django-restit 4.2.175__py3-none-any.whl → 4.2.178__py3-none-any.whl

account/models/group.py

@@ -52,6 +52,7 @@ class Group(models.Model, RestModel, MetaDataModel):
         LIST_PARENT_KINDS = ["org", "iso"]
         POST_SAVE_FIELDS = ["child_of"]
         GROUP_FIELD = "self"
+        CAN_BATCH = True
         VIEW_PERMS = [
             "view_all_groups",
             "manage_groups",

account/models/member.py

@@ -72,6 +72,7 @@ class Member(User, RestModel, MetaDataModel):
         SEARCH_FIELDS = ["username", "email", "first_name", "last_name", "display_name", "phone_number"]
         VIEW_PERMS = ["view_members", "manage_members", "manage_users", "owner"]
         SAVE_PERMS = ["invite_members", "manage_members", "manage_users", "owner"]
+        CAN_BATCH = True
         LIST_DEFAULT_FILTERS = {
             "is_active": True
         }
@@ -149,7 +150,7 @@ class Member(User, RestModel, MetaDataModel):
     display_name = models.CharField(max_length=64, blank=True, null=True, default=None)
     picture = models.ForeignKey("medialib.MediaItem", blank=True, null=True, help_text="Profile picture", related_name='+', on_delete=models.CASCADE)
 
-    # we use this token to allow us to invalidate JWT tokens 
+    # we use this token to allow us to invalidate JWT tokens
     security_token = models.CharField(max_length=64, blank=True, null=True, default=None, db_index=True)
     auth_code = models.CharField(max_length=64, blank=True, null=True, default=None, db_index=True)
     auth_code_expires = models.DateTimeField(blank=True, null=True, default=None)
@@ -263,6 +264,24 @@ class Member(User, RestModel, MetaDataModel):
             return self.has_usable_password()
         return False
 
+    def getFailedLoginCount(self):
+        c = RemoteEvents.hget("users:failed:username", self.username)
+        if c is not None:
+            return int(c)
+        return c
+
+    @classmethod
+    def GetFailedLoginsForIP(cls, ip):
+        c = RemoteEvents.hget("users:failed:ip", ip)
+        if c is not None:
+            return int(c)
+        return c
+
+    @classmethod
+    def GetIPsWithFailedLoginAttempts(cls, threshold):
+        failed_ips = RemoteEvents.hgetall("users:failed:ip")
+        return {ip: int(count) for ip, count in failed_ips.items() if int(count) > threshold}
+
     def recordFailedLogin(self, request):
         c = RemoteEvents.hincrby("users:failed:username", self.username, 1)
         if c >= settings.LOCK_PASSWORD_ATTEMPTS:
@@ -273,13 +292,15 @@ class Member(User, RestModel, MetaDataModel):
                 "account", f"incorrect password for {self.username}", level=8,
                 error_code=498,
                 request=request)
-        c = RemoteEvents.hincrby("users:failed:ip", request.ip, 1)
+        ic = RemoteEvents.hincrby("users:failed:ip", request.ip, 1)
+        return c
 
     def recordSuccessLogin(self, request):
         self.last_login = datetime.now()
         self.save()
         RemoteEvents.hdel("users:failed:username", self.username)
-        RemoteEvents.hdel("users:failed:ip", request.ip)
+        if request:
+            RemoteEvents.hdel("users:failed:ip", request.ip)
 
     def hasPasswordExpired(self):
         now = datetime.now()
@@ -288,38 +309,33 @@ class Member(User, RestModel, MetaDataModel):
             self.save()
         return now - self.password_changed > timedelta(days=settings.PASSWORD_EXPIRES_DAYS)
 
-    def login(self, password=None, request=None, use_jwt=False):
-        if not self.is_active or self.is_blocked:
-            return False
-        # can force login
+    def login(self, password=None, request=None):
         if not request:
             request = rh.getActiveRequest()
+        if not self.is_active or self.is_blocked:
+            return False
         if not self.checkPassword(password):
-            # invalid password
             self.recordFailedLogin(request)
             return False
-        else:
-            self.recordSuccessLogin(request)
-        if use_jwt:
-            self.recordSuccessLogin(request)
-            self.locateByIP(request.ip)
-            return True
-        self.user_ptr.backend = 'django.contrib.auth.backends.ModelBackend'
-        auth_login(request, self.user_ptr)
-        self.locateByIP(request.ip)
+        self.authLogin(request)
         return True
 
     def loginNoPassword(self, request=None):
         if not self.is_active or self.is_blocked:
             return False
-        # can force login
         if not request:
             request = rh.getActiveRequest()
-        self.user_ptr.backend = 'django.contrib.auth.backends.ModelBackend'
-        auth_login(request, self.user_ptr)
-        self.locateByIP(request.ip)
+        self.authLogin(request)
         return True
 
+    def authLogin(self, request, use_session=True):
+        if use_session:
+            self.user_ptr.backend = 'django.contrib.auth.backends.ModelBackend'
+            auth_login(request, self.user_ptr)
+        if request:
+            self.locateByIP(request.ip)
+        self.recordSuccessLogin(request)
+
     def canLogin(self, request=None, throw_exception=True, using_password=True):
         if not self.is_active:
             self.log("login_blocked", F"account is not active {self.username}", request, method="login", level=31)
@@ -577,7 +593,7 @@ class Member(User, RestModel, MetaDataModel):
         SMS.send(phone, msg)
         return True
 
-    def sendEmail(self, subject, body, attachments=[], do_async=True, template=None, 
+    def sendEmail(self, subject, body, attachments=[], do_async=True, template=None,
                   context=None):
         default_domain = self.getProperty("default_domain", settings.EMAIL_DEFAULT_DOMAIN)
         from_email = rh.getFromEmailForHost(default_domain)
@@ -675,7 +691,7 @@ class Member(User, RestModel, MetaDataModel):
             allow_email = not self.email_disabled and valid_email and (force or via in ["all", "email"])
         else:
             allow_email = valid_email
-        
+
         if not allow_email and not allow_sms:
             return False
 
@@ -796,7 +812,7 @@ class Member(User, RestModel, MetaDataModel):
     def block(self, reason, request=None):
         if not request:
             request = self.getActiveRequest()
-        PersistentLog.log("account blocked, {}".format(reason), 5, request, "account.Member", self.pk, "blocked")
+        self.auditLog(f"account blocked, {reason}", "blocked", level=5)
         RemoteEvents.hset("users:blocked:username", self.username, time.time())
         self.reportIncident(
             "account", f"account '{self.username}' blocked: {reason}", level=2,
@@ -832,7 +848,7 @@ class Member(User, RestModel, MetaDataModel):
 
     # BEGIN REST CALLBACKS
     def on_permission_change(self, key, value, old_value, category):
-        # called when a metadata.permissions field changes.. see django settings USER_METADATA_PROPERTIES 
+        # called when a metadata.permissions field changes.. see django settings USER_METADATA_PROPERTIES
         # we want to log both the person changing permissions
         # and those being changed
         request = RestModel.getActiveRequest()
@@ -865,7 +881,7 @@ class Member(User, RestModel, MetaDataModel):
         request = self.getActiveRequest()
         if not request.member.is_superuser:
             raise PermissionDeniedException("Permission Denied: attempting to super user")
-        self.is_superuser = int(value)     
+        self.is_superuser = int(value)
 
     def set_disable(self, value):
         if value is not None and value in [1, '1', True, 'true']:
@@ -973,7 +989,12 @@ class Member(User, RestModel, MetaDataModel):
             request.member.log("permission_denied", "attempting to set password for user: {}".format(self.username), method="password_change", level=3)
             raise PermissionDeniedException("Permission Denied: attempting to change password")
         if request.member.id != self.id:
-            self.log("modified_by", "password changed by: {}".format(request.member.username), method="password_change", level=31)
+            error = f"{self.username} password changed by: {request.member.username}"
+            self.reportIncident("account", error, details=error, error_code=497)
+            self.log("modified_by", error, method="password_change", level=31)
+
+            error = f"{self.username} password changed by: {request.member.username}"
+            request.member.reportIncident("account", error, details=error, error_code=497)
             request.member.log("member_edit", "{} password changed".format(self.username), method="password_change", level=31)
             self.setPassword(value, skip_history=True)
         else:
@@ -1219,7 +1240,7 @@ class Member(User, RestModel, MetaDataModel):
     def authWS4RedisConnection(cls, auth_data):
         """
         This method is used by the async/websocket service to authenticate.
-        If the model can authenticate the connection it should return dict 
+        If the model can authenticate the connection it should return dict
         with kind and pk of the model that is authenticaed
         """
         from rest import UberDict
@@ -1338,5 +1359,3 @@ class AuthToken(models.Model, RestModel):
 
     def __str__(self):
         return "{o.member}: {o.secure_token}".format(o=self)
-
-

account/rpc/auth.py

@@ -55,7 +55,7 @@ def jwt_login(request):
         resp = checkForTOTP(request, member)
         if resp is not None:
             return resp
-    if not member.login(request=request, password=password, use_jwt=True):
+    if not member.login(request=request, password=password):
         # we do not want permission denied catcher invoked as it is already handled in login method
         return rv.restStatus(request, False, error=f"Invalid Credentials {username}", error_code=401)
     return on_complete_jwt(request, member, auth_method)
@@ -221,7 +221,8 @@ def member_login_uname_code(request, username, auth_code):
         member.setPassword(password)
     member.auth_code = None
     member.auth_code_expires = None
-    member.login(request=request)
+    member.canLogin(request, using_password=False)  # throws exception if cannot login
+    member.loginNoPassword(request)
     member.save()
     member.log("code_login", "code login", request, method="login", level=8)
     if request.DATA.get("auth_method") == "basic" and ALLOW_BASIC_LOGIN:
@@ -411,3 +412,12 @@ def totp_verify(request):
         return rv.restPermissionDenied(request, "invalid code")
     request.member.setProperty("totp_verified", 1)
     return rv.restStatus(request, True)
+
+
+# time based one time passwords
+@rd.urlPOST('security/ip/failed_logins')
+@rd.login_required
+def failed_logins_by_ip(request):
+    ips = am.Member.GetIPsWithFailedLoginAttempts(request.DATA.get("threshold", 10))
+    lst = [dict(ip=k, count=v) for k, v in ips.items()]
+    return rv.restList(request, lst)

{django_restit-4.2.175.dist-info → django_restit-4.2.178.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: django-restit
-Version: 4.2.175
+Version: 4.2.178
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes

{django_restit-4.2.175.dist-info → django_restit-4.2.178.dist-info}/RECORD

@@ -29,9 +29,9 @@ account/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuF
 account/models/__init__.py,sha256=cV_lMnT2vL_mjiYtT4hlcIHo52ocFbGSNVkOIHHLXZY,385
 account/models/device.py,sha256=8D-Sbv9PZWAnX6UVpp1lNJ03P24fknNnN1VOhqY7RVg,6306
 account/models/feeds.py,sha256=vI7fG4ASY1M0Zjke24RdnfDcuWeATl_yR_25jPmT64g,2011
-account/models/group.py,sha256=JVyMIakLskUuGXBJFyessw4LlD9Fl6AsHtpo1yZEYjk,22884
+account/models/group.py,sha256=Pmm6G5Qb9C-OQ70xUxp5M1_PAg1DtvUxb5WFFW-WmOY,22909
 account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
-account/models/member.py,sha256=qmLCOVbNTRr4L-E7BbOMtv4V64QN7K-0pXDgnuB-AbY,54722
+account/models/member.py,sha256=xlX0yqE3yFwPaZkcdU4e3g3yTommHimsLG8wBp09x90,55376
 account/models/membership.py,sha256=90EpAhOsGaqphDAkONP6j_qQ0OWSRaQsI8H7E7fgMkE,9249
 account/models/notify.py,sha256=YKYEXT56i98b7-ydLt5UuEVOqW7lipQMi-KuiPhcSwY,15627
 account/models/passkeys.py,sha256=lObapudvL--ABSTZTIELmYvHE3dPF0tO_KmuYk0ZJXc,1699
@@ -43,7 +43,7 @@ account/passkeys/__init__.py,sha256=FwXYJXwSJXfkLojGBcVpF1dFpgFhzDdd9N_3naYQ0cc,
 account/passkeys/core.py,sha256=4aUBNCuF_kjOvE1zFapK1Pj28ap5slO71dRyfnWi0YU,4148
 account/periodic.py,sha256=-u0n-7QTJgDOkasGhBAPwHAwjpqWGA-MZLEFkVTqCGU,874
 account/rpc/__init__.py,sha256=SGF0M_-H0dKh3b1apSX29BotNWAvITYccGQVC0MIjL8,336
-account/rpc/auth.py,sha256=0LUTb-dO6wk6rWitPVAXeR0IqpbX5Yw8tHM5U9QJibA,17234
+account/rpc/auth.py,sha256=MDXXhTlzTRcKB8TQ0OPawvsb0P4EeH_J3ukeSljgytk,17615
 account/rpc/device.py,sha256=lU2BHNPreHV0dDTjAPc7Sc-5m2JP8SiWVqiKuBfV7Fo,2281
 account/rpc/group.py,sha256=hw7iczZ6W_IrRbx5ZDw6cZ5I_ztqxhtUFJD9WR91_4s,4948
 account/rpc/member.py,sha256=8XnJX-iri0Om4nc-V2_tDJzfCSzziKLw6dUx9egtEZE,2236
@@ -93,7 +93,7 @@ inbox/models/template.py,sha256=i5vf0vsM1U0251UmVsF61MDCV_c7xt-zdCdx1SiKOG0,1013
 inbox/rpc.py,sha256=7JXvpXlEGKG7by_NkANPGYLCzagyCnTIGM4rme_htpk,1534
 inbox/utils/__init__.py,sha256=P_UR2rGK3L0tZNlTN-mf99tpeYM-tLkA18iDKXSSLDM,89
 inbox/utils/parsing.py,sha256=y_71dwz8bm3JvF35ol8698XJ36sBF8fQWUrn0sYd2Fs,5597
-inbox/utils/render.py,sha256=CU_F2qUBQE7mjb9Q6Dn9ro5CS_O_zEY-wDMHEClKkIA,4331
+inbox/utils/render.py,sha256=Jk_YYY6uztURh0qQfDDZYpOj9awvqkqkAaBmwJIWivU,4543
 inbox/utils/sending.py,sha256=BKelTZnbkdSLGpjOY6IRTrzj-Hnw2pPZ7RYQGwe-tqk,2179
 incident/README.md,sha256=4vbZTJj7uUmq8rogYngxqNYjFTlBOujfWUGheLoFKMc,1114
 incident/__init__.py,sha256=FXNMmcGP6YAKjwik84ppze33uL0kDTa7YFr3aOEXhhk,3658
@@ -177,7 +177,7 @@ medialib/forms.py,sha256=nrE6QTPNPiIeX7Nx4l9DEmAQeQXqFyCg1C3JEDBYJfE,5442
 medialib/migrations/0001_initial.py,sha256=H3JliH5aw7tiHef8MhrJr_9rGetqgA7UjTF-eKziRSM,20518
 medialib/migrations/0002_alter_mediaitemrendition_bytes.py,sha256=igC1R02smbNoWlk2T4uCi9cNilOsxGKD-D24fQv92dM,414
 medialib/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-medialib/models.py,sha256=fsgNxBtJNR7lufbWUsI_LtxfYmLBTpIQ0uOW-T_CsD8,55032
+medialib/models.py,sha256=V-ouyUVgPKDIVvzGyqSoMWdhSBV8ZXHQKLXEyOTLAx0,54976
 medialib/ocr.py,sha256=zlP7-NBiXhW7jR9pljmEPl5xzLVZpLN5QLAELQgU0Fk,1189
 medialib/pdf.py,sha256=l28WwM0JKbT9boV-b_9TFh9jhvGcrquR8GqC8wfEaLk,1275
 medialib/qrcode.py,sha256=vHyA5egXOX70EFiUDgr1njI9zcF6bXQJ_hKAQrppRow,545
@@ -339,7 +339,7 @@ medialib/youtube/upload.py,sha256=MTuPxm1ZC-y5pXAGtLNtp1hBSNZgCKYt1ewP5hwMQHI,28
 medialib/youtube/uritemplate/__init__.py,sha256=ONWR_KRz9au0O-XUUTrO_UN7GHTmZCTKyvflUQb8wxM,4996
 metrics/README.md,sha256=YwbCA2y6xJBlaO6yEtl1zWpqrQ4ZzkQSuQT-h6btET8,2307
 metrics/__init__.py,sha256=70sdDZGOwGIEFWgDkHWPMVODFelo206jp1g-BFV2u_4,90
-metrics/client.py,sha256=vc49J0KLLJlryhb77I-ejShDnWGF8NqSU6mhdPv8V2s,25570
+metrics/client.py,sha256=-YPZfNJqbg86V3rmHTDx_raRLaZDjzKmFIl6BjeSHN4,25565
 metrics/eod.py,sha256=gnq-tNE7xfm2ah52e2TUyERgUQNwkFuT2rtDv8XOUVQ,9182
 metrics/examples/eod_example.py,sha256=gYtansjsKILVxe8XJD12XPaxmBJ-B6dOXGZG2JTGWA8,1664
 metrics/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -380,7 +380,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
 rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
 rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
 rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
-rest/__init__.py,sha256=5nuojPskvcFtHA31BnuuT6Z7MtZov2YpOn2IHnzm9cw,122
+rest/__init__.py,sha256=BF5iQVc_58Sj3--bfe7Nv0kMyoAmtLcNU6EnH6vA1bU,122
 rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
 rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
 rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
@@ -395,12 +395,13 @@ rest/extra/__init__.py,sha256=YzmNsch5H5FFLkUK9mIAKyoRK_rJCA9HGb0kubp4h30,54
 rest/extra/hostinfo.py,sha256=5R23EafcNbFARyNEqdjBkqcpC8rPfmPd1zqNqle6-nM,4298
 rest/extra/json_metadata.py,sha256=p_ffzmANmOFix_oC3voR6_NNTjcn7-T7aXcH-I4_Npg,1078
 rest/fields.py,sha256=_v1TJVc6vyWlqmwFRJ6mtuR5Fo-lS0KcUhPWIrzKZUo,9719
+rest/filetypes.py,sha256=wZXljB1g6JbA5H41xC81Jk3Wy_gu64ecNKU4k7aMcig,4171
 rest/forms.py,sha256=66Wm5cdy8tKib_mGicjq_yd-gNVMFWRECnrDksnNnwU,6316
 rest/helpers.py,sha256=t7smlOUzchVno-zeq7xMJIwogAR2DeSrffWxgysOHX8,29531
 rest/joke.py,sha256=0PpKaX2iN7jlS62kgjfmmqkFBYLPURz15aQ8R7OJkJ8,260
 rest/jwtoken.py,sha256=F7Vvpm31rAplTXr8XFP-Lb4BnDB3j1B2nQq0P1iTCLQ,2576
 rest/log.py,sha256=hd1_4HBOS395sfXJIL6BTw9yekm1SLgBwYx_PdfIhKA,20930
-rest/mail.py,sha256=Rm40hWDYop0tMqxdN-J2NT-dCnP-f4SfCZxSO02ajzs,7965
+rest/mail.py,sha256=rp88V-SVM9F6ZIupoyrQvDwArhG0mfbzjHrDBRiHbvI,8204
 rest/mailman.py,sha256=v5O1G5s3HiAKmz-J1z0uT6_q3xsONPpxVl9saEyQQ2I,9174
 rest/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 rest/management/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -413,7 +414,7 @@ rest/middleware/request.py,sha256=JchRNy5L-bGd-7h-KFYekGRvREe2eCkZXKOYqIkP2hI,41
 rest/middleware/session.py,sha256=zHSoQpIzRLmpqr_JvW406wzpvU3W3gDbm5JhtzLAMlE,10240
 rest/middleware/session_store.py,sha256=1nSdeXK8PyuYgGgIufqrS6j6QpIrQ7zbMNT0ol75e6U,1901
 rest/models/__init__.py,sha256=M8pvFDq-WCF-QcM58X7pMufYYe0aaQ3U0PwGe9TKbbY,130
-rest/models/base.py,sha256=oPj4m4-fnmjYUqd9dru17ulyh8jdFbXtWJt1CiuiBls,72633
+rest/models/base.py,sha256=lbl20SK27Dsz3N6wcbBVEscrZ2n3VDZZH-gnqFgZz9s,72637
 rest/models/cacher.py,sha256=eKz8TINVhWEqKhJGMsRkKZTtBUIv5rN3NHbZwOC56Uk,578
 rest/models/metadata.py,sha256=ni8-BRF07lv4CdPUWnUdfPTOClQAVEeRZvO-ic623HU,12904
 rest/net.py,sha256=LcB2QV6VNRtsSdmiQvYZgwQUDwOPMn_VBdRiZ6OpI-I,2974
@@ -517,7 +518,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=KKq00EwoGnz1yLwCZr5Dfoq2izivmAdsNEEM4EhZwN4,1610
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.175.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.175.dist-info/METADATA,sha256=DuVZg0LP0bkuNNdfm9IlJXwcpPE-O4-V6qSZYRHICTk,7714
-django_restit-4.2.175.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
-django_restit-4.2.175.dist-info/RECORD,,
+django_restit-4.2.178.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.178.dist-info/METADATA,sha256=7mIBsuAJDUF-6Mbw7FgAVHoc7zqWDFiIKuLpbbieMZ8,7714
+django_restit-4.2.178.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
+django_restit-4.2.178.dist-info/RECORD,,

inbox/utils/render.py

@@ -12,10 +12,17 @@ import re
 
 
 def createMessage(sender, recipients, subject, text, html, attachments=None, replyto=None):
-    message = objict(sender=sender, recipients=recipients)
 
-    if not isinstance(message.recipients, (tuple, list)):
-        message.recipients = [message.recipients]
+    if isinstance(recipients, str):
+        if "," in recipients:
+            recipients = [t.strip() for t in recipients.split(',')]
+        elif ";" in recipients:
+            recipients = [t.strip() for t in recipients.split(';')]
+
+    if not isinstance(recipients, (tuple, list)):
+        recipients = [recipients]
+
+    message = objict(sender=sender, recipients=recipients)
 
     if attachments is None:
         attachments = []

medialib/models.py

@@ -16,16 +16,14 @@ import urllib.request, urllib.error, urllib.parse
 from urllib.parse import urlparse
 from datetime import datetime, date
 import os
-import hashlib
 import time
-import mimetypes
 import tempfile
 import re
 
 from medialib import utils
 from rest import settings
 from rest.models import RestModel, MetaDataBase, MetaDataModel
-from rest.decorators import rest_async
+from rest import filetypes
 
 from taskqueue.models import Task
 
@@ -547,7 +545,7 @@ class MediaItem(models.Model, RestModel, MetaDataModel):
                 if kind in ["png", "jpg", "jpeg", "jfif", "bmp", "gif", "tif"]:
                     self.kind = "I"
                     return
-        (mt, _) = mimetypes.guess_type(filename)
+        mt = filetypes.guess_type(filename)
         if mt == None:
             self.kind = '*'
         elif mt[:6] == 'image/':
@@ -833,7 +831,7 @@ class MediaItem(models.Model, RestModel, MetaDataModel):
             return image
         return {
             "kind": image.kind,
-            "content_type": mimetypes.guess_type(image.url)[0],
+            "content_type": filetypes.guess_type(image.url),
             "bytes":image.bytes,
             "url":image.view_url(request=request, expires=None, is_secure=True),
             "width":image.width,
@@ -860,7 +858,7 @@ class MediaItem(models.Model, RestModel, MetaDataModel):
             return None
         return {
             "kind": orig.kind,
-            "content_type": mimetypes.guess_type(self.name)[0],
+            "content_type": filetypes.guess_type(self.name),
             "bytes":orig.bytes,
             "url":orig.view_url(request=request, expires=None, is_secure=True),
             "width":orig.width,
@@ -1466,4 +1464,3 @@ class MediaItemParameterSetting(models.Model):
 
     def __str__(self):
         return "%s - %s" % (str(self.item), str(self.parameter))
-

metrics/client.py

@@ -329,7 +329,7 @@ class R(object):
             for s in slug:
                 self.metric(s, num, category, expire, date)
             return
-        
+
         # Add the slug to the set of metric slugs
         try:
             self.r.sadd(self._metric_slugs_key, slug)
@@ -382,12 +382,12 @@ class R(object):
         keys = utils.build_keys(slug, min_granularity=min_granularity, max_granularity=max_granularity)
 
         for granularity, key in zip(granularities, keys):
-            rh.debug("-- get_metric --", granularity, key)
+            # rh.debug("-- get_metric --", granularity, key)
             try:
                 results[granularity] = int(self.r.get(key))
             except Exception:
                 results[granularity] = 0
-                rh.log_exception("get_metric", granularity, key)
+                # rh.log_exception("get_metric", granularity, key)
         if min_granularity and min_granularity == max_granularity:
             return results[min_granularity]
         return results
@@ -661,4 +661,3 @@ class R(object):
         key = self._gauge_key(slug)
         self.r.delete(key)  # Remove the Gauge
         self.r.srem(self._gauge_slugs_key, slug)  # Remove from the set of keys
-

rest/__init__.py

@@ -1,4 +1,4 @@
 from .uberdict import UberDict  # noqa: F401
 from .settings_helper import settings  # noqa: F401
 
-__version__ = "4.2.175"
+__version__ = "4.2.178"

rest/filetypes.py

@@ -0,0 +1,128 @@
+EXTENSION_TO_MIME = {
+    # Documents
+    '.pdf': 'application/pdf',
+    '.doc': 'application/msword',
+    '.docx': 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+    '.xls': 'application/vnd.ms-excel',
+    '.xlsx': 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+    '.ppt': 'application/vnd.ms-powerpoint',
+    '.pptx': 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
+    '.csv': 'text/csv',
+    '.tsv': 'text/tab-separated-values',
+    '.txt': 'text/plain',
+    '.rtf': 'application/rtf',
+    '.odt': 'application/vnd.oasis.opendocument.text',
+    '.ods': 'application/vnd.oasis.opendocument.spreadsheet',
+    '.md': 'text/markdown',
+    '.epub': 'application/epub+zip',
+    '.ics': 'text/calendar',
+
+    # Images
+    '.jpg': 'image/jpeg',
+    '.jpeg': 'image/jpeg',
+    '.png': 'image/png',
+    '.gif': 'image/gif',
+    '.bmp': 'image/bmp',
+    '.webp': 'image/webp',
+    '.tiff': 'image/tiff',
+    '.svg': 'image/svg+xml',
+    '.heic': 'image/heic',
+    '.ico': 'image/vnd.microsoft.icon',
+
+    # Audio
+    '.mp3': 'audio/mpeg',
+    '.wav': 'audio/wav',
+    '.ogg': 'audio/ogg',
+    '.m4a': 'audio/mp4',
+    '.flac': 'audio/flac',
+
+    # Video
+    '.mp4': 'video/mp4',
+    '.mov': 'video/quicktime',
+    '.avi': 'video/x-msvideo',
+    '.wmv': 'video/x-ms-wmv',
+    '.webm': 'video/webm',
+    '.mkv': 'video/x-matroska',
+
+    # Archives
+    '.zip': 'application/zip',
+    '.tar': 'application/x-tar',
+    '.gz': 'application/gzip',
+    '.rar': 'application/vnd.rar',
+    '.7z': 'application/x-7z-compressed',
+    '.tar.gz': 'application/gzip',  # Special case
+    '.tgz': 'application/gzip',
+    '.bz2': 'application/x-bzip2',
+    '.tar.bz2': 'application/x-bzip2',
+
+    # Code / Data
+    '.json': 'application/json',
+    '.xml': 'application/xml',
+    '.html': 'text/html',
+    '.htm': 'text/html',
+    '.css': 'text/css',
+    '.js': 'application/javascript',
+    '.py': 'text/x-python',
+    '.java': 'text/x-java-source',
+    '.c': 'text/x-c',
+    '.cpp': 'text/x-c++',
+    '.ts': 'application/typescript',
+    '.yml': 'application/x-yaml',
+    '.yaml': 'application/x-yaml',
+    '.sql': 'application/sql',
+
+    # Fonts
+    '.woff': 'font/woff',
+    '.woff2': 'font/woff2',
+    '.ttf': 'font/ttf',
+    '.otf': 'font/otf',
+
+    # Misc
+    '.apk': 'application/vnd.android.package-archive',
+    '.exe': 'application/vnd.microsoft.portable-executable',
+    '.dmg': 'application/x-apple-diskimage',
+    '.bat': 'application/x-bat',
+    '.sh': 'application/x-sh',
+    '.pdfa': 'application/pdf',
+    '.webmanifest': 'application/manifest+json',
+}
+
+def parse_extension(filename):
+    """
+    Extract the extension from a filename, handling both single and double extensions,
+    and return the extension along with the filename without the extension.
+
+    Parameters:
+    filename (str): The name of the file for which to extract the extension.
+
+    Returns:
+    tuple: A tuple containing the extracted extension (or an empty string if no valid
+           extension is found) and the filename without the extension.
+    """
+    filename = filename.lower()
+    parts = filename.rsplit('.', 2)  # Max 2 splits: base.name.ext1.ext2
+    if len(parts) == 3:
+        double_ext = f".{parts[-2]}.{parts[-1]}"
+        if double_ext in EXTENSION_TO_MIME:
+            return double_ext, '.'.join(parts[:-1])
+    ext = f".{parts[-1]}" if '.' in filename else ''
+    base_filename = parts[0] if len(parts) == 1 else '.'.join(parts[:-1])
+    return ext.lower(), base_filename
+
+def guess_type(filename):
+    """
+    Guess the MIME type of a file based on its extension.
+
+    This function attempts to determine the MIME type of a file by examining
+    its extension. It can handle both single and double extensions, such as
+    ".tar.gz" or ".tar.bz2".
+
+    Parameters:
+    filename (str): The name of the file whose MIME type needs to be guessed.
+
+    Returns:
+    str: The guessed MIME type if found in EXTENSION_TO_MIME mapping, or
+         'application/octet-stream' as a default fallback.
+    """
+    ext, _ = parse_extension(filename)
+    return EXTENSION_TO_MIME.get(ext, 'application/octet-stream')

rest/mail.py

@@ -3,7 +3,6 @@ import os
 import threading
 from io import StringIO
 import csv
-import mimetypes
 import boto3
 
 from email.mime.multipart import MIMEMultipart
@@ -25,6 +24,7 @@ from django.template import TemplateDoesNotExist
 
 import metrics
 from rest import settings
+from rest import filetypes
 from rest.uberdict import UberDict
 from rest.middleware import get_request
 from rest.log import getLogger
@@ -37,11 +37,16 @@ SES_REGION = settings.SES_REGION
 EMAIL_METRICS = settings.get("EMAIL_METRICS", False)
 
 
-def send(to, subject, body=None, attachments=[], 
+def send(to, subject, body=None, attachments=[],
          from_email=settings.DEFAULT_FROM_EMAIL,
-         fail_silently=True, template=None, 
+         fail_silently=True, template=None,
          context=None, do_async=False, replyto=None):
     # make sure to is list
+    if isinstance(to, str):
+        if "," in to:
+            to = [t.strip() for t in to.split(',')]
+        elif ";" in to:
+            to = [t.strip() for t in to.split(';')]
     if not isinstance(to, (tuple, list)):
         to = [to]
     # if template lets render
@@ -158,7 +163,8 @@ def sendMail(msg, sender, recipients, fail_silently=True):
 
 def makeAttachment(filename, data):
     atment = UberDict(name=filename, data=data)
-    atment.mimetype, junk = mimetypes.MimeTypes().guess_type(filename)
+    # atment.mimetype, junk = mimetypes.MimeTypes().guess_type(filename)
+    atment.mimetype = filetypes.guess_type(filename)
     return atment
 
 
@@ -254,5 +260,3 @@ def render_to_mail(name, context):
         body = html_content
 
     send(toaddrs, subject, body=body, from_email=fromaddr, do_async=True, replyto=replyto)
-
-

rest/models/base.py

@@ -1226,8 +1226,8 @@ class RestModel(object):
     @classmethod
     def on_rest_batch(cls, request, action):
         # this method is called when rest_batch='somme action'
-        if not ALLOW_BATCHING or not getattr(cls.RestMeta, "CAN_BATCH", True):
-            return GRAPH_HELPERS.restStatus(request, False, error="model does not allow batch actions")
+        if not ALLOW_BATCHING or not getattr(cls.RestMeta, "CAN_BATCH", False):
+            raise re.PermissionDeniedException(f"{cls.__name__} model does not allow batch actions", 439)
         cls._boundRest()
         # if not request.member.hasPerm("can_batch_update"):
         #     raise re.PermissionDeniedException(f"batch updated not allowed by user")
@@ -1246,7 +1246,7 @@ class RestModel(object):
             if not can_delete:
                 raise re.PermissionDeniedException(f"deletion not allowed for {cls.get_class_name()}", 438)
             count = qset.delete()[0]
-            return GRAPH_HELPERS.restStatus(request, True, error="delete {} items".format(count))
+            return GRAPH_HELPERS.restStatus(request, True, error="deleted {} items".format(count))
         elif action == "update":
             update_fields = request.DATA.get(["batch_data", "batch_update"])
             if not isinstance(update_fields, dict):