Ejemplo n.º 1
0
def logs_clear_all():
    """
    Clear all logs.
    """

    data = json.loads(request.data)
    session_id = data.get('session_id')

    if not User.check_session(data.get('session_id')):
        log = Logs('logs_clear_all', \
            dumps({'error': 'must be logged in to clear logs'}), 400)
        log.create()
        return make_response(
            dumps({'error': 'must be logged in to clear logs'}), 400)

    current_user, _ = User.get_user_data_from_session(session_id)

    if not current_user.get('isAdmin'):
        log = Logs('logs_clear_all', \
            dumps({"error": "you do not have permission to clear logs"}), 401)
        log.create()
        return make_response(dumps({"error": "you do not have permission to clear logs"}), \
            401)

    results, response_code = Logs.clear_all()
    return make_response(dumps(results), response_code)
Ejemplo n.º 2
0
def get_movies():
    """get a list of movies from the db"""

    results = Movie.get_movies(10)
    log = Logs('get_movies', dumps(results), 200)
    log.create()
    return make_response(dumps(results), 200)
Ejemplo n.º 3
0
def get_movie_details(movie_id):
    """get a movie's details from the db"""

    results, response_code = Movie.get_movie_details(movie_id)
    log = Logs('get_movie_details', dumps(results), response_code)
    log.create()

    return make_response(jsonify(results), response_code)
Ejemplo n.º 4
0
def user_details():
    """check sensitive user details"""

    session_id = request.args.get('sessionId')
    result, response_code = User.get_user_data_from_session(session_id)
    log = Logs('user_details', dumps(result), response_code)
    log.create()
    return make_response(dumps(result), response_code)
Ejemplo n.º 5
0
def search_user():
    """searches for a user with a name containing the given string"""

    name = request.args.get('name')

    results, response_code = User.find_all_user_with_name(name)
    log = Logs('search_user', dumps(results), response_code)
    log.create()

    return make_response(dumps(results), response_code)
Ejemplo n.º 6
0
def prod_get_all():
    """
    Gets all prods for a user
    """

    data = json.loads(request.data)
    user_id = data.get('user_id')
    results, response_code = Prod.get_all_for_user(user_id)
    log = Logs('prod_get_all', dumps(results), response_code)
    log.create()
    return make_response(dumps(results), response_code)
Ejemplo n.º 7
0
def prod_mark_read():
    """
    Marks prods as read in the database
    """

    data = json.loads(request.data)
    prod_id = data.get('prod_id')
    result, response_code = Prod.mark_read(prod_id)
    log = Logs('prod_mark_read', dumps(result), response_code)
    log.create()
    return make_response(dumps(result), response_code)
Ejemplo n.º 8
0
def end_session():
    """
    End a user's session
    """

    data = json.loads(request.data)
    session_id = data.get('sessionId')

    result, response_code = User.end_session(session_id)
    log = Logs('end_session', dumps(result), response_code)
    log.create()
    return make_response(dumps(result), response_code)
Ejemplo n.º 9
0
def make_admin():
    """make another user an admin"""
    data = json.loads(request.data)
    user_id = data.get('user_id')
    session_id = data.get('session_id')

    if not User.check_session(data.get('session_id')):
        log = Logs('make_admin',
                   dumps({'error': 'must be logged in to make a user admin'}),
                   400)
        log.create()
        return make_response(
            dumps({'error': 'must be logged in to make a user admin'}), 400)

    if not user_id:
        log = Logs('make_admin', dumps({"error": "user id is required"}), 400)
        log.create()
        return make_response(dumps({"error": "user id is required"}), 400)

    current_user, _status = User.get_user_data_from_session(session_id)

    if not current_user.get('isAdmin'):
        log = Logs(
            'make_admin',
            dumps({"error": "you do not have permission to make admin"}), 401)
        log.create()
        return make_response(
            dumps({"error": "you do not have permission to make admin"}), 401)

    result, response_status = User.make_admin(user_id)
    log = Logs('make_admin', dumps(result), response_status)
    log.create()
    return make_response(dumps(result), response_status)
Ejemplo n.º 10
0
def delete_user():
    """delete a user"""

    data = json.loads(request.data)
    user_id = data.get('user_id')
    session_id = data.get('session_id')

    if not User.check_session(data.get('session_id')):
        log = Logs('delete_user',
                   dumps({'error': 'must be logged in to delete a user'}), 400)
        log.create()
        return make_response(
            dumps({'error': 'must be logged in to delete a user'}), 400)

    if not user_id:
        log = Logs('delete_user', dumps({"error": "user id is required"}), 400)
        log.create()
        return make_response(dumps({"error": "user id is required"}), 400)

    current_user, _status = User.get_user_data_from_session(session_id)

    if not (str(current_user.get('_id')) == user_id
            or current_user.get('isAdmin')):
        log = Logs('delete_user', \
            dumps({"error": "you cannot delete an account you do not own"}), 401)
        log.create()
        return make_response(
            dumps({"error": "you cannot delete an account you do not own"}),
            401)

    delete_result, response_status = User.delete_user(user_id)
    log = Logs('delete_user', dumps(delete_result), response_status)
    log.create()

    return make_response(dumps(delete_result), response_status)
Ejemplo n.º 11
0
def login_user():
    """check an email and password login"""

    data = json.loads(request.data)
    email = data.get('email')
    password = data.get('password')

    if not email or not password:
        return make_response(
            dumps({"error": "email and password are required"}), 400)

    login_result, response_status = User.attempt_login(email, password)
    log = Logs('login_user', dumps(login_result), response_status)
    log.create()

    return make_response(dumps(login_result), response_status)
Ejemplo n.º 12
0
def unfollow():
    """unfollows a user with the given id"""

    data = json.loads(request.data)

    if not User.check_session(data.get('session_id')):
        log = Logs('unfollow',
                   dumps({'error': 'must be logged in to unfollow'}), 400)
        log.create()
        return make_response(dumps({'error': 'must be logged in to unfollow'}),
                             400)

    results, response_code = User.unfollow_user_with_id(
        data.get('session_id'), data.get('oid'))
    log = Logs('unfollow', dumps(results), response_code)
    log.create()
    return make_response(dumps(results), response_code)
Ejemplo n.º 13
0
def follow_me_get_all():
    """
    Gets all users who follow a user
    """

    data = json.loads(request.data)

    if not User.check_session(data.get('session_id')):
        log = Logs('follow_me_get_all', \
            dumps({'error': 'must be logged in to view followers'}), 400)
        log.create()
        return make_response(
            dumps({'error': 'must be logged in to view followers'}), 400)

    user_id = data.get('user_id')
    results, response_code = User.get_users_follow_me(user_id)
    log = Logs('follow_me_get_all', dumps(results), response_code)
    log.create()
    return make_response(dumps(results), response_code)
Ejemplo n.º 14
0
def delete_movie_reviews(movie_id):
    """
    Delete a review from a movie, given the review id
    """

    data = json.loads(request.data)
    review_id = data.get('review_id')
    session_id = data.get('session_id')

    if not (data.get('session_id')
            and User.check_session(data.get('session_id'))):
        log = Logs('delete_movie_reviews', \
            dumps({'error': 'must be logged in to delete review'}), 400)
        log.create()
        return make_response(
            dumps({'error': 'must be logged in to delete review'}), 400)

    results, response_code = Review.delete(review_id)
    log = Logs('delete_movie_reviews', dumps(results), response_code)
    log.create()
    return make_response(dumps(results), response_code)
Ejemplo n.º 15
0
    def setUp(self):
        APP.config['TESTING'] = True
        APP.config['WTF_CSRF_ENABLED'] = False
        self.app = APP.test_client()
        DB.Logs.delete_many({})
        DB.User.delete_many({})
        DB.Session.delete_many({})

        log = Logs('test', dumps({'log': 'test log'}), 200)
        log.create()

        DB.User.insert_one({
            'name': 'Admin',
            'email': '*****@*****.**',
            'password': '******',
            'age': 22,
            'genre': 'Horror',
            'isAdmin': True
        })
        DB.Session.insert_one({
            'session_id': 'admin',
            'email': '*****@*****.**'
        })

        DB.User.insert_one({
            'name': 'User',
            'email': '*****@*****.**',
            'password': '******',
            'age': 22,
            'genre': 'Horror',
            'isAdmin': False
        })
        DB.Session.insert_one({
            'session_id': 'notadmin',
            'email': '*****@*****.**'
        })
Ejemplo n.º 16
0
def review_movie(movie_id):
    """rate a movie from 1-5 stars (add more later)"""

    new_review = Review()
    data = json.loads(request.data)

    if not User.check_session(data.get('session_id')):
        log = Logs('review_movie',
                   dumps({'error': 'must be logged in to review'}), 400)
        log.create()
        return make_response(dumps({'error': 'must be logged in to review'}),
                             400)

    new_review.tmdb_id = movie_id
    new_review.user_id = data.get('user_id')
    new_review.user_name = data.get('user_name')
    new_review.rating = data.get('rating')
    new_review.description = data.get('description')
    new_review.movie_title = data.get('movie_title')

    results, response_code = new_review.create()
    log = Logs('review_movie', dumps(results), response_code)
    log.create()
    return make_response(dumps(results), response_code)
Ejemplo n.º 17
0
def prod_users():
    """
    Send users prods (movie recommendations)
    Return data contains a dict from receiver id to result
    """

    data = json.loads(request.data)

    if not User.check_session(data.get('session_id')):
        log = Logs('prod_users', dumps({'error': 'must be logged in to prod'}),
                   400)
        log.create()
        return make_response(dumps({'error': 'must be logged in to prod'}),
                             400)

    receivers = data.get('receivers')
    sender = data.get('sender')
    tmdb_id = data.get('tmdb_id')
    message = data.get('message')

    if not receivers or not sender or not tmdb_id:
        log = Logs('prod_users', \
            dumps({'error': 'sender, receiver, and tmdb id required for prod'}), 400)
        log.create()
        return make_response(dumps({'error': 'sender, receiver, and tmdb id required for prod'}), \
         400)

    results = {}
    for recv in receivers:
        new_prod = Prod(sender, recv, tmdb_id, message)
        result, rc = new_prod.create()
        results[recv] = result

    log = Logs('prod_users', dumps(results), 200)
    log.create()

    return make_response(dumps(results), 200)
Ejemplo n.º 18
0
def log(message):

    date = datetime.datetime.now()
    Logs.create(message=message, date=date, user=1)
    print("%s %s" % (date, message))