def usertour(resp, usrid, pathinfo):
if os.environ["REQUEST_METHOD"] != "GET":
resp.message = "Method not supported."
elif len(pathinfo) == 0:
resp.message = "Not enough path to go on."
else:
op = pathinfo.pop()
if op == "name":
if len(pathinfo) > 0:
name = pathinfo.pop()
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theTour = dataobjects.Tour(name)
theTour.user = theUser.ident
item = dao.gettourbyname(theTour)
resp.message = "ok"
resp.item = item
resp.link = util.autolink() + "/%d" % theTour.ident
else:
resp.message = "%s is not a valid user, or authorization is incorrect." % usrid
else:
resp.message = "To get a tour by name, please supply the name."
elif op == "all":
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theTours = dao.gettoursbyuser(usrid)
resp.message = "ok"
resp.listkey = "tours"
resp.item = theTours
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
tourid = 0
try:
tourid = int(op)
except ValueError:
pass
if tourid != 0:
if len(pathinfo) > 0: # op on the tour's items
usertoursearch(resp, usrid, tourid, pathinfo)
else:
# op on the tour itself
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theTour = dao.gettourbyid(usrid, tourid)
resp.item = theTour
resp.message = "ok"
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
resp.message = "'%s' is not a supported operation." % op
def usersetting(resp, usrid, pathinfo, form):
if len(pathinfo) > 0:
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
name = pathinfo.pop()
method = os.environ["REQUEST_METHOD"]
if method == "GET":
theSetting = dataobjects.Setting(name)
theSetting.user = usrid
theSetting = dao.getsetting(theSetting)
resp.item = theSetting
resp.message = "ok"
elif method == "POST":
try:
if form.has_key("value"):
value = form["value"].value
theSetting = dataobjects.Setting(name)
theSetting.user = usrid
theSetting = dao.getsetting(theSetting)
if theSetting == None:
# create the setting
theSetting = dataobjects.Setting(name, value)
theSetting.user = usrid
dao.savesetting(theSetting)
resp.message = "ok"
resp.item = theSetting
resp.listkey = "setting"
else:
# edit the setting
theSetting = dataobjects.Setting(name, value)
theSetting.user = usrid
dao.updatesetting(theSetting)
resp.message = "ok"
resp.item = theSetting
resp.listkey = "setting"
else:
resp.message = "'value' not found, and required for creating or editing a setting."
except:
resp.message = "'value' not found, and required for creating or editing a setting."
elif method == "DELETE":
theSetting = dataobjects.Setting(name)
theSetting.user = usrid
theSetting = dao.getsetting(theSetting)
dao.deletesetting(theSetting)
resp.message = "ok"
else:
resp.message = "HTTP Method not supported."
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
resp.message = "Not enough path to go on."
def usertoursearch(resp, usrid, tourid, pathinfo):
if len(pathinfo) < 2:
resp.message = "Not enough path to go on."
else:
op = pathinfo.pop()
if op == "search":
op = pathinfo.pop()
if op == "all":
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theSearches = dao.getsearchesintour(usrid, tourid)
resp.item = theSearches
resp.listkey = "searches"
resp.message = "ok"
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
searchid = 0
try:
searchid = int(op)
except ValueError:
pass
if searchid != 0:
if len(pathinfo) > 0: # op on the search's items
usertoursearchresult(resp, searchid, tourid, usrid, pathinfo)
else:
# op on the search itself
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theSearch = dao.getsearchbyid(usrid, tourid, searchid)
resp.item = theSearch
resp.listkey = "searches"
resp.message = "ok"
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
resp.message = "'%s' is not a supported operation." % op
else:
resp.message = "'%s' is not a supported operation on a tour." % op
def usertoursearchresult(resp, searchid, tourid, usrid, pathinfo):
if len(pathinfo) < 2:
resp.message = "Not enough path to go on."
else:
op = pathinfo.pop()
if op == "result":
op = pathinfo.pop()
if op == "all":
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theResults = dao.getresultsbysearch(usrid, searchid)
resp.item = theResults
resp.listkey = "results"
resp.message = "ok"
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
resultid = 0
try:
resultid = int(op)
except ValueError:
pass
if resultid != 0:
# op on the result itself
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
theResult = dao.getresultbyid(usrid, searchid, resultid)
resp.item = theResult
resp.listkey = "results"
resp.message = "ok"
else:
resp.message = "%d is not a valid user, or the authorization is incorrect." % usrid
else:
resp.message = "'%s' is not a supported operation." % op
else:
resp.message = "'%s' is not a supported operation on a search." % op
except ValueError:
pass
if usrid > 0:
if len(pathinfo) > 0: # op on the user's items
userop = pathinfo.pop()
if userop == "setting": # do some setting stuff
usersetting(resp, usrid, pathinfo, form)
elif userop == "tour": # do some tour stuff
usertour(resp, usrid, pathinfo)
else:
resp.message = "'%s' is an unknown operation." % userop
else: # op on the user id
if method == "DELETE": # delete
theUser = dao.getuser(usrid, util.authsecret())
if theUser != None:
dao.deleteuser(usrid)
resp.message = "ok"
else:
resp.message = "User secret is invalid."
elif method == "POST":
try:
if form.has_key("user") and form.has_key("password") and form.has_key("email"):
theUser = dataobjects.User(
form["user"].value, util.encrypt(form["password"].value), usrid, form["email"].value
)
if theUser.secret() == util.authsecret():
dao.updateuser(theUser)
import simplejson
from vtour import db, util, dataobjects, dao, encoders
form = cgi.FieldStorage()
resp = encoders.Response()
if (form.has_key("op")):
op = form["op"].value
if ( op == "getsearched" ):
if ( form.has_key( "user" ) and form.has_key( "secret" ) and form.has_key( "search" ) ):
usr = int(form["user"].value)
secret = form["secret"].value
theUser = dao.getuser( usr, secret )
if ( theUser != None ):
search = int(form["search"].value)
theResults = dao.getresultsbysearch( usr, search )
resp.message = "ok"
resp.item = theResults
else:
resp.message = "%d is not a valid user, or the secret is incorrect." % usr
else:
resp.message = "To get results by search, use the 'user', 'secret', and 'search' parameters."
else:
resp.message = "'%s' is not a supported operation." % op
else:
resp.message = "No operation specified."
