def decorator(*args, **kwargs): #1 if (request.headers['hash'] is not None and request.headers['timestamp'] is not None and request.headers['username'] is not None): # Control timestamp usertimestamp = datetime.datetime.fromtimestamp(int(request.headers['timestamp'])/1000) maxtime = usertimestamp + datetime.timedelta(minutes=app.config["loginMaxTime"]) diftime = datetime.datetime.now() - maxtime if (diftime <= datetime.timedelta(seconds=0)): # Control credentials usermodel = UserModel() user = usermodel.getUserByUsername(request.headers['username']) if user is not None and user['admin']: password = usermodel.getPasswordByUsername(request.headers['username']) if(password != ''): suma = request.headers['username'] + password + request.headers['timestamp'] m = md5.new() m.update(suma) hashsum = m.hexdigest() if(hashsum != request.headers['hash']): abort(401) else: abort(401) else: abort(401) else: abort(401) else: abort(401) return func(*args, **kwargs)
def uploadHistory():
# Get user id
u = UserModel()
user = u.getUserByUsername(request.headers['username'])
# Save history data
h = HistoryModel()
result = h.createHistory(request.form, user['id_user'])
# Save images and link in DB
imagelist = ast.literal_eval(request.form['images'])
resizeImages(imagelist)
i = ImageModel()
i.addImages(imagelist, result['history_id'])
# Send email to admins and author
admins = u.getAllAdmins()
data = {}
data['title'] = request.form['title']
data['author'] = user['real_name']
data['id_history'] = result['history_id']
for admin in admins:
sendNewHistoryNotification(admin, data)
if not user['admin']:
sendNewHistoryNotification(user, data)
return jsonify({'admin':result['isAdmin'], 'history_id': result['history_id']})
def listHistories():
htype = request.args.get('type')
fromid = request.args.get('id')
isAdmin = False
if 'username' in request.headers:
u = UserModel()
isAdmin = u.getUserByUsername(request.headers['username'])['admin']
h = HistoryModel()
result = h.getHistoriesByType(htype,fromid,isAdmin)
if isinstance(result, dict):
return jsonify(result)
else:
return jsonify({'result': result})
def deleteHistory(id):
h = HistoryModel()
history = h.getHistoryById(id)
h.deleteHistory(id)
# Send email to admins and author
u = UserModel()
user = u.getUserByUsername(history['username'])
admins = u.getAllAdmins()
for admin in admins:
sendDeletedHistoryNotification(admin, history)
if not user['admin']:
sendDeletedHistoryNotification(user, history)
return jsonify({'result': 'true'})
def login():
username = request.headers['username']
u = UserModel()
user = u.getUserByUsername(username)
return jsonify({'result':'true', 'admin': user['admin'] == 1})
def editHistory(id):
data = json.loads(request.data)
h = HistoryModel()
old_history = h.getHistoryById(id)
h.updateHistory(id, data)
i = ImageModel()
# Unlink deleted images
if len(data['images']) > 0:
old_imagelist = old_history['images']
new_imagelist = data['images']
if isinstance(new_imagelist[0], dict):
new_imagelist = [el['href'] for el in new_imagelist]
for image in old_imagelist:
if image['href'] not in new_imagelist:
i.deleteImageByFilename(image['href'])
# Save new images and link in DB
if 'newImages' in data:
imagelist = data['newImages']
resizeImages(imagelist)
i.addImages(imagelist, id)
#Publish twitter
if old_history['twitter'] != data['twitter'] and data['twitter']:
auth = tweepy.OAuthHandler(app.config['consumer_key'], app.config['consumer_secret'])
auth.set_access_token(app.config['access_token'], app.config['access_token_secret'])
apiTwitter = tweepy.API(auth)
maxLength = 117
if len(old_history["images"]) > 0:
maxLength = 93
maxLength -= (len(app.config['hashtag']) + 1)
tweet = data["text_history"]
if(len(tweet) > maxLength):
maxLength -= 3
tweet = tweet[0:maxLength]
tweet += "..."
tweet += app.config['baseURL'] + data["historyUrl"] + str(data["id_history"]) + " " + app.config['hashtag']
if len(old_history["images"]) > 0:
imageTwitter = app.config['IMAGES_FOLDER'] + old_history["images"][0]["href"]
apiTwitter.update_with_media(imageTwitter,status=tweet)
else:
status = apiTwitter.update_status(status=tweet)
# Send email to admins and author
u = UserModel()
user = u.getUserByUsername(data['username'])
admins = u.getAllAdmins()
if old_history['status'] == data['status']:
for admin in admins:
sendEditedHistoryNotification(admin, data)
if not user['admin']:
sendEditedHistoryNotification(user, data)
else:
for admin in admins:
sendPublishedHistoryNotification(admin, data)
if not user['admin']:
sendPublishedHistoryNotification(user, data)
return jsonify({'result': 'true'})