def post(self): """ Creates a user, and will log him in. Will also show the user id, and prompt to change the password. """ DA = DataAccessor() uid = userIDGen() pw = passwordGen() user = DA.addStudent(uid, pw) session = generateSession(user) session.generated = True; session.put() self.response.headers.add_header( 'Set-Cookie', 'sid=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % session.sessionID) ## user = DS.User.get(user) message = "Your account has been created. Please store the following information in a secure location.<br/>" message += "<span class='credential'>UserID: %s</span><br/>" % user.uid message += "<span class='credential'>Password: %s</span><br/>" % user.password message += "Change your password: <a href='/student/password'>Manage Account</a>" setSessionMessage(session, message, False) self.redirect('/student')
def post(self): """ Attempts to log in a user. If the attempt fails, a message is shown. Otherwise, they are logged in and redirected to the appropriate tools page. """ uid = self.request.get('id') pw = self.request.get('pw') if not uid or not pw: setSessionMessageByRequest(self, "Please provide a User ID and Password to login.", True) self.redirect('/login') else: DA = DataAccessor() u = DA.getUser(uid, pw) if u is None: setSessionMessageByRequest(self, "The User ID and Password Combination you have provided was incorrect.", True) self.redirect('/login') else: sweepSessions() session = generateSession(u.key()) self.response.headers.add_header( 'Set-Cookie', 'sid=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(session.sessionID)) if u.userType == 'STUDENT': self.redirect('/student') elif u.userType == 'ADMIN': self.redirect('/admin') else : setSessionMessageByRequest(self, "Invalid user", True) self.redirect('/login')
def post(self): """ Changes the admin password. """ DA = DataAccessor() session = getSessionByRequest(self) user = getSessionUser(session) old = self.request.get("old") new = self.request.get("new") new2 = self.request.get("new2") if old != user.password: setSessionMessage(session, "Invalid Password") self.redirect("/admin") if new != new2: setSessionMessage(session, "Your new passwords did not match. Please try again.", True) else: setSessionMessage(session, "You have successfully changed your password.", False) # Reset the password DA.update(user, password=new) # Reset the session. session.generated = False session.put() self.redirect("/admin")
def post(self): """ Creates a new admin. Required post request parameters are uid - the new user id pw - the new password pw2 - retyping the new password. """ DA = DataAccessor() session = getSessionByRequest(self) uid = self.request.get("uid") pw = self.request.get("pw") pw2 = self.request.get("pw2") if pw != pw2: setSessionMessage(session, "Your new passwords did not match. Please try again.", True) self.redirect("/admin") return try: DA.addAdmin(uid, pw) except Usage: setSessionMessage(session, "A user with that uid exists already", True) self.redirect("/admin") return setSessionMessage(session, "Admin: " + uid + " successfully added.", False) self.redirect("/admin")
def post(self): """ Saves a new rating into the datastore. """ def errhandler(obj): raise DataStoreClash(obj) DA = DataAccessor(errhandler) session = getSessionByRequest(self) user = getSessionUser(session) typename = self.request.get("typename") ratable = None if typename == 'Book': isbn = self.request.get('isbn') title = self.request.get('title') author = self.request.get('author') try: ratable = DA.addBook( title, isbn, author ) except BadValueError: setSessionMessage(session, "Enter all values.", True) self.redirect('/student/new/Book') return except ValueError: setSessionMessage(session, "Bad input syntax.", True) self.redirect('/student/new/Book') return except DataStoreClash, err: setSessionMessage(session, "Book already exists.", True) self.redirect('/ratable/'+str(err.entity.key())) return
def post(self) : """ Handles adding grades to a course. """ key = self.request.get('key') course = db.get(db.Key(key)) session = getSessionByRequest(self) user = getSessionUser(session) da = DataAccessor() if (not self.request.get('grade')) : query = DS.Grade.all().filter('course =', course) query.filter('student =', user) grade = query.get() da.delete(grade) setSessionMessage(session, "Removed your grade", False) self.redirect('/ratable/%s' % key) return da.addGrade(course, getSessionUser(session), self.request.get('grade')) setSessionMessage(session, "Added your grade.", False) self.redirect('/ratable/%s' % key)
def get(self): """ Will generate the user management page. """ DA = DataAccessor() students = DA.getStudents() admins = DA.getAdmins() self.generate("manageUsers.html", {"admins": admins, "students": students})
def get(self): """ Clears the datastore on access. """ DA = DataAccessor() DA.clear() setSessionMessageByRequest(self, "The datastore has been cleared.", False) self.redirect("/admin")
def get(self) : """ Deletes the current user. """ session = getSessionByRequest(self) user = getSessionUser(session) da = DataAccessor() da.delete(user) expireSession(session) self.redirect('/browse/')
def get(self): """ Shows the student.html file, which is supposed to be blank. """ DA = DataAccessor() session = getSessionByRequest(self) user = getSessionUser(session) ratings = DA.getRatingsByUser(user) ratings = prepareRatingsForTemplate(ratings, user) self.generate('student.html', { 'ratings': ratings, 'isStudentPage': True, 'surpressFooter': True })
def get(self) : """ Deletes the object that has been stored in the session. """ session = getSessionByRequest(self) if session.deletionTarget : da = DataAccessor() da.delete(session.deletionTarget) ratable = unify(session.deletionTarget.rated) setSessionMessage(session, "You have deleted " + ratable.name + ".") session.deletionTarget = None session.put() else : setSessionMessage(session, "Invalid request.", True) self.redirect('/student/')
def post(self, unused) : """ Adds a rating to the given object. """ session = getSessionByRequest(self) key = self.request.get('key') rating = self.request.get('rating') if (not validRating(rating)) : setSessionMessage(session, "Invalid rating.", False) self.redirect("/student/addrating/%s" % key) return target = db.get(db.Key(key)) comment = self.request.get('comment') if not comment : comment = None da = DataAccessor() da.addRating(target, getSessionUser(session), rating, comment = comment) setSessionMessage(session, "Added Rating.", False) self.redirect("/student/")
def get(self, key=None): """ Deletes the user in question. """ DA = DataAccessor() if key == "all": for u in DA.getStudents(): DA.delete(u) elif key: user = db.get(db.Key(key)) DA.delete(user) self.redirect("/admin/manageUsers")
import re import string import sys import wsgiref.handlers from google.appengine.api import users from google.appengine.ext import db from google.appengine.ext import webapp from google.appengine.ext.webapp import template from google.appengine.ext.webapp.util import login_required # Set to true if we want to have our webapp print stack traces, etc _DEBUG = True #default admin login DA = DataAccessor() try: DA.addAdmin('admin','000000') except Usage: pass class Login(BaseRequestHandler): def get(self): """ Generates the login page. """ session = getSessionByRequest(self) if (getSessionUser(session)) : self.redirect("/browse/") return
def post(self, key=0): """ Edits the given rating. """ DA = DataAccessor() rated = db.get(db.Key(key)) session = getSessionByRequest(self) user = getSessionUser(session) rating = getUserRating(user, rated) if (not rating) : setSessionMessage(session, "You cannot edit something you have not rated.", True) self.redirect('/student') return q = DA.getAllRatings().filter("rated =", rated) if q.count() != 1 : setSessionMessage(session, "This item is no longer editable.", True); self.redirect("/student/") return typename = rated.__class__.__name__ if typename == 'Book': isbn = self.request.get('isbn') title = self.request.get('title') author = self.request.get('author') DA.update( rated, isbn=isbn, title=title, author=author ) elif typename == 'Paper': paperType = self.request.get('paperType').upper() title = self.request.get('title') author = self.request.get('author') DA.update( rated, paperType=paperType, title=title, author=author ) elif typename == 'Course': unique = self.request.get('unique') courseNum = self.request.get('courseNum') name = self.request.get('name') semester = self.request.get('semester').upper() instructor = self.request.get('instructor') year = self.request.get('year') DA.update( rated, unique=unique, courseNum=courseNum, name=name, semester=semester, year=year, instructor=instructor ) elif typename == 'Game': platform = self.request.get('platform').upper() title = self.request.get('title') DA.update( rated, platform=platform, title=title ) elif typename in ['Internship', 'PlaceLive', 'PlaceEat', 'PlaceFun', 'PlaceLive', 'PlaceStudy'] : name = self.request.get('name') location = self.request.get('location') semester = self.request.get('semester').upper() year = self.request.get('year') DA.update( rated, name=name, location=location, semester=semester, year=year ) if (validRating(self.request.get('rating'))) : DA.update(rating, rating=int(self.request.get('rating'))) setSessionMessageByRequest(self, "Successfully updated rating.") else : setSessionMessageByRequest(self, "Invalid rating input. Keeping original", True) self.redirect('/student')