portal/managementtabrequests.py

   1 from django.template                 import RequestContext
   2 from django.shortcuts                import render_to_response
   3
   4 from manifold.core.query             import Query, AnalyzedQuery
   5 from manifoldapi.manifoldapi         import execute_query
   6
   7 from django.views.generic.base      import TemplateView
   8
   9 from unfold.loginrequired           import LoginRequiredView
  10 from unfold.page                    import Page
  11
  12 from django.http                    import HttpResponse
  13 from django.shortcuts               import render
  14
  15 from manifold.core.query            import Query, AnalyzedQuery
  16 from manifoldapi.manifoldapi        import execute_query
  17
  18 from portal.actions                 import get_requests
  19
  20 from myslice.theme import ThemeView
  21
  22 import json
  23
  24 class ManagementRequestsView (LoginRequiredView, ThemeView):
  25     template_name = "management-tab-requests.html"
  26
  27     def get_context_data(self, **kwargs):
  28
  29         ctx_my_authorities = {}
  30         ctx_delegation_authorities = {}
  31         ctx_sub_authorities = {}
  32         dest = {}
  33
  34
  35         # The user need to be logged in
  36         if (self.request.user):
  37
  38             user_query = Query().get('local:user').filter_by('email', '==', self.request.user.email).select('user_id')
  39             user, = execute_query(self.request, user_query)
  40             user_id = user['user_id']
  41
  42             # Query manifold to learn about available SFA platforms for more information
  43             # In general we will at least have the portal
  44             # For now we are considering all registries
  45             all_authorities = []
  46             platform_ids = []
  47             sfa_platforms_query = Query().get('local:platform').filter_by('gateway_type', '==', 'sfa').select('platform_id', 'platform', 'auth_type')
  48             sfa_platforms = execute_query(self.request, sfa_platforms_query)
  49             for sfa_platform in sfa_platforms:
  50                 print "SFA PLATFORM > ", sfa_platform['platform']
  51                 if not 'auth_type' in sfa_platform:
  52                     continue
  53                 auth = sfa_platform['auth_type']
  54                 if not auth in all_authorities:
  55                     all_authorities.append(auth)
  56                 platform_ids.append(sfa_platform['platform_id'])
  57
  58             print "W: Hardcoding platform myslice"
  59             # There has been a tweak on how new platforms are referencing a
  60             # so-called 'myslice' platform for storing authentication tokens.
  61             # XXX This has to be removed in final versions.
  62             myslice_platforms_query = Query().get('local:platform').filter_by('platform', '==', 'myslice').select('platform_id')
  63             myslice_platforms = execute_query(self.request, myslice_platforms_query)
  64             if myslice_platforms:
  65                 myslice_platform, = myslice_platforms
  66                 platform_ids.append(myslice_platform['platform_id'])
  67
  68             # We can check on which the user has authoritity credentials = PI rights
  69             credential_authorities = set()
  70             credential_authorities_expired = set()
  71
  72             # User account on these registries
  73             user_accounts_query = Query.get('local:account').filter_by('user_id', '==', user_id).filter_by('platform_id', 'included', platform_ids).select('auth_type', 'config')
  74             user_accounts = execute_query(self.request, user_accounts_query)
  75
  76             for user_account in user_accounts:
  77
  78                 if user_account['auth_type'] == 'reference':
  79                     continue # we hardcoded the myslice platform...
  80
  81                 config = json.loads(user_account['config'])
  82                 creds = []
  83                 if 'authority_credentials' in config:
  84                     for authority_hrn, credential in config['authority_credentials'].items():
  85                         credential_authorities.add(authority_hrn)
  86                 if 'delegated_authority_credentials' in config:
  87                     for authority_hrn, credential in config['delegated_authority_credentials'].items():
  88                         credential_authorities.add(authority_hrn)
  89
  90             # CACHE PB with fields
  91             page = Page(self.request)
  92             metadata = page.get_metadata()
  93             user_md = metadata.details_by_object('user')
  94             user_fields = [column['name'] for column in user_md['column']]
  95
  96             # ** Where am I a PI **
  97             # For this we need to ask SFA (of all authorities) = PI function
  98             pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select(user_fields)
  99             pi_authorities_tmp = execute_query(self.request, pi_authorities_query)
 100             pi_authorities = set()
 101             try:
 102                 for pa in pi_authorities_tmp:
 103                     pi_authorities |= set(pa['pi_authorities'])
 104             except:
 105                 print 'No pi_authorities'
 106
 107             pi_credential_authorities = pi_authorities & credential_authorities
 108             pi_no_credential_authorities = pi_authorities - credential_authorities - credential_authorities_expired
 109             pi_expired_credential_authorities = pi_authorities & credential_authorities_expired
 110             # Authorities I've been delegated PI rights
 111             pi_delegation_credential_authorities = credential_authorities - pi_authorities
 112             pi_delegation_expired_authorities = credential_authorities_expired - pi_authorities
 113
 114             # Summary intermediary
 115             pi_my_authorities = pi_credential_authorities | pi_no_credential_authorities | pi_expired_credential_authorities
 116             pi_delegation_authorities = pi_delegation_credential_authorities | pi_delegation_expired_authorities
 117
 118             # Summary all
 119             queried_pending_authorities = pi_my_authorities | pi_delegation_authorities #| pi_subauthorities
 120
 121             # iterate on the requests and check if the authority matches a prefix
 122             # startswith an authority on which the user is PI
 123             if len(pi_my_authorities)>0:
 124                 requests = get_requests(pi_my_authorities)
 125             else:
 126                 requests = get_requests()
 127             for r in requests:
 128                 auth_hrn = r['authority_hrn']
 129                 for my_auth in pi_my_authorities:
 130                     if auth_hrn.startswith(my_auth):
 131                         dest = ctx_my_authorities
 132                         r['allowed'] = 'allowed'
 133
 134                 #for my_auth in pi_delegation_authorities:
 135                 #    if auth_hrn.startswith(my_auth):
 136                 #        dest = ctx_delegation_authorities
 137                 #        r['allowed'] = 'allowed'
 138                 if auth_hrn in pi_expired_credential_authorities:
 139                     r['allowed'] = 'expired'
 140                 if 'allowed' not in r:
 141                     ## TEMP FIX for allowing new authority registration
 142                     #r['allowed'] = 'denied'
 143                     r['allowed'] = 'allowed'
 144
 145                 if not auth_hrn in dest:
 146                     dest[auth_hrn] = []
 147                 dest[auth_hrn].append(r)
 148
 149
 150 #         env = {}
 151 #         env['my_authorities']   = ctx_my_authorities
 152 #         env['sub_authorities']   = ctx_sub_authorities
 153 #         env['delegation_authorities'] = ctx_delegation_authorities
 154 #
 155 #         # XXX This is repeated in all pages
 156 #         # more general variables expected in the template
 157 #         # the menu items on the top
 158 #         #env['topmenu_items'] = topmenu_items_live('Validation', page)
 159 #         # so we can sho who is logged
 160 #         env['username'] = request.user
 161 #         env['pi'] = "is_pi"
 162 #         env['theme'] = self.theme
 163 #         env['section'] = "Requests"
 164
 165         context = super(ManagementRequestsView, self).get_context_data(**kwargs)
 166
 167
 168         context['my_authorities']   = ctx_my_authorities
 169         context['sub_authorities']   = ctx_sub_authorities
 170         context['delegation_authorities'] = ctx_delegation_authorities
 171
 172         # XXX This is repeated in all pages
 173         # more general variables expected in the template
 174         context['title'] = 'Test view that combines various plugins'
 175         # the menu items on the top
 176         #context['topmenu_items'] = topmenu_items_live('Validation', page)
 177         # so we can sho who is logged
 178         context['username'] = self.request.user
 179         context['pi'] = "is_pi"
 180         context['theme'] = self.theme
 181         context['section'] = "Requests"
 182         # XXX We need to prepare the page for queries
 183         #context.update(page.prelude_env())
 184
 185         return context
 186
 187         #return render_to_response(self.template, env, context_instance=RequestContext(request))