def _do_upload(response): global ul_file, content_type sbjct = response.get_field('subject') categor = response.get_field('category') descr = response.get_field('description') filename, content_type, data = response.get_file('to_upload') currenttime = str(int(time())) while os.path.exists("static\\files\\" + currenttime): print "OS Path Exists" currenttime = str(int(time())) extension = "." + filename.split(".")[-1] serverfilename = currenttime + extension ul_file = os.path.join('static', 'files', serverfilename) #adding to list of all files user = auth.get_user(response) if user == None: return else: username = user.get_username() dbfiles.addFile(serverfilename, username, filename, sbjct, descr, categor) open(ul_file, 'wb').write(data) #Response after file upload success user = auth.get_user(response) context = {"css": "fileupload", "title": "File Uploader", "ori_file_name": filename, "server_file_location": currenttime+extension, "user": user} template.render_template("templates/uploadconfirmed.html", context, response)
def get_enrollments(): from auth import get_user, get_userid if not get_user(): return [] if get_user()=="B3yGtjkIFz": return["ENGL 999 001 20135","SPAN 999 001 20135"] if "enrollments" in session: return session.get('enrollments') tokenRes = requests.post('https://api.byu.edu/token', data=[('grant_type', 'client_credentials')], auth=(CONSUMER_KEY, CONSUMER_SECRET)) token = json.loads(tokenRes.content)['access_token'] headers = { 'Accept': 'application/json', 'Authorization': 'Bearer '+token, } res = requests.get('https://api.byu.edu:443/domains/legacy/academic/registration/enrollment/v1/studentschedule/personid/'+get_userid()+'/'+getCurrentSem(), headers=headers) courses=[] try: content=json.loads(res.content)['EnrollmentService']['response'] except ValueError: content={"class_list":[]} for course in content["class_list"]: courses.append(" ".join((course['subject_area'],course['catalog_number'],course['section_number'],course['year_term']))) session['enrollments']=courses return courses
def get_enrollments(): from auth import get_user, get_userid if not get_user(): return [] if get_user() == "B3yGtjkIFz": return ["ENGL 999 001 20135", "SPAN 999 001 20135"] if "enrollments" in session: return session.get('enrollments') url = "https://ws.byu.edu/rest/v1.0/academic/registration/studentschedule/" + get_userid( ) + "/" + getCurrentSem() headerVal = byu_ws_sdk.get_http_authorization_header( BYU_WS_ID, BYU_SHARED_SECRET, byu_ws_sdk.KEY_TYPE_API, byu_ws_sdk.ENCODING_NONCE, actor=get_user(), url=url, httpMethod=byu_ws_sdk.HTTP_METHOD_GET, actorInHash=True) res = requests.get(url, headers={'Authorization': headerVal}) courses = [] try: content = json.loads(res.content)['WeeklySchedService']['response'] except ValueError: content = {"schedule_table": []} for course in content["schedule_table"]: courses.append(" ".join( (course['course'], course['section'], content['year_term']))) session['enrollments'] = courses return courses
def get_enrollments(): from auth import get_user, get_userid if not get_user(): return [] if get_user() == "B3yGtjkIFz": return ["ENGL 999 001 20135", "SPAN 999 001 20135"] if "enrollments" in session: return session.get("enrollments") url = "https://ws.byu.edu/rest/v1.0/academic/registration/studentschedule/" + get_userid() + "/" + getCurrentSem() headerVal = byu_ws_sdk.get_http_authorization_header( BYU_WS_ID, BYU_SHARED_SECRET, byu_ws_sdk.KEY_TYPE_API, byu_ws_sdk.ENCODING_NONCE, actor=get_user(), url=url, httpMethod=byu_ws_sdk.HTTP_METHOD_GET, actorInHash=True, ) res = requests.get(url, headers={"Authorization": headerVal}) courses = [] try: content = json.loads(res.content)["WeeklySchedService"]["response"] except ValueError: content = {"schedule_table": []} for course in content["schedule_table"]: courses.append(" ".join((course["course"], course["section"], content["year_term"]))) session["enrollments"] = courses return courses
def place_bet(game, team): if not get_user(): return redirect('/auth/login') entity_key = datastore_client.key('bet', get_user() + game) bet_entity = datastore.Entity(key=entity_key) if (team == 'v'): teamFull = 'visitor' elif (team == 'h'): teamFull = 'home' bet_entity['team'] = teamFull #home or visitor bet_entity['user'] = get_user() bet_entity['game'] = game bet_entity['result'] = 'none' datastore_client.put(bet_entity) return jsonify(success=True)
def authenticate(self, request): request.user, msg, status_code, rescode = get_user(request) detail = {'rescode': rescode, 'msg': msg, 'status_code': status_code} if rescode != '10000': raise HttpResponse1(detail) return (request.user, None)
def post(self): # sessionからget me = get_user() if me is None: response = make_response("", 401) return response if not me.is_admin: response = make_response("", 403) return response form_data = request.form if len(request.form) == 0: json_data = request.get_json(force=True) else: json_data = dict([(k, v) for k, v in form_data.items()]) tag_name = json_data.get('tag_name') tag = db.session.query(mEventTag).filter_by( tag_name=tag_name).one_or_none() if tag is not None: response = make_response("", 400) return response tag = mEventTag(tag_name=tag_name) db.session.add(tag) db.session.commit() response = make_response("", 200) return response
def file_search(response): auth.require_user(response) user = auth.get_user(response) if user == None: return else: username = user.get_username()
def user_views(id=None): """ Redirect to '/' if no user signed in """ if not auth.get_user(): return redirect('/') return base()
def get(self): # sessionからget me = get_user() if me is None: response = make_response("", 401) return response if not me.is_admin: response = make_response("", 403) return response # tag = db.session.query(mEventTag).filter_by(tag_id=id).one_or_none() _target_user_type_list = db.session.query(mTargetUserType).order_by( mTargetUserType.target_user_type_id.asc()).all() target_user_type_list = [] for t in _target_user_type_list: target_user_type_list += [ dict(target_user_type_id=t.target_user_type_id, target_user_type_name=t.target_user_type_name, color_code=t.color_code) ] response = jsonify(dict(target_user_type_list=target_user_type_list)) response.status_code = 200 return response
def viewsubject(response, subjectid, resourcetype, page): auth.require_user(response) if not resourcetype: resourcetype = 'All' if not page: page = 1 user = auth.get_user(response) info = database_subject.get_subject(int(subjectid)) lower = (int(page) - 1 )*10 upper = int(page)*10 - 1 top_resources = dbfiles.getFilesSubject(int(subjectid)) sorted(top_resources, key=attrgetter('rank'), reverse=True) #eliminate those without the correct type new_top = [] if len(top_resources): for s in top_resources: if s.category == resourcetype or resourcetype == 'All': new_top.append(s) top_resources = new_top[lower:upper] all_resources = dbfiles.getFilesSubject(int(subjectid)) sorted(all_resources, key=attrgetter('ori_filename')) if len(all_resources): new_all = [] for s in all_resources: if s.category == resourcetype or resourcetype == 'All': new_all.append(s) all_resources = new_all[lower:upper] template.render_template("templates/subject_view_template.html",{"user":user, "css":"subject","subject":info,"top_resources":top_resources,"all_resources":all_resources,'current_Wall':subjectid,'wallorfeed':'wallupdate','can_use_wall':True},response)
def no_user_views(): """ Redirect to '/dashboard' if user is signed in """ if auth.get_user(): return redirect('/dashboard') return base()
def post(self): # sessionからget me = get_user() if me is None: response = make_response("", 401) return response if not me.is_admin: response = make_response("", 403) return response form_data = request.form if len(request.form) == 0: json_data = request.get_json(force=True) else: json_data = dict([(k, v) for k, v in form_data.items()]) user_id = json_data.get('user_id') user_name = json_data.get('user_name', '') user_comment = json_data.get('user_comment', '') password = json_data.get('password', '') is_admin = json_data.get('is_admin', 'false') is_admin = 1 if is_admin == 'true' else 0 user = iUser(**dict(user_id=user_id, user_name=user_name, user_comment=user_comment, password=password, is_admin=is_admin)) db.session.add(user) db.session.commit() response = make_response("", 200) return response
def get_user(request): # 兼容AuthenticationMiddleware if not hasattr( request, '_cached_user') or not request._cached_user.is_authenticated: request._cached_user, msg, *rest = auth.get_user(request) return request._cached_user
async def user_get(request): """ Allow users to query the current login status """ session = await get_session(request) user = auth.get_user(session, strip_id=True) return web.json_response(user)
def change_password(response): auth.require_user(response) user = auth.get_user(response) if user == None: return old_password = response.get_field("old_password") new_password1 = response.get_field("new_password1") new_password2 = response.get_field("new_password2") output = "" context = { "title": "Change Your Password", "css": "password", "user": user } if old_password: if user.password_correct(old_password): if new_password1 == new_password2: user.set_password(new_password1) response.redirect("/profile/") else: context = {"title": "Change Your Password", "css": "password"} output = "Your password's did not match" else: output = "Incorrect password entered" context = { "title": "Change Your Password", "css": "password", "output": output, "user": user } template.render_template("templates/change_password.html", context, response)
def create_group_post(): group_name = request.form.get("group_name") max_size = request.form.get("max_size") username = get_user() password = request.form.get("password") create_group(group_name, max_size, password, username) return redirect("/groups")
def post(self): # sessionからget me = get_user() if me is None: response = make_response("", 401) return response form_data = request.form if len(request.form) == 0: json_data = request.get_json(force=True) else: json_data = dict([(k, v) for k, v in form_data.items()]) event_id = json_data.get('event_id') event = db.session.query(iEvent).filter_by(event_id=event_id).one_or_none() if event is None: response = make_response("", 400) return response attend_user_id_list = [u.user_id for u in event.users_list] if me.user_id not in attend_user_id_list: response = jsonify({"message":"イベントに参加していません。"}) response.status_code = 200 return response new_users_list = [] for u in event.users_list: if u.user_id == me.user_id: continue new_users_list += [u] event.users_list = new_users_list db.session.commit() response = make_response("", 200) return response
def post(self): args = self.reqparse.parse_args() b = Beer.all(keys_only=True).filter('name', args.name).get() if b: abort(409, message="Beer with name '%s' already exists" % args.name) g = None if args.beer_glass_id: g = BeerGlass.get_by_id(args.beer_glass_id) u = get_user() if u is None: abort(404, message="User not found.") date_added = datetime.datetime.utcnow() if u.last_beer_add_date is not None and u.user_name != "admin": next_allowed = (u.last_beer_add_date + datetime.timedelta(days=1) - date_added).total_seconds() if next_allowed > 0: abort(429, message="User can only add one beer per day.", allowed_in=round(next_allowed)) if args.description is not None: args.description = args.description[:500] b = Beer(name=args.name, description=args.description, ibu=args.ibu, calories=args.calories, abv=args.abv, style=args.style, brewery_location=args.brewery_location, beer_glass=g) b.put() u.last_beer_add_date = date_added u.put() return marshal(b, beer_fields)
def profile(response, username): auth.require_user(response) user = auth.get_user(response) if user == None: return if not username: username = user else: username = User.get(username) if user is not None: firstname = username.get_first_name() lastname = username.get_last_name() email = username.get_email() school = username.get_school() interests = {"activities":None, "tv":None} about = {"birthday":None, "age":None, "website":None} education = {"school":None,"subjects":None,"state":None,"grade":None} picture = username.get_profile_pic_path() if not picture: picture = "/static/images/default_avatar.jpeg" print "PICTURE IS: " + picture fullname = firstname + " " + lastname context = {"title":fullname, 'wallorfeed':'wallupdate', "username":username.get_username(),'current_Wall':username.get_username(), "profile_pic_location":picture, "email":email, "school":school, "css": "profile", "friends":friends.get_friends(username.get_username()), "user": user, "interests": interests, "about": about, "education":education,"user":user,'can_use_wall':can_use_wall(user,username.get_username())} template.render_template("templates/profile.html", context, response)
def put(self): # sessionからget me = get_user() if me is None: response = make_response("", 401) return response if not me.is_admin: response = make_response("", 403) return response form_data = request.form if len(request.form) == 0: json_data = request.get_json(force=True) else: json_data = dict([(k, v) for k, v in form_data.items()]) target_user_type_id = json_data.get('target_user_type_id') target_user_type_name = json_data.get('target_user_type_name') color_code = json_data.get('color_code') target = db.session.query(mTargetUserType).filter_by( target_user_type_id=target_user_type_id).one_or_none() if target is None: response = make_response("", 400) return response target.target_user_type_name = target_user_type_name target.color_code = color_code db.session.commit() response = make_response("", 200) return response
def _submit(response): now = time() m = Message(auth.get_user(response).get_username(), now, response.get_field('msg')) w = WallConnection(response.get_field('current_Wall')) w.set_wall(m) return
def listsubjectfiles(response): auth.require_user(response) user = auth.get_user(response) if user == None: return else: username = user.get_username()
def file_upload(response): auth.require_user(response) user = auth.get_user(response) if user == None: return else: username = user.get_username() ul_error_msg = "" filename, content_type, data = response.get_file('to_upload') if response.get_field("ul_flag") == "True": # we did submit a form print"#####", response.get_field("subject") if data == None or response.get_field("subject") == None or response.get_field("category") == None or response.get_field("description") == None: ul_error_msg = "Make sure you have all fields filled in and have selected a file. If you have joined any subject(s), you cannot upload files." else: #A form was submitted with content. Proceed with upload print "a form was submitted" _do_upload(response) return # we did not submit a form or it's wrong print "loading page first time" listofsubjects = [] for item in user.get_subjects(): listofsubjects.append([item, database_subject.get_subject(item).get_name().replace("_", " ")]) print "item", item context = {"css": "fileupload", "title": "File Uploader", "ul_err_msg": ul_error_msg, "ulsubjects": listofsubjects, "ulcategories": ["Notes", "Exam Paper","Exercises", "Solution"], "user": user} template.render_template("templates/fileupload.html", context, response)
def _submit(response): now = time() m = Message( auth.get_user(response).get_username(), now, response.get_field('msg')) w = WallConnection(response.get_field('current_Wall')) w.set_wall(m) return
def get(self): favorites = [] u = get_user() if u is None: abort(404, message="User not found") for f in generate_sorted_query(Favorites).filter('user', u): favorites.append(f) return {'favorites': map(lambda f: marshal(f, favorite_fields), favorites)}
def __init__(self, response): self.currentUserObject = auth.get_user(response) self.current_User = self.currentUserObject.get_username() self.connection = sqlite3.connect('./commsdb.sqlite') self.cursor = self.connection.cursor() self.cursor.execute( 'CREATE TABLE IF NOT EXISTS "WALL" ("ID" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL , "author" TEXT NOT NULL , "target" TEXT NOT NULL , "time" INTEGER NOT NULL , "message" TEXT NOT NULL )' )
def my_friends(response): auth.require_user(response) user = auth.get_user(response) if user == None: return friends = get_friends(user.get_username()) context = {'user':user, 'friends':friends} template.render_template('templates/friend_list_template.html', context, response)
def add_review(beer, review_dict): def create_review_summary(beer_review): summary = BeerReviewSummary.all().filter('beer', beer_review.beer).get() if summary: summary.count += 1 summary.aroma = moving_average(summary.aroma, beer_review.aroma, summary.count) summary.appearance = moving_average(summary.appearance, beer_review.appearance, summary.count) summary.taste = moving_average(summary.taste, beer_review.taste, summary.count) summary.palate = moving_average(summary.palate, beer_review.palate, summary.count) summary.bottle_style = moving_average(summary.bottle_style, beer_review.bottle_style, summary.count) summary.overall = moving_average(summary.overall, beer_review.overall, summary.count) else: summary = BeerReviewSummary(count=1, beer=beer_review.beer, aroma=beer_review.aroma, appearance=beer_review.appearance, taste=beer_review.taste, palate=beer_review.palate, bottle_style=beer_review.bottle_style, overall=beer_review.overall) summary.put() if beer is None: abort(404, message="Beer %s not found.") user = get_user() if user is None: abort(404, message="User is not found.") date_added = datetime.datetime.utcnow() r = BeerReview.all() \ .filter('beer', beer) \ .filter('user', user) \ .filter('date_created >', date_added - datetime.timedelta(days=7)) \ .get() if r: allowed_in = (r.date_created + datetime.timedelta(days=7) - date_added).total_seconds() abort(429, message="Only one review per user per beer per week allowed.", allowed_in=round(allowed_in)) scores = [float(review_dict['aroma']), float(review_dict['appearance']), float(review_dict['taste']), float(review_dict['palate']), float(review_dict['bottle_style'])] overall = (sum(scores) / len(scores)) r = BeerReview(beer=beer, user=user, aroma=review_dict['aroma'], appearance=review_dict['appearance'], taste=review_dict['taste'], palate=review_dict['palate'], bottle_style=review_dict['bottle_style'], overall=overall, comments=review_dict.get('comments')) r.put() create_review_summary(r) return {'beer_review': marshal(r, beer_review_fields)}
def main_page(): scheduler.start() user = get_user() get_game_info() return render_template("index.html", newlist=newlist, numgames=numgames, timelist=timelist, user=user)
def test_not_logged_in_returns_anonymous(self): """ When the session is empty, get_user should return VerbaAnonymousUser. """ session = self.client.session request = mock.MagicMock(session=session) user = get_user(request) self.assertTrue(isinstance(user, VerbaAnonymousUser))
def subjectmembership(response, action, subjectid): print action, subjectid user = auth.get_user(response) if action == 'join': user.add_subject(int(subjectid)) elif action == 'leave': user.remove_subject(int(subjectid)) response.redirect("/subject/"+subjectid)
def delete(self, id): u = get_user() if u is None: abort(404, message="User not found.") f = Favorites.all().filter('user', u).filter('beer', Key.from_path('Beer', id)).get() if f is None: abort(404, message="Favorite not found") f.delete() return {'favorite': marshal(f, favorite_fields), 'action': 'deleted'}
def deserialize(self, request): # invert the type map types = dict((v, k) for k, v in copy.deepcopy(self.TYPES).items()) targets = dict((v, k) for k, v in copy.deepcopy(self.TARGETS).items()) packet = {} packet["dc:relation"] = request.json["media"][0].get("id") packet["dc:creator"] = request.json.get( "creator") if "creator" in request.json else get_user() for idx, track in enumerate(request.json["media"][0]["tracks"]): if idx == 0: packet["dc:title"] = track.get("name") packet["vcp:playSettings"] = track.get("settings") packet["vcp:commands"] = [] for event in track["trackEvents"]: if event["type"] in types: etype = types[event["type"]] elif event["popcornOptions"].get("target") == "target-4": etype = "oax:link" else: etype = "oa:annotation" if event["popcornOptions"]["target"] not in [ "target-0", "target-4" ]: if etype == "oax:comment": semantic = "note" elif etype == "oax:classification": semantic = event["popcornOptions"]["list"] elif etype == "oax:question": semantic = "question" else: semantic = targets[event["popcornOptions"]["target"]] else: semantic = event[ "type"] if etype != "oax:description" else "popup" end = event["popcornOptions"][ "end"] if event["popcornOptions"]["end"] != "0" else "" npt = "npt:%s,%s" % (event["popcornOptions"]["start"], end) b = { etype: { "oax:hasSemanticTag": semantic, "oa:hasTarget": npt } } if "text" in event["popcornOptions"] or "item" in event[ "popcornOptions"]: hasBody = { "content": event["popcornOptions"].get("text"), "dc:title": event["popcornOptions"].get("item") } if etype == "oax:link": hasBody["content"], hasBody["dc:title"] = hasBody[ "dc:title"], hasBody["content"] b[etype]["oa:hasBody"] = hasBody packet["vcp:commands"].append(b) return packet
def authenticate(self, request): request.user, msg, status_code, rescode = get_user(request) if not request.user.is_authenticated: detail = { 'rescode': rescode, 'msg': msg, 'status_code': status_code } raise exceptions.AuthenticationFailed(detail) return (request.user, None)
def mysubjects(response): user = auth.get_user(response) subjectlist = user.get_subjects() tmp_list = [] for sub in subjectlist: sub = database_subject.get_subject(sub) tmp_list.append(sub) subjectlist = tmp_list template.render_template("templates/subject_list_template.html",{"user":user, "css":"subject","subjectlist":subjectlist},response) targetsubject=response.get_field("subjectselected")
def _wrapped_view(self, request, *args, **kwargs): request.user, msg, status_code, rescode = get_user(request) detail = {'rescode': rescode, 'msg': msg, 'status_code': status_code} if not request.user.is_authenticated: raise exceptions.APIException(detail) if request.user.user_type != 3: detail['status_code'] = 403 detail['rescode'] = ResCode.Access_Denied detail['msg'] = '非管理员用户,无权限访问' raise exceptions.APIException(detail) return view_func(self, request, *args, **kwargs)
def remove_friend_handler(response, friend_username): auth.require_user(response) user = auth.get_user(response) if user == None: return username = user.get_username() print '\n\n',username, friend_username, '\n\n' friend = User.get(friend_username) remove_friend(username, friend_username) context = {'user':user, 'friend':friend} template.render_template('templates/confirmation.html', context, response)
def authenticate(self, request): request.user, msg, status_code, rescode = get_user(request) detail = {'rescode': rescode, 'msg': msg, 'status_code': status_code} if not request.user.is_authenticated: raise exceptions.APIException(detail) if request.user.user_type != 4: detail['status_code'] = 403 detail['rescode'] = ResCode.Access_Denied detail['msg'] = '非超级管理员用户,无权限访问' raise exceptions.APIException(detail) return (request.user, None)
def listmyfiles(response): auth.require_user(response) user = auth.get_user(response) if user == None: return else: username = user.get_username() print username context = {"allfiles": dbfiles.getFilesUser(username), 'user':user, "css": "fileupload"} print context template.render_template("templates/listallfiles.html", context, response)
def add_friend_email(response): auth.require_user(response) user = auth.get_user(response) if user == None: return friend = User.get_from_email(response.get_field("email")) if friend == None: pass else: add_friend(user.get_username(), friend.get_username()) context = {'user':user, 'friend':friend} template.render_template('templates/addconfirmation.html', context, response)
def __before__(self, **kw): from desio import api from desio.model import STATUS_PENDING ru, u = (auth.get_real_user(), auth.get_user()) auth.RedirectOnFail(api.IsLoggedIn(), url='/login').check(ru, u) try: c.organization = api.organization.get(subdomain=kw.get('sub_domain')) except ClientException, e: abort(404)
def post(self): username = request.form['username'] password = request.form['password'] user = get_user(username, password) if user is not None: remember = 'remember-me' in request.form if login_user(user, remember=remember): #flash(request.args['next']) return redirect(request.args['next']) #return redirect(url_for('index')) return render_template('signin.html')
def file_edit(response, fileid): auth.require_user(response) user = auth.get_user(response) if user == None: return else: username = user.get_username() context = {"css": "fileupload", "title": "Edit File Info", "thefileid": fileid, "thefilename": all_files[fileid][0], "thefilesbjct": all_files[fileid][2], "thefiledescr": all_files[fileid][3]} template.render_template("templates/editfileinfo.html", context, response)
def wrap(environ, start_response): ws = environ["wsgi.websocket"] MonitorEvents(ws, directory_storage) while not ws.closed: message = ws.receive() if message: message = json.loads(message) if message['action'] == 'check-login': valid_user(ws, message['headers']['authorization']) elif message['action'] == 'monitor-events' and valid_user(ws, message['headers']['authorization']): user = get_user(message['headers']['authorization']) views.monitor_events(ws, message['content'], directory_storage, user) elif message['action'] == 'login': views.auth(ws, message['content']) elif message['action'] == 'get-snapshot' and valid_user(ws, message['headers']['authorization']): views.get_snapshot(ws, directory_storage) elif message['action'] == 'pull' and valid_user(ws, message['headers']['authorization']): views.pull(ws, message['content'], directory_storage) elif message['action'] == 'push' and valid_user(ws, message['headers']['authorization']): user = get_user(message['headers']['authorization']) views.push(ws, message['content'], directory_storage, user) elif message['action'] == 'get-list' and valid_user(ws, message['headers']['authorization']): views.get_list(ws, directory_storage)
def test_with_invalid_hash_returns_anonymous(self): """ When the values in the session are set up properly APART FROM the HASH SESSION KEY, get_user should return VerbaAnonymousUser """ session = self.client.session expected_user = VerbaUser(pk=1, token='user token', user_data={'username': '******'}) session[SESSION_KEY] = expected_user.pk session[AUTH_TOKEN_SESSION_KEY] = expected_user.token session[USER_DATA_SESSION_KEY] = expected_user.user_data session[BACKEND_SESSION_KEY] = 'auth.backends.VerbaBackend' session[HASH_SESSION_KEY] = 'some other hash' request = mock.MagicMock(session=session) user = get_user(request) self.assertTrue(isinstance(user, VerbaAnonymousUser))
def add_favorite(beer_id): u = get_user() if u is None: abort(404, message="User not found") b = Beer.get_by_id(beer_id) if b is None: abort(404, message="Beer not found") f = Favorites.all(keys_only=True) \ .filter('user', u)\ .filter('beer', b) \ .get() if f: abort(409, message="User already has this beer marked as favorite") f = Favorites(user=u, beer=b) f.put() return {'favorite': marshal(f, favorite_fields)}
def test_when_logged_in(self): """ When the values in the session are set up properly, get_user should return the expected VerbaUser. """ session = self.client.session expected_user = VerbaUser(pk=1, token='user token', user_data={'username': '******'}) session[SESSION_KEY] = expected_user.pk session[AUTH_TOKEN_SESSION_KEY] = expected_user.token session[USER_DATA_SESSION_KEY] = expected_user.user_data session[BACKEND_SESSION_KEY] = 'auth.backends.VerbaBackend' session[HASH_SESSION_KEY] = expected_user.get_session_auth_hash() request = mock.MagicMock(session=session) user = get_user(request) self.assertEqual(user.pk, expected_user.pk) self.assertEqual(user.token, expected_user.token) self.assertDictEqual(user.user_data, expected_user.user_data)
def change_password(response): auth.require_user(response) user = auth.get_user(response) if user == None: return old_password = response.get_field("old_password") new_password1 = response.get_field("new_password1") new_password2 = response.get_field("new_password2") output = "" context = {"title":"Change Your Password", "css":"password", "user":user} if old_password: if user.password_correct(old_password): if new_password1 == new_password2: user.set_password(new_password1) response.redirect("/profile/") else: context = {"title":"Change Your Password", "css":"password"} output = "Your password's did not match" else: output = "Incorrect password entered" context = {"title":"Change Your Password", "css":"password","output":output, "user":user} template.render_template("templates/change_password.html", context, response)