def get(self):
user_email = self.request.get('email').lower()
logging.info("AddUserAsFriend "+user_email)
user = User.query(ndb.GenericProperty('email_address') == user_email).get()
if not user:
user = User.query(ndb.GenericProperty('email_address') == user_email).get()
if user.get_id() == self.user_id:
self.response.out.write("EMAIL TO SELF")
return
if user:
InviteInternal.add_invite(self.user_id, user.key.id())
self.response.out.write("FOUND")
else:
self.response.out.write("NOT FOUND")
def get(self):
"""
get the users friends
:return:
"""
friends_data = []
if config['all_are_friends']:
for user in User.query():
if user.get_id() == self.user_id:
continue # don't add myself again
friends_data.append(self.user_id)
else:
assert False
#TODO: check friends
prof = user.profile()
for friend in prof.friends:
friends_data.append(friend.userId)
json.dump(friends_data, self.response.out, default=json_serial)
return
def post(self):
if is_administrator():
try:
logging.info("SyncToProd")
seed_user = None
for u in User.query():
if 'pegah' in u.auth_ids:
seed_user = u.key
break
if seed_user:
logging.info("SyncToProd seed user")
url = 'https://rayv-app.appspot.com/admin/put_place_api'
place_list = json.loads(self.request.params['list'])
for place in place_list:
it = Item.get_by_id(place)
logging.info("SyncToProd sending " + it.place_name)
form_fields = place.id_to_json()
vote = Vote.query(Vote.voter == seed_user,
Vote.item == it.key).get()
if vote:
form_fields['myComment'] = vote.comment
form_fields['voteScore'] = vote.vote
else:
form_fields['voteScore'] = VoteValue.VOTE_LIKED
form_fields['myComment'] = ""
form_data = urllib.urlencode(form_fields)
result = urlfetch.fetch(
url=url,
payload=form_data,
method=urlfetch.POST,
headers={
'Content-Type':
'application/x-www-form-urlencoded'
})
else:
self.response.out.write('No Seed User')
except Exception:
logging.error('admin.SyncToProd', exc_info=True)
logging.info("Sync Done to Prod")
self.response.out.write("OK")
def post(self):
username = self.request.get('username').lower()
user = User.query(
google.appengine.ext.ndb.GenericProperty('email_address') ==
username).get()
# #user = self.user_model.get_by_auth_id(username)
if not user:
logging.info('Could not find any userId entry for username %s',
username)
else:
try:
if user.blocked:
logging.info('ForgotPasswordHandler: Blocked user ' +
username)
self.abort(403)
except:
pass
user_id = user.get_id()
token = self.user_model.create_signup_token(user_id)
verification_url = self.uri_for('verification',
type='p',
user_id=user_id,
signup_token=token,
_full=True)
msg = 'Please visit this link to reset your password\n%s' % verification_url
mail_wrapper.send_mail(sender=settings.config['system_email'],
to=user.email_address,
subject="Password Reset",
body=msg)
logging.info("Reset email sent to %s" % user.email_address)
params = {
'message2':
"If that account exists, an email was sent. "
"Please read it for instructions"
}
self.render_template('login.html', params)
def post(self):
#https://cloud.google.com/appengine/docs/python/
# appidentity/#Python_Asserting_identity_to_other_App_Engine_apps
logging.debug("UpdateItemFromAnotherAppAPI")
#TODO: Security
#if app_identity.get_application_id() != settings.API_TARGET_APP_ID:
# logging.debug("UpdateItemFromAnotherAppAPI 403: %s != %s"%\
# (app_identity.get_application_id(),settings.API_TARGET_APP_ID))
# self.abort(403)
#app_id = self.request.headers.get('X-Appengine-Inbound-Appid', None)
#logging.info('UpdateItemFromAnotherAppAPI: from app %s'%app_id)
#if app_id in settings.ALLOWED_APP_IDS:
if True:
seed_user = None
for u in User.query():
if 'pegah' in u.auth_ids:
seed_user = u.key.id()
break
if seed_user:
logging.debug("UpdateItemFromAnotherAppAPI user:"******""
for k in self.request.params:
params += '"%s": "%s"'%(k, self.request.params[k])
logging.debug("UpdateItemFromAnotherAppAPI params: "+params)
if update_item_internal(self, seed_user, allow_update=False):
logging.debug("UpdateItemFromAnotherAppAPI Done ")
else:
logging.debug("UpdateItemFromAnotherAppAPI Existed ")
self.response.out.write("OK")
else:
logging_ext.error("UpdateItemFromAnotherAppAPI - couldn't get seed user",
exc_info=True)
self.abort(500)
else:
logging.debug("UpdateItemFromAnotherAppAPI not allowed")
self.abort(403)
def add_blocked_to_user(self):
users = User.query()
for u in users:
if not u.blocked:
u.blocked = False
u.put()