etesync-server/django_etesync/serializers.py

211 lines
7.6 KiB
Python
Raw Normal View History

2020-02-19 18:53:43 +00:00
# Copyright © 2017 Tom Hacohen
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, version 3.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import base64
from django.contrib.auth import get_user_model
from django.db import transaction
from django.utils.crypto import get_random_string
2020-02-19 18:53:43 +00:00
from rest_framework import serializers
from . import models
User = get_user_model()
def generate_rev_uid(length=32):
return get_random_string(length)
def b64encode(value):
return base64.urlsafe_b64encode(value).decode('ascii')
def b64decode(data):
data += "=" * ((4 - len(data) % 4) % 4)
return base64.urlsafe_b64decode(data)
2020-02-19 18:53:43 +00:00
class BinaryBase64Field(serializers.Field):
def to_representation(self, value):
return b64encode(value)
2020-02-19 18:53:43 +00:00
def to_internal_value(self, data):
return b64decode(data)
2020-02-19 18:53:43 +00:00
class CollectionEncryptionKeyField(BinaryBase64Field):
def get_attribute(self, instance):
request = self.context.get('request', None)
if request is not None:
return instance.members.get(user=request.user).encryptionKey
return None
2020-03-12 19:02:27 +00:00
class CollectionContentField(BinaryBase64Field):
def get_attribute(self, instance):
2020-02-19 18:53:43 +00:00
request = self.context.get('request', None)
if request is not None:
2020-03-12 19:02:27 +00:00
return instance.members.get(user=request.user).encryptionKey
return None
2020-02-19 18:53:43 +00:00
class CollectionItemChunkSerializer(serializers.ModelSerializer):
class Meta:
model = models.CollectionItemChunk
fields = ('uid', 'chunkFile')
2020-02-19 18:53:43 +00:00
class CollectionItemRevisionSerializer(serializers.ModelSerializer):
2020-02-19 18:53:43 +00:00
chunks = serializers.SlugRelatedField(
slug_field='uid',
queryset=models.CollectionItemChunk.objects.all(),
2020-02-19 18:53:43 +00:00
many=True
)
chunksUrls = serializers.SerializerMethodField('get_chunks_urls')
chunksData = serializers.SerializerMethodField('get_chunks_data')
2020-04-14 15:30:07 +00:00
meta = BinaryBase64Field()
2020-02-19 18:53:43 +00:00
class Meta:
2020-02-20 20:41:39 +00:00
model = models.CollectionItemRevision
fields = ('chunks', 'meta', 'uid', 'deleted', 'chunksUrls', 'chunksData')
2020-02-26 12:21:14 +00:00
# FIXME: currently the user is exposed in the url. We don't want that, and we can probably avoid that but still
# save it under the user.
# We would probably be better off just let the user calculate the urls from the uid and a base url for the snapshot.
# E.g. chunkBaseUrl: "/media/bla/bla/" or chunkBaseUrl: "https://media.etesync.com/bla/bla"
def get_chunks_urls(self, obj):
prefer_inline = self.context.get('prefer_inline', False)
if prefer_inline:
return None
ret = []
for chunk in obj.chunks.all():
ret.append(chunk.chunkFile.url)
return ret
def get_chunks_data(self, obj):
prefer_inline = self.context.get('prefer_inline', False)
if not prefer_inline:
return None
ret = []
for chunk in obj.chunks.all():
with open(chunk.chunkFile.path, 'rb') as f:
ret.append(b64encode(f.read()))
2020-02-20 11:56:16 +00:00
return ret
2020-02-20 11:56:16 +00:00
def to_representation(self, instance):
ret = super().to_representation(instance)
prefer_inline = self.context.get('prefer_inline', False)
if prefer_inline:
ret.pop('chunksUrls')
else:
ret.pop('chunksData')
return ret
2020-02-26 12:21:14 +00:00
2020-02-20 11:56:16 +00:00
class CollectionItemSerializer(serializers.ModelSerializer):
encryptionKey = BinaryBase64Field()
content = CollectionItemRevisionSerializer(many=False)
2020-02-20 11:56:16 +00:00
class Meta:
model = models.CollectionItem
fields = ('uid', 'version', 'encryptionKey', 'content')
2020-02-20 11:56:16 +00:00
2020-02-26 14:07:55 +00:00
def create(self, validated_data):
"""Function that's called when this serializer creates an item"""
revision_data = validated_data.pop('content')
instance = self.__class__.Meta.model(**validated_data)
with transaction.atomic():
instance.save()
chunks = revision_data.pop('chunks')
revision = models.CollectionItemRevision.objects.create(**revision_data, uid=generate_rev_uid(),
item=instance)
2020-02-26 14:07:55 +00:00
revision.chunks.set(chunks)
return instance
def update(self, instance, validated_data):
"""Function that's called when this serializer is meant to update an item"""
revision_data = validated_data.pop('content')
with transaction.atomic():
# We don't have to use select_for_update here because the unique constraint on current guards against
# the race condition. But it's a good idea because it'll lock and wait rather than fail.
current_revision = instance.revisions.filter(current=True).select_for_update().first()
current_revision.current = None
current_revision.save()
chunks = revision_data.pop('chunks')
revision = models.CollectionItemRevision.objects.create(**revision_data, uid=generate_rev_uid(),
item=instance)
revision.chunks.set(chunks)
return instance
2020-02-20 11:56:16 +00:00
2020-03-12 19:02:27 +00:00
class CollectionSerializer(serializers.ModelSerializer):
encryptionKey = CollectionEncryptionKeyField()
accessLevel = serializers.SerializerMethodField('get_access_level_from_context')
ctag = serializers.SerializerMethodField('get_ctag')
content = CollectionItemRevisionSerializer(many=False)
class Meta:
model = models.Collection
fields = ('uid', 'version', 'accessLevel', 'encryptionKey', 'content', 'ctag')
def get_access_level_from_context(self, obj):
request = self.context.get('request', None)
if request is not None:
return obj.members.get(user=request.user).accessLevel
return None
def get_ctag(self, obj):
last_revision = models.CollectionItemRevision.objects.filter(item__collection=obj).last()
if last_revision is None:
# FIXME: what is the etag for None? Though if we use the revision for collection it should be shared anyway.
return None
return last_revision.uid
def create(self, validated_data):
"""Function that's called when this serializer creates an item"""
revision_data = validated_data.pop('content')
encryption_key = validated_data.pop('encryptionKey')
instance = self.__class__.Meta.model(**validated_data)
with transaction.atomic():
main_item = models.CollectionItem.objects.create(
uid=None, encryptionKey=None, version=instance.version, collection=instance)
instance.mainItem = main_item
chunks = revision_data.pop('chunks')
revision = models.CollectionItemRevision.objects.create(**revision_data, uid=generate_rev_uid(),
item=main_item)
revision.chunks.set(chunks)
instance.save()
models.CollectionMember(collection=instance,
user=validated_data.get('owner'),
accessLevel=models.CollectionMember.AccessLevels.ADMIN,
encryptionKey=encryption_key,
).save()
return instance