devicehub-django/api/views.py

import json

from uuid import uuid4

from django.urls import reverse_lazy
from django.http import JsonResponse
from django.shortcuts import get_object_or_404, redirect
from django.utils.translation import gettext_lazy as _
from django.views.decorators.csrf import csrf_exempt
from django.core.exceptions import ValidationError
from django_tables2 import SingleTableView
from django.views.generic.base import View
from django.views.generic.edit import (
    CreateView,
    DeleteView,
    UpdateView,
)

from utils.save_snapshots import move_json, save_in_disk
from dashboard.mixins import DashboardView
from evidence.models import Annotation
from evidence.parse import Build
from user.models import User
from api.models import Token
from api.tables import TokensTable


@csrf_exempt
def NewSnapshot(request):
    # Accept only posts
    if request.method != 'POST':
        return JsonResponse({'error': 'Invalid request method'}, status=400)

    # Authentication
    auth_header = request.headers.get('Authorization')
    if not auth_header or not auth_header.startswith('Bearer '):
        return JsonResponse({'error': 'Invalid or missing token'}, status=401)

    token = auth_header.split(' ')[1]
    tk = Token.objects.filter(token=token).first()
    if not tk:
        return JsonResponse({'error': 'Invalid or missing token'}, status=401)

    # Validation snapshot
    try:
        data = json.loads(request.body)
    except json.JSONDecodeError:
        return JsonResponse({'error': 'Invalid JSON'}, status=400)

    # try:
    #     Build(data, None, check=True)
    # except Exception:
    #     return JsonResponse({'error': 'Invalid Snapshot'}, status=400)

    exist_annotation = Annotation.objects.filter(
        uuid=data['uuid']
    ).first()

    if exist_annotation:
        txt = "error: the snapshot {} exist".format(data['uuid'])
        return JsonResponse({'status': txt}, status=500)

    # Process snapshot
    path_name = save_in_disk(data, tk.owner.institution.name)

    try:
        Build(data, tk.owner)
    except Exception:
        return JsonResponse({'status': 'fail'}, status=200)

    annotation = Annotation.objects.filter(
        uuid=data['uuid'],
        type=Annotation.Type.SYSTEM,
        # TODO this is hardcoded, it should select the user preferred algorithm
        key="hidalgo1",
        owner=tk.owner.institution
    ).first()


    if not annotation:
        return JsonResponse({'status': 'fail'}, status=200)

    url_args = reverse_lazy("device:details", args=(annotation.value,))
    url = request.build_absolute_uri(url_args)

    response = {
        "status": "success",
        "dhid": annotation.value[:6].upper(),
        "url": url,
        # TODO replace with public_url when available
        "public_url": url
    }
    move_json(path_name, tk.owner.institution.name)

    return JsonResponse(response, status=200)


class TokenView(DashboardView, SingleTableView):
    template_name = "token.html"
    title = _("Credential management")
    section = "Credential"
    subtitle = _('Managament Tokens')
    icon = 'bi bi-key'
    model = Token
    table_class = TokensTable

    def get_queryset(self):
        """
        Override the get_queryset method to filter events based on the user type.
        """
        return Token.objects.filter().order_by("-id")

    def get_context_data(self, **kwargs):
        context = super().get_context_data(**kwargs)
        context.update({
            'tokens': Token.objects.all(),
        })
        return context


class TokenDeleteView(DashboardView, DeleteView):
    model = Token

    def get(self, request, *args, **kwargs):
        self.pk = kwargs['pk']
        self.object = get_object_or_404(self.model, pk=self.pk, owner=self.request.user)
        self.object.delete()

        return redirect('api:tokens')


class TokenNewView(DashboardView, CreateView):
    template_name = "new_token.html"
    title = _("Credential management")
    section = "Credential"
    subtitle = _('New Tokens')
    icon = 'bi bi-key'
    model = Token
    success_url = reverse_lazy('api:tokens')
    fields = (
        "tag",
    )

    def form_valid(self, form):
        form.instance.owner = self.request.user
        form.instance.token = uuid4()
        return super().form_valid(form)


class EditTokenView(DashboardView, UpdateView):
    template_name = "new_token.html"
    title = _("Credential management")
    section = "Credential"
    subtitle = _('New Tokens')
    icon = 'bi bi-key'
    model = Token
    success_url = reverse_lazy('api:tokens')
    fields = (
        "tag",
    )

    def get_form_kwargs(self):
        pk = self.kwargs.get('pk')
        self.object = get_object_or_404(
            self.model,
            owner=self.request.user,
            pk=pk,
        )
        kwargs = super().get_form_kwargs()
        return kwargs
api dir 2024-09-19 16:35:26 +00:00			`import json`
save snapshots on disk from api 2024-10-15 09:05:43 +00:00
save placeholders 2024-10-15 14:58:51 +00:00			`from uuid import uuid4`
api dir 2024-09-19 16:35:26 +00:00
token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00			`from django.urls import reverse_lazy`
save placeholders 2024-10-15 14:58:51 +00:00			`from django.http import JsonResponse`
api dir 2024-09-19 16:35:26 +00:00			`from django.shortcuts import get_object_or_404, redirect`
			`from django.utils.translation import gettext_lazy as _`
			`from django.views.decorators.csrf import csrf_exempt`
			`from django.core.exceptions import ValidationError`
token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00			`from django_tables2 import SingleTableView`
api dir 2024-09-19 16:35:26 +00:00			`from django.views.generic.base import View`
token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00			`from django.views.generic.edit import (`
			`CreateView,`
			`DeleteView,`
			`UpdateView,`
			`)`
api dir 2024-09-19 16:35:26 +00:00
save placeholders 2024-10-15 14:58:51 +00:00			`from utils.save_snapshots import move_json, save_in_disk`
api dir 2024-09-19 16:35:26 +00:00			`from dashboard.mixins import DashboardView`
			`from evidence.models import Annotation`
			`from evidence.parse import Build`
			`from user.models import User`
			`from api.models import Token`
			`from api.tables import TokensTable`


			`@csrf_exempt`
			`def NewSnapshot(request):`
			`# Accept only posts`
			`if request.method != 'POST':`
			`return JsonResponse({'error': 'Invalid request method'}, status=400)`

			`# Authentication`
token api activate 2024-09-27 12:23:25 +00:00			`auth_header = request.headers.get('Authorization')`
			`if not auth_header or not auth_header.startswith('Bearer '):`
			`return JsonResponse({'error': 'Invalid or missing token'}, status=401)`

			`token = auth_header.split(' ')[1]`
			`tk = Token.objects.filter(token=token).first()`
			`if not tk:`
			`return JsonResponse({'error': 'Invalid or missing token'}, status=401)`
api dir 2024-09-19 16:35:26 +00:00
			`# Validation snapshot`
			`try:`
			`data = json.loads(request.body)`
			`except json.JSONDecodeError:`
			`return JsonResponse({'error': 'Invalid JSON'}, status=400)`

			`# try:`
			`# Build(data, None, check=True)`
			`# except Exception:`
			`# return JsonResponse({'error': 'Invalid Snapshot'}, status=400)`

			`exist_annotation = Annotation.objects.filter(`
			`uuid=data['uuid']`
			`).first()`

			`if exist_annotation:`
save snapshots on disk from api 2024-10-15 09:05:43 +00:00			`txt = "error: the snapshot {} exist".format(data['uuid'])`
			`return JsonResponse({'status': txt}, status=500)`
api dir 2024-09-19 16:35:26 +00:00
			`# Process snapshot`
save snapshots on disk from api 2024-10-15 09:05:43 +00:00			`path_name = save_in_disk(data, tk.owner.institution.name)`
api dir 2024-09-19 16:35:26 +00:00
			`try:`
fix api token owner for user 2024-10-14 10:22:28 +00:00			`Build(data, tk.owner)`
api dir 2024-09-19 16:35:26 +00:00			`except Exception:`
			`return JsonResponse({'status': 'fail'}, status=200)`

change response from api/snapshots 2024-10-14 15:43:32 +00:00			`annotation = Annotation.objects.filter(`
			`uuid=data['uuid'],`
			`type=Annotation.Type.SYSTEM,`
relevant note for current snapshot api 2024-10-14 18:08:50 +00:00			`# TODO this is hardcoded, it should select the user preferred algorithm`
change response from api/snapshots 2024-10-14 15:43:32 +00:00			`key="hidalgo1",`
			`owner=tk.owner.institution`
			`).first()`

api dir 2024-09-19 16:35:26 +00:00
change response from api/snapshots 2024-10-14 15:43:32 +00:00			`if not annotation:`
			`return JsonResponse({'status': 'fail'}, status=200)`
api dir 2024-09-19 16:35:26 +00:00
api snapshot public_url bugfix with the following code the URL is more appropriate (it basically mirrors the user's request) before: http://localhost/device/{shortid} after http://localhost:8000/device/{shortid} 2024-10-15 11:09:34 +00:00			`url_args = reverse_lazy("device:details", args=(annotation.value,))`
			`url = request.build_absolute_uri(url_args)`

change response from api/snapshots 2024-10-14 15:43:32 +00:00			`response = {`
			`"status": "success",`
fix dhid 6 characters 2024-10-14 15:54:58 +00:00			`"dhid": annotation.value[:6].upper(),`
change response from api/snapshots 2024-10-14 15:43:32 +00:00			`"url": url,`
api snapshot public_url bugfix with the following code the URL is more appropriate (it basically mirrors the user's request) before: http://localhost/device/{shortid} after http://localhost:8000/device/{shortid} 2024-10-15 11:09:34 +00:00			`# TODO replace with public_url when available`
change response from api/snapshots 2024-10-14 15:43:32 +00:00			`"public_url": url`
			`}`
save snapshots on disk from api 2024-10-15 09:05:43 +00:00			`move_json(path_name, tk.owner.institution.name)`

change response from api/snapshots 2024-10-14 15:43:32 +00:00			`return JsonResponse(response, status=200)`
api dir 2024-09-19 16:35:26 +00:00

			`class TokenView(DashboardView, SingleTableView):`
			`template_name = "token.html"`
			`title = _("Credential management")`
			`section = "Credential"`
			`subtitle = _('Managament Tokens')`
			`icon = 'bi bi-key'`
			`model = Token`
			`table_class = TokensTable`

			`def get_queryset(self):`
			`"""`
			`Override the get_queryset method to filter events based on the user type.`
			`"""`
			`return Token.objects.filter().order_by("-id")`

			`def get_context_data(self, **kwargs):`
			`context = super().get_context_data(**kwargs)`
			`context.update({`
token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00			`'tokens': Token.objects.all(),`
api dir 2024-09-19 16:35:26 +00:00			`})`
			`return context`


			`class TokenDeleteView(DashboardView, DeleteView):`
			`model = Token`

			`def get(self, request, args, *kwargs):`
			`self.pk = kwargs['pk']`
fix delete token. only user tokens allowed 2024-09-20 12:30:31 +00:00			`self.object = get_object_or_404(self.model, pk=self.pk, owner=self.request.user)`
api dir 2024-09-19 16:35:26 +00:00			`self.object.delete()`

			`return redirect('api:tokens')`


token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00			`class TokenNewView(DashboardView, CreateView):`
			`template_name = "new_token.html"`
			`title = _("Credential management")`
			`section = "Credential"`
			`subtitle = _('New Tokens')`
			`icon = 'bi bi-key'`
			`model = Token`
			`success_url = reverse_lazy('api:tokens')`
			`fields = (`
			`"tag",`
			`)`
api dir 2024-09-19 16:35:26 +00:00
token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00			`def form_valid(self, form):`
			`form.instance.owner = self.request.user`
			`form.instance.token = uuid4()`
			`return super().form_valid(form)`
api dir 2024-09-19 16:35:26 +00:00
token to user panel link and add tags to tokens 2024-10-10 12:03:08 +00:00
			`class EditTokenView(DashboardView, UpdateView):`
			`template_name = "new_token.html"`
			`title = _("Credential management")`
			`section = "Credential"`
			`subtitle = _('New Tokens')`
			`icon = 'bi bi-key'`
			`model = Token`
			`success_url = reverse_lazy('api:tokens')`
			`fields = (`
			`"tag",`
			`)`

			`def get_form_kwargs(self):`
			`pk = self.kwargs.get('pk')`
			`self.object = get_object_or_404(`
			`self.model,`
			`owner=self.request.user,`
			`pk=pk,`
			`)`
			`kwargs = super().get_form_kwargs()`
			`return kwargs`