def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "Admin access only.")
vq = appuser.VizQuery(service.AppService, "WHERE name=:1", "pubpts")
svcs = vq.fetch(1, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
if not len(svcs): # create the entry as a placeholder
svc = service.AppService(name="pubpts", ckey="", csec="", data="")
svc.put()
res = [] # result accumulator
if len(svcs) > 0 and len(svcs[0].data) > 100:
for ptid in svcs[0].data.split(","):
pt = Point.get_by_id(int(ptid))
if is_deleted_point(pt):
continue
res.append(pt)
else: # no point ids to process, fetch everything
pts = Point.all()
for pt in pts:
if is_deleted_point(pt):
continue
res.append(pt)
appuser.return_json(self, res)
def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "Admin access only.")
pts = Point.all()
for pt in pts:
pt.groups = ""
pt.regions = ""
pt.categories = ""
pt.tags = ""
cats = []
if "N" in pt.codes:
cats.append("Native American")
if "B" in pt.codes:
cats.append("African American")
if "L" in pt.codes:
cats.append("Latino/as")
if "A" in pt.codes:
cats.append("Asian American")
if "M" in pt.codes:
cats.append("Middle East/North Africa")
if "R" in pt.codes:
cats.append("Multiracial")
pt.qtype = ""
if "U" in pt.codes:
pt.qtype = "U"
if "F" in pt.codes:
pt.qtype = "F"
if "D" in pt.codes:
pt.qtype = "D"
pt.groups = ",".join(cats)
pt.put() # individual points are not cached
self.response.out.write("BatchProcessPoints completed.")
def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["tlid"]);
tlid = int(params["tlid"])
vq = appuser.VizQuery(TLComp, "WHERE tlid=:1 LIMIT 50", tlid)
res = vq.fetch(50, read_policy=db.EVENTUAL_CONSISTENCY, deadline=40)
appuser.return_json(self, res)
def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "Admin access only.")
text = recent_completions("2018-01-01T00:00:00Z")
self.response.headers['Content-Type'] = 'text/plain'
self.response.out.write(text)
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid"])
orgid = params["orgid"] # str
org = appuser.cached_get(orgid, {"dboc": Organization, "byid": orgid})
appuser.return_json(self, [org])
def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "Admin access only.")
ptid = self.request.get('pointid')
pt = Point.get_by_id(int(ptid))
pt.pic = None
pt.put()
self.response.out.write("Pic set to None for Point " + ptid)
def get(self):
# PENDING: verify caller is an org contributor
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
ptid = self.request.get('pointid')
if not ptid:
return appuser.srverr(self, 400, "pointid required for lookup")
pt = Point.get_by_id(int(ptid))
if not pt:
return appuser.srverr(self, 404, "Point " + ptid + " not found")
appuser.return_json(self, [pt])
def post(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, [
"instid", "name", "ctype", "cids", "svs", "slug", "title",
"subtitle", "featured", "lang", "comment", "about"
])
timeline = update_or_create_timeline(self, acc, params)
if timeline:
updated = update_timeline_list(acc.built, timeline)
if updated != acc.built:
acc.built = updated
appuser.cached_put(acc.email, acc)
appuser.return_json(self, [timeline, acc])
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "System admin access only.")
pn = "Placeholder"
vq = appuser.VizQuery(Organization, "WHERE name=:1 LIMIT 1", pn)
orgs = vq.fetch(1, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
if len(orgs) > 0:
org = orgs[0]
else:
org = Organization(name=pn)
org.put()
appuser.return_json(self, [org])
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid"])
if not params["orgid"] or int(params["orgid"]) != acc.orgid:
return appuser.srverr(self, 403, "Not your Organization")
vq = appuser.VizQuery(appuser.AppUser, "WHERE orgid=:1",
int(params["orgid"]))
res = vq.fetch(500, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
oms = []
for user in res: # only public info and org info, no email etc..
oms.append(public_member_record(user))
logging.info("Org " + params["orgid"] + " has " + str(len(oms)) +
" members")
appuser.return_json(self, oms)
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
fields = [
"orgid", "name", "code", "contacturl", "projecturl", "groups",
"regions", "categories", "tags"
]
params = appuser.read_params(self, fields)
orgid = int(params["orgid"])
org = Organization.get_by_id(orgid)
if acc.orgid != orgid or acc.lev != 2:
return appuser.srverr(self, 403, "Not Organization Administrator")
org = update_organization(org, params)
if org:
appuser.return_json(self, [org])
def post(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["tlid", "tlname", "tltitle",
"tlsubtitle"]);
tlid = params["tlid"]
started = json.loads(acc.started)
proginst = [pi for pi in started if pi["tlid"] == tlid]
if not len(proginst):
return appuser.srverr(self, 400, "Timeline " + tlid + " (" +
params["tlname"] + ") not found")
proginst = proginst[0]
tstamp = appuser.nowISO()
comp = TLComp(userid=acc.key().id(), tlid=int(tlid), username=acc.name,
tlname=params["tlname"], data=json.dumps(proginst),
created=tstamp)
comp.put()
# Update the account and return the updated version
started = [pi for pi in started if pi["tlid"] != tlid]
completed = json.loads(acc.completed)
compinst = [ci for ci in completed if ci["tlid"] == tlid]
if len(compinst):
compinst = compinst[0]
if "count" not in compinst: # completed before count introduced
compinst["count"] = 1 # at least one completion, start there
compinst["name"] = params["tlname"] # update name in case changed
else:
compinst = {"tlid":tlid, "name":params["tlname"],
"count":0, "first":tstamp}
compinst["latest"] = tstamp
compinst["count"] += 1
compinst["title"] = params["tltitle"]
compinst["subtitle"] = params["tlsubtitle"]
compinst["stats"] = completion_stats(proginst)
completed = [ci for ci in completed if ci["tlid"] != tlid]
completed.append(compinst)
acc.started = json.dumps(started)
acc.completed = json.dumps(completed)
cached_put(acc.email, acc)
appuser.return_json(self, [acc, {"token":appuser.token_for_user(acc)}])
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if not acc.orgid or acc.lev != 2:
return appuser.srverr(self, 403, "Not an Administrator")
params = appuser.read_params(self, ["membermail"])
mem = appuser.account_from_email(params["membermail"])
if not mem:
return appuser.srverr(self, 404, "User not found")
if mem.orgid:
if mem.orgid == acc.orgid:
return appuser.srverr(self, 400, "Already a member")
else:
return appuser.srverr(self, 403, "Member of other Org")
mem.orgid = acc.orgid
mem.lev = 0
appuser.cached_put(mem.email, mem)
appuser.return_json(self, [public_member_record(mem)])
def post(self):
# ptupld could be sending password in params so refuse if not secured
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
appuser.dump_params(self)
params = appuser.read_params(self, [
"ptid", "date", "text", "refs", "qtype", "groups", "regions",
"categories", "tags", "codes", "orgid", "source", "srclang",
"stats", "translations", "pic", "picdelcb"
])
# need to return proper content to form submission iframe regardless
self.response.headers['Content-Type'] = 'text/html;charset=UTF-8'
try:
pt = update_or_create_point(self, acc, params)
except Exception as e:
# Client looks for text containing "failed: " + for error reporting
self.response.out.write("Point update failed: " + str(e))
return
self.response.out.write("ptid: " + str(pt.key().id()))
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid", "userid", "lev"])
if not params["orgid"] or int(params["orgid"]) != acc.orgid:
return appuser.srverr(self, 403, "Not your Organization")
orgid = int(params["orgid"])
userid = int(params["userid"])
lev = int(params["lev"])
if acc.key().id() != userid and acc.lev != 2:
return appuser.srverr(self, 403, "Not an Administrator")
if acc.key().id() == userid and lev > acc.lev:
return appuser.srverr(self, 403, "Can't promote yourself")
user = appuser.AppUser.get_by_id(userid)
if lev < 0:
user.orgid = 0
user.lev = 0
else:
user.lev = lev
appuser.cached_put(user.email, user)
appuser.return_json(self, [])
