def do_logout(request): if request.method == 'GET': logout(request) return render_to_response("login.html",{'mediaRoot': '/resources/', 'errorMsg':''}) else: response = HttpResponseBadRequest() response.write("This URI is only available for GET requests.")
def single_email_failed_response(): response = HttpResponseBadRequest() response.write('<p>The mail was not sent to all the recipients.' + ' Please check your request and try again.</p>') response.write('<p>If the problem persists, please contact' + ' the WebOps Team.</p>') return response
def do_login(request): if request.method == 'GET': if not request.user.is_authenticated(): return render_to_response("login.html",{'mediaRoot': '/resources/', 'errorMsg':''}) else: return render_to_response("EditDeploy.html",{'mediaRoot': '/resources/', 'username': request.user.username}) elif request.method == 'POST': username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) return render_to_response("EditDeploy.html",{'mediaRoot': '/resources/', 'username': user.username}) else: return render_to_response("login.html",{'mediaRoot': '/resources/', 'errorMsg':'Please enter a correct username and password. Note that both fields are case-sensitive.'}) else: return render_to_response("login.html",{'mediaRoot': '/resources/', 'errorMsg':'Please enter a correct username and password. Note that both fields are case-sensitive.'}) else: response = HttpResponseBadRequest() response.write("This URI is only available for GET or POST requests.")
def frames_downloading(request, storage_record_id): try: frame_request = json.dumps({"exp_id": storage_record_id}) storage_logger.debug( u'Получение изображений: Запрос списка изображений {}'.format( frame_request)) frames = requests.post(STORAGE_FRAMES_INFO_HOST, frame_request, timeout=settings.TIMEOUT_DEFAULT) if frames.status_code == 200: frames_info = json.loads(frames.content) storage_logger.debug( u'Получение изображений: Список изображений: {}'.format( frames_info)) frames_list = [FrameRecord(frame) for frame in frames_info] else: storage_logger.error( u'Получение изображений: Не удается получить список изображений. Ошибка: {}' .format(frames.status_code)) messages.error( request, u'Не удается получить список изображений. Ошибка: {}'.format( frames.status_code)) return HttpResponseBadRequest( u'Ошибкa {} при получении списка изображений'.format( frames.status_code), content_type='text/plain') except Timeout as e: storage_logger.error( u'Получение изображений: Не удается получить список изображений. Ошибка: {}' .format(e.message)) messages.error( request, u'Не удается получить список изображений. Сервер хранилища не отвечает. Попробуйте позже.' ) return HttpResponseBadRequest( u"Не удалось получить список изображений. Истекло время ожидания ответа", content_type='text/plain') except BaseException as e: storage_logger.error( u'Получение изображений: Не удается получить список изображений. Ошибка: {}' .format(e)) messages.error( request, u'Не удается получить список изображений. Сервер хранилища не отвечает. Попробуйте позже.' ) return HttpResponseBadRequest( u'Не удалось получить список изображений. Сервер хранилища не отвечает.', content_type='text/plain') for frame in frames_list: file_name = frame.id + '.png' if not os.path.exists(os.path.join(MEDIA_ROOT, file_name)): try: storage_logger.debug( u'Получение изображений: Запрос на получение изображения номер {}' .format(frame.id)) frame_response = requests.get(STORAGE_FRAMES_PNG.format( exp_id=storage_record_id, frame_id=frame.id), timeout=settings.TIMEOUT_DEFAULT, stream=True) if frame_response.status_code == 200: temp_file = tempfile.TemporaryFile() for block in frame_response.iter_content(1024 * 8): if not block: break temp_file.write(block) default_storage.save(os.path.join(MEDIA_ROOT, file_name), temp_file) else: storage_logger.error( u'Не удается получить изображениe {}. Ошибка: {}'. format(frame.num, frame_response.status_code)) return HttpResponseBadRequest( u'Ошибкa {} при получении изображения'.format( frame_response.status_code), content_type='text/plain') except Timeout as e: storage_logger.error( u'Получение изображений: Не удается получить изображения. Ошибка: {}' .format(e.message)) return HttpResponseBadRequest( u'Не удалось получить изображение номер {}. Истекло время ожидания ответа' .format(frame.num), content_type='text/plain') except BaseException as e: storage_logger.error( u'Получение изображений: Не удается получить изображения. Ошибка: {}' .format(e.message)) return HttpResponseBadRequest( u'Не удалось получить изображение номер {}. Сервер хранилища не отвечает.' .format(frame.num), content_type='text/plain') return HttpResponse(u'Изображения получены успешно', content_type='text/plain')
def graph_table(request): """Generate graph table page :param request: :return: """ hostnames = [h.strip() for h in request.GET.getlist('hostname', []) if h] object_ids = [o.strip() for o in request.GET.getlist('object_id', []) if o] if len(hostnames) == 0 and len(object_ids) == 0: return HttpResponseBadRequest('No hostname or object_id provided') # For convenience we will cache the servers in a dictionary. servers = {s['hostname']: s for s in Query({'hostname': Any(*hostnames)}, None)} servers.update({s['hostname']: s for s in Query({'object_id': Any(*object_ids)}, None)}) if len(servers) != len(hostnames) + len(object_ids): messages.error( request, 'One or more objects with hostname: {} or object_ids: {} does not ' 'exist'.format(','.join(hostnames), ','.join(object_ids))) # Find the collections which are related with all of the hostnames. # If there are two collections with same match, use only the one which # is not an overview. collections = [] for collection in Collection.objects.order_by('overview', 'sort_order'): if any(collection.name == c.name for c in collections): continue for hostname in servers.keys(): if GRAPHITE_ATTRIBUTE_ID not in servers[hostname]: break # The server hasn't got this attribute at all. value = servers[hostname][GRAPHITE_ATTRIBUTE_ID] assert isinstance(value, MultiAttr) if not any(collection.name == v for v in value): break # The server hasn't got this attribute value. else: collections.append(collection) # Prepare the graph descriptions descriptions = [] for collection in collections: for template in collection.template_set.all(): descriptions += ( [(template.name, template.description)] * len(servers.keys()) ) # Prepare the graph tables for all hosts graph_tables = [] for hostname in servers.keys(): graph_table = [] if request.GET.get('action') == 'Submit': custom_params = request.GET.urlencode() for collection in collections: column = collection.graph_column( servers[hostname], custom_params ) graph_table += [(k, [('Custom', v)]) for k, v in column] else: for collection in collections: graph_table += collection.graph_table(servers[hostname]) graph_tables.append(graph_table) if len(servers) > 1: # Add hostname to the titles for order, hostname in enumerate(servers.keys()): graph_tables[order] = [(k + ' on ' + hostname, v) for k, v in graph_tables[order]] # Combine them graph_table = [] for combined_tables in zip(*graph_tables): graph_table += list(combined_tables) return TemplateResponse(request, 'graphite/graph_table.html', { 'hostnames': servers.keys(), 'descriptions': descriptions, 'graph_table': graph_table, 'link': request.get_full_path(), 'from': request.GET.get('from', '-24h'), 'until': request.GET.get('until', 'now'), })
def OperationPlans(request): # Check permissions if request.method != "GET" or not request.is_ajax(): return HttpResponseBadRequest('Only ajax get requests allowed') if not request.user.has_perm("view_demand_report"): return HttpResponseForbidden('<h1>%s</h1>' % _('Permission denied')) # Collect list of selected sales orders so_list = request.GET.getlist('demand') # Collect operationplans associated with the sales order(s) id_list = [] for dm in Demand.objects.all().using( request.database).filter(pk__in=so_list).only('plan'): for op in dm.plan['pegging']: id_list.append(op['opplan']) # Collect details on the operationplans result = [] for o in PurchaseOrder.objects.all().using(request.database).filter( id__in=id_list, status='proposed'): result.append({ 'id': o.id, 'type': "PO", 'item': o.item.name, 'location': o.location.name, 'origin': o.supplier.name, 'startdate': str(o.startdate.date()), 'enddate': str(o.enddate.date()), 'quantity': float(o.quantity), 'value': float(o.quantity * o.item.price), 'criticality': float(o.criticality) }) for o in DistributionOrder.objects.all().using(request.database).filter( id__in=id_list, status='proposed'): result.append({ 'id': o.id, 'type': "DO", 'item': o.item.name, 'location': o.location.name, 'origin': o.origin.name, 'startdate': str(o.startdate), 'enddate': str(o.enddate), 'quantity': float(o.quantity), 'value': float(o.quantity * o.item.price), 'criticality': float(o.criticality) }) for o in ManufacturingOrder.objects.all().using(request.database).filter( id__in=id_list, status='proposed'): result.append({ 'id': o.id, 'type': "MO", 'item': '', 'location': o.operation.location.name, 'origin': o.operation.name, 'startdate': str(o.startdate.date()), 'enddate': str(o.enddate.date()), 'quantity': float(o.quantity), 'value': '', 'criticality': float(o.criticality) }) return HttpResponse(content=json.dumps(result), content_type='application/json; charset=%s' % settings.DEFAULT_CHARSET)
def update_tables(request, domain, data_type_id, test_patch=None): """ receives a JSON-update patch like following { "_id":"0920fe1c6d4c846e17ee33e2177b36d6", "tag":"growth", "view_link":"/a/gsid/fixtures/view_lookup_tables/?table_id:0920fe1c6d4c846e17ee33e2177b36d6", "is_global":false, "fields":{"genderr":{"update":"gender"},"grade":{}} } """ if test_patch is None: test_patch = {} if data_type_id: try: data_type = FixtureDataType.get(data_type_id) except ResourceNotFound: raise Http404() assert(data_type.doc_type == FixtureDataType._doc_type) assert(data_type.domain == domain) if request.method == 'GET': return json_response(strip_json(data_type)) elif request.method == 'DELETE': with CouchTransaction() as transaction: data_type.recursive_delete(transaction) return json_response({}) elif not request.method == 'PUT': return HttpResponseBadRequest() if request.method == 'POST' or request.method == "PUT": fields_update = test_patch or _to_kwargs(request) fields_patches = fields_update["fields"] data_tag = fields_update["tag"] is_global = fields_update["is_global"] # validate tag and fields validation_errors = [] if is_identifier_invalid(data_tag): validation_errors.append(data_tag) for field_name, options in fields_update['fields'].items(): method = options.keys() if 'update' in method: field_name = options['update'] if is_identifier_invalid(field_name) and 'remove' not in method: validation_errors.append(field_name) validation_errors = map(lambda e: _("\"%s\" cannot include special characters or " "begin with \"xml\" or a number.") % e, validation_errors) if validation_errors: return json_response({ 'validation_errors': validation_errors, 'error_msg': _( "Could not update table because field names were not " "correctly formatted"), }) with CouchTransaction() as transaction: if data_type_id: data_type = update_types(fields_patches, domain, data_type_id, data_tag, is_global, transaction) update_items(fields_patches, domain, data_type_id, transaction) else: if FixtureDataType.fixture_tag_exists(domain, data_tag): return HttpResponseBadRequest("DuplicateFixture") else: data_type = create_types(fields_patches, domain, data_tag, is_global, transaction) return json_response(strip_json(data_type))
def main(request, party=None): viewmode = settings.VIEWMODE_ open_new_tab = settings.OPEN_NEW_TAB_ hide_contest = settings.HIDE_CONTEST_ share_to_category = None if request.user.is_authenticated: if request.GET.get('as_coder') and request.user.has_perm('as_coder'): coder = Coder.objects.get(user__username=request.GET['as_coder']) else: coder = request.user.coder viewmode = coder.settings.get("view_mode", viewmode) hide_contest = coder.settings.get("hide_contest", hide_contest) open_new_tab = coder.settings.get("open_new_tab", open_new_tab) share_to_category = coder.settings.get("share_to_category", share_to_category) else: coder = None viewmode = request.GET.get("view", viewmode) hide_contest = request.GET.get("hide_contest", hide_contest) hide_contest = int(str(hide_contest).lower() in settings.YES_) time_format = get_timeformat(request) action = request.GET.get("action") if action is not None: if action == "party-contest-toggle" and request.user.is_authenticated: party = get_object_or_404(Party.objects.for_user(request.user), slug=request.GET.get("party"), author=coder) contest = get_object_or_404(Contest, pk=request.GET.get("pk")) rating, created = Rating.objects.get_or_create(contest=contest, party=party) if not created: rating.delete() return HttpResponse("ok") if action == "hide-contest-toggle": contest = get_object_or_404(Contest, pk=request.GET.get("pk")) filt, created = Filter.objects.get_or_create(coder=coder, contest=contest, to_show=False) if not created: filt.delete() return HttpResponse("deleted") return HttpResponse("created") return HttpResponseBadRequest("fail") has_tz = request.user.is_authenticated or "timezone" in request.session tzname = get_timezone(request) if tzname is None: return HttpResponse("accepted" if has_tz else "reload") if coder: ignore_filters = coder.ordered_filter_set.filter( categories__contains=['calendar']) ignore_filters = ignore_filters.filter(name__isnull=False).exclude( name='') ignore_filters = list(ignore_filters.values('id', 'name')) else: ignore_filters = [] if not coder or coder.settings.get('calendar_filter_long', True): ignore_filters = ignore_filters + [{ 'id': 0, 'name': 'Disabled fitler' }] context = { "ignore_filters": ignore_filters, "contests": get_view_contests(request, coder), } if isinstance(party, Party): context["party"] = { "id": party.id, "toggle_contest": 1, "has_permission_toggle": int(party.has_permission_toggle_contests(coder)), "contest_ids": party.rating_set.values_list('contest__id', flat=True), } now = timezone.now() banners = Banner.objects.filter(end_time__gt=now) if not settings.DEBUG: banners = banners.filter(enable=True) offset = get_timezone_offset(tzname) context.update({ "offset": offset, "now": now, "viewmode": viewmode, "hide_contest": hide_contest, "share_to_category": share_to_category, "timezone": tzname, "time_format": time_format, "open_new_tab": open_new_tab, "add_to_calendar": get_add_to_calendar(request), "banners": banners, }) return render(request, "main.html", context)
def upload(request): course_prefix = request.POST.get("course_prefix") course_suffix = request.POST.get("course_suffix") exam_id = request.POST.get("exam_id",'') common_page_data = get_common_page_data(request, course_prefix, course_suffix) data = {'common_page_data': common_page_data} if request.method == 'POST': request.session['video_privacy'] = request.POST.get("video_privacy") # Need partial instance with course for form slug validation new_video = Video(course=common_page_data['course']) form = S3UploadForm(request.POST, request.FILES, course=common_page_data['course'], instance=new_video) if form.is_valid(): new_video.index = new_video.section.getNextIndex() new_video.mode = 'draft' new_video.handle = course_prefix + "--" + course_suffix if exam_id: try: exam = Exam.objects.get(id=exam_id) except Exam.DoesNotExist: return HttpResponseBadRequest("The exam you wanted to link to this video was not found!") new_video.exam = exam exam.live_datetime = new_video.live_datetime exam.save() if exam.image: exam.image.live_datetime = new_video.live_datetime exam.image.save() # Bit of jiggery pokery to so that the id is set when the upload_path function is called. # Now storing file with id appended to the file path so that thumbnail and associated manifest files # are easily associated with the video by putting them all in the same directory. new_video.file = None new_video.save() new_video.file = form.cleaned_data['file'] new_video.save() kelvinator.tasks.duration.delay(new_video) new_video.create_ready_instance() # kick off remote jobs kelvinator.tasks.kelvinate.delay(new_video.file.name) # kelvinator.tasks.resize.delay(new_video.file.name, "large") # kelvinator.tasks.resize.delay(new_video.file.name, "small") if is_storage_local(): return redirect('courses.videos.views.list', course_prefix, course_suffix) if new_video.url: return redirect('courses.videos.views.list', course_prefix, course_suffix) authUrl = GetOAuth2Url(request, new_video) #eventually should store an access token, so they don't have to give permission everytime return redirect(authUrl) # return redirect("http://" + request.META['HTTP_HOST']) else: form = S3UploadForm(course=common_page_data['course']) data['form'] = form return render_to_response('videos/s3upload.html', data, context_instance=RequestContext(request))
def create_plan(request): plan_id = request.POST["plan_id"] if plan_id not in ("P5", "P75"): return HttpResponseBadRequest() sub = Subscription.objects.for_user(request.user) # Cancel the previous plan if sub.subscription_id: braintree.Subscription.cancel(sub.subscription_id) sub.subscription_id = "" sub.plan_id = "" sub.save() # Create Braintree customer record if not sub.customer_id: result = braintree.Customer.create({"email": request.user.email}) if not result.is_success: return log_and_bail(request, result) sub.customer_id = result.customer.id sub.save() # Create Braintree payment method if "payment_method_nonce" in request.POST: result = braintree.PaymentMethod.create({ "customer_id": sub.customer_id, "payment_method_nonce": request.POST["payment_method_nonce"] }) if not result.is_success: return log_and_bail(request, result) sub.payment_method_token = result.payment_method.token sub.save() # Create Braintree subscription result = braintree.Subscription.create({ "payment_method_token": sub.payment_method_token, "plan_id": plan_id, }) if not result.is_success: return log_and_bail(request, result) sub.subscription_id = result.subscription.id sub.plan_id = plan_id sub.save() # Update user's profile profile = request.user.profile if plan_id == "P5": profile.ping_log_limit = 1000 profile.team_access_allowed = True profile.save() elif plan_id == "P75": profile.ping_log_limit = 1000 profile.team_access_allowed = True profile.save() request.session["first_charge"] = True return redirect("hc-pricing")
def invalid_action(): if REGISTRATION_CONFIRM_INVALID_REDIRECT_PATH: return HttpResponseRedirect(REGISTRATION_CONFIRM_INVALID_REDIRECT_PATH) else: return HttpResponseBadRequest('invalid token!')
def ensure_user_information(strategy, auth_entry, backend=None, user=None, social=None, current_partial=None, allow_inactive_user=False, details=None, *args, **kwargs): """ Ensure that we have the necessary information about a user (either an existing account or registration data) to proceed with the pipeline. """ # We're deliberately verbose here to make it clear what the intended # dispatch behavior is for the various pipeline entry points, given the # current state of the pipeline. Keep in mind the pipeline is re-entrant # and values will change on repeated invocations (for example, the first # time through the login flow the user will be None so we dispatch to the # login form; the second time it will have a value so we continue to the # next pipeline step directly). # # It is important that we always execute the entire pipeline. Even if # behavior appears correct without executing a step, it means important # invariants have been violated and future misbehavior is likely. def dispatch_to_login(): """Redirects to the login page.""" return redirect(AUTH_DISPATCH_URLS[AUTH_ENTRY_LOGIN]) def dispatch_to_register(): """Redirects to the registration page.""" return redirect(AUTH_DISPATCH_URLS[AUTH_ENTRY_REGISTER]) def should_force_account_creation(): """ For some third party providers, we auto-create user accounts """ current_provider = provider.Registry.get_from_pipeline({'backend': current_partial.backend, 'kwargs': kwargs}) return (current_provider and (current_provider.skip_email_verification or current_provider.send_to_registration_first)) if not user: if user_exists(details or {}): # User has not already authenticated and the details sent over from # identity provider belong to an existing user. return dispatch_to_login() if is_api(auth_entry): return HttpResponseBadRequest() elif auth_entry == AUTH_ENTRY_LOGIN: # User has authenticated with the third party provider but we don't know which edX # account corresponds to them yet, if any. if should_force_account_creation(): return dispatch_to_register() return dispatch_to_login() elif auth_entry == AUTH_ENTRY_REGISTER: # User has authenticated with the third party provider and now wants to finish # creating their edX account. return dispatch_to_register() elif auth_entry == AUTH_ENTRY_ACCOUNT_SETTINGS: raise AuthEntryError(backend, 'auth_entry is wrong. Settings requires a user.') elif auth_entry in AUTH_ENTRY_CUSTOM: # Pass the username, email, etc. via query params to the custom entry page: return redirect_to_custom_form(strategy.request, auth_entry, details or {}, kwargs) else: raise AuthEntryError(backend, 'auth_entry invalid') if not user.is_active: # The user account has not been verified yet. if allow_inactive_user: # This parameter is used by the auth_exchange app, which always allows users to # login, whether or not their account is validated. pass elif social is None: # The user has just registered a new account as part of this pipeline. Their account # is inactive but we allow the login to continue, because if we pause again to force # the user to activate their account via email, the pipeline may get lost (e.g. # email takes too long to arrive, user opens the activation email on a different # device, etc.). This is consistent with first party auth and ensures that the # pipeline completes fully, which is critical. pass else: # This is an existing account, linked to a third party provider but not activated. # Double-check these criteria: assert user is not None assert social is not None # We now also allow them to login again, because if they had entered their email # incorrectly then there would be no way for them to recover the account, nor # register anew via SSO. See SOL-1324 in JIRA. # However, we will log a warning for this case: logger.warning( 'User "%s" is using third_party_auth to login but has not yet activated their account. ', user.username )
def __init__(self): HttpResponseBadRequest.__init__(self) self.write('<p>Bad Request. Please check your query and try again.</p>')
def publish_channel(request, channelid): status, response = ccserver_publish_channel(request.user, channelid) if status == "failure": return HttpResponseBadRequest(response) return HttpResponse(response)
def deploy_channel(request, channelid): status, response = activate_channel(request.user, channelid) if status == "failure": return HttpResponseBadRequest(response) return HttpResponse(response)
def post(self, request, *args, **kwargs): limit_reached = misc.is_user_limit_reached() username = request.POST["username"].strip() password = request.POST["password"].strip() if request.POST.get("ajax", "") == "1": ret = {"result": 0} if request.POST.get("method", "") == "register" and \ config.get_configuration('FREE_REGISTRATION') and \ not limit_reached: email = request.POST["email"].strip() fullname = request.POST["fullname"].strip() ret["result"] = self._do_checks_for_empty(request) if ret["result"] == 0: # if there was no errors ret["result"] = self._do_check_valid(request) if ret["result"] == 0: ret["result"] = 1 user = None try: user = auth.models.User.objects.create_user( username=username, email=email, password=password) except IntegrityError: ret["result"] = 10 except: ret["result"] = 10 user = None # this is not a good place to fire signal, but i need password for now # should create function createUser for future use if user: user.first_name = fullname booktype.apps.account.signals.account_created.send( sender=user, password=request.POST['password'], post_params=request.POST) try: user.save() # groups for group_name in json.loads( request.POST.get('groups')): if group_name.strip() != '': try: group = BookiGroup.objects.get( url_name=group_name) group.members.add(user) except: pass user2 = auth.authenticate(username=username, password=password) auth.login(request, user2) except: ret['result'] = 666 if request.POST.get('method', '') == 'signin': user = auth.authenticate(username=username, password=password) if user and user.is_active: auth.login(request, user) ret['result'] = 1 elif user and not user.is_active: ret['result'] = 4 else: try: auth.models.User.objects.get(username=username) # User does exist. Must be wrong password then ret['result'] = 3 except auth.models.User.DoesNotExist: # User does not exist ret['result'] = 2 if ret['result'] == 1: invite_data = request.session.pop('invite_data', False) if invite_data: assign_invitation(user, invite_data) return HttpResponse(json.dumps(ret), content_type="text/json") return HttpResponseBadRequest()
def likes_friendship(request, kind=''): try: req_username = request.GET.get('reqUser', False) req_user = '' if req_username: req_user = ExtUser.objects.get(username=req_username) token = request.META['HTTP_TOKEN'] user = Token.objects.get(pk=token).user if kind == 'create': user.create_friendship(req_user) return HttpResponse('Like created.') elif kind == 'delete': if user.delete_friendship(req_user) is True: return HttpResponse('Like deleted.') elif kind == 'getMutually': likes1, likes2 = user.get_friends() likes = list(chain(likes1, likes2)) all_likes = [] for like in likes: if like.friend != user: all_likes.append({ 'username': like.friend.username, 'photo': 'http://' + request.get_host() + like.friend.profile.photo.url, 'age': str(like.friend.birthday), 'location': like.friend.location, 'date': str(like.created.date()) }) else: all_likes.append({ 'username': like.creator.username, 'photo': 'http://' + request.get_host() + like.creator.profile.photo.url, 'age': str(like.creator.birthday), 'location': like.creator.location, 'date': str(like.created.date()) }) return JsonResponse({'ownLikes': all_likes}) elif kind == 'getSentLikes': likes1, likes2 = user.get_sent_requests_for_friendship() sent_likes = list(chain(likes1, likes2)) likes = [] for sent in sent_likes: if sent.friend != user: likes.append({ 'username': sent.friend.username, 'photo': 'http://' + request.get_host() + sent.friend.profile.photo.url, 'age': str(sent.friend.birthday), 'location': sent.friend.location, 'date': str(sent.created.date()) }) else: likes.append({ 'username': sent.creator.username, 'photo': 'http://' + request.get_host() + sent.creator.profile.photo.url, 'age': str(sent.creator.birthday), 'location': sent.creator.location, 'date': str(sent.created.date()) }) return JsonResponse({'ownLikes': likes}) elif kind == 'getOwnLikes': own_likes = user.get_requests_for_friendships() likes = [] for like in own_likes: likes.append({ 'username': like.creator.username, 'photo': 'http://' + request.get_host() + like.creator.profile.photo.url, 'age': str(like.creator.birthday), 'location': like.creator.location, 'date': str(like.created.date()) }) return JsonResponse({'ownLikes': likes}) except Token.DoesNotExist: return HttpResponseBadRequest('Token does not exist.') except Exception as e: return HttpResponseBadRequest('Something went wrong.')
def vcs_service_hook(request, service): """Shared code between VCS service hooks. Currently used for bitbucket_hook, github_hook and gitlab_hook, but should be usable for other VCS services (Google Code, custom coded sites, etc.) too. """ # We support only post methods if not settings.ENABLE_HOOKS: return HttpResponseNotAllowed(()) # Check if we got payload try: data = parse_hook_payload(request) except (ValueError, KeyError): return HttpResponseBadRequest('Could not parse JSON payload!') if not data: return HttpResponseBadRequest('Invalid data in json payload!') # Get service helper hook_helper = HOOK_HANDLERS[service] # Send the request data to the service handler. try: service_data = hook_helper(data, request) except Exception as error: LOGGER.error('failed to parse service %s data', service) report_error(error, request) return HttpResponseBadRequest('Invalid data in json payload!') # This happens on ping request upon installation if service_data is None: return hook_response('Hook working') # Log data service_long_name = service_data['service_long_name'] repos = service_data['repos'] repo_url = service_data['repo_url'] branch = service_data['branch'] full_name = service_data['full_name'] # Generate filter spfilter = Q(repo__in=repos) | Q(repo__iendswith=full_name) # We need to match also URLs which include username and password for repo in repos: if repo.startswith('http://'): spfilter = spfilter | (Q(repo__startswith='http://') & Q(repo__endswith='@{0}'.format(repo[7:]))) elif repo.startswith('https://'): spfilter = spfilter | (Q(repo__startswith='https://') & Q(repo__endswith='@{0}'.format(repo[8:]))) all_components = Component.objects.filter(spfilter) if branch is not None: all_components = all_components.filter(branch=branch) components = all_components.filter(project__enable_hooks=True) LOGGER.info( 'received %s notification on repository %s, branch %s, ' '%d matching components, %d to process', service_long_name, repo_url, branch, all_components.count(), components.count(), ) # Trigger updates updates = 0 for obj in components: updates += 1 LOGGER.info('%s notification will update %s', service_long_name, obj) Change.objects.create( component=obj, action=Change.ACTION_HOOK, details=service_data, ) perform_update.delay('Component', obj.pk) if updates == 0: return hook_response('No matching repositories found!', 'failure') return hook_response('Update triggered: {}'.format(', '.join( [obj.full_slug for obj in components])))
def __init__(self, message): DjangoHttpResponseBadRequest.__init__(self, message_to_json(message), content_type='application/json')
def _decorator(request, *args, **kwargs): # Deny access if the entrance exam feature is disabled if not core_toggles.ENTRANCE_EXAMS.is_enabled(): return HttpResponseBadRequest() return view_func(request, *args, **kwargs)
def get(self, request, patient_id=None, format=None): badRequest = False notFound = False patient = None if patient_id: try: patient = Patient.objects.get(id=patient_id) except: patient = None else: # look for optional arguments for searching kwargs = {} name = request.GET.get('name', '') if not name == '': try: patient = Patient.objects.filter( Q(paternal_last__icontains=name) | Q(maternal_last__icontains=name) | Q(first__icontains=name) | Q(middle__icontains=name)) except: patient = None else: paternal_last = request.GET.get('paternal_last', '') if not paternal_last == '': kwargs["paternal_last__icontains"] = paternal_last maternal_last = request.GET.get('maternal_last', '') if not maternal_last == '': kwargs["maternal_last__icontains"] = maternal_last first = request.GET.get('first', '') if not first == '': kwargs["first__icontains"] = first dob = request.GET.get('dob', '') if not dob == '': x = dob.split("/") if len(x) == 3: try: kwargs["dob"] = datetime.strptime(dob, "%m/%d/%Y") except: badRequest = True else: badRequest = True gender = request.GET.get('gender', '') if not gender == '': if gender == "Male": kwargs["gender"] = "m" elif gender == "Female": kwargs["gender"] = "f" else: badRequest = True if not badRequest: try: patient = Patient.objects.filter(**kwargs) except: patient = None if not patient and not badRequest: notFound = True elif patient: if patient_id: ret = self.serialize(patient) else: ret = [] for x in patient: ret.append(x.id) if badRequest: return HttpResponseBadRequest() elif notFound: return HttpResponseNotFound() else: return Response(ret)
if sid: try: act_state = ActivityState.objects.get( state_id=str(urllib.unquote(sid))) except Exception, e: return HttpResponseBadRequest(e.message) return_json.append({"stateId": str(sid)}.items() + state_data.items()) return HttpResponse(json.dumps(return_json), content_type="application/json", status=200) else: return HttpResponse(state.json_state, content_type=state.content_type, status=200) return HttpResponseBadRequest( "Activity ID, State ID and Agent are all required") @login_required(login_url=LOGIN_URL) def my_activity_profiles(request): act_id = request.GET.get("act_id", None) if act_id: profs = ActivityProfile.objects.filter( activityId=urllib.unquote(act_id)) p_list = [] for prof in profs: p_list.append({ "profileId": prof.profileId, "updated": str(prof.updated) }) return HttpResponse(json.dumps(p_list),
def post(self, request): """ Allow users to post images i.e upload images to cloud storage. POST request parameters: [REQUIRED] image: containing a file object for the image to be uploaded or base64: containig the base64 equivalent of the image to be uploaded [OPTIONAL] eventId: containg the event id of the event where the image will be rendered isTrusted: whether the image came from a trusted source or not Arguments: request {[type]} -- [ Contains the django request object] Returns: [HttpResponseBadRequest] -- [If neither image or base64 parameter is provided] [JsonResponse] -- [Containing the uuid of image] """ print("Request Recieved", time.time()) # Generate uuid for the file. Never trust user. image = Image(name=str(uuid4())) print() if request.FILES.get('image', False): uploaded_file = request.FILES['image'] file_system = FileSystemStorage() # save file_system.save(image.name, uploaded_file) image.uuid = image.name + '.' + uploaded_file.name.split('.')[-1] elif request.POST.get('base64', False): data_uri = request.POST['base64'] # name = str(uuid4()) # NOTE: decodestring is deprecated img = base64.decodestring(str.encode(data_uri.split(",")[1])) with open(image.name, "wb") as image_file: image_file.write(img) image.uuid = image.name + '.jpg' else: return HttpResponseBadRequest( "Bad request: base64 or image field should be given") print("File Saved", time.time()) image.create_thumbnail(storage=STORAGE) # Upload files to Cloud storage image.put(storage=STORAGE) # Update Event if id is given, if request.POST.get("eventId", False): event_id = request.POST.get("eventId", False) is_trusted = request.POST.get('isValid', '') == 'true' image.is_trusted = is_trusted image.save(event_id, DB) # DB.child('incidents').child(event_id).child("images").push(image_data) print("Image Added") # Return file id for future reference print("Returning From Request", time.time()) return JsonResponse({'name': image.uuid})
def checklists_handler(request, tag=None, package_id=None, branch=None, version_guid=None, block=None, checklist_index=None): """ The restful handler for checklists. GET html: return html page for all checklists json: return json representing all checklists. checklist_index is not supported for GET at this time. POST or PUT json: updates the checked state for items within a particular checklist. checklist_index is required. """ location = BlockUsageLocator(package_id=package_id, branch=branch, version_guid=version_guid, block_id=block) if not has_course_access(request.user, location): raise PermissionDenied() old_location = loc_mapper().translate_locator_to_location(location) modulestore = get_modulestore(old_location) course_module = modulestore.get_item(old_location) json_request = 'application/json' in request.META.get( 'HTTP_ACCEPT', 'application/json') if request.method == 'GET': # If course was created before checklists were introduced, copy them over # from the template. if not course_module.checklists: course_module.checklists = CourseDescriptor.checklists.default modulestore.update_item(course_module, request.user.id) expanded_checklists = expand_all_action_urls(course_module) if json_request: return JsonResponse(expanded_checklists) else: handler_url = location.url_reverse('checklists/', '') return render_to_response( 'checklists.html', { 'handler_url': handler_url, # context_course is used by analytics 'context_course': course_module, 'checklists': expanded_checklists }) elif json_request: # Can now assume POST or PUT because GET handled above. if checklist_index is not None and 0 <= int(checklist_index) < len( course_module.checklists): index = int(checklist_index) persisted_checklist = course_module.checklists[index] modified_checklist = json.loads(request.body) # Only thing the user can modify is the "checked" state. # We don't want to persist what comes back from the client because it will # include the expanded action URLs (which are non-portable). for item_index, item in enumerate(modified_checklist.get('items')): persisted_checklist['items'][item_index]['is_checked'] = item[ 'is_checked'] # seeming noop which triggers kvs to record that the metadata is # not default course_module.checklists = course_module.checklists course_module.save() modulestore.update_item(course_module, request.user.id) expanded_checklist = expand_checklist_action_url( course_module, persisted_checklist) return JsonResponse(expanded_checklist) else: return HttpResponseBadRequest( ("Could not save checklist state because the checklist index " "was out of range or unspecified."), content_type="text/plain") else: return HttpResponseNotFound()
def delete_user(request): if request.user.is_authenticated(): if request.method == 'DELETE': request.user.delete() return HttpResponse('OK') return HttpResponseBadRequest('Bad credentials')
def post_comment_ajax(request, using=None): """ Post a comment, via an Ajax call. """ if not request.is_ajax(): return HttpResponseBadRequest("Expecting Ajax call") # This is copied from django.contrib.comments. # Basically that view does too much, and doesn't offer a hook to change the rendering. # The request object is not passed to next_redirect for example. # # This is a separate view to integrate both features. Previously this used django-ajaxcomments # which is unfortunately not thread-safe (it it changes the comment view per request). # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name( ) or request.user.username if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest( "Missing content_type or object_pk field.") try: object_pk = long(object_pk) model = models.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except ValueError: return CommentPostBadRequest("Invalid object_pk value: {0}".format( escape(object_pk))) except TypeError: return CommentPostBadRequest("Invalid content_type value: {0}".format( escape(ctype))) except AttributeError: return CommentPostBadRequest( "The given content-type {0} does not resolve to a valid model.". format(escape(ctype))) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type {0} and object PK {1} exists.". format(escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type {0!r} and object PK {1!r} exists raised {2}" .format(escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: {0}".format) # If there are errors or if we requested a preview show the comment if preview: comment = form.get_comment_object() if not form.errors else None return _ajax_result(request, form, "preview", comment, object_id=object_pk) if form.errors: return _ajax_result(request, form, "post", object_id=object_pk) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated(): comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver {0} killed the comment". format(receiver.__name__)) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) if isinstance(comment.content_object, Post): post = comment.content_object if comment.user.id is not post.user.id: notify.send(comment.user, recipient=post.user, verb=u'has commented on your post', action_object=comment, description=u'', target=post) return _ajax_result(request, form, "post", comment, object_id=object_pk)
def upload_image(request, imageset_id): imageset = get_object_or_404(ImageSet, id=imageset_id) if request.method == 'POST' \ and imageset.has_perm('edit_set', request.user) \ and not imageset.image_lock: if request.FILES is None: return HttpResponseBadRequest('Must have files attached!') json_files = [] for f in request.FILES.getlist('files[]'): error = { 'duplicates': 0, 'damaged': False, 'directories': False, 'exists': False, 'unsupported': False, 'zip': False, } magic_number = f.read(4) f.seek(0) # reset file cursor to the beginning of the file if magic_number == b'PK\x03\x04': # ZIP file magic number error['zip'] = True zipname = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) for _ in range(6)) + '.zip' if not os.path.exists(os.path.join(imageset.root_path(), 'tmp')): os.makedirs(os.path.join(imageset.root_path(), 'tmp')) with open(os.path.join(imageset.root_path(), 'tmp', zipname), 'wb') as out: for chunk in f.chunks(): out.write(chunk) # unpack zip-file zip_ref = zipfile.ZipFile(os.path.join(imageset.root_path(), 'tmp', zipname), 'r') zip_ref.extractall(os.path.join(imageset.root_path(), 'tmp')) zip_ref.close() # delete zip-file os.remove(os.path.join(imageset.root_path(), 'tmp', zipname)) filenames = [f for f in os.listdir(os.path.join(imageset.root_path(), 'tmp'))] filenames.sort() duplicat_count = 0 for filename in filenames: file_path = os.path.join(imageset.root_path(), 'tmp', filename) try: if imghdr.what(file_path) in settings.IMAGE_EXTENSION: # creates a checksum for image fchecksum = hashlib.sha512() with open(file_path, 'rb') as fil: while True: buf = fil.read(10000) if not buf: break fchecksum.update(buf) fchecksum = fchecksum.digest() # Tests for duplicats in imageset if Image.objects.filter(checksum=fchecksum, image_set=imageset).count() == 0: (shortname, extension) = os.path.splitext(filename) img_fname = (''.join(shortname) + '_' + ''.join( random.choice( string.ascii_uppercase + string.ascii_lowercase + string.digits) for _ in range(6)) + extension) try: with PIL_Image.open(file_path) as image: width, height = image.size file_new_path = os.path.join(imageset.root_path(), img_fname) shutil.move(file_path, file_new_path) shutil.chown(file_new_path, group=settings.UPLOAD_FS_GROUP) new_image = Image(name=filename, image_set=imageset, filename=img_fname, checksum=fchecksum, width=width, height=height ) new_image.save() except (OSError, IOError): error['damaged'] = True os.remove(file_path) else: os.remove(file_path) duplicat_count = duplicat_count + 1 else: error['unsupported'] = True except IsADirectoryError: error['directories'] = True if duplicat_count > 0: error['duplicates'] = duplicat_count else: # creates a checksum for image fchecksum = hashlib.sha512() for chunk in f.chunks(): fchecksum.update(chunk) fchecksum = fchecksum.digest() # tests for duplicats in imageset if Image.objects.filter(checksum=fchecksum, image_set=imageset)\ .count() == 0: fname = f.name.split('.') fname = ('_'.join(fname[:-1]) + '_' + ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) for _ in range(6)) + '.' + fname[-1]) image = Image( name=f.name, image_set=imageset, filename=fname, checksum=fchecksum) with open(image.path(), 'wb') as out: for chunk in f.chunks(): out.write(chunk) shutil.chown(image.path(), group=settings.UPLOAD_FS_GROUP) if imghdr.what(image.path()) in settings.IMAGE_EXTENSION: try: with PIL_Image.open(image.path()) as image_file: width, height = image_file.size image.height = height image.width = width image.save() except (OSError, IOError): error['damaged'] = True os.remove(image.path()) else: error['unsupported'] = True os.remove(image.path()) else: error['exists'] = True errormessage = '' if error['zip']: errors = list() if error['directories']: errors.append('directories') if error['unsupported']: errors.append('unsupported files') if error['duplicates'] > 0: errors.append(str(error['duplicates']) + ' duplicates') if error['damaged']: errors.append('damaged files') if len(errors) > 0: # Build beautiful error message errormessage += ', '.join(errors) + ' in the archive have been skipped!' p = errormessage.rfind(',') if p != -1: errormessage = errormessage[:p].capitalize() + ' and' + errormessage[p + 1:] else: errormessage = errormessage.capitalize() else: if error['unsupported']: errormessage = 'This file type is unsupported!' elif error['damaged']: errormessage = 'This file seems to be damaged!' elif error['exists']: errormessage = 'This image already exists in the imageset!' if errormessage == '': json_files.append({'name': f.name, 'size': f.size, # 'url': reverse('images_imageview', args=(image.id, )), # 'thumbnailUrl': reverse('images_imageview', args=(image.id, )), # 'deleteUrl': reverse('images_imagedeleteview', args=(image.id, )), # 'deleteType': "DELETE", }) else: json_files.append({'name': f.name, 'size': f.size, 'error': errormessage, }) return JsonResponse({'files': json_files})
def requirement_new_link(request, requirement_id, location_id='', destination=''): permission_results = return_user_permission_level(request, None, 'requirement_link') if permission_results['requirement_link'] < 2: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": print("Requirement ID: " + requirement_id + "\nLocation ID: " + location_id + "\nTask or Project: " + destination) #Check to make sure that there exists a location id and project_or_task value if location_id == '' or destination == '': #Well - this is not good for POST print("Please check the URL") return HttpResponseBadRequest( "Please note, both location_id and project_or_task will need to be filled out." ) print("Trying to save") requirement_link_save = requirement_link( requirement=requirement.objects.get(requirement_id=requirement_id), change_user=request.user, ) if destination == "project": project_instance = project.objects.get(project_id=location_id) requirement_link_save.project_id = project_instance elif destination == "task": task_instance = task.objects.get(tasks_id=location_id) requirement_link_save.task_id = task_instance elif destination == "organisation": organisation_instance = organisation.objects.get( organisation_id=location_id) requirement_link_save.organisation_id = organisation_instance else: return HttpResponseBadRequest( "You can only choose: project, task, or organisation") requirement_link_save.save() #Return blank page\ # Load template t = loader.get_template('NearBeach/blank.html') # context c = {} return HttpResponse(t.render(c, request)) """ The linked requirement will only link to requirement the user has access to. Nothing else. """ cursor = connection.cursor() cursor.execute( """ SELECT DISTINCT project.project_id , project.project_name from project left join project_task on project.project_id = project_task.project_id and project_task.is_deleted = 'FALSE' , project_group , user_group where 1 = 1 and project.project_status IN ('New','Open') and project.project_status IN ('New','Open') and project.project_id = project_group.project_id_id and project_group.group_id_id = user_group.group_id and user_group.username_id = %s """, [request.user.id]) project_results = namedtuplefetchall(cursor) cursor.execute( """ select DISTINCT task.tasks_id , task.task_short_description from task , tasks_group , user_group , organisation where 1 = 1 and task.task_status in ('New','Open') and task.tasks_id = tasks_group.tasks_id_id and tasks_group.group_id_id = user_group.group_id and user_group.username_id = %s and task.organisation_id_id=organisation.organisation_id """, [request.user.id]) task_results = namedtuplefetchall(cursor) #Load template t = loader.get_template( 'NearBeach/requirement_information/requirement_new_link.html') # context c = { 'requirement_id': requirement_id, 'project_results': project_results, 'task_results': task_results, } return HttpResponse(t.render(c, request))
def donate(request): """Add a single donation item to the cart and proceed to payment. Warning: this call will clear all the items in the user's cart before adding the new item! Arguments: request (Request): The Django request object. This should contain a JSON-serialized dictionary with "amount" (string, required), and "course_id" (slash-separated course ID string, optional). Returns: HttpResponse: 200 on success with JSON-encoded dictionary that has keys "payment_url" (string) and "payment_params" (dictionary). The client should POST the payment params to the payment URL. HttpResponse: 400 invalid amount or course ID. HttpResponse: 404 donations are disabled. HttpResponse: 405 invalid request method. Example usage: POST /shoppingcart/donation/ with params {'amount': '12.34', course_id': 'edX/DemoX/Demo_Course'} will respond with the signed purchase params that the client can send to the payment processor. """ amount = request.POST.get('amount') course_id = request.POST.get('course_id') # Check that required parameters are present and valid if amount is None: msg = u"Request is missing required param 'amount'" log.error(msg) return HttpResponseBadRequest(msg) try: amount = ( decimal.Decimal(amount) ).quantize( decimal.Decimal('.01'), rounding=decimal.ROUND_DOWN ) except decimal.InvalidOperation: return HttpResponseBadRequest("Could not parse 'amount' as a decimal") # Any amount is okay as long as it's greater than 0 # Since we've already quantized the amount to 0.01 # and rounded down, we can check if it's less than 0.01 if amount < decimal.Decimal('0.01'): return HttpResponseBadRequest("Amount must be greater than 0") if course_id is not None: try: course_id = CourseLocator.from_string(course_id) except InvalidKeyError: msg = u"Request included an invalid course key: {course_key}".format(course_key=course_id) log.error(msg) return HttpResponseBadRequest(msg) # Add the donation to the user's cart cart = Order.get_cart_for_user(request.user) cart.clear() try: # Course ID may be None if this is a donation to the entire organization Donation.add_to_order(cart, amount, course_id=course_id) except InvalidCartItem as ex: log.exception(( u"Could not create donation item for " u"amount '{amount}' and course ID '{course_id}'" ).format(amount=amount, course_id=course_id)) return HttpResponseBadRequest(unicode(ex)) # Start the purchase. # This will "lock" the purchase so the user can't change # the amount after we send the information to the payment processor. # If the user tries to make another donation, it will be added # to a new cart. cart.start_purchase() # Construct the response params (JSON-encoded) callback_url = request.build_absolute_uri( reverse("shoppingcart.views.postpay_callback") ) response_params = json.dumps({ # The HTTP end-point for the payment processor. "payment_url": get_purchase_endpoint(), # Parameters the client should send to the payment processor "payment_params": get_signed_purchase_params( cart, callback_url=callback_url, extra_data=([unicode(course_id)] if course_id else None) ), }) return HttpResponse(response_params, content_type="text/json")
def process_exception(self, request, exception): log.debug(f"{request}: {exception}") if isinstance(exception, ValueError): return HttpResponseBadRequest(content_type='application/json', content=json.dumps( {"error": str(exception)}))
def update(request): plan_id = request.POST["plan_id"] nonce = request.POST["nonce"] sub = Subscription.objects.for_user(request.user) # If plan_id has not changed then just update the payment method: if plan_id == sub.plan_id: if not sub.subscription_id: error = sub.setup(plan_id, nonce) else: error = sub.update_payment_method(nonce) if error: return log_and_bail(request, error) request.session["payment_method_status"] = "success" return redirect("hc-billing") if plan_id not in ("", "P20", "P80", "Y192", "Y768", "S5", "S48"): return HttpResponseBadRequest() # Cancel the previous plan and reset limits: sub.cancel() profile = request.user.profile profile.ping_log_limit = 100 profile.check_limit = 20 profile.team_limit = 2 profile.sms_limit = 5 profile.call_limit = 0 profile.save() if plan_id == "": request.session["set_plan_status"] = "success" return redirect("hc-billing") error = sub.setup(plan_id, nonce) if error: return log_and_bail(request, error) # Update user's profile profile = request.user.profile if plan_id in ("S5", "S48"): profile.check_limit = 20 profile.team_limit = 2 profile.ping_log_limit = 1000 profile.sms_limit = 5 profile.sms_sent = 0 profile.call_limit = 5 profile.calls_sent = 0 profile.save() elif plan_id in ("P20", "Y192"): profile.check_limit = 100 profile.team_limit = 9 profile.ping_log_limit = 1000 profile.sms_limit = 50 profile.sms_sent = 0 profile.call_limit = 20 profile.calls_sent = 0 profile.save() elif plan_id in ("P80", "Y768"): profile.check_limit = 1000 profile.team_limit = 500 profile.ping_log_limit = 1000 profile.sms_limit = 500 profile.sms_sent = 0 profile.call_limit = 100 profile.calls_sent = 0 profile.save() request.session["set_plan_status"] = "success" return redirect("hc-billing")
def post(self, request, course_id): """Takes the form submission from the page and parses it. Args: request (`Request`): The Django Request object. course_id (unicode): The slash-separated course key. Returns: Status code 400 when the requested mode is unsupported. When the honor mode is selected, redirects to the dashboard. When the verified mode is selected, returns error messages if the indicated contribution amount is invalid or below the minimum, otherwise redirects to the verification flow. """ course_key = CourseKey.from_string(course_id) user = request.user # This is a bit redundant with logic in student.views.change_enrollment, # but I don't really have the time to refactor it more nicely and test. course = modulestore().get_course(course_key) if not user.has_perm(ENROLL_IN_COURSE, course): error_msg = _("Enrollment is closed") return self.get(request, course_id, error=error_msg) requested_mode = self._get_requested_mode(request.POST) allowed_modes = CourseMode.modes_for_course_dict(course_key) if requested_mode not in allowed_modes: return HttpResponseBadRequest(_("Enrollment mode not supported")) if requested_mode == 'audit': # If the learner has arrived at this screen via the traditional enrollment workflow, # then they should already be enrolled in an audit mode for the course, assuming one has # been configured. However, alternative enrollment workflows have been introduced into the # system, such as third-party discovery. These workflows result in learners arriving # directly at this screen, and they will not necessarily be pre-enrolled in the audit mode. CourseEnrollment.enroll(request.user, course_key, CourseMode.AUDIT) # If the course has started redirect to course home instead if course.has_started(): return redirect( reverse('openedx.course_experience.course_home', kwargs={'course_id': course_key})) return redirect(reverse('dashboard')) if requested_mode == 'honor': CourseEnrollment.enroll(user, course_key, mode=requested_mode) # If the course has started redirect to course home instead if course.has_started(): return redirect( reverse('openedx.course_experience.course_home', kwargs={'course_id': course_key})) return redirect(reverse('dashboard')) mode_info = allowed_modes[requested_mode] if requested_mode == 'verified': amount = request.POST.get("contribution") or \ request.POST.get("contribution-other-amt") or 0 try: # Validate the amount passed in and force it into two digits amount_value = decimal.Decimal(amount).quantize( decimal.Decimal('.01'), rounding=decimal.ROUND_DOWN) except decimal.InvalidOperation: error_msg = _("Invalid amount selected.") return self.get(request, course_id, error=error_msg) # Check for minimum pricing if amount_value < mode_info.min_price: error_msg = _( "No selected price or selected price is too low.") return self.get(request, course_id, error=error_msg) donation_for_course = request.session.get("donation_for_course", {}) donation_for_course[six.text_type(course_key)] = amount_value request.session["donation_for_course"] = donation_for_course return redirect( reverse('verify_student_start_flow', kwargs={'course_id': six.text_type(course_key)}))
def multiple_emails_failed_response(failed_recipients): response = HttpResponseBadRequest() response.write('<p>The mail was not sent to all the recipients.' + ' Please check your request and try again.</p>') response.write('<br/><p>The following recipients did not receive' + ' the mail:</p>') response.write('<ul>') for email in failed_recipients: response.write('<li>'+email+'</li>') response.write('</ul>') return response
def _upload_file(self, request): """ Upload file to the server. """ if request.method == "POST": folder = request.GET.get('folder', '') if len(request.FILES) == 0: return HttpResponseBadRequest( 'Invalid request! No files included.') if len(request.FILES) > 1: return HttpResponseBadRequest( 'Invalid request! Multiple files included.') filedata = list(request.FILES.values())[0] fb_uploadurl_re = re.compile( r'^.*(%s)' % reverse("filebrowser:fb_upload", current_app=self.name)) folder = fb_uploadurl_re.sub('', folder) path = os.path.join(self.directory, folder) # we convert the filename before uploading in order # to check for existing files/folders file_name = convert_filename(filedata.name) filedata.name = file_name file_path = os.path.join(path, file_name) file_already_exists = self.storage.exists(file_path) # Check for name collision with a directory if file_already_exists and self.storage.isdir(file_path): ret_json = {'success': False, 'filename': file_name} return HttpResponse(json.dumps(ret_json)) signals.filebrowser_pre_upload.send(sender=request, path=folder, file=filedata, site=self) uploadedfile = handle_file_upload(path, filedata, site=self) local_storage = True if file_already_exists and OVERWRITE_EXISTING: old_file = smart_text(file_path) new_file = smart_text(uploadedfile) self.storage.move(new_file, old_file, allow_overwrite=True) try: full_path = FileObject(smart_text(old_file), site=self).path_full except NotImplementedError: local_storage = False else: file_name = smart_text(uploadedfile) filedata.name = os.path.relpath(file_name, path) try: full_path = FileObject(smart_text(file_name), site=self).path_full except NotImplementedError: local_storage = False # set permissions if local_storage and DEFAULT_PERMISSIONS is not None: os.chmod(full_path, DEFAULT_PERMISSIONS) f = FileObject(smart_text(file_name), site=self) signals.filebrowser_post_upload.send(sender=request, path=folder, file=f, site=self) # let Ajax Upload know whether we saved it or not ret_json = {'success': True, 'filename': f.filename} return HttpResponse(json.dumps(ret_json), content_type="application/json")
def batch_edit_translations(request): """Perform an action on a list of translations. Available actions are defined in `ACTIONS_FN_MAP`. Arguments to this view are defined in `models.BatchActionsForm`. """ form = forms.BatchActionsForm(request.POST) if not form.is_valid(): return HttpResponseBadRequest(form.errors.as_json()) locale = get_object_or_404(Locale, code=form.cleaned_data['locale']) entities = ( Entity.objects .filter(pk__in=form.cleaned_data['entities']) .prefetch_translations(locale) ) if not entities.exists(): return JsonResponse({'count': 0}) # Batch editing is only available to translators. Check if user has # translate permissions for all of the projects in passed entities. # Also make sure projects are not enabled in read-only mode for a locale. projects_pk = entities.values_list('resource__project__pk', flat=True) projects = Project.objects.filter(pk__in=projects_pk.distinct()) for project in projects: if ( not request.user.can_translate(project=project, locale=locale) or readonly_exists(projects, locale) ): return HttpResponseForbidden( "Forbidden: You don't have permission for batch editing" ) active_translation_pks = set() # Find all impacted active translations, including plural forms. for entity in entities: if entity.string_plural == "": active_translation_pks.add(entity.get_translation()['pk']) else: for plural_form in range(0, locale.nplurals or 1): active_translation_pks.add( entity.get_translation(plural_form)['pk'] ) active_translation_pks.discard(None) active_translations = ( Translation.objects .filter(pk__in=active_translation_pks) ) # Execute the actual action. action_function = ACTIONS_FN_MAP[form.cleaned_data['action']] action_status = action_function( form, request.user, active_translations, locale, ) if action_status.get('error'): return JsonResponse(action_status) if action_status['count'] == 0: return JsonResponse({'count': 0}) update_stats(action_status['translated_resources'], entity, locale) mark_changed_translation(action_status['changed_entities'], locale) # Update latest translation. if action_status['latest_translation_pk']: Translation.objects.get( pk=action_status['latest_translation_pk'] ).update_latest_translation() update_translation_memory( action_status['changed_translation_pks'], project, locale ) return JsonResponse({ 'count': action_status['count'] })
def wrap(request, *args, **kwargs): if not request.is_ajax(): return HttpResponseBadRequest("Bad Request: Request must be AJAX") return f(request, *args, **kwargs)
def handler400(request): response = HttpResponseBadRequest() context = RequestContext(request) response.content = render_to_string('400.html', context_instance=context) return response
def __init__(self, request, msg): HttpResponseBadRequest.__init__(self, '<h1>400 Bad Request</h1><p>%s</p>'%msg)