def validate_get_request(request, request_from):
"""This function validates all get requests to the server.
It makes sure that each request comes with a valid Wix instance.
It also makes sure that, depending on the datatype being requested, all the
needed information to perform the get request has been provided by the
client.
It returns the provided data from the client if successful. Otherwise, it
replies to the client with an appropiate error status code and corresponding
message.
"""
try:
instance = request.headers["X-Wix-Instance"]
instance_json = instance_parser(instance)
if not instance_json:
abort(STATUS["Forbidden"], message="Invalid Instance")
else:
try:
instance = instance_json["instanceId"]
except KeyError:
abort(STATUS["Forbidden"], message="Invalid Instance")
if request_from == "settings":
try:
if (instance_json["permissions"] != "OWNER"):
abort(STATUS["Forbidden"], message="Invalid Instance")
except KeyError:
abort(STATUS["Forbidden"], message="Invalid Instance")
if request_from == "modal" or request_from == "modalNeedingMoreFeed":
event_id = request.headers["event_id"]
desired_data = request.headers["desired_data"]
if request_from == "modalNeedingMoreFeed":
object_id = request.headers["object_id"]
if "until" in request.headers:
until = request.headers["until"]
after = None
else:
after = request.headers["after"]
until = None
except AttributeError:
abort(STATUS["Unauthorized"], message="Request Incomplete")
except KeyError:
abort(STATUS["Unauthorized"], message="Missing Value")
if request_from == "modal" or request_from == "modalNeedingMoreFeed":
info = {"instance" : instance, "event_id" : event_id, \
"desired_data" : desired_data}
if not (request_from == "modalNeedingMoreFeed"):
return info
else:
info["object_id"] = object_id
info["until"] = until
info["after"] = after
return info
else:
return instance
def validate_get_request(request, request_from):
"""This function validates all get requests to the server.
It makes sure that each request comes with a valid Wix instance.
It also makes sure that, depending on the datatype being requested, all the
needed information to perform the get request has been provided by the
client.
It returns the provided data from the client if successful. Otherwise, it
replies to the client with an appropiate error status code and corresponding
message.
"""
try:
instance = request.headers["X-Wix-Instance"]
instance_json = instance_parser(instance)
if not instance_json:
abort(STATUS["Forbidden"], message="Invalid Instance")
else:
try:
instance = instance_json["instanceId"]
except KeyError:
abort(STATUS["Forbidden"], message="Invalid Instance")
if request_from == "settings":
try:
if (instance_json["permissions"] != "OWNER"):
abort(STATUS["Forbidden"], message="Invalid Instance")
except KeyError:
abort(STATUS["Forbidden"], message="Invalid Instance")
if request_from == "modal" or request_from == "modalNeedingMoreFeed":
event_id = request.headers["event_id"]
desired_data = request.headers["desired_data"]
if request_from == "modalNeedingMoreFeed":
object_id = request.headers["object_id"]
if "until" in request.headers:
until = request.headers["until"]
after = None
else:
after = request.headers["after"]
until = None
except AttributeError:
abort(STATUS["Unauthorized"], message="Request Incomplete")
except KeyError:
abort(STATUS["Unauthorized"], message="Missing Value")
if request_from == "modal" or request_from == "modalNeedingMoreFeed":
info = {"instance" : instance, "event_id" : event_id, \
"desired_data" : desired_data}
if not (request_from == "modalNeedingMoreFeed"):
return info
else:
info["object_id"] = object_id
info["until"] = until
info["after"] = after
return info
else:
return instance
def validate_put_request(request, datatype):
"""This function validates all put requests to the server.
It makes sure that each request comes with a valid Wix instance and the
instance is coming from the owner of the app.
It also makes sure that, depending on the datatype being stored, all the
needed information to perform the put request has been provided by the
client.
It returns the data from the client if successful. Otherwise, it replies
to the client with an appropiate error status code and corresponding
message.
"""
try:
instance = request.headers["X-Wix-Instance"]
content_type = request.headers["Content-Type"]
except AttributeError:
abort(STATUS["Unauthorized"], message="Request Incomplete")
except KeyError:
abort(STATUS["Unauthorized"], message="Missing Value")
if content_type != "application/json;charset=UTF-8":
abort(STATUS["Bad_Request"], message="Badly Formed Request")
instance_json = instance_parser(instance)
if not instance_json:
abort(STATUS["Forbidden"], message="Invalid Instance")
else:
try:
if (instance_json["permissions"] != "OWNER"):
abort(STATUS["Forbidden"], message="Invalid Instance")
else:
instance = instance_json["instanceId"]
except KeyError:
abort(STATUS["Forbidden"], message="Invalid Instance")
if datatype == "access_token":
try:
data = json.loads(request.data)
access_token = data["access_token"]
except Exception:
abort(STATUS["Bad_Request"], message="Badly Formed Request")
info = {"instance": instance, "access_token": access_token}
elif datatype == "settings":
try:
data_dict = json.loads(request.data)
settings = json.dumps(data_dict["settings"])
events = json.dumps(data_dict["events"])
except Exception:
abort(STATUS["Bad_Request"], message="Badly Formed Request")
if not (settings and events):
abort(STATUS["Bad_Request"], message="Missing Settings or Events")
info = {"instance" : instance, "settings" : settings, \
"events" : events}
else:
info = {"instance": instance}
return info
def validate_put_request(request, datatype):
"""This function validates all put requests to the server.
It makes sure that each request comes with a valid Wix instance and the
instance is coming from the owner of the app.
It also makes sure that, depending on the datatype being stored, all the
needed information to perform the put request has been provided by the
client.
It returns the data from the client if successful. Otherwise, it replies
to the client with an appropiate error status code and corresponding
message.
"""
try:
instance = request.headers["X-Wix-Instance"]
content_type = request.headers["Content-Type"]
except AttributeError:
abort(STATUS["Unauthorized"], message="Request Incomplete")
except KeyError:
abort(STATUS["Unauthorized"], message="Missing Value")
if content_type != "application/json;charset=UTF-8":
abort(STATUS["Bad_Request"], message="Badly Formed Request")
instance_json = instance_parser(instance)
if not instance_json:
abort(STATUS["Forbidden"], message="Invalid Instance")
else:
try:
if (instance_json["permissions"] != "OWNER"):
abort(STATUS["Forbidden"], message="Invalid Instance")
else:
instance = instance_json["instanceId"]
except KeyError:
abort(STATUS["Forbidden"], message="Invalid Instance")
if datatype == "access_token":
try:
data = json.loads(request.data)
access_token = data["access_token"]
except Exception:
abort(STATUS["Bad_Request"], message="Badly Formed Request")
info = {"instance" : instance, "access_token" : access_token}
elif datatype == "settings":
try:
data_dict = json.loads(request.data)
settings = json.dumps(data_dict["settings"])
events = json.dumps(data_dict["events"])
except Exception:
abort(STATUS["Bad_Request"], message="Badly Formed Request")
if not (settings and events):
abort(STATUS["Bad_Request"], message="Missing Settings or Events")
info = {"instance" : instance, "settings" : settings, \
"events" : events}
else:
info = {"instance" : instance}
return info
