def get(self):
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" %
(self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
else:
self.response.headers['Content-Type'] = 'text/plain'
#look for an item with the requested name
name = cgi.escape(self.request.get('object'))
version = cgi.escape(self.request.get('version'))
update = cgi.escape(self.request.get('update'))
#logging.info('%s checked %s version %s' % (self.request.headers['X-SecondLife-Owner-Name'], name, version))
item = tools.get_item(name, True)
if item is None:
self.response.out.write("NSO %s" % (name))
return
if item['baseprice'] > 0:
self.response.out.write("NSO %s" % (name))
logging.error(
'Rejecting request: Regquesting a paid item using the update check url by %s, vendor %s located in %s at %s. Item:%s'
% (self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name))
return
logging.debug('baseprice:%s' % item['baseprice'])
thisversion = 0.0
try:
thisversion = float(version)
except ValueError:
avname = self.request.headers['X-SecondLife-Owner-Name']
logging.error(
'%s is using %s with bad version "%s" and will be sent an update'
% (avname, name, version))
if thisversion < float(item['version']):
#get recipient key from http headers or request
rcpt = self.request.headers['X-SecondLife-Owner-Key']
#enqueue delivery, if queue does not already contain this delivery
name_version = "%s - %s" % (name, item['version'])
if update != "no":
if tools.enqueue_delivery(item['giver'], rcpt,
name_version,
self.request.host_url) == False:
self.error(403)
#queue = FreebieDelivery.gql("WHERE rcptkey = :1 AND itemname = :2", rcpt, name_version)
#if queue.count() == 0:
# delivery = FreebieDelivery(giverkey = item.freebie_giver, rcptkey = rcpt, itemname = name_version)
# delivery.put()
#in the future return null key instead of giver's key
self.response.out.write("%s|%s - %s" %
(null_key, name, item['version']))
else:
self.response.out.write('current')
def post(self):
#check linden IP and allowed avs
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" % (self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
# elif not distributors.Distributor_authorized(self.request.headers['X-SecondLife-Owner-Key']):
# logging.info("Illegal attempt to request an item from %s, box %s located in %s at %s" % (self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name'], self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']))
# self.error(403)
elif not db.WRITE_CAPABILITY.is_enabled():
self.response.set_status(503)
self.response.headders['Retry-After'] = 120
logging.info("Told that the db was down for maintenance to %s, box %s located in %s at %s" % (self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name'], self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']))
self.response.out.write('Currently down for maintenance')
else:
#populate a dictionary with what we've been given in post
#should be newline-delimited, token=value
lines = self.request.body.split('\n')
params = {}
for line in lines:
params[line.split('=')[0]] = line.split('=')[1]
try:
name = params['objname']
item = tools.get_item(name, True)
if item is None:
#could not find item to look up its deliverer. return an error
logging.error('Error, Paid item %s not found. Requested by %s using %s.' % (name, self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name']))
self.error(403)
return
name_version = "%s - %s" % (name, item['version'])
rcpt = self.request.headers['X-SecondLife-Owner-Key']
paid = int(params['paid'])
baseprice = int(item['baseprice'])
if paid >= baseprice:
pass
else:
logging.error('Rejecting request: Wrong price by %s, gift vendor %s located in %s at %s. Item:%s Item Price:%s Price Paid:%s' %
(self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name,
baseprice,
paid
))
self.error(403)
return
#need to record record here
record = Purchases(purchaser = rcpt, item = name, seller = self.request.headers['X-SecondLife-Owner-Key'], item_reciver = 'gift request', loc = '%s %s' % (self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']), vender_name = self.request.headers['X-SecondLife-Object-Name'], amount_paid = paid)
record.put()
#have the vendor transfer the money
self.response.out.write('pay|%s|%s|%s|%s|%s' % (moneyRcpt, paid, rcpt, name, record.key().id()))#do we need all of this?
except KeyError:
logging.error('Key error for paid Post gift vendor %s, queue entry: %s|%s %s' % (item['giver'], rcpt, name_version, sys.exc_info()))
self.error(403)
def item_api(item_id):
"""
Outputs item info,
takes item Id as argument
"""
target_item = get_item(item_id)
if target_item is None:
abort(404)
return jsonify(target_item.serialize())
def post(self):
#check linden IP and allowed avs
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" % (self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
elif not distributors.Distributor_authorized(self.request.headers['X-SecondLife-Owner-Key']):
logging.info("Illegal attempt to request an item from %s, box %s located in %s at %s" % (self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name'], self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']))
self.error(403)
else:
#populate a dictionary with what we've been given in post
#should be newline-delimited, token=value
lines = self.request.body.split('\n')
params = {}
for line in lines:
params[line.split('=')[0]] = line.split('=')[1]
try:
name = params['objname']
item = tools.get_item(name, True)
if item is None:
#could not find item to look up its deliverer. return an error
logging.error('Error, freebie %s not found. Requested by %s using %s.' % (name, self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name']))
self.error(403)
return
# Support new 3.7x collars that have no version in the name.
if item['version'] == 'NOVERSION':
name_version = name
else:
name_version = "%s - %s" % (name, item['version'])
rcpt = str(params['rcpt'])
if item['baseprice'] > 0:
self.response.out.write("NSO %s" % (name))
logging.error('Rejecting request: Regquesting a paid item using the free url by %s, vendor %s located in %s at %s. Item:%s Rcpt:%s' %
(self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name,
rcpt
))
return
if tools.enqueue_delivery(item['giver'], rcpt, name_version, self.request.host_url):
self.response.out.write('%s|%s' % (rcpt, name_version))
count_token = 'item_count_%s' % name
memcache.incr(count_token, initial_value=0)
else:
logging.error('Enqueing failed for vendor %s, queue entry: %s|%s' % (item['giver'], rcpt, name_version))
self.error(403)
except KeyError:
logging.error('Key error for vendor %s, queue entry: %s|%s' % (item['giver'], rcpt, name_version))
self.error(403)
def get(self):
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" % (self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
else:
self.response.headers['Content-Type'] = 'text/plain'
#look for an item with the requested name
name = cgi.escape(self.request.get('object'))
version = cgi.escape(self.request.get('version'))
update = cgi.escape(self.request.get('update'))
#logging.info('%s checked %s version %s' % (self.request.headers['X-SecondLife-Owner-Name'], name, version))
item = tools.get_item(name, True)
if item is None:
self.response.out.write("NSO %s" % (name))
return
if item['baseprice'] > 0:
self.response.out.write("NSO %s" % (name))
logging.error('Rejecting request: Regquesting a paid item using the update check url by %s, vendor %s located in %s at %s. Item:%s' %
(self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name
))
return
logging.debug('baseprice:%s' % item['baseprice'])
thisversion = 0.0
try:
thisversion = float(version)
except ValueError:
avname = self.request.headers['X-SecondLife-Owner-Name']
logging.error('%s is using %s with bad version "%s" and will be sent an update' % (avname, name, version))
if thisversion < float(item['version']):
#get recipient key from http headers or request
rcpt = self.request.headers['X-SecondLife-Owner-Key']
#enqueue delivery, if queue does not already contain this delivery
name_version = "%s - %s" % (name, item['version'])
if update != "no":
if tools.enqueue_delivery(item['giver'], rcpt, name_version, self.request.host_url)==False:
self.error(403)
#queue = FreebieDelivery.gql("WHERE rcptkey = :1 AND itemname = :2", rcpt, name_version)
#if queue.count() == 0:
# delivery = FreebieDelivery(giverkey = item.freebie_giver, rcptkey = rcpt, itemname = name_version)
# delivery.put()
#in the future return null key instead of giver's key
self.response.out.write("%s|%s - %s" % (null_key, name, item['version']))
else:
self.response.out.write('current')
def item_route(item_id):
"""
Route that outputs item info
"""
target_item = get_item(item_id)
if target_item is None:
abort(404)
return render_template('item.html',
page={
'title': 'Item ' + target_item.name,
'has_sidebar': True
},
user=user_info(),
content={
'categories': get_categories(),
'item': target_item
})
def item_delete_route(item_id):
"""
Route to delete item
"""
target_item = get_item(item_id)
# checking access rights
if target_item.owner != user_info()['id']:
flash('Only owner can delete item')
return redirect(url_for('item.item_route', item_id=item_id))
if target_item is None:
abort(404)
# some protection
csrf = generate_csrf_token()
if request.method == 'POST':
if csrf != request.form['csrf_token']:
abort(403)
else:
delete_item(item_id)
flash('Item deleted')
# sending user to categories page for he has done
return redirect(url_for('category.categories_route'))
if request.method == 'GET':
return render_template('confirm.html',
page={'title': 'Delete item'},
user=user_info(),
content={
'csrf_token':
csrf,
'message':
'Do you really want delete item ' +
target_item.name + '?'
})
def item_edit_route(item_id):
"""
Route to edit item
"""
target_item = get_item(item_id)
# checking access rights
if target_item.owner != user_info()['id']:
flash('Only owner can edit item')
return redirect(url_for('item.item_route', item_id=item_id))
if target_item is None:
abort(404)
# some protection
csrf = generate_csrf_token()
if request.method == 'POST':
if csrf != request.form['csrf_token']:
abort(403)
else:
update_item(item_id)
flash('Item updated')
# sending user to item page after edit is done
return redirect(url_for('item.item_route', item_id=item_id))
if request.method == 'GET':
return render_template('item_edit.html',
page={'title': 'Edit item'},
user=user_info(),
content={
'is_edit': True,
'csrf_token': csrf,
'item': target_item
})
def get(self):
if not db.WRITE_CAPABILITY.is_enabled():
self.response.set_status(503)
self.response.headders['Retry-After'] = 120
logging.info("Told that the db was down for maintenance")
self.response.out.write('Currently down for maintenance')
else:
t=int(time.time()) - 7200;
logging.info('CRON AccountNewRecords: totaling funds for after %d' % t)
dispersal = Dispersals()
commissions_total = 0
designer_total = 0
maintainers_total = 0
total = 0
maintainers = AppSettings.get_or_insert("maintainers", value="00000000-0000-0000-0000-000000000000|0").value.split("|")
people_to_pay = []
query = Purchases.gql("WHERE accounted = :1", "0")
for record in query:
logging.info('CRON: %s|%s' % (record.key().id(), record.seller))
total += record.amount_paid
token = 'Distributor_%s' % record.seller
cacheditem = memcache.get(token)
if cacheditem is None:
dist = Distributor.gql("WHERE avkey = :1", record.seller).get()
dist_info = {"max_discount":dist.max_discount, "commission":dist.commission}
memcache.set(token, yaml.safe_dump(dist_info))
else:
#pull the item's details out of the yaml'd dict
dist_info = yaml.safe_load(cacheditem)
if dist_info['commission'] > 0:
commission = record.paid_amount*dist_info['commission']/100
commissions_total += commission
stoken = '%s_seller' % (record.seller)
commission_total = commission + getattr(dispersal, stoken, 0)
setattr(dispersal, stoken, commission_total)
people_to_pay.append(stoken)
name = record.item
item = tools.get_item(name, True)
if item is None:
logging.error('Error, Paid item %s not found. Requested by %s using %s.' % (name, self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name']))
if item['designer_cut'] > 0:
cut = record.paid_amount*item['designer_cut']/100
designer_total += cut
dtoken = '%s_designer' % (item['designer'])
cut_total = cut + getattr(dispersal, dtoken, 0)
setattr(dispersal, dtoken, cut_total)
people_to_pay.append(dtoken)
for maintainer, amount in zip(maintainers[::2], maintainers[1::2]):
cut = total*int(amount)/100
maintainers_total += cut
mtoken = '%s_maintainer' % (maintainer)
setattr(dispersal, mtoken, cut)
people_to_pay.append(mtoken)
if query.count(1) > 0:
if total >= (maintainers_total + designer_total + commissions_total):
setattr(dispersal, 'commissions_total', commissions_total)
setattr(dispersal, 'designers_total', designer_total)
setattr(dispersal, 'maintainers_total', maintainers_total)
setattr(dispersal, 'dispersal_total', (maintainers_total + designer_total + commissions_total))
setattr(dispersal, 'total', total)
setattr(dispersal, 'people_to_pay', "\n".join(people_to_pay))
dispersal.put()
logging.info('CRON AccountNewRecords: saved')
#add right url
taskqueue.add(url='/paiddist/disperse?id=%s' % (dispersal.key().id()), headers={}, queue_name='Disperse', method='PUT')
for record in query:
record.accounted = "1"
record.put()
else:
logging.error("CRON AccountNewRecords: total dispersal %s is greater than total paid %s" % (maintainers_total + designer_total + commissions_total, total))
redirecturl = "not needed?"
alarm.SendAlarm('Dispersal', t, True, "total dispersal %s is greater than total paid %s" % (maintainers_total + designer_total + commissions_total, total), redirecturl)
self.error(500)
else:
logging.info('CRON AccountNewRecords: No records')
logging.info('CRON AccountNewRecords: Finished')
def post(self):
#check linden IP and allowed avs
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" % (self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
elif not distributors.Distributor_authorized(self.request.headers['X-SecondLife-Owner-Key']):
logging.warning("Illegal attempt to request an item from %s, box %s located in %s at %s" % (self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name'], self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']))
self.error(403)
elif not db.WRITE_CAPABILITY.is_enabled():
self.response.set_status(503)
self.response.headders['Retry-After'] = 120
logging.info("Told that the db was down for maintenance to %s, box %s located in %s at %s" % (self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name'], self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']))
self.response.out.write('Currently down for maintenance')
else:
#populate a dictionary with what we've been given in post
#should be newline-delimited, token=value
lines = self.request.body.split('\n')
params = {}
for line in lines:
params[line.split('=')[0]] = line.split('=')[1]
try:
name = params['objname']
item = tools.get_item(name, True)
if item is None:
#could not find item to look up its deliverer. return an error
logging.error('Error, Paid item %s not found. Requested by %s using %s.' % (name, self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name']))
self.error(403)
return
name_version = "%s - %s" % (name, item['version'])
rcpt = str(params['rcpt'])
paid = int(params['paid'])
baseprice = int(item['baseprice'])
if paid >= baseprice:
pass
else:
token = 'Distributor_%s' % self.request.headers['X-SecondLife-Owner-Key']
cacheditem = memcache.get(token)
if cacheditem is None:
dist = Distributor.gql("WHERE avkey = :1", self.request.headers['X-SecondLife-Owner-Key']).get()
dist_info = {"max_discount":dist.max_discount, "commission":dist.commission}
memcache.set(token, yaml.safe_dump(dist_info))
else:
#pull the item's details out of the yaml'd dict
dist_info = yaml.safe_load(cacheditem)
disprice = baseprice * (100-dist_info['max_discount'])/100.0
if paid < disprice:
if paid < (disprice - 50):
logging.error('Rejecting request: Wrong price by %s, vendor %s located in %s at %s. Item:%s Item Price:%s Price Paid:%s Max Discount:%s%%' %
(self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name,
baseprice,
paid,
dist_info['max_discount']
))
self.error(403)
self.response.out.write('Wrong amount Item:%s Item Price:%s Price Paid:%s Max Discount:%s%%' %
(name,
baseprice,
paid,
dist_info['max_discount']
))
return
else:
logging.warning('Under Paid Item accepting: Wrong price by %s, vendor %s located in %s at %s. Item:%s Item Price:%s Price Paid:%s Max Discount:%s' %
(self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name,
baseprice,
paid,
))
#need to record record here
record = Purchases(purchaser = rcpt, item = name, seller = self.request.headers['X-SecondLife-Owner-Key'], item_reciver = 'request', loc = '%s %s' % (self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']), vender_name = self.request.headers['X-SecondLife-Object-Name'], amount_paid = paid)
record.put()
#have the vendor transfer the money
self.response.out.write('pay|%s|%s|%s|%s|%s' % (moneyRcpt, paid, rcpt, name, record.key().id()))#do we need all of this?
except KeyError:
logging.error('Key error for paid Post vendor %s, queue entry: %s|%s %s' % (item['giver'], rcpt, name_version, sys.exc_info()))
self.error(403)
def get(self):
if not db.WRITE_CAPABILITY.is_enabled():
self.response.set_status(503)
self.response.headders['Retry-After'] = 120
logging.info("Told that the db was down for maintenance")
self.response.out.write('Currently down for maintenance')
else:
t = int(time.time()) - 7200
logging.info(
'CRON AccountNewRecords: totaling funds for after %d' % t)
dispersal = Dispersals()
commissions_total = 0
designer_total = 0
maintainers_total = 0
total = 0
maintainers = AppSettings.get_or_insert(
"maintainers",
value="00000000-0000-0000-0000-000000000000|0").value.split(
"|")
people_to_pay = []
query = Purchases.gql("WHERE accounted = :1", "0")
for record in query:
logging.info('CRON: %s|%s' %
(record.key().id(), record.seller))
total += record.amount_paid
token = 'Distributor_%s' % record.seller
cacheditem = memcache.get(token)
if cacheditem is None:
dist = Distributor.gql("WHERE avkey = :1",
record.seller).get()
dist_info = {
"max_discount": dist.max_discount,
"commission": dist.commission
}
memcache.set(token, yaml.safe_dump(dist_info))
else:
#pull the item's details out of the yaml'd dict
dist_info = yaml.safe_load(cacheditem)
if dist_info['commission'] > 0:
commission = record.paid_amount * dist_info[
'commission'] / 100
commissions_total += commission
stoken = '%s_seller' % (record.seller)
commission_total = commission + getattr(
dispersal, stoken, 0)
setattr(dispersal, stoken, commission_total)
people_to_pay.append(stoken)
name = record.item
item = tools.get_item(name, True)
if item is None:
logging.error(
'Error, Paid item %s not found. Requested by %s using %s.'
%
(name, self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name']))
if item['designer_cut'] > 0:
cut = record.paid_amount * item['designer_cut'] / 100
designer_total += cut
dtoken = '%s_designer' % (item['designer'])
cut_total = cut + getattr(dispersal, dtoken, 0)
setattr(dispersal, dtoken, cut_total)
people_to_pay.append(dtoken)
for maintainer, amount in zip(maintainers[::2], maintainers[1::2]):
cut = total * int(amount) / 100
maintainers_total += cut
mtoken = '%s_maintainer' % (maintainer)
setattr(dispersal, mtoken, cut)
people_to_pay.append(mtoken)
if query.count(1) > 0:
if total >= (maintainers_total + designer_total +
commissions_total):
setattr(dispersal, 'commissions_total', commissions_total)
setattr(dispersal, 'designers_total', designer_total)
setattr(dispersal, 'maintainers_total', maintainers_total)
setattr(dispersal, 'dispersal_total',
(maintainers_total + designer_total +
commissions_total))
setattr(dispersal, 'total', total)
setattr(dispersal, 'people_to_pay',
"\n".join(people_to_pay))
dispersal.put()
logging.info('CRON AccountNewRecords: saved')
#add right url
taskqueue.add(url='/paiddist/disperse?id=%s' %
(dispersal.key().id()),
headers={},
queue_name='Disperse',
method='PUT')
for record in query:
record.accounted = "1"
record.put()
else:
logging.error(
"CRON AccountNewRecords: total dispersal %s is greater than total paid %s"
% (maintainers_total + designer_total +
commissions_total, total))
redirecturl = "not needed?"
alarm.SendAlarm(
'Dispersal', t, True,
"total dispersal %s is greater than total paid %s" %
(maintainers_total + designer_total +
commissions_total, total), redirecturl)
self.error(500)
else:
logging.info('CRON AccountNewRecords: No records')
logging.info('CRON AccountNewRecords: Finished')
def post(self):
#check linden IP and allowed avs
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" %
(self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
elif not distributors.Distributor_authorized(
self.request.headers['X-SecondLife-Owner-Key']):
logging.warning(
"Illegal attempt to request an item from %s, box %s located in %s at %s"
% (self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position']))
self.error(403)
elif not db.WRITE_CAPABILITY.is_enabled():
self.response.set_status(503)
self.response.headders['Retry-After'] = 120
logging.info(
"Told that the db was down for maintenance to %s, box %s located in %s at %s"
% (self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position']))
self.response.out.write('Currently down for maintenance')
else:
#populate a dictionary with what we've been given in post
#should be newline-delimited, token=value
lines = self.request.body.split('\n')
params = {}
for line in lines:
params[line.split('=')[0]] = line.split('=')[1]
try:
name = params['objname']
item = tools.get_item(name, True)
if item is None:
#could not find item to look up its deliverer. return an error
logging.error(
'Error, Paid item %s not found. Requested by %s using %s.'
%
(name, self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name']))
self.error(403)
return
name_version = "%s - %s" % (name, item['version'])
rcpt = str(params['rcpt'])
paid = int(params['paid'])
baseprice = int(item['baseprice'])
if paid >= baseprice:
pass
else:
token = 'Distributor_%s' % self.request.headers[
'X-SecondLife-Owner-Key']
cacheditem = memcache.get(token)
if cacheditem is None:
dist = Distributor.gql(
"WHERE avkey = :1", self.request.
headers['X-SecondLife-Owner-Key']).get()
dist_info = {
"max_discount": dist.max_discount,
"commission": dist.commission
}
memcache.set(token, yaml.safe_dump(dist_info))
else:
#pull the item's details out of the yaml'd dict
dist_info = yaml.safe_load(cacheditem)
disprice = baseprice * (100 -
dist_info['max_discount']) / 100.0
if paid < disprice:
if paid < (disprice - 50):
logging.error(
'Rejecting request: Wrong price by %s, vendor %s located in %s at %s. Item:%s Item Price:%s Price Paid:%s Max Discount:%s%%'
%
(self.request.
headers['X-SecondLife-Owner-Name'], self.
request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.
headers['X-SecondLife-Local-Position'], name,
baseprice, paid, dist_info['max_discount']))
self.error(403)
self.response.out.write(
'Wrong amount Item:%s Item Price:%s Price Paid:%s Max Discount:%s%%'
% (name, baseprice, paid,
dist_info['max_discount']))
return
else:
logging.warning(
'Under Paid Item accepting: Wrong price by %s, vendor %s located in %s at %s. Item:%s Item Price:%s Price Paid:%s Max Discount:%s'
% (
self.request.
headers['X-SecondLife-Owner-Name'],
self.request.
headers['X-SecondLife-Object-Name'],
self.request.
headers['X-SecondLife-Region'],
self.request.
headers['X-SecondLife-Local-Position'],
name,
baseprice,
paid,
))
#need to record record here
record = Purchases(
purchaser=rcpt,
item=name,
seller=self.request.headers['X-SecondLife-Owner-Key'],
item_reciver='request',
loc='%s %s' %
(self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position']),
vender_name=self.request.
headers['X-SecondLife-Object-Name'],
amount_paid=paid)
record.put()
#have the vendor transfer the money
self.response.out.write(
'pay|%s|%s|%s|%s|%s' %
(moneyRcpt, paid, rcpt, name,
record.key().id())) #do we need all of this?
except KeyError:
logging.error(
'Key error for paid Post vendor %s, queue entry: %s|%s %s'
% (item['giver'], rcpt, name_version, sys.exc_info()))
self.error(403)
def post(self):
#check linden IP and allowed avs
if lindenip.inrange(os.environ['REMOTE_ADDR']) != 'Production':
self.error(403)
elif self.request.headers['X-SecondLife-Shard'] != 'Production':
logging.warning("Attempt while on beta grid %s" %
(self.request.headers['X-SecondLife-Shard']))
self.response.set_status(305)
# elif not distributors.Distributor_authorized(self.request.headers['X-SecondLife-Owner-Key']):
# logging.info("Illegal attempt to request an item from %s, box %s located in %s at %s" % (self.request.headers['X-SecondLife-Owner-Name'], self.request.headers['X-SecondLife-Object-Name'], self.request.headers['X-SecondLife-Region'], self.request.headers['X-SecondLife-Local-Position']))
# self.error(403)
elif not db.WRITE_CAPABILITY.is_enabled():
self.response.set_status(503)
self.response.headders['Retry-After'] = 120
logging.info(
"Told that the db was down for maintenance to %s, box %s located in %s at %s"
% (self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position']))
self.response.out.write('Currently down for maintenance')
else:
#populate a dictionary with what we've been given in post
#should be newline-delimited, token=value
lines = self.request.body.split('\n')
params = {}
for line in lines:
params[line.split('=')[0]] = line.split('=')[1]
try:
name = params['objname']
item = tools.get_item(name, True)
if item is None:
#could not find item to look up its deliverer. return an error
logging.error(
'Error, Paid item %s not found. Requested by %s using %s.'
%
(name, self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name']))
self.error(403)
return
name_version = "%s - %s" % (name, item['version'])
rcpt = self.request.headers['X-SecondLife-Owner-Key']
paid = int(params['paid'])
baseprice = int(item['baseprice'])
if paid >= baseprice:
pass
else:
logging.error(
'Rejecting request: Wrong price by %s, gift vendor %s located in %s at %s. Item:%s Item Price:%s Price Paid:%s'
% (self.request.headers['X-SecondLife-Owner-Name'],
self.request.headers['X-SecondLife-Object-Name'],
self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position'],
name, baseprice, paid))
self.error(403)
return
#need to record record here
record = Purchases(
purchaser=rcpt,
item=name,
seller=self.request.headers['X-SecondLife-Owner-Key'],
item_reciver='gift request',
loc='%s %s' %
(self.request.headers['X-SecondLife-Region'],
self.request.headers['X-SecondLife-Local-Position']),
vender_name=self.request.
headers['X-SecondLife-Object-Name'],
amount_paid=paid)
record.put()
#have the vendor transfer the money
self.response.out.write(
'pay|%s|%s|%s|%s|%s' %
(moneyRcpt, paid, rcpt, name,
record.key().id())) #do we need all of this?
except KeyError:
logging.error(
'Key error for paid Post gift vendor %s, queue entry: %s|%s %s'
% (item['giver'], rcpt, name_version, sys.exc_info()))
self.error(403)