def get(self, story_id):
try:
# get token from header
token = self._get_token_from_header()
# identify with token
username = Token.identify(token)
# get story by story_id
story = Story.get_story(story_id)
# if <username is not the uploader> and <story is private> and ...
# ... <uploader and username are not friends> return 403
is_private = story["is_private"]
story_uploader = story["username"]
self.logger.debug("At GET@/stories requesting user is {}, uploader is {} and story {} private".format(
username, story_uploader, "is" if is_private else "is not"))
if username != story_uploader and \
InputSanitizer.sanitize_boolean(is_private) and \
not Friendship.are_friends(username, story_uploader):
return ResponseBuilder.build_error_response("Story is private", 403)
# generate response
# return response
return ResponseBuilder.build_response(story)
except (InvalidTokenException, MissingFieldException, ExpiredTokenException,
StoryNotFoundException) as e:
return ResponseBuilder.build_error_response(e.message, e.error_code)
def post(self):
try:
# get token from header
token = self._get_token_from_header()
# identify with token
username = Token.identify(token)
# get data from request
story_data = {}
story_data['media'] = self._get_media_from_request()
story_data['location'] = self._get_location_from_request()
timestamp = self._get_timestamp_from_request()
is_private = self._get_privateness_from_request()
story_data['title'] = self._try_get_title_from_request()
story_data['description'] = self._try_get_description_from_request(
)
story_data['username'] = username
# validated data
story_data['timestamp'] = InputSanitizer.sanitize_integer(
timestamp)
story_data['is_private'] = InputSanitizer.sanitize_boolean(
is_private)
# ask SS for storage service?
# save new Story at AS
self.logger.debug(
"At POST@/stories got story_data {}".format(story_data))
new_story_id = User.save_new_story(story_data)
# generate response
response = dict(story_data)
response['story_id'] = new_story_id
# save stat
StatCollector.save_event_story_post(story_data["timestamp"])
# return response
return ResponseBuilder.build_response(response)
except (MissingFieldException, InvalidTokenException,
ExpiredTokenException, InvalidFormatException) as e:
return ResponseBuilder.build_error_response(
e.message, e.error_code)
def test_successful_sanitize_boolean_true(self):
data_input = "true"
expected_output = True
self.assertEqual(InputSanitizer.sanitize_boolean(data_input),
expected_output)
def test_failed_sanitize_boolean(self):
data_input = "asd"
with self.assertRaises(InvalidFormatException):
InputSanitizer.sanitize_boolean(data_input)
def test_successful_sanitize_boolean_false(self):
data_input = "False"
expected_output = False
self.assertEqual(InputSanitizer.sanitize_boolean(data_input),
expected_output)