def GET(self, get_string=''):
log.loggit('default.GET()')
# Try to detemine the username from the query
username = ''
if web.input().has_key('username'):
username = web.input()['username']
adb = accountdb.AccountDB()
if username:
account = adb.review_account(username)
if account:
return {
'status': 'success',
'account': wputil.clean_account(account)
}
else:
return {
'status': 'failure',
'message': 'No account: %s' % (username)
}
else:
accounts = adb.review_accounts()
for account in accounts:
account = wputil.clean_account(account)
return {'status': 'success', 'accounts': accounts}
def login( self, username, password, session_login=True ):
"""
@param username is the username of an account
@param password is the password of an account
@returns a single record from the database as a Storage object
"""
log.loggit( 'AccountDB.login()' )
# Try to login
account = self.review_account( username )
if not account:
return False
if not pwd_context.verify( password, account['password'] ):
return False
account = wputil.clean_account( account )
if session_login:
# Update the account information
data = {}
data['last_ip'] = web.ctx.ip
data['last_login'] = str(int(time.time()))
account = self._set_account_info( account, data )
# Put account information in session key
for key,value in account.items():
value = str(value)
web.ctx.session[ key ] = ( value[:50] + '...' ) if len(value) > 50 else value
return account
def GET( self, get_string='' ):
log.loggit( 'update.GET()' )
# Grab the account id from the get string
username = get_string.lstrip('/')
if not username:
raise web.seeother('../')
# Must be a matching user or administrator to review accounts
wputil.must_match_username_or_admin( username )
# Verify account exists
adb = accountdb.AccountDB()
account = adb.review_account( username )
if not account:
return { 'status' : 'error',
'message' : 'No such account exists: %s' % ( username ) }
# Instantiate a form and populate it with the data
if wputil.is_admin():
f = admin_account_form()
else:
f = account_form()
f.fill( wputil.clean_account( account ) )
return { 'status' : 'success',
'message' : 'Required fields include: id, username, password, password2 - Note that password and password2 must match.',
'form' : f }
def login(self, username, password, session_login=True):
"""
@param username is the username of an account
@param password is the password of an account
@returns a single record from the database as a Storage object
"""
log.loggit("AccountDB.login()")
# Try to login
account = self.review_account(username)
if not account:
return False
if not pwd_context.verify(password, account["password"]):
return False
account = wputil.clean_account(account)
if session_login:
# Update the account information
data = {}
data["last_ip"] = web.ctx.ip
data["last_login"] = str(int(time.time()))
account = self._set_account_info(account, data)
# Put account information in session key
for key, value in account.items():
value = str(value)
web.ctx.session[key] = (value[:50] + "...") if len(value) > 50 else value
return account
def GET(self, get_string=''):
log.loggit('update.GET()')
# Grab the account id from the get string
username = get_string.lstrip('/')
if not username:
raise web.seeother('../')
# Must be a matching user or administrator to review accounts
wputil.must_match_username_or_admin(username)
# Verify account exists
adb = accountdb.AccountDB()
account = adb.review_account(username)
if not account:
return {
'status': 'error',
'message': 'No such account exists: %s' % (username)
}
# Instantiate a form and populate it with the data
if wputil.is_admin():
f = admin_account_form()
else:
f = account_form()
f.fill(wputil.clean_account(account))
return {
'status': 'success',
'message':
'Required fields include: id, username, password, password2 - Note that password and password2 must match.',
'form': f
}
def GET( self, get_string='' ):
log.loggit( 'default.GET()' )
# Get the accounds and delete the password field
adb = accountdb.AccountDB()
accounts = adb.review_accounts()
for account in accounts:
account = wputil.clean_account( account )
return { 'status' : 'success',
'message' : 'Select the user account to review, update or delete. Click the Add Account link to create a new account.',
'accounts' : accounts }
def GET( self, get_string='' ):
log.loggit( 'default.GET()' )
# Try to detemine the username from the query
username = ''
if web.input().has_key('username'):
username = web.input()['username']
adb = accountdb.AccountDB()
if username:
account = adb.review_account( username )
if account:
return { 'status' : 'success', 'account' : wputil.clean_account( account ) }
else:
return { 'status' : 'failure', 'message' : 'No account: %s' % ( username ) }
else:
accounts = adb.review_accounts()
for account in accounts:
account = wputil.clean_account( account )
return { 'status' : 'success', 'accounts' : accounts }
def GET(self, get_string=''):
log.loggit('default.GET()')
# Get the accounds and delete the password field
adb = accountdb.AccountDB()
accounts = adb.review_accounts()
for account in accounts:
account = wputil.clean_account(account)
return {
'status': 'success',
'message':
'Select the user account to review, update or delete. Click the Add Account link to create a new account.',
'accounts': accounts
}
class default:
"""
The REST functions for managing accounts
"""
@wpauth.oauth_protect
@mimerender(default='json', override_input_key='format', json=render_json)
def GET(self, get_string=''):
log.loggit('default.GET()')
# Try to detemine the username from the query
username = ''
if web.input().has_key('username'):
username = web.input()['username']
adb = accountdb.AccountDB()
if username:
account = adb.review_account(username)
if account:
return {
'status': 'success',
'account': wputil.clean_account(account)
}
else:
return {
'status': 'failure',
'message': 'No account: %s' % (username)
}
else:
accounts = adb.review_accounts()
for account in accounts:
account = wputil.clean_account(account)
return {'status': 'success', 'accounts': accounts}
@wpauth.oauth_protect
@mimerender(default='json', override_input_key='format', json=render_json)
def POST(self, get_string=''):
log.loggit('default.POST()')
adb = accountdb.AccountDB()
try:
account = adb.create_account(web.input())
except Exception, e:
return {
'status': 'failure',
'message': '%s %s' % (repr(e), str(e))
}
return {'status': 'success', 'account': wputil.clean_account(account)}
def GET( self, get_string='' ):
log.loggit( 'review.GET()' )
# Grab the account username from URL
username = get_string.lstrip('/')
# Must be a matching user or administrator to review accounts
wputil.must_match_username_or_admin( username )
# Check to see if it exists
account = adb.review_account( username )
if not account:
return { 'status' : 'error',
'message' : 'No such account exists: %s' % ( username ) }
return { 'status' : 'success',
'message' : 'Review the account information.',
'account' : wputil.clean_account( account ) }
def GET( self, get_string='' ):
log.loggit( 'review.GET()' )
# Grab the account username from URL
username = get_string.lstrip('/')
# Must be a matching user or administrator to review accounts
wputil.must_match_username_or_admin( username )
# Check to see if it exists
account = adb.review_account( username )
if not account:
return { 'status' : 'error',
'message' : 'No such account exists: %s' % ( username ) }
return { 'status' : 'success',
'message' : 'Review the account information.',
'account' : wputil.clean_account( account ) }
}
return {'status': 'success', 'account': wputil.clean_account(account)}
@wpauth.oauth_protect
@mimerender(default='json', override_input_key='format', json=render_json)
def PUT(self, get_string=''):
log.loggit('default.PUT()')
adb = accountdb.AccountDB()
try:
account = adb.update_account(web.input())
except Exception, e:
return {
'status': 'failure',
'message': '%s %s' % (repr(e), str(e))
}
return {'status': 'success', 'account': wputil.clean_account(account)}
@wpauth.oauth_protect
@mimerender(default='json', override_input_key='format', json=render_json)
def DELETE(self, get_string=''):
log.loggit('default.DELETE()')
if web.input()['username'] == 'admin':
return {
'status': 'failure',
'message': 'Cannot delete the admin account.'
}
adb = accountdb.AccountDB()
try:
result = adb.delete_account(web.input()['username'])
except Exception, e:
return {
@wpauth.oauth_protect
@mimerender(
default = 'json',
override_input_key = 'format',
json = render_json
)
def PUT( self, get_string='' ):
log.loggit( 'default.PUT()' )
adb = accountdb.AccountDB()
try:
account = adb.update_account( web.input() )
except Exception, e:
return { 'status' : 'failure', 'message' : '%s %s' % ( repr(e), str(e) ) }
return { 'status' : 'success', 'account': wputil.clean_account( account ) }
@wpauth.oauth_protect
@mimerender(
default = 'json',
override_input_key = 'format',
json = render_json
)
def DELETE( self, get_string='' ):
log.loggit( 'default.DELETE()' )
if web.input()['username'] == 'admin':
return { 'status' : 'failure', 'message' : 'Cannot delete the admin account.' }
adb = accountdb.AccountDB()
try:
result = adb.delete_account( web.input()['username'] )