def post(self): #test param exists and is right type try: table_delete = int(self.request.get('table_id')) except: table_delete = 0 try: result_delete = int(self.request.get('result_id')) except: result_delete = 0 try: result_set = int(self.request.get('result_set')) except: result_set = 0 if(table_delete == 0 or result_delete == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table and team exists tablek = db.Key.from_path('Table', table_delete) tablet = db.get(tablek) resultk = db.Key.from_path('Result', result_delete) resultt = db.get(resultk) if not type(tablet) is NoneType and not type(resultt) is NoneType: for o in u: #test if user is table owner and table owns team if (o.key().id() == tablet.user.key().id() and tablet.key().id() == resultt.table.key().id()): #delete team using helperfunctions.function helperfunctions.deleteresult(resultk, tablek) table_object = 'result' return_page = 'Results' object_action = 'deleted' object_url = 'getresults' self.redirect('/displaymessage?table_id='+ str(table_delete)+'&table_object='+table_object+'&return_page='+ return_page+'&object_action='+object_action+'&object_url='+ object_url+'&result_set='+str(result_set)) else: logging.warning("attempt to delete another user's team") self.redirect('/existingtable') else: logging.warning("attempt to delete a team that doesn't exist (or its table doesn't exist)") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def post(self): #test param exists and is right type try: table_get = int(self.request.get('tbl_id')) except: table_get = 0 table_name = self.request.get('name', default_value="Unnamed team") if(table_get == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table exists k = db.Key.from_path('Table', table_get) tb = db.get(k) if not type(tb) is NoneType: for o in u: #test if user is owner if o.key().id() == tb.user.key().id(): team = Team(table=tb, name=table_name, games_played=0, games_won=0, games_drawn=0, games_lost=0, goals_for=0, goals_against=0, goal_difference=0, points_deducted=0, points=0).put() table_id = table_get table_object = 'team' return_page = 'Teams' object_action = 'added' object_url = 'getteams' self.redirect('/displaymessage?table_id='+str(table_id)+ '&table_object='+table_object+'&return_page='+ return_page+'&object_action='+object_action+'&object_url='+object_url) else: logging.warning("attempt to add a team to another user's table") self.redirect('/existingtable') else: logging.warning("attempt to add team to a table that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def get(self): #test param exists and is right type notapp=1 if 'sportablesapp' in self.request.cookies: notapp=0 try: table_get = int(self.request.get('table_name')) except: table_get = 0 if(table_get == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table exists k = db.Key.from_path('Table', table_get) tb = db.get(k) if not type(tb) is NoneType: for o in u: #test if user is owner if o.key().id() == tb.user.key().id(): tms = Team().all() tms.filter('table = ', k) tms.order('-points') tms.order('-goal_difference') tms.order('-goals_for') tms.order('name') rs = Result().all() rs.filter('table = ', k) template_values = { 'notapp': notapp, 'tabledata': tb, 'teamsdata': tms, 'resultsdata': rs } path = os.path.join(os.path.dirname(__file__), 'table.html') self.response.out.write(template.render(path, template_values)) else: logging.warning("attempt to get another user's table") self.redirect('/existingtable') else: logging.warning("attempt to get a table that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def get(self): #test param exists and is right type notapp=1 if 'sportablesapp' in self.request.cookies: notapp=0 try: table_get = int(self.request.get('table_name')) except: table_get = 0 if(table_get == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table exists k = db.Key.from_path('Table', table_get) tb = db.get(k) if not type(tb) is NoneType: for o in u: #test if user is owner if o.key().id() == tb.user.key().id(): server_name = os.environ['SERVER_NAME'] if (server_name == 'localhost'): server_port = ':'+os.environ['SERVER_PORT'] else: server_port = '' viewable_url = server_name+server_port+'?table='+str(table_get) template_values = { 'notapp': notapp, 'tabledata': tb, 'viewable_url': viewable_url } path = os.path.join(os.path.dirname(__file__), 'share.html') self.response.out.write(template.render(path, template_values)) else: logging.warning("attempt to get another user's table") self.redirect('/existingtable') else: logging.warning("attempt to get a table that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def create_database(self): if not db.table_exists("user"): User.create_table() if not db.table_exists("accountgroup"): AccountGroup.create_table() if not db.table_exists("account"): Account.create_table() if not db.table_exists("bill"): Bill.create_table() if not db.table_exists("transfer"): Transfer.create_table() if not db.table_exists("accountstatmonth"): AccountStatMonth.create_table()
def signin(): error = None if request.method == 'POST': email = request.form['email'] name = request.form['name'] password = request.form['password'] password1 = request.form['password1'] if (password != password1): flash('两次输入的密码不一致') return render_template('signin.html') if not check_the_password(password): flash('密码不符合要求,密码长度应该在4到25之间并不能仅为数字') return render_template('signin.html') if not check_the_email(email): flash('邮箱格式错误') return render_template('signin.html') check_email = User.query.filter(User.email == email).first() if check_email: flash('邮箱已被注册>_<') else: flash('已经发送邮件到你的邮箱,请立刻激活帐号') new_user = User(name, email, password) session['unconfirm'] = True session['user_email'] = new_user.email db_session.add(new_user) db_session.commit() """ send_email_for_confirm(email, new_user.email, new_user.reg_time, new_user.confirm) """ return redirect(url_for('signined')) return render_template('signin.html')
def get(self): #test param exists and is right type try: table_get = int(self.request.get('tbl_id')) except: table_get = 0 try: viewable_get = int(self.request.get('viewable')) except: viewable_get = None if(table_get == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table exists k = db.Key.from_path('Table', table_get) tb = db.get(k) if not type(tb) is NoneType: for o in u: #test if user is owner if o.key().id() == tb.user.key().id(): #update viewable boolean if set to number if viewable_get != None: tb.viewable = bool(viewable_get) tb.put() self.redirect('/getshare?table_name=' + str(table_get)) else: logging.warning("attempt to get another user's table") self.redirect('/existingtable') else: logging.warning("attempt to get a table that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def get(self): #test param exists and is right type try: table_delete = int(self.request.get('table_to_delete')) except: table_delete = 0 if(table_delete == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table exists k = db.Key.from_path('Table', table_delete) tb = db.get(k) if not type(tb) is NoneType: for o in u: #test if user is owner if o.key().id() == tb.user.key().id(): helperfunctions.deletetable(k) table_id = 0 table_object = 'table' return_page = 'Your tables' object_action = 'deleted' object_url = 'existingtable' self.redirect('/displaymessage?table_id=' +str(table_id)+'&table_object='+table_object+'&return_page=' +return_page+'&object_action='+object_action+'&object_url='+object_url) else: logging.warning("attempt to delete another user's table") self.redirect('/existingtable') else: logging.warning("attempt to delete a table that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def createUser(login_session): newUser = User(name=login_session['username'], email=login_session['email'], picture=login_session['picture']) session.add(newUser) session.commit() user = session.query(User).filter_by(email=login_session['email']).one() return user.id
def get(self): u = User.all() disable = 1 template_values = { 'disable': disable } path = os.path.join(os.path.dirname(__file__), 'admin/admin.html') self.response.out.write(template.render(path, template_values))
def get(self): tab = None u = None table_name = self.request.get('name', default_value="Unnamed table") try: points_for_win = int(self.request.get('points_for_win')) except: points_for_win = 3 try: points_for_score_draw = int(self.request.get('points_for_score_draw')) except: points_for_score_draw = 1 try: points_for_draw = int(self.request.get('points_for_draw')) except: points_for_draw = 1 try: points_for_lose = int(self.request.get('points_for_lose')) except: points_for_lose = 0 if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: for p in u: table = Table(user=p, name=table_name, points_for_win=points_for_win, points_for_score_draw=points_for_score_draw, points_for_draw=points_for_draw, points_for_lose=points_for_lose, viewable=True).put() tab = table.id() self.redirect('/getteams?table_name=' + str(tab)) else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/')
def verify_password(email_or_token, password): user_id = User.verify_auth_token(email_or_token) if user_id: user = session.query(User).filter_by(id=user_id).one() else: user = session.query(User).filter_by(email=email_or_token).first() if not user or not user.verify_password(password): return False g.user = user return True
def add_new_user(): email = request.json.get('email') password = request.json.get('password') name = request.json.get('name') picture = request.json.get('picture') if email is None or password is None: abort(400) user = session.query(User).filter_by(email=email).first() if user is None: user = User(email = email) user.hash_password(password) user.name = name user.picture = picture session.add(user) session.commit() else: return jsonify({'message': 'user already exists'}), 200 return jsonify({'email': user.email}), 201
def setUp(self): application.app_context().push() application.config['TESTING'] = True application.config['WTF_CSRF_ENABLED'] = True application.config['DEBUG'] = False # using test database application.config['SQLALCHEMY_DATABASE_URI'] = TEST_DB self.client = application.test_client() db.drop_all() db.create_all() # create a testing user db.session.add(User('*****@*****.**', 'testing', '123456')) db.session.commit() self.assertEqual(application.debug, False)
def login(self): email = ask("Input login email: ") password = ask("Input password: "******"Not find you in the system.") ins = ask("Sign up? (y/n): ") if ins == 'y': self.create_user() else: exit() else: self.current_user = user info("Welcome you, %s" % user.nickname)
def signup(): form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data, username=form.username.data, password=form.password.data) try: form.check_email(form.email, form.username) flash("Thank for registration!") except validators.ValidationError as e: flash(str(e)) return redirect(url_for('signup')) db.session.add(user) db.session.commit() return redirect(url_for('login')) return render_template('signup.html', form=form)
def create_user(self): email = ask("Input login email: ") password = ask("Input password: "******"Input same password again: ") while password != valid_password: warning("password wrong, try again: ") password = ask("Input password: "******"Input same password again: ") nickname = ask("Input nickname: ") user = User.get_or_create(email=email, nickname=nickname, password=password) if user[1]: info("New user %s created." % nickname) else: info("User %s already existed." % nickname) self.current_user = user[0]
def setUp(self): application.app_context().push() application.config['TESTING'] = True application.config['WTF_CSRF_ENABLED'] = True application.config['DEBUG'] = False # using test database application.config['SQLALCHEMY_DATABASE_URI'] = TEST_DB self.client = application.test_client() db.drop_all() db.create_all() # create a testing user and testing dogs db.session.add(User('*****@*****.**', 'testing', '123456')) db.session.add(Dogs(1, "testDog1", "Male", "Adult", "http/pic")) db.session.add(Dogs(2, "testDog2", "Male", "Adult", "http/pic")) db.session.commit() user = User.query.filter_by(email='*****@*****.**').first() #login_user(user) user_id = user.id db.session.add(Favorites(1, 2)) db.session.add(Favorites(1, 1)) db.session.commit() self.assertEqual(application.debug, False)
# declaratives can be accessed through a DBSession instance Base.metadata.bind = engine DBSession = sessionmaker(bind=engine) # A DBSession() instance establishes all conversations with the database # and represents a "staging zone" for all the objects loaded into the # database session object. Any change made against the objects in the # session won't be persisted into the database until you call # session.commit(). If you're not happy about the changes, you can # revert all of them back to the last commit by calling # session.rollback() session = DBSession() # Add 1 user user1 = User(name="Oliver", email="*****@*****.**", picture="") session.add(user1) session.commit() category1 = MusicCategory(name="Rock", description="broad genre of popular music that originated as 'rock and roll' in the United " "States in the early 1950s, and developed into a range of different styles in " "the 1960s") session.add(category1) session.commit() song1 = Song(name="Chop Suey", band="System of a down", lyrics="Wake up \ Grab a brush and put a little (makeup)\
def login(provider): """Logs in the user with the given provider. Args: provider as string (currently only supports 'google') Stores the user info in the session.""" # Parse the auth code auth_code = request.data if provider == 'google': # Exchange for a token try: # Upgrade the authorization code into a credentials object oauth_flow = \ flow_from_clientsecrets(json_url, scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(auth_code) except FlowExchangeError: response = \ make_response( json.dumps('Failed to upgrade the authorization code.'), 401 ) response.headers['Content-Type'] = 'application/json' return response # Check that the access token is valid. access_token = credentials.access_token url = \ ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = \ make_response( json.dumps("Token's user ID doesn't match given user ID."), 401 ) response.headers['Content-Type'] = 'application/json' return response # # Verify that the access token is valid for this app. if result['issued_to'] != CLIENT_ID: response = \ make_response( json.dumps("Token's client ID does not match app's."), 401 ) response.headers['Content-Type'] = 'application/json' return response stored_credentials = session.get('access_token') stored_gplus_id = session.get('gplus_id') if stored_credentials is not None and gplus_id == stored_gplus_id: response = \ make_response( json.dumps('Current user is already connected.'), 200 ) response.headers['Content-Type'] = 'application/json' return response # store the credentials session['access_token'] = access_token session['gplus_id'] = gplus_id # Find User or make a new one # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() name = data['name'] picture = data['picture'] email = data['email'] # store user info session['username'] = name session['email'] = email session['picture'] = picture # see if user exists, if it doesn't make a new one user = db.session.query(User).filter_by(email=email).first() if not user: user = User(username=name, picture=picture, email=email) db.session.add(user) db.session.commit() session['user_id'] = user.id # Make token - not really using this for anything anymore (since I # couldn't figure out how to store it token = user.generate_auth_token(600) # request.headers['WWW-Authenticate'] = token # user.token = token.decode('ascii') # db.session.commit() # Send back token to the client flash('You are now logged in as ' + name, 'success') return jsonify({'token': token.decode('ascii')}) else: return 'Unrecognized Provider'
def login(provider): # STEP 1 - Parse the auth code auth_code = request.json.get('auth_code') if provider == 'google': # STEP 2 - Exchange for a token try: # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(auth_code) except FlowExchangeError: response = make_response(json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' return response # Check that the access token is valid. access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # STEP 3 - Find User or make a new one # Get user info h = httplib2.Http() userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() name = data['name'] picture = data['picture'] email = data['email'] # Si el usuario no existe, en ese momento lo registra user = session.query(User).filter_by(email=email).first() if not user: user = User() user.email = email user.name = name user.picture = picture session.add(user) session.commit() # STEP 4 - Make token token = user.generate_auth_token() # STEP 5 - Send back token to the client return jsonify({'token': token.decode('ascii')}) elif 'local': email = request.json.get('email') password = request.json.get('password') user = session.query(User).filter_by(email=email).first() if not user or not user.verify_password(password): return jsonify( error = {'code': 'InvalidUserPassword', 'message': 'Usuario y/o contraseña incorrecto'}), 401 token = user.generate_auth_token() return jsonify({'token': token.decode('ascii')}) else: return jsonify(json = {'code': 'InvalidProvider', 'message': 'Proveedor de autenticaicón incorrecto'}), 400
def get(self): u = User.all() disable = 1 template_values = {'disable': disable} path = os.path.join(os.path.dirname(__file__), 'admin/admin.html') self.response.out.write(template.render(path, template_values))
def get(self): accounttype_id = 1 u = None disable = 1 is_admin = 0 is_logged_in = 0 is_temp_account = 0 login_cookie = Cookie.BaseCookie() if users.get_current_user(): u = User.all() u.filter('username = '******'Sign out' is_logged_in = 1 else: if(int(accounttype_id) == 1): is_temp_account = 1 is_logged_in = 1 usercookie = None if 'sportablesuser' in self.request.cookies: usercookie = self.request.cookies['sportablesuser'] u = User.all() u.filter('tempusername = '******'sportablesuser'] = usercookie u.fetch(1) for g in u: for t in g.tables: disable = 0 else: randomid = uuid.uuid4() login_cookie['sportablesuser'] = randomid new_user = User(tempusername=str(randomid)) new_user.put() u = User.all() u.filter('tempusername = '******'sportablesuser']["expires"] = COOKIE_TIME url = users.create_login_url(self.request.uri) url_linktext = 'Sign in' notapp=1 if 'sportablesapp' in self.request.cookies: notapp=0 template_values = { 'userdata': u, 'url': url, 'url_linktext': url_linktext, 'disable': disable, 'administrator': is_admin, 'logged_in': is_logged_in, 'temp_account': is_temp_account, 'notapp':notapp } path = os.path.join(os.path.dirname(__file__), 'existing.html') self.response.out.write(template.render(path, template_values)) for morsel in login_cookie.values(): self.response.headers.add_header('Set-Cookie',morsel.OutputString(None))
def get(self): try: table_id = int(self.request.get('table')) except: table_id = 0 accounttype_id = 1 #once used to set temp account off a button # Set var default to indicate that user is not using the app notapp=1 # get the query string startingurl = self.request.uri param = urllib.urlencode({startingurl:1}) urlqs = startingurl.endswith('&') and (startingurl + param) or (startingurl + '&' + param) # when appversion is present set a cookie that can be picked up by all the other pages and set template var to 1 if 'appversion' in urlqs: # is the app so set the cookie to remember that print 'Set-Cookie: sportablesapp=1'; notapp=0 # check cookie again user may have returned to homepage after navigating around and lost the param from the querystring if 'sportablesapp' in self.request.cookies: notapp=0 if(table_id == 0): u = None tempu = None login_cookie = Cookie.BaseCookie() tablecount = 0 if users.get_current_user(): u = User.all() u.filter('username = '******'sportablesuser' in self.request.cookies: usercookie = self.request.cookies['sportablesuser'] tempu = User.all() tempu.filter('tempusername = '******'Sign out' else: if(int(accounttype_id) == 1): is_temp_account = 1 is_logged_in = 1 usercookie = None if 'sportablesuser' in self.request.cookies: usercookie = self.request.cookies['sportablesuser'] u = User.all() u.filter('tempusername = '******'sportablesuser'] = usercookie u.fetch(1) for g in u: for t in g.tables: tablecount += 1 else: randomid = uuid.uuid4() login_cookie['sportablesuser'] = randomid new_user = User(tempusername=str(randomid)) new_user.put() u = User.all() u.filter('tempusername = '******'sportablesuser']["expires"] = COOKIE_TIME url = users.create_login_url(self.request.uri) url_linktext = 'Sign in' #find out the languages the requesting browser accepts al=self.request.headers.get('Accept-Language') accepted_languages = helperfunctions.parse_accept_language(al) language_strings = helperfunctions.get_messages(accepted_languages) template_values = { 'tablecount': tablecount, 'url': url, 'url_linktext': url_linktext , 'notapp' : notapp, 'language_strings': language_strings } path = os.path.join(os.path.dirname(__file__), 'index.html') self.response.out.write(template.render(path, template_values)) for morsel in login_cookie.values(): self.response.headers.add_header('Set-Cookie',morsel.OutputString(None)) else: k = db.Key.from_path('Table', int(table_id)) t = db.get(k) tms = Team().all() tms.filter('table = ', k) tms.order('-points') tms.order('-goal_difference') tms.order('-goals_for') tms.order('name') rs = Result().all() rs.filter('table = ', k) is_table_owner = False usercookie = None login_cookie = Cookie.BaseCookie() #test to see a table has returned if users.get_current_user(): u = User.all() u.filter('username = '******'sportablesuser' in self.request.cookies: usercookie = self.request.cookies['sportablesuser'] login_cookie['sportablesuser'] = usercookie login_cookie['sportablesuser']["expires"] = COOKIE_TIME u = User.all() u.filter('tempusername = '******'tabledata': t, 'teamsdata': tms, 'resultsdata': rs, 'owner': is_table_owner } path = os.path.join(os.path.dirname(__file__), 'viewer.html') self.response.out.write(template.render(path, template_values)) for morsel in login_cookie.values(): self.response.headers.add_header('Set-Cookie',morsel.OutputString(None))
def post(self): #test param exists and is right type try: table_get = int(self.request.get('tbl_id')) except: table_get = 0 try: home_team = int(self.request.get('home_team')) except: home_team = 0 try: away_team = int(self.request.get('away_team')) except: away_team = 0 try: home_team_score = int(self.request.get('home_team_score')) except: home_team_score = None try: away_team_score = int(self.request.get('away_team_score')) except: away_team_score = None if (table_get == 0 or home_team == 0 or away_team == 0 or home_team_score == None or away_team_score == None): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table and teams exist k = db.Key.from_path('Table', table_get) t = db.get(k) htk = db.Key.from_path('Team', home_team) htm = db.get(htk) atk = db.Key.from_path('Team', away_team) atm = db.get(atk) if not type(t) is NoneType and not type(htm) is NoneType and not type(atm) is NoneType: for o in u: #test if user is owner and check that home and away is isn't the same team if (o.key().id() == t.user.key().id() and t.key().id() == htm.table.key().id() and t.key().id() == atm.table.key().id() and htm.key().id() != atm.key().id()): #update home team htm.games_played = htm.games_played + 1 pts = 0 if home_team_score > away_team_score: htm.games_won = htm.games_won + 1 pts = t.points_for_win elif home_team_score > 0 and (home_team_score == away_team_score): htm.games_drawn = htm.games_drawn + 1 pts = t.points_for_score_draw elif home_team_score == 0 and (home_team_score == away_team_score): htm.games_drawn = htm.games_drawn + 1 pts = t.points_for_draw else: htm.games_lost = htm.games_lost + 1 pts = t.points_for_lose htm.goals_for = htm.goals_for + home_team_score htm.goals_against = htm.goals_against + away_team_score htm.goal_difference = htm.goals_for - htm.goals_against htm.points = htm.points + int(pts) htm.put() #update away team atm.games_played = atm.games_played + 1 pts = 0 if home_team_score < away_team_score: atm.games_won = atm.games_won + 1 pts = t.points_for_win elif home_team_score > 0 and (home_team_score == away_team_score): atm.games_drawn = atm.games_drawn + 1 pts = t.points_for_score_draw elif home_team_score == 0 and (home_team_score == away_team_score): atm.games_drawn = atm.games_drawn + 1 pts = t.points_for_draw else: atm.games_lost = atm.games_lost + 1 pts = t.points_for_lose atm.goals_for = atm.goals_for + away_team_score atm.goals_against = atm.goals_against + home_team_score atm.goal_difference = atm.goals_for - atm.goals_against atm.points = atm.points + int(pts) atm.put() #add result result = Result(table=t, home_team_id=home_team, home_team_name=htm.name, home_team_score=home_team_score, away_team_id=away_team, away_team_name=atm.name, away_team_score=away_team_score, time_added=datetime.now()).put() table_id = str(t.key().id()) table_object = 'result' return_page = 'Results' object_action = 'added' object_url = 'getresults' self.redirect('/displaymessage?table_id='+ str(table_id)+'&table_object='+table_object+'&return_page='+ return_page+'&object_action='+object_action+'&object_url='+object_url) else: logging.warning("attempt to add a result to another user's table or team") self.redirect('/existingtable') else: logging.warning("attempt to add result to a table or a team that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')
def get(self): #test param exists and is right type notapp=1 if 'sportablesapp' in self.request.cookies: notapp=0 try: result_set = int(self.request.get('result_set')) except: result_set = 0 try: table_get = int(self.request.get('table_name')) except: table_get = 0 if(table_get == 0): logging.warning("param or type wrong") self.redirect('/existingtable') else: u = None if users.get_current_user() == None: if 'sportablesuser' in self.request.cookies: u = User.gql("WHERE tempusername = :1", self.request.cookies['sportablesuser']) else: u = User.gql("WHERE username = :1", users.get_current_user()) if u != None: if u.count() == 1: #test if table exists k = db.Key.from_path('Table', table_get) tb = db.get(k) if not type(tb) is NoneType: for o in u: #test if user is owner if o.key().id() == tb.user.key().id(): tms = Team().all() tms.filter('table = ', k) tms.order('-points') tms.order('-goal_difference') tms.order('-goals_for') tms.order('name') if(tms.count()<2): disable = 1 else: disable = 0 #new test part rs = Result().all() rs.filter('table = ', k) rs_away = Result().all() rs_away.filter('table = ', k) hrl = [] if int(result_set) != 0: rs.filter('home_team_id = ', result_set) rs_away.filter('away_team_id = ', result_set) for r in rs: hrl.append(int(r.key().id())) for r in rs_away: hrl.append(int(r.key().id())) rs = Result.get_by_id(hrl) rs.sort(key=lambda result: result.time_added) #new test end score_options = range(300) template_values = { 'notapp': notapp, 'tabledata': tb, 'teamsdata': tms, 'result_set_data': result_set, 'resultsdata': rs, 'disable': disable, 'score_options': score_options } path = os.path.join(os.path.dirname(__file__), 'results.html') self.response.out.write(template.render(path, template_values)) else: logging.warning("attempt to get teams from another user's table") self.redirect('/existingtable') else: logging.warning("attempt to get teams from a table that doesn't exist") self.redirect('/existingtable') else: logging.warning("user has a google or temp account but has no User entity") self.redirect('/existingtable') else: logging.warning("user has neither logged in with a google account or a set a cookie") self.redirect('/existingtable')