Esempio n. 1
0
 def usersignup():
     data = request.json
     user = data.get('user', None)
     email = user.get('email', '')
     password = data.get('password', None)
     # Check that the email isn't in use.
     existing_user = store.session.query(User).filter(
         User.email==email, User.active==True).first()
     if existing_user is not None:
         response = base_routes.make_bad_request_response(
             'That email address is already associated with an account.')
     elif password is None:
         response = base_routes.make_bad_request_response(
             'A password was not specified.');
     else:
         user = User.admin_deserialize_add(user)
         error_messages = user.set_password(password)
         if error_messages:
             error_message = ', '.join(error_messages)
             response = base_routes.make_bad_request_response(error_message)
         else:
             store.session.add(user)
             store.session.commit()
             error_message = mail_actions.request_signup_email_confirmation(user)
             secret = user.make_api_key()
             serialized = user.serialize(user)
             response_data = {
                 'data': serialized,
                 'apiKey': secret.key,
                 'warningMessage': 'Failed to send email confirmation: {0}'.format(error_message)
             }
             response = jsonify(response_data)
     return response
    def post_picture(user_id):
        user = get_requesting_user()

        if user_id != user.id:
            return base_routes.make_not_authorized_response()

        image_file = request.files['file']
        if not image_file:
            return base_routes.make_bad_request_response('missing image data')

        image_data = image_file.read()
        if not is_allowable_image(image_data):
            return base_routes.make_bad_request_response('unallowed image type')

        filename = image_to_user_filename(image_data, user_id)

        store_image(image_file, filename)

        user.picture_filename = filename
        store.session.add(user)
        store.session.commit()

        logger.info('Saving image {!r}'.format(filename))

        return base_routes.make_OK_response()
Esempio n. 3
0
    def post_picture(user_id):
        user = get_requesting_user()

        if user_id != user.id:
            return base_routes.make_not_authorized_response()

        image_file = request.files['file']
        if not image_file:
            return base_routes.make_bad_request_response('missing image data')

        image_data = image_file.read()
        if not is_allowable_image(image_data):
            return base_routes.make_bad_request_response(
                'unallowed image type')

        filename = image_to_user_filename(image_data, user_id)

        store_image(image_file, filename)

        user.picture_filename = filename
        store.session.add(user)
        store.session.commit()

        logger.info('Saving image {!r}'.format(filename))

        return base_routes.make_OK_response()
def endpoint(requester):
    data = request.get_json()

    if data is None:
        return make_bad_request_response(
            'Please provide JSON payload for tracking')

    next_path = data.get('next_path', '')[:255]
    prev_path = data.get('prev_path', '')[:255]

    if record_view(requester.id, next_path, prev_path):
        return '', HTTPStatus.NO_CONTENT

    return make_bad_request_response(
        'Please provide non-empty `next_path` and `prev_path` to track')
Esempio n. 5
0
    def get_search_results(id, page):
        page = int(page)
        requester = get_requesting_user()
        if requester is None:
            response = base_routes.make_not_authorized_response()
        elif not is_integer(id):
            response = base_routes.make_bad_request_response()
        else:
            search = store.session.query(Search).filter_by(id=id).first()
            if search is None:
                response = base_routes.make_not_found_response()
            else:
                if search.has_admin_rights(requester):
                    matching_searches = search_utils.find_matching_searches(
                        search, page)

                    serialized = [
                        search.serialize(
                            requester,
                            exclude=[],
                        ) for search in matching_searches
                    ]
                    response_data = {'data': serialized}
                    response = jsonify(response_data)
                else:
                    response = base_routes.make_forbidden_response()
        return response
    def get_search_results(id, page):
        page = int(page)
        requester = get_requesting_user()
        if requester is None:
            response = base_routes.make_not_authorized_response()
        elif not is_integer(id):
            response = base_routes.make_bad_request_response()
        else:
            search = store.session.query(Search).filter_by(id=id).first()
            if search is None:
                response = base_routes.make_not_found_response()
            else:
                if search.has_admin_rights(requester):
                    matching_searches = search_utils.find_matching_searches(search, page)

                    serialized = [
                        search.serialize(
                            requester,
                            exclude=[],
                        ) for search in matching_searches
                    ]
                    response_data = {'data': serialized}
                    response = jsonify(response_data)
                else:
                    response = base_routes.make_forbidden_response()
        return response
Esempio n. 7
0
 def usersignup():
     data = request.json
     user = data.get('user', None)
     email = user.get('email', '')
     password = data.get('password', None)
     # Check that the email isn't in use.
     existing_user = store.session.query(User)
     existing_user = existing_user.filter(User.email == email,
                                          User.active == True)
     existing_user = existing_user.first()
     if existing_user is not None:
         response = base_routes.make_bad_request_response(
             'That email address is already associated with an account.', )
     elif password is None:
         response = base_routes.make_bad_request_response(
             'A password was not specified.')
     else:
         try:
             user = User.admin_deserialize_add(user)
             error_messages = user.set_password(password)
             if error_messages:
                 error_message = ', '.join(error_messages)
                 response = base_routes.make_bad_request_response(
                     error_message)
             else:
                 store.session.add(user)
                 store.session.commit()
                 error_message = mail_actions.request_signup_email_confirmation(
                     user)
                 secret = user.make_api_key()
                 serialized = user.serialize(user)
                 warning_message = 'Failed to send email confirmation: {0}'.format(
                     error_message)
                 response_data = {
                     'data': serialized,
                     'apiKey': secret.key,
                     'warningMessage': warning_message,
                 }
             response = jsonify(response_data)
         except ValidationException as e:
             response = base_routes.make_bad_request_response(str(e))
     return response
Esempio n. 8
0
 def reset_password():
     data = request.json
     key = data.get('key', '')
     password = data.get('password', '')
     if key == '':
         response = base_routes.make_bad_request_response(
             'Did not receive a key with password reset request.')
     elif password == '':
         response = base_routes.make_bad_request_response(
             'Received password to reset to was blank.')
     else:
         user, error_messages = mail_actions.process_password_reset(key, password)
         if error_messages:
             error_message = ', '.join(error_messages)
             response = base_routes.make_bad_request_response(error_message)
         elif user is None:
             response = base_routes.make_bad_request_response()
         else:
             response = base_routes.make_single_response(user, user)
     return response
Esempio n. 9
0
 def reset_password():
     data = request.json
     key = data.get('key', '')
     password = data.get('password', '')
     if key == '':
         response = base_routes.make_bad_request_response(
             'Did not receive a key with password reset request.', )
     elif password == '':
         response = base_routes.make_bad_request_response(
             'Received password to reset to was blank.', )
     else:
         user, error_messages = mail_actions.process_password_reset(
             key, password)
         if error_messages:
             error_message = ', '.join(error_messages)
             response = base_routes.make_bad_request_response(error_message)
         elif user is None:
             response = base_routes.make_bad_request_response()
         else:
             response = base_routes.make_single_response(user, user)
     return response
Esempio n. 10
0
 def confirm_email():
     data = request.json
     key = data.get('key', '')
     if key == '':
         response = base_routes.make_bad_request_response(
             'Did not receive a key with email confirmation.')
     else:
         user, error_messages = mail_actions.process_confirm_email(key)
         if error_messages:
             error_message = ', '.join(error_messages)
             response = base_routes.make_bad_request_response(error_message)
         elif user is None:
             response = base_routes.make_bad_request_response()
         else:
             secret = user.make_api_key()
             serialized = user.serialize(user)
             response_data = {
                 'data': serialized,
                 'apiKey': secret.key,
             }
             response = jsonify(response_data)
     return response
Esempio n. 11
0
 def confirm_email():
     data = request.json
     key = data.get('key', '')
     if key == '':
         response = base_routes.make_bad_request_response(
             'Did not receive a key with email confirmation.', )
     else:
         user, error_messages = mail_actions.process_confirm_email(key)
         if error_messages:
             error_message = ', '.join(error_messages)
             response = base_routes.make_bad_request_response(error_message)
         elif user is None:
             response = base_routes.make_bad_request_response()
         else:
             secret = user.make_api_key()
             serialized = user.serialize(user)
             response_data = {
                 'data': serialized,
                 'apiKey': secret.key,
             }
             response = jsonify(response_data)
     return response
Esempio n. 12
0
 def post_picture(user_id):
     requester = get_requesting_user()
     if (user_id == requester.id):
         user = requester
         f = request.files['file']
         if f:
             filename = process_filename(f.filename, user_id)
             if filename is None:
                 response = base_routes.make_bad_request_response()
             else:
                 conn = tinys3.Connection(
                     config.S3_USERNAME, config.S3_KEY, tls=True)
                 # Upload it.  Set cache expiry time to 1 hr.
                 conn.upload(filename, f, config.S3_BUCKETNAME,
                             expires=3600)
                 user.picture_filename = filename
                 store.session.add(user)
                 store.session.commit()
                 response = base_routes.make_OK_response()
         else:
             response = base_routes.make_bad_request_response()
     else:
         response = base.routes.make_forbidden_response()
     return response