etesync-server/django_etesync/serializers.py

312 lines
11 KiB
Python
Raw Normal View History

2020-02-19 18:53:43 +00:00
# Copyright © 2017 Tom Hacohen
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, version 3.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import base64
2020-04-15 13:53:31 +00:00
from django.core.files.base import ContentFile
2020-02-19 18:53:43 +00:00
from django.contrib.auth import get_user_model
from django.db import transaction
2020-02-19 18:53:43 +00:00
from rest_framework import serializers
from . import models
User = get_user_model()
2020-04-15 13:59:30 +00:00
def process_revisions_for_item(item, revision_data):
chunks_objs = []
chunks = revision_data.pop('chunks_relation')
2020-04-15 13:59:30 +00:00
for chunk in chunks:
uid = chunk[0]
if len(chunk) > 1:
content = chunk[1]
chunk = models.CollectionItemChunk(uid=uid, item=item)
2020-04-15 13:59:30 +00:00
chunk.chunkFile.save('IGNORED', ContentFile(content))
chunk.save()
chunks_objs.append(chunk)
2020-04-15 13:59:30 +00:00
else:
chunk = models.CollectionItemChunk.objects.get(uid=uid)
chunks_objs.append(chunk)
2020-04-15 13:59:30 +00:00
revision = models.CollectionItemRevision.objects.create(**revision_data, item=item)
for chunk in chunks_objs:
models.RevisionChunkRelation.objects.create(chunk=chunk, revision=revision)
2020-04-15 13:59:30 +00:00
return revision
def b64encode(value):
2020-04-15 13:50:47 +00:00
return base64.urlsafe_b64encode(value).decode('ascii').strip('=')
def b64decode(data):
data += "=" * ((4 - len(data) % 4) % 4)
return base64.urlsafe_b64decode(data)
2020-02-19 18:53:43 +00:00
class BinaryBase64Field(serializers.Field):
def to_representation(self, value):
return b64encode(value)
2020-02-19 18:53:43 +00:00
def to_internal_value(self, data):
return b64decode(data)
2020-02-19 18:53:43 +00:00
class CollectionEncryptionKeyField(BinaryBase64Field):
def get_attribute(self, instance):
request = self.context.get('request', None)
if request is not None:
return instance.members.get(user=request.user).encryptionKey
return None
2020-03-12 19:02:27 +00:00
class CollectionContentField(BinaryBase64Field):
def get_attribute(self, instance):
2020-02-19 18:53:43 +00:00
request = self.context.get('request', None)
if request is not None:
2020-03-12 19:02:27 +00:00
return instance.members.get(user=request.user).encryptionKey
return None
2020-02-19 18:53:43 +00:00
2020-04-15 13:27:03 +00:00
class ChunksField(serializers.RelatedField):
def to_representation(self, obj):
obj = obj.chunk
2020-04-15 13:47:31 +00:00
inline = self.context.get('inline', False)
if inline:
2020-04-15 13:27:03 +00:00
with open(obj.chunkFile.path, 'rb') as f:
return (obj.uid, b64encode(f.read()))
else:
return (obj.uid, )
def to_internal_value(self, data):
return (data[0], b64decode(data[1]))
2020-02-19 18:53:43 +00:00
class CollectionItemChunkSerializer(serializers.ModelSerializer):
class Meta:
model = models.CollectionItemChunk
fields = ('uid', 'chunkFile')
2020-02-19 18:53:43 +00:00
class CollectionItemRevisionSerializer(serializers.ModelSerializer):
2020-04-15 13:27:03 +00:00
chunks = ChunksField(
source='chunks_relation',
queryset=models.RevisionChunkRelation.objects.all(),
2020-02-19 18:53:43 +00:00
many=True
)
2020-04-14 15:30:07 +00:00
meta = BinaryBase64Field()
2020-02-19 18:53:43 +00:00
class Meta:
2020-02-20 20:41:39 +00:00
model = models.CollectionItemRevision
2020-04-15 13:27:03 +00:00
fields = ('chunks', 'meta', 'uid', 'deleted')
2020-02-26 12:21:14 +00:00
2020-02-20 11:56:16 +00:00
class CollectionItemSerializer(serializers.ModelSerializer):
encryptionKey = BinaryBase64Field()
stoken = serializers.CharField(allow_null=True)
content = CollectionItemRevisionSerializer(many=False)
2020-02-20 11:56:16 +00:00
class Meta:
model = models.CollectionItem
fields = ('uid', 'version', 'encryptionKey', 'content', 'stoken')
2020-02-20 11:56:16 +00:00
2020-02-26 14:07:55 +00:00
def create(self, validated_data):
"""Function that's called when this serializer creates an item"""
stoken = validated_data.pop('stoken')
2020-02-26 14:07:55 +00:00
revision_data = validated_data.pop('content')
instance = self.__class__.Meta.model(**validated_data)
with transaction.atomic():
if stoken is not None:
raise serializers.ValidationError('Stoken is not None')
2020-02-26 14:07:55 +00:00
instance.save()
2020-04-15 13:59:30 +00:00
process_revisions_for_item(instance, revision_data)
2020-02-26 14:07:55 +00:00
return instance
def update(self, instance, validated_data):
"""Function that's called when this serializer is meant to update an item"""
stoken = validated_data.pop('stoken')
revision_data = validated_data.pop('content')
with transaction.atomic():
if stoken != instance.stoken:
raise serializers.ValidationError('Wrong stoken. Expected {} got {}'.format(instance.stoken, stoken))
# We don't have to use select_for_update here because the unique constraint on current guards against
# the race condition. But it's a good idea because it'll lock and wait rather than fail.
current_revision = instance.revisions.filter(current=True).select_for_update().first()
current_revision.current = None
current_revision.save()
2020-04-15 13:59:30 +00:00
process_revisions_for_item(instance, revision_data)
return instance
2020-02-20 11:56:16 +00:00
2020-05-19 08:20:02 +00:00
class CollectionItemDepSerializer(serializers.ModelSerializer):
stoken = serializers.CharField()
class Meta:
model = models.CollectionItem
fields = ('uid', 'stoken')
def validate(self, data):
for item_data in data:
item = self.__class__.Meta.model.objects.get(uid=item_data['uid'])
stoken = item_data['stoken']
if item.stoken != stoken:
raise serializers.ValidationError('Wrong stoken. Expected {} got {}'.format(item.stoken, stoken))
return data
2020-03-12 19:02:27 +00:00
class CollectionSerializer(serializers.ModelSerializer):
encryptionKey = CollectionEncryptionKeyField()
accessLevel = serializers.SerializerMethodField('get_access_level_from_context')
stoken = serializers.CharField(allow_null=True)
2020-03-12 19:02:27 +00:00
content = CollectionItemRevisionSerializer(many=False)
class Meta:
model = models.Collection
2020-04-16 12:35:44 +00:00
fields = ('uid', 'version', 'accessLevel', 'encryptionKey', 'content', 'stoken')
2020-03-12 19:02:27 +00:00
def get_access_level_from_context(self, obj):
request = self.context.get('request', None)
if request is not None:
return obj.members.get(user=request.user).accessLevel
return None
def create(self, validated_data):
"""Function that's called when this serializer creates an item"""
stoken = validated_data.pop('stoken')
2020-03-12 19:02:27 +00:00
revision_data = validated_data.pop('content')
encryption_key = validated_data.pop('encryptionKey')
instance = self.__class__.Meta.model(**validated_data)
with transaction.atomic():
if stoken is not None:
raise serializers.ValidationError('Stoken is not None')
2020-04-15 13:53:31 +00:00
instance.save()
2020-03-12 19:02:27 +00:00
main_item = models.CollectionItem.objects.create(
uid=None, encryptionKey=None, version=instance.version, collection=instance)
2020-04-15 13:59:30 +00:00
process_revisions_for_item(main_item, revision_data)
2020-03-12 19:02:27 +00:00
models.CollectionMember(collection=instance,
user=validated_data.get('owner'),
accessLevel=models.CollectionMember.AccessLevels.ADMIN,
encryptionKey=encryption_key,
).save()
return instance
2020-04-15 14:54:39 +00:00
def update(self, instance, validated_data):
"""Function that's called when this serializer is meant to update an item"""
stoken = validated_data.pop('stoken')
2020-04-15 14:54:39 +00:00
revision_data = validated_data.pop('content')
with transaction.atomic():
if stoken != instance.stoken:
raise serializers.ValidationError('Wrong stoken. Expected {} got {}'.format(instance.stoken, stoken))
main_item = instance.main_item
2020-04-15 14:54:39 +00:00
# We don't have to use select_for_update here because the unique constraint on current guards against
# the race condition. But it's a good idea because it'll lock and wait rather than fail.
current_revision = main_item.revisions.filter(current=True).select_for_update().first()
current_revision.current = None
current_revision.save()
process_revisions_for_item(main_item, revision_data)
return instance
2020-05-14 10:43:49 +00:00
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = (User.USERNAME_FIELD, User.EMAIL_FIELD)
2020-05-14 14:19:18 +00:00
class UserQuerySerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = (User.USERNAME_FIELD, User.EMAIL_FIELD)
2020-05-14 10:43:49 +00:00
class AuthenticationSignupSerializer(serializers.Serializer):
2020-05-14 14:19:18 +00:00
user = UserQuerySerializer(many=False)
2020-05-14 10:43:49 +00:00
salt = BinaryBase64Field()
pubkey = BinaryBase64Field()
def create(self, validated_data):
"""Function that's called when this serializer creates an item"""
user_data = validated_data.pop('user')
2020-05-14 10:43:49 +00:00
salt = validated_data.pop('salt')
pubkey = validated_data.pop('pubkey')
with transaction.atomic():
instance = User.objects.get_or_create(**user_data)
if hasattr(instance, 'userinfo'):
raise serializers.ValidationError('User already exists')
2020-05-14 10:43:49 +00:00
instance.set_unusable_password()
# FIXME: send email verification
2020-05-14 10:43:49 +00:00
models.UserInfo.objects.create(salt=salt, pubkey=pubkey, owner=instance)
return instance
def update(self, instance, validated_data):
raise NotImplementedError()
class AuthenticationLoginChallengeSerializer(serializers.Serializer):
username = serializers.CharField(required=False)
email = serializers.EmailField(required=False)
def validate(self, data):
if not data.get('email') and not data.get('username'):
raise serializers.ValidationError('Either email or username must be set')
return data
def create(self, validated_data):
raise NotImplementedError()
def update(self, instance, validated_data):
raise NotImplementedError()
class AuthenticationLoginSerializer(serializers.Serializer):
response = BinaryBase64Field()
2020-05-14 10:43:49 +00:00
signature = BinaryBase64Field()
def create(self, validated_data):
raise NotImplementedError()
2020-05-14 10:43:49 +00:00
def update(self, instance, validated_data):
raise NotImplementedError()
class AuthenticationLoginInnerSerializer(AuthenticationLoginChallengeSerializer):
challenge = BinaryBase64Field()
host = serializers.CharField()
2020-05-14 10:43:49 +00:00
def create(self, validated_data):
raise NotImplementedError()
def update(self, instance, validated_data):
raise NotImplementedError()