archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity
587 Commits 12 Branches 2 Tags
Commit Graph

587 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sybren A. Stüvel
6f193da89d Added entry point /p/<project_id>/quotas 
At the moment this entry point only returns the total file size of all
files belonging to the project. It can be extended to return more info,
such as nr. of nodes/groups/etc.
 2016-05-06 12:43:45 +02:00
Sybren A. Stüvel
bbc30b9d99 Compute & store aggregate file size. 2016-05-06 12:43:45 +02:00
Sybren A. Stüvel
1bb2979428 Slight improvement to project group mgmnt tests 2016-05-06 12:43:45 +02:00
Sybren A. Stüvel
a2ce18196a Simplified permissions for projects. 
Instead of the additional 'is_private' field, we now just use
the permission system and set/remove world GET permissions.

'is_private' is still kept for backward compatibility and possibly
easy querying for public projects, and is always set based on
world GET permissions.
 2016-05-06 12:42:16 +02:00
Francesco Siddi
758273edab Return target user after adding or removing it from project 2016-05-06 11:56:52 +02:00
Francesco Siddi
2580466469 User management for projects 
Support for retrieving user of a project.
 2016-05-06 10:30:05 +02:00
Francesco Siddi
ffa98d72e6 Sort fetched nodes by creation date 2016-05-04 18:28:45 +02:00
Francesco Siddi
0b1664a83c Add project_manage_users endpoint 
Manage users of a project. In this initial implementation, we handle
addition and removal of a user to the admin group of a project. No
changes are done on the project itself.
 2016-05-04 17:04:10 +02:00
Francesco Siddi
d93d1091f9 Fix for indexing if project is private 2016-05-04 15:55:20 +02:00
Sybren A. Stüvel
7b0c037529 Debug-log the subclient ID too 2016-05-04 14:06:27 +02:00
Sybren A. Stüvel
c248e8c11b Moved modules/latest/__init__.py to modules/latest.py 2016-05-04 09:34:58 +02:00
Francesco Siddi
fb0629dcb0 Make logging less verbose for blender_id in production 2016-05-03 15:19:29 +02:00
Francesco Siddi
80919dacb3 New add_license_props in manage.py 2016-05-03 14:47:33 +02:00
Sybren A. Stüvel
d0d8b7d11d Added missing unit test for content type overrides. 2016-05-03 11:23:26 +02:00
Sybren A. Stüvel
0389b05b14 Save temporary files in STORAGE_DIR 
This makes it trivial to save uploaded files to STORAGE_DIR, as the
temporary files Flask saves them in are already there.
 2016-05-03 11:22:54 +02:00
Sybren A. Stüvel
0580d3fa65 Removed some whitespace 2016-05-03 11:11:36 +02:00
Sybren A. Stüvel
54a2176d7c Override browser-given content type for certain types. 
If the browser gives us audio/xxx, video/xxx or image/xxx, we just use
it. Otherwise the mimetypes package is used to guess the mime type
based on the file's extension.

Also ensures the content type of the file is updated in MongoDB. Does
NOT update any nodes that link to this file.
 2016-05-03 10:57:56 +02:00
Sybren A. Stüvel
950a12048b More and more and more projections and embeddings 2016-05-02 19:46:05 +02:00
Sybren A. Stüvel
d4e5fab087 Moar projections! 2016-05-02 19:42:35 +02:00
Sybren A. Stüvel
eaa67d1271 Embed comment parents 2016-05-02 19:17:26 +02:00
Sybren A. Stüvel
b18675e746 New projects are marked private by default. 2016-05-02 19:07:31 +02:00
Sybren A. Stüvel
a216e5c00d Special entry points for getting latest assets etc. from public projects. 2016-05-02 19:07:21 +02:00
Sybren A. Stüvel
3e8494e3bf Use soft-delete for nodes 2016-05-02 17:06:59 +02:00
Sybren A. Stüvel
b9367f9944 Removed node_types Eve collection 2016-05-02 17:05:21 +02:00
Sybren A. Stüvel
445bf601dc Don't double-x mime types 2016-05-02 17:04:18 +02:00
Sybren A. Stüvel
6394d83da2 Prevent video processing for non-admin users. 2016-05-02 16:21:06 +02:00
Sybren A. Stüvel
b4327f22e8 Disallow node status 'deleted' for node type asset 2016-05-02 15:57:26 +02:00
Sybren A. Stüvel
6c7ad6f6f0 Marked Flask as primary requirement. 2016-05-02 15:38:02 +02:00
Sybren A. Stüvel
24c5936751 Fetch the new etag after updating file links. 
It's stupid and goes to MongoDB again, but it works for now.
 2016-05-02 15:38:02 +02:00
Sybren A. Stüvel
42ff638b48 Allow cross-site requests 
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
 2016-05-02 15:37:58 +02:00
Sybren A. Stüvel
57375bd0c4 Gracefully handle bad ObjectId passed on URL 2016-05-02 13:23:52 +02:00
Sybren A. Stüvel
53aa0dae3b Deducting asset node content type from file content type. 2016-05-02 12:30:52 +02:00
Sybren A. Stüvel
32ad39aeb1 Moved node management to modules/node.py 
No semantic changes, all should work identically as before.
 2016-05-02 11:35:17 +02:00
Sybren A. Stüvel
681754eade Removed some obsolete unit tests. 2016-05-02 11:13:19 +02:00
Sybren A. Stüvel
20ed580e21 Renaming hash-mp4.mp4 to hash-720p-mp4 (and similar things) 
This requires an additional rename step after Zencoder does its thing,
as before that we don't know the frame size of the video.
 2016-05-02 11:13:19 +02:00
Sybren A. Stüvel
92970d5b6a Filename hashing on GCS 2016-05-02 11:13:19 +02:00
Sybren A. Stüvel
401bfeea98 File streaming to Google Cloud Storage 
Also simplifies some code since we're only going to support GCS.
 2016-05-02 11:13:19 +02:00
Sybren A. Stüvel
7aefed22d4 Using unused parameter 2016-05-02 11:13:19 +02:00
Sybren A. Stüvel
060590213e Made GCLOUD_PROJECT a 'secret' config key. 
This prevents developers (like me) from accidentally using the production
GCS project.
 2016-05-02 11:13:19 +02:00
Sybren A. Stüvel
9e2664fe20 Ignore google_app.json, as it should never be committed. 2016-05-02 11:13:19 +02:00
Francesco Siddi
0652762d3a Disable order and notes visibility for asset and group 2016-04-29 15:44:08 +02:00
Francesco Siddi
cffe678ca3 Default settings for basic node_types 2016-04-29 15:22:11 +02:00
Francesco Siddi
aebbe019b5 Limit default node_types to group, asset and comment 2016-04-29 15:17:38 +02:00
Francesco Siddi
a919792f5a Fix for extension and filename storage 
Previously it was saved without quotes, which resulted in incorrect
filename display in Firefox. Also, file extension was deduced from the
file_format, while now we deduce it from the original filename (if not
already specified in the asset name).
 2016-04-29 14:37:57 +02:00
Francesco Siddi
6673e31675 Skip indexing of nodes of a private project 2016-04-29 13:37:01 +02:00
Francesco Siddi
fbbe54d374 New add_group_to_projects in manage.py 
Prototype to add a specific group, in read-only mode, to all standard
node_types for all projects.
 2016-04-27 10:43:31 +02:00
Sybren A. Stüvel
cf203b04f8 Be less secretive about users; allow limited anonymous /users/id access. 
Anonymous users can now obtain full_name and email fields from any
user. Authenticated users can also obtain those fields from other
users, and all info about themselves.
 2016-04-26 17:27:56 +02:00
Sybren A. Stüvel
d5c2df371a Small test change: do as little as possible in an app test context. 2016-04-26 12:38:44 +02:00
Sybren A. Stüvel
e600d87592 Secure write access to /users endpoint 
- Admins can PUT everything
- Users can only PUT themselves
- The 'auth' field is always taken from the original, and never overwritten
  by the PUT. It can be missing from the request, so you can GET and then
  PUT the same data.
- Nobody can POST or DELETE users
 2016-04-26 12:38:44 +02:00
Sybren A. Stüvel
5c04cdbd6e Secure read access to /users endpoint. 
- auth field is never returned
- unauthenticated access is rejected
- non-admin users can only access themselves
 2016-04-26 12:38:44 +02:00