config.py 8.75 KB
Newer Older
Marc Duez's avatar
Marc Duez committed
1
# coding: utf8
Marc Duez's avatar
Marc Duez committed
2
import gluon.contrib.simplejson
3
from controller_utils import error_message
Marc Duez's avatar
Marc Duez committed
4 5 6 7
if request.env.http_origin:
    response.headers['Access-Control-Allow-Origin'] = request.env.http_origin  
    response.headers['Access-Control-Allow-Credentials'] = 'true'
    response.headers['Access-Control-Max-Age'] = 86400
Marc Duez's avatar
Marc Duez committed
8

Marc Duez's avatar
Marc Duez committed
9 10 11
    
ACCESS_DENIED = "access denied"

Marc Duez's avatar
Marc Duez committed
12
def index():
Marc Duez's avatar
Marc Duez committed
13 14 15
    if not auth.user : 
        res = {"redirect" : "default/user/login"}
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
16 17
    

HERBERT Ryan's avatar
HERBERT Ryan committed
18
    query = db((auth.vidjil_accessible_query(PermissionEnum.read_config.value, db.config) | auth.vidjil_accessible_query(PermissionEnum.admin_config.value, db.config) ) ).select(orderby=~db.config.name)
19 20
    used_query = db(db.results_file.config_id > 0).select(db.results_file.config_id, distinct=True)
    used_configs = [row.config_id for row in used_query]
Marc Duez's avatar
Marc Duez committed
21

22 23 24
    mes = u"Access config list"
    log.info(mes, extra={'user_id': auth.user.id, 'record_id': -1, 'table_name': 'config'})

Marc Duez's avatar
Marc Duez committed
25
    return dict(message=T('Configs'),
26
               query=query,
27
               used_configs=used_configs,
28
               isAdmin = auth.is_admin())
Marc Duez's avatar
Marc Duez committed
29

30

31 32 33 34
def add():
    if (auth.can_create_config()):
        return dict(message=T('Add config'))
    return error_message(ACCESS_DENIED)
Marc Duez's avatar
Marc Duez committed
35

36

Marc Duez's avatar
Marc Duez committed
37 38
#TODO check data
def add_form(): 
39
    error =""
40 41
    if (not auth.can_create_config()):
        return error_message(ACCESS_DENIED)
42

43
    required_fields = ['config_name', 'config_command', 'config_fuse_command', 'config_program']
44 45 46
    for field in required_fields:
        if request.vars[field] == "" :
            error += field+" needed, "
47 48 49

    if error=="" :
        
50
        config_id = db.config.insert(name=request.vars['config_name'],
51 52
                        info=request.vars['config_info'],
                        command=request.vars['config_command'],
53 54
                        fuse_command=request.vars['config_fuse_command'],
                        program=request.vars['config_program']
55 56
                        )

57 58 59 60 61 62 63 64
        user_group = None
        group_ids = list(auth.user_groups.keys())
        for gid in group_ids:
            if (auth.user_groups[gid] != 'public'):
                user_group = gid
                break

        db.auth_permission.insert(group_id=user_group,
HERBERT Ryan's avatar
HERBERT Ryan committed
65
                                name=PermissionEnum.create_config.value,
66 67 68
                                table_name='config',
                                record_id=config_id)

69 70 71
        mes = u"Added config"
        log.info(mes, extra={'user_id': auth.user.id, 'record_id': config_id, 'table_name': 'config'})

Marc Duez's avatar
Marc Duez committed
72
        res = {"redirect": "config/index",
73
               "message": "config '%s' added" % request.vars['config_name']}
Mathieu Giraud's avatar
Mathieu Giraud committed
74
        log.info(res)
75 76 77
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
        
    else :
Marc Duez's avatar
Marc Duez committed
78
        res = {"success" : "false", "message" : error}
79
        log.error(res)
80 81 82
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))


83
def edit():
84
    if (auth.can_modify_config(request.vars['id'])):
85 86
        mes = u"Load config edit form"
        log.info(mes, extra={'user_id': auth.user.id, 'record_id': request.vars['id'], 'table_name': 'config'})
87 88
        return dict(message=T('edit config'))
    return error_message(ACCESS_DENIED)
89 90 91 92 93


def edit_form(): 
    error =""

94
    if (not auth.can_modify_config(request.vars['id'])):
95 96
        error += "ACCESS_DENIED"

Marc Duez's avatar
Marc Duez committed
97
    required_fields = ['id', 'config_name', 'config_command', 'config_fuse_command', 'config_program']
98 99 100
    for field in required_fields:
        if request.vars[field] == "" :
            error += field+" needed, "
101 102 103 104

    if error=="" :

        db.config[request.vars["id"]] = dict(name=request.vars['config_name'],
105 106 107 108 109
                                             info=request.vars['config_info'],
                                             command=request.vars['config_command'],
                                             fuse_command=request.vars['config_fuse_command'],
                                             program=request.vars['config_program']
                                             )
110

Marc Duez's avatar
Marc Duez committed
111
        res = {"redirect": "config/index",
112
               "message": "config '%s' updated" % request.vars['config_name']}
Marc Duez's avatar
Marc Duez committed
113

114
        log.admin(res)
115 116
        mes = u"Submit config edit form"
        log.info(mes, extra={'user_id': auth.user.id, 'record_id': request.vars['id'], 'table_name': 'config'})
117 118 119
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))

    else :
Marc Duez's avatar
Marc Duez committed
120
        res = {"success" : "false", "message" : error}
121
        log.error(res)
122
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
123 124

def confirm():
125 126 127
    if (auth.can_modify_config(request.vars['id'])):
        return dict(message=T('confirm config deletion'))
    return error_message(ACCESS_DENIED)
128 129

def delete():
130
    if (auth.can_modify_config(request.vars['id'])):
Ryan Herbert's avatar
Ryan Herbert committed
131 132 133 134 135 136 137 138 139
        count = db(db.results_file.config_id==request.vars["id"]).count()

        if (count == 0):
            #delete config
            db(db.config.id==request.vars["id"]).delete()

            res = {"redirect": "config/index",
                   "message": "config '%s' deleted" % request.vars["id"]}
            log.admin(res)
140 141
            mes = u"Delete config"
            log.info(mes, extra={'user_id': auth.user.id, 'record_id': request.vars['id'], 'table_name': 'config'})
Ryan Herbert's avatar
Ryan Herbert committed
142 143 144 145
        else:
            res = {"redirect": "config/index",
                    "success": "false",
                    "message": "cannot delete a config that has been used"}
146 147
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
    return error_message(ACCESS_DENIED)
148 149 150


def permission(): 
Ryan Herbert's avatar
Ryan Herbert committed
151
    if (auth.can_modify_config(request.vars["id"]) ):
152
        
153 154 155 156 157 158 159 160 161 162 163
        query = db( (db.auth_group.role != 'admin') ).select()
        
        query2 = db( (db.auth_group.role != 'admin') &
                    (db.auth_membership.group_id == db.auth_group.id) &
                    (db.auth_membership.user_id == db.auth_user.id)    
                  ).select()
        
        usermap = {}
        for row in query2 : 
            if row.auth_group.role[:5] == "user_" :
                usermap[row.auth_group.role] = row.auth_user.id 
164 165 166 167
        
        for row in query :
            row.owner = row.role
            if row.owner[:5] == "user_" :
168
                id = usermap[row.owner]
169 170
                row.owner = db.auth_user[id].first_name + " " + db.auth_user[id].last_name 

HERBERT Ryan's avatar
HERBERT Ryan committed
171 172 173 174 175 176 177 178
            permissions = db(
                    (db.auth_permission.group_id == row.id) &
                    (db.auth_permission.record_id == 0) &
                    (db.auth_permission.table_name == 'sample_set')).select()
            row.perms = ', '.join(map(lambda x: x.name, permissions))

            row.parent_access = ', '.join(str(value) for value in auth.get_access_groups(db.config, request.vars['id'], group=row.id))
            row.read =  auth.get_group_access('config', request.vars['id'], row.id)
179 180 181 182 183 184 185 186 187
        
        return dict(query = query)
    else :
        res = {"message": ACCESS_DENIED}
        log.error(res)
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
    
#TODO refactor with patient/change_permission
def change_permission():
188
    if (auth.can_modify_config(request.vars["config_id"]) ):
189 190 191 192 193 194 195
        error = ""
        if request.vars["group_id"] == "" :
            error += "missing group_id, "
        if request.vars["config_id"] == "" :
            error += "missing patient_id, "

        if error=="":
HERBERT Ryan's avatar
HERBERT Ryan committed
196 197
            if auth.get_group_access(db.config, int(request.vars["config_id"]), int(request.vars["group_id"])):
                auth.del_permission(request.vars["group_id"], PermissionEnum.access.value, db.config, request.vars["config_id"])
198
                res = {"message" : "c%s: access '%s' deleted to '%s'" % (request.vars["config_id"],
HERBERT Ryan's avatar
HERBERT Ryan committed
199
                                                                         PermissionEnum.access.value, db.auth_group[request.vars["group_id"]].role)}
200
            else :
HERBERT Ryan's avatar
HERBERT Ryan committed
201
                auth.add_permission(request.vars["group_id"], PermissionEnum.access.value, db.config, request.vars["config_id"])
202
                res = {"message" : "c%s: access '%s' granted to '%s'" % (request.vars["config_id"],
HERBERT Ryan's avatar
HERBERT Ryan committed
203
                                                                         PermissionEnum.access.value, db.auth_group[request.vars["group_id"]].role)}
204
            
205
            log.admin(res, extra={'user_id': auth.user.id, 'record_id': request.vars['id'], 'table_name': 'config'})
206 207 208 209 210 211 212 213 214
            return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
        else :
            res = {"message": "incomplete request : "+error }
            log.error(res)
            return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
    else :
        res = {"message": ACCESS_DENIED}
        log.error(res)
        return gluon.contrib.simplejson.dumps(res, separators=(',',':'))