def post(self):
'''Remove a previous upvote'''
logging.debug('%s'%self.request)
self.response.headers['Content-Type'] = 'application/json'
link = urllib.unquote(self.request.get('link'))
if link[-1] == '#': # Want to remove ending #
link = link[:-1]
link = strip_hash(link)
content = "Link needed."
id_token = ""
if link:
content = "Upvote removed for %s"%link
id_token = urllib.unquote(self.request.get('token'))
if id_token and '|' in id_token:
user = authentication.get_user(id_token)
if user: # Only accept votes from legit tokens
id_ = user.get_id()
# Check settings and update preferences
settings = user.get_settings()
if link in settings and not settings[link]:
user.blackmark() # Link already devoted, how did they devote it again?
else: # Register upvote
articles.get_vote(link).devote(id_)
user.change_settings(link, False)
response = {"content": content, "token": id_token}
self.write(json.dumps(response))
def transfer(self,amount,to):
if not isinstance(to,db.User):
to=get_user(self.session,to)
if to is None:
raise ValueError('Unknown User')
amount=int(amount)
if amount<0:
raise ValueError('Can only transfer positive amounts')
transfer=db.Transfer(sender=self._user,recipient=to,amount=amount)
self.session.add(transfer)
self.session.commit()
def transfer(self, amount, to):
if not isinstance(to, db.User):
to = get_user(self.session, to)
if to is None:
raise ValueError('Unknown User')
amount = int(amount)
if amount < 0:
raise ValueError('Can only transfer positive amounts')
transfer = db.Transfer(sender=self._user, recipient=to, amount=amount)
self.session.add(transfer)
self.session.commit()
def post(self):
logging.debug('%s'%self.request)
course = urllib.unquote(self.request.get('course'))
content = urllib.unquote(self.request.get('content'))
hash_link = urllib.unquote(self.request.get('hash_link'))
id_token = urllib.unquote(self.request.get('token'))
user = None
if id_token and '|' in id_token:
user = authentication.get_user(id_token)
if not user:
user = authentication.new_user(type='standard',
ip=self.request.remote_addr)
else:
user = authentication.new_user(type='standard',
ip=self.request.remote_addr)
author_id = user.get_id()
if course and content and hash_link:
panels.make_note(course, hash_link, author_id, content)
logging.debug('Received content: %s'%content)
self.write("Notes added")
else:
self.write("Please add course and content and hash_link")
def post(self):
'''Return the articles (nb: uses post due to token inclusion)'''
logging.debug('%s'%self.request)
content = articles.get_articles()
self.response.headers['Content-Type'] = 'application/json'
id_token = urllib.unquote(self.request.get('token'))
user = None
if id_token and '|' in id_token:
user = authentication.get_user(id_token)
if not user: # token has been tampered with or corrupted
# try panopticlick-style stuff with ip and headers
user = authentication.new_user(type='standard',
ip=self.request.remote_addr)
id_token = user.get_hash()
#user.blackmark()
# Send new token? If the user does not update the token,
# then this step will repeat and we end up with lots of fake users :(
else:
user = authentication.new_user(type='standard',
ip=self.request.remote_addr)
id_token = user.get_hash()
response = {"content": content, "token": id_token}
self.write(json.dumps(response))
def get_user():
# get user from firestore
user = authentication.get_user(session['username'])
del user['password']
del user['salt']
return jsonify(user)
def test_create_user_update_admin(self): u=auth.get_user(self.s,'admin') self.assertTrue(auth.create_user(self.s,'test','pass2',None,u)) u=auth.check_user(self.s,'test','pass2') self.assertIsNotNone(u)
def test_create_user_update_other(self): u=auth.get_user(self.s,'test_1') self.assertFalse(auth.create_user(self.s,'test','pass2',None,u)) u=auth.check_user(self.s,'test','pass') self.assertIsNotNone(u)
def test_create_user_new_creator(self): u=auth.get_user(self.s,'test') self.assertTrue(auth.create_user(self.s,'test_new','pass',None,u)) u=auth.get_user(self.s,'test_new') self.assertEqual(u.name,'test_new')
def test_get_user_not_existing(self): u=auth.get_user(self.s,'invalid') self.assertIsNone(u)
def test_get_user_existing(self): u=auth.get_user(self.s,'test') self.assertEqual(u.name,'test')