def edits(request, instance, user_id):
if (int(user_id) != request.user.pk):
return create_401unauthorized()
user = request.user
result_offset = int(request.GET.get("offset", 0))
num_results = min(int(request.GET.get("length", 15)), 15)
audits = Audit.objects.filter(instance=instance)\
.filter(user=user)\
.filter(model_in=['Tree', 'Plot'])\
.order_by('-created', 'id')
audits = audits[result_offset:(result_offset + num_results)]
keys = []
for audit in audits:
d = {}
plot = extract_plot_from_audit(audit)
d["plot_id"] = plot.pk
if plot.pk:
d["plot"] = context_dict_for_plot(request, plot)
d["id"] = audit.pk
d["name"] = audit.display_action
d["created"] = datetime_to_iso_string(audit.created)
d["value"] = audit.current_value
keys.append(d)
return keys
def edits(request, instance, user_id):
if (int(user_id) != request.user.pk):
return create_401unauthorized()
user = User.objects.get(pk=user_id)
result_offset = int(request.REQUEST.get("offset", 0))
num_results = min(int(request.REQUEST.get("length", 15)), 15)
audits = Audit.objects.filter(instance=instance)\
.filter(user=user)\
.filter(model_in=['Tree', 'Plot'])\
.order_by('-created', 'id')
audits = audits[result_offset:(result_offset+num_results)]
keys = []
for audit in audits:
d = {}
plot = extract_plot_from_audit(audit)
d["plot_id"] = plot.pk
if plot.pk:
d["plot"] = plot_to_dict(
plot, longform=True, user=user)
d["id"] = audit.pk
d["name"] = audit.display_action
d["created"] = datetime_to_iso_string(audit.created)
d["value"] = audit.current_value
keys.append(d)
return keys
def recent_edits(request, user_id):
if (int(user_id) != request.user.pk):
return create_401unauthorized()
result_offset = int(request.REQUEST.get("offset",0))
num_results = min(int(request.REQUEST.get("length",15)),15)
acts = UserReputationAction.objects.filter(user=request.user).order_by('-date_created')[result_offset:(result_offset+num_results)]
keys = []
for act in acts:
d = {}
plot_id = extract_plot_id_from_rep(act)
d["plot_id"] = plot_id
if plot_id:
d["plot"] = plot_to_dict(Plot.objects.get(pk=plot_id),longform=True,user=request.user)
d["id"] = act.pk
d["name"] = act.action.name
d["created"] = datetime_to_iso_string(act.date_created)
d["value"] = act.value
keys.append(d)
return keys
def wrapperf(request, *args, **kwargs):
user = parse_user_from_request(request) or request.user
if user is not None and not user.is_anonymous():
request.user = user
return view_f(request, *args, **kwargs)
return create_401unauthorized()
def wrapperf(request, *args, **kwargs):
user = parse_user_from_request(request) or request.user
if user is not None and not user.is_anonymous():
request.user = user
return view_f(request, *args, **kwargs)
return create_401unauthorized()
def wrapperf(request, *args, **kwargs):
# Request must have signature and access_key
# parameters
sig = request.REQUEST.get('signature')
if not sig:
sig = request.META.get('HTTP_X_SIGNATURE')
if not sig:
return _missing_request
# Signature may have had "+" changed to spaces so change them
# back
sig = sig.replace(' ', '+')
timestamp = request.REQUEST.get('timestamp')
if not timestamp:
return _missing_request
try:
timestamp = datetime.datetime.strptime(
timestamp, SIG_TIMESTAMP_FORMAT)
expires = timestamp + datetime.timedelta(minutes=15)
if expires < datetime.datetime.now():
return _bad_request
except ValueError:
return _missing_request
if not sig:
return _missing_request
key = request.REQUEST.get('access_key')
if not key:
return _bad_request
try:
cred = APIAccessCredential.objects.get(access_key=key)
except APIAccessCredential.DoesNotExist:
return _bad_request
if not cred.enabled:
return create_401unauthorized()
signed = get_signature_for_request(request, cred.secret_key)
if len(signed) != len(sig):
return _bad_request
# Don't bail early
matches = 0
for (c1, c2) in zip(sig, signed):
matches = (ord(c1) ^ ord(c2)) | matches
if matches == 0:
if cred.user:
user = cred.user
else:
user = parse_user_from_request(request)
if require_login:
if user is None or user.is_anonymous():
return create_401unauthorized()
if user is None:
user = AnonymousUser()
request.user = user
return view_f(request, *args, **kwargs)
else:
return _bad_request
def wrapperf(request, *args, **kwargs):
# Request must have signature and access_key
# parameters
sig = request.REQUEST.get('signature')
if not sig:
sig = request.META.get('HTTP_X_SIGNATURE')
if not sig:
return _missing_request
# Signature may have had "+" changed to spaces so change them
# back
sig = sig.replace(' ', '+')
timestamp = request.REQUEST.get('timestamp')
if not timestamp:
return _missing_request
try:
timestamp = datetime.datetime.strptime(timestamp,
SIG_TIMESTAMP_FORMAT)
expires = timestamp + datetime.timedelta(minutes=15)
if expires < datetime.datetime.now():
return _bad_request
except ValueError:
return _missing_request
if not sig:
return _missing_request
key = request.REQUEST.get('access_key')
if not key:
return _bad_request
try:
cred = APIAccessCredential.objects.get(access_key=key)
except APIAccessCredential.DoesNotExist:
return _bad_request
if not cred.enabled:
return create_401unauthorized()
signed = get_signature_for_request(request, cred.secret_key)
if len(signed) != len(sig):
return _bad_request
# Don't bail early
matches = 0
for (c1, c2) in zip(sig, signed):
matches = (ord(c1) ^ ord(c2)) | matches
if matches == 0:
if cred.user:
user = cred.user
else:
user = parse_user_from_request(request)
if require_login:
if user is None or user.is_anonymous():
return create_401unauthorized()
if user is None:
user = AnonymousUser()
request.user = user
return view_f(request, *args, **kwargs)
else:
return _bad_request
