Example #1
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: Logintoken

        :response_data: 'id', 'name', 'about', 'city', 'country','hometown', 'about', 'email', 'pic', 'website', 'facebook', 'twitter', 'getlist_privacy_level', 'private', 'bg', 'bgx', 'bgy', 'show_views', 'views', 'username', 'zip', 'linkedin', 'gplus', 'bg_resized_url', 'headerbgy', 'headerbgx'
        :to test: curl --data "logintoken=UaNxct7bJZ&csid_from_client=123" http://localhost:8080/api/profile/userinfo/get
        """
        request_data = web.input()
        if not self.is_request_valid(request_data):
            return api_response(data={},
                                status=405,
                                error_code="Required args are missing")
        status, response_or_user = self.authenticate_by_token(
            request_data.pop('logintoken'))

        # User id contains error code
        if not status:
            return response_or_user

        response = {field: response_or_user[field] for field in self._fields}
        response['resized_url'] = photo_id_to_url(response['pic_id'])
        response['bg_resized_url'] = photo_id_to_url(response['bg_id'])
        csid_from_client = request_data.pop('csid_from_client')
        csid_from_server = response_or_user['seriesid']
        self.format_birthday(response_or_user, response)
        return api_response(data=response,
                            csid_from_client=csid_from_client,
                            csid_from_server=csid_from_server)
Example #2
0
    def POST(self):
        """ Change user password and get/store new logintoken
        :param str csid_from_client: Csid string from client
        :param str logintoken: Logintoken
        :param str old_password: current password of the user
        :param str new_password, new_password2: The new password typed 2 times

        :response_data: new clinet token
        :to test:
        """
        request_data = web.input()
        save_api_request(request_data)
        client_token = request_data.get("logintoken")
        status, response_or_user = self.authenticate_by_token(client_token)
        if not status:
            return response_or_user

        old_password = request_data.get("old_password")
        new_password = request_data.get("new_password")
        new_password2 = request_data.get("new_password2")

        pw_salt = response_or_user['pw_salt']
        pw_hash = response_or_user['pw_hash']

        status, error = self.passwords_validation(pw_salt, pw_hash,
                                                  old_password, new_password,
                                                  new_password2,
                                                  response_or_user["username"],
                                                  response_or_user["email"])
        if status:
            new_password_hash = self.create_password(pw_salt, new_password)
            db.update('users',
                      pw_hash=new_password_hash,
                      vars={'id': response_or_user["id"]},
                      where="id=$id")

            # re_login user with new password
            sess = session.get_session()
            auth.login_user(sess, response_or_user["id"])

            user = db.select('users', {'id': response_or_user["id"]},
                             where='id=$id')[0]
            response = api_response(
                client_token=user.get('logintoken'),
                csid_from_client=request_data.get("csid_from_client"),
                csid_from_server=user.get('seriesid'))
        else:
            data = {}
            user = db.select('users', {'id': response_or_user["id"]},
                             where='id=$id')[0]
            csid_from_server = user.get('seriesid')
            csid_from_client = request_data.get("csid_from_client")

            response = api_response(data=data,
                                    status=400,
                                    error_code=error,
                                    csid_from_client=csid_from_client,
                                    csid_from_server=csid_from_server)

        return response
Example #3
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: logintoken of user
        :param file file: file for saving
        :response data: returns id, original_url, resized_url of saved picture
        :to test: curl -F "csid_from_client=1" -F "logintoken=AmWG6AhgPO" -F "file=@/image/for/test.jpg" http://localhost:8080/api/profile/userinfo/upload_bg
        """
        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        request_data = web.input(file={})
        logintoken = request_data.get('logintoken')

        user_status, user = self.authenticate_by_token(logintoken)
        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']
        csid_from_client = request_data.get("csid_from_client")

        file_obj = request_data.get('file')

        # For some reason, FileStorage object treats itself as False
        if type(file_obj) == dict:
            return api_response(data={},
                                status=405,
                                error_code="Required args are missing")

        album, album_created = self._get_or_create_album(
            user['id'], 'backgrounds')
        photo = self._save_in_database(file_obj, 1100, album.id)

        user_to_update = web.ctx.orm.query(User)\
            .filter(User.id == user['id'])\
            .first()

        user_to_update.bg = photo
        if album_created:
            album.cover = photo
        web.ctx.orm.commit()

        data['id'] = photo.id
        data['original_url'] = photo.original_url
        data['resized_url'] = photo.resized_url

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)

        return response
Example #4
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: Logintoken
        :param str username: Username
        :param str username: id
        :response_data: 'id', 'name', 'about', 'city', 'country','hometown', 'about', 'email', 'pic', 'website', 'facebook', 'twitter', 'getlist_privacy_level', 'private', 'bg', 'bgx', 'bgy', 'show_views', 'views', 'username', 'zip', 'linkedin', 'gplus', 'bg_resized_url', 'headerbgy', 'headerbgx'

        :to test:
        - curl --data "csid_from_client=11&id=78&logintoken=RxPu7fLYgv" http://localhost:8080/api/profile/userinfo/info
        - curl --data "csid_from_client=11&username=Oleg&logintoken=RxPu7fLYgv" http://localhost:8080/api/profile/userinfo/info
        """
        request_data = web.input()
        profile = request_data.get("username", "")
        user_id = request_data.get("id", 0)
        logintoken = request_data.get("logintoken", "")

        if not self.is_request_valid(request_data):
            return api_response(data={},
                                status=405,
                                error_code="Required args are missing")

        if not profile and not user_id:
            error_code = "This function requires either profile or user_id"
            return api_response(data={}, status=405, error_code=error_code)

        status, response_or_user = self.authenticate_by_token(logintoken)
        if not status:
            return api_response(data={},
                                status=405,
                                error_code="You need to log in first")

        user = UserProfile.query_user(profile=profile, user_id=user_id)
        if not user:
            return api_response(data={},
                                status=405,
                                error_code="User was not found")
        followers = UserProfile\
            .query_followed_by(profile_owner=user.id,
                               current_user=response_or_user["id"])
        user.follower_count = len(followers)

        follow = UserProfile\
            .query_following(profile_owner=user.id,
                             current_user=response_or_user["id"])
        user.follow_count = len(follow)

        csid_from_client = request_data.pop('csid_from_client')
        csid_from_server = ""

        return api_response(data=user.to_serializable_dict(),
                            csid_from_client=csid_from_client,
                            csid_from_server=csid_from_server)
Example #5
0
    def POST(self):
        """  Updates profile with fields sent from the client,
        returns saved fields.

        :param str csid_from_client: Csid string from client
        :param str logintoken: Logintoken
        :param str <field>: The field which will be changed
        :response_data: returns changed field
        :to test: curl --data "logintoken=UaNxct7bJZ&twitter=1&csid_from_client=1" http://localhost:8080/api/profile/userinfo/update

        """
        request_data = web.input()

        if not self.is_request_valid(request_data):
            return api_response(data={},
                                status=405,
                                error_code="Required args are missing")
        csid_from_client = request_data.pop('csid_from_client')

        status, response_or_user = self.authenticate_by_token(
            request_data.pop('logintoken'))
        # Login was not successful
        if not status:
            return response_or_user
        to_insert = {}

        birthday = [
            value for key, value in request_data.items()
            if key in self._birthday_fields
        ]

        if len(birthday) in [1, 2]:
            error_code = "Birthday date incomplete"
            return api_response(data={}, status=405, error_code=error_code)
        elif len(birthday) == 3:
            to_insert['birthday'] = datetime.strptime("-".join(birthday),
                                                      "%Y-%d-%m")
        for field in self._fields:
            item = request_data.get(field)
            if item:
                to_insert[field] = item

        if len(to_insert) > 0:
            db.update('users',
                      where='id = %s' % (response_or_user['id']),
                      **to_insert)
        csid_from_server = response_or_user['seriesid']
        return api_response(data=request_data,
                            csid_from_client=csid_from_client,
                            csid_from_server=csid_from_server)
Example #6
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: username_or_email
        :response data: returns 'ok' or 'notfound'
        :to test: curl --data "csid_from_client=1&username_or_email=oleg" http://localhost:8080/api/profile/test-username
        """
        request_data = web.input()
        username_or_email = request_data.get('username_or_email')

        vars = {'username_or_email': username_or_email}
        # Trying to find a user with same username
        result = db.select('users',
                           vars=vars,
                           where='username=$username_or_email')
        # Fallback, trying to find user with same email
        if len(result.list()) == 0:
            result = db.select('users',
                               vars=vars,
                               where='email=$username_or_email')

        if len(result.list()) == 0:
            status = 'notfound'
        else:
            status = 'ok'

        csid_from_client = request_data.get('csid_from_client')
        csid_from_server = ""
        return api_response(data=status,
                            csid_from_server=csid_from_server,
                            csid_from_client=csid_from_client)
Example #7
0
    def POST(self, query_type):
        """ Depending on query_type returns
        a list of users, following or followed by current user

        :param str logintoken: Login token to authenticate current user
        :param str user_id: Quieried user id.

        :to test: curl --data "csid_from_client=1&user_id=78&logintoken=RxPu7fLYgv" http://localhost:8080/api/social/query/following
        :to test: curl --data "csid_from_client=1&user_id=78&logintoken=RxPu7fLYgv" http://localhost:8080/api/social/query/followed-by
        :response data: list of users
        """
        data = web.input()
        user_id = data.get("user_id")
        logintoken = data.get("logintoken", "")
        status, response_or_user = self.authenticate_by_token(logintoken)

        # Login was not successful
        if not status:
            return response_or_user
        if not user_id:
            return e_response('user_id is required', 400)
        if 0 == web.ctx.orm.query(User).filter(User.id == user_id).count():
            return e_response('User with id %s is not found' % user_id, 404)
        if "followed-by" == query_type:
            follows = UserProfile.query_followed_by(user_id,
                                                    response_or_user.id)
        else:
            follows = UserProfile.query_following(user_id, response_or_user.id)
        csid_from_client = data.pop('csid_from_client')
        return api_response(data=follows,
                            csid_from_client=csid_from_client,
                            csid_from_server="")
Example #8
0
 def access_denied(error_code="Default error: access_denied"):
     """
     Access denied errors
     """
     data = {}
     status = 405
     return api_response(data=data, status=status, error_code=error_code)
Example #9
0
    def POST(self):
        """ Updates profile with fields sent from the client,
        returns saved fields.

        :param str csid_from_client: csid from client key
        :param str getlist_privacy_level/private: controls privacy level
        :param str logintoken: logintoken
        :response_data: Returns api response with 'getlist_privacy_level/private.'
        :to test: curl --data "logintoken=UaNxct7bJZ&twitter=1&csid_from_client=1" http://localhost:8080/api/profile/userinfo/update
        """
        request_data = web.input()

        # Adding field to the list of required fields
        # self.required.append('getlist_privacy_level')

        if not self.is_request_valid(request_data):
            return api_response(data={},
                                status=405,
                                error_code="Required args are missing")

        csid_from_client = request_data.pop('csid_from_client')

        data = {}

        privacy_level = request_data.get('getlist_privacy_level')
        private = request_data.get('private')

        if privacy_level:
            data['getlist_privacy_level'] = privacy_level
        if private:
            data['private'] = private

        status, response_or_user = self.authenticate_by_token(
            request_data.pop('logintoken'))
        # Login was not successful
        if not status:
            return response_or_user

        if len(data) > 0:
            db.update('users',
                      where='id = %s' % (response_or_user['id']),
                      **data)

        csid_from_server = response_or_user['seriesid']
        return api_response(data=data,
                            csid_from_client=csid_from_client,
                            csid_from_server=csid_from_server)
Example #10
0
    def POST(self):
        """
        :param str logintoken: Logintoken used fo authentication
        :param str content: Content of the message
        :param str user_id_list: List of user ids
        :param str csid_from_client: CSID from client

        :response data: empty
        """

        request_data = web.input(user_id_list=[], )

        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        # Get data from request
        user_id_list = map(int, request_data.get("user_id_list"))
        content = request_data.get("content")

        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        if not content:
            status = 400
            error_code = "Content cannot be empty"

        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']
        from_user_id = user['id']

        if status == 200:
            for to_user_id in user_id_list:
                ids = sorted([to_user_id, from_user_id])
                convo = db.select('convos',
                                  where='id1 = $id1 and id2 = $id2',
                                  vars={'id1': ids[0], 'id2': ids[1]})\
                    .list()
                if convo:
                    convo_id = convo[0].id
                else:
                    convo_id = db.insert('convos', id1=ids[0], id2=ids[1])

                db.insert('messages',
                          convo_id=convo_id,
                          sender=from_user_id,
                          content=content)

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #11
0
    def POST(self):
        """
        :param str logintoken: Logintoken used fo authentication
        :param str comment: Comment body
        :param str picture_id: Id if the photo to comment
        :param str csid_from_client: CSID from client

        :response data: echoes given comment
        """
        request_data = web.input()

        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        # Get data from request
        comment = request_data.get("comment")
        picture_id = request_data.get("picture_id")

        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        if not comment:
            status = 400
            error_code = "Comment cannot be empty"

        if not picture_id:
            status = 400
            error_code = "picture_id cannot be empty"

        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']
        from_user_id = user['id']

        if status == 200:
            try:
                comment = PictureComment(picture_id, from_user_id, comment)

                web.ctx.orm.add(comment)
                web.ctx.orm.commit()

                if comment.id:
                    data['comment'] = comment.to_serializable_dict()
            except IntegrityError as ex:
                web.ctx.orm.rollback()
                status = 502
                error_code = ex.message

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #12
0
 def POST(self):
     return api_response({
         'categories_list':
         list(
             db.select('categories',
                       order='position desc, name',
                       where='parent is null'))
     })
Example #13
0
    def POST(self):
        """ Returns all boards associated with a given user

        :param str csid_from_client: Csid string from client
        :param str user_id: id of the queried user
        :param str current_user_id: id of current user
        :response_data: returns all boards of a given user as a list
        :to test: curl --data "user_id=2&csid_from_client=1" http://localhost:8080/api/profile/userinfo/boards
        """
        request_data = web.input()
        csid_from_client = request_data.get('csid_from_client')
        csid_from_server = ""
        current_user_id = request_data.get('current_user_id', 0)
        user_id = request_data.get('user_id')

        if not user_id:
            return api_response(data={},
                                status=405,
                                error_code="Missing user_id")
        boards_query = """
        SELECT b.id, b.name, b.description, bf.follower_id is not null
        as is_following FROM boards b
        LEFT JOIN boards_followers bf on bf.board_id = b.id
        and bf.follower_id = $cid WHERE b.user_id=$uid;
        """
        boards_tmp = db.query(boards_query,
                              vars={
                                  'uid': user_id,
                                  'cid': current_user_id
                              })

        boards = []
        for board in boards_tmp:
            pins_from_board = db.select('pins',
                                        where='board_id=$board_id',
                                        vars={'board_id': board['id']})
            board['pins_ids'] = []
            for pin_from_board in pins_from_board:
                if pin_from_board['id'] not in board['pins_ids']:
                    board['pins_ids'].append(pin_from_board['id'])
            boards.append(board)
        return api_response(data=boards,
                            csid_from_server=csid_from_server,
                            csid_from_client=csid_from_client)
Example #14
0
    def POST(self):
        """
        Share pins to social network
        Method PostingOnUserPage must receive next required params:

        :param str share_list: list of pin's ids
        :param str access_token: access token for social network
        :param str social_network: name of social network
        (for example 'facebook')
        :response data: list of pin ids to share, e.g. [10, 20, 30]

        """
        request_data = web.input(share_list=[], )

        # Get data from request
        share_list = map(int, request_data.get("share_list"))
        access_token = request_data.get("access_token")
        social_network = request_data.get("social_network")
        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']

        # Initialize default posted pins list
        posted_pins = []
        # Setting default status code as 200
        status = 200
        # Setting empty error
        error_code = ""

        # Check input data and set appropriate code if not valid
        if not access_token or not social_network:
            status = 400
            error_code = "Invalid input data"
        else:
            posted_pins, status, error_code = share(
                access_token,
                share_list,
                social_network,
            )

        # Setting data for return
        data = {"posted_pins": posted_pins}

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #15
0
    def POST(self):
        """
        :param str logintoken: Logintoken used fo authentication
        :param str csid_from_client: CSID from client
        :param str pin_id: Identifier of the pin

        :response data: returns status: success, if like was added

        :example usage: curl --data "csid_from_client=1&logintoken=RxPu7fLYgv&pin_id=46" http://localhost:8080/api/social/pin/like-unlike
        """
        request_data = web.input()
        csid_from_client = request_data.get('csid_from_client')

        logintoken = request_data.get('logintoken')
        status, user_or_response = self.authenticate_by_token(logintoken)
        if not status:
            return user_or_response
        csid_from_server = user_or_response['seriesid']

        pin_id = request_data.get('pin_id')
        if not pin_id:
            error_code = "pin_id can't be empty"
            return api_response(data={},
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        if 0 == db.query('select count(*) as num from pins where id=$id',
                         vars={'id': pin_id})[0].num:
            return e_response('Pin with id=%s nof found' % pin_id, 404)
        try:
            db.insert('likes', user_id=user_or_response["id"], pin_id=pin_id)
        except Exception:
            db.delete('likes',
                      where='user_id = $uid and pin_id = $pid',
                      vars={
                          'uid': user_or_response["id"],
                          'pid': pin_id
                      })
        return api_response(data={'status': 'success'},
                            csid_from_client=csid_from_client,
                            csid_from_server=csid_from_server)
Example #16
0
    def POST(self, profile):
        """
        :param str csid_from_client: Csid string from client
        :param str profile: must be in url
        :response_data: returns a dict with 'status' key
        :to test: curl --data "csid_from_client=11&logintoken=RxPu7fLYgv" http://localhost:8080/api/profile/updateviews/oleg
        """
        request_data = web.input()

        if not self.is_request_valid(request_data):
            return api_response(data={},
                                status=405,
                                error_code="Required args are missing")

        data = {}
        error_code = ''
        # Checking if user has a valid logintoken
        status, response_or_user = self.authenticate_by_token(
            request_data.pop('logintoken'))
        # Login was not successful
        if not status:
            return response_or_user

        updated = db.update('users',
                            where='username = $username',
                            vars={'username': profile},
                            views=web.SQLLiteral('views + 1'))
        if 0 == updated:
            status = 404
            error_code = 'User %s not found' % profile
        else:
            data["status"] = "success"

        csid_from_client = request_data.pop('csid_from_client')
        csid_from_server = ""

        return api_response(data=data,
                            status=status,
                            error_code=error_code,
                            csid_from_client=csid_from_client,
                            csid_from_server=csid_from_server)
Example #17
0
    def POST(self):
        """
        :param str logintoken: Logintoken used fo authentication
        :param str csid_from_client: CSID from client

        :response data: returns a list of conversations
        """
        request_data = web.input()

        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        # Get data from
        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']
        from_user_id = user['id']

        if status == 200:
            convos = db.query('''
                select convos.*, users.name from convos
                    join users on users.id = (case
                        when convos.id1 = $id then convos.id2
                        else convos.id1
                    end)
                where id1 = $id or id2 = $id''', vars={'id': from_user_id})\
                .list()
            if len(convos) > 0:
                data['conversations'] = convos
            else:
                data['conversations'] = []

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #18
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: logintoken of user
        :param int picture_id: id of photo that you wish tis set as xover
        :response data: no extra rsponse
        :to test: curl --data "csid_from_client=1&picture_id=5&logintoken=XXXXXXX" http://localhost:8080/api/profile/userinfo/album_default_picture
        """
        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        request_data = web.input()
        logintoken = request_data.get('logintoken')
        picture_id = request_data.get('picture_id')

        user_status, user = self.authenticate_by_token(logintoken)
        # User id contains error code
        if not user_status:
            return user
        if not (picture_id and picture_id.isdigit()):
            return e_response('picture_id is required', 400)

        csid_from_server = user['seriesid']
        csid_from_client = request_data.get("csid_from_client")

        if not self._set_picture(user['id'], picture_id):
            return e_response('Picture with id %s not found' % picture_id, 404)

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)

        return response
Example #19
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: logintoken of user
        :param int picture_id: id of photo that you wish to remove
        :response data: no extra rsponse
        :to test: curl --data "csid_from_client=1&picture_id=5&logintoken=XXXXXXX" http://localhost:8080/api/profile/userinfo/remove_pic
        """
        request_data = web.input()
        logintoken = request_data.get('logintoken')
        picture_id = request_data.get('picture_id')

        user_status, user = self.authenticate_by_token(logintoken)
        # User id contains error code
        if not user_status:
            return user
        if not (picture_id and picture_id.isdigit()):
            return e_response('picture_id is required', 400)

        if not self._delete_picture(user['id'], picture_id):
            return e_response('Picture with id %s not found' % picture_id, 404)
        return api_response(
            csid_from_client=request_data.get("csid_from_client"),
            csid_from_server=user['seriesid'])
Example #20
0
    def POST(self):
        request_data = web.input()

        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        # User id contains error code
        if not user_status:
            return user

        activation = user['activation']

        if activation == 0:
            status = 400
            error_code = "Your account is already activated"
        else:
            user_id = user['id']
            email = user['email']

            hashed = hash(str(activation))

            send_activation_email(email, hashed, user_id)

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)

        return response
Example #21
0
    def POST(self):
        """
        Manage list of user products: sharing, add, remove

        Method for image_id_share_list must additional receive next
        :param str csid_from_client: Csid string from client
        :param str logintoken: Logintoken
        :param str social_network: e.g. facebook
        :response_data: returns added/removed/shared getlists
        """
        request_data = web.input(
            image_id_remove_list=[],
            image_id_share_list=[],
            image_id_add_list=[],
        )

        # Setting default status code as 200
        status = 200
        # Setting empty error
        error_code = ""

        save_api_request(request_data)
        login_token = request_data.get("logintoken")

        status_success, response_or_user = self.authenticate_by_token(
            login_token)
        if not status_success:
            return response_or_user

        csid_from_client = request_data.get('csid_from_client')

        access_token = request_data.get("access_token")
        social_network = request_data.get("social_network")

        image_id_add_list = map(int, request_data.get("image_id_add_list"))
        add_list_result = []
        if len(image_id_add_list) > 0:
            add_list_result = self.add(response_or_user["id"],
                                       image_id_add_list)

        image_id_remove_list = map(int,
                                   request_data.get("image_id_remove_list"))
        remove_list_result = []
        if len(image_id_remove_list) > 0:
            remove_list_result = self.remove(response_or_user["id"],
                                             image_id_remove_list)

        image_id_share_list = map(int, request_data.get("image_id_share_list"))
        share_list_result = []
        if len(image_id_share_list) > 0:
            # Check input social data for posting
            if not access_token or not social_network:
                status = 400
                error_code = "Invalid input data"
            else:
                share_list_result, status, error_code = self.sharing(
                    access_token, social_network, image_id_share_list)

        csid_from_server = response_or_user.get('seriesid')

        data = {
            "added": add_list_result,
            "removed": remove_list_result,
            "shared": share_list_result,
        }
        response = api_response(data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #22
0
    def POST(self):
        """ Returns all pins associated with a given user

        :param str csid_from_client: Csid string from client
        :param str user_id: id of the queried user
        :response_data: Returns list of pins of a current user

        :to test: curl --data "user_id=78&csid_from_client=1" http://localhost:8080/api/profile/userinfo/pins
        """
        query = '''
        select tags.tags, pins.*, users.pic_id as user_pic,
        users.username as user_username, users.name as user_name,
        count(distinct p1) as repin_count,
        count(distinct l1) as like_count
        from users
        left join pins on pins.user_id = users.id
        left join tags on tags.pin_id = pins.id
        left join pins p1 on p1.repin = pins.id
        left join likes l1 on l1.pin_id = pins.id
        where users.id = $id
        group by tags.tags, pins.id, users.id
        order by timestamp desc'''

        request_data = web.input()
        csid_from_client = request_data.get('csid_from_client')
        csid_from_server = ""
        user_id = request_data.get('user_id')

        if not user_id:
            return api_response(data={},
                                status=405,
                                error_code="Missing user_id")
        results = db.query(query, vars={'id': user_id})

        pins = []
        current_row = None
        pins_counter = 0
        owned_pins_counter = 0
        for row in results:
            if not row.id:
                continue
            if not current_row or current_row.id != row.id:
                current_row = row
                tag = row.tags
                current_row.tags = []
                if tag:
                    current_row.tags.append(tag)

                current_row_dt = datetime.fromtimestamp(current_row.timestamp)

                pins.append(current_row)
                if not current_row.get("repin"):
                    owned_pins_counter += 1
            else:
                tag = row.tags
                if tag not in current_row.tags:
                    current_row.tags.append(tag)
            pins_counter += 1

        data = {"total": pins_counter, "total_owned": owned_pins_counter}
        page = int(request_data.get("page", 1))
        if page is not None:
            items_per_page = int(request_data.get("items_per_page", 10))
            if items_per_page < 1:
                items_per_page = 1

            data['pages_count'] = math.ceil(
                float(len(pins)) / float(items_per_page))
            data['pages_count'] = int(data['pages_count'])
            data['page'] = page
            data['items_per_page'] = items_per_page

            start = (page - 1) * items_per_page
            end = start + items_per_page
            data['pins_list'] = pins[start:end]
        else:
            data['pins_list'] = pins

        return api_response(data=data,
                            csid_from_server=csid_from_server,
                            csid_from_client=csid_from_client)
Example #23
0
    def POST(self):
        """
            Method register must receive next additional params:

            uname - user name
            pwd - user password
            email - user email
            complete_name - user first name
            language - user language

            output response also included:

            login_token for new user,
            hashed_activation for activation-email
        """
        request_data = web.input()
        data = {}

        save_api_request(request_data)
        csid_from_client = request_data.get('csid_from_client')

        uname = request_data.get("uname")
        pwd = request_data.get("pwd")
        email = request_data.get("email")
        complete_name = request_data.get("complete_name")
        # last_name = request_data.get("last_name")
        language = str(request_data.get("language", "en"))

        status_error = 200
        error_code = ""

        status, error_code = self.register_validation(uname, pwd,
                                                      email, complete_name)
        if status:
            activation = random.randint(1, 10000)
            hashed = hash(str(activation))

            user_id = auth.create_user(email, pwd,
                                       name=complete_name,
                                       username=uname,
                                       activation=activation,
                                       locale=language)

            add_default_lists(user_id)
            send_activation_email(email, hashed, user_id)
            sess = session.get_session()
            auth.login_user(sess, user_id)
            user = db.select('users', {'id': user_id}, where='id=$id')[0]
            login_token = user.get('logintoken')
            data.update({
                "logintoken": login_token,
                # "hashed_activation": hashed,
                })
        else:
            status_error = 405

        response = api_response(
            data,
            status=status_error,
            error_code=error_code,
            csid_from_client=csid_from_client,)

        return response
Example #24
0
    def POST(self):
        """
        :param str logintoken: Logintoken used fo authentication
        :param str picture_id: Id if the photo to comment
        :param str csid_from_client: CSID from client
        :param str action: action for picture (like|dislike)

        :response data: returns list of likes and them quantity
        """
        request_data = web.input()

        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        # Get data from request
        picture_id = request_data.get("picture_id")
        action = request_data.get("action", "like")

        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        if not picture_id:
            status = 400
            error_code = "picture_id cannot be empty"

        # pictures = web.ctx.orm.query(Picture).filter(
        #     Picture.id == picture_id).all()
        # if 0 == len(pictures):
        #     status = 404
        #     error_code = "Picture with id %s not found" % picture_id

        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']
        user_id = user['id']
        likes = []

        if status == 200:
            try:
                if not action or action == "like":
                    likes = web.ctx.orm.query(PictureLike).filter(
                        PictureLike.picture_id == picture_id,
                        PictureLike.user_id == user_id).all()

                    if len(likes) == 0:
                        like = PictureLike(picture_id, user_id)

                        web.ctx.orm.add(like)
                        web.ctx.orm.commit()

                        data['action'] = 'like'
                else:
                    likes = web.ctx.orm.query(PictureLike).filter(
                        PictureLike.picture_id == picture_id,
                        PictureLike.user_id == user_id).all()

                    for like in likes:
                        web.ctx.orm.delete(like)

                    web.ctx.orm.commit()

                    data['action'] = 'dislike'

                likes = web.ctx.orm.query(PictureLike).filter(
                    PictureLike.picture_id == picture_id).all()
            except IntegrityError as ex:
                web.ctx.orm.rollback()
                status = 502
                error_code = ex.message

            data['likes'] = \
                [like.to_serializable_dict() for like in likes]
            data['count_likes'] = len(likes)

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #25
0
    def POST(self):
        """
        :param str csid_from_client: Csid string from client
        :param str logintoken: logintoken of user (is not required)
        :param int user_id: id of user
        :param str album_type: type of pictures (photos|backgrounds)
        :response data: returns photos - list of pictures
        :to test: curl --data "csid_from_client=1&user_id=93&album_type=photos" http://localhost:8080/api/profile/userinfo/get_pictures
        """
        request_data = web.input()

        update_data = {}
        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        # Get data from request
        user_id = request_data.get("user_id")
        album_type = request_data.get("album_type")

        # This if is a monkeypatch, which allows to map
        # photos to any other non background slug
        # TODO: replace this code
        if album_type != "backgrounds":
            album_type = "photos"

        csid_from_client = request_data.get('csid_from_client')

        current_user_id = None
        logintoken = request_data.get('logintoken', None)
        if logintoken:
            user_status, user = self.authenticate_by_token(logintoken)
            if user_status:
                current_user_id = user['id']

        album = web.ctx.orm.query(Album).filter(
            Album.user_id == user_id, Album.slug == album_type).first()

        data['photos'] = []

        if album:
            pictures = web.ctx.orm.query(Picture).filter(
                Picture.album_id == album.id).all()

            for picture in pictures:
                if not picture.resized_url:
                    continue

                picture = picture.to_serializable_dict()

                picture['likes_count'] = len(picture['likes'])

                if current_user_id:
                    for like in picture['likes']:
                        if like['user_id'] == current_user_id:
                            picture['liked'] = True
                            break
                else:
                    picture['liked'] = False

                data['photos'].append(picture)

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response
Example #26
0
    def POST(self):
        """
        :param str logintoken: Logintoken used fo authentication
        :param str conversation_id: Conversation id
        :param str csid_from_client: CSID from client

        :response data: list of all messages, for a given conversation
        """
        request_data = web.input()

        data = {}
        status = 200
        csid_from_server = None
        error_code = ""

        # Get data from
        conversation_id = request_data.get('conversation_id', False)
        csid_from_client = request_data.get('csid_from_client')
        logintoken = request_data.get('logintoken')
        user_status, user = self.authenticate_by_token(logintoken)

        # User id contains error code
        if not user_status:
            return user

        csid_from_server = user['seriesid']
        from_user_id = user['id']

        if not conversation_id:
            status = 400
            error_code = "conversation_id cannot be empty"

        if status == 200:
            convo = db.query('''
                select convos.id, users.id as user_id, users.name from convos
                    join users on users.id = (case
                        when convos.id1 = $id then convos.id2
                        else convos.id1
                    end)
                where (convos.id = $convo_id and
                       convos.id1 = $id or convos.id2 = $id)''',
                vars={'convo_id': conversation_id, 'id': from_user_id})\
                .list()
            if not convo:
                status = 400
                error_code = "conversation not found"
            else:
                data['conversation'] = convo[0]

                messages = db.query('''
                    select messages.*, users.name from messages
                        join users on users.id = messages.sender
                    where messages.convo_id = $convo_id''',
                    vars={'convo_id': conversation_id})\
                    .list()
                if len(messages) > 0:
                    data['messages'] = messages
                else:
                    data['messages'] = []

        response = api_response(data=data,
                                status=status,
                                error_code=error_code,
                                csid_from_client=csid_from_client,
                                csid_from_server=csid_from_server)
        return response