of whitespace
    tokens = query_str.split()
    matching_users = []
    usernames = []

    if not tokens:
        return HttpResponse(content=json.dumps(matching_users), content_type="application/json")

Julien Furrer's avatar
Julien Furrer committed
356
    # -- Search for local users
357
358
359
360
361
362
363
364
    q = Q()
    for token in tokens:
        q = q & Q(username__icontains=token)

    for user in User.objects.filter(q):
        matching_users.append({'username': user.username, 'id': user.id})
        usernames.append(user.username)

Julien Furrer's avatar
Julien Furrer committed
365
    # -- Search for ldap users
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
    if len(matching_users) < settings.ADIM_SUGGESTION['LIMIT']:
        cache_key = "ldapusers_" + "_".join(tokens)
        ldap_users = cache.get(cache_key)

        if ldap_users is None:
            filter_str = "(mail=*{}*)".format("*".join(tokens))
            print "\n{h} HIT LDAP: {q} {h}\n".format(h="#" * 30, q=filter_str)

            ldap_object = ldap.initialize(settings.ADIM_SUGGESTION['LDAP']['URL'])
            try:
                results = ldap_object.search_st(
                    base=settings.ADIM_SUGGESTION['LDAP']['BASE'],
                    scope=ldap.SCOPE_SUBTREE,
                    filterstr=filter_str,
                    attrlist=(str("mail"),),
                    timeout=settings.ADIM_SUGGESTION['LDAP']['TIMEOUT']
                )
            except ldap.TIMEOUT:
                results = []
            ldap_users = map(lambda r: r[1].get('mail', [""])[0], results)

            # ldap_users = [
            #     "Julien.Furrer@unil.ch",
            #     "Julien.Furrer.1@unil.ch",
            #     "Julien.Furrer.2@unil.ch",
            # ]

            cache.set(cache_key, ldap_users, 3600 * 24)

        matching_users += [
            {'username': user}
            for user in ldap_users if user not in usernames
        ]

    return HttpResponse(content=json.dumps(matching_users), content_type="application/json")