3 from django.template import RequestContext
4 from django.shortcuts import render_to_response
6 from manifold.core.query import Query, AnalyzedQuery
7 from manifoldapi.manifoldapi import execute_query
9 from django.views.generic.base import TemplateView
11 from unfold.loginrequired import LoginRequiredView
12 from unfold.page import Page
14 from django.http import HttpResponse
15 from django.shortcuts import render
17 from manifold.core.query import Query, AnalyzedQuery
18 from manifoldapi.manifoldapi import execute_query
20 from portal.actions import get_requests
22 from myslice.theme import ThemeView
23 from myslice.settings import logger
25 class ManagementRequestsView (LoginRequiredView, ThemeView):
26 template_name = "management-tab-requests.html"
28 def get_context_data(self, **kwargs):
30 ctx_my_authorities = {}
31 ctx_delegation_authorities = {}
32 ctx_sub_authorities = {}
36 # The user need to be logged in
37 if (self.request.user):
39 user_query = Query().get('local:user').filter_by('email', '==', self.request.user.email).select('user_id')
40 user, = execute_query(self.request, user_query)
41 user_id = user['user_id']
43 # Query manifold to learn about available SFA platforms for more information
44 # In general we will at least have the portal
45 # For now we are considering all registries
48 sfa_platforms_query = Query().get('local:platform').filter_by('gateway_type', '==', 'sfa').select('platform_id', 'platform', 'auth_type')
49 sfa_platforms = execute_query(self.request, sfa_platforms_query)
50 for sfa_platform in sfa_platforms:
51 logger.info("SFA PLATFORM > {}".format(sfa_platform['platform']))
52 if not 'auth_type' in sfa_platform:
54 auth = sfa_platform['auth_type']
55 if not auth in all_authorities:
56 all_authorities.append(auth)
57 platform_ids.append(sfa_platform['platform_id'])
59 logger.warning("W: Hardcoding platform myslice")
60 # There has been a tweak on how new platforms are referencing a
61 # so-called 'myslice' platform for storing authentication tokens.
62 # XXX This has to be removed in final versions.
63 myslice_platforms_query = Query().get('local:platform').filter_by('platform', '==', 'myslice').select('platform_id')
64 myslice_platforms = execute_query(self.request, myslice_platforms_query)
66 myslice_platform, = myslice_platforms
67 platform_ids.append(myslice_platform['platform_id'])
69 # We can check on which the user has authoritity credentials = PI rights
70 credential_authorities = set()
71 credential_authorities_expired = set()
73 # User account on these registries
74 user_accounts_query = Query.get('local:account').filter_by('user_id', '==', user_id).filter_by('platform_id', 'included', platform_ids).select('auth_type', 'config')
75 user_accounts = execute_query(self.request, user_accounts_query)
77 for user_account in user_accounts:
79 if user_account['auth_type'] == 'reference':
80 continue # we hardcoded the myslice platform...
82 config = json.loads(user_account['config'])
84 if 'authority_credentials' in config:
85 for authority_hrn, credential in config['authority_credentials'].items():
86 credential_authorities.add(authority_hrn)
87 if 'delegated_authority_credentials' in config:
88 for authority_hrn, credential in config['delegated_authority_credentials'].items():
89 credential_authorities.add(authority_hrn)
91 # CACHE PB with fields
92 page = Page(self.request)
93 metadata = page.get_metadata()
94 user_md = metadata.details_by_object('user')
95 user_fields = [column['name'] for column in user_md['column']]
97 # ** Where am I a PI **
98 # For this we need to ask SFA (of all authorities) = PI function
99 pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select(user_fields)
100 pi_authorities_tmp = execute_query(self.request, pi_authorities_query)
101 pi_authorities = set()
103 for pa in pi_authorities_tmp:
104 pi_authorities |= set(pa['pi_authorities'])
105 except Exception as e:
106 logger.error('No pi_authorities')
108 pi_credential_authorities = pi_authorities & credential_authorities
109 pi_no_credential_authorities = pi_authorities - credential_authorities - credential_authorities_expired
110 pi_expired_credential_authorities = pi_authorities & credential_authorities_expired
111 # Authorities I've been delegated PI rights
112 pi_delegation_credential_authorities = credential_authorities - pi_authorities
113 pi_delegation_expired_authorities = credential_authorities_expired - pi_authorities
115 # Summary intermediary
116 pi_my_authorities = pi_credential_authorities | pi_no_credential_authorities | pi_expired_credential_authorities
117 pi_delegation_authorities = pi_delegation_credential_authorities | pi_delegation_expired_authorities
120 queried_pending_authorities = pi_my_authorities | pi_delegation_authorities #| pi_subauthorities
122 # iterate on the requests and check if the authority matches a prefix
123 # startswith an authority on which the user is PI
124 if len(pi_my_authorities)>0:
125 requests = get_requests(pi_my_authorities)
127 requests = get_requests()
129 auth_hrn = r['authority_hrn']
130 for my_auth in pi_my_authorities:
131 if auth_hrn.startswith(my_auth):
132 dest = ctx_my_authorities
133 r['allowed'] = 'allowed'
135 #for my_auth in pi_delegation_authorities:
136 # if auth_hrn.startswith(my_auth):
137 # dest = ctx_delegation_authorities
138 # r['allowed'] = 'allowed'
139 if auth_hrn in pi_expired_credential_authorities:
140 r['allowed'] = 'expired'
141 if 'allowed' not in r:
142 ## TEMP FIX for allowing new authority registration
143 #r['allowed'] = 'denied'
144 r['allowed'] = 'allowed'
146 if not auth_hrn in dest:
148 dest[auth_hrn].append(r)
152 # env['my_authorities'] = ctx_my_authorities
153 # env['sub_authorities'] = ctx_sub_authorities
154 # env['delegation_authorities'] = ctx_delegation_authorities
156 # # XXX This is repeated in all pages
157 # # more general variables expected in the template
158 # # the menu items on the top
159 # #env['topmenu_items'] = topmenu_items_live('Validation', page)
160 # # so we can sho who is logged
161 # env['username'] = request.user
162 # env['pi'] = "is_pi"
163 # env['theme'] = self.theme
164 # env['section'] = "Requests"
166 context = super(ManagementRequestsView, self).get_context_data(**kwargs)
169 context['my_authorities'] = ctx_my_authorities
170 context['sub_authorities'] = ctx_sub_authorities
171 context['delegation_authorities'] = ctx_delegation_authorities
173 # XXX This is repeated in all pages
174 # more general variables expected in the template
175 context['title'] = 'Test view that combines various plugins'
176 # the menu items on the top
177 #context['topmenu_items'] = topmenu_items_live('Validation', page)
178 # so we can sho who is logged
179 context['username'] = self.request.user
180 context['pi'] = "is_pi"
181 context['theme'] = self.theme
182 context['section'] = "Requests"
183 # XXX We need to prepare the page for queries
184 #context.update(page.prelude_env())
188 #return render_to_response(self.template, env, context_instance=RequestContext(request))