def clear_old_picture(request):
"""
Функция для выполнения в cron
Удаляет изображения старше * дней (значение берется из настроек в БД)
"""
try:
days = Settings.all().get().days_for_old_picture
except:
days = getattr(settings, 'DAYS_FOR_OLD_PICTURE', 30)
query = Picture.all().filter(
"submitted_date <",
datetime.datetime.today() - datetime.timedelta(days=days))
response = HttpResponse()
for pic in query:
response.write("<br/>Delete: " + str(pic.name))
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(pic.submitter.key())
user_free_size.free_size = user_free_size.free_size + len(
pic.data) + len(pic.data_small) + len(pic.data_cover)
user_free_size.put()
pic.delete()
response.write("<br/>Delete END: " + str(len(query)))
return response
def settings(request):
if request.method == 'POST': # If the form has been submitted...
form = UserForm(request.POST) # A form bound to the POST data
if form.is_valid(): # All validation rules pass
update_user = User.get(form.cleaned_data['user_id'])
if update_user != request.user:
return render_to_response('error.html',
{'error': "You are not allowed to edit this user"})
update_user.get_profile().timezone = str(form.cleaned_data['timezone'])
update_user.get_profile().use_imperial = form.cleaned_data['use_imperial']
update_user.get_profile().default_public = \
form.cleaned_data['default_public']
update_user.put()
update_user.get_profile().put()
return HttpResponseRedirect('/a/') # Redirect after POST
else:
data = {'username' : request.user.username,
'timezone' : request.user.get_profile().timezone,
'use_imperial' : request.user.get_profile().use_imperial,
'default_public' : request.user.get_profile().default_public,
'user_id': str(request.user.key()),
}
form = UserForm(data) # An unbound form
return render_to_response('user/settings.html',
{
'form': form,
'data': data,
}
)
def staff_purchase(request):
user = request.REQUEST.get('user')
if user:
purchases = get_merged_purchases(User.get(pk=user))
else:
purchases = Purchase.objects.all()
book = request.REQUEST.get('book')
if book:
purchases = purchases.filter(publication__book=Book.get(pk=book))
status = request.REQUEST.get('status') or 'RSX'
purchases = purchases.filter(status__in=status)
sort = request.REQUEST.get('sort')
if sort:
purchases = purchases.annotate(downloads=Count('download')).order_by(sort.strip("+"))
purchasepager = Pager(request, purchases.count(), pagesize=50)
purchases = purchases[purchasepager.slice]
toggle_pending = request.GET.copy()
toggle_pending["status"] = ['RSX', 'PRSCX'][status == 'RSX']
toggle_pending = '?' + toggle_pending.urlencode()
return render_to_response("bookstore/staff_purchases.html", locals())
def save(self):
picture = super(AddPictureForm, self).save(commit=False)
picture.submitter = request.user # при сохранение, поле заполняем данными из request
if not len(request.META["HTTP_USER_AGENT"]) > 4:
if not imghdr.what(None,
h=picture.data): # проверяем тип файла
raise forms.ValidationError(
u'Filetype is not png format')
try:
width_samll = Settings.all().get().width_for_small_picture
width_cover = Settings.all().get().width_for_cover_album
except:
width_samll = getattr(settings, 'WIDTH_FOR_SMALL_PICTURE',
400)
width_cover = getattr(settings, 'WIDTH_FOR_COVER_ALBUM',
200)
picture.data_small = images.resize(picture.data,
width=width_samll)
picture.data_cover = images.resize(picture.data,
width=width_cover)
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(request.user.key())
user_free_size.free_size = user_free_size.free_size - len(
picture.data) - len(picture.data_small) - len(
picture.data_cover)
user_free_size.put()
picture.save()
return picture
def __get__(self, request, obj_type=None):
if not hasattr(request, '_cached_user'):
try:
request._cached_user = User.get(request.session[SESSION_KEY]) or AnonymousUser()
except KeyError:
request._cached_user = AnonymousUser()
return request._cached_user
def test_activation(self):
"""
Test that user activation actually activates the user and
properly resets the activation key, and fails for an
already-active or expired user, or an invalid key.
"""
# Activating a valid user returns the user.
self.failUnlessEqual(RegistrationProfile.objects.activate_user(RegistrationProfile.all().filter('user ='******'user ='******'user ='******'t a SHA1 hash returns False.
self.failIf(RegistrationProfile.objects.activate_user('foo'))
# Activating from a key that doesn't exist returns False.
self.failIf(RegistrationProfile.objects.activate_user(sha.new('foo').hexdigest()))
class TestViews(TestCase):
def setUp(self):
self.user = User()
def test_user_list(self):
response = self.user.get(reverse(users_list))
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'users_list.html')
def delete_picture_ok(request, key):
""" при успешном удаление картинки, освобождаем свободное место пользователя """
if request.user.is_authenticated():
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(request.user.key())
user_free_size.free_size = user_free_size.free_size + int(key)
user_free_size.put()
return HttpResponseRedirect('/gallery')
else:
return HttpResponseRedirect('/account/login/')
def delete_picture_ok(request, key):
""" при успешном удаление картинки, освобождаем свободное место пользователя """
if request.user.is_authenticated():
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(request.user.key())
user_free_size.free_size = user_free_size.free_size + int(key)
user_free_size.put()
return HttpResponseRedirect('/gallery')
else:
return HttpResponseRedirect('/account/login/')
def __get__(self, request, obj_type=None):
if not hasattr(request, "_cached_user"):
if settings.DEBUG:
if request.session.get('logindebug',False):
self._cached_user = User.get("ag1tdXNpY2thbGVuZGFycgoLEgRVc2VyGAIM")
else:
self._cached_user = AnonymousUser()
return self._cached_user
request._cached_user = FacebookProfile.get_djangouser(request)
return request._cached_user
def get_user(self, id):
"""Required method for authentication backends. """
if not id:
raise ValueError
try:
return User.get(id) # Returns None if not found
except db.KindError:
self.logger.error('RpxBackend: Entity with ID ' + str(id) + ' id was not of type User!')
return None
except db.BadKeyError:
self.logger.error('RpxBackend: Id ' + str(id) + ' seems malformed')
return None
def user_info(request):
if request.user.is_authenticated():
user = User.get(request.user.key())
user_info = {}
user_info['free_size'] = user.free_size
user_info['username'] = user.username
user_info['last_login'] = user.last_login.strftime("%A, %d. %B %Y %I:%M%p")
user_info['date_joined'] = user.date_joined.strftime("%A, %d. %B %Y %I:%M%p")
response = HttpResponse(mimetype='text/javascript')
response.write(json.dumps(user_info))
return response
else:
return HttpResponseRedirect('/account/login/')
def user_info(request):
if request.user.is_authenticated():
user = User.get(request.user.key())
user_info = {}
user_info['free_size'] = user.free_size
user_info['username'] = user.username
user_info['last_login'] = user.last_login.strftime(
"%A, %d. %B %Y %I:%M%p")
user_info['date_joined'] = user.date_joined.strftime(
"%A, %d. %B %Y %I:%M%p")
response = HttpResponse(mimetype='text/javascript')
response.write(json.dumps(user_info))
return response
else:
return HttpResponseRedirect('/account/login/')
def delete_album_ok(request, key):
""" при успешном удаление альбома, освобождаем свободное место пользователя """
if request.user.is_authenticated():
pictures = Picture.all().filter('album', db.Key(key)).fetch(999)
size = 0
for pic in pictures:
size = size + len(pic.data) + len(pic.data_cover) + len(pic.data_small)
pic.delete()
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(request.user.key())
user_free_size.free_size = user_free_size.free_size + size
user_free_size.put()
return HttpResponseRedirect('/gallery')
else:
return HttpResponseRedirect('/account/login/')
def idp_sso(request, provider_id, user_id=None):
'''Initiate an SSO toward provider_id without a prior AuthnRequest
'''
assert provider_id, 'You must call idp_initiated_sso with a provider_id parameter'
server = create_idff12_server(request, reverse(metadata))
login = lasso.Login(server)
liberty_provider = load_provider(request, provider_id, server=login.server)
service_provider = liberty_provider.service_provider
binding = service_provider.prefered_assertion_consumer_binding
nid_policy = service_provider.default_name_id_format
if user_id:
user = User.get(id=user_id)
if not check_delegated_authentication_permission(request):
logging.warning(
'ID-FFv1.2: %r tried to log as %r on %r but was forbidden' %
(request.user, user, provider_id))
return HttpResponseForbidden(
'You must be superuser to log as another user')
else:
user = request.user
load_federation(request, login, user)
if not liberty_provider:
message = _('ID-FFv1.2: provider %r unknown') % provider_id
logging.warning('ID-FFv1.2: provider %r unknown' % provider_id)
return HttpResponseForbidden(message)
login.initIdpInitiatedAuthnRequest(provider_id)
if binding == 'art':
login.request.protocolProfile = lasso.LIB_PROTOCOL_PROFILE_BRWS_ART
elif binding == 'post':
login.request.protocolProfile = lasso.LIB_PROTOCOL_PROFILE_BRWS_POST
else:
raise Exception('Unsupported binding %r' % binding)
if nid_policy == 'persistent':
login.request.nameIdPolicy = lasso.LIB_NAMEID_POLICY_TYPE_FEDERATED
elif nid_policy == 'transient':
login.request.nameIdPolicy = lasso.LIB_NAMEID_POLICY_TYPE_ONE_TIME
else:
message = _(
'ID-FFv1.2: default nameIdPolicy unsupported %r') % nid_policy
logging.error(message)
raise Exception(message)
login.processAuthnRequestMsg(None)
return sso_after_process_request(request,
login,
consent_obtained=True,
user=user,
save=False)
def delete_album_ok(request, key):
""" при успешном удаление альбома, освобождаем свободное место пользователя """
if request.user.is_authenticated():
pictures = Picture.all().filter('album', db.Key(key)).fetch(999)
size = 0
for pic in pictures:
size = size + len(pic.data) + len(pic.data_cover) + len(
pic.data_small)
pic.delete()
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(request.user.key())
user_free_size.free_size = user_free_size.free_size + size
user_free_size.put()
return HttpResponseRedirect('/gallery')
else:
return HttpResponseRedirect('/account/login/')
def idp_sso(request, provider_id, user_id = None):
'''Initiate an SSO toward provider_id without a prior AuthnRequest
'''
assert provider_id, 'You must call idp_initiated_sso with a provider_id parameter'
server = create_idff12_server(request, reverse(metadata))
login = lasso.Login(server)
liberty_provider = load_provider(request, provider_id, server=login.server)
service_provider = liberty_provider.service_provider
binding = service_provider.prefered_assertion_consumer_binding
nid_policy = service_provider.default_name_id_format
if user_id:
user = User.get(id = user_id)
if not check_delegated_authentication_permission(request):
logging.warning('ID-FFv1.2: %r tried to log as %r on %r but was forbidden' % (
request.user, user, provider_id))
return HttpResponseForbidden('You must be superuser to log as another user')
else:
user = request.user
load_federation(request, login, user)
if not liberty_provider:
message = _('ID-FFv1.2: provider %r unknown') % provider_id
logging.warning('ID-FFv1.2: provider %r unknown' % provider_id)
return HttpResponseForbidden(message)
login.initIdpInitiatedAuthnRequest(provider_id)
if binding == 'art':
login.request.protocolProfile = lasso.LIB_PROTOCOL_PROFILE_BRWS_ART
elif binding == 'post':
login.request.protocolProfile = lasso.LIB_PROTOCOL_PROFILE_BRWS_POST
else:
raise Exception('Unsupported binding %r' % binding)
if nid_policy == 'persistent':
login.request.nameIdPolicy = lasso.LIB_NAMEID_POLICY_TYPE_FEDERATED
elif nid_policy == 'transient':
login.request.nameIdPolicy = lasso.LIB_NAMEID_POLICY_TYPE_ONE_TIME
else:
message = _('ID-FFv1.2: default nameIdPolicy unsupported %r') % nid_policy
logging.error(message)
raise Exception(message)
login.processAuthnRequestMsg(None)
return sso_after_process_request(request, login,
consent_obtained = True, user = user, save = False)
def change_password(request):
"""Process the reset_password Form to reset the user's password"""
email = request.POST['email']
old_password = request.POST['old_password']
new_password = request.POST['new_password']
confirm_password = request.POST['confirm_password']
# Validation
required_fields = [email, old_password, new_password, confirm_password]
trimmed = [i.strip() for i in required_fields]
if "" in trimmed:
return render(request, 'reset_password.html', {
'email': email,
'message': 'Missing Required Fields'})
# Password matching
if new_password != confirm_password:
return render(request, 'reset_password.html', {
'email': email,
'message': 'New Password is different from Confirm Password'})
# Email validation
if not re.match(r"[^@]+@[^@]+\.[^@]+", email):
return render(request, 'reset_password.html', {
'email': email,
'message': 'Invalid Email'})
user = authenticate(username=email, password=old_password)
if user is not None:
login(request, user)
userget = User.get(username=email)
userget.set_password(new_password)
userget.save()
logout(request)
return redirect('news:user_login')
else:
return render(request, 'reset_password.html', {
'email': email,
'message': 'Incorrect Password to Email or Email does not exist'})
def clear_old_picture(request):
"""
Функция для выполнения в cron
Удаляет изображения старше * дней (значение берется из настроек в БД)
"""
try:
days = Settings.all().get().days_for_old_picture
except:
days = getattr(settings, 'DAYS_FOR_OLD_PICTURE', 30)
query = Picture.all().filter("submitted_date <", datetime.datetime.today() - datetime.timedelta(days=days))
response = HttpResponse()
for pic in query:
response.write("<br/>Delete: "+str(pic.name))
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(pic.submitter.key())
user_free_size.free_size = user_free_size.free_size + len(pic.data) + len(pic.data_small) + len(pic.data_cover)
user_free_size.put()
pic.delete()
response.write("<br/>Delete END: "+str(len(query)))
return response
def test_activation(self):
"""
Test that user activation actually activates the user and
properly resets the activation key, and fails for an
already-active or expired user, or an invalid key.
"""
# Activating a valid user returns the user.
self.failUnlessEqual(
RegistrationProfile.objects.activate_user(
RegistrationProfile.all().filter(
'user ='******'user ='******'user ='******'t a SHA1 hash returns False.
self.failIf(RegistrationProfile.objects.activate_user('foo'))
# Activating from a key that doesn't exist returns False.
self.failIf(
RegistrationProfile.objects.activate_user(
sha.new('foo').hexdigest()))
def save(self):
picture = super(AddPictureForm, self).save(commit=False)
picture.submitter = request.user # при сохранение, поле заполняем данными из request
if not len(request.META["HTTP_USER_AGENT"])>4:
if not imghdr.what(None, h=picture.data): # проверяем тип файла
raise forms.ValidationError(u'Filetype is not png format')
try:
width_samll = Settings.all().get().width_for_small_picture
width_cover = Settings.all().get().width_for_cover_album
except:
width_samll = getattr(settings, 'WIDTH_FOR_SMALL_PICTURE', 400)
width_cover = getattr(settings, 'WIDTH_FOR_COVER_ALBUM', 200)
picture.data_small = images.resize( picture.data, width=width_samll)
picture.data_cover = images.resize( picture.data, width=width_cover)
# код для контролирования кол-ва занимаемого места
user_free_size = User.get(request.user.key())
user_free_size.free_size = user_free_size.free_size - len(picture.data) - len(picture.data_small) - len(picture.data_cover)
user_free_size.put()
picture.save()
return picture
def get_user(self, user_id):
try:
return User.get(user_id)
except:
return None
def getUserProjectList(User):
user = User.get()
userprojectrole = user.userroleproject_set.all()[0]
projectlist = [x.code for x in userprojectrole.project.all()]
return projectlist
def getUserProjectRole(User):
user = User.get()
userprojectrole = user.userroleproject_set.all()[0]
return userprojectrole.role.role
def load_user(user_id):
return User.get(user_id)
class Listing(BaseBackend): name = "Listing" def __init__(self): BaseBackend.__init__(self, models.Listing) self.ip = IP() self.sensor = Sensor() self.host = Host() self.reason = Reason() self.duration = Duration() self.user = User() self.historylisting = HistoryListing() self.config = Config() self.ipcalc = IPCalc() def add(self, *args, **kwargs): (result, ip) = self.ip.get(ip=kwargs['ip']) if not result: (result, ip) = self.ip.add(ip=kwargs['ip']) if not result: return (False, ip) (result, listing) = self.get(ip=ip) if result: return (False, "IP is already blacklisted") (result, sensor) = self.sensor.get(name=kwargs['sensor']) if not result: (result, sensor) = self.sensor.add(name=kwargs['sensor']) if not result: return (False, sensor) (result, sensor_host) = self.host.get(hostname=kwargs['sensor_host']) if not result: (result, sensor_host) = self.host.add(hostname=kwargs['sensor_host'], user=kwargs['reporter']) if not result: return (False, sensor_host) (result, reason) = self.reason.get(reason=kwargs['reason'], sensor=sensor) if not result: (result, reason) = self.reason.add(reason=kwargs['reason'], sensor=sensor) if not result: return (False, reason) (result, user) = self.user.get(username=kwargs['reporter']) if not result: (result, user) = self.user.add(username=kwargs['reporter']) if not result: return (False, user) (result, historylistings) = self.historylisting.filter(ip=ip) if result and len(historylistings) != 0: occurrences = len(historylistings) else: occurrences = 1 (result, duration) = self.duration.get(duration=occurrences*self.config["blacklist.multiplier"]) if not result: (result, duration) = self.duration.add(duration=occurrences*self.config["blacklist.multiplier"]) if not result: return (False, duration) listing = models.Listing( ip=ip, reason=reason, sensor=sensor, sensor_host=sensor_host, timestamp=datetime.now(), duration=duration, reporter=user, ) listing.save() historylisting = self.historylisting.add( ip=ip, reason=reason, sensor=sensor, sensor_host=sensor_host, timestamp=listing.timestamp, duration=duration, reporter=user ) return (True, listing) def delete(self, *args, **kwargs): try: return BaseBackend.delete(self, *args, **kwargs) except: (result, ip) = self.ip.get(ip=kwargs['ip']) if not result: return (False, ip) kwargs['ip'] = ip return BaseBackend.delete(self, *args, **kwargs)
def get_user(self, key_name): actor_ref = User.get(key_name) return actor_ref
def payments(request):
print("reached here")
if request.method == 'GET':
pass
elif request.method == 'POST':
print("reached here")
serializer = TransactionSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
user_info = User.get(user=request.data["user"])
user_card = CardProfile.objects.get(user=user_info).card_no
user_exp = CardProfile.objects.get(user=user_info).expiration
OUTPUT_JSON = {"clientReferenceInformation": {
"code": "TC50171_3"
},
"processingInformation": {
"commerceIndicator": "internet"
},
"aggregatorInformation": {
"subMerchant": {
"cardAcceptorID": "1234567890",
"country": "US",
"phoneNumber": "650-432-0000",
"address1": "900 Metro Center",
"postalCode": "94404-2775",
"locality": "Foster City",
"name": "Visa Inc",
"administrativeArea": "CA",
"region": "PEN",
"email": "*****@*****.**"
},
"name": "V-Internatio",
"aggregatorID": "123456789"
},
"orderInformation": {
"billTo": {
"country": "US",
"lastName": "VDP",
"address2": "Address 2",
"address1": "201 S. Division St.",
"postalCode": "48104-2201",
"locality": "Ann Arbor",
"administrativeArea": "MI",
"firstName": "RTS",
"phoneNumber": "999999999",
"district": "MI",
"buildingNumber": "123",
"company": "Visa",
"email": "*****@*****.**"
},
"amountDetails": {
"totalAmount": "102.21",
"currency": "USD"
}
},
"paymentInformation": {
"card": {
"expirationYear": str(user_exp),
"number": str(user_card),
"securityCode": "123",
"expirationMonth": "12",
"type": "002"
}
}
}
url = "http://localhost:3000/api/payment"
r = requests.post(url, OUTPUT_JSON)
json_object = r.json()
if r.status_code == 200:
return Response(json_object, status=status.HTTP_200_OK)
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get_user(self, user_id): return User.get(user_id)
class Listing(BaseBackend):
name = "Listing"
def __init__(self):
BaseBackend.__init__(self, models.Listing)
self.ip = IP()
self.sensor = Sensor()
self.host = Host()
self.reason = Reason()
self.duration = Duration()
self.user = User()
self.historylisting = HistoryListing()
self.config = Config()
self.ipcalc = IPCalc()
def add(self, *args, **kwargs):
(result, ip) = self.ip.get(ip=kwargs['ip'])
if not result:
(result, ip) = self.ip.add(ip=kwargs['ip'])
if not result:
return (False, ip)
(result, listing) = self.get(ip=ip)
if result:
return (False, "IP is already blacklisted")
(result, sensor) = self.sensor.get(name=kwargs['sensor'])
if not result:
(result, sensor) = self.sensor.add(name=kwargs['sensor'])
if not result:
return (False, sensor)
(result, sensor_host) = self.host.get(hostname=kwargs['sensor_host'])
if not result:
(result,
sensor_host) = self.host.add(hostname=kwargs['sensor_host'],
user=kwargs['reporter'])
if not result:
return (False, sensor_host)
(result, reason) = self.reason.get(reason=kwargs['reason'],
sensor=sensor)
if not result:
(result, reason) = self.reason.add(reason=kwargs['reason'],
sensor=sensor)
if not result:
return (False, reason)
(result, user) = self.user.get(username=kwargs['reporter'])
if not result:
(result, user) = self.user.add(username=kwargs['reporter'])
if not result:
return (False, user)
(result, historylistings) = self.historylisting.filter(ip=ip)
if result and len(historylistings) != 0:
occurrences = len(historylistings)
else:
occurrences = 1
(result,
duration) = self.duration.get(duration=occurrences *
self.config["blacklist.multiplier"])
if not result:
(result,
duration) = self.duration.add(duration=occurrences *
self.config["blacklist.multiplier"])
if not result:
return (False, duration)
listing = models.Listing(
ip=ip,
reason=reason,
sensor=sensor,
sensor_host=sensor_host,
timestamp=datetime.now(),
duration=duration,
reporter=user,
)
listing.save()
historylisting = self.historylisting.add(ip=ip,
reason=reason,
sensor=sensor,
sensor_host=sensor_host,
timestamp=listing.timestamp,
duration=duration,
reporter=user)
return (True, listing)
def delete(self, *args, **kwargs):
try:
return BaseBackend.delete(self, *args, **kwargs)
except:
(result, ip) = self.ip.get(ip=kwargs['ip'])
if not result:
return (False, ip)
kwargs['ip'] = ip
return BaseBackend.delete(self, *args, **kwargs)
