Merged changes from skymapviewer_post branch

gracedb/urls.py

@@ -8,7 +8,7 @@ from django.conf.urls import patterns, url, include
 from gracedb.api import download
 
 urlpatterns = patterns('gracedb.views',
-    url (r'^$', 'index', name="home"),
+    url (r'^$', 'index', name="home-events"),
     url (r'^create/$', 'create', name="create"),
     url (r'^search/(?P<format>(json|flex))?$', 'search', name="search"),
     url (r'^view/(?P<graceid>[GEHT]\d+)', 'view', name="view"),

gracedb/views.py

@@ -55,6 +55,13 @@ def index(request):
             {},
             context_instance=RequestContext(request))
 
+# SP Info and Privacy pages are required for Federation with InCommon. 
+def spinfo(request):
+    return render_to_response('gracedb/spinfo.html', {}, context_instance=RequestContext(request))
+
+def spprivacy(request):
+    return render_to_response('gracedb/spprivacy.html', {}, context_instance=RequestContext(request))
+
 def skyalert_authorized(request):
     try:
         return u"{0} {1}".format(request.user.first_name, request.user.last_name) in settings.SKYALERT_SUBMITTERS
@@ -618,7 +625,11 @@ def neighbors(request, graceid, delta1, delta2=None):
         context,
         context_instance=RequestContext(request))
 
+import logging
+
 def view(request, graceid):
+    logger = logging.getLogger(__name__)
+    logger.debug("Hi from inside the view.")
     context = {}
     try:
         a = Event.getByGraceid(graceid)
@@ -635,6 +646,8 @@ def view(request, graceid):
     context['blessed_tags'] = settings.BLESSED_TAGS
     context['single_inspiral_events'] = list(a.singleinspiral_set.all())
     context['neighbor_delta'] = "[%+d,%+d]" % (-5,5)
+    context['SKYMAP_VIEWER_SERVICE_URL'] = settings.SKYMAP_VIEWER_SERVICE_URL
+
     return render_to_response(
         [ 'gracedb/event_detail_{0}.html'.format(a.analysisType),
           'gracedb/event_detail.html'],

ligoauth/middleware/auth.py

@@ -12,6 +12,15 @@ from django.http import HttpResponseForbidden
 
 proxyPattern = re.compile(r'^(.*?)(/CN=\d+)*$')
 
+# XXX Hack. This will go away when we get the new perms infrastructure in place.
+PUBLIC_URLS = [
+    '/',
+    '/SPInfo',
+    '/SPInfo/',
+    '/SPPrivacy',
+    '/SPPrivacy/',
+]
+
 def cert_dn_from_request(request):
     """Take a request, rummage through SSL_* headers, return the DN for the user."""
     certdn = request.META.get('SSL_CLIENT_S_DN')
@@ -80,7 +89,9 @@ class LigoAuthMiddleware:
 
         request.user = user
 
-        if user is None:
+        # Check: Is the requested URL allowed for the PUBLIC?
+        #if user is None:
+        if user is None and request.path_info not in PUBLIC_URLS:
             # Forbidden!
             is_cli = request.POST.get('cli_version') or \
                      request.GET.get('cli_version')

ligoauth/migrations/0011_add_idq_users_and_dns.py

+# -*- coding: utf-8 -*-
+from south.utils import datetime_utils as datetime
+from south.db import db
+from south.v2 import DataMigration
+from django.db import models
+
+users = [
+        {
+            'username' : 'idq-la',
+            'first_name' : '',
+            'last_name' : 'iDQ at LLO',
+            'email' : 'rvaulin@mit.edu',
+            'dns' : [
+                "/DC=org/DC=ligo/O=LIGO/OU=Services/CN=idq/ldas-pcdev1.ligo-la.caltech.edu",
+            ]
+        },
+        {
+            'username' : 'idq-wa',
+            'first_name' : '',
+            'last_name' : 'iDQ at LHO',
+            'email' : 'rvaulin@mit.edu',
+            'dns' : [
+                "/DC=org/DC=ligo/O=LIGO/OU=Services/CN=idq/ldas-pcdev1.ligo-wa.caltech.edu",
+            ]
+        },
+]
+
+class Migration(DataMigration):
+
+    def forwards(self, orm):
+        LocalUser = orm['ligoauth.LocalUser']
+        X509Cert = orm['ligoauth.X509Cert']
+
+        # Local Users
+        for entry in users:
+            user, created = LocalUser.objects.get_or_create(username=entry['username'])
+            if created:
+                user.first_name = entry['first_name']
+                user.last_name = entry['last_name']
+                user.email = entry['email']
+                user.is_active = True
+                user.is_staff = False
+                user.is_superuser = False
+                user.save()
+            current_dns = set([cert.subject for cert in user.x509cert_set.all()])
+            new_dns = set(entry['dns'])
+
+            missing_dns = new_dns - current_dns
+            redundant_dns = current_dns - new_dns
+
+            for dn in missing_dns:
+                cert, created = X509Cert.objects.get_or_create(subject=dn)
+                if created:
+                    cert.save()
+                cert.users.add(user)
+
+            for dn in redundant_dns:
+                cert = X509Cert.objects.get(subject=dn)
+                cert.users.remove(user)
+
+    def backwards(self, orm):
+        LocalUser = orm['ligoauth.LocalUser']
+        X509Cert = orm['ligoauth.X509Cert']
+        for entry in users:
+            for dn in entry['dns']:
+                cert = X509Cert.objects.get(subject=dn)
+                cert.delete()
+
+            user = LocalUser.objects.get(username=entry['username'])
+            user.delete()
+
+
+    models = {
+        u'auth.group': {
+            'Meta': {'object_name': 'Group'},
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
+            'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
+        },
+        u'auth.permission': {
+            'Meta': {'ordering': "(u'content_type__app_label', u'content_type__model', u'codename')", 'unique_together': "((u'content_type', u'codename'),)", 'object_name': 'Permission'},
+            'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['contenttypes.ContentType']"}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
+        },
+        u'auth.user': {
+            'Meta': {'object_name': 'User'},
+            'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
+            'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+            'groups': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "u'user_set'", 'blank': 'True', 'to': u"orm['auth.Group']"}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
+            'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+            'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
+            'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "u'user_set'", 'blank': 'True', 'to': u"orm['auth.Permission']"}),
+            'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
+        },
+        u'contenttypes.contenttype': {
+            'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
+            'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
+        },
+        u'ligoauth.ligoldapuser': {
+            'Meta': {'object_name': 'LigoLdapUser', '_ormbases': [u'auth.User']},
+            'ldap_dn': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '100'}),
+            u'user_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': u"orm['auth.User']", 'unique': 'True', 'primary_key': 'True'})
+        },
+        u'ligoauth.localuser': {
+            'Meta': {'object_name': 'LocalUser', '_ormbases': [u'auth.User']},
+            u'user_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': u"orm['auth.User']", 'unique': 'True', 'primary_key': 'True'})
+        },
+        u'ligoauth.x509cert': {
+            'Meta': {'object_name': 'X509Cert'},
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'subject': ('django.db.models.fields.CharField', [], {'max_length': '200'}),
+            'users': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.User']", 'symmetrical': 'False'})
+        }
+    }
+
+    complete_apps = ['ligoauth']
+    symmetrical = True

settings/default.py

@@ -40,6 +40,8 @@ XMPP_ALERT_CHANNELS = [
                         'external_grb',
                       ]
 
+SKYMAP_VIEWER_SERVICE_URL = "https://losc-gracedb.ligo.org/cgi-bin/skymapViewer"
+
 BLESSED_TAGS = [
                  'analyst_comments',
                  'psd',

templates/gracedb/event_detail.html

@@ -97,6 +97,10 @@
                     dc += '         <td>{{log.comment|sanitize|escapejs}} \n';
                                {% if log.fileurl %}
                     dc += '             <a href="{{log.fileurl}}">{{log.filename}}</a> \n';
+                                    // If this is a skymap.json file, we want a button.
+                                    {% if log.filename == "skymap.json" %}
+                    dc += '             <button type="button" data-dojo-type="dijit/form/Button" id="sV_button" class="modButtonClass">View in skymapViewer!</button> \n';                                   
+                                    {% endif %}
                                {% endif %}
                     dc += '         </td> \n';
                     dc += '    </tr> \n';
@@ -495,6 +499,28 @@
                 new Tooltip({ connectId: tag.button_id, label: "delete this tag"});
             }
 
+
+            // Handle the post to skymapViewer button.
+            var sV_button = dom.byId("sV_button");
+            if (sV_button) {
+                on(sV_button, "click", function() {
+                    // construct skymap.json url.
+                    var skymap_json_url = "{% url "file" object.graceid "skymap.json" %}"
+                    // fetch JSON content.
+                    dojo.xhrGet({
+                        url: skymap_json_url,
+                        load: function(result) { 
+                            // Find the form and set its value to the appropriate JSON        
+                            sV_form = dom.byId("sV_form");
+                            // Shove the skymap.json contents into the value for the second form field.
+                            sV_form.elements[1].value = result; 
+                            // Submit the form, which takes the user to the skymapViewer server.
+                            sV_form.submit();
+                        }
+                    });
+                });
+            }
+
         });
 
     </script>
@@ -600,9 +626,20 @@
 {% endblock %}
 </div>
 
-<p>
-  <!-- Neighbors Support refresh_neighbors() function -->
-  <script type="text/javascript">
+{# Enable post to skymap viewer #}
+<div id="sV_form_div" style="display: none">
+
+<!-- <form action="https://losc-gracedb.ligo.org/cgi-bin/skymapViewer" id="sV_form"  method="post"> -->
+<form action="{{ SKYMAP_VIEWER_SERVICE_URL }}" id="sV_form"  method="post">
+    <input type="hidden" name="skymapid" value="{{ object.graceid }}">
+    <!-- <input type="hidden" name="json" value="{{ skymap_json }}"> -->
+    <input type="hidden" name="json" value="blaargh">
+    <input type="submit" value="View in skymapViewer!">
+</form>
+</div>
+
+<!-- Neighbors Support refresh_neighbors() function -->
+<script type="text/javascript">
     var refresh_neighbors= function() { alert("NOT SET YET"); };
     require(["dojo/dom", "dojo/html", "dojo/request", "dojo/domReady!"],
         function (dom, html, request) {

templates/gracedb/index.html

 {% extends "base.html" %}
 
 {% block title %}Home{% endblock %}
-{% block heading %}GraceDB <em>Alpha</em> &mdash; Overview{% endblock %}
+{% block heading %}GraceDB &mdash; Overview{% endblock %}
 {% block pageid %}home{% endblock %}
 
 {% block content %}

templates/gracedb/spinfo.html

+{% extends "base.html" %}
+
+{% block title %}Home{% endblock %}
+{% block heading %}GraceDB — Service Provider Information{% endblock %}
+{% block pageid %}SPInfo{% endblock %}
+
+{% block content %}
+
+<div class="text">
+
+<p>
+GraceDB organizes candidate events from gravitational-wave searches and provides an
+environment to record information about follow-ups.
+</p>
+
+</div>
+
+{% endblock %}

templates/gracedb/spprivacy.html

+{% extends "base.html" %}
+
+{% block title %}Home{% endblock %}
+{% block heading %}GraceDB — Service Provider Privacy{% endblock %}
+{% block pageid %}SPPrivacy{% endblock %}
+
+{% block content %}
+
+<div class="text">
+
+<p>
+This service provider receives an identifier for you
+known as an eduPersonPrincipalName (or eppn) from your login provider. 
+Within GraceDB, this eppn functions as your username.  If you are outside the
+LIGO/Virgo community, the eppn is also used to look you up in the 
+<a href="https://gw-astronomy.org">Gravitational Wave Astronomy Community Registry</a> 
+to find your
+group membership information (which determines read and edit permissions).
+
+None of this information about you is shared with any service or tools outside
+of those supporting collaboration across the gravitational wave astronomy
+community.
+
+</p>
+
+</div>
+
+{% endblock %}

urls.py

@@ -17,6 +17,8 @@ feeds = {
 urlpatterns = patterns('',
 
     url (r'^$', 'gracedb.views.index', name="home"),
+    url (r'^SPInfo', 'gracedb.views.spinfo', name="spinfo"),
+    url (r'^SPPrivacy', 'gracedb.views.spprivacy', name="spprivacy"),
     (r'^events/', include('gracedb.urls')),
     (r'^api/',    include('gracedb.urls_rest', app_name="api", namespace="x509")),
     (r'^apiweb/', include('gracedb.urls_rest', app_name="api", namespace="shib")),