Ejemplo n.º 1
0
def update_invite(id):
    timenow = datetime.datetime.utcnow()
    action = request.json['action'].lower()
    
    invitation = invites.find_one({'id': id})
    if invitation:
        max_time_allowed = invitation.get('max_time_allowed') \
            or backend_config.get('invitation').get('max_time_allowed')
        recipient = invitation['recipient']
        recipient_name = invitation['recipient_name']
        sender = invitation['sender']
        sender_name = invitation['sender_name']
        sent_on = invitation['sent_on']
        accepted_on = invitation['accepted_on']
        expire_on = invitation['expire_on']

        user = users.find_one({'email': recipient})
        if user is None:
            return jsonify(success=False, reason="user-not-created")
        if accepted_on is not None:
            return jsonify(success=False, reason="invitation-has-been-used")
        if not action in ('resend', 'accept', 'decline'):
            return jsonify(success=False, reason='invalid-action')

        if action == 'resend':
            new_id = str(uuid.uuid4())
            base_url = request.json['base_url']
            backend_utils.send_invite(recipient, recipient_name, sender, sender_name, base_url, new_id)
            # generate new record
            sent_on = datetime.datetime.utcnow()
            expire_on = sent_on + datetime.timedelta(seconds=max_time_allowed)
            invitation['id'] = new_id
            invitation['sent_on'] = sent_on
            invitation['expire_on'] = expire_on
            invites.update({'id': id}, {'$set': 
                {'sent_on': invitation['sent_on'],
                 'id': invitation['id']}})
            return jsonify(success=True, invite=sanitize_invite(invitation))
        elif action == 'accept':
            # if time now is ahead of expire_on, the delta is negative
            if (expire_on - timenow).seconds < 0:
                invitation['status'] = 'expired'
                invites.update({'id': id}, {'$set': {'status': 'expired'}})
                return jsonify(success=False, reason='invitation-expired')
            else:
                invitation['status'] = 'used'
                invitation['accepted_on'] = datetime.datetime.utcnow()
                invites.update({'id': id},{'$set': 
                    {'accepted_on': invitation['accepted_on'],
                     'status': 'used'}})
                users.update({'email': recipient}, {'$set': 
                    {'status': 'active'}}) 
                return jsonify(success=True, invite=sanitize_invite(invitation))
        elif action == 'decline':
            invitation['status'] = 'declined'
            invites.update({'id': id}, {'$set': {'status': 'decline'}})
            return jsonify(success=True, invite=sanitize_invite(invitation))
    else:
        return jsonify(success=False, reason='invitation-does-not-exist')
Ejemplo n.º 2
0
def create_invites():
    recipient = request.json['recipient']
    sender = request.json['sender']
    recipient_user = users.find_one({'email': recipient})
    recipient_invite = invites.find_one({'recipient': recipient})
    sender_user = users.find_one({'email': sender})
    # issue #120
    # To ensure no duplicate invitation is allowed, and to ensure
    # we don't corrupt user record in user table, any POST invitation
    # must check
    # (1) if user is not created in users collection - FALSE
    # (2) if user is created, BUT status is not 'invited' - FALSE
    # (3) recipient email is found in existing invitation record - FALSE
    if not recipient_user:
        return jsonify(success=False, 
                reason='recipient-not-found-in-user-record')
    elif recipient_user.get('status') != 'invited':
        return jsonify(success=False, 
                reason='recipient-already-joined')
    if recipient_invite:
        return jsonify(success=False,
                reason='duplicate-invitation-not-allowed')
    if not sender_user:
        return jsonify(success=False,
                reason='sender-not-found-in-user-record')

    invite_id = str(uuid.uuid4())
    # some users may not have name filled out?
    invite = {'id': invite_id,
              'recipient': recipient,
              'recipient_name': recipient_user['name'] or recipient,
              'sender': sender,
              'sender_name': sender_user['name'] or sender,
              'sent_on': None,
              'accepted_on': None,
              'status': 'pending',
              'expire_on': None,
              'max_time_allowed': request.json.get('max_time_allowed') \
                      or backend_config.get('invitation').get('max_time_allowed')}

    backend_utils.send_invite(
        invite['recipient'], 
        invite['recipient_name'], 
        invite['sender'],
        invite['sender_name'],
        request.json['base_url'],
        invite_id)
    invite['sent_on'] = datetime.datetime.utcnow()
    invite['expire_on'] = invite['sent_on'] + \
        datetime.timedelta(seconds=invite['max_time_allowed'])
    invites.insert(invite)
    return jsonify(success=True, invite=sanitize_invite(invite))
Ejemplo n.º 3
0
def delete_invite(id):
    invitation = invites.find_one({'id': id})
    if not invitation:
        return jsonify(success=False, reason='no-such-invitation')
    # do not delete users that are not invite pending (bug #123)
    email = invitation['recipient']
    user = users.find_one({'email': email})
    if user and user.get('status') == "invited":
        users.remove(user)
        # bug #133 delete user associations
        remove_group_association(email)
        
    invites.remove({'id': id})
    return jsonify(success=True)
Ejemplo n.º 4
0
def delete_invite(id):
    invitation = invites.find_one({'id': id})
    if not invitation:
        return jsonify(success=False, reason='no-such-invitation')
    # do not delete users that are not invite pending (bug #123)
    email = invitation['recipient']
    user = users.find_one({'email': email})
    if user and user.get('status') == "invited":
        users.remove(user)
        # bug #133 delete user associations
        remove_group_association(email)

    invites.remove({'id': id})
    return jsonify(success=True)
Ejemplo n.º 5
0
def delete_invite(id):
    invitation = invites.find_one({'id': id})
    if not invitation:
        return jsonify(success=False, reason='no-such-invitation')
    # do not delete users that are not invite pending (bug #123)
    email = invitation['recipient']
    user = users.find_one({'email': email})
    if user and user.get('status') == "invited":
        users.remove(user)
        # bug #133 delete user associations
        for group_name in _find_groups_for_user(email):
            groups.update({'name':group_name}, {'$pull': {'users': email}})
        for site in _find_sites_for_user(email):
            sites.update({'url':site}, {'$pull': {'users': email}})
    invites.remove({'id': id})
    return jsonify(success=True)
Ejemplo n.º 6
0
def create_invites():
    recipient = request.json['recipient']
    sender = request.json['sender']
    recipient_user = users.find_one({'email': recipient})
    recipient_invite = invites.find_one({'recipient': recipient})
    sender_user = users.find_one({'email': sender})
    # issue #120
    # To ensure no duplicate invitation is allowed, and to ensure
    # we don't corrupt user record in user table, any POST invitation
    # must check
    # (1) if user is not created in users collection - FALSE
    # (2) if user is created, BUT status is not 'invited' - FALSE
    # (3) recipient email is found in existing invitation record - FALSE
    if not recipient_user:
        return jsonify(success=False,
                       reason='recipient-not-found-in-user-record')
    elif recipient_user.get('status') != 'invited':
        return jsonify(success=False, reason='recipient-already-joined')
    if recipient_invite:
        return jsonify(success=False,
                       reason='duplicate-invitation-not-allowed')
    if not sender_user:
        return jsonify(success=False, reason='sender-not-found-in-user-record')

    invite_id = str(uuid.uuid4())
    # some users may not have name filled out?
    invite = {'id': invite_id,
              'recipient': recipient,
              'recipient_name': recipient_user['name'] or recipient,
              'sender': sender,
              'sender_name': sender_user['name'] or sender,
              'sent_on': None,
              'accepted_on': None,
              'status': 'pending',
              'expire_on': None,
              'max_time_allowed': request.json.get('max_time_allowed') \
                      or backend_config.get('email').get('max_time_allowed'),
              'notify_when': request.json.get('notify_when', [])}
    send_email('invite',
               invite,
               extra_data={'base_url': request.json['base_url']})

    invite['sent_on'] = datetime.datetime.utcnow()
    invite['expire_on'] = invite['sent_on'] + \
        datetime.timedelta(seconds=invite['max_time_allowed'])
    invites.insert(invite)
    return jsonify(success=True, invite=sanitize_invite(invite))
Ejemplo n.º 7
0
def get_invite(id):
    invitation = invites.find_one({'id': id})
    if invitation:
        return jsonify(success=True, invite=sanitize_invite(invitation))
    else:
        return jsonify(success=False, reason='invitation-does-not-exist')
Ejemplo n.º 8
0
def update_invite(id):
    timenow = datetime.datetime.utcnow()
    action = request.json['action'].lower()
    
    invitation = invites.find_one({'id': id})
    if invitation:
        max_time_allowed = invitation.get('max_time_allowed') \
            or backend_config.get('invitation').get('max_time_allowed')
        recipient = invitation['recipient']
        recipient_name = invitation['recipient_name']
        sender = invitation['sender']
        sender_name = invitation['sender_name']
        sent_on = invitation['sent_on']
        accepted_on = invitation['accepted_on']
        expire_on = invitation['expire_on']

        user = users.find_one({'email': recipient})
        if user is None:
            return jsonify(success=False, reason="user-not-created")
        if accepted_on is not None:
            return jsonify(success=False, reason="invitation-has-been-used")
        if not action in ('resend', 'accept', 'decline'):
            return jsonify(success=False, reason='invalid-action')

        if action == 'resend':
            new_id = str(uuid.uuid4())
            base_url = request.json['base_url']
            send_email('invite', invitation, extra_data={'base_url': base_url})
            # generate new record
            sent_on = datetime.datetime.utcnow()
            expire_on = sent_on + datetime.timedelta(seconds=max_time_allowed)
            invitation['id'] = new_id
            invitation['sent_on'] = sent_on
            invitation['expire_on'] = expire_on
            invites.update({'id': id}, {'$set': 
                {'sent_on': invitation['sent_on'],
                 'id': invitation['id']}})
            return jsonify(success=True, invite=sanitize_invite(invitation))
        elif action == 'accept':
            # if time now is ahead of expire_on, the delta is negative
            if (expire_on - timenow).seconds < 0:
                invitation['status'] = 'expired'
                invites.update({'id': id}, {'$set': {'status': 'expired'}})
                return jsonify(success=False, reason='invitation-expired')
            else:
                invitation['status'] = 'used'
                invitation['accepted_on'] = datetime.datetime.utcnow()
                invites.update({'id': id},{'$set': 
                    {'accepted_on': invitation['accepted_on'],
                     'status': 'used'}})
                users.update({'email': recipient}, {'$set': 
                    {'status': 'active', \
                     'email': request.json['login']}})
                if invitation['recipient'] != request.json['login']:
                    update_group_association(invitation['recipient'], request.json['login'])
                # if user's persona email is different
                invitation['recipient'] = request.json['login']
                # notify inviter if he chooses to receive such notification
                if "accept" in invitation['notify_when']:
                    send_email('accept', invitation)
                return jsonify(success=True, invite=sanitize_invite(invitation))
        elif action == 'decline':
            invitation['status'] = 'declined'
            invites.update({'id': id}, {'$set': {'status': 'declined'}})
            users.remove(user)
            remove_group_association(invitation['recipient'])
            # notify inviter if he chooses to
            if "decline" in invitation['notify_when']:
                send_email('decline', invitation)
            return jsonify(success=True, invite=sanitize_invite(invitation))
    else:
        return jsonify(success=False, reason='invitation-does-not-exist')
Ejemplo n.º 9
0
def update_invite(id):
    timenow = datetime.datetime.utcnow()
    action = request.json['action'].lower()

    invitation = invites.find_one({'id': id})
    if invitation:
        max_time_allowed = invitation.get('max_time_allowed') \
            or backend_config.get('invitation').get('max_time_allowed')
        recipient = invitation['recipient']
        recipient_name = invitation['recipient_name']
        sender = invitation['sender']
        sender_name = invitation['sender_name']
        sent_on = invitation['sent_on']
        accepted_on = invitation['accepted_on']
        expire_on = invitation['expire_on']

        user = users.find_one({'email': recipient})
        if user is None:
            return jsonify(success=False, reason="user-not-created")
        if accepted_on is not None:
            return jsonify(success=False, reason="invitation-has-been-used")
        if not action in ('resend', 'accept', 'decline'):
            return jsonify(success=False, reason='invalid-action')

        if action == 'resend':
            new_id = str(uuid.uuid4())
            base_url = request.json['base_url']
            send_email('invite', invitation, extra_data={'base_url': base_url})
            # generate new record
            sent_on = datetime.datetime.utcnow()
            expire_on = sent_on + datetime.timedelta(seconds=max_time_allowed)
            invitation['id'] = new_id
            invitation['sent_on'] = sent_on
            invitation['expire_on'] = expire_on
            invites.update({'id': id}, {
                '$set': {
                    'sent_on': invitation['sent_on'],
                    'id': invitation['id']
                }
            })
            return jsonify(success=True, invite=sanitize_invite(invitation))
        elif action == 'accept':
            # if time now is ahead of expire_on, the delta is negative
            if (expire_on - timenow).seconds < 0:
                invitation['status'] = 'expired'
                invites.update({'id': id}, {'$set': {'status': 'expired'}})
                return jsonify(success=False, reason='invitation-expired')
            else:
                invitation['status'] = 'used'
                invitation['accepted_on'] = datetime.datetime.utcnow()
                invites.update({'id': id}, {
                    '$set': {
                        'accepted_on': invitation['accepted_on'],
                        'status': 'used'
                    }
                })
                users.update({'email': recipient}, {'$set':
                    {'status': 'active', \
                     'email': request.json['login']}})
                if invitation['recipient'] != request.json['login']:
                    update_group_association(invitation['recipient'],
                                             request.json['login'])
                # if user's persona email is different
                invitation['recipient'] = request.json['login']
                # notify inviter if he chooses to receive such notification
                if "accept" in invitation['notify_when']:
                    send_email('accept', invitation)
                return jsonify(success=True,
                               invite=sanitize_invite(invitation))
        elif action == 'decline':
            invitation['status'] = 'declined'
            invites.update({'id': id}, {'$set': {'status': 'declined'}})
            users.remove(user)
            remove_group_association(invitation['recipient'])
            # notify inviter if he chooses to
            if "decline" in invitation['notify_when']:
                send_email('decline', invitation)
            return jsonify(success=True, invite=sanitize_invite(invitation))
    else:
        return jsonify(success=False, reason='invitation-does-not-exist')
Ejemplo n.º 10
0
def get_invite(id):
    invitation = invites.find_one({'id': id})
    if invitation:
        return jsonify(success=True, invite=sanitize_invite(invitation))
    else:
        return jsonify(success=False, reason='invitation-does-not-exist')