Beispiel #1
0
	def _do_named(self, token):
		try:
			if token is None:
				list = None
			else:
				list = NamedToken.get(token)
		except BadKeyError:
			if self.user is None:
				logging.error("User (%s) tried to specify illegal named key: %s" % (self.request.remote_addr, token))
			else:
				logging.error("User (%s:%s:%s) tried to specify illegal named key: %s" % (self.user.nickname(),self.user.user_id(),self.request.remote_addr, token))
			self.clear_cookies()
			self.set_error('You specified a token that does not exist in the database.  This could be because it has cycled off (an old list) or a bad link.')
			return
				
		if list is None:
			self.clear_cookies()
			self.set_error(None)
			return
		else:
			self.response.set_cookie('T',token, max_age=self.COOKIE_AGE)
			self.response.delete_cookie('S')
			self.response.set_cookie('Y',"named", max_age=self.COOKIE_AGE)
			if list.owner.user_id() == self.user.user_id():
				self.response.set_cookie('N', list.itemlist_name, max_age=self.COOKIE_AGE)	
			else:
				self.response.delete_cookie('N')
				
			self.set_error(None, list.itemlist_json)
			return
Beispiel #2
0
	def _do_named(self, token):
		try:
			if token is None:
				read_list = None
			else:
				read_list = NamedToken.get(token)
		except BadKeyError:
				self.clear_cookies()
				read_list = None
				
		if self.user is not None:
			if read_list is None:
				if (self.request.cookies['N'] is not None):
					write_list = NamedToken(itemlist_name=self.request.cookies['N'],
																	itemlist_json=self.request.str_POST['itemList'])
					self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
					self.response.delete_cookie('S')
					self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)		
				else:
					write_list = UnauthenticatedToken(itemlist_json=self.request.str_POST['itemList'],
					                                  last_ip=self.request.remote_addr,
					                                  security_string = "".join(random.sample(string.digits+string.ascii_letters,10)))
					self.response.delete_cookie('N')
					self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
					self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)		
			else:
				if read_list.owner.user_id() == self.user.user_id() and self.request.cookies['C'] is None:
					write_list = read_list
					write_list.itemlist_json = self.request.str_POST['itemList']
					self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
					self.response.delete_cookie('S')
					self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)		
				else:
					self.response.delete_cookie('C')
					if (self.request.cookies['N'] is not None):
						write_list = NamedToken(itemlist_name=self.request.cookies['N'],
																		itemlist_json=self.request.str_POST['itemList'])
						self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
						self.response.delete_cookie('S')
						self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)		
					else:
						write_list = UnauthenticatedToken(itemlist_json=self.request.str_POST['itemList'],
						                                  last_ip=self.request.remote_addr,
						                                  security_string = "".join(random.sample(string.digits+string.ascii_letters,10)))
						self.response.delete_cookie('N')
						self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
						self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)		
				
				write_list.put()
				self.response.set_cookie('T', write_list.key(), max_age=self.COOKIE_AGE)
			
			self.set_error(None);
Beispiel #3
0
	def _do_named(self, token):
		try:
			if token is None:
				read_list = None
			else:	
				read_list = NamedToken.get(token)
		except BadKeyError:
			if self.user is None:
				logging.error("User (%s) tried to specify illegal named key: %s" % (self.request.remote_addr, token))
			else:
				logging.error("User (%s:%s:%s) tried to specify illegal named key: %s" % (self.user.nickname(),self.user.user_id(),self.request.remote_addr, token))
			self.clear_cookies()
			self.set_error('You specified a token that does not exist in the database.  This could be because it has cycled off (an old list) or a bad link.')
			return
			
		if (read_list is None) or (self.user.user_id() != read_list.owner.user_id()):
			self.clear_cookies()
			self.set_error('You are not the owner of this list.')
		else:
			read_list.delete()
			self.clear_cookies()
			self.set_error(None)