def inviteusers_POST(self,id=0):
"""
admin is sending out a number of invites to users
"""
raise Exception("not implemented")
if 'emails' in self.request.arguments:
emails = self.get_argument("emails")
delay = 4
from demisauce.lib import scheduler
for email in emails.split(','):
email = email.strip().lower()
user = Person.by_email(self.user.site_id,email)
if user is None:
user = Person(site_id=c.site_id,email=email, displayname=email)
user.save()
#send emails
url2 = urllib.quote_plus('/user/viewh/%s' % (user.hashedemail))
dnew = {}
dnew['link'] = '%s/user/verify?unique=%s&node=%s&return_url=%s' %\
(base_url(),user.user_uniqueid,user.id,url2)
dnew['from'] = self.user.displayname
a = Activity(site_id=user.site_id,person_id=user.id,activity='sending email invite')
a.ip = self.request.remote_ip
a.ref_url = 'account admin invite'
a.category = 'account'
a.save()
scheduler.add_interval_task(send_emails,0,('invitation_to_demisauce',[user.email],dnew) , initialdelay=delay)
delay += 3
return 'from form %s' % emails
return 'error'
def googleauth(self,id=0):
"""
User is coming in from google, should have an auth token
"""
# NEED SITE???? Or does that not make sense?
import gdata
import gdata.contacts
import gdata.contacts.service
authsub_token = self.get_argument("token")
log.info('calling gdata_authsubtoke = %s' % (authsub_token))
#TODO: upgrade to gdata 1.2+ which breaks this
gd_client = gdata.contacts.service.ContactsService()
gd_client.auth_token = authsub_token
gd_client.UpgradeToSessionToken()
query = gdata.contacts.service.ContactsQuery()
query.max_results = 2
feed = gd_client.GetContactsFeed(query.ToUri())
email = feed.author[0].email.text
name = feed.author[0].name.text
user = meta.DBSession.query(Person).filter_by(
email=email.lower()).first()
if not user:
user = Person(site_id=1,email=email,displayname=name)
user.authn = 'google'
user.save()
log.info('creating a google user')
self.set_current_user(user,is_authenticated = True,islogon=True)
expires_seconds = 60*60*24*31
self.set_cookie('dsuserkey', user.user_uniqueid,expires_days=31)
if 'url' in self.request.arguments:
url = request.GET['url']
self.redirect(str(url))
self.render('/comment/comment_login.html')
def view(self,id=0):
if not self.user:
self.redirect('/')
if self.user.issysadmin and id > 0:
person = Person.get(-1,id)
elif id > 0:
person = Person.get(self.user.site_id,id)
return self._view(person,True)
def edit_POST(self, id=0):
"""
User has selected to change site config info
"""
site = Site.get(-1, self.get_argument("id"))
form = SiteForm(QueryDict(self.request.arguments))
if form and site and form.validate():
if site is None:
self.add_error("We experienced an error, please try again")
else:
site.name = form.name.data
log.debug("description pre sanitize = %s" % form.description.data)
site.description = sanitize.sanitize(form.description.data)
site.email = form.email.data
site.slug = self.get_argument("real_permalink")
# TODO, check uniqueness
site.public = bool(form.public.data)
site.base_url = form.base_url.data
site.site_url = form.site_url.data
site.save()
# refresh session store
user = Person.get(self.user.site_id, self.user.id)
self.set_current_user(user)
self.add_alert("Site settings were updated")
else:
log.error(form.errors)
log.error("There was an Error site=%s form.data%s" % (site, form.data))
self.add_error("There was an Error")
return self.render("/site/site_edit.html", item=site, form=form)
return self.redirect("/site/view?msg=Site+Updated")
def pre_init_user(self):
"""A push to pre-initiate session (step 1) optional
body of json to add/update user"""
user = None
user_dict = {}
if self.request.method == 'POST':
if self.is_json_post():
user_dict = json.loads(self.request.body)
else:
user_dict = self.args_todict()
log.debug("Loaded data user_dict=%s" % user_dict)
self.action_get_object(self.id, user_dict)
if not self.object:
log.debug("creating new user, not found %s dict=%s" % (self.id,user_dict))
self.object = Person(site_id=self.site.id,foreign_id=self.id)
if self.object:
self.object.from_dict(user_dict,allowed_keys=Person._allowed_api_keys)
self.object.save()
if hasattr(self.object,'is_new') and self.object.is_new:
self._queue_actions.update({'new_user':{'user_id':self.object.id}})
else:
self.action_get_object(self.id)
if self.object:
user_key = self.object.id
log.debug("setting cache = %s, %s" % (str(user_key),self.site.key))
self.db.cache.set(str(user_key),self.site.key,120) # 2 minutes only
site_key = self.db.cache.get(str(user_key))
log.debug("site_key, self.site.key = %s, %s" % (site_key, self.site.key))
assert site_key == self.site.key
self.qry = [self.object]
def interest(self,id=0):
"""
User has selected to enter an email to be on waitinglist
"""
log.debug(self.request.arguments)
form = SignupForm(QueryDict(self.request.arguments))
log.debug(form.data)
if 'email' in self.request.arguments and form.validate():
user = meta.DBSession.query(Person).filter_by(
email=self.get_argument("email").lower()).first()
if user is None:
new_email = form.email.data.lower()
site = Site(name=new_email,email=new_email)
site.save()
user = Person(site_id=site.id,email=new_email,
displayname=new_email)
user.slug = user.hashedemail
user.save()
a = Activity(site_id=user.site_id,person_id=user.id,activity='Signup Interest Form')
#a.ref_url = 'comment url'
a.ip = self.request.remote_ip
a.category = 'account'
a.save()
link = '%s/user/verify?unique=%s&node=%s&return_url=%s' %\
(options.base_url,
user.user_uniqueid,
user.id,
urllib.quote_plus('/user/viewh/%s' % (user.hashedemail)))
json_dict = {
'emails':[user.email],
'template_name':'thank_you_for_registering_with_demisauce',
'template_data':{
'link':link,
'displayname':user.displayname,
'email':user.email,
'title':'welcome'
}
}
self.db.gearman_client.do_task(Task("email_send",json.dumps(json_dict), background=True))
self.add_alert("Thank You!")
self.redirect("/")
return self.render('/user/signup.html',form=form)
def get_current_user(self):
"""get current user"""
if not hasattr(self, "_current_user") or self.get_argument("reload", None):
# log.debug("get_current_user: no _current_user attr, finding")
user_cookie = self.get_secure_cookie("dsuser")
if not user_cookie:
return None
self._user_json = tornado.escape.json_decode(user_cookie)
if "id" not in self._user_json:
return None
if self.get_argument("reload", None):
redis_user_json = None
else:
# log.debug("get_current_user: found cookie, getting user from cache")
redis_user_json = self.db.redis.get("DS-person-%s" % self._user_json["id"])
if not redis_user_json:
p = None
if self.get_cookie("dsu", None):
p = Person.by_unique(self.get_cookie("dsu").lower())
elif self.get_cookie("dsuserkey", None):
p = Person.by_unique(self.get_cookie("dsuserkey").lower())
if p:
self.set_current_user(p, islogon=False)
redis_user_json = p.to_json()
# make sure current_user returned is NOT an SA Person obj, but pure json derived
if redis_user_json:
p = Person()
self._current_user = p.from_json(redis_user_json)
else:
self._current_user = None
log.error("Critical error get_current_user() no redis_user_json user_json=%s" % self._user_json)
# log.debug(self._user_json)
if not self._current_user:
return None
# set is authenticated/not flag, make sure not to persist this other than cookie
if "is_authenticated" in self._user_json:
self._current_user.is_authenticated = self._user_json["is_authenticated"]
else:
self._current_user.is_authenticated = False
return self._current_user
def validate(self,id="0"):
'for validating'
if self.user and self.user.is_authenticated:
user = Person.saget(self.user.id)
if isinstance(user.extra_json,(dict)) and 'wordpress_user_id' in user.extra_json:
self.write(user.extra_json['wordpress_user_id'])
log.debug(user.extra_json['wordpress_user_id'])
self.set_status(200)
else:
self.set_status(403)
def index(self,id=''):
if id > 0:
person = Person.get(self.user.site_id,id)
activities = Activity.activity_by_person(self.user.site_id,id)
activities_by_day = Activity.stats_by_person(self.user.site_id,id)
categories = Activity.categories(self.user.site_id,id)
return self.render('/activity.html',person=person,activities=activities,
activities_by_day=activities_by_day,categories=categories)
else:
self.write("no id? %s" % id)
def object_load_dict(self,o,data_dict):
'http post handle args'
if 'post_type' in data_dict:
o.post_type = data_dict['post_type']
data_dict.pop('post_type')
if 'demisauce_id' in data_dict:
o.person_id = int(data_dict['demisauce_id'])
data_dict.pop('demisauce_id')
p = Person.get(self.site.id,o.person_id)
o.displayname = p.displayname
return data_dict
def account_edit(self,id=0):
"""
User has selected to update profile
"""
if self.user and self.has_args('email','id'):
id = int(self.get_argument('id'))
if id == self.user.id or self.user.isadmin:
user = Person.get(self.user.site_id,id)
user.displayname = self.get_argument('displayname')
user.set_email(self.get_argument('email'))
user.url = self.get_argument('url')
user.save()
if id == self.user.id:
self.set_current_user(user)
self.render('/user/settings.html',person=user)
def init_user(self):
# Need site?
ds_id = self.id
site_key = self.db.cache.get(str(ds_id))
log.debug("init_user ds_id,site_key = %s = %s" % (ds_id,site_key))
if site_key:
site = Site.by_apikey(str(site_key))
if site:
user = Person.get(site.id,ds_id)
if not user:
log.error("user not found? id = %s" % ds_id)
else:
log.error("no site? %s" % ds_id)
self.set_current_user(user,is_authenticated = True)
log.debug("tried to init_user succeeded")
self.set_status(204) # succuess, no content
else:
log.error("tried to init_user failed ds_id = %s, url=%s" % (ds_id,self.request.full_url()))
self.set_status(400)
self.write("{'status':'failure'}")
def action_get_object(self,id, data_dict = {}):
if isinstance(self.id,int) and self.id > 0:
#meta.DBSession.close()
#meta.DBSession()
self.object = Person.get(self.site.id,self.id)
if not self.object:
# ??
self.object = Person.by_foreignid(self.site.id,self.id)
elif isinstance(self.id,int) and self.id == 0 and 'email' in data_dict:
self.object = Person.by_email(self.site.id,data_dict['email'].lower())
elif 'foreign_id' in data_dict:
self.object = Person.by_foreignid(self.site.id,data_dict['foreign_id'])
else:
id = urllib.unquote_plus(self.id)
if mailsrch.match(id):
self.object = Person.by_email(self.site.id,id)
else:
self.object = Person.by_hashedemail(self.site.id,id)
log.debug('getting by hashed/email: %s, %s' % (id, self.object))
if self.object:
self.qry = [self.object]
def view_mini(self,id=0):
person = None
if id > 0:
person = Person.get(self.user.site_id,id)
self.render('/user/profile_mini.html',person=person)
class PersonApiHandler(ApiSecureHandler):
object_cls = Person
def after_save(self,data_dict):
if hasattr(self.object,'is_new') and self.object.is_new:
self._queue_actions.update({'new_user':{'user_id':self.object.id}})
def object_load_dict(self,o,data_dict):
'http post handle args'
if 'attributes' in data_dict:
attr_list = []
if isinstance(data_dict['attributes'],list):
attr_list = data_dict['attributes']
elif isinstance(data_dict['attributes'],dict):
attr_list = [data_dict['attributes']]
for attr in attr_list:
object_type = "attribute" if not 'object_type' in attr else attr['object_type']
category = "attribute" if not 'category' in attr else attr['category']
encoding = 'str' if not 'encoding' in attr else attr['encoding']
o.add_attribute(attr['name'],attr['value'],object_type=object_type,
encoding=encoding,category=category)
data_dict.pop('attributes')
if 'delete_attributes' in data_dict:
for attr in data_dict['delete_attributes']:
ua = o.get_attribute(attr['name'])
log.debug('deletting attribute = id=%s, name=%s' % (ua.id, ua.name))
ua.delete()
data_dict.pop('delete_attributes')
return data_dict
def change_email(self):
self.handle_post()
def delete_by_get(self):
self.action_get_object(self.id)
if self.object and hasattr(self.object,'delete'):
url = self.request.full_url()
log.debug("DELETE id=%s for url=%s" % (self.id,url))
self.object.delete()
cache.cache.delete(cache.cache_key(url))
self.object = None
self.qry = []
self.set_status(204)
else:
log.error("not found? %s, %s" % (self.noun, self.id))
def action_get_object(self,id, data_dict = {}):
if isinstance(self.id,int) and self.id > 0:
#meta.DBSession.close()
#meta.DBSession()
self.object = Person.get(self.site.id,self.id)
if not self.object:
# ??
self.object = Person.by_foreignid(self.site.id,self.id)
elif isinstance(self.id,int) and self.id == 0 and 'email' in data_dict:
self.object = Person.by_email(self.site.id,data_dict['email'].lower())
elif 'foreign_id' in data_dict:
self.object = Person.by_foreignid(self.site.id,data_dict['foreign_id'])
else:
id = urllib.unquote_plus(self.id)
if mailsrch.match(id):
self.object = Person.by_email(self.site.id,id)
else:
self.object = Person.by_hashedemail(self.site.id,id)
log.debug('getting by hashed/email: %s, %s' % (id, self.object))
if self.object:
self.qry = [self.object]
def json_formatter(self,o):
if o:
return o.to_dict_api()
return None
def action_get_list(self,q=None):
if q:
qry = self.db.session.query(Person).filter(and_(
Person.name.like('%' + q + '%'),Person.is_anonymous==1))
else:
qry = self.db.session.query(Person).filter(and_(Person.site_id==self.site.id))
self.qry = qry
def pre_init_user(self):
"""A push to pre-initiate session (step 1) optional
body of json to add/update user"""
user = None
user_dict = {}
if self.request.method == 'POST':
if self.is_json_post():
user_dict = json.loads(self.request.body)
else:
user_dict = self.args_todict()
log.debug("Loaded data user_dict=%s" % user_dict)
self.action_get_object(self.id, user_dict)
if not self.object:
log.debug("creating new user, not found %s dict=%s" % (self.id,user_dict))
self.object = Person(site_id=self.site.id,foreign_id=self.id)
if self.object:
self.object.from_dict(user_dict,allowed_keys=Person._allowed_api_keys)
self.object.save()
if hasattr(self.object,'is_new') and self.object.is_new:
self._queue_actions.update({'new_user':{'user_id':self.object.id}})
else:
self.action_get_object(self.id)
if self.object:
user_key = self.object.id
log.debug("setting cache = %s, %s" % (str(user_key),self.site.key))
self.db.cache.set(str(user_key),self.site.key,120) # 2 minutes only
site_key = self.db.cache.get(str(user_key))
log.debug("site_key, self.site.key = %s, %s" % (site_key, self.site.key))
assert site_key == self.site.key
self.qry = [self.object]
def options(self,site_slug='',format='json'):
log.debug("in person api OPTIONS")
