X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/46fdcc29313a6c0dd897b8060335061f433897fd..0e5e4a0d816add3c0c13559fbed4f79eb295baf8:/apps/api/handlers/library_handlers.py diff --git a/apps/api/handlers/library_handlers.py b/apps/api/handlers/library_handlers.py index 488c2d40..aef1e9c1 100644 --- a/apps/api/handlers/library_handlers.py +++ b/apps/api/handlers/library_handlers.py @@ -1,6 +1,8 @@ # -*- encoding: utf-8 -*- import os.path + import logging +log = logging.getLogger('platforma.api.library') __author__= "Łukasz Rekucki" __date__ = "$2009-09-25 15:49:50$" @@ -8,32 +10,54 @@ __doc__ = "Module documentation." from piston.handler import BaseHandler, AnonymousBaseHandler -import re from datetime import date from django.core.urlresolvers import reverse -from django.utils import simplejson as json from django.db import IntegrityError import librarian import librarian.html -from librarian import dcparser, parser from wlrepo import * -from explorer.models import PullRequest, GalleryForDocument +from api.models import PullRequest +from explorer.models import GalleryForDocument # internal imports import api.forms as forms import api.response as response from api.utils import validate_form, hglibrary, natural_order -from api.models import PartCache +from api.models import PartCache, PullRequest # import settings -log = logging.getLogger('platforma.api') +def is_prq(username): + return username.startswith('$prq-') +def prq_for_user(username): + try: + return PullRequest.objects.get(id=int(username[5:])) + except: + return None + +def check_user(request, user): + log.info("user: %r, perm: %r" % (request.user, request.user.get_all_permissions()) ) + #pull request + if is_prq(user): + if not request.user.has_perm('api.view_prq'): + yield response.AccessDenied().django_response({ + 'reason': 'access-denied', + 'message': "You don't have enough priviliges to view pull requests." + }) + # other users + elif request.user.username != user: + if not request.user.has_perm('api.view_other_document'): + yield response.AccessDenied().django_response({ + 'reason': 'access-denied', + 'message': "You don't have enough priviliges to view other people's document." + }) + pass # # Document List Handlers @@ -48,10 +72,8 @@ class BasicLibraryHandler(AnonymousBaseHandler): document_list = [{ 'url': reverse('document_view', args=[docid]), 'name': docid } for docid in lib.documents() ] - return {'documents' : document_list} - # # This handler controlls the document collection # @@ -59,7 +81,6 @@ class LibraryHandler(BaseHandler): allowed_methods = ('GET', 'POST') anonymous = BasicLibraryHandler - @hglibrary def read(self, request, lib): """Return the list of documents.""" @@ -97,6 +118,7 @@ class LibraryHandler(BaseHandler): return {'documents': sorted(document_tree.itervalues(), key=natural_order(lambda d: d['name']) ) } + @validate_form(forms.DocumentUploadForm, 'POST') @hglibrary def create(self, request, form, lib): @@ -121,7 +143,6 @@ class LibraryHandler(BaseHandler): log.info("DOCID %s", docid) doc = lib.document_create(docid) # document created, but no content yet - try: doc = doc.quickwrite('xml', data.encode('utf-8'), '$AUTO$ XML data uploaded.', user=request.user.username) @@ -183,60 +204,105 @@ class DocumentHandler(BaseHandler): allowed_methods = ('GET', 'PUT') anonymous = BasicDocumentHandler + @validate_form(forms.DocumentRetrieveForm, 'GET') @hglibrary - def read(self, request, docid, lib): + def read(self, request, form, docid, lib): """Read document's meta data""" - log.info(u"Read %s (%s)" % (docid, type(docid)) ) - try: - doc = lib.document(docid) - udoc = doc.take(request.user.username) - except RevisionNotFound, e: - return response.EntityNotFound().django_response({ - 'exception': type(e), 'message': e.message, - 'docid': docid }) + log.info(u"User '%s' wants to %s(%s) as %s" % \ + (request.user.username, docid, form.cleaned_data['revision'], form.cleaned_data['user']) ) - # is_shared = udoc.ancestorof(doc) - # is_uptodate = is_shared or shared.ancestorof(document) + user = form.cleaned_data['user'] or request.user.username + rev = form.cleaned_data['revision'] or 'latest' - result = { - 'name': udoc.id, - 'html_url': reverse('dochtml_view', args=[udoc.id]), - 'text_url': reverse('doctext_view', args=[udoc.id]), - 'dc_url': reverse('docdc_view', args=[udoc.id]), - 'gallery_url': reverse('docgallery_view', args=[udoc.id]), - 'merge_url': reverse('docmerge_view', args=[udoc.id]), - 'user_revision': udoc.revision, - 'user_timestamp': udoc.revision.timestamp, - 'public_revision': doc.revision, - 'public_timestamp': doc.revision.timestamp, - } + for error in check_user(request, user): + return error + + try: + doc = lib.document(docid, user, rev=rev) + except RevisionMismatch, e: + # the document exists, but the revision is bad + return response.EntityNotFound().django_response({ + 'reason': 'revision-mismatch', + 'message': e.message, + 'docid': docid, + 'user': user, + }) + except RevisionNotFound, e: + # the user doesn't have this document checked out + # or some other weird error occured + # try to do the checkout + try: + if user == request.user.username: + mdoc = lib.document(docid) + doc = mdoc.take(user) + elif is_prq(user): + prq = prq_for_user(user) + # commiter's document + prq_doc = lib.document_for_rev(prq.source_revision) + doc = prq_doc.take(user) + else: + return response.EntityNotFound().django_response({ + 'reason': 'document-not-found', + 'message': e.message, + 'docid': docid, + 'user': user, + }) + except RevisionNotFound, e: + return response.EntityNotFound().django_response({ + 'reason': 'document-not-found', + 'message': e.message, + 'docid': docid, + 'user': user + }) - return result + return { + 'name': doc.id, + 'user': user, + 'html_url': reverse('dochtml_view', args=[doc.id]), + 'text_url': reverse('doctext_view', args=[doc.id]), + # 'dc_url': reverse('docdc_view', args=[doc.id]), + 'gallery_url': reverse('docgallery_view', args=[doc.id]), + 'merge_url': reverse('docmerge_view', args=[doc.id]), + 'revision': doc.revision, + 'timestamp': doc.revision.timestamp, + # 'public_revision': doc.revision, + # 'public_timestamp': doc.revision.timestamp, + } - @hglibrary - def update(self, request, docid, lib): - """Update information about the document, like display not""" - return + +# @hglibrary +# def update(self, request, docid, lib): +# """Update information about the document, like display not""" +# return # # # class DocumentHTMLHandler(BaseHandler): allowed_methods = ('GET') + @validate_form(forms.DocumentRetrieveForm, 'GET') @hglibrary - def read(self, request, docid, lib, stylesheet='partial'): + def read(self, request, form, docid, lib, stylesheet='partial'): """Read document as html text""" try: - revision = request.GET.get('revision', 'latest') - - if revision == 'latest': - document = lib.document(docid) - else: - document = lib.document_for_rev(revision) + revision = form.cleaned_data['revision'] + user = form.cleaned_data['user'] or request.user.username + document = lib.document_for_rev(revision) if document.id != docid: - return response.BadRequest().django_response({'reason': 'name-mismatch', - 'message': 'Provided revision refers, to document "%s", but provided "%s"' % (document.id, docid) }) + return response.BadRequest().django_response({ + 'reason': 'name-mismatch', + 'message': 'Provided revision is not valid for this document' + }) + + if document.owner != user: + return response.BadRequest().django_response({ + 'reason': 'user-mismatch', + 'message': "Provided revision doesn't belong to user %s" % user + }) + + for error in check_user(request, user): + return error return librarian.html.transform(document.data('xml'), is_file=False, \ parse_dublincore=False, stylesheet=stylesheet,\ @@ -275,245 +341,107 @@ class DocumentGalleryHandler(BaseHandler): for file in os.listdir(dirpath): if not isinstance(file, unicode): - log.warn(u"File %r is gallery %r is not unicode. Ommiting."\ - % (file, dirpath) ) - continue - - name, ext = os.path.splitext(os.path.basename(file)) + try: + file = file.decode('utf-8') + except: + log.warn(u"File %r in gallery %r is not unicode. Ommiting."\ + % (file, dirpath) ) + file = None - if ext.lower() not in [u'.png', u'.jpeg', u'.jpg']: - log.info(u"Ignoring: %s %s", name, ext) - continue + if file is not None: + name, ext = os.path.splitext(os.path.basename(file)) - url = settings.MEDIA_URL + assoc.subpath + u'/' + file; + if ext.lower() not in [u'.png', u'.jpeg', u'.jpg']: + log.warn(u"Ignoring: %s %s", name, ext) + url = None + + url = settings.MEDIA_URL + assoc.subpath + u'/' + file + + if url is None: + url = settings.MEDIA_URL + u'/missing.png' + gallery['pages'].append( quote(url.encode('utf-8')) ) - gallery['pages'].sort() +# gallery['pages'].sort() galleries.append(gallery) - return galleries + return galleries + + # -# Document Text View +# Dublin Core handlers # - -XINCLUDE_REGEXP = r"""<(?:\w+:)?include\s+[^>]*?href=("|')wlrepo://(?P[^\1]+?)\1\s*[^>]*?>""" +# @requires librarian # +#class DocumentDublinCoreHandler(BaseHandler): +# allowed_methods = ('GET', 'POST') # +# @hglibrary +# def read(self, request, docid, lib): +# """Read document as raw text""" +# try: +# revision = request.GET.get('revision', 'latest') # - -class DocumentTextHandler(BaseHandler): - allowed_methods = ('GET', 'POST') - - @hglibrary - def read(self, request, docid, lib): - """Read document as raw text""" - revision = request.GET.get('revision', 'latest') - part = request.GET.get('part', False) - - try: - if revision == 'latest': - document = lib.document(docid) - else: - document = lib.document_for_rev(revision) - - if document.id != docid: - return response.BadRequest().django_response({'reason': 'name-mismatch', - 'message': 'Provided revision is not valid for this document'}) - - # TODO: some finer-grained access control - if part is False: - # we're done :) - return document.data('xml') - else: - xdoc = parser.WLDocument.from_string(document.data('xml'),\ - parse_dublincore=False) - ptext = xdoc.part_as_text(part) - - if ptext is None: - return response.EntityNotFound().django_response({ - 'reason': 'no-part-in-document' - }) - - return ptext - except librarian.ParseError: - return response.EntityNotFound().django_response({ - 'reason': 'invalid-document-state', - 'exception': type(e), 'message': e.message - }) - except (EntryNotFound, RevisionNotFound), e: - return response.EntityNotFound().django_response({ - 'reason': 'not-found', - 'exception': type(e), 'message': e.message - }) - - @hglibrary - def create(self, request, docid, lib): - try: - revision = request.POST['revision'] - - current = lib.document(docid, request.user.username) - orig = lib.document_for_rev(revision) - - if current != orig: - return response.EntityConflict().django_response({ - "reason": "out-of-date", - "provided_revision": orig.revision, - "latest_revision": current.revision }) - - if request.POST.has_key('message'): - msg = u"$USER$ " + request.POST['message'] - else: - msg = u"$AUTO$ XML content update." - - if request.POST.has_key('contents'): - data = request.POST['contents'] - else: - if not request.POST.has_key('chunks'): - # bad request - return response.BadRequest().django_response({'reason': 'invalid-arguments', - 'message': 'No contents nor chunks specified.'}) - - # TODO: validate - parts = json.loads(request.POST['chunks']) - xdoc = parser.WLDocument.from_string(current.data('xml')) - - errors = xdoc.merge_chunks(parts) - - if len(errors): - return response.EntityConflict().django_response({ - "reason": "invalid-chunks", - "message": "Unable to merge following parts into the document: %s " % ",".join(errors) - }) - - data = xdoc.serialize() - - # try to find any Xinclude tags - includes = [m.groupdict()['link'] for m in (re.finditer(\ - XINCLUDE_REGEXP, data, flags=re.UNICODE) or []) ] - - log.info("INCLUDES: %s", includes) - - # TODO: provide useful routines to make this simpler - def xml_update_action(lib, resolve): - try: - f = lib._fileopen(resolve('parts'), 'r') - stored_includes = json.loads(f.read()) - f.close() - except: - stored_includes = [] - - if stored_includes != includes: - f = lib._fileopen(resolve('parts'), 'w+') - f.write(json.dumps(includes)) - f.close() - - lib._fileadd(resolve('parts')) - - # update the parts cache - PartCache.update_cache(docid, current.owner,\ - stored_includes, includes) - - # now that the parts are ok, write xml - f = lib._fileopen(resolve('xml'), 'w+') - f.write(data.encode('utf-8')) - f.close() - - ndoc = None - ndoc = current.invoke_and_commit(\ - xml_update_action, lambda d: (msg, current.owner) ) - - try: - # return the new revision number - return response.SuccessAllOk().django_response({ - "document": ndoc.id, - "subview": "xml", - "previous_revision": current.revision, - "revision": ndoc.revision, - 'timestamp': ndoc.revision.timestamp, - "url": reverse("doctext_view", args=[ndoc.id]) - }) - except Exception, e: - if ndoc: lib._rollback() - raise e - except RevisionNotFound, e: - return response.EntityNotFound(mimetype="text/plain").\ - django_response(e.message) - - +# if revision == 'latest': +# doc = lib.document(docid) +# else: +# doc = lib.document_for_rev(revision) # -# Dublin Core handlers # -# @requires librarian +# if document.id != docid: +# return response.BadRequest().django_response({'reason': 'name-mismatch', +# 'message': 'Provided revision is not valid for this document'}) # -class DocumentDublinCoreHandler(BaseHandler): - allowed_methods = ('GET', 'POST') - - @hglibrary - def read(self, request, docid, lib): - """Read document as raw text""" - try: - revision = request.GET.get('revision', 'latest') - - if revision == 'latest': - doc = lib.document(docid) - else: - doc = lib.document_for_rev(revision) - - - if document.id != docid: - return response.BadRequest().django_response({'reason': 'name-mismatch', - 'message': 'Provided revision is not valid for this document'}) - - bookinfo = dcparser.BookInfo.from_string(doc.data('xml')) - return bookinfo.serialize() - except (EntryNotFound, RevisionNotFound), e: - return response.EntityNotFound().django_response({ - 'exception': type(e), 'message': e.message}) - - @hglibrary - def create(self, request, docid, lib): - try: - bi_json = request.POST['contents'] - revision = request.POST['revision'] - - if request.POST.has_key('message'): - msg = u"$USER$ " + request.PUT['message'] - else: - msg = u"$AUTO$ Dublin core update." - - current = lib.document(docid, request.user.username) - orig = lib.document_for_rev(revision) - - if current != orig: - return response.EntityConflict().django_response({ - "reason": "out-of-date", - "provided": orig.revision, - "latest": current.revision }) - - xmldoc = parser.WLDocument.from_string(current.data('xml')) - document.book_info = dcparser.BookInfo.from_json(bi_json) - - # zapisz - ndoc = current.quickwrite('xml', \ - document.serialize().encode('utf-8'),\ - message=msg, user=request.user.username) - - try: - # return the new revision number - return { - "document": ndoc.id, - "subview": "dc", - "previous_revision": current.revision, - "revision": ndoc.revision, - 'timestamp': ndoc.revision.timestamp, - "url": reverse("docdc_view", args=[ndoc.id]) - } - except Exception, e: - if ndoc: lib._rollback() - raise e - except RevisionNotFound: - return response.EntityNotFound().django_response() +# bookinfo = dcparser.BookInfo.from_string(doc.data('xml')) +# return bookinfo.serialize() +# except (EntryNotFound, RevisionNotFound), e: +# return response.EntityNotFound().django_response({ +# 'exception': type(e), 'message': e.message}) +# +# @hglibrary +# def create(self, request, docid, lib): +# try: +# bi_json = request.POST['contents'] +# revision = request.POST['revision'] +# +# if request.POST.has_key('message'): +# msg = u"$USER$ " + request.PUT['message'] +# else: +# msg = u"$AUTO$ Dublin core update." +# +# current = lib.document(docid, request.user.username) +# orig = lib.document_for_rev(revision) +# +# if current != orig: +# return response.EntityConflict().django_response({ +# "reason": "out-of-date", +# "provided": orig.revision, +# "latest": current.revision }) +# +# xmldoc = parser.WLDocument.from_string(current.data('xml')) +# document.book_info = dcparser.BookInfo.from_json(bi_json) +# +# # zapisz +# ndoc = current.quickwrite('xml', \ +# document.serialize().encode('utf-8'),\ +# message=msg, user=request.user.username) +# +# try: +# # return the new revision number +# return { +# "document": ndoc.id, +# "subview": "dc", +# "previous_revision": current.revision, +# "revision": ndoc.revision, +# 'timestamp': ndoc.revision.timestamp, +# "url": reverse("docdc_view", args=[ndoc.id]) +# } +# except Exception, e: +# if ndoc: lib._rollback() +# raise e +# except RevisionNotFound: +# return response.EntityNotFound().django_response() class MergeHandler(BaseHandler): allowed_methods = ('POST',) @@ -522,60 +450,75 @@ class MergeHandler(BaseHandler): @hglibrary def create(self, request, form, docid, lib): """Create a new document revision from the information provided by user""" + revision = form.cleaned_data['revision'] - target_rev = form.cleaned_data['target_revision'] - + # fetch the main branch document doc = lib.document(docid) - udoc = doc.take(request.user.username) - if target_rev == 'latest': - target_rev = udoc.revision + # fetch the base document + user_doc = lib.document_for_rev(revision) + base_doc = user_doc.latest() - if str(udoc.revision) != target_rev: - # user think doesn't know he has an old version - # of his own branch. - - # Updating is teorericly ok, but we need would - # have to force a refresh. Sharing may be not safe, - # 'cause it doesn't always result in update. - - # In other words, we can't lie about the resource's state - # So we should just yield and 'out-of-date' conflict - # and let the client ask again with updated info. - - # NOTE: this could result in a race condition, when there - # are 2 instances of the same user editing the same document. - # Instance "A" trying to update, and instance "B" always changing - # the document right before "A". The anwser to this problem is - # for the "A" to request a merge from 'latest' and then - # check the parent revisions in response, if he actually - # merge from where he thinks he should. If not, the client SHOULD - # update his internal state. + if base_doc != user_doc: return response.EntityConflict().django_response({ - "reason": "out-of-date", - "provided": target_rev, - "latest": udoc.revision }) + "reason": "out-of-date", + "provided": str(user_doc.revision), + "latest": str(base_doc.revision) + }) if form.cleaned_data['type'] == 'update': # update is always performed from the file branch # to the user branch - success, changed = udoc.update(request.user.username) + user_doc_new = base_doc.update(request.user.username) - if form.cleaned_data['type'] == 'share': - if not request.user.has_perm('explorer.document.can_share'): + if user_doc_new == user_doc: + return response.SuccessAllOk().django_response({ + "result": "no-op" + }) + + # shared document is the same + doc_new = doc + + if form.cleaned_data['type'] == 'share': + if not base_doc.up_to_date(): + return response.BadRequest().django_response({ + "reason": "not-fast-forward", + "message": "You must first update your branch to the latest version." + }) + + if base_doc.parentof(doc) or base_doc.has_parent_from(doc): + return response.SuccessAllOk().django_response({ + "result": "no-op" + }) + + # check for unresolved conflicts + if base_doc.has_conflict_marks(): + return response.BadRequest().django_response({ + "reason": "unresolved-conflicts", + "message": "There are unresolved conflicts in your file. Fix them, and try again." + }) + + if not request.user.has_perm('api.share_document'): # User is not permitted to make a merge, right away # So we instead create a pull request in the database try: prq, created = PullRequest.objects.get_or_create( - source_revision = str(udoc.revision), + comitter = request.user, + document = docid, + status = "N", defaults = { - 'comitter': request.user, - 'document': docid, - 'status': "N", + 'source_revision': str(base_doc.revision), 'comment': form.cleaned_data['message'] or '$AUTO$ Document shared.', } ) + # there can't be 2 pending request from same user + # for the same document + if not created: + prq.source_revision = str(base_doc.revision) + prq.comment = prq.comment + 'u\n\n' + (form.cleaned_data['message'] or u'') + prq.save() + return response.RequestAccepted().django_response(\ ticket_status=prq.status, \ ticket_uri=reverse("pullrequest_view", args=[prq.id]) ) @@ -583,23 +526,36 @@ class MergeHandler(BaseHandler): return response.EntityConflict().django_response({ 'reason': 'request-already-exist' }) - else: - success, changed = udoc.share(form.cleaned_data['message']) - if not success: - return response.EntityConflict().django_response({ - 'reason': 'merge-failure', - }) + changed = base_doc.share(form.cleaned_data['message']) - if not changed: - return response.SuccessNoContent().django_response() + # update shared version if needed + if changed: + doc_new = doc.latest() + else: + doc_new = doc - nudoc = udoc.latest() + # the user wersion is the same + user_doc_new = base_doc + # The client can compare parent_revision to revision + # to see if he needs to update user's view + # Same goes for shared view + return response.SuccessAllOk().django_response({ - "name": nudoc.id, - "parent_user_resivion": udoc.revision, - "parent_revision": doc.revision, - "revision": nudoc.revision, - 'timestamp': nudoc.revision.timestamp, - }) + "result": "success", + "name": user_doc_new.id, + "user": user_doc_new.owner, + + "revision": user_doc_new.revision, + 'timestamp': user_doc_new.revision.timestamp, + + "parent_revision": user_doc.revision, + "parent_timestamp": user_doc.revision.timestamp, + + "shared_revision": doc_new.revision, + "shared_timestamp": doc_new.revision.timestamp, + + "shared_parent_revision": doc.revision, + "shared_parent_timestamp": doc.revision.timestamp, + }) \ No newline at end of file