portal/managementtabrequests.py

   1 from __future__ import print_function
   2
   3 from django.template                 import RequestContext
   4 from django.shortcuts                import render_to_response
   5
   6 from manifold.core.query             import Query, AnalyzedQuery
   7 from manifoldapi.manifoldapi         import execute_query
   8
   9 from django.views.generic.base      import TemplateView
  10
  11 from unfold.loginrequired           import LoginRequiredView
  12 from unfold.page                    import Page
  13
  14 from django.http                    import HttpResponse
  15 from django.shortcuts               import render
  16
  17 from manifold.core.query            import Query, AnalyzedQuery
  18 from manifoldapi.manifoldapi        import execute_query
  19
  20 from portal.actions                 import get_requests
  21
  22 from myslice.theme import ThemeView
  23
  24 import json
  25
  26 class ManagementRequestsView (LoginRequiredView, ThemeView):
  27     template_name = "management-tab-requests.html"
  28
  29     def get_context_data(self, **kwargs):
  30
  31         ctx_my_authorities = {}
  32         ctx_delegation_authorities = {}
  33         ctx_sub_authorities = {}
  34         dest = {}
  35
  36
  37         # The user need to be logged in
  38         if (self.request.user):
  39
  40             user_query = Query().get('local:user').filter_by('email', '==', self.request.user.email).select('user_id')
  41             user, = execute_query(self.request, user_query)
  42             user_id = user['user_id']
  43
  44             # Query manifold to learn about available SFA platforms for more information
  45             # In general we will at least have the portal
  46             # For now we are considering all registries
  47             all_authorities = []
  48             platform_ids = []
  49             sfa_platforms_query = Query().get('local:platform').filter_by('gateway_type', '==', 'sfa').select('platform_id', 'platform', 'auth_type')
  50             sfa_platforms = execute_query(self.request, sfa_platforms_query)
  51             for sfa_platform in sfa_platforms:
  52                 print("SFA PLATFORM > ", sfa_platform['platform'])
  53                 if not 'auth_type' in sfa_platform:
  54                     continue
  55                 auth = sfa_platform['auth_type']
  56                 if not auth in all_authorities:
  57                     all_authorities.append(auth)
  58                 platform_ids.append(sfa_platform['platform_id'])
  59
  60             print("W: Hardcoding platform myslice")
  61             # There has been a tweak on how new platforms are referencing a
  62             # so-called 'myslice' platform for storing authentication tokens.
  63             # XXX This has to be removed in final versions.
  64             myslice_platforms_query = Query().get('local:platform').filter_by('platform', '==', 'myslice').select('platform_id')
  65             myslice_platforms = execute_query(self.request, myslice_platforms_query)
  66             if myslice_platforms:
  67                 myslice_platform, = myslice_platforms
  68                 platform_ids.append(myslice_platform['platform_id'])
  69
  70             # We can check on which the user has authoritity credentials = PI rights
  71             credential_authorities = set()
  72             credential_authorities_expired = set()
  73
  74             # User account on these registries
  75             user_accounts_query = Query.get('local:account').filter_by('user_id', '==', user_id).filter_by('platform_id', 'included', platform_ids).select('auth_type', 'config')
  76             user_accounts = execute_query(self.request, user_accounts_query)
  77
  78             for user_account in user_accounts:
  79
  80                 if user_account['auth_type'] == 'reference':
  81                     continue # we hardcoded the myslice platform...
  82
  83                 config = json.loads(user_account['config'])
  84                 creds = []
  85                 if 'authority_credentials' in config:
  86                     for authority_hrn, credential in config['authority_credentials'].items():
  87                         credential_authorities.add(authority_hrn)
  88                 if 'delegated_authority_credentials' in config:
  89                     for authority_hrn, credential in config['delegated_authority_credentials'].items():
  90                         credential_authorities.add(authority_hrn)
  91
  92             # CACHE PB with fields
  93             page = Page(self.request)
  94             metadata = page.get_metadata()
  95             user_md = metadata.details_by_object('user')
  96             user_fields = [column['name'] for column in user_md['column']]
  97
  98             # ** Where am I a PI **
  99             # For this we need to ask SFA (of all authorities) = PI function
 100             pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select(user_fields)
 101             pi_authorities_tmp = execute_query(self.request, pi_authorities_query)
 102             pi_authorities = set()
 103             try:
 104                 for pa in pi_authorities_tmp:
 105                     pi_authorities |= set(pa['pi_authorities'])
 106             except:
 107                 print('No pi_authorities')
 108
 109             pi_credential_authorities = pi_authorities & credential_authorities
 110             pi_no_credential_authorities = pi_authorities - credential_authorities - credential_authorities_expired
 111             pi_expired_credential_authorities = pi_authorities & credential_authorities_expired
 112             # Authorities I've been delegated PI rights
 113             pi_delegation_credential_authorities = credential_authorities - pi_authorities
 114             pi_delegation_expired_authorities = credential_authorities_expired - pi_authorities
 115
 116             # Summary intermediary
 117             pi_my_authorities = pi_credential_authorities | pi_no_credential_authorities | pi_expired_credential_authorities
 118             pi_delegation_authorities = pi_delegation_credential_authorities | pi_delegation_expired_authorities
 119
 120             # Summary all
 121             queried_pending_authorities = pi_my_authorities | pi_delegation_authorities #| pi_subauthorities
 122
 123             # iterate on the requests and check if the authority matches a prefix
 124             # startswith an authority on which the user is PI
 125             if len(pi_my_authorities)>0:
 126                 requests = get_requests(pi_my_authorities)
 127             else:
 128                 requests = get_requests()
 129             for r in requests:
 130                 auth_hrn = r['authority_hrn']
 131                 for my_auth in pi_my_authorities:
 132                     if auth_hrn.startswith(my_auth):
 133                         dest = ctx_my_authorities
 134                         r['allowed'] = 'allowed'
 135
 136                 #for my_auth in pi_delegation_authorities:
 137                 #    if auth_hrn.startswith(my_auth):
 138                 #        dest = ctx_delegation_authorities
 139                 #        r['allowed'] = 'allowed'
 140                 if auth_hrn in pi_expired_credential_authorities:
 141                     r['allowed'] = 'expired'
 142                 if 'allowed' not in r:
 143                     ## TEMP FIX for allowing new authority registration
 144                     #r['allowed'] = 'denied'
 145                     r['allowed'] = 'allowed'
 146
 147                 if not auth_hrn in dest:
 148                     dest[auth_hrn] = []
 149                 dest[auth_hrn].append(r)
 150
 151
 152 #         env = {}
 153 #         env['my_authorities']   = ctx_my_authorities
 154 #         env['sub_authorities']   = ctx_sub_authorities
 155 #         env['delegation_authorities'] = ctx_delegation_authorities
 156 #
 157 #         # XXX This is repeated in all pages
 158 #         # more general variables expected in the template
 159 #         # the menu items on the top
 160 #         #env['topmenu_items'] = topmenu_items_live('Validation', page)
 161 #         # so we can sho who is logged
 162 #         env['username'] = request.user
 163 #         env['pi'] = "is_pi"
 164 #         env['theme'] = self.theme
 165 #         env['section'] = "Requests"
 166
 167         context = super(ManagementRequestsView, self).get_context_data(**kwargs)
 168
 169
 170         context['my_authorities']   = ctx_my_authorities
 171         context['sub_authorities']   = ctx_sub_authorities
 172         context['delegation_authorities'] = ctx_delegation_authorities
 173
 174         # XXX This is repeated in all pages
 175         # more general variables expected in the template
 176         context['title'] = 'Test view that combines various plugins'
 177         # the menu items on the top
 178         #context['topmenu_items'] = topmenu_items_live('Validation', page)
 179         # so we can sho who is logged
 180         context['username'] = self.request.user
 181         context['pi'] = "is_pi"
 182         context['theme'] = self.theme
 183         context['section'] = "Requests"
 184         # XXX We need to prepare the page for queries
 185         #context.update(page.prelude_env())
 186
 187         return context
 188
 189         #return render_to_response(self.template, env, context_instance=RequestContext(request))