def post(self): isLocal = os.environ['SERVER_SOFTWARE'].startswith('Dev') if not isLocal: return api_key = self.request.get('apikey') account_id = self.request.get('accountid') badge_id = self.request.get('badgeid') badge_theme = self.request.get('theme') user_id = self.request.get('user') if not badge_theme or not badge_id or not account_id or not api_key: ret = bad_args() self.response.out.write(ret) return user_key = users_dao.get_user_key(account_id, user_id) user_ref = users_dao.get_user(account_id, user_id) if user_ref: badge_instances = badges_dao.get_user_badges(user_ref) for b in badge_instances: badges_dao.delete_badge_instance(b.key().name()) users_dao.delete_user(user_key) trophy_case_widget = TrophyCase(key_name=account_id) points_widget = Points(key_name=account_id) rank_widget = Rank(key_name=account_id) notifier_widget = Notifier(key_name=account_id) leader_widget = Leaderboard(key_name=account_id) milestones_widget = Milestones(key_name=account_id) acc = Accounts(key_name=account_id, email=account_id, password="******", isEnabled=constants.ACCOUNT_STATUS.ENABLED, accountType="admin", paymentType="free", cookieKey="xxxxxxxxx", apiKey=api_key, trophyWidget=trophy_case_widget, pointsWidget=points_widget, rankWidget=rank_widget, leaderWidget=leader_widget, milestoneWidget=milestones_widget) # delete ten badges for ii in range(0,10): badgeKey = badges_dao.create_badge_key(account_id, badge_theme, str(ii), "private") badges_dao.delete_badge_image(badgeKey) badges_dao.delete_badge(badgeKey) widgets_dao.delete_widget(account_id, "TrophyCase") widgets_dao.delete_widget(account_id, "Points") widgets_dao.delete_widget(account_id, "Rank") widgets_dao.delete_widget(account_id, "Leaderboard") widgets_dao.delete_widget(account_id, "Notifier") widgets_dao.delete_widget(account_id, "Milestones") accounts_dao.delete_account(account_id) self.response.out.write(success_ret()) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') user_key = users_dao.get_user_key(account_id, user_id) acc = accounts_dao.authorize_api(account_id, api_key) logdiction = {'event':'getuserdata', 'api': 'get_user_data', 'is_api':'yes', 'user':user_id, 'account':account_id, 'success':'true', 'ip':self.request.remote_addr} if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return user_ref = users_dao.get_user(account_id, user_id) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = user_error() logs.create(logdiction) error("User for account %s, %s not found"%(account_id, user_id)) self.response.out.write(user_error()) return badges = badges_dao.get_user_badges(user_ref) badge_keys = [] # get the badge image link for b in badges: if b.awarded == "yes": bid = badges_dao.get_badge_id_from_instance_key(b.key().name()) badge_keys.append(bid) ret = {"status":"success", "user_id":user_ref.userid, "is_enabled":user_ref.isEnabled, "creation_date":str(user_ref.creationDate), "points":user_ref.points, "profile_name": user_ref.profileName, "profile_link": user_ref.profileLink, "profile_img": user_ref.profileImg, "badges": badge_keys} logs.create(logdiction) self.response.out.write(json.dumps(ret)) timing(start)
def post(self): current_session = Session().get_current_session(self) account_entity = current_session.get_account_entity() email = account_entity.email new_user_id = self.request.get("id") if new_user_id == constants.ANONYMOUS_USER: self.redirect('/adminconsole/users?error=NoUserID') return profile_name = self.request.get("name") profile_link = self.request.get("profile") profile_img = self.request.get("image") user_key = users_dao.get_user_key(email, new_user_id) new_user = Users(key_name=user_key, userid=new_user_id, isEnabled="yes", accountRef=account_entity, profileName=profile_name, profileLink=profile_link, profileImg=profile_img) users_dao.save_user(new_user, user_key) self.redirect('/adminconsole/users')
def post(self): start = time.time() clean = XssCleaner() api_key = self.request.get('apikey') account_id = self.request.get('accountid') new_user_id = self.request.get('userid') # Anything that can possibly be rended should be cleaned profile_link = self.request.get('profile_link') # We can't clean it because it will not render if embedded into a site # Be wary of doing any queries with this data #profile_link = clean.strip(profile_link) profile_img = self.request.get('profile_img') #profile_img = clean.strip(profile_img) profile_name = self.request.get('profile_name') profile_name = clean.strip(profile_name) logdiction = {'event':'loginuser', 'api': 'update_user', 'is_api':'yes', 'ip':self.request.remote_addr, 'user':new_user_id, 'account':account_id, 'success':'true'} if not account_id or not new_user_id or not api_key: self.response.out.write(bad_args()) logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) return acc = accounts_dao.authorize_api(account_id, api_key) if not acc: self.response.out.write(auth_error()) logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) return # Create a new user user_key = users_dao.get_user_key(account_id, new_user_id) #Update user_ref = users_dao.get_user_with_key(user_key) if user_ref: dict = {} update = False if profile_link and profile_link != user_ref.profileLink: dict["profileLink"] = profile_link update = True if profile_img and profile_img != user_ref.profileImg: dict["profileImg"] = profile_img update = True if profile_name and profile_name != user_ref.profileName: dict["profileName"] = profile_name update = True if update: logdiction['event'] = 'updateuser' try: users_dao.update_user(user_key, dict, None) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Error updating user with id %s"%new_user_id) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return if not profile_img: profile_img = constants.IMAGE_PARAMS.USER_AVATAR new_user = Users(key_name=user_key, userid=new_user_id, isEnabled="yes", accountRef=acc, profileName=profile_name, profileLink=profile_link, profileImg=profile_img) logdiction['event'] = 'createuser' try: users_dao.save_user(new_user, user_key) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Error getting user with key %s"%key) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') newpoints = self.request.get('pointsawarded') reason = self.request.get('reason') logdiction = {'event':'awardpoints', 'api':'award_points', 'points':newpoints, 'is_api':'yes', 'ip':self.request.remote_addr, 'user':user_id, 'account':account_id, 'success':'true'} clean = XssCleaner() if reason: reason = clean.strip(reason) else: reason = "" # Get the account acc = accounts_dao.authorize_api(account_id, api_key) if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return try: newpoints = int(newpoints) except: logdiction['success'] = 'false' logdiction['details'] = "Points given was not a number" logs.create(logdiction) self.response.out.write(bad_args()) error("Points given was not an integer") return # Create the user if it doesnt exist user_ref = users_dao.get_or_create_user(account_id, user_id, acc) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) return incrArgs = {"points":newpoints} user_key = users_dao.get_user_key(account_id, user_id) dbret = users_dao.update_user(user_key, None, incrArgs) if not dbret: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Unable to update points field account %s, user %s, key: %s"%\ (account_id,user_id, user_key)) return if not reason: try: reason = acc.notifierWidget.title except: reason = "Points Awarded" notifier.user_points(user_ref, newpoints, reason, acc) logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return