def submit():
msg = request.form['msg']
fh = request.files['fh']
strip_metadata = True if 'notclean' in request.form else False
fnames = []
if msg:
fnames.append(store.save_message_submission(g.sid, msg))
flash("Thanks! We received your message.", "notification")
if fh:
fnames.append(store.save_file_submission(g.sid, fh.filename,
fh.stream, fh.content_type, strip_metadata))
flash("Thanks! We received your document '%s'."
% fh.filename or '[unnamed]', "notification")
for fname in fnames:
submission = Submission(g.source, fname)
db_session.add(submission)
if g.source.pending:
g.source.pending = False
# Generate a keypair now, if there's enough entropy (issue #303)
entropy_avail = int(open('/proc/sys/kernel/random/entropy_avail').read())
if entropy_avail >= 2400:
crypto_util.genkeypair(g.sid, g.codename)
g.source.last_updated = datetime.now()
db_session.commit()
normalize_timestamps(g.sid)
return redirect(url_for('lookup'))
def create_folder_on_drive(task, parent_drive_id, redmine_type, redmine_id,
folder_name):
if not parent_drive_id:
raise Exception("parent_drive_id is required")
if not redmine_type:
raise Exception("redmine_type is required")
if redmine_id is None:
raise Exception("redmine_id is required")
if not folder_name:
raise Exception("folder_name is required")
db_mapping = db_session.query(RedmineToDriveMapping).filter_by(
redmine_id=redmine_id).filter_by(mapping_type=redmine_type).first()
if db_mapping and db_mapping.drive_id:
logger.info("Folder %s already mapped to %s", folder_name,
db_mapping.drive_id)
return
if not db_mapping:
try:
db_mapping = RedmineToDriveMapping(
redmine_id=redmine_id,
mapping_type=redmine_type,
last_update=datetime.datetime.utcnow())
db_session.add(db_mapping)
db_session.commit()
logger.info("Created mapping for %s %s id:%s", redmine_type,
folder_name, redmine_id)
except IntegrityError, e:
logger.info(
"Cannot create mapping due to duplicate, will retry: %s", e)
db_session.rollback()
task.retry(countdown=min(2 +
(2 * current_task.request.retries), 128))
def add():
if request.method == 'POST':
store_id = request.form['store']
product_id = request.form['product']
price = request.form['price']
has_error = False
if db_session.query(Store).filter(Store.id == store_id).count == 0:
flash('No such store', 'error')
has_error = True
if db_session.query(Product).filter(
Product.id == product_id).count == 0:
flash('No such product', 'error')
has_error = True
if price is None:
flash('Price is not set', 'error')
has_error = True
if not has_error:
db_session.add(Purchase(g.user.id, store_id, product_id, price))
db_session.commit()
flash('Purchase successfully added', 'success')
render_params = {
'products': db_session.query(Product).order_by(Product.name),
'stores': db_session.query(Store).order_by(Store.name)
}
return render_template('purchase/add.html', **render_params)
def edit_skills():
""" About block edit
"""
#saved?
saved = False
if request.method == 'POST':
for field in request.form:
if field.startswith('skill'):
skill, skill_id = field.split('_')
skill = Skill.query.get(int(skill_id))
skill.percent = int(escape(request.form[field]))
db_session.add(skill)
db_session.commit()
saved = True
skills = Skill.query.all()
prop = dict()
prop.update(default)
prop['skills'] = skills
prop['saved'] = saved
return render_template('admin/edit_skills.html', **prop)
def edit_about():
""" About block edit
"""
# saved?
saved = False
if request.method == 'POST':
about = Info.query.filter(Info.title == 'about').first()
about.value = unicode(request.form['about'])
try:
db_session.add(about)
db_session.commit()
saved = True
except exc.SQLAlchemyError:
db_session.rollback()
saved = False
about = Info.query.filter(Info.title == 'about').first()
prop = dict()
prop.update(default)
prop['about'] = about.value
prop['saved'] = saved
return render_template('admin/edit_about.html', **prop)
def get_refresh_token(company):
token = db_session.query(OAuth2Token).filter(OAuth2Token.company_id==company.id).order_by('id desc').first()
header_value = "Basic " + base64.b64encode((INTUIT_CLIENT_ID + ':' + INTUIT_CLIENT_SECRET).encode()).decode()
headers = {
'Content-type': "application/x-www-form-urlencoded",
'Accept': "application/json",
'Authorization': header_value
}
params = { 'refresh_token': token.refresh_token, 'grant_type': 'refresh_token' }
res = requests.post(TOKEN_ENDPOINT, data=params, headers=headers)
token_values = res.json()
if 'errors' not in token_values:
print('Gathered access and refresh token with values:')
print(token_values)
new_token = OAuth2Token(**token_values)
new_token.service_name = 'Intuit'
new_token.company = company
new_token.created_at = datetime.datetime.now()
new_token.updated_at = datetime.datetime.now()
db_session.add(new_token)
db_session.commit()
return new_token
else:
raise Exception('Error in attempt to get new access_token.')
return
def new(cls, acct, title):
page = cls()
page.title = title
page.slug = cls.__slugify(acct, title)
acct.pages.append(page)
db_session.add(page)
return page
def new_client():
""" About block edit
"""
# if errors detected
errors = []
# if form incoming
if request.method == 'POST':
if not request.form['title']:
errors += ['Title required!']
if not errors:
client = dict()
client['title'] = unicode(escape(request.form['title']))
client['description'] = unicode(escape(request.form['description']))
client['logo'] = unicode(escape(request.form['logo']))
client['link'] = unicode(escape(request.form['link']))
client = Client(**client)
try:
db_session.add(client)
db_session.commit()
except exc.SQLAlchemyError:
db_session.rollback()
errors += ['Error creating client #{0}\n'.format(client.id)]
return redirect(url_for('edit_client', client_id=client.id))
prop = dict()
prop.update(default)
prop['errors'] = errors
return render_template('admin/new_client.html', **prop)
def savedata():
"""
User has finished the experiment and is posting their data in the form of a
(long) string. They will receive a debreifing back.
"""
print request.args.keys()
if not request.args.has_key('uniqueId'):
raise ExperimentError('improper_inputs')
else:
uniqueId = request.args['uniqueId']
print "/debrief called with", uniqueId
user = Participant.query.\
filter(Participant.uniqueid == uniqueId).\
one()
if config.getboolean('Task Parameters', 'use_debriefing'):
user.status = COMPLETED
user.endhit = datetime.datetime.now()
db_session.add(user)
db_session.commit()
return render_template('debriefing.html', workerId=user.workerid, assignmentId=user.assignmentid)
else:
user.status = DEBRIEFED
user.endhit = datetime.datetime.now()
db_session.add(user)
db_session.commit()
return render_template('closepopup.html')
def quitter():
"""
Mark quitter as such.
"""
unique_id = request.form['uniqueId']
if unique_id[:5] == "debug":
debug_mode = True
else:
debug_mode = False
if debug_mode:
resp = {"status": "didn't mark as quitter since this is debugging"}
return jsonify(**resp)
else:
try:
unique_id = request.form['uniqueId']
app.logger.info("Marking quitter %s" % unique_id)
user = Participant.query.\
filter(Participant.uniqueid == unique_id).\
one()
user.status = QUITEARLY
db_session.add(user)
db_session.commit()
except exc.SQLAlchemyError:
raise ExperimentError('tried_to_quit')
else:
resp = {"status": "marked as quitter"}
return jsonify(**resp)
def gather_transactions_for_wallet(wallet):
'''
'''
endpoint = transactions_endpoint % wallet.address #TODO we're only on ethereum now, which is why we're using etherscan
print(endpoint)
res = requests.get(endpoint)
doc = html.fromstring(res.content)
els = doc.xpath("//td//span[@class='address-tag']/a")
txn_refs = []
for el in els:
href = el.attrib['href']
if href[0:3] == '/tx':
txn_refs.append(href)
for ref in txn_refs:
#search to see if we have a cryptotransaction currently in the database
tx_hash = ref.split('/')[-1]
ct = db_session.query(CryptoTransaction).filter(CryptoTransaction.tx_hash == tx_hash, CryptoTransaction.crypto_wallet_id==wallet.id).first()
print(ct)
if not ct:
tinfo = gather_info_from_transaction(ref, es_doc=doc)
out = True if tinfo['from'] == wallet.address else False
ct = CryptoTransaction(crypto_wallet_id=wallet.id, tx_hash=tinfo['tx_hash'], timestamp=tinfo['timestamp'], amount=tinfo['value'][0], usd_amount=tinfo['value'][1], to_account=tinfo['to'], from_account=tinfo['from'], out=out, block_num=tinfo['block_height'], tx_cost=tinfo['actual_tx_cost'], created_at=datetime.datetime.now(), updated_at=datetime.datetime.now())
print(ct)
print(tinfo)
db_session.add(ct)
db_session.commit()
def insertData(qiniukey):
share = Share.query.filter(Share.share_qiniuurl == qiniukey).first()
if share is None:
share = Share(None, qiniukey)
db_session.add(share)
db_session.commit()
return share
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
old_user = None
try:
old_user = Users.query.filter(Users.username == username).first()
except:
pass
# Validation
error = None
if not username:
error = 'Username is required!'
elif not password:
error = 'Password is required!'
elif old_user is not None:
error = 'User {} is already registered.'.format(username)
if error is None:
u = Users(username=username, password=generate_password_hash(password), api_key= randomString(10))
db_session.add(u)
db_session.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def callback():
code=request.args.get('code')
if not code:
return 'failed'
url = AUTHORIZE_URL.format(code=code,
client_id=clientid,
secret=secret)
resp = requests.get(url)
if resp.ok:
access_token = resp.json()['access_token']
# now get 4sq id and name from self endpoint
payload = {'oauth_token': access_token,
'v': API_VERSION}
resp2 = requests.get(SELF_URL, params=payload)
if resp2.ok:
user_w = resp2.json()
user = user_w.get('response',{}).get('user',{})
if user:
name = user.get('firstName') + ' ' + user.get('lastName','')
foursquare_id = user.get('id')
u = User.query.filter(User.foursquare_id == foursquare_id).first()
if u:
u.access_token = access_token
db_session.commit()
else:
u = User(foursquare_id, access_token, name)
db_session.add(u)
db_session.commit()
return 'callback ok (POST)'
else:
return 'something went wrong...'
def password(self, password):
try:
self.password_hash = generate_password_hash(password)
db_session.add(self)
db_session.commit()
except:
print("add user fail")
def start(message):
refferal = extract_refferal(message.text)
if refferal:
if len(BitcoinBot.query.filter_by(
user_id=message.from_user.id).all()) == 0:
new_user = BitcoinBot(message.from_user.id, 1000, None,
message.chat.id, refferal)
db_session.add(new_user)
db_session.flush()
print("added new user", flush=True)
else:
if len(BitcoinBot.query.filter_by(
user_id=message.from_user.id).all()) == 0:
new_user = BitcoinBot(message.from_user.id, 1000, None,
message.chat.id)
db_session.add(new_user)
refferal_user = BitcoinBot.query.filter_by(
user_id=refferal).first()
refferal_user.user_balance += 50
db_session.flush()
print("added new user", flush=True)
markup = types.ReplyKeyboardMarkup()
markup.row("Начать игру")
markup.row("Пополнить баланс", "Проверить баланс", "Вывести баланс")
markup.row("Информация")
bot.send_message(message.chat.id,
messages.hello_message,
reply_markup=markup)
print("Started", flush=True)
def make_star_true(filesystem_id):
source = get_source(filesystem_id)
if source.star:
source.star.starred = True
else:
source_star = SourceStar(source)
db_session.add(source_star)
def add_admin():
while True:
username = raw_input("Username: "******"Sorry, that username is already in use."
else:
break
while True:
password = getpass("Password: "******"Confirm Password: "******"Passwords didn't match!"
hotp_input = raw_input("Is this admin using a YubiKey [HOTP]? (y/N): ")
otp_secret = None
if hotp_input.lower() == "y" or hotp_input.lower() == "yes":
while True:
otp_secret = raw_input("Please configure your YubiKey and enter the secret: ")
if otp_secret:
break
admin = Journalist(username=username, password=password, is_admin=True, otp_secret=otp_secret)
try:
db_session.add(admin)
db_session.commit()
except Exception, e:
if "username is not unique" in str(e):
print "ERROR: That username is already taken!"
else:
print "ERROR: An unknown error occurred, traceback:"
print e
def make_star_true(sid):
source = get_source(sid)
if source.star:
source.star.starred = True
else:
source_star = SourceStar(source)
db_session.add(source_star)
def update(uid=None):
"""
Save experiment data, which should be a JSON object and will be stored
after converting to string.
"""
app.logger.info("PUT /sync route with id: %s" % uid)
try:
user = Participant.query.\
filter(Participant.uniqueid == uid).\
one()
except exc.SQLAlchemyError:
app.logger.error("DB error: Unique user not found.")
if hasattr(request, 'json'):
user.datastring = request.data.decode('utf-8').encode(
'ascii', 'xmlcharrefreplace')
db_session.add(user)
db_session.commit()
try:
data = json.loads(user.datastring)
except:
data = {}
trial = data.get("currenttrial", None)
app.logger.info("saved data for %s (current trial: %s)", uid, trial)
resp = {"status": "user data saved"}
return jsonify(**resp)
def login():
if request.method == "POST":
try:
user = Journalist.login(request.form["username"], request.form["password"], request.form["token"])
except Exception as e:
app.logger.error("Login for '{}' failed: {}".format(request.form["username"], e))
login_flashed_msg = "Login failed."
if isinstance(e, LoginThrottledException):
login_flashed_msg += " Please wait at least 60 seconds before logging in again."
else:
try:
user = Journalist.query.filter_by(username=request.form["username"]).one()
if user.is_totp:
login_flashed_msg += " Please wait for a new two-factor token before logging in again."
except:
pass
flash(login_flashed_msg, "error")
else:
app.logger.info(
"Successful login for '{}' with token {}".format(request.form["username"], request.form["token"])
)
# Update access metadata
user.last_access = datetime.utcnow()
db_session.add(user)
db_session.commit()
session["uid"] = user.id
return redirect(url_for("index"))
return render_template("login.html")
def login(cls, email, password):
try:
user_model = cls.authorize(email, password)
if user_model:
if not user_model.session:
secret_key = str(uuid.uuid1())
session['token'] = secret_key
sess_obj = Session(secret_key)
db_session.add(sess_obj)
user_model.session = sess_obj
user_model.save()
db_session.commit()
return True
else:
return False
else:
return False
except Exception as Error:
print 'login error: %s' % Error
traceback.print_exc(file=sys.stdout)
db_session.rollback()
return False
def populate(file):
pp.pprint("parsing file %s" % file)
file_reader = open(file, "r")
url_objects = []
for line in file_reader:
if not line.startswith("#"):
pp.pprint(line)
line = line.strip()
line = line.strip("'")
line = line.strip("\n")
pp.pprint(line)
url = URL(util.hash_domain(line), util.hash_url(line))
if (not url.hash_domain == "" and not url.hash_url == ""):
url_objects.append(url)
db_session.add(url)
db_session.commit()
pp.pprint(url_objects)
"""
TODO: this doesn't work with the large data set, perhaps there is a max without any errors?
Will create a SQL script to insert manually into DB
try:
db_session.bulk_save_objects(url_objects)
db_session.commit()
except exc.IntegrityError:
db_session.rollback()
"""
results = URL.query.all()
pp.pprint("Inserted %d rows" % len(results))
def download_oa(folder, wait=1):
open_papers = db_session.query(Paper).filter(
Paper.open_access == True).all()
n_open_papers = db_session.query(Paper).filter(
Paper.open_access == True).count()
for i, paper in enumerate(open_papers):
print '%d/%d' % (i, n_open_papers)
if not paper.pmc_id:
paper.pmc_id = _get_pmc_id(paper.pubmed_id)
if not paper.abstract:
paper.abstract = _get_abstract(paper.pubmed_id)
if not paper.files:
# download xml body
filename = str(paper.pubmed_id) + '.xml'
if _get_oa_body(paper.pubmed_id, paper.pmc_id, folder):
file = File(paper=paper, format='xml', filename=filename)
db_session.add(file)
# download pdf and supplementary
files = _get_oa_pdf(paper.pubmed_id, paper.pmc_id, folder)
for filename in files:
if filename.endswith('.pdf'): format = 'pdf'
elif filename.endswith('.tgz'): format = 'tgz'
else: continue
file = File(paper=paper, format='html', filename=filename)
db_session.add(file)
time.sleep(wait)
db_session.commit()
def new(cls, acct, title):
page = cls()
page.title = title
page.slug = cls.__slugify(acct, title)
acct.pages.append(page)
db_session.add(page)
return page
def mutate(self, info, input):
import utils
if utils.isAllowAccess():
result = OrgCreate()
orgCode = input.orgCode
from db_helpers.orgSelection import isOrgByOrgCodeExist
if isOrgByOrgCodeExist(orgCode):
result.msg = "This orgCode '{}' is exists.".format(orgCode)
else:
from datetime import datetime
newOrg = OrganizationDBModel(orgCode=orgCode,
strCode=input.strCode,
parentOrgCode=input.parentOrgCode,
orgTypeCode=input.orgTypeCode,
orgDesc=input.orgDesc,
createdAt=datetime.now(),
createdBy=input.createdBy)
db_session.add(newOrg)
db_session.commit()
result.org = newOrg
result.status = True
result.msg = "Create Organization with orgCode '{}' success.".format(
orgCode)
return result
def login():
if request.method == 'POST':
try:
user = Journalist.login(request.form['username'],
request.form['password'],
request.form['token'])
except Exception as e:
app.logger.error("Login for '{}' failed: {}".format(
request.form['username'], e))
login_flashed_msg = "Login failed."
if isinstance(e, LoginThrottledException):
login_flashed_msg += " Please wait at least 60 seconds before logging in again."
else:
try:
user = Journalist.query.filter_by(username=request.form['username']).one()
if user.is_totp:
login_flashed_msg += " Please wait for a new two-factor token before logging in again."
except:
pass
flash(login_flashed_msg, "error")
else:
app.logger.info("Successful login for '{}' with token {}".format(
request.form['username'], request.form['token']))
# Update access metadata
user.last_access = datetime.utcnow()
db_session.add(user)
db_session.commit()
session['uid'] = user.id
return redirect(url_for('index'))
return render_template("login.html")
def handle_message(event):
# return 'OK'
message_text = str(event.message.text).lower()
user_id = event.source.user_id
user = User.query.filter(User.id == user_id).first()
if not user:
user = User(id=user_id)
db_session.add(user)
db_session.commit()
if message_text == '@aboutus':
#傳送關於我們的資訊
about_us_event(event)
elif message_text == '@location':
#傳送我們的位置
location_event(event)
elif message_text == '@contact':
#傳送聯絡方式(電話)
contact_event(event)
elif message_text == '@booknow':
#接收使用者選擇的服務
appointment_event(event)
elif message_text == '是,我要取消':
appointment_cancel_event(event)
def savedata():
"""
User has finished the experiment and is posting their data in the form of a
(long) string. They will receive a debreifing back.
"""
print request.args.keys()
if not request.args.has_key('uniqueId'):
raise ExperimentError('improper_inputs')
else:
uniqueId = request.args['uniqueId']
print "/debrief called with", uniqueId
user = Participant.query.\
filter(Participant.uniqueid == uniqueId).\
one()
if config.getboolean('Task Parameters', 'use_debriefing'):
user.status = COMPLETED
user.endhit = datetime.datetime.now()
db_session.add(user)
db_session.commit()
return render_template('debriefing.html',
workerId=user.workerid,
assignmentId=user.assignmentid)
else:
user.status = DEBRIEFED
user.endhit = datetime.datetime.now()
db_session.add(user)
db_session.commit()
return render_template('closepopup.html')
def update(id=None):
"""
Save experiment data, which should be a JSON object and will be stored
after converting to string.
"""
print "accessing the /sync route with id:", id
try:
user = Participant.query.\
filter(Participant.uniqueid == id).\
one()
except:
print "DB error: Unique user not found."
if hasattr(request, 'json'):
user.datastring = request.data
db_session.add(user)
db_session.commit()
resp = {
"condition": user.cond,
"counterbalance": user.counterbalance,
"assignmentId": user.assignmentid,
"workerId": user.workerid,
"hitId": user.hitid
}
return jsonify(**resp)
def update(id=None):
"""
Save experiment data, which should be a JSON object and will be stored
after converting to string.
"""
app.logger.info("accessing the /sync route with id: %s" % id)
try:
user = Participant.query.\
filter(Participant.uniqueid == id).\
one()
except:
app.logger.error( "DB error: Unique user not found.")
if hasattr(request, 'json'):
user.datastring = request.data.decode('utf-8').encode('ascii', 'xmlcharrefreplace')
db_session.add(user)
db_session.commit()
resp = {"condition": user.cond,
"counterbalance": user.counterbalance,
"assignmentId": user.assignmentid,
"workerId": user.workerid,
"hitId": user.hitid}
return jsonify(**resp)
def mutate(self, info, peopleData):
import utils
if utils.isAllowAccess():
toAddPeople = None
ok = False
msg = 'The pCode: {} is already exist.'.format(
peopleData.peopleCode)
# import db helper
from db_helpers.peopleSelection import isPeopleByPCodeExist
if isPeopleByPCodeExist(peopleData.peopleCode, info) is not True:
toAddPeople = PeopleDBModel(peopleCode=peopleData.peopleCode,
firstname=peopleData.firstname,
lastname=peopleData.lastname,
phone=peopleData.phone,
sexId=peopleData.sexId)
db_session.add(toAddPeople)
db_session.commit()
ok = True
msg = 'Create People\s pCode: {} success.'.format(
toAddPeople.peopleCode)
return CreatePeople(people=toAddPeople, ok=ok, msg=msg)
def update(uid=None):
"""
Save experiment data, which should be a JSON object and will be stored
after converting to string.
"""
app.logger.info("PUT /sync route with id: %s" % uid)
try:
user = Participant.query.\
filter(Participant.uniqueid == uid).\
one()
except exc.SQLAlchemyError:
app.logger.error("DB error: Unique user not found.")
if hasattr(request, 'json'):
user.datastring = request.data.decode('utf-8').encode(
'ascii', 'xmlcharrefreplace'
)
db_session.add(user)
db_session.commit()
try:
data = json.loads(user.datastring)
except:
data = {}
trial = data.get("currenttrial", None)
app.logger.info("saved data for %s (current trial: %s)", uid, trial)
resp = {"status": "user data saved"}
return jsonify(**resp)
def update(id=None):
"""
Save experiment data, which should be a JSON object and will be stored
after converting to string.
"""
print "accessing the /sync route with id:", id
try:
user = Participant.query.\
filter(Participant.uniqueid == id).\
one()
except:
print "DB error: Unique user not found."
if hasattr(request, 'json'):
user.datastring = request.data
db_session.add(user)
db_session.commit()
resp = {"condition": user.cond,
"counterbalance": user.counterbalance,
"assignmentId": user.assignmentid,
"workerId": user.workerid,
"hitId": user.hitid}
return jsonify(**resp)
def new_book(b_name, o_id):
book_item = Book(book_name=b_name,
owner_id=o_id,
created=datetime.now(),
updated=datetime.now())
db_session.add(book_item)
db_session.commit()
def create_single_version_file_on_drive(task, parent_drive_id, redmine_type, redmine_id,
file_name, local_path, description, mime_type,
version, modified_date):
if not parent_drive_id:
raise Exception("parent_drive_id is required")
if not redmine_type:
raise Exception("redmine_type is required")
if redmine_id is None:
raise Exception("redmine_id is required")
if not file_name:
raise Exception("folder_name is required")
if not local_path:
raise Exception("local_path is required")
if not os.path.isfile(local_path):
raise Exception("local_path %s is missing" % local_path)
db_mapping = db_session.query(RedmineToDriveMapping).filter_by(redmine_id=redmine_id).filter_by(
mapping_type=redmine_type).first()
if db_mapping and db_mapping.drive_id:
logger.info("File %s already mapped to %s", file_name, db_mapping.drive_id)
return
if not db_mapping:
try:
db_mapping = RedmineToDriveMapping(redmine_id=redmine_id, mapping_type=redmine_type,
last_update=datetime.datetime.utcnow())
db_session.add(db_mapping)
db_session.commit()
logger.info("Created mapping for %s %s id:%s", redmine_type, file_name, redmine_id)
except IntegrityError, e:
logger.info("Cannot create mapping due to duplicate, will retry: %s", e)
db_session.rollback()
task.retry(countdown=min(2 + (2 * current_task.request.retries), 128))
def enterexp():
"""
AJAX listener that listens for a signal from the user's script when they
leave the instructions and enter the real experiment. After the server
receives this signal, it will no longer allow them to re-access the
experiment applet (meaning they can't do part of the experiment and
referesh to start over).
"""
app.logger.info("Accessing /inexp")
if not 'uniqueId' in request.form:
raise ExperimentError('improper_inputs')
unique_id = request.form['uniqueId']
try:
user = Participant.query.\
filter(Participant.uniqueid == unique_id).one()
user.status = STARTED
user.beginexp = datetime.datetime.now()
db_session.add(user)
db_session.commit()
resp = {"status": "success"}
except exc.SQLAlchemyError:
app.logger.error("DB error: Unique user not found.")
resp = {"status": "error, uniqueId not found"}
return jsonify(**resp)
def note_create(self, data):
from apps.notes.models import Note, Note2User
try:
note = Note()
note.name = data['name']
note.status = data['status']
db_session.add(note)
db_session.commit()
note2user = Note2User()
note2user.note = note
note2user.user_id = self.id
db_session.add(note2user)
db_session.commit()
if 'items' in data:
for item in data['items']:
note.item_add(item['name'], item['description'])
db_session.commit()
return note
except Exception as NoteCreatingError:
log(NoteCreatingError)
db_session.rollback()
return 0
def quitter():
"""
Mark quitter as such.
"""
unique_id = request.form['uniqueId']
if unique_id[:5] == "debug":
debug_mode = True
else:
debug_mode = False
if debug_mode:
resp = {"status": "didn't mark as quitter since this is debugging"}
return jsonify(**resp)
else:
try:
unique_id = request.form['uniqueId']
app.logger.info("Marking quitter %s" % unique_id)
user = Participant.query.\
filter(Participant.uniqueid == unique_id).\
one()
user.status = QUITEARLY
db_session.add(user)
db_session.commit()
except exc.SQLAlchemyError:
raise ExperimentError('tried_to_quit')
else:
resp = {"status": "marked as quitter"}
return jsonify(**resp)
def write_log(user_id, resource):
"""
Write the resource user access log to
the database table for analytics and reporting
:param user_id:
:param resource:
:return: none
"""
id = None
res = None
try:
id = int(user_id)
res = str(resource)
try:
_log = APILog(user_id=id, resource=res)
db_session.add(_log)
db_session.commit()
db_session.flush()
print('Log write for: {} on: {}'.format(str(id), res))
except exc.SQLAlchemyError as db_err:
print('Error writing access log data: {}'.format(str(db_err)))
except TypeError as error:
print('Invalid data type {} in write_log function.'.format(str(error)))
return id, res
def admin_edit_user(user_id):
user = Journalist.query.get(user_id)
if request.method == "POST":
if request.form["username"] != "":
user.username = request.form["username"]
if request.form["password"] != "":
if request.form["password"] != request.form["password_again"]:
flash("Passwords didn't match", "error")
return redirect(url_for("admin_edit_user", user_id=user_id))
try:
user.set_password(request.form["password"])
except InvalidPasswordLength:
flash(
"Your password is too long " "(maximum length {} characters)".format(Journalist.MAX_PASSWORD_LEN),
"error",
)
return redirect(url_for("admin_edit_user", user_id=user_id))
user.is_admin = bool(request.form.get("is_admin"))
try:
db_session.add(user)
db_session.commit()
except Exception, e:
db_session.rollback()
if "username is not unique" in str(e):
flash("That username is already in use", "notification")
else:
flash("An unknown error occurred, please inform your administrator", "error")
def savedata():
"""
User has finished the experiment and is posting their data in the form of a
(long) string. They will receive a debreifing back.
"""
print request.form.keys()
if not (request.form.has_key('assignmentid')
and request.form.has_key('data')):
raise ExperimentError('improper_inputs')
assignmentId = request.form['assignmentid']
workerId = request.form['workerid']
datastring = request.form['data']
print assignmentId, datastring
user = Participant.query.\
filter(Participant.assignmentid == assignmentId).\
filter(Participant.workerid == workerId).\
one()
user.status = COMPLETED
user.datastring = datastring
user.endhit = datetime.datetime.now()
db_session.add(user)
db_session.commit()
return render_template('debriefing.html',
workerId=workerId,
assignmentId=assignmentId)
def admin_edit_user(user_id):
user = Journalist.query.get(user_id)
if request.method == 'POST':
if request.form['username'] != "":
user.username = request.form['username']
if request.form['password'] != "":
if request.form['password'] != request.form['password_again']:
flash("Passwords didn't match", "error")
return redirect(url_for("admin_edit_user", user_id=user_id))
user.set_password(request.form['password'])
user.is_admin = bool(request.form.get('is_admin'))
try:
db_session.add(user)
db_session.commit()
except Exception, e:
db_session.rollback()
if "username is not unique" in str(e):
flash("That username is already in use", "notification")
else:
flash(
"An unknown error occurred, please inform your administrator",
"error")
def update(uid=None):
"""
Save experiment data, which should be a JSON object and will be stored
after converting to string.
"""
app.logger.info("accessing the /sync route with id: %s" % uid)
try:
user = Participant.query.\
filter(Participant.uniqueid == uid).\
one()
except:
app.logger.error( "DB error: Unique user not found.")
if hasattr(request, 'json'):
user.datastring = request.data.decode('utf-8').encode('ascii', 'xmlcharrefreplace')
db_session.add(user)
db_session.commit()
resp = {"condition": user.cond,
"counterbalance": user.counterbalance,
"assignmentId": user.assignmentid,
"workerId": user.workerid,
"hitId": user.hitid}
return jsonify(**resp)
def make_star_false(sid):
source = get_source(sid)
if not source.star:
source_star = SourceStar(source)
db_session.add(source_star)
db_session.commit()
source.star.starred = False
def insertData(qiniukey):
share = Share.query.filter(Share.share_qiniuurl == qiniukey).first()
if share is None:
share = Share(None, qiniukey)
db_session.add(share)
db_session.commit()
return share
def make_star_false(filesystem_id):
source = get_source(filesystem_id)
if not source.star:
source_star = SourceStar(source)
db_session.add(source_star)
db_session.commit()
source.star.starred = False
def save_book(book: book.Book) -> Book:
try:
db_zipfile = ZipFile(zip_name=book.zip_file.zip_name)
db_session.merge(db_zipfile)
db_session.commit()
except IntegrityError as e:
db_session.rollback()
db_zipfile = db_session.query(ZipFile).filter(
ZipFile.zip_name == book.zip_file.zip_name).first()
logging.error(e)
db_book = Book(zip_name=book.zip_file.zip_name,
book_name=book.book_name,
title=book.title,
annotation=book.annotation,
authors=book.authors,
language=book.lang,
genre=book.genre)
try:
db_session.add(db_book)
db_session.commit()
except IntegrityError as e:
db_session.rollback()
db_book = db_session.query(Book).filter(
Book.zip_name == book.zip_file.zip_name
and Book.book_name == book.book_name).first()
logging.error(e)
for word in book.words:
save_book_word(db_book, word)
db_session.commit()
return db_book
def enterexp():
"""
AJAX listener that listens for a signal from the user's script when they
leave the instructions and enter the real experiment. After the server
receives this signal, it will no longer allow them to re-access the
experiment applet (meaning they can't do part of the experiment and
referesh to start over).
"""
app.logger.info("Accessing /inexp")
if not 'uniqueId' in request.form:
raise ExperimentError('improper_inputs')
unique_id = request.form['uniqueId']
try:
user = Participant.query.\
filter(Participant.uniqueid == unique_id).one()
user.status = STARTED
user.beginexp = datetime.datetime.now()
db_session.add(user)
db_session.commit()
resp = {"status": "success"}
except exc.SQLAlchemyError:
app.logger.error("DB error: Unique user not found.")
resp = {"status": "error, uniqueId not found"}
return jsonify(**resp)
def _admin_logs_in(self):
# Create a test admin user for logging in
admin_user_info = dict(
username='******',
password='******',
is_admin=True)
admin_user = Journalist(**admin_user_info)
db_session.add(admin_user)
db_session.commit()
# Stash the admin user on self so we can use it in later tests
self.admin_user = admin_user_info
self.admin_user['orm_obj'] = admin_user
self._login_user(admin_user_info['username'],
admin_user_info['password'],
admin_user.totp.now())
# Admin user should log in to the same interface as a normal user,
# since there may be users who wish to be both journalists and admins.
headline = self.driver.find_element_by_css_selector('span.headline')
self.assertIn('Sources', headline.text)
# Admin user should have a link that take them to the admin page
links = self.driver.find_elements_by_tag_name('a')
self.assertIn('Admin', [el.text for el in links])
def categories_list():
#if errors detected
errors = []
#saved?
saved = False
if request.method == 'POST':
categories = []
saved = True
for field in request.form:
if field.startswith('title'):
not_needed, category_id = field.split('-')
categories.append(category_id)
for category_id in categories:
category = Category.query.get(int(category_id))
category.title = escape(request.form['title-' + category_id])
category.description = escape(request.form['description-' + category_id])
try:
db_session.add(category)
db_session.commit()
except exc.SQLAlchemyError:
db_session.rollback()
errors += ['Error saving category #{0}\n'.format(category.id)]
saved = False
if request.form['new-title']:
category = Category(escape(request.form['new-title']), escape(request.form['new-description']))
try:
db_session.add(category)
db_session.commit()
except exc.SQLAlchemyError:
db_session.rollback()
errors += ['Error with new category']
saved = False
category_to_delete = request.values.get('delete', False)
if category_to_delete:
category = Category.query.get(int(category_to_delete))
db_session.delete(category)
db_session.commit()
return redirect(url_for('categories_list'))
categories = Category.query.all()
prop = dict()
prop.update(default)
prop['categories'] = categories
prop['saved'] = saved
prop['errors'] = errors
return render_template('admin/categories_list.html', **prop)
def _add_user(is_admin=False):
username = _get_username()
print("Note: Passwords are now autogenerated.")
password = _make_password()
print("This user's password is: {}".format(password))
is_hotp = _get_yubikey_usage()
otp_secret = None
if is_hotp:
while True:
otp_secret = raw_input(
"Please configure this user's YubiKey and enter the secret: ")
if otp_secret:
tmp_str = otp_secret.replace(" ", "")
if len(tmp_str) != 40:
print("The length of the secret is not correct. "
"Expected 40 characters, but received {0}. "
"Try again.".format(len(tmp_str)))
continue
if otp_secret:
break
try:
user = Journalist(username=username,
password=password,
is_admin=is_admin,
otp_secret=otp_secret)
db_session.add(user)
db_session.commit()
except Exception as exc:
db_session.rollback()
if "UNIQUE constraint failed: journalists.username" in str(exc):
print('ERROR: That username is already taken!')
else:
exc_type, exc_value, exc_traceback = sys.exc_info()
print(repr(traceback.format_exception(exc_type, exc_value,
exc_traceback)))
return 1
else:
print('User "{}" successfully added'.format(username))
if not otp_secret:
# Print the QR code for FreeOTP
print('\nScan the QR code below with FreeOTP:\n')
uri = user.totp.provisioning_uri(username,
issuer_name='SecureDrop')
qr = qrcode.QRCode()
qr.add_data(uri)
sys.stdout = codecs.getwriter("utf-8")(sys.stdout)
qr.print_ascii(tty=sys.stdout.isatty())
print('\nIf the barcode does not render correctly, try changing '
"your terminal's font (Monospace for Linux, Menlo for OS "
'X). If you are using iTerm on Mac OS X, you will need to '
'change the "Non-ASCII Font", which is your profile\'s Text '
"settings.\n\nCan't scan the barcode? Enter following "
'shared secret '
'manually:\n{}\n'.format(user.formatted_otp_secret))
return 0
def vote(poll_id, answer_id):
user_id = get_user_id()
poll = Poll.query.filter(Poll.id == poll_id).first()
answer = Answer.query.filter(Answer.id == answer_id).first()
if poll.vote_limit > count_votes(poll, user_id):
answer.votes.append(Vote(user_id))
db_session.add(answer)
db_session.commit()
return redirect("/view/%s" % poll.id)
def new(cls, rev, link_num, uid, title, alias):
link = cls()
link.link_num = link_num
if uid and uid != rev.page.acct.uid:
link.tgt_page_uid = uid
link.tgt_page_title = title
if alias and alias != title:
link.tgt_page_alias = alias
rev.links.append(link)
db_session.add(link)
return link
def get_track(id=None, provider_id=None):
ret = None
if id:
ret = db_session.query(Track).filter_by(id=id).first()
elif provider_id:
#might already be in there
ret = db_session.query(Track).filter_by(provider_id=provider_id).first()
if ret == None:
ret = MusicProvider.get_track(provider_id)
db_session.add(ret)
db_session.commit()
return ret
def add_task(group_id, body, due_date):
new_task = models.Task(
group_id=group_id,
body=body,
date=datetime.datetime.utcnow(),
due_date=due_date
)
db_session.add(new_task)
db_session.commit()
query_result = db_session.query(models.Task).filter(models.Task.group_id==group_id).order_by(models.Task.date).all()
return utils.list_to_json('tasks', query_result)
def get_cpu_percent():
while True:
cpus = psutil.cpu_percent(interval=30, percpu=True)
t = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
cpu = Cpu()
cpu.time = t
cpu.cpu1 = cpus[0]
cpu.cpu2 = cpus[1]
cpu.cpu3 = cpus[2]
cpu.cpu4 = cpus[3]
db_session.add(cpu)
db_session.commit()
def reply():
g.source.interaction_count += 1
filename = "{0}-{1}-reply.gpg".format(g.source.interaction_count, g.source.journalist_filename)
crypto_util.encrypt(
request.form["msg"], [crypto_util.getkey(g.sid), config.JOURNALIST_KEY], output=store.path(g.sid, filename)
)
reply = Reply(g.user, g.source, filename)
db_session.add(reply)
db_session.commit()
flash("Thanks! Your reply has been stored.", "notification")
return redirect(url_for("col", sid=g.sid))
def main():
live = False
if live:
data = get_webcompat_data()[1]
else:
f = open('webcompatdata-bzlike.json', 'r')
data = json.load(f)
f.close()
# stuff data into database..
for bug in data['bugs']:
db_session.add(Issue(bug['id'], bug['summary'], bug['url'], bug['body']))
db_session.commit()
def commit_account_changes(user):
if db_session.is_modified(user):
try:
db_session.add(user)
db_session.commit()
except Exception as e:
flash(gettext(
"An unexpected error occurred! Please "
"inform your administrator."), "error")
current_app.logger.error("Account changes for '{}' failed: {}"
.format(user, e))
db_session.rollback()
else:
flash(gettext("Account updated."), "success")
