def	get(self):
		try:  
			i = Invitation.get(self.request.get('invitation', ''))
			if i is None:
				self.redirect("/")
				return
			# only allow privilege increase, when the project and the code matches the stored Invitation instance
			if int(self.request.get('code', 0))==i.code and str(self.request.get('project', ''))==str(i.project.key()):
				# check for existing access to project
				rights = ProjectRights.gql("WHERE user=:user and project=:project", user=users.get_current_user(), project=i.project).get()
				# edit rights
				if not rights:
					rights = ProjectRights(project=i.project, user=users.GetCurrentUser(), right=i.right)
				# possibly upgrade rights
				if rights.right<i.right:
					rights.right = i.right
				rights.put()
				# delete invitation
				i.delete()
			else:
				# invalid invitation
				raise Exception("Invalid invitation %(p1)s!=%(p2)s" % {'p1': self.request.get('project', ''), 'p2':i.project.key() } )
			# redirect to project summary, even if we can not increase privilege
			self.redirect("/summary?project=%(project)s" % { 'project': i.project.key() } )
		except BadKeyError:
			# 
			self.redirect("/summary?project=%(project)s" % { 'project': self.request.get('project', 'invalid')} )
			return 
	def	post(self):
		action = self.request.get('action', 'add')
		if action == 'add':
			if len(self.request.get('name'))<2:
				raise Exception("project name must be at least 2 characters long")
			if len(self.request.get('currency'))<1:
				raise Exception("project currency must be at least one character long")
			# create the project and return the new location to go to
			project = Project(name=self.request.get('name'), currency=self.request.get('currency'))
			project.put()
			# add access rights for this user to the new project
			rights = ProjectRights(project=project, user=users.GetCurrentUser(), right=Security.Right_Owner)
			rights.put()
			# redirect to summary
			self.response.out.write("/summary?project=%(key)s" % {'key':project.key()})
		elif action == 'delete':
			# remove me from the projects right list
			project = Project.get(self.request.get('project', ''))
			if (not project):
				raise Exception("Unknown project!")
			# check rights of current user for this project, and deny access if not permitable
			rights = ProjectRights.gql("WHERE user=:user and project=:project", user=users.get_current_user(), project=project).get()
			if rights:
				rights.delete()
			# redirect to my page
			self.response.out.write("/")
		else:
			raise Exception("Unknown action '%(action)s'!" % {'action':action})