def follow(self):
try:
activity_params = {'time': 'now()'}
token = request.headers['X-App-Key']
current_user = db.table('users').where('auth_token', token).first()
# Check if user not found
target_user = self.valid_user(request.json['follow'])
if target_user == False:
content = {"error": True, "message": "User not found"}
return content, 400
# Check if trying to follow itself
if target_user['id'] == current_user['id']:
content = {
"error": True,
"message": "You can't follow yourself"
}
return content, 400
# Check if user already followed
if target_user['id'] in current_user['follow_ids']:
content = {"verb": "follow", "message": "Already followed"}
return content, 200
# TODO : Update table users
# TODO : Check for SQL injection
db.table('users').where('id', current_user['id']).update({
'follow_ids':
db.raw('array_append(follow_ids, ' +
str(int(target_user['id'])) + ')')
})
# TODO : Save activity
activity_params['actor_id'] = current_user['id']
activity_params['actor_name'] = current_user['name']
activity_params['verb'] = 'follow'
activity_params['target_id'] = target_user['id']
activity_params['target_name'] = target_user['name']
db.table('activities').insert(activity_params)
content = {"verb": "follow", "message": "User followed"}
return content, 200
except Exception as e:
app.logger.error(e)
content = {
"error": True,
"message": "Something wrong on our side, sorry"
}
return content, 500
def friends(self):
try:
token = request.headers['X-App-Key']
current_user = db.table('users').where('auth_token', token).first()
friends_feed = db.select(
"""
select actor_name, verb, object_id, object_type, target_name, time from activities where actor_id in (
SELECT unnest(follow_ids) from users WHERE id = ?
) order by time desc
""",
[current_user['id']]
)
if len(friends_feed) > 0:
friends_feed = [ dict(friend_feed) for friend_feed in friends_feed ]
content = {
"friends_feed": friends_feed,
"next_url": ""
}
return content, 200
except Exception as e:
app.logger.error(e)
content = {
"error": True,
"message": "Something wrong on our side, sorry"
}
return content, 500
def valid_user(self, user_name):
try:
user = db.table('users').where('name', user_name).first()
if user is None:
raise Exception
return user
except Exception as e:
app.logger.error(e)
return False
def my(self):
try:
token = request.headers['X-App-Key']
current_user = db.table('users').where('auth_token', token).first()
my_feed = db.table('activities').select(
'actor_name', 'verb', 'object_id', 'object_type', 'target_name', 'time'
).where({
'actor_id': current_user['id']
}).order_by('time', 'desc').get().to_json()
content = {
"my_feed": json.loads(my_feed),
"next_url": ""
}
return content, 200
except Exception as e:
app.logger.error(e)
content = {
"error": True,
"message": "Something wrong on our side, sorry"
}
return content, 500
def me(self):
try:
token = request.headers['X-App-Key']
current_user = db.table('users').where('auth_token', token).first()
return dict(current_user), 200
except Exception as e:
app.logger.error(e)
content = {
"error": True,
"message": "Something wrong on our side, sorry"
}
return content, 500
def decorated_function(*args, **kwargs):
if request.headers.has_key('X-App-Key'):
token = request.headers['X-App-Key']
user = db.table('users').where('auth_token', token).first()
if (user == None):
content = {
"error": True,
"message": "Key is not valid"
}
return content, 401
else:
content = {
"error": True,
"message": "Key is missing"
}
return content, 400
return f(*args, **kwargs)
def activity(self):
try:
params = {'time': 'now()'}
# No need extra validation, handled by @valid_token
# "actor":"ivan"
token = request.headers['X-App-Key']
current_user = db.table('users').where('auth_token', token).first()
params['actor_id'] = current_user['id']
params['actor_name'] = current_user['name']
# Validate verb (like, post, share)
# "verb":"like"
valid_verb = ['like', 'share']
try:
params['verb'] = request.json['verb']
if request.json['verb'] not in valid_verb:
raise Exception
except Exception as e:
content = {
"error": True,
"message": "Verb is missing or wrong verb format"
}
return content, 400
# Check object format
object_params = self.valid_object_format(request)
if object_params == False:
content = {"error": True, "message": "Wrong object format"}
return content, 400
# Check object is exists
post_verb_table_mapping = {'post': 'posts', 'photo': 'photos'}
post_object = db.table(
post_verb_table_mapping[object_params['object_type']]).where({
'id':
object_params['object_id']
}).first()
if post_object is None:
content = {"error": True, "message": "Object is not found"}
return content, 400
# Get target
target = db.table('users').where({
'id': post_object['user_id']
}).first()
# Write to activity table
activity_params = self.merge_two_dicts(params, object_params)
activity_params['target_id'] = target['id']
activity_params['target_name'] = target['name']
db.table('activities').insert(activity_params)
content = {"verb": params['verb'], "message": "Activity recorded"}
return content, 200
except Exception as e:
app.logger.error(e)
content = {
"error": True,
"message": "Something wrong on our side, sorry"
}
return content, 500
def post(self):
try:
activity_params = {'time': 'now()'}
token = request.headers['X-App-Key']
current_user = db.table('users').where('auth_token', token).first()
activity_params['actor_id'] = current_user['id']
activity_params['actor_name'] = current_user['name']
# Valid type : post, photo, comments, image, etc..
valid_type = ['post', 'photo']
try:
if request.json['type'] not in valid_type:
raise Exception
except Exception as e:
content = {
"error": True,
"message": "Type is missing or not valid"
}
return content, 400
# Must have content
try:
post_content = request.json['content']
except Exception as e:
content = {"error": True, "message": "Content is missing"}
return content, 400
# Create record in post/photo table
"""
TODO : Add 'content' in verb 'post' including its validation
post => Raw Text
photo => Image URL
"""
post_verb_table_mapping = {'post': 'posts', 'photo': 'photos'}
post_object_id = db.table(
post_verb_table_mapping[request.json['type']]).insert_get_id({
'user_id':
current_user['id'],
'content':
request.json['content'],
'created_at':
'now()',
'updated_at':
'now()'
})
activity_params['verb'] = 'post'
activity_params['object_id'] = post_object_id
activity_params['object_type'] = request.json['type']
db.table('activities').insert(activity_params)
content = {
"type": request.json['type'],
"object_id": post_object_id,
"message": "Activity recorded"
}
return content, 200
except Exception as e:
app.logger.error(e)
content = {
"error": True,
"message": "Something wrong on our side, sorry"
}
return content, 500