def GET(self, action): web.header("Content-Type", "application/json") set_no_cache() # check if we have the action if action not in self.GET_ACTIONS: return error.wrong_action() # get the input data if we have the spec if action in self.VALIDATE_SPECS: d = get_input(self.VALIDATE_SPECS[action]) uuid = session.get("uuid", None) if not uuid: return error.not_logged_in() if action == "stream": param = spec.extract(self.EXTRACT_SPECS["stream_request"], d) if param["type"] == "user": if not param["uid"]: raise web.badrequest() elif param["type"] == "list": if not param["list_id"]: raise web.badrequest() ret = db.stream(uuid, **param) if "error" in ret: return jsond(ret) else: return jsond(spec.extract(self.EXTRACT_SPECS["stream_response"], ret)) elif action == "current_user": u = db.get_user(uuid) return jsond(spec.extract(self.EXTRACT_SPECS["current_user"], u)) elif action == "userinfo": u = db.find_user(d.uid) if not u: return error.user_not_found() u["isfollowing"] = bson.objectid.ObjectId(uuid) in u["follower"] return jsond(spec.extract(self.EXTRACT_SPECS["userinfo"], u)) elif action == "get_following": param = spec.extract(self.EXTRACT_SPECS["userlist_request"], d) ret = db.get_following(uuid, **param) new_items = [spec.extract(self.EXTRACT_SPECS["userinfo"], u) for u in ret["items"]] ret["items"] = new_items return jsond(ret) elif action == "get_follower": param = spec.extract(self.EXTRACT_SPECS["userlist_request"], d) ret = db.get_follower(uuid, **param) new_items = [spec.extract(self.EXTRACT_SPECS["userinfo"], u) for u in ret["items"]] ret["items"] = new_items return jsond(ret) elif action == "get_message": ret = db.get_message(uuid, d.msg_id) if "error" in ret: return jsond(ret) else: return jsond(spec.extract(self.EXTRACT_SPECS["stream_response"], ret)) elif action == "validate": act = d.action if act in self.VALIDATE_SPECS: errors = spec.validate(self.VALIDATE_SPECS[act], web.input()) if errors: return jsond(errors) else: return jsond({"success": 1}) else: return error.wrong_action() elif action == "recommend_user": return jsond({"users": [spec.extract(self.EXTRACT_SPECS["userinfo"], u) for u in db.recommend_user(uuid)]}) elif action == "get_lists": ret = db.get_lists(uuid, d.get("uid")) if "error" in ret: return jsond(ret) else: return jsond({"items": [spec.extract(self.EXTRACT_SPECS["listinfo"], l) for l in ret]}) elif action == "get_list_info": ret = db.get_list_info(uuid, d["id"]) if "error" in ret: return jsond(ret) else: return jsond(spec.extract(self.EXTRACT_SPECS["listinfo"], ret)) elif action == "get_list_users": param = spec.extract(self.EXTRACT_SPECS["list_userlist_request"], d) ret = db.get_list_users(uuid, param["id"], param["skip"]) new_items = [spec.extract(self.EXTRACT_SPECS["userinfo"], u) for u in ret["items"]] ret["items"] = new_items return jsond(ret) elif action == "search": req = spec.extract(self.EXTRACT_SPECS["search_request"], d) ret = db.search(uuid, **req) if "error" in ret: return jsond(ret) else: return jsond(spec.extract(self.EXTRACT_SPECS["stream_response"], ret)) return error.not_implemented()
def POST(self, action): if action == "upload_photo": # this is to prevent IE from downloading the JSON. web.header("Content-Type", "text/plain") else: web.header("Content-Type", "application/json") set_no_cache() # check if we have the action if action not in self.POST_ACTIONS: return error.wrong_action() # get the input data if we have the spec if action in self.VALIDATE_SPECS: d = get_input(self.VALIDATE_SPECS[action]) # act if action == "register": return jsond(db.register(d.uid, d.email, d.password)) elif action == "login": u = db.checkLogin(d.uid, d.password) if u: session.uuid = str(u["_id"]) return jsond({"uid": u["uid"]}) else: return error.wrong_login() # check login uuid = session.get("uuid", None) if not uuid: return error.not_logged_in() if action == "follow": return jsond(db.follow(uuid, d.uid)) elif action == "unfollow": return jsond(db.unfollow(uuid, d.uid)) elif action == "publish": req = spec.extract(self.EXTRACT_SPECS["publish_request"], d) return jsond(db.publish(uuid, **req)) elif action == "remove": req = spec.extract(self.EXTRACT_SPECS["remove_request"], d) return jsond(db.remove(uuid, **req)) elif action == "update_profile": u = db.update_profile(uuid, d) return jsond(spec.extract(self.EXTRACT_SPECS["current_user"], u)) elif action == "upload_photo": try: d = web.input(photo={}) if "photo" in d: u = db.get_user(uuid) photo.resize_save(u["uid"], d.photo.file) if db.update_photo(uuid, True).has_key("success"): return jsond({"success": 1}) return error.photo_upload_failed() except Exception, e: traceback.print_exc() return error.photo_upload_failed()
if "photo" in d: u = db.get_user(uuid) photo.resize_save(u["uid"], d.photo.file) if db.update_photo(uuid, True).has_key("success"): return jsond({"success": 1}) return error.photo_upload_failed() except Exception, e: traceback.print_exc() return error.photo_upload_failed() elif action == "logout": session.kill() return jsond({"success": 1}) elif action == "create_list": return jsond(db.create_list(uuid, d.name)) elif action == "remove_list": return jsond(db.remove_list(uuid, d["id"])) elif action == "add_to_list": return jsond(db.add_to_list(uuid, d["id"], d.uid)) elif action == "remove_from_list": return jsond(db.remove_from_list(uuid, d["id"], d.uid)) return error.not_implemented() # export wsgi application application = app.wsgifunc()
def POST(self, action): if action == 'upload_photo': # this is to prevent IE from downloading the JSON. web.header('Content-Type', 'text/plain') else: web.header('Content-Type', 'application/json') set_no_cache() # check if we have the action if action not in self.POST_ACTIONS: return error.wrong_action() # get the input data if we have the spec if action in self.VALIDATE_SPECS: d = get_input(self.VALIDATE_SPECS[action]) # act if action == 'register': return jsond(db.register(d.uid, d.email, d.password)) elif action == 'login': u = db.checkLogin(d.uid, d.password) if u: session.uuid = str(u['_id']) return jsond({'uid': u['uid']}) else: return error.wrong_login() # check login uuid = session.get('uuid', None) if not uuid: return error.not_logged_in() if action == 'follow': return jsond(db.follow(uuid, d.uid)) elif action == 'unfollow': return jsond(db.unfollow(uuid, d.uid)) elif action == 'publish': req = spec.extract(self.EXTRACT_SPECS['publish_request'], d) return jsond(db.publish(uuid, **req)) elif action == 'remove': req = spec.extract(self.EXTRACT_SPECS['remove_request'], d) return jsond(db.remove(uuid, **req)) elif action == 'update_profile': u = db.update_profile(uuid, d) return jsond(spec.extract(self.EXTRACT_SPECS['current_user'], u)) elif action == 'upload_photo': try: d = web.input(photo={}) if 'photo' in d: u = db.get_user(uuid) photo.resize_save(u['uid'], d.photo.file) if db.update_photo(uuid, True).has_key('success'): return jsond({'success': 1}) return error.photo_upload_failed() except Exception, e: traceback.print_exc() return error.photo_upload_failed()
def GET(self, action): web.header('Content-Type', 'application/json') set_no_cache() # check if we have the action if action not in self.GET_ACTIONS: return error.wrong_action() # get the input data if we have the spec if action in self.VALIDATE_SPECS: d = get_input(self.VALIDATE_SPECS[action]) uuid = session.get('uuid', None) if not uuid: return error.not_logged_in() if action == 'stream': param = spec.extract(self.EXTRACT_SPECS['stream_request'], d) if param['type'] == 'user': if not param['uid']: raise web.badrequest() elif param['type'] == 'list': if not param['list_id']: raise web.badrequest() ret = db.stream(uuid, **param) if 'error' in ret: return jsond(ret) else: return jsond( spec.extract(self.EXTRACT_SPECS['stream_response'], ret)) elif action == 'current_user': u = db.get_user(uuid) return jsond(spec.extract(self.EXTRACT_SPECS['current_user'], u)) elif action == 'userinfo': u = db.find_user(d.uid) if not u: return error.user_not_found() u['isfollowing'] = bson.objectid.ObjectId(uuid) in u['follower'] return jsond(spec.extract(self.EXTRACT_SPECS['userinfo'], u)) elif action == 'get_following': param = spec.extract(self.EXTRACT_SPECS['userlist_request'], d) ret = db.get_following(uuid, **param) new_items = [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in ret['items'] ] ret['items'] = new_items return jsond(ret) elif action == 'get_follower': param = spec.extract(self.EXTRACT_SPECS['userlist_request'], d) ret = db.get_follower(uuid, **param) new_items = [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in ret['items'] ] ret['items'] = new_items return jsond(ret) elif action == 'get_message': ret = db.get_message(uuid, d.msg_id) if 'error' in ret: return jsond(ret) else: return jsond( spec.extract(self.EXTRACT_SPECS['stream_response'], ret)) elif action == 'validate': act = d.action if act in self.VALIDATE_SPECS: errors = spec.validate(self.VALIDATE_SPECS[act], web.input()) if errors: return jsond(errors) else: return jsond({'success': 1}) else: return error.wrong_action() elif action == 'recommend_user': return jsond({ 'users': [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in db.recommend_user(uuid) ] }) elif action == 'get_lists': ret = db.get_lists(uuid, d.get('uid')) if 'error' in ret: return jsond(ret) else: return jsond({ 'items': [ spec.extract(self.EXTRACT_SPECS['listinfo'], l) for l in ret ] }) elif action == 'get_list_info': ret = db.get_list_info(uuid, d['id']) if 'error' in ret: return jsond(ret) else: return jsond(spec.extract(self.EXTRACT_SPECS['listinfo'], ret)) elif action == 'get_list_users': param = spec.extract(self.EXTRACT_SPECS['list_userlist_request'], d) ret = db.get_list_users(uuid, param['id'], param['skip']) new_items = [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in ret['items'] ] ret['items'] = new_items return jsond(ret) elif action == 'search': req = spec.extract(self.EXTRACT_SPECS['search_request'], d) ret = db.search(uuid, **req) if 'error' in ret: return jsond(ret) else: return jsond( spec.extract(self.EXTRACT_SPECS['stream_response'], ret)) return error.not_implemented()
class api: GET_ACTIONS = set('stream current_user userinfo get_message validate\ get_following get_follower recommend_user search\ get_lists get_list_info get_list_users'.split()) POST_ACTIONS = set('register login logout publish remove follow unfollow\ update_profile upload_photo\ create_list remove_list add_to_list remove_from_list'.split()) FILTERS = { 'uid': re.compile(r'[a-zA-Z][a-zA-Z0-9]+'), 'email': re.compile(r'(.+)@(.+).(.+)'), 'datetime': lambda _: _ and int(_) or None, 'objectid': lambda _: bson.objectid.ObjectId(_), 'positive_integer': lambda _: int(_) >= 0 } VALIDATE_SPECS = { 'register': { 'uid': FILTERS['uid'], 'email': FILTERS['email'], 'password': True }, 'login': { 'uid': FILTERS['uid'], 'password': True }, 'publish': { 'content': True, 'parent': (FILTERS['objectid'], False), 'type': (lambda _: _ in ['normal', 'reply', 'forward'], False) }, 'remove': { 'msg_id': FILTERS['objectid'] }, 'follow': { 'uid': FILTERS['uid'] }, 'unfollow': { 'uid': FILTERS['uid'] }, 'userinfo': { 'uid': FILTERS['uid'] }, 'update_profile': { 'email': (FILTERS['email'], False) }, 'get_message': { 'msg_id': FILTERS['objectid'] }, 'validate': { 'action': True, }, 'stream': { 'olderThan': (FILTERS['datetime'], False), 'newerThan': (FILTERS['datetime'], False), 'uid': (FILTERS['uid'], False), 'list_id': (FILTERS['objectid'], False) }, 'get_following': { 'uid': FILTERS['uid'], 'skip': (FILTERS['positive_integer'], False) }, 'get_follower': { 'uid': FILTERS['uid'], 'skip': (FILTERS['positive_integer'], False) }, 'create_list': { 'name': str }, 'remove_list': { 'id': FILTERS['objectid'] }, 'add_to_list': { 'id': FILTERS['objectid'], 'uid': FILTERS['uid'] }, 'remove_from_list': { 'id': FILTERS['objectid'], 'uid': FILTERS['uid'] }, 'get_lists': { 'uid': (FILTERS['uid'], False) }, 'get_list_info': { 'id': FILTERS['objectid'] }, 'get_list_users': { 'id': FILTERS['objectid'], 'skip': (FILTERS['positive_integer'], False) }, 'search': { 'olderThan': (FILTERS['datetime'], False), 'newerThan': (FILTERS['datetime'], False), 'query': True } } EXTRACT_SPECS = { 'userinfo': { 'name': (spec.untaint, ''), 'uid': str, 'bio': (spec.untaint, ''), 'location': (spec.untaint, ''), 'web': (spec.untaint, ''), 'following': (len, []), 'follower': (len, []), 'photo': (spec.untaint, conf.default_photo_uri), 'isfollowing': (bool, False) }, 'current_user': { 'name': (spec.untaint, ''), 'email': spec.untaint, 'uid': str, 'bio': (spec.untaint, ''), 'location': (spec.untaint, ''), 'web': (spec.untaint, ''), 'following': (len, []), 'follower': (len, []), 'photo': (spec.untaint, conf.default_photo_uri) }, 'stream_item': { 'id': str, 'uid': spec.untaint, 'content': spec.untaint, 'timestamp': spec.untaint, 'entities': spec.untaint, 'parent': (spec.untaint, None), 'type': (spec.untaint, 'normal'), 'parent_message': (lambda _: _ and spec.extract( api.EXTRACT_SPECS['stream_item'], _) or None, None) }, 'stream_response': { 'has_more': spec.untaint, 'items': lambda items: [ spec.extract(api.EXTRACT_SPECS['stream_item'], item) for item in items ], 'users': lambda uid_dict: dict([( k, spec.extract(api.EXTRACT_SPECS['userinfo'], v)) for k, v in uid_dict.iteritems()]) }, 'stream_request': { 'olderThan': (lambda _: _ and util.parseTimestamp(int(_)) or None, None), 'newerThan': (lambda _: _ and util.parseTimestamp(int(_)) or None, None), 'uid': (spec.untaint, None), 'type': (str, 'normal'), 'list_id': (spec.untaint, None) }, 'publish_request': { 'content': spec.untaint, 'parent': (FILTERS['objectid'], None), 'type': (str, 'normal') }, 'remove_request': { 'msg_id': FILTERS['objectid'] }, # used by get_following/get_follower 'userlist_request': { 'uid': str, 'skip': (int, 0) }, # used by get_list_users 'list_userlist_request': { 'id': str, 'skip': (int, 0) }, 'listinfo': { 'id': str, 'name': spec.untaint, 'people': len, 'curator': str }, 'search_request': { 'olderThan': (lambda _: _ and util.parseTimestamp(int(_)) or None, None), 'newerThan': (lambda _: _ and util.parseTimestamp(int(_)) or None, None), 'query': spec.untaint } } def GET(self, action): web.header('Content-Type', 'application/json') set_no_cache() # check if we have the action if action not in self.GET_ACTIONS: return error.wrong_action() # get the input data if we have the spec if action in self.VALIDATE_SPECS: d = get_input(self.VALIDATE_SPECS[action]) uuid = session.get('uuid', None) if not uuid: return error.not_logged_in() if action == 'stream': param = spec.extract(self.EXTRACT_SPECS['stream_request'], d) if param['type'] == 'user': if not param['uid']: raise web.badrequest() elif param['type'] == 'list': if not param['list_id']: raise web.badrequest() ret = db.stream(uuid, **param) if 'error' in ret: return jsond(ret) else: return jsond( spec.extract(self.EXTRACT_SPECS['stream_response'], ret)) elif action == 'current_user': u = db.get_user(uuid) return jsond(spec.extract(self.EXTRACT_SPECS['current_user'], u)) elif action == 'userinfo': u = db.find_user(d.uid) if not u: return error.user_not_found() u['isfollowing'] = bson.objectid.ObjectId(uuid) in u['follower'] return jsond(spec.extract(self.EXTRACT_SPECS['userinfo'], u)) elif action == 'get_following': param = spec.extract(self.EXTRACT_SPECS['userlist_request'], d) ret = db.get_following(uuid, **param) new_items = [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in ret['items'] ] ret['items'] = new_items return jsond(ret) elif action == 'get_follower': param = spec.extract(self.EXTRACT_SPECS['userlist_request'], d) ret = db.get_follower(uuid, **param) new_items = [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in ret['items'] ] ret['items'] = new_items return jsond(ret) elif action == 'get_message': ret = db.get_message(uuid, d.msg_id) if 'error' in ret: return jsond(ret) else: return jsond( spec.extract(self.EXTRACT_SPECS['stream_response'], ret)) elif action == 'validate': act = d.action if act in self.VALIDATE_SPECS: errors = spec.validate(self.VALIDATE_SPECS[act], web.input()) if errors: return jsond(errors) else: return jsond({'success': 1}) else: return error.wrong_action() elif action == 'recommend_user': return jsond({ 'users': [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in db.recommend_user(uuid) ] }) elif action == 'get_lists': ret = db.get_lists(uuid, d.get('uid')) if 'error' in ret: return jsond(ret) else: return jsond({ 'items': [ spec.extract(self.EXTRACT_SPECS['listinfo'], l) for l in ret ] }) elif action == 'get_list_info': ret = db.get_list_info(uuid, d['id']) if 'error' in ret: return jsond(ret) else: return jsond(spec.extract(self.EXTRACT_SPECS['listinfo'], ret)) elif action == 'get_list_users': param = spec.extract(self.EXTRACT_SPECS['list_userlist_request'], d) ret = db.get_list_users(uuid, param['id'], param['skip']) new_items = [ spec.extract(self.EXTRACT_SPECS['userinfo'], u) for u in ret['items'] ] ret['items'] = new_items return jsond(ret) elif action == 'search': req = spec.extract(self.EXTRACT_SPECS['search_request'], d) ret = db.search(uuid, **req) if 'error' in ret: return jsond(ret) else: return jsond( spec.extract(self.EXTRACT_SPECS['stream_response'], ret)) return error.not_implemented() def POST(self, action): if action == 'upload_photo': # this is to prevent IE from downloading the JSON. web.header('Content-Type', 'text/plain') else: web.header('Content-Type', 'application/json') set_no_cache() # check if we have the action if action not in self.POST_ACTIONS: return error.wrong_action() # get the input data if we have the spec if action in self.VALIDATE_SPECS: d = get_input(self.VALIDATE_SPECS[action]) # act if action == 'register': return jsond(db.register(d.uid, d.email, d.password)) elif action == 'login': u = db.checkLogin(d.uid, d.password) if u: session.uuid = str(u['_id']) return jsond({'uid': u['uid']}) else: return error.wrong_login() # check login uuid = session.get('uuid', None) if not uuid: return error.not_logged_in() if action == 'follow': return jsond(db.follow(uuid, d.uid)) elif action == 'unfollow': return jsond(db.unfollow(uuid, d.uid)) elif action == 'publish': req = spec.extract(self.EXTRACT_SPECS['publish_request'], d) return jsond(db.publish(uuid, **req)) elif action == 'remove': req = spec.extract(self.EXTRACT_SPECS['remove_request'], d) return jsond(db.remove(uuid, **req)) elif action == 'update_profile': u = db.update_profile(uuid, d) return jsond(spec.extract(self.EXTRACT_SPECS['current_user'], u)) elif action == 'upload_photo': try: d = web.input(photo={}) if 'photo' in d: u = db.get_user(uuid) photo.resize_save(u['uid'], d.photo.file) if db.update_photo(uuid, True).has_key('success'): return jsond({'success': 1}) return error.photo_upload_failed() except Exception, e: traceback.print_exc() return error.photo_upload_failed() elif action == 'logout': session.kill() return jsond({'success': 1})
if 'photo' in d: u = db.get_user(uuid) photo.resize_save(u['uid'], d.photo.file) if db.update_photo(uuid, True).has_key('success'): return jsond({'success': 1}) return error.photo_upload_failed() except Exception, e: traceback.print_exc() return error.photo_upload_failed() elif action == 'logout': session.kill() return jsond({'success': 1}) elif action == 'create_list': return jsond(db.create_list(uuid, d.name)) elif action == 'remove_list': return jsond(db.remove_list(uuid, d['id'])) elif action == 'add_to_list': return jsond(db.add_to_list(uuid, d['id'], d.uid)) elif action == 'remove_from_list': return jsond(db.remove_from_list(uuid, d['id'], d.uid)) return error.not_implemented() # export wsgi application application = app.wsgifunc()