def api_call(request, format="json"):
""" the public api
attempts to validate a request as a valid oauth request then
builds the appropriate api_user object and tries to dispatch
to the provided method
"""
servertime = api.utcnow()
try:
kwargs = oauth_util.get_method_kwargs(request)
json_params = kwargs.pop('json_params', None)
if json_params:
parsed = simplejson.loads(json_params)
# Turn the keys from unicode to str so that they can be used as method
# parameters.
kwargs.update(dict([(str(k), v) for k, v in parsed.iteritems()]))
method = kwargs.pop('method', '').replace('.', '_')
if method == 'presence_send':
method = 'post'
if not method:
raise exception.ApiException(exception.NO_METHOD,
"No method specified")
# Allows us to turn off authentication for testing purposes
if not settings.API_DISABLE_VERIFICATION:
api_user = request.user
else:
api_user = api.ROOT
method_ref = api.PublicApi.get_method(method, api_user)
if not method_ref:
raise exception.ApiException(exception.INVALID_METHOD,
'Invalid method: %s' % method)
if not api_user:
raise exception.ApiException(0x00, 'Invalid API user')
if getattr(api_user, 'legacy', None) and method == 'post':
kwargs['nick'] = api_user.nick
rv = method_ref(api_user, **kwargs)
if rv is None:
raise exception.ApiException(0x00,
'method %s returned None' % (method))
return render_api_response(rv, format, servertime=servertime)
except oauth_util.OAuthError, e:
exc = exception.ApiException(exception.OAUTH_ERROR, e.message)
return render_api_response(exc, format)
def api_vendor_sms_receive(request, vendor_secret=None):
""" a one off implementation for receiving sms from IPX """
if vendor_secret != settings.SMS_VENDOR_SECRET:
raise exception.ApiException(0x00, "Invalid secret")
sms_message = sms_protocol.SmsMessage.from_request(request)
sms_service = sms.SmsService(sms_protocol.SmsConnection())
sms_service.init_handlers()
rv = sms_service.handle_message(sms_message.sender, sms_message.target,
sms_message.message)
return http.HttpResponse(rv)
def api_vendor_queue_process(request):
""" process a queue item, redirect to self if there were more """
secret = request.REQUEST.get('secret')
if secret != settings.QUEUE_VENDOR_SECRET:
raise exception.ApiException(0x00, "Invalid secret")
try:
rv = api.task_process_any(api.ROOT)
if rv:
return http.HttpResponseRedirect(request.get_full_path())
except exception.ApiNoTasks:
pass
return http.HttpResponse('')
if getattr(api_user, 'legacy', None) and method == 'post':
kwargs['nick'] = api_user.nick
rv = method_ref(api_user, **kwargs)
if rv is None:
raise exception.ApiException(0x00,
'method %s returned None' % (method))
return render_api_response(rv, format, servertime=servertime)
except oauth_util.OAuthError, e:
exc = exception.ApiException(exception.OAUTH_ERROR, e.message)
return render_api_response(exc, format)
except exception.ApiException, e:
return render_api_response(e, format)
except TypeError, e:
exc = exception.ApiException(exception.INVALID_ARGUMENTS, str(e))
return render_api_response(exc, format)
except:
exception.handle_exception(request)
return render_api_response(request.errors[0], format)
# some error happened
return render_api_response(request.errors[0], format)
def api_xmlrpc(request):
return _XML_RPC_DISPATCHER.dispatch(request)
@decorator.debug_only
def api_loaddata(request):
def actor_settings(request, nick, page='index'):
""" just a static page that links to the rest"""
nick = clean.nick(nick)
view = api.actor_lookup_nick(api.ROOT, nick)
if not api.actor_owns_actor(request.user, view):
raise exception.ApiException(exception.PRIVACY_ERROR,
'Operation not allowed')
handled = common_views.handle_view_action(
request,
{
'activation_activate_mobile': view.url('/settings/mobile'),
'activation_request_email': view.url('/settings/email'),
'activation_request_mobile': view.url('/settings/mobile'),
'settings_change_notify': view.url('/settings/notifications'),
'settings_change_privacy': request.path,
'settings_update_account': view.url('/settings/profile'),
'actor_remove': '/logout',
#'oauth_remove_consumer': request.path,
#'oauth_remove_access_token': request.path
})
if handled:
return handled
# TODO(tyler/termie): This conflicts with the global settings import.
# Also, this seems fishy. Do none of the settings.* items work in templates?
import settings
# TODO(tyler): Merge this into handle_view_action, if possible
if 'password' in request.POST:
try:
validate.nonce(request, 'change_password')
password = request.POST.get('password', '')
confirm = request.POST.get('confirm', '')
validate.password_and_confirm(password, confirm, field='password')
api.settings_change_password(request.user, view.nick, password)
response = util.RedirectFlash(view.url() + '/settings/password',
'Password updated')
request.user.password = util.hash_password(request.user.nick,
password)
# TODO(mikie): change when cookie-auth is changed
user.set_user_cookie(response, request.user)
return response
except:
exception.handle_exception(request)
if page == 'feeds':
try:
if not settings.FEEDS_ENABLED:
raise exception.DisabledFeatureError(
'Feeds are currently disabled')
except:
exception.handle_exception(request)
if page == 'photo':
redirect_to = view.url() + '/settings/photo'
handled = common_views.common_photo_upload(request, redirect_to)
if handled:
return handled
area = 'settings'
full_page = page.capitalize()
if page == 'mobile':
full_page = 'Mobile Number'
mobile = api.mobile_get_actor(request.user, view.nick)
sms_notify = view.extra.get('sms_notify', False)
elif page == 'im':
full_page = 'IM Address'
im_address = api.im_get_actor(request.user, view.nick)
im_notify = view.extra.get('im_notify', False)
elif page == 'index':
email = api.email_get_actor(request.user, view.nick)
email_notify = view.extra.get('email_notify', False)
im_address = api.im_get_actor(request.user, view.nick)
im_notify = view.extra.get('im_notify', False)
elif page == 'feeds':
full_page = 'Web Feeds'
elif page == 'email':
full_page = 'Email Address'
email_notify = view.extra.get('email_notify', False)
# check if we already have an email
email = api.email_get_actor(request.user, view.nick)
# otherwise look for an unconfirmed one
if not email:
unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick)
if unconfirmeds:
unconfirmed_email = unconfirmeds[0].content
elif page == 'design':
handled = common_views.common_design_update(request, view.nick)
if handled:
return handled
full_page = 'Look and Feel'
elif page == 'notifications':
email = api.email_get_actor(request.user, view.nick)
email_notify = view.extra.get('email_notify', False)
im_address = api.im_get_actor(request.user, view.nick)
im_notify = view.extra.get('im_notify', False)
mobile = api.mobile_get_actor(request.user, request.user.nick)
sms_notify = view.extra.get('sms_notify', False)
sms_confirm = sms_notify and not view.extra.get('sms_confirmed', False)
# TODO(termie): remove this once we can actually receive sms
sms_confirm = False
elif page == 'profile':
# check if we already have an email
email = api.email_get_actor(request.user, view.nick)
# otherwise look for an unconfirmed one
if not email:
unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick)
if unconfirmeds:
unconfirmed_email = unconfirmeds[0].content
elif page == 'photo':
avatars = display.DEFAULT_AVATARS
small_photos = api.image_get_all_keys(request.user,
view.nick,
size='f')
# TODO(tyler): Fix this avatar nonsense!
own_photos = [{
'path':
small_photo.key().name(),
'name':
small_photo.key().name()[len('image/'):-len('_f.jpg')],
} for small_photo in small_photos]
elif page == 'privacy':
PRIVACY_PUBLIC = api.PRIVACY_PUBLIC
PRIVACY_CONTACTS = api.PRIVACY_CONTACTS
elif page == 'jsbadge':
full_page = 'Javascript Badges'
elif page == 'badge':
badges = [
{
'id': 'badge-stream',
'width': '200',
'height': '300',
'src': '/themes/%s/badge.swf' % settings.DEFAULT_THEME,
'title': 'Stream',
},
{
'id': 'badge-map',
'width': '200',
'height': '255',
'src': '/themes/%s/badge-map.swf' % settings.DEFAULT_THEME,
'title': 'Map',
},
{
'id': 'badge-simple',
'width': '200',
'height': '200',
'src': '/themes/%s/badge-simple.swf' % settings.DEFAULT_THEME,
'title': 'Simple',
},
]
elif page in ['password', 'delete']:
# Catch for remaining pages before we generate a 404.
pass
else:
return common_views.common_404(request)
# rendering
c = template.RequestContext(request, locals())
t = loader.get_template('actor/templates/settings_%s.html' % page)
return http.HttpResponse(t.render(c))
