def wrapper(*args, **kwargs):
request = args[0]
user = getUserForTicket(request)
player = kwargs['player']
if player.owning_user==user:
return HttpResponseBadRequest()
else:
return function(*args, **kwargs)
def wrapper(*args, **kwargs):
request = args[0]
user = getUserForTicket(request)
player = kwargs['player']
if player.canCreateSongSets(user):
return function(*args, **kwargs)
else:
return HttpResponseForbidden()
def wrapper(*args, **kwargs):
request = args[0]
user = getUserForTicket(request)
activePlayer = kwargs['activePlayer']
if activePlayer.owning_user==user:
return function(*args, **kwargs)
else:
return HttpResponseForbidden()
def modActivePlaylist(request, player_id, player, lib_id):
user = getUserForTicket(request)
if request.method == 'PUT':
return add2ActivePlaylist(user, lib_id, player)
elif request.method == 'DELETE':
if not (user == player.owning_user or player.isAdmin(user)):
return HttpResponseForbidden()
return removeFromActivePlaylist(request, user, lib_id, player)
def wrapper(*args, **kwargs):
request = args[0]
user = getUserForTicket(request)
player = kwargs['player']
if player.owning_user==user or player.isAdmin(user):
return function(*args, **kwargs)
else:
return HttpResponseForbidden()
def favorite(request, player_id, lib_id):
user = getUserForTicket(request)
if request.method == 'PUT':
return addSongToFavorite(user, player_id, lib_id)
elif request.method == 'DELETE':
return removeSongFromFavorite(user, player_id, lib_id)
else:
#Should never get here because of AcceptsMethods decerator
return HttpResponse(status=405)
def createPlayer(request):
user = getUserForTicket(request)
try:
newPlayerJSON = json.loads(request.raw_post_data)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
#Ensure the name attribute was provided with the JSON
try:
newPlayerName = newPlayerJSON['name']
except KeyError:
return HttpResponseBadRequest('No name given')
#Determine which sorting algorithm to use
if 'sorting_algorithm_id' in newPlayerJSON:
try:
sortingAlgo = SortingAlgorithm.objects.get(pk=newPlayerJSON['sorting_algorithm_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'sorting-algorithm'
return toReturn
else:
try:
sortingAlgo = SortingAlgorithm.objects.get(function_name=default_sorting_algo)
except ObjectDoesNotExist:
raise ImproperlyConfigured('Default sorting algorithm is not in database')
#Ensure that the suers doesn't already have a player with the given name
conflictingPlayer = Player.objects.filter(owning_user=user, name=newPlayerName)
if conflictingPlayer.exists():
return HttpResponse('A player with that name already exists', status=409)
#Create and save new player
newPlayer = Player(
owning_user=user,
name=newPlayerName,
sorting_algo=sortingAlgo)
newPlayer.save()
#If password provided, create and save password
if 'password' in newPlayerJSON:
PlayerPassword(player=newPlayer, password_hash=hashPlayerPassword(newPlayerJSON['password'])).save()
#If locaiton provided, geocode it and save it
if 'location' in newPlayerJSON:
location = newPlayerJSON['location']
if isValidLocation(location):
try:
setPlayerLocation(location, newPlayer)
except LocationNotFoundError as e:
return HttpResponseBadRequest('Location not found. Geocoder error: ' + str(e))
else:
return HttpResponseBadRequest('Bad location')
return HttpJSONResponse(json.dumps(newPlayer, cls=UDJEncoder), status=201)
def wrapper(*args, **kwargs):
toReturn = function(*args, **kwargs)
request = args[0]
user = getUserForTicket(request)
player = kwargs['player']
if user != player.owning_user:
participant = Participant.objects.get(user=user, player=player)
participant.time_last_interaction = datetime.now()
participant.save()
return toReturn
def getFavorites(request, player_id):
try:
player = Player.objects.get(pk=player_id)
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'player'
return toReturn
user = getUserForTicket(request)
favorites = Favorite.objects.filter(user=user, favorite_song__library=player.DefaultLibrary)
return HttpJSONResponse(json.dumps(favorites, cls=UDJEncoder))
def wrapper(*args, **kwargs):
toReturn = function(*args, **kwargs)
request = args[0]
user = getUserForTicket(request)
player = kwargs['player']
if user != player.owning_user:
participant = Participant.objects.get(user=user, player=player)
participant.time_last_interaction = datetime.now()
participant.save()
return toReturn
def logoutOfPlayer(request, player_id, player):
user = getUserForTicket(request)
try:
toLogOut = Participant.objects.get(player=player, user=user)
toLogOut.logout_flag = True
toLogOut.save()
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'user'
return toReturn
return HttpResponse()
def logoutOfPlayer(request, player_id, player):
user = getUserForTicket(request)
try:
toLogOut = Participant.objects.get(player=player, user=user)
toLogOut.logout_flag = True
toLogOut.save()
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'user'
return toReturn
return HttpResponse()
def wrapper(*args, **kwargs):
request = args[0]
user = getUserForTicket(request)
player = kwargs['player']
if player.owning_user==user or player.isActiveParticipant(user):
return function(*args, **kwargs)
elif player.isKicked(user):
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'kicked'
return toReturn
else:
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'begin-participating'
return toReturn
def participateWithPlayer(request, player_id, player):
def onSuccessfulPlayerAuth(activePlayer, user):
#very important to check if they're banned or player is full first.
#otherwise we might might mark them as actually participating
if Participant.objects.filter(user=user, player=activePlayer, ban_flag=True).exists():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'banned'
return toReturn
if activePlayer.isFull():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'player-full'
return toReturn
obj, created = Participant.objects.get_or_create(player=activePlayer, user=user)
if not created:
obj.time_last_interation = datetime.now()
obj.kick_flag = False
obj.logout_flag = False
obj.save()
return HttpResponse(status=201)
user = getUserForTicket(request)
playerPassword = PlayerPassword.objects.filter(player=player)
if playerPassword.exists():
hashedPassword = ""
if not request.META.has_key('CONTENT_TYPE'):
return HttpResponseBadRequest("must specify content type")
elif request.META['CONTENT_TYPE'] != 'text/json':
return HttpResponse("must send json", status=415)
elif request.raw_post_data == '':
return HttpResponseBadRequest("Bad JSON")
try:
password_json = json.loads(request.raw_post_data)
password = password_json['password']
hashedPassword = hashPlayerPassword(password)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
if hashedPassword == playerPassword[0].password_hash:
return onSuccessfulPlayerAuth(player, user)
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'player-password'
return toReturn
else:
return onSuccessfulPlayerAuth(player, user)
def createSongSet(request, player_id, player):
user = getUserForTicket(request)
try:
songSetJSON = json.loads(request.raw_post_data)
if 'name' not in songSetJSON or 'description' not in songSetJSON or 'date_created' not in songSetJSON:
return HttpResponseBadRequest('Bad JSON')
except ValueError:
return HttpResponseBadRequest('Bad JSON')
if player.Songsets().filter(name=songSetJSON['name']).exclude(description=songSetJSON['description'], date_created=songSetJSON['date_created']).exists():
return HttpResponse('duplicate song set', status=409)
newSongSet = SongSet(player, songSetJSON['name'], ['desciption'], user, songSetJSON['date_created'])
newSongSet.save()
return HttpResonse(status=201)
def participateWithPlayer(request, player_id, player):
def onSuccessfulPlayerAuth(activePlayer, user):
#very important to check if they're banned or player is full first.
#otherwise we might might mark them as actually participating
if Participant.objects.filter(user=user,
player=activePlayer,
ban_flag=True).exists():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'banned'
return toReturn
if activePlayer.isFull():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'player-full'
return toReturn
obj, created = Participant.objects.get_or_create(player=activePlayer,
user=user)
if not created:
obj.time_last_interation = datetime.now()
obj.kick_flag = False
obj.logout_flag = False
obj.save()
return HttpResponse(status=201)
user = getUserForTicket(request)
playerPassword = PlayerPassword.objects.filter(player=player)
if playerPassword.exists():
if DJANGO_PLAYER_PASSWORD_HEADER in request.META:
hashedPassword = hashPlayerPassword(
request.META[DJANGO_PLAYER_PASSWORD_HEADER])
if hashedPassword == playerPassword[0].password_hash:
return onSuccessfulPlayerAuth(player, user)
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'player-password'
return toReturn
else:
return onSuccessfulPlayerAuth(player, user)
def participateWithPlayer(request, player_id, player):
def onSuccessfulPlayerAuth(activePlayer, user):
#very important to check if they're banned or player is full first.
#otherwise we might might mark them as actually participating
if Participant.objects.filter(user=user, player=activePlayer, ban_flag=True).exists():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'banned'
return toReturn
if activePlayer.isFull():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'player-full'
return toReturn
obj, created = Participant.objects.get_or_create(player=activePlayer, user=user)
if not created:
obj.time_last_interation = datetime.now()
obj.kick_flag = False
obj.logout_flag = False
obj.save()
return HttpResponse(status=201)
user = getUserForTicket(request)
playerPassword = PlayerPassword.objects.filter(player=player)
if playerPassword.exists():
if DJANGO_PLAYER_PASSWORD_HEADER in request.META:
hashedPassword = hashPlayerPassword(request.META[DJANGO_PLAYER_PASSWORD_HEADER])
if hashedPassword == playerPassword[0].password_hash:
return onSuccessfulPlayerAuth(player, user)
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'player-password'
return toReturn
else:
return onSuccessfulPlayerAuth(player, user)
def multiModActivePlaylist(request, player):
player.lockActivePlaylist()
try:
toAdd = json.loads(request.POST['to_add'])
toRemove = json.loads(request.POST['to_remove'])
except ValueError:
return HttpResponseBadRequest('Bad JSON\n. Couldn\'t even parse.\n Given data:' + request.raw_post_data)
user = getUserForTicket(request)
#Only admins and owners may remove songs from the playlist
if len(toRemove) != 0 and not (player.isAdmin(user) or player.owning_user==user):
return HttpResponseForbidden()
try:
#0. lock active playlist
player.lockActivePlaylist()
#first, validate/process all our inputs
# 1. Ensure none of the songs to be deleted aren't on the playlist
notOnPlaylist = getNotOnPlaylist(toRemove, player)
if len(notOnPlaylist) > 0:
toReturn = HttpJSONResponse(json.dumps(notOnPlaylist), status=404)
toReturn[MISSING_RESOURCE_HEADER] = 'song'
return toReturn
# 2. Ensure all of the songs to be added actually exists in the library
notInLibrary = []
for songId in toAdd:
if not LibraryEntry.songExsits(songId, player):
notInLibrary.append(songId)
if len(notInLibrary) > 0:
toReturn = HttpJSONResponse(json.dumps(notInLibrary), content_type="text/json", status=404)
toReturn[MISSING_RESOURCE_HEADER] = 'song'
return toReturn
# 3. See if there are any songs that we're trying to add that are already on the playlist
# and vote them up instead.
alreadyOnPlaylist = getAlreadyOnPlaylist(toAdd, player)
toAdd = filter(lambda x: x not in alreadyOnPlaylist, toAdd)
try:
currentSong = ActivePlaylistEntry.objects.get(song__player=player, state='PL')
except ObjectDoesNotExist:
currentSong = None
for libid in alreadyOnPlaylist:
#make sure we don't vote on the currently playing song
if currentSong != None and currentSong.song.player_lib_song_id != libid:
voteSong(player, user, libid, 1)
#alright, should be good to go. Let's actually add/remove songs
#Note that we didn't make any actual changes to the DB until we were sure all of our inputs
#were good and we weren't going to return an error HttpResponse. This is what allows us to use
#the commit on success
addSongsToPlaylist(toAdd, player, user)
removeSongsFromPlaylist(toRemove, player, user)
except ValueError:
return HttpResponseBadRequest('Bad JSON\n' + 'toAdd: ' + str(toAdd) + '\ntoRemove: ' + str(toRemove))
except TypeError:
return HttpResponseBadRequest('Bad JSON\n' + 'toAdd: ' + str(toAdd) + '\ntoRemove: ' + str(toRemove))
return HttpResponse()
def getFavorites(request, player_id): user = getUserForTicket(request) favorites = Favorite.objects.filter(user=user, favorite_song__player__id=player_id) return HttpJSONResponse(json.dumps(favorites, cls=UDJEncoder))
def createPlayer(request):
user = getUserForTicket(request)
try:
newPlayerJSON = json.loads(request.raw_post_data)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
#Ensure the name attribute was provided with the JSON
try:
newPlayerName = newPlayerJSON['name']
except KeyError:
return HttpResponseBadRequest('No name given')
#Determine which sorting algorithm to use
if 'sorting_algorithm_id' in newPlayerJSON:
try:
sortingAlgo = SortingAlgorithm.objects.get(
pk=newPlayerJSON['sorting_algorithm_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'sorting_algorithm'
return toReturn
else:
try:
sortingAlgo = SortingAlgorithm.objects.get(
function_name=default_sorting_algo)
except ObjectDoesNotExist:
raise ImproperlyConfigured(
'Default sorting algorithm is not in database')
#Determine external library
externalLib = None
if 'external_library_id' in newPlayerJSON:
try:
externalLib = ExternalLibrary.objects.get(
pk=newPlayerJSON['external_library_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'external_library'
return toReturn
#Ensure that the suers doesn't already have a player with the given name
conflictingPlayer = Player.objects.filter(owning_user=user,
name=newPlayerName)
if conflictingPlayer.exists():
return HttpResponse('A player with that name already exists',
status=409)
#Create and save new player
newPlayer = Player(owning_user=user,
name=newPlayerName,
sorting_algo=sortingAlgo,
external_library=externalLib)
newPlayer.save()
#If password provided, create and save password
if 'password' in newPlayerJSON:
PlayerPassword(player=newPlayer,
password_hash=hashPlayerPassword(
newPlayerJSON['password'])).save()
#If locaiton provided, geocode it and save it
if 'location' in newPlayerJSON:
location = newPlayerJSON['location']
if isValidLocation(location):
try:
setPlayerLocation(location, newPlayer)
except LocationNotFoundError:
return HttpResponseBadRequest('Location not found')
else:
return HttpResponseBadRequest('Bad location')
return HttpJSONResponse(json.dumps({'player_id': newPlayer.id}),
status=201)
def createPlayer(request):
user = getUserForTicket(request)
try:
newPlayerJSON = json.loads(request.raw_post_data)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
#Ensure the name attribute was provided with the JSON
try:
newPlayerName = newPlayerJSON['name']
except KeyError:
return HttpResponseBadRequest('No name given')
#Determine which sorting algorithm to use
if 'sorting_algorithm_id' in newPlayerJSON:
try:
sortingAlgo = SortingAlgorithm.objects.get(pk=newPlayerJSON['sorting_algorithm_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'sorting-algorithm'
return toReturn
else:
try:
sortingAlgo = SortingAlgorithm.objects.get(function_name=DEFAULT_SORTING_ALGO)
except ObjectDoesNotExist:
raise ImproperlyConfigured('Default sorting algorithm is not in database')
#Ensure that the suers doesn't already have a player with the given name
conflictingPlayer = Player.objects.filter(owning_user=user, name=newPlayerName)
if conflictingPlayer.exists():
return HttpResponse('A player with that name already exists', status=409)
#Create and save new player
newPlayer = Player(
owning_user=user,
name=newPlayerName,
sorting_algo=sortingAlgo)
newPlayer.save()
#If password provided, create and save password
if 'password' in newPlayerJSON:
PlayerPassword(player=newPlayer, password_hash=hashPlayerPassword(newPlayerJSON['password'])).save()
#If locaiton provided, geocode it and save it
if 'location' in newPlayerJSON:
location = newPlayerJSON['location']
if isValidLocation(location):
try:
setPlayerLocation(location, newPlayer)
except LocationNotFoundError as e:
return HttpResponseBadRequest('Location not found. Geocoder error: ' + str(e))
else:
return HttpResponseBadRequest('Bad location')
#create default library for new player
new_library = Library(name="Default library", description="default library", pub_key="")
new_library.save()
new_default = DefaultLibrary(library=new_library, player=newPlayer)
new_default.save()
new_owned = OwnedLibrary(library=new_library, owner=user)
new_owned.save()
new_associated = AssociatedLibrary(library=new_library, player=newPlayer)
new_associated.save()
#Create Owner Permissions Group
owner_group = PlayerPermissionGroup(player=newPlayer, name="owner")
owner_group.save()
owner_group.add_member(user)
#Create Admin Permissions Group
admin_group = PlayerPermissionGroup(player=newPlayer, name="admin")
admin_group.save()
#Add owner_group and admin group to select permissions
set_default_player_permissions(newPlayer, owner_group)
set_default_player_permissions(newPlayer, admin_group)
return HttpJSONResponse(json.dumps(newPlayer, cls=UDJEncoder), status=201)
def voteSongUp(request, player_id, lib_id, player): return voteSong(player, getUserForTicket(request), lib_id, 1)
