def post(self, login_user=None, template_values={}):
transactions = self.request.get('transactions', None)
if transactions:
transaction_set = json.loads(transactions)
contact_ref = transaction_set[0]
# make sure we received data for the right user
assert contact_ref == str(login_user.me.key()), "/sharesave received data for wrong user"
# transfer all click transactions the user has made into a dictionary
# with the key as dictionary key, so that only the last decision survives
privacy_transactions = {}
for tr in transaction_set[1:]:
privacy_transactions[tr['key']] = tr['privacy']
# apply privacy settings
for key,privacy_setting in privacy_transactions.items():
logging.debug("apply privacy setting contact: %s take2: %s %s" % (contact_ref,key,privacy_setting))
# delete all existing datasets for this key
delete = SharedTake2.all().filter("take2_ref =", Key(key))
db.delete(delete)
if privacy_setting == 'private':
pass
elif privacy_setting == 'restricted':
RestrictedTake2(contact_ref=Key(contact_ref), take2_ref=Key(key)).put()
elif privacy_setting == 'public':
data = PublicTake2(contact_ref=Key(contact_ref), take2_ref=Key(key)).put()
else:
logging.critical("Unknown privacy setting: %s" % privacy_setting)
self.error(500)
return
self.redirect("/editcontact?key=%s" % str(login_user.me.key()))
def encode_contact(contact, login_user, include_attic=False, include_privacy=False):
"""Factory to encode data into view classes which can easily be rendered
The function takes into account the access rights and encodes only elements
which the user is allowed to see.
signed_in is set to True if the user is signed in
If include_attic=True, data will include the complete history and also archived data.
If include_privacy is set, it will include the privacy setting for contacts
this user owns: private, restricted or public
"""
result = None
# do only enclose non-attic contacts unless attic parameter is set
if contact.attic and not include_attic:
return None
result = ContactView(contact)
if contact.class_name() == "Person":
if contact.lastname:
result.lastname = contact.lastname
if login_user:
# Birthday
if contact.class_name() == "Person":
if contact.birthday.has_year():
result.birthyear = contact.birthday.year
if contact.birthday.has_month():
result.birthmonth = calendar.month_name[contact.birthday.month]
if contact.birthday.has_day():
result.birthday = contact.birthday.day
# nickname
if contact.nickname:
result.nickname = contact.nickname
# A user can see their own data, obviously
if login_user and login_user.key() == contact.owned_by.key():
# introduction/relation to this person
result.relation = contact.introduction if contact.introduction else ""
# Relation back to the middleman
if contact.middleman_ref:
result.middleman = contact.middleman_ref.name
result.middleman_ref = str(contact.middleman_ref.key())
# Relation(s) going out from this person towards others
result.contacts = []
# for con in Contact.all().filter("middleman_ref =", contact):
for con in contact.affix:
if not con.attic or include_attic:
result.append_take2(con)
# can I edit the contact data?
if login_user:
if contact.owned_by.key() == login_user.key():
result.can_edit = True
# Is this the contact data for the logged in user (myself)?
if login_user and login_user.me:
if contact.key() == login_user.me.key():
result.is_myself = True
#
# encode contact's data
#
q_obj = Take2.all()
q_obj.filter("contact_ref =", contact)
q_obj.order('-timestamp')
for obj in q_obj:
# do only enclose non-attic take2 properties unless attic parameter is set
if obj.attic and not include_attic:
continue
if include_privacy:
# look for an entry in the SharedTake2 table
priv = SharedTake2.all().filter("contact_ref =", contact).filter("take2_ref =", obj).get()
if priv:
if priv.class_name() == "PublicTake2":
# add privacy property to obj on the fly
obj.privacy = 'public'
elif priv.class_name() == "RestrictedTake2":
obj.privacy = 'restricted'
result.append_take2(obj)
else:
result.relation = "(You cannot see this person's data.)"
# user does not own the contact, but let's check whether the privacy settings
# allow us to see something
q_priv = SharedTake2.all().filter("contact_ref =", contact)
for priv in q_priv:
# public objects
if priv.class_name() == 'PublicTake2':
obj = priv.take2_ref
# do only enclose non-attic take2 properties unless attic parameter is set
if obj.attic and not include_attic:
continue
result.append_take2(obj)
result.relation = "(This person shares some data.)"
return result
