(un)delete on project also (un)delete file documents.
Note that undeleting files cannot be done via Eve, as it doesn't support PATCHing collections. Instead, direct MongoDB modification is used to set _deleted=False and provide new _etag and _updated values.
This commit is contained in:
@@ -6,10 +6,17 @@ def setup_app(app, api_prefix):
|
||||
app.on_replace_projects += hooks.override_is_private_field
|
||||
app.on_replace_projects += hooks.before_edit_check_permissions
|
||||
app.on_replace_projects += hooks.protect_sensitive_fields
|
||||
|
||||
app.on_replaced_projects += hooks.after_undelete_project
|
||||
app.on_updated_projects += hooks.after_undelete_project
|
||||
|
||||
app.on_update_projects += hooks.override_is_private_field
|
||||
app.on_update_projects += hooks.before_edit_check_permissions
|
||||
app.on_update_projects += hooks.protect_sensitive_fields
|
||||
|
||||
app.on_delete_item_projects += hooks.before_delete_project
|
||||
app.on_deleted_item_projects += hooks.after_delete_project
|
||||
|
||||
app.on_insert_projects += hooks.before_inserting_override_is_private_field
|
||||
app.on_insert_projects += hooks.before_inserting_projects
|
||||
app.on_inserted_projects += hooks.after_inserting_projects
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
import copy
|
||||
import datetime
|
||||
import logging
|
||||
|
||||
from flask import request, abort, current_app
|
||||
import bson.tz_util
|
||||
from flask import request, abort
|
||||
|
||||
from pillar import current_app
|
||||
from pillar.api.node_types.asset import node_type_asset
|
||||
from pillar.api.node_types.comment import node_type_comment
|
||||
from pillar.api.node_types.group import node_type_group
|
||||
@@ -10,8 +13,9 @@ from pillar.api.node_types.group_texture import node_type_group_texture
|
||||
from pillar.api.node_types.texture import node_type_texture
|
||||
from pillar.api.file_storage_backends import default_storage_backend
|
||||
from pillar.api.utils import authorization, authentication
|
||||
from pillar.api.utils import remove_private_keys
|
||||
from pillar.api.utils import remove_private_keys, random_etag
|
||||
from pillar.api.utils.authorization import user_has_role, check_permissions
|
||||
from pillar.auth import current_user
|
||||
from .utils import abort_with_error
|
||||
|
||||
log = logging.getLogger(__name__)
|
||||
@@ -64,6 +68,51 @@ def before_delete_project(document):
|
||||
"""Checks permissions before we allow deletion"""
|
||||
|
||||
check_permissions('projects', document, request.method)
|
||||
log.info('Deleting project %s on behalf of user %s', document['_id'], current_user)
|
||||
|
||||
|
||||
def after_delete_project(project: dict):
|
||||
"""Perform delete on the project's files too."""
|
||||
|
||||
from eve.methods.delete import delete
|
||||
|
||||
pid = project['_id']
|
||||
log.info('Project %s was deleted, also deleting its files.', pid)
|
||||
|
||||
r, _, _, status = delete('files', {'project': pid})
|
||||
if status != 204:
|
||||
log.warning('Unable to delete files of project %s: %s', pid, r)
|
||||
|
||||
|
||||
def after_undelete_project(project: dict, original: dict):
|
||||
"""Undelete the files that belong to this project.
|
||||
|
||||
We cannot do this via Eve, as it doesn't support PATCHing collections, so
|
||||
direct MongoDB modification is used to set _deleted=False and provide
|
||||
new _etag and _updated values.
|
||||
"""
|
||||
|
||||
if not original:
|
||||
return
|
||||
|
||||
was_deleted = original.get('_deleted', False)
|
||||
now_deleted = project.get('_deleted', False)
|
||||
if not was_deleted or now_deleted:
|
||||
# This is not an undelete.
|
||||
return
|
||||
|
||||
pid = project['_id']
|
||||
new_etag = random_etag()
|
||||
now = datetime.datetime.now(tz=bson.tz_util.utc)
|
||||
|
||||
files_coll = current_app.db('files')
|
||||
update_result = files_coll.update_many(
|
||||
{'project': pid},
|
||||
{'$set': {'_deleted': False,
|
||||
'_etag': new_etag,
|
||||
'_updated': now}})
|
||||
log.info('undeleted %d of %d file documents of project %s',
|
||||
update_result.modified_count, update_result.matched_count, pid)
|
||||
|
||||
|
||||
def protect_sensitive_fields(document, original):
|
||||
@@ -225,5 +274,3 @@ def project_node_type_has_method(response):
|
||||
def projects_node_type_has_method(response):
|
||||
for project in response['_items']:
|
||||
project_node_type_has_method(project)
|
||||
|
||||
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
import base64
|
||||
import copy
|
||||
import hashlib
|
||||
import json
|
||||
import typing
|
||||
import urllib.request, urllib.parse, urllib.error
|
||||
|
||||
import datetime
|
||||
import functools
|
||||
import hashlib
|
||||
import json
|
||||
import logging
|
||||
import random
|
||||
import typing
|
||||
import urllib.request, urllib.parse, urllib.error
|
||||
|
||||
import bson.objectid
|
||||
from eve import RFC1123_DATE_FORMAT
|
||||
@@ -192,3 +193,10 @@ def doc_diff(doc1, doc2, falsey_is_equal=True):
|
||||
continue
|
||||
|
||||
yield key, val1, val2
|
||||
|
||||
|
||||
def random_etag() -> str:
|
||||
"""Random string usable as etag."""
|
||||
|
||||
randbytes = random.getrandbits(256).to_bytes(32, 'big')
|
||||
return base64.b64encode(randbytes)[:-1].decode()
|
||||
|
||||
Reference in New Issue
Block a user