def post(self):
if not appuser.verify_secure_comms(self):
return
data = appuser.read_params(self, ["uidp", "tlid", "st", "svs", "pts"])
if data["uidp"] and data["tlid"] and data["pts"]:
write_dc_entry(self, "tlsave", data)
appuser.return_json(self, "[]")
def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["tlid"]);
tlid = int(params["tlid"])
vq = appuser.VizQuery(TLComp, "WHERE tlid=:1 LIMIT 50", tlid)
res = vq.fetch(50, read_policy=db.EVENTUAL_CONSISTENCY, deadline=40)
appuser.return_json(self, res)
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid"])
orgid = params["orgid"] # str
org = appuser.cached_get(orgid, {"dboc": Organization, "byid": orgid})
appuser.return_json(self, [org])
def post(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, [
"instid", "name", "ctype", "cids", "svs", "slug", "title",
"subtitle", "featured", "lang", "comment", "about"
])
timeline = update_or_create_timeline(self, acc, params)
if timeline:
updated = update_timeline_list(acc.built, timeline)
if updated != acc.built:
acc.built = updated
appuser.cached_put(acc.email, acc)
appuser.return_json(self, [timeline, acc])
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid"])
if not params["orgid"] or int(params["orgid"]) != acc.orgid:
return appuser.srverr(self, 403, "Not your Organization")
vq = appuser.VizQuery(appuser.AppUser, "WHERE orgid=:1",
int(params["orgid"]))
res = vq.fetch(500, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
oms = []
for user in res: # only public info and org info, no email etc..
oms.append(public_member_record(user))
logging.info("Org " + params["orgid"] + " has " + str(len(oms)) +
" members")
appuser.return_json(self, oms)
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
fields = [
"orgid", "name", "code", "contacturl", "projecturl", "groups",
"regions", "categories", "tags"
]
params = appuser.read_params(self, fields)
orgid = int(params["orgid"])
org = Organization.get_by_id(orgid)
if acc.orgid != orgid or acc.lev != 2:
return appuser.srverr(self, 403, "Not Organization Administrator")
org = update_organization(org, params)
if org:
appuser.return_json(self, [org])
def post(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["tlid", "tlname", "tltitle",
"tlsubtitle"]);
tlid = params["tlid"]
started = json.loads(acc.started)
proginst = [pi for pi in started if pi["tlid"] == tlid]
if not len(proginst):
return appuser.srverr(self, 400, "Timeline " + tlid + " (" +
params["tlname"] + ") not found")
proginst = proginst[0]
tstamp = appuser.nowISO()
comp = TLComp(userid=acc.key().id(), tlid=int(tlid), username=acc.name,
tlname=params["tlname"], data=json.dumps(proginst),
created=tstamp)
comp.put()
# Update the account and return the updated version
started = [pi for pi in started if pi["tlid"] != tlid]
completed = json.loads(acc.completed)
compinst = [ci for ci in completed if ci["tlid"] == tlid]
if len(compinst):
compinst = compinst[0]
if "count" not in compinst: # completed before count introduced
compinst["count"] = 1 # at least one completion, start there
compinst["name"] = params["tlname"] # update name in case changed
else:
compinst = {"tlid":tlid, "name":params["tlname"],
"count":0, "first":tstamp}
compinst["latest"] = tstamp
compinst["count"] += 1
compinst["title"] = params["tltitle"]
compinst["subtitle"] = params["tlsubtitle"]
compinst["stats"] = completion_stats(proginst)
completed = [ci for ci in completed if ci["tlid"] != tlid]
completed.append(compinst)
acc.started = json.dumps(started)
acc.completed = json.dumps(completed)
cached_put(acc.email, acc)
appuser.return_json(self, [acc, {"token":appuser.token_for_user(acc)}])
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if not acc.orgid or acc.lev != 2:
return appuser.srverr(self, 403, "Not an Administrator")
params = appuser.read_params(self, ["membermail"])
mem = appuser.account_from_email(params["membermail"])
if not mem:
return appuser.srverr(self, 404, "User not found")
if mem.orgid:
if mem.orgid == acc.orgid:
return appuser.srverr(self, 400, "Already a member")
else:
return appuser.srverr(self, 403, "Member of other Org")
mem.orgid = acc.orgid
mem.lev = 0
appuser.cached_put(mem.email, mem)
appuser.return_json(self, [public_member_record(mem)])
def post(self):
# ptupld could be sending password in params so refuse if not secured
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
appuser.dump_params(self)
params = appuser.read_params(self, [
"ptid", "date", "text", "refs", "qtype", "groups", "regions",
"categories", "tags", "codes", "orgid", "source", "srclang",
"stats", "translations", "pic", "picdelcb"
])
# need to return proper content to form submission iframe regardless
self.response.headers['Content-Type'] = 'text/html;charset=UTF-8'
try:
pt = update_or_create_point(self, acc, params)
except Exception as e:
# Client looks for text containing "failed: " + for error reporting
self.response.out.write("Point update failed: " + str(e))
return
self.response.out.write("ptid: " + str(pt.key().id()))
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid", "userid", "lev"])
if not params["orgid"] or int(params["orgid"]) != acc.orgid:
return appuser.srverr(self, 403, "Not your Organization")
orgid = int(params["orgid"])
userid = int(params["userid"])
lev = int(params["lev"])
if acc.key().id() != userid and acc.lev != 2:
return appuser.srverr(self, 403, "Not an Administrator")
if acc.key().id() == userid and lev > acc.lev:
return appuser.srverr(self, 403, "Can't promote yourself")
user = appuser.AppUser.get_by_id(userid)
if lev < 0:
user.orgid = 0
user.lev = 0
else:
user.lev = lev
appuser.cached_put(user.email, user)
appuser.return_json(self, [])
