def testBasicPublish(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
newShift.publish({"private": False})
# should exist in user/public db
theShift = Shift.load(core.connect(SSUser.publicDb(self.fakemary.id)),
newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
self.assertTrue(not theShift.publishData.draft)
self.assertTrue(not theShift.publishData.private)
# should exist in shiftspace/public db
theShift = Shift.load(core.connect("shiftspace/public"), newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
self.assertTrue(not theShift.publishData.draft)
self.assertTrue(not theShift.publishData.private)
# should exist in shiftspace/shared db
theShift = Shift.load(core.connect("shiftspace/shared"), newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
self.assertTrue(not theShift.publishData.draft)
self.assertTrue(not theShift.publishData.private)
# should _not_ exist in user/private db
theShift = Shift.load(core.connect(SSUser.privateDb(self.fakemary.id)),
newShift.id)
self.assertEqual(theShift, None)
def publish(self, id):
# NOTE: should maybe take publishData url parameter - David 9/5/2009
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
publishData = json.loads(helper.getRequestBody())
# convert targets to actual database references
if publishData.get("targets"):
from server.models.group import Group
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
targets = publishData["targets"]
# convert short names to group ids
shortNames = [target[1:] for target in targets if target[0] == "&"]
groupIds = Group.shortNamesToIds(shortNames)
# convert user name to user ids
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
# create list of dbs being published to
dbs = [Group.db(groupId) for groupId in groupIds]
# validate groups
writeable = theUser.writeable()
if not set(dbs).issubset(set(writeable)):
return error(
"Operation not permitted. You don't have permission to publish to some of these groups",
PermissionError)
# TODO: validate against blocked users - David 2/15/10
dbs.extend([SSUser.db(userId) for userId in userIds])
publishData["dbs"] = dbs
return data(theShift.publish(publishData))
def publish(self, id):
# NOTE: should maybe take publishData url parameter - David 9/5/2009
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
publishData = json.loads(helper.getRequestBody())
# convert targets to actual database references
if publishData.get("targets"):
from server.models.group import Group
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
targets = publishData["targets"]
# convert short names to group ids
shortNames = [target[1:] for target in targets if target[0] == "&"]
groupIds = Group.shortNamesToIds(shortNames)
# convert user name to user ids
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
# create list of dbs being published to
dbs = [Group.db(groupId) for groupId in groupIds]
dbs.extend([SSUser.db(userId) for userId in userIds])
# validate
writeable = theUser.writeable()
if set(writeable) != set(dbs):
return error("Operation not permitted. You don't have permission to publish to some of these gruops", PermissionError)
publishData["dbs"] = dbs
return data(theShift.publish(publishData))
def update(self, fields, updateDbs=True):
from server.models.ssuser import SSUser
if fields.get("content"):
self.content = fields.get("content")
if fields.get("summary"):
self.summary = self.content["summary"] = fields.get("summary")
if fields.get("broken"):
self.broken = fields.get("broken")
if fields.get("dbs"):
self.dbs = list(set(self.dbs.extend(fields.get("dbs"))))
self.modified = datetime.now()
# update the correct user db
if self.publishData.private:
db = SSUser.privateDb(self.createdBy)
else:
db = SSUser.publicDb(self.createdBy)
self.store(core.connect(db))
core.replicate(db, "shiftspace/shared")
# update followers and groups
if updateDbs:
for db in self.publishData.dbs:
dbtype, dbid = db.split("/")
if dbtype == "group":
from server.models.group import Group
Group.read(dbid).updateShift(self)
return Shift.joinData(self, self.createdBy)
def update(self, fields, updateDbs=True):
from server.models.ssuser import SSUser
if fields.get("content"):
self.content = fields.get("content")
if fields.get("summary"):
self.summary = self.content["summary"] = fields.get("summary")
if fields.get("broken"):
self.broken = fields.get("broken")
if fields.get("dbs"):
self.dbs = list(set(self.dbs.extend(fields.get("dbs"))))
self.modified = datetime.now()
# update the correct user db
if self.publishData.private:
db = SSUser.privateDb(self.createdBy)
else:
db = SSUser.publicDb(self.createdBy)
self.store(core.connect(db))
core.replicate(db, "shiftspace/shared")
# update followers and groups
if updateDbs:
for db in self.publishData.dbs:
dbtype, dbid = db.split("/")
if dbtype == "group":
from server.models.group import Group
Group.read(dbid).updateShift(self)
return Shift.joinData(self, self.createdBy)
def read(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName, UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
canReadFull = loggedInUser.canReadFull(theUser)
return data(theUser.toDict((loggedInUser and canReadFull)))
def unfollow(self, userName):
theUser = SSUser.read(helper.getLoggedInUser())
followed = SSUser.readByName(userName)
if theUser.id == followed.id:
return error("You cannot unfollow yourself.", FollowError)
else:
theUser.unfollow(followed)
return data(followed)
def read(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName,
UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
canReadFull = loggedInUser.canReadFull(theUser)
return data(theUser.toDict((loggedInUser and canReadFull)))
def unreadCount(self, userName):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(theUser.unreadCount())
else:
return error("You do not have permission to view this user's unread count.", PermissionError)
def unfollow(self, userName):
theUser = SSUser.read(helper.getLoggedInUser())
followed = SSUser.readByName(userName)
if theUser.id == followed.id:
return error("You cannot unfollow yourself.", FollowError)
else:
theUser.unfollow(followed)
return data(followed)
def groups(self, userName, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(otherUser.groups(start=start, end=end, limit=limit))
else:
return error("You don't have permission to view this user's groups.", PermissionError)
def create(cls, shiftJson):
from server.models.ssuser import SSUser
newShift = Shift(**utils.clean(shiftJson))
createdBy = newShift.createdBy
db = core.connect(SSUser.privateDb(createdBy))
newShift.domain = utils.domain(newShift.href)
newShift.store(db)
core.replicate(SSUser.privateDb(createdBy), "shiftspace/shared")
return Shift.joinData(newShift, newShift.createdBy)
def makeAdmin(self, id, userId):
from server.models.ssuser import SSUser
theGroup = Group.read(id)
theUser = SSUser.read(helper.getLoggedInUser())
if theUser.isAdminOf(theGroup):
otherUser = SSUser.read(userId)
theGroup.setPrivilege(otherUser, 3)
return ack
else:
return error("You don't have permission to promote members of this group to admin.", PermissionError)
def delete(self):
from server.models.ssuser import SSUser
db = core.connect(SSUser.privateDb(self.createdBy))
if db.get(self.id):
del db[self.id]
else:
db = core.connect(SSUser.publicDb(self.createdBy))
if db.get(self.id):
del db[self.id]
core.replicate(db.name, "shiftspace/shared")
def update(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName, UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
theData = json.loads(helper.getRequestBody())
return data(theUser.update(theData))
else:
return error("Operation not permitted. You don't have permission to update this account.")
def groups(self, userName, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(otherUser.groups(start=start, end=end, limit=limit))
else:
return error(
"You don't have permission to view this user's groups.",
PermissionError)
def unreadCount(self, userName):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(theUser.unreadCount())
else:
return error(
"You do not have permission to view this user's unread count.",
PermissionError)
def delete(self):
from server.models.ssuser import SSUser
db = core.connect(SSUser.privateDb(self.createdBy))
if db.get(self.id):
del db[self.id]
else:
db = core.connect(SSUser.publicDb(self.createdBy))
if db.get(self.id):
del db[self.id]
core.replicate(db.name, "shiftspace/shared")
def create(cls, userId, shiftId, text, subscribe=False):
from server.models.ssuser import SSUser
from server.models.shift import Shift
from server.models.message import Message
# first try the public feed
theShift = Shift.load(core.connect("shiftspace/shared"), shiftId)
shiftAuthor = SSUser.load(core.connect(), theShift.createdBy)
theUser = SSUser.load(core.connect(), userId)
server = core.server()
# create the comment db if necessary
dbexists = True
if not theShift.hasThread():
server.create(Comment.db(shiftId))
dbexists = False
# get the db
db = core.connect(Comment.db(shiftId))
# if db just created, sync the views and subscribe shift author
if not dbexists:
Comment.by_created.sync(db)
Comment.all_subscribed.sync(db)
shiftAuthor.subscribe(theShift)
# subscribe the user making the comment
if not theUser.isSubscribed(theShift) and subscribe:
theUser.subscribe(theShift)
# create comment and comment stub
json = {
"createdBy": userId,
"shiftId": shiftId,
"shiftAuthor": theShift.createdBy,
"text": text,
}
newComment = Comment(**utils.clean(json))
newComment.store(db)
subscribers = theShift.subscribers()
# make a private copy
# TODO: need to think about the implications of a private copy here - David
newComment.copyTo(SSUser.privateDb(theUser.id))
# send each subscriber a message
if len(subscribers) > 0:
# TODO: needs to be optimized with a fast join - David
for subscriber in subscribers:
if subscriber != userId:
astr = ((subscriber == theShift.createdBy) and "your") or ("%s's" % shiftAuthor.userName)
json = {
"fromId": userId,
"toId": subscriber,
"title": "%s just commented on %s shift!" % (theUser.userName, astr),
"text": "%s just commented on %s shift!" % (theUser.userName, astr),
"meta": "comment"
}
Message.create(**utils.clean(json))
# TODO: don't replicate if peer - David 11/21/09
core.replicate(Comment.db(shiftId), "shiftspace/shared")
return newComment
def create(cls, shiftJson):
from server.models.ssuser import SSUser
cleaned = utils.clean(shiftJson)
sanitized = sanitizeShift(cleaned)
newShift = Shift(**sanitized)
createdBy = newShift.createdBy
db = core.connect(SSUser.privateDb(createdBy))
newShift.domain = utils.domain(newShift.href)
newShift.store(db)
core.replicate(SSUser.privateDb(createdBy), "shiftspace/shared")
return Shift.joinData(newShift, newShift.createdBy)
def create(cls, userId, shiftId, text, subscribe=False):
from server.models.ssuser import SSUser
from server.models.shift import Shift
from server.models.message import Message
# first try the public feed
theShift = Shift.load(core.connect("shiftspace/shared"), shiftId)
shiftAuthor = SSUser.load(core.connect(), theShift.createdBy)
theUser = SSUser.load(core.connect(), userId)
server = core.sharedServer()
# create the comment db if necessary
dbexists = True
if not theShift.hasThread():
server.create(Comment.db(shiftId))
dbexists = False
# get the db
db = core.connect(Comment.db(shiftId))
# if db just created, sync the views and subscribe shift author
if not dbexists:
Comment.by_created.sync(db)
Comment.all_subscribed.sync(db)
shiftAuthor.subscribe(theShift)
# subscribe the user making the comment
if not theUser.isSubscribed(theShift) and subscribe:
theUser.subscribe(theShift)
# create comment and comment stub
json = {
"createdBy": userId,
"shiftId": shiftId,
"shiftAuthor": theShift.createdBy,
"text": text,
}
newComment = Comment(**utils.clean(json))
newComment.store(db)
subscribers = theShift.subscribers()
# make a private copy
# TODO: need to think about the implications of a private copy here - David
newComment.copyTo(SSUser.privateDb(theUser.id))
# send each subscriber a message
if len(subscribers) > 0:
# TODO: needs to be optimized with a fast join - David
for subscriber in subscribers:
if subscriber != userId:
astr = ((subscriber == theShift.createdBy) and "your") or ("%s's" % shiftAuthor.userName)
json = {
"fromId": userId,
"toId": subscriber,
"title": "%s just commented on %s shift!" % (theUser.userName, astr),
"text": "%s just commented on %s shift!" % (theUser.userName, astr),
"meta": "comment"
}
Message.create(**utils.clean(json))
# TODO: don't replicate if peer - David 11/21/09
core.replicate(Comment.db(shiftId), "shiftspace/shared")
return newComment
def share(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift or theShift.publishData.private:
return error("You don't have permission to view this shift.", PermissionError)
targets = users.split(" ")
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
return ack
def share(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift or theShift.publishData.private:
return error("You don't have permission to view this shift.",
PermissionError)
targets = users.split(" ")
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
return ack
def delete(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName, UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
if theUser.id == loggedInUser.id:
helper.setLoggedInUser(None)
theUser.delete()
return ack
else:
return error("Operation not permitted. You don't have permission to delete this account.")
def inviteUsers(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
groupAdmin = SSUser.read(loggedInUser)
theGroup = Group.read(id)
if groupAdmin.isAdminOf(theGroup):
db = core.connect()
users = SSUser.all(db, keys=json.loads(users))
for user in users:
groupAdmin.inviteUser(theGroup, user)
return data(theGroup)
else:
return error("Operation not permitted. You don't have permission to modify this group", PermissionError)
def update(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName,
UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
theData = json.loads(helper.getRequestBody())
return data(theUser.update(theData))
else:
return error(
"Operation not permitted. You don't have permission to update this account."
)
def read(cls, id, userId=None):
from server.models.ssuser import SSUser
if userId != None:
# then try the user public
db = core.connect(SSUser.publicDb(userId))
theShift = Shift.load(db, id)
if not theShift:
# then user private
db = core.connect(SSUser.privateDb(userId))
theShift = Shift.load(db, id)
else:
theShift = Shift.load(core.connect("shiftspace/shared"), id)
if theShift:
return Shift.joinData(theShift, theShift.createdBy)
def shifts(self, userName, start=None, end=None, limit=25, filter=False, query=None):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if query != None:
query = json.loads(query)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(otherUser.shifts(start=start,
end=end,
limit=limit,
filter=filter,
query=query))
else:
return error("You don't have permission to view this user's shifts.", PermissionError)
def markRead(self, value=True):
from server.models.ssuser import SSUser
db = core.connect(SSUser.messagesDb(self.toId))
if value:
if not self.isRead():
db[Message.makeReadId(self.id, self.toId)] = {
"type": "message-read",
"msgId": self.id,
"toId": self.toId,
}
else:
del db[Message.makeReadId(self.id, self.toId)]
core.replicate(SSUser.messagesDb(self.toId), "shiftspace/shared")
return self
def create(cls, fromId, toId, title, text, meta="generic", content=None):
from server.models.ssuser import SSUser
db = core.connect(SSUser.messagesDb(toId))
json = {
"fromId": fromId,
"toId": toId,
"title": text,
"text": text,
"meta": meta,
"content": content or {}
}
newMessage = Message(**utils.clean(json))
newMessage.store(db)
core.replicate(SSUser.messagesDb(toId), "shiftspace/shared")
return newMessage
def delete(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName,
UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
if theUser.id == loggedInUser.id:
helper.setLoggedInUser(None)
theUser.delete()
return ack
else:
return error(
"Operation not permitted. You don't have permission to delete this account."
)
def create(cls, userId, groupId, otherId, level):
from server.models.ssuser import SSUser
from server.models.group import Group
db = core.connect()
if not groupId:
raise MissingGroupError
if not userId:
raise MissingCreatorError
if Permission.readByUserAndGroup(otherId, groupId):
raise PermissionAlreadyExistsError
adminable = [
row.value for row in Permission.by_adminable(db, key=userId).rows
]
allowed = groupId in adminable
if not allowed:
theUser = SSUser.read(userId)
allowed = theUser.isAdmin()
if not allowed:
theGroup = Group.read(groupId)
allowed = theUser.isOwnerOf(theGroup)
if not allowed:
raise CreateEventPermissionError
json = {
"createdBy": userId,
"userId": otherId,
"groupId": groupId,
"level": level
}
newPermission = Permission(**utils.clean(json))
newPermission.store(db)
return newPermission
def shareWith(self, userIds, fromUser=None):
from server.models.message import Message
from server.models.ssuser import SSUser
users = core.fetch(keys=userIds)
if fromUser:
userName = fromUser.userName
else:
userName = SSUser.read(self.createdBy).userName
for user in users:
json = {
"fromId":
self.createdBy,
"toId":
user["_id"],
"title":
"%s has shared a shift with you!" % userName,
"text":
"%s has shared a shift titled '%s' with you!" %
(userName, self.summary),
"meta":
"share",
"content": {
"type": "shift",
"_id": self.id,
"href": self.href,
"summary": self.summary
}
}
Message.create(**json)
def create(cls, userId, groupId, otherId, level):
from server.models.ssuser import SSUser
from server.models.group import Group
db = core.connect()
if not groupId:
raise MissingGroupError
if not userId:
raise MissingCreatorError
if Permission.readByUserAndGroup(otherId, groupId):
raise PermissionAlreadyExistsError
adminable = [row.value for row in Permission.by_adminable(db, key=userId).rows]
allowed = groupId in adminable
if not allowed:
theUser = SSUser.read(userId)
allowed = theUser.isAdmin()
if not allowed:
theGroup = Group.read(groupId)
allowed = theUser.isOwnerOf(theGroup)
if not allowed:
raise CreateEventPermissionError
json = {
"createdBy": userId,
"userId": otherId,
"groupId": groupId,
"level": level
}
newPermission = Permission(**utils.clean(json))
newPermission.store(db)
return newPermission
def shifts(self,
byHref=None,
byDomain=None,
byFollowing=False,
byGroups=False,
bySpace=None,
start=0,
limit=25,
count=False,
filter=False,
query=None,
all=False):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
if loggedInUser:
theUser = SSUser.read(loggedInUser)
else:
theUser = None
if query != None:
query = json.loads(query)
allShifts = Shift.shifts(user=theUser,
byHref=byHref,
byDomain=byDomain,
byFollowing=byFollowing,
byGroups=byGroups,
bySpace=bySpace,
start=start,
limit=limit,
filter=filter,
query=query,
all=False)
if count:
return data(len(allShifts))
else:
return data(allShifts)
def read(cls, id, userId=None):
db = core.connect("shiftspace/shared")
theMessage = Message.load(db, id)
if theMessage == None and userId:
db = core.connect(SSUser.messagesDb(userId))
theMessage = Message.load(db, id)
return Message.joinData(theMessage, userId)
def comment(self, id):
loggedInUser = helper.getLoggedInUser()
jsonData = helper.getRequestBody()
if jsonData != "":
theShift = Shift.read(id, userId=loggedInUser)
if not theShift:
return error("Shift does not exist.",
ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift",
ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
theData = json.loads(jsonData)
if theUser.canRead(theShift):
from server.models.comment import Comment
Comment.create(theUser.id, theShift.id, theData["text"],
theData.get("subscribe") or False)
return data(Shift.read(theShift.id, theUser.id))
else:
return error(
"Operation not permitted. You don't have permission to comment on this shift.",
PermissionError)
else:
return error("No data for comment.", NoDataError)
def testBasicPublish(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
newShift.publish({"private":False})
# should exist in user/public db
theShift = Shift.load(core.connect(SSUser.publicDb(self.fakemary.id)), newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
# should exist in master/public db
theShift = Shift.load(core.connect("shiftspace/public"), newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
# should exist in shiftspace/shared db
theShift = Shift.load(core.connect("shiftspace/shared"), newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
# should _not_ exist in user/private db
theShift = Shift.load(core.connect(SSUser.privateDb(self.fakemary.id)), newShift.id)
self.assertEqual(theShift, None)
def members(self, id):
from server.models.ssuser import SSUser
theGroup = Group.read(id)
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
if theUser.isAdminOf(theGroup):
return data(theGroup.members())
else:
return error("You don't have permission to view this groups members", PermissionError)
def logout(self):
loggedInUser = helper.getLoggedInUser()
if loggedInUser:
theUser = SSUser.read(loggedInUser)
theUser.updateLastSeen()
helper.setLoggedInUser(None)
return ack
else:
return error("No user logged in.", AlreadyLoggedOutError)
def logout(self):
loggedInUser = helper.getLoggedInUser()
if loggedInUser:
theUser = SSUser.read(loggedInUser)
theUser.updateLastSeen()
helper.setLoggedInUser(None)
return ack
else:
return error("No user logged in.", AlreadyLoggedOutError)
def testUpdate(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
newShift.update({"summary":"changed!"})
theShift = Shift.read(newShift.id, self.fakemary.id)
self.assertEqual(theShift.summary, "changed!")
db = core.connect(SSUser.privateDb(self.fakemary.id))
del db[theShift.id]
def updateShift(self, aShift):
from server.models.ssuser import SSUser
author = SSUser.read(aShift.createdBy)
if author.isMemberOf(self):
grpdb = Group.db(self.id)
aShift.updateIn(grpdb)
else:
db = core.connect()
raise NotAMemberError("%s is not a member of %s" % (author.userName, self.longName))
def join(self, id):
from server.models.ssuser import SSUser
theGroup = Group.read(id)
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
if theUser.canJoin(theGroup):
theUser.join(theGroup)
return data(theGroup)
else:
return error("Operation not permitted. You don't have permission to join this group.", PermissionError)
def testRead(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
theShift = Shift.read(newShift.id, self.fakemary.id)
self.assertEqual(theShift.source.server, newShift.source.server)
self.assertEqual(theShift.source.database, newShift.source.database)
self.assertEqual(theShift.createdBy, self.fakemary.id)
db = core.connect(SSUser.privateDb(self.fakemary.id))
del db[theShift.id]
def read(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
theShift = Shift.read(id, loggedInUser)
if theShift and theUser.canRead(theShift):
return data(theShift)
else:
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
else:
return error("Operation not permitted. You don't have permission to view this shift. %s" % theShift, PermissionError)
def testPublishToUser(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
publishData = {
"dbs": [SSUser.db(self.fakejohn.id)]
}
newShift.publish(publishData)
# should exist in user feed
# TODO: in inbox if peer - David 11/18/09
theShift = Shift.load(core.connect("shiftspace/shared"), newShift.id)
self.assertEqual(theShift.summary, newShift.summary)
def comments(self, id, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theShift.isPublic() or theUser.canRead(theShift):
return data(theShift.comments(start=start, end=end, limit=limit))
else:
return error("Operation not permitted. You don't have permission to view comments on this shift.", PermissionError)
def shifts(self,
userName,
start=None,
end=None,
limit=25,
filter=False,
query=None):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if query != None:
query = json.loads(query)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(
otherUser.shifts(start=start,
end=end,
limit=limit,
filter=filter,
query=query))
else:
return error(
"You don't have permission to view this user's shifts.",
PermissionError)
def read(cls, id, userId=None, proxy=False):
from server.models.ssuser import SSUser
theShift = None
# then try the user public
if userId:
db = core.connect(SSUser.publicDb(userId))
theShift = Shift.load(db, id)
if not theShift:
# then user private
db = core.connect(SSUser.privateDb(userId))
theShift = Shift.load(db, id)
else:
db = core.connect("shiftspace/public")
theShift = Shift.load(db, id)
if userId and not theShift:
theUser = SSUser.read(userId)
aShift = Shift.load(core.connect("shiftspace/shared"), id)
if theUser.canRead(aShift):
theShift = aShift
if proxy:
theShift = Shift.load(core.connect("shiftspace/shared"), id)
if theShift:
return Shift.joinData(theShift, theShift.createdBy)
def read(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
theShift = Shift.read(id, loggedInUser)
if theShift and theUser.canRead(theShift):
return data(theShift)
else:
if not theShift:
return error("Resource does not exist.",
ResourceDoesNotExistError)
else:
return error(
"Operation not permitted. You don't have permission to view this shift. %s"
% theShift, PermissionError)
def comments(self, id, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, userId=loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theShift.isPublic() or theUser.canRead(theShift):
return data(theShift.comments(start=start, end=end, limit=limit))
else:
return error(
"Operation not permitted. You don't have permission to view comments on this shift.",
PermissionError)
def login(self, userName, password):
loggedInUser = helper.getLoggedInUser()
if not loggedInUser:
theUser = SSUser.readByName(userName)
if not theUser:
return error("Invalid user name.", InvalidUserNameError)
if theUser and (theUser.password == md5hash(password)):
helper.setLoggedInUser(theUser.id)
# TODO: perhaps don't update yet, might want to use for unread counts - David
theUser.updateLastSeen()
return data(theUser)
else:
return error("Incorrect password.", IncorrectPasswordError)
else:
return error("Already logged in.", AlreadyLoggedInError)
def unfavorite(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canRead(theShift):
return data(theUser.unfavorite(theShift))
else:
return error(
"Operation not permitted. You don't have permission to unfavorite this shift.",
PermissionError)
def join(self):
loggedInUser = helper.getLoggedInUser()
if loggedInUser:
return error("You are logged in. You cannot create an account.",
AlreadyLoggedInError)
theData = json.loads(helper.getRequestBody())
if theData.get("userName"):
theData["userName"] = theData["userName"].strip()
valid, msg, errType = self.isValid(theData)
result = None
if valid:
theUser = SSUser.create(theData)
helper.setLoggedInUser(theUser.id)
return data(theUser)
else:
return error(msg, errType)
def delete(self):
"""
Delete a single comment.
"""
from server.models.ssuser import SSUser
db = core.connect(SSUser.privateDb(self.createdBy))
try:
del db[self.id]
except:
pass
db = core.connect(Comment.db(self.shiftId))
try:
del db[self.id]
except:
pass
core.replicate(Comment.db(self.shiftId), "shiftspace/shared")
