def log():
log = {
'url': request.args.get('url'),
'error': request.args.get('error'),
'filename': request.args.get('filename'),
'line': request.args.get('line'),
'useragent': request.args.get('useragent')
}
log['host'] = None
if log['url'] is not None:
match = re.findall('^http:\/\/[\w.:-]+', log['url'])
if match:
log['host'] = match[0]
if log['filename'] is not None:
log['filename'] = log['filename'][:500]
if log['line'] is not None:
log['line'] = int(log['line'])
error = Error(url=log['url'],
host=log['host'],
error=log['error'],
filename=log['filename'],
line=log['line'],
useragent=log['useragent'])
error.put()
response = make_response('{callback}({data})'.format(callback=str(
request.args.get('callback')),
data=json.dumps(log)))
response.mimetype = 'application/json'
return response
def log():
log = {
'url': request.args.get('url'),
'error': request.args.get('error'),
'filename': request.args.get('filename'),
'line': request.args.get('line'),
'useragent': request.args.get('useragent')
}
log['host'] = None
if log['url'] is not None:
match = re.findall('^http:\/\/[\w.:-]+', log['url'])
if match:
log['host'] = match[0]
if log['filename'] is not None:
log['filename'] = log['filename'][:500]
if log['line'] is not None:
log['line'] = int(log['line'])
error = Error(
url=log['url'],
host=log['host'],
error=log['error'],
filename=log['filename'],
line=log['line'],
useragent=log['useragent']
)
error.put()
response = make_response('{callback}({data})'.format(
callback=str(request.args.get('callback')), data=json.dumps(log)))
response.mimetype = 'application/json'
return response
def resend_activation():
"""
Resend the activation token in the user's email.
returns: 403 if any errors occur. 200 if successful, and user get the
activation mail resent to him.
"""
req = request.get_json()
try:
user = (User.query
.filter(User.email == req['email'])
.one())
if user.is_active:
return Error("User is already active", 403)()
serializer = URLSafeSerializer(app.config['SECRET_KEY'])
activation_token = serializer.dumps(user.email)
activation_url = url_for('User.activate_user',
activation_token=activation_token,
_external=True)
Mail(req['email'],
subject_data={'name': user.full_name},
html_data={'token': activation_url},
text_data={'name': user.full_name},
template_root=SIGNUP_ACTIVATION
).send()
return ""
except NoResultFound:
return Error("User with that email doesnt exist", 403)()
def add_model():
"""Add a new network model
"""
# parse the json request
new_model = Model.from_dict(connexion.request.form)
try:
# parse the attached xml files
req_files = connexion.request.files.getlist("files")
files = []
for f in req_files:
# Validate xml input
filestr = f.stream.read()
ElementTree.fromstring(filestr)
f.stream.seek(0)
files.append(f.stream)
except ElementTree.ParseError:
return Error(code=422, message="Invalid XML files"), 422
# create cimpy objects
try:
cimpy_data = cimpy.cim_import(files, new_model.version)
except Exception:
return Error(code=422, message="Invalid CIM files"), 422
new_id = model_db.put_model(new_model, cimpy_data, files)
# Return the model as `ModelReply`
return ModelReply.from_model(new_model, new_id)
def start_test(test_id):
"""
Start a test.
If an existing test_attempt that is not complete exists, it is returned.
If not, if the user has access to the test, a new test attempt and section
attempt(s) is created and returned.
:param testID:
:return: the id of the test attempt
"""
try:
attempt = (
TestAttempt.query
# can be made inner join because section attempts should
# exist if question attempt exists
.join(TestAttempt.section_attempts).options(
contains_eager(TestAttempt.section_attempts)).filter(
TestAttempt.test_id == test_id).filter(
TestAttempt.user_id == current_user.id).one())
if attempt.is_complete:
return Error("Test is already completed", 403, "TAC001")()
sorted_section_attempts = sorted(attempt.section_attempts,
key=lambda x: x.id)
current_section = (filter(lambda x: x.is_complete == False,
sorted_section_attempts))
# todo penalize the current_section by the value of
# Pinger's time.
current_section_id = list(current_section)[0].section_id
except NoResultFound: # didn't find existing attempt, create a new one
if not Test.user_has_access(current_user, test_id):
return Error("Purchase the Test", 400)()
current_section_id = TestAttempt.setup_test_attempt(
test_id, current_user.id)
test = (Test.query.filter(Test.id == test_id).options(
load_only(Test.allow_section_jumps)).one())
# finally, update the cookie
string = Pinger.push_data_from_data(
test_id, current_section_id, test.allow_section_jumps == True,
datetime.timestamp(datetime.now()) + Pinger.PING_GRACE, 0)
resp = Response()
resp.headers["ping"] = string
AuditLog.log_start_test_event(user_id=current_user.id,
test_id=test_id,
current_section_id=current_section_id)
return resp
def send_ios(device_pns_tokens, notif_data, badge_nums, test_cert = None):
base_dir, filename = os.path.split(os.path.abspath(__file__))
if test_cert:
certificate_name = 'DevCertificates.pem'
host = ('gateway.sandbox.push.apple.com', 2195)
else:
certificate_name = 'ProdCertificates.pem'
host = ('gateway.push.apple.com', 2195)
pem_certificate = base_dir + '/certificates/' + certificate_name
try:
# Create our connection using the certfile saved locally
ssl_sock = ssl.wrap_socket(
socket.socket(),
ssl_version=ssl.PROTOCOL_SSLv3,
certfile = pem_certificate)
ssl_sock.connect(host)
message = notif_data.get('message') or notif_data.get('msg')
# Write out our data
for i, device_pns_token in enumerate(device_pns_tokens):
d = {
'aps': {
'alert': message,
'badge': badge_nums[i]
#'sound': 'default', # use default
}
}
# Take the args from the notif data and put it into the apple format
for k, v in notif_data.iteritems():
if k!='message' and k!='msg':
d[k] = v
data = json.dumps(d)
device_token_byte = binascii.unhexlify(device_pns_token.replace(' ', ''))
notification = struct.pack(
'!BH32sH%ds' % len(data),
0,
32,
device_token_byte,
len(data),
data
)
ssl_sock.write(notification)
# Close the connection -- apple would prefer that we keep a connection open and push data as needed.
ssl_sock.close()
except Exception as e:
error = Error(
method_name = 'send_ios',
meta = {'data': data, 'base_dir':base_dir, 'pem_certificate':pem_certificate, 'filename':filename, 'device_pns_tokens' : device_pns_tokens},
exception = str(e)
)
error.save()
return data
def error_track(request):
err = request.GET.get('e', '')
ua = request.META['HTTP_USER_AGENT']
host = request.get_host()
if err:
Error.track({
'error': err,
'ua': ua,
'host': host
})
return HttpResponse('', mimetype='application/json')
def parse_pep8(run, git_path, output):
"""Parse the pep8 output, store the results"""
errfiles_set = set()
errortype_set = set()
lineno_set = set()
# Add all files in the project to the db
allfiles = set()
os.path.walk(git_path, add_file_to_set, allfiles)
for filename in allfiles:
filename = filename.replace(git_path + '/', '', 1)
runfile = File(filename=filename, run=run)
runfile.save()
# Generate a set of error types, error files, and lines
for line in output.readlines():
filename, lineno, errnum, errtext = string.split(line, ':', 3)
lineno = int(lineno)
filename = filename.replace(git_path + '/', '', 1)
# Create sets to remove duplicates
errfiles_set.add(filename)
# Add new err types to the db
if (errnum, errtext) not in errortype_set:
errortype_set.add((errnum, errtext))
if not Error.objects.filter(error_type=errnum):
err = Error(error_type=errnum, short_descr=errtext)
err.save()
# Create a set of line numbers for each file
for ln in range(max(1, lineno - 3), lineno + 4):
lineno_set.add((filename, ln))
# Add err instances to the db
runfile = File.objects.get(run=run, filename=filename)
errtype = Error.objects.get(error_type=errnum)
runerr = RunError(error=errtype, file=runfile, line_number=lineno,
error_descr=errtext)
runerr.save()
# Add lines to the db
for filename in errfiles_set:
runfile = File.objects.get(run=run, filename=filename)
f = open(git_path + '/' + filename, 'r')
lineno = 1
for line in f:
if (filename, lineno) in lineno_set:
linetext = Line(file=runfile, line_number=lineno, text=line)
linetext.save()
lineno = lineno + 1
f.close()
def return1_action(request):
user_account=None
try:
user_account=request.POST['rt-input-uid']
return HttpResponseRedirect(reverse('library.views.history', args=[0,user_account,'false']))
except Exception as e:
what={
'inputed_uid':user_account,
'what':unicode(e),
}
error=Error(what=B(json.dumps(what)))
error.save()
return HttpResponseRedirect(reverse('library.views.return1', args=[error.id]))
def finish_section(testID, sectionID):
try:
test_id, section_id, jumps_allowed, _, _ = Pinger.split_pinger_string()
except:
return Error("No Pinger", 403)()
try:
test_attempt = (TestAttempt.query.filter(
TestAttempt.test_id == test_id).filter(
TestAttempt.user_id == current_user.id).filter(
TestAttempt.is_complete == False).join(
TestAttempt.section_attempts).one())
except NoResultFound:
return Error("Data not found", 404)()
pass
sorted_section_attempts = sorted(
test_attempt.section_attempts,
key=lambda section_attempt: section_attempt.section_id)
current_section_attempt = list(
filter(
lambda section_attempt: section_attempt.section_id == int(
section_id), sorted_section_attempts))[0]
section_ids = [section.section_id for section in sorted_section_attempts]
current_section_idx = section_ids.index(int(section_id))
should_update = False
# if there is an actual next section,
# get its id , and update pinger
if current_section_idx + 1 < len(section_ids):
next_section_idx = section_ids[current_section_idx + 1]
should_update = True
current_section_attempt.is_complete = True
db.session.commit()
if should_update:
string = Pinger.push_data_from_data(
test_id, next_section_idx, jumps_allowed,
datetime.timestamp(datetime.now()) + Pinger.PING_GRACE, 0)
resp = Response()
resp.headers["ping"] = string
return resp
def set_key(self, new_key):
if self.__class__.exists(new_key):
raise Error('%s with key %s already exists' % (
self.__class__.__name__, new_key))
if self.get_key == new_key:
pass
del BaseModel.objects[self.__class__][self.get_key()]
old_key = self.get_key()
self._set_key(new_key)
if self.get_key() != new_key:
raise Error('subclass was expected to change key from %s to %s, '
'but key is not %s' % (
old_key, new_key, self.get_key()))
self.save()
def wrapped(*args, **kwargs):
assert len(roles) == 1 and type(roles[0]) is str, \
"first argument is not a string"
if not current_user.is_authenticated:
return Error("Not Logged in", 400)()
query = UserRoles.query.join(UserRoles.role) \
.filter(Role.name == roles[0]) \
.filter(UserRoles.user_id == current_user.id) \
.exists()
if not db.session.query(query).scalar():
return Error("Unauthorized", 403)()
return f(*args, **kwargs)
def get_personality_analysis(test_id, date):
if not Corporate.can_access_test(CookieHelper.get_corporate_id(),
test_id):
return Error("No access", 403)()
return (Corporate.get_personality_analysis(CookieHelper.get_corporate_id(),
test_id, date))
def get_overview(test_id, date):
if not Corporate.can_access_test(CookieHelper.get_corporate_id(),
test_id):
return Error("No access", 403)()
return (Corporate.get_test_performance(CookieHelper.get_corporate_id(),
test_id, date))
def get_test_attempt_report(test_id, user_id):
if (not Corporate.can_access_test(CookieHelper.get_corporate_id(), test_id)
or not Corporate.can_access_user(CookieHelper.get_corporate_id(),
user_id)
):
return Error("No access", 403)()
report = (TestAttemptReport
.query
.join(TestAttempt,
and_(TestAttemptReport.test_attempt_id == TestAttempt.id,
TestAttempt.test_id == test_id,
TestAttempt.user_id == user_id))
.one()
)
test_attempt = (TestAttempt.query
.filter(TestAttempt.test_id == test_id)
.filter(TestAttempt.user_id == user_id)
.one())
report = report.todict()
report['tab_change_count'] = test_attempt.focus_lost_count
del report['test_attempt_id']
del report['domain_based_ability']
del report['paragraph_writing_ability']
return report
def export_model(id_):
"""Export model to file
Returns an archive containing the grid data in CIM formatted files and
profile files that might have been imported previously.
:param id: Model id
:type id: int
:rtype: file
"""
model_record = model_db.get_model(id_)
if isinstance(model_record, model_db.record):
model_files = model_record.files
# TODO: Which Profiles? Profile in Request?
return cimpy.cimexport.generate_xml(
model.cimobj,
"cgmes_v2_4_15",
cimpy.cgmes_v2_4_15.Base.Profile["EQ"],
["DI", "EQ", "SV", "TP"],
)
else:
return (
Error(
code=404, message="No model with id: " + str(id_) + " found in database"
),
404,
)
def errors(environment=None):
environments = {
'code': 'http://discussion-app-code-env.elasticbeanstalk.com',
'qa': 'http://discussion-app-qa-env.elasticbeanstalk.com',
'release': 'http://discussion-app-rel-env.elasticbeanstalk.com',
'prod': 'http://discussion.guardian.co.uk'
}
if environment is not None and environment not in environments.keys():
return redirect(url_for('errors', environment=None))
errors = Error.all()
if environment in environments.keys():
errors.filter('host =', environments[environment])
filter_results = request.args.get('filter', '')
if filter_results:
errors.filter('error !=', 'Script error. window error').order('error')
errors.order('-time')
errors = errors.fetch(100)
response = make_response(render_template('log.html', errors=errors))
response.headers['Cache-Control'] = 'no-cache, max-age=0'
return response
def errors(environment=None):
environments = {
'code': 'http://discussion-app-code-env.elasticbeanstalk.com',
'qa': 'http://discussion-app-qa-env.elasticbeanstalk.com',
'release': 'http://discussion-app-rel-env.elasticbeanstalk.com',
'prod': 'http://discussion.guardian.co.uk'
}
if environment is not None and environment not in environments.keys():
return redirect(url_for('errors', environment=None))
errors = Error.all()
if environment in environments.keys():
errors.filter('host =', environments[environment])
filter_results = request.args.get('filter', '')
if filter_results:
errors.filter('error !=', 'Script error. window error').order('error')
errors.order('-time')
errors = errors.fetch(100)
response = make_response(render_template('log.html', errors=errors))
response.headers['Cache-Control'] = 'no-cache, max-age=0'
return response
def get_tab_change(test_id, date):
if not Corporate.can_access_test(CookieHelper.get_corporate_id(),
test_id):
return Error("No access", 403)()
return (Corporate.get_tab_change(CookieHelper.get_corporate_id(),
test_id, date))
def get_question_details(testID, sectionID, questionID):
"""
Get question details for a questionID.
This requires the test attempt for that user and the test to exist (along
with section attempts)
If the question has choices, they will be returned too
FIXME there is a security vulnerability
for non jumpable exams, the user may get unauthorized
access to future sections' question details (that he will be allowed to
attempt in the future)
:param testID:
:param sectionID:
:param questionID:
:return:
"""
try:
if not Question.does_user_have_access(testID, sectionID, questionID,
current_user.id):
raise NoResultFound
question = fetch_question(questionID)
except NoResultFound:
return Error("Unable to find data", 403)()
return question
def get_question_solutions(testID, sectionID, questionID):
"""
Get question solutions details for a questionID.
This requires the test attempt for that user and the test to exist (along
with section attempts)
If the question has choices, they will be returned too
:param testID:
:param sectionID:
:param questionID:
:return:
"""
try:
if not TestAttempt.can_user_view_solutions(current_user.id, testID):
raise NoResultFound
question = fetch_solutions(questionID)
except NoResultFound:
return Error("Unable to find data", 403)()
return question
def delete_model(model_id):
"""Delete a network model
:param id: Model id
:type id: int
:rtype: Model
"""
model_bytes = redis_connection.get(model_id)
if model_bytes != None:
print("MODEL_BYTES: ", model_bytes)
model = eval(model_bytes.decode("utf-8"))
model["id"] = int(model_id)
else:
return (
Error(
code=404,
message="Cannot delete model with id: "
+ str(model_id)
+ ", not found in database",
),
404,
)
files_len_bytes = redis_connection.get(str(model_id) + "_files_len")
files_len = int(files_len_bytes.decode("utf-8"))
redis_connection.delete(str(model_id))
redis_connection.delete(str(model_id) + "_cimpy")
redis_connection.delete(str(model_id) + "_files_len")
for index in range(files_len):
redis_connection.delete(str(model_id) + "_file_" + str(index))
redis_connection.srem("models", model_id)
return model
def activate_user(activation_token):
"""
Activate a particular user, based on activation token.
This sets the is_active field to true in the db.
:param activation_token: the token that user should have in email
:return: 403 if any errors, else redirect to root , and user is activated
"""
serializer = URLSafeSerializer(app.config['SECRET_KEY'])
try:
email = serializer.loads(
activation_token
)
user = User.query \
.filter(User.email == email) \
.one()
user.is_active = True
db.session.commit()
# Mail(user.email,
# subject_data={'name': user.full_name},
# html_data={'name': user.full_name},
# text_data={'name': user.full_name},
# template_root=WELCOME_MAIL
# ).send()
activate_user_to_mautic.delay(user.email)
return redirect(f"{request.url_root}login")
except (NoResultFound, BadSignature):
return Error('Invalid Token', 403)()
def from_model(cls, model, id) -> 'ModelReply':
"""Converts the Model into a ModelReply
"""
if model is not None:
return ModelReply(id, model.name, model.profiles, model.version)
else:
return Error(code=404, message="Model not found"), 404
def forgot_password():
"""
Sends Reset Password link to User's email address. User can change
his/her password through the link mentioned in the Email. It won't be an
endpoint, it will be a webpage
:return: 403 if any errors, else return 200
"""
req = request.get_json()
serializer = URLSafeSerializer(app.config['SECRET_KEY'])
try:
user = User.query \
.filter(User.email == req['email']) \
.filter(User.is_active) \
.one()
token = serializer.dumps(req['email'])
reset_password_link = f"{request.url_root}reset_password?token={token}"
Mail(user.email,
subject_data={'name': user.full_name},
html_data={'token': reset_password_link},
text_data={'token': reset_password_link},
template_root=FORGOT_PASSWORD
).send()
return ""
except NoResultFound:
return Error('Invalid Email Address', 403)()
def test(test_id):
try:
attempt = (
TestAttempt.query.join(TestAttempt.section_attempts).join(
SectionAttempt.question_attempts).options(
contains_eager(TestAttempt.section_attempts).load_only(
SectionAttempt.section_id, SectionAttempt.is_complete,
SectionAttempt.time_spent,
SectionAttempt.score).contains_eager(
SectionAttempt.question_attempts).load_only(
QuestionAttempt.question_id,
QuestionAttempt.choice_id,
QuestionAttempt.tita_choice,
QuestionAttempt.attempt_status,
QuestionAttempt.question_id,
QuestionAttempt.chosen_language_id,
QuestionAttempt.time_spent,
QuestionAttempt.score,
# todo load this through an api if its too slow
QuestionAttempt.long_answer)).
filter(TestAttempt.test_id == test_id).filter(
TestAttempt.user_id == current_user.id).one())
except NoResultFound:
return Error("Please start the test first", 403)()
return attempt
def log_step_activity(user, new_step_count):
"""
Log a walking activity containing the number of steps specified in
new_step_count. Return the new step count (0 if the POST request is
unsuccessful).
:param background.models.User user\n
:param int new_step_count
"""
url = "{}/activities.json".format(BASE_URL)
now = datetime.now()
params = {
"activityId": '90013',
"startTime": now.strftime("%H:%M:%S"),
"durationMillis": 3600000,
"date": now.strftime("%Y-%m-%d"),
"distance": new_step_count,
"distanceUnit": "steps"
}
auth_headers = {"Authorization": "Bearer " + user.fb_token}
response = requests.post(url, headers=auth_headers, params=params)
if response != 201:
return new_step_count
else:
error = Error(summary="Couldn't log step activity.",
origin="background/fitbit.py, in log_step_activity",
message=response.json()["errors"][0]["message"],
user=user)
session.add(error)
session.commit()
return 0
def get_test(testID):
"""
Get Instruction html of a particular Test.
This will return the html only if the user has access to a test.
"""
# left outer join on tests -> orders -> ordertest. if user has a
# paid order it will be accessible by test.order.
try:
# if not Test.user_has_access(current_user, testID):
# raise NoResultFound
test = (Test.query
.options(
load_only(Test.id, Test.name, Test.character, Test.price,
Test.instruction_html,
Test.type,
Test.allow_section_jumps))
.filter(Test.is_active == 1)
.filter(Test.id == testID)
.one())
except NoResultFound:
return Error("You do not have access to this test", 403)()
return test
def get_corporate(corporate_slug):
try:
corporate = Corporate.query \
.filter(Corporate.slug == corporate_slug) \
.one()
return corporate
except NoResultFound:
return Error("Invalid Corporate Slug", 400)()
def error_track():
d = request.form
logging.info(request.form)
Error(msg=d['msg'],
url=d['url'],
line=d['line'],
user=users.get_current_user()).put()
return 'thanks'
def wrapped(*args, **kwargs):
try:
if request.json:
handle_json(validator)
elif request.form:
handle_form(validator)
else:
return Error(message="Invalid request",
http_code=400)()
except BaseError as e:
return Error(message="Invalid request", http_code=400,
additional=e.to_primitive())()
return f(*args, **kwargs)
def _create(self, **defaults):
from models import Error, ErrorBatch
URL_MAX_LENGTH = Error._meta.get_field_by_name('url')[0].max_length
server_name = socket.gethostname()
class_name = defaults.pop('class_name', None)
data = defaults.pop('data', {}) or {}
if defaults.get('url'):
data['url'] = defaults['url']
defaults['url'] = defaults['url'][:URL_MAX_LENGTH]
instance = Error(
class_name=class_name,
server_name=server_name,
data=data,
**defaults
)
instance.checksum = construct_checksum(instance)
if settings.THRASHING_TIMEOUT and settings.THRASHING_LIMIT:
cache_key = 'djangodblog:%s:%s' % (instance.class_name, instance.checksum)
added = cache.add(cache_key, 1, settings.THRASHING_TIMEOUT)
if not added and cache.incr(cache_key) > settings.THRASHING_LIMIT:
return
try:
instance.save()
batch, created = ErrorBatch.objects.get_or_create(
class_name = class_name,
server_name = server_name,
checksum = instance.checksum,
defaults = defaults
)
if not created:
ErrorBatch.objects.filter(pk=batch.pk).update(
times_seen=models.F('times_seen') + 1,
status=0,
last_seen=datetime.datetime.now(),
)
except Exception, exc:
try:
logger.exception(u'Unable to process log entry: %s' % (exc,))
except Exception, exc:
warnings.warn(u'Unable to process log entry: %s' % (exc,))
def __setattr__(self, key, value):
if key == 'server':
if self.is_user():
raise Error('user XOR server must be passed to Actor')
if value.actor:
raise Error('server already has an actor set')
self._server = value
self._server.actor = self
elif key == 'user':
if self.is_server():
raise Error('user XOR server must be passed to Actor')
if hasattr(value, 'actor'):
raise Error('user already has an actor set')
self._user = value
self._user.actor = self
else:
super(BaseModel, self).__setattr__(key, value)
def _create(self, **defaults):
from models import Error, ErrorBatch
URL_MAX_LENGTH = Error._meta.get_field_by_name('url')[0].max_length
server_name = socket.gethostname()
class_name = defaults.pop('class_name', None)
data = defaults.pop('data', {}) or {}
if defaults.get('url'):
data['url'] = defaults['url']
defaults['url'] = defaults['url'][:URL_MAX_LENGTH]
instance = Error(class_name=class_name,
server_name=server_name,
data=data,
**defaults)
instance.checksum = construct_checksum(instance)
if settings.THRASHING_TIMEOUT and settings.THRASHING_LIMIT:
cache_key = 'djangodblog:%s:%s' % (instance.class_name,
instance.checksum)
added = cache.add(cache_key, 1, settings.THRASHING_TIMEOUT)
if not added and cache.incr(cache_key) > settings.THRASHING_LIMIT:
return
try:
instance.save()
batch, created = ErrorBatch.objects.get_or_create(
class_name=class_name,
server_name=server_name,
checksum=instance.checksum,
defaults=defaults)
if not created:
ErrorBatch.objects.filter(pk=batch.pk).update(
times_seen=models.F('times_seen') + 1,
status=0,
last_seen=datetime.datetime.now(),
)
except Exception, exc:
try:
logger.exception(u'Unable to process log entry: %s' % (exc, ))
except Exception, exc:
warnings.warn(u'Unable to process log entry: %s' % (exc, ))
def create_order():
"""
Creates Order row. Updates order with Razorpay Order ID. Inserts rows in
Item tables with the Order ID
:return: {'id': order.id, 'rp_order_id': razorpay_order_id}
"""
req = request.get_json()
test_ids = req['tests'] if req['tests'] is not None else []
promo = req['promo_code'] # will be null if not present
total_amount = 0
promo_id = None
razorpay_order_id = None # set to null by default
tests = Test.query \
.filter(Test.id.in_(test_ids)) \
.options(load_only('price')) \
.all()
for test in tests:
total_amount += test.price
total_amount = max(0, total_amount)
if promo:
try:
promo_amt, promo_id = PromoCode.consume_promo_code(
promo, current_user.id)
total_amount -= promo_amt
except ValueError as e:
return Error(str(e), 400)()
order = Order(status=OrderStatusTypes.created,
amount=total_amount,
promo_code_id=promo_id,
user_id=current_user.id)
db.session.add(order)
db.session.flush()
if total_amount > 0:
razorpay_order_id = Razorpay.create_order(order.id, total_amount)
else:
order.status = OrderStatusTypes.paid # mark free order as paid
order.rp_order_id = razorpay_order_id
# This adds rows to OrderTest which is important for User to get
# access when Payment goes through
for test in tests:
test_id = test.id
order_test = OrderTest(order_id=order.id, test_id=test_id)
db.session.add(order_test)
db.session.commit()
return {'id': order.id, 'rp_order_id': razorpay_order_id}
def get_promo_codes():
"""
Returns all available Promo Codes in database
:return: [promo.todict()]
"""
try:
promo_codes = PromoCode.query.all()
return promo_codes
except NoResultFound:
return Error('Invalid Promo Code', 400)()
def send_android(reg_ids, data):
#Can only send with 1000 reg ids at a time
while reg_ids:
data = {
'registration_ids' : reg_ids[:1000],
'data' : data,
}
headers = {
'Content-Type' : 'application/json',
'Authorization' : 'key=' + settings.GCM_API_ID
}
url = 'https://android.googleapis.com/gcm/send'
try:
request = urllib2.Request(url, json.dumps(data), headers)
response = urllib2.urlopen(request)
json_string = response.read()
json_response = json.loads(json_string)
if json_response['failure'] >= 1:
#Failed
error = Error(method_name='send_android', meta={'reg_ids' : reg_ids, 'data' : data, 'json_response' : json_response}, exception='Error sending push notifications in send_android')
error.save()
except urllib2.HTTPError, e:
error = Error(method_name='send_android', meta={'reg_ids' : reg_ids, 'data' : data}, exception=str(e))
error.save()
reg_ids = reg_ids[1000:]
def error(request):
if request.method == "POST":
Error.track(request.raw_post_data)
return HttpResponse("logged, thanks!")
else:
data = {
'count_today': Error.today(),
'count_month': Error.month(),
'count': Error.count(),
'latest': [x.to_dict() for x in Error.latest()]
}
return HttpResponse(json.dumps(data), mimetype='application/json')
def errors(environment=None):
environments = {
'release': 'http://d2.gurelease.co.uk',
'prod': 'http://d2.guardian.co.uk'
}
if environment is not None and environment not in environments.keys():
return redirect(url_for('errors', environment=None))
errors = Error.all().order('-time')
if environment in environments.keys():
errors.filter('host =', environments[environment])
errors = errors.fetch(100)
response = make_response(render_template('log.html', errors=errors))
response.headers['Cache-Control'] = 'no-cache, max-age=0'
return response
# messagepack
unpacker = msgpack.Unpacker()
# serve!
logging.info('Serving!')
while True:
try:
data = socket.recv()
logging.debug('received data')
unpacker.feed(data)
logging.debug('fed data to unpacker')
for msg in unpacker:
logging.debug('found message in unpacker')
if type(msg) == dict:
logging.debug('found object in message')
msg['hash'] = ErrorHasher(msg).get_hash()
if 'timestamp' not in msg:
msg['timestamp'] = int(time())
Error.validate_and_upsert(msg)
logging.debug('saved error')
ErrorInstance.from_raw(msg).save(safe=False)
logging.debug('saved instance')
except Exception, a:
logging.exception('Failed to process error')
def on_admin_push(request):
#TODO:要求用户验证
#前端传过来的是序列化后的json字符串, 需要loads一下
watcher=None
try:
if request.session['account']!=settings.SUPER_USER:
try:
Watcher.objects.get(account=request.session['account'],iswatching=True)
except:
raise Exception(unicode("非法用户尝试修改值班干事"))
push_json_str=request.POST['data']
push_json=json.loads(push_json_str)
for item in push_json['watch_list']:
#检查输入
log.debug('on_admin_push','for item start checking')
keys = ['account','watchsum','name','spnumber','iswatching','lpnumber','type']
for key in keys:
if key not in item:
raise Exception('incomplete data')
if check.is_clean_input(key,item[key]) == False:
print key, item[key]
raise Exception('unsafe data')
log.debug('on_admin_push','for item end checking')
#先删除
log.debug('on_admin_push','delete items')
if item.get('type')=='delete':
is_logined = (item['account']==request.session['account'])
log.debug('on_admin_push','%s deleted'%item['account'])
Watcher.objects.all().filter(account=item['account']).delete()
if is_logined:
del request.session['account']
else:
if item.get('type')=='new':
default_password=hashlib.md5(item['account']).hexdigest()
default_password=hashlib.sha1(default_password).hexdigest()
log.debug('on_admin_push','trying to create new watcher %s'%item['account'])
watcher=Watcher(
account=B(item['account']),
name=B(item['name']),
lpnumber=B(item['lpnumber']),
spnumber=B(item['spnumber']),
password=B(default_password),
watchsum=0,
iswatching=False)
log.debug('on_admin_push','succeed to create new watcher')
else:
log.debug('on_admin_push','trying to get item %s'%item['account'])
watcher=Watcher.objects.get(account=item['account'])
log.debug('on_admin_push','succeed to get item')
if('yes'==item['iswatching']):
watcher.iswatching=True
elif('no'==item['iswatching']):
watcher.iswatching=False
if watcher.account == request.session['account'] and watcher.account!=settings.SUPER_USER:
del request.session['account']
log.info('on_admin_push','after setting watching state')
watcher.save()
log.info('on_admin_push','after save')
return HttpResponse(json.dumps({'flag_succeed':'true',}))
except Exception as e:
log.error('exception in on_admin_push:',unicode(e))
error=Error(what=B(unicode(e)))
error.save()
return HttpResponse(json.dumps({'flag_succeed':'false',}))
def errors(request):
text = '\n'.join([x.when.isoformat() + " =>" + x.error for x in Error.latest()])
return HttpResponse(text, mimetype='text/plain')
def return2_action(request):
try:
borrow_record_token=request.POST['borrow-record-token']
book_token=request.POST['book-token']
borrower_token=request.POST['borrower-token']
inputed_status=request.POST['rt-input-status']
current_watcher=Watcher.class_get_current_watcher()
#首先获取借书记录
try:
borrow_record=BorrowRecord.objects.get(id=borrow_record_token)
except Exception as e:
raise Exception(BorrowRecord.STATIC_BAD_BORROWRECORD+unicode(e))
#然后获取值班人信息
try:
current_watcher=Watcher.class_get_current_watcher()
except Exception as e:
raise Exception(Watcher.STATIC_INVILID_WATCHER_INFO+unicode(e))
#然后视情况改变借书者的信用情况和库存情况
if(inputed_status=='overdue'):
borrow_record.borrower.credit_overdue()
if(inputed_status=='damaged'):
borrow_record.borrower.credit_damaged()
if(inputed_status=='lost'):
#丢失了应该是只减总数
borrow_record.book.totalnum=borrow_record.book.totalnum-1
borrow_record.borrower.credit_lost()
else:
borrow_record.book.available+=1
#保存借书记录信息
borrow_record.rtime=datetime.datetime.now()
borrow_record.rsubc=B(inputed_status)
borrow_record.roperator=current_watcher
borrow_record.hasreturn=True
borrow_record.book.save()
borrow_record.borrower.save()
borrow_record.save()
return HttpResponseRedirect("/success/return/"+borrow_record.borrower.account)
except Exception as e:
data={
'inputed_status':inputed_status,
'what':unicode(e),
}
error=Error(what=B(json.dumps(data)))
error.save()
args=[
book_token,
borrower_token,
borrow_record_token,
error.id,
]
print(unicode(args))
return HttpResponseRedirect(reverse('library.views.return2', args=args))
def booking_action(request,book_id):
inputed_account=request.POST['br-input-uid']
inputed_name=request.POST['br-input-una']
inputed_spnumber=request.POST['br-input-usp']
inputed_lpnumber=request.POST['br-input-ulp']
inputed_bnum=int(request.POST['br-input-bnum'])
check_result = [
check.is_clean_input('account',inputed_account),
check.is_clean_input('name',inputed_name),
check.is_clean_input('spnumber',inputed_spnumber),
check.is_clean_input('lpnumber',inputed_lpnumber),
check.is_clean_input('integer',inputed_bnum),
]
try:
borrower=Borrower.objects.get(account=inputed_account)
except Borrower.DoesNotExist:
borrower=Borrower(
account=B(inputed_account),
name=B(inputed_name),
lpnumber=B(inputed_lpnumber))
try:
if False in check_result:
raise Exception('unsafe input')
#更新借书者信息
borrower.lpnumber=B(inputed_lpnumber)
borrower.name=B(inputed_name)
if(inputed_spnumber!=''):
borrower.spnumber=B(inputed_spnumber)
#先保存借书者信息, 然后在处理预约问题
borrower.save()
if(borrower.badcredit()):
raise Exception(Borrower.STATIC_BAD_CREDIT_WANING)
if not Watcher.class_get_current_watcher():
raise Exception(Watcher.STATIC_HAS_NO_WATCHER)
try:
__bookednum = BookingRecord.objects.filter(
borrower_id=borrower.id,
hasaccepted=True,
hasborrowed=False).count()
except:
__bookednum = 0
try:
__borrowednum=BorowerRecord.objects.filter(
borrower_id=borrower.id,
hasreturn=False).count()
except:
__borrowednum = 0
if (inputed_bnum+__bookednum+__borrowednum>=Borrower.STATIC_MAX_BORROWABLE_NUM):
#超过额定数量
print(inputed_bnum)
print(__bookednum)
print(__borrowednum)
print(Borrower.STATIC_MAX_BORROWABLE_NUM)
raise Exception(BookingRecord.STATIC_OUT_OF_BOOKINGABLE_RANGE)
#这里没有明显加锁, 同步问题怎么解决?
book=Book.objects.get(id=book_id)
booking_record=BookingRecord(
book=book,
borrower=borrower,
bnum=inputed_bnum,
btime=datetime.datetime.now(),
hasaccepted=False,
hasborrowed=False,
)
#检查还够不够数量
if(book.bookable()>=inputed_bnum):
#外借过后才减
#book.available=book.available-inputed_bnum
booking_record.save()
book.save()
return HttpResponseRedirect("/success/booking")
else:
raise Exception(BookingRecord.STATIC_AVAILABLE_LESS_THAN_BOOKNUM)
#有错就返回表单页面
except Exception as e:
error=Error(what=B(unicode(e)))
error.save()
return HttpResponseRedirect(reverse('library.views.booking', args=[book_id,inputed_account,error.id]))
def error(self, msg):
try:
error = Error.create_from_msg(msg)
error.save()
except Exception:
logging.exception('Failed to process error')
logging.info('Initializing zeromq socket at: ' + ZMQ_URI)
context = zmq.Context()
socket = context.socket(zmq.SUB)
socket.bind(ZMQ_URI)
socket.setsockopt(zmq.SUBSCRIBE, '')
# mongo
logging.info('Connecting to mongo at: mongodb://' + settings['mongodb.host'] + '/' + settings['mongodb.db_name'])
mongoengine.connect(settings['mongodb.db_name'], host=settings['mongodb.host'])
# messagepack
unpacker = msgpack.Unpacker()
# serve!
logging.info('Serving!')
while True:
try:
data = socket.recv()
logging.debug('received data')
unpacker.feed(data)
logging.debug('fed data to unpacker')
for msg in unpacker:
logging.debug('found message in unpacker')
if type(msg) == dict:
logging.debug('found object in message')
error = Error.create_from_msg(msg)
error.save()
logging.debug('saved error')
except Exception, a:
logging.exception('Failed to process error')
def borrow_action(request):
try:
inputed_account=request.POST['br-input-uid']
inputed_name=request.POST['br-input-una']
inputed_spnumber=request.POST['br-input-usp']
inputed_lpnumber=request.POST['br-input-ulp']
inputed_isbn=request.POST['br-input-isbn']
#因为前端是让用户选书名的, 而书名是用id作为value的
#所以bname实际上是id
inputed_book_id=int(request.POST['br-input-bname'])
inputed_bnum=int(request.POST['br-input-bnum'])
inputed_booking_record_id=0
inputed_bsubc=request.POST['br-input-bsubc']
#接下来看一下有没有booking_record的字段
try:
inputed_booking_record_id=request.POST['booking-record-token']
except:
pass
#开始处理
#首先处理借书人信息
try:
borrower=Borrower.objects.get(account=inputed_account)
#短号可能为空
if(''!=inputed_spnumber):
borrower.spnumber=B(inputed_spnumber)
borrower.lpnumber=B(inputed_lpnumber)
borrower.name=B(inputed_name)
#TODO:借书人信用度的问题还没考虑
borrower.save()
except:
try:
#新建一个borrower
borrower=Borrower(
account=B(inputed_account),
name=B(inputed_name),
lpnumber=B(inputed_lpnumber),
spnumber=B(inputed_spnumber),
credit=12,)
borrower.save()
except Exception as e:
raise Exception(Borrower.STATIC_BAD_BORROWER_INFO+unicode(e))
if(borrower.badcredit()):
raise Exception(Borrower.STATIC_BAD_CREDIT_WANING)
#然后处理书籍信息
try:
book=Book.objects.get(id=inputed_book_id)
except Exception as e:
raise Exception(Book.STATIC_BOOK_NOT_FIND+unicode(e))
#然后获取值班人信息
#try:
# current_watcher=Watcher.class_get_current_watcher()
#except Exception as e:
# raise Exception(Watcher.STATIC_INVILID_WATCHER_INFO+unicode(e))
#检查是否超过额度
try:
__borrowednum=BorowerRecord.objects.filter(
borrower_id=borrower.id,
hasreturn=False).count()
except:
__borrowednum = 0
if (inputed_bnum+__borrowednum>=Borrower.STATIC_MAX_BORROWABLE_NUM):
#超过额定数量
raise Exception(BorrwowRecord.STATIC_OUT_OF_BORROWABLE_RANGE)
#产生多个借书记录
for i in range(inputed_bnum):
BorrowRecord.objects.create(
book=book,
borrower=borrower,
btime=datetime.datetime.now(),
bsubc=B(inputed_bsubc),
#boperator=current_watcher,
#roperator=current_watcher,
#这里用当前值班人员做还书操作者只是权宜之计
#应该认为, roperator在和hasreturn为False时是无效的
)
#每个借书记录只借1本书
book.available=book.available-1
book.save()
#然后看一下是不是booking_record产生的外借
if(0!=inputed_booking_record_id):
try:
booking_record=BookingRecord.objects.get(id=inputed_booking_record_id)
booking_record.hasborrowed=True
booking_record.save()
except Exception as e:
raise Exception(BookingRecord.STATIC_BOOKINGRECORD_NOT_FIND+unicode(e))
return HttpResponseRedirect("/success/borrow/"+borrower.account)
except Exception as e:
data={
'inputed_bsubc':inputed_bsubc,
'what':unicode(e),
}
error=Error(what=B(json.dumps(data)))
error.save()
args=[
inputed_book_id,
inputed_account,
inputed_booking_record_id,
error.id,
]
print(unicode(args))
return HttpResponseRedirect(reverse('library.views.borrowing', args=args))
def error(request):
if request.method == "POST":
Error.track(request.raw_post_data)
return HttpResponse("logged, thanks!")
return HttpResponse("use POST", status=403)
