osf.io/addons/base/generic_views.py at ff85690ceb543e585644f7c579477d13eec22291 · CenterForOpenScience/osf.io · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
from flask import request
from rest_framework import status as http_status

from framework.auth.decorators import must_be_logged_in
from framework.exceptions import HTTPError, PermissionsError
from osf.models import ExternalAccount
from osf.utils import permissions
from website.project.decorators import (
    must_be_addon_authorizer,
    must_be_valid_project,
    must_have_addon,
    must_have_permission,
    must_not_be_registration,
)


def import_auth(addon_short_name, Serializer):
    @must_have_addon(addon_short_name, "user")
    @must_have_addon(addon_short_name, "node")
    @must_have_permission(permissions.WRITE)
    def _import_auth(auth, node_addon, user_addon, **kwargs):
        """Import add-on credentials from the currently logged-in user to a node."""
        external_account = ExternalAccount.load(
            request.json["external_account_id"]
        )

        if not user_addon.external_accounts.filter(
            id=external_account.id
        ).exists():
            raise HTTPError(http_status.HTTP_403_FORBIDDEN)

        try:
            node_addon.set_auth(external_account, user_addon.owner)
        except PermissionsError:
            raise HTTPError(http_status.HTTP_403_FORBIDDEN)

        node_addon.save()

        return {
            "result": Serializer().serialize_settings(node_addon, auth.user),
            "message": "Successfully imported credentials from profile.",
        }

    _import_auth.__name__ = f"{addon_short_name}_import_auth"
    return _import_auth


def account_list(addon_short_name, Serializer):
    @must_be_logged_in
    def _account_list(auth):
        user_settings = auth.user.get_addon(addon_short_name)
        serializer = Serializer(user_settings=user_settings)
        return serializer.serialized_user_settings

    _account_list.__name__ = f"{addon_short_name}_account_list"
    return _account_list


def folder_list(addon_short_name, addon_full_name, get_folders):
    # TODO [OSF-6678]: Generalize this for API use after node settings have been refactored
    @must_have_addon(addon_short_name, "node")
    @must_be_addon_authorizer(addon_short_name)
    def _folder_list(node_addon, **kwargs):
        """Returns a list of folders"""
        if not node_addon.has_auth:
            raise HTTPError(http_status.HTTP_403_FORBIDDEN)

        folder_id = request.args.get("folderId")
        return get_folders(node_addon, folder_id)

    _folder_list.__name__ = f"{addon_short_name}_folder_list"
    return _folder_list


def get_config(addon_short_name, Serializer):
    @must_be_logged_in
    @must_have_addon(addon_short_name, "node")
    @must_be_valid_project
    @must_have_permission(permissions.WRITE)
    def _get_config(node_addon, auth, **kwargs):
        """API that returns the serialized node settings."""
        return {
            "result": Serializer().serialize_settings(node_addon, auth.user)
        }

    _get_config.__name__ = f"{addon_short_name}_get_config"
    return _get_config


def set_config(addon_short_name, addon_full_name, Serializer, set_folder):
    @must_not_be_registration
    @must_have_addon(addon_short_name, "user")
    @must_have_addon(addon_short_name, "node")
    @must_be_addon_authorizer(addon_short_name)
    @must_have_permission(permissions.WRITE)
    def _set_config(node_addon, user_addon, auth, **kwargs):
        """View for changing a node's linked folder."""
        folder = request.json.get("selected")
        set_folder(node_addon, folder, auth)

        path = node_addon.folder_path
        return {
            "result": {
                "folder": {
                    "name": path.replace("All Files", "")
                    if path != "/"
                    else f"/ (Full {addon_full_name})",
                    "path": path,
                },
                "urls": Serializer(
                    node_settings=node_addon
                ).addon_serialized_urls,
            },
            "message": "Successfully updated settings.",
        }

    _set_config.__name__ = f"{addon_short_name}_set_config"
    return _set_config


def deauthorize_node(addon_short_name):
    @must_not_be_registration
    @must_have_addon(addon_short_name, "node")
    @must_have_permission(permissions.WRITE)
    def _deauthorize_node(auth, node_addon, **kwargs):
        node_addon.deauthorize(auth=auth)
        node_addon.save()

    _deauthorize_node.__name__ = f"{addon_short_name}_deauthorize_node"
    return _deauthorize_node