def init_QA():
is_student_exist = False
is_lecturer_exist = False
qa_student = User(username='******', name='Student QA', avatar_url='http://ava.com', email='*****@*****.**',
isLecturer=False, accessToken='student_token_', seToken='_QA_TOKEN_TEST_STUDENT')
qa_lecturer = User(username='******', name='Student QA', avatar_url='http://ava.com', email='*****@*****.**',
isLecturer=True, accessToken='student_token_', seToken='_QA_TOKEN_TEST_LECTURER')
query = User.all().filter('username ='******'username =', qa_lecturer.username)
for u in query.run():
is_lecturer_exist = True
u.isLecturer = qa_lecturer.isLecturer
u.seToken = qa_lecturer.seToken
u.campuses_id_list = []
u.classes_id_list = []
db.put(u)
if not is_lecturer_exist:
db.put(qa_lecturer)
if not is_student_exist:
db.put(qa_student)
return Response(status=200)
def get_new_avatar(dir, forceteam=False):
avatar = default_avatar(dir)
avatars = filter_avatars(dir)
if len(avatars) == 0:
return avatar
if dir == "team" or forceteam:
from models.Team import Team
cmplist = Team.all()
elif dir == "user":
from models.User import User
cmplist = User.all()
else:
from models.Box import Box
cmplist = Box.all()
dblist = []
for item in cmplist:
if item._avatar:
dblist.append(item._avatar)
for image in avatars:
if not image in dblist:
return image
return avatars[randint(0, len(avatars) - 1)]
def send_activation(token):
"""
<span class="card-title">This Method Will Send An Email To The User - To Confirm his Account</span>
<br>
<b>Route Parameters</b><br>
- token: 'seToken'<br>
<br>
<b>Payload</b><br>
- JSON object <i>Example</i>
<br>
<code>{email: '*****@*****.**'}</code>
<br>
<br>
<b>Response</b>
<br>
200 - Email Sent - No Response<br>
400 - Bad Request<br>
403 - Invalid Token<br>
"""
if not request.data:
return bad_request()
payload = json.loads(request.data)
if not is_user_token_valid(token):
return forbidden("Not A Valid Token!")
query = User.all()
query.filter('seToken =', token)
for u in query.run(limit=1):
try:
send_validation_email(token=token, name=u.username, email=payload["email"])
except Exception:
return bad_request()
return Response(status=200)
def get_user_by_token(token):
query = User.all()
query.filter("seToken = ", token)
for u in query.run(limit = 1):
return u
return None
def update():
"""
类似于update函数,处理在 /admin/users 下提交的表单,修改指定用户 id 的密码
"""
if session.get('user_id') == 1 or session.get('user_id') == 2:
if request.method == 'POST':
user_id = request.form.get('id')
if len(user_id) > 0:
us = User.find_by(id=int(user_id))
if us is not None:
password = request.form.get('password')
if len(password) < 3:
flash('密码长度必须大于2')
else:
us.password = salted_password(password)
us.save()
return redirect(url_for('.users'))
else:
flash('id不存在')
else:
flash('Invalid Input')
return render_template('admin_users.html', user_list=User.all())
else:
flash('Admin User Required! Here is your profile...', 'danger')
return redirect(url_for('user.profile'))
def route_admin_users(request):
u = current_user(request)
if u is not None and u.is_admin():
us = User.all()
body = templates('admin_user.html', users=us)
return http_response(body)
else:
return redirect('/login')
def users():
"""
只有 id 为 1 的用户可以访问这个页面, 其他用户访问会定向到 /login
"""
if session.get('user_id') == 1 or session.get('user_id') == 2:
return render_template('admin_users.html', user_list=User.all())
else:
flash('Admin User Required! Here is your profile...', 'danger')
return redirect(url_for('user.profile'))
def get(self, user_id=""):
""" Ignore the Backbone.js ID values, and use the session """
user = self.get_current_user()
if len(user_id) < 1:
self.write([user.to_dict() for user in User.all()])
else:
_user = User.by_id(user_id)
if _user is not None:
self.write(_user.to_manager_dict())
else:
raise ValidationError("User not found")
def get(self, uuid=None):
''' Get a specific user or all users '''
if uuid is None:
response = json.dumps([user.to_dict() for user in User.all()])
else:
user = User.by_uuid(uuid)
if user is not None:
response = user.to_dict()
else:
self.set_status(BAD_REQUEST)
response = {"error": "User not found"}
self.write(response)
def get(self, uuid=None):
''' Get a specific user or all users '''
if uuid is None:
response = json.dumps([user.to_dict() for user in User.all()])
else:
user = User.by_uuid(uuid)
if user is not None:
response = user.to_dict()
else:
self.set_status(BAD_REQUEST)
response = {"error": "User not found"}
self.write(response)
def getUserByToken(token):
"""
<span class="card-title">>This Call will return a user by a given token</span>
<br>
<b>Route Parameters</b><br>
- seToken: 'seToken'
<br>
<br>
<b>Payload</b><br>
- NONE
<br>
<br>
<b>Response</b>
<br>
200 - JSON Example:<br>
<code>
{<br>
'username': '******',<br>
'name': 'Darth Vader',<br>
'email': '[email protected],<br>
'isLecturer': 'True',<br>
'seToken': 'xxxxxx-xxxxx-xxxxx-xxxxxx',<br>
'avatar_url': 'http://location.git.com/somthing'<br>
'isFirstLogin': False,<br>
'campuses_id_list': [{<br>
'master_user_id': 111,<br>
'id': 5629499534213120,<br>
'email_ending': "@post.jce.ac.il",<br>
'avatar_url': "https://yt3.ggpht.com/--ZkWxybWGOM/AAAAAAAAAAI/AAAAAAAAAAA/_nAICC_kzzI/s88-c-k-no/photo.jpg",<br>
'title': "JCE"
}],<br>
'courses_id_list': ['a','b','c']<br>
}
</code>
<br>
403 - No User Found
"""
if token is None:
return no_content("Token Is Empty, No User Found")
query = User.all()
query.filter("seToken =", token)
for u in query.run(limit=5):
for index, c in enumerate(u.campuses_id_list):
c = json.loads(Campus.get_by_id(int(c)).to_JSON())
u.campuses_id_list[index] = c
return Response(response=u.to_JSON(),
status=200,
mimetype="application/json") # Real response!
return no_content("No User Found")
def post(self):
arg_username = self.request.get('username')
arg_password = self.request.get('password')
hashed_pass = hash_password(arg_password)
existing_user = User.all().filter('username = '******'exists':True
}
return self.response.out.write(render_template('signup.html', context))
def route_register(request):
if request.method == 'POST':
form = request.form()
u = User.new(form)
if u.valid_register():
u.save()
result = '注册成功<br> <pre>{}</pre>'.format(User.all())
else:
result = '用户名或密码长度必须大于2'
print(type(result))
else:
result = ''
body = templates('register.html', result=result)
return http_response(body)
def existing_avatars(dir):
avatars = []
if dir == "team":
from models.Team import Team
teams = Team.all()
for team in teams:
if team.avatar is not None and len(team.members) > 0:
avatars.append(team.avatar)
else:
from models.User import User
users = User.all()
for user in users:
if user.avatar is not None:
avatars.append(user.avatar)
return avatars
def existing_avatars(dir):
avatars = []
if dir == "team":
from models.Team import Team
teams = Team.all()
for team in teams:
if team.avatar is not None and len(team.members) > 0:
avatars.append(team.avatar)
else:
from models.User import User
users = User.all()
for user in users:
if user.avatar is not None:
avatars.append(user.avatar)
return avatars
def route_register(request):
header = 'HTTP/1.1 210 F**K OK\r\nContent-Type: text/html\r\n'
if request.method == 'POST':
form = request.form()
u = User.new(form)
if u.valid_register():
u.save()
result = '注册成功<br> <pre>{}</pre>'.format(User.all())
else:
result = '用户名或密码长度必须大于2'
print(type(result))
else:
result = ''
body = templates('register.html')
body = body.replace('{{result}}', result)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def get(self):
arg_method = self.request.get('method')
user = get_current_user()
if user:
grab_collections(user)
templ_vars = {'user': user}
if not arg_method:
return self.response.out.write(
render_template('root.html', templ_vars))
if arg_method == 'delete':
arg_what = self.request.get('what')
if not arg_what:
return self.request.out.write('no what specified.')
if arg_what == 'users':
all_users = User.all()
for user in all_users:
user.delete()
return self.redirect('/')
if arg_what == 'collections':
all_colls = MovieCollection.all()
for col in all_colls:
col.delete()
return self.redirect('/')
if arg_what == 'movies':
movies = Movie.all()
for movie in movies:
movie.delete()
return self.redirect('/')
if arg_what == 'user_session':
get_current_session().terminate()
return self.redirect('/')
return self.response.out.write(' no valid what')
return self.response.out.write(' no valid method')
def get(self):
#为用户添加头像
# user = self.db.query(User).filter(User.id==1).first()
# user.avatar = open("static/images/avatar11.jpg", "rb").read()
# self.db.add(user)
# self.db.commit()
# user = self.db.query(User1).filter(User1.id == 2).first()
# user.avatar = open("static/images/headpictrue.jpg", "rb").read()
# self.db.add(user)
# self.db.commit()
user = self.db.query(User).filter(User.id == 1).first()
user.avatar = open("static/images/headpictrue.jpg", "rb").read()
self.db.add(user)
self.db.commit()
print('-' * 80)
users = User.all()
self.render(u"sqlalchemy.html",
currentuser=self.current_user,
users=users
)
def get(self):
arg_method = self.request.get('method')
user = get_current_user()
if user:
grab_collections(user)
templ_vars = { 'user':user }
if not arg_method:
return self.response.out.write(render_template('root.html', templ_vars))
if arg_method == 'delete':
arg_what = self.request.get('what')
if not arg_what:
return self.request.out.write('no what specified.')
if arg_what == 'users':
all_users = User.all()
for user in all_users:
user.delete()
return self.redirect('/')
if arg_what == 'collections':
all_colls = MovieCollection.all()
for col in all_colls:
col.delete()
return self.redirect('/')
if arg_what == 'movies':
movies = Movie.all()
for movie in movies:
movie.delete()
return self.redirect('/')
if arg_what == 'user_session':
get_current_session().terminate()
return self.redirect('/')
return self.response.out.write(' no valid what')
return self.response.out.write(' no valid method')
def get_new_avatar(dir, forceteam=False):
avatar = default_avatar(dir)
avatars = filter_avatars(dir)
if len(avatars) == 0:
return avatar
if dir == 'team' or forceteam:
from models.Team import Team
cmplist = Team.all()
elif dir == 'user':
from models.User import User
cmplist = User.all()
else:
from models.Box import Box
cmplist = Box.all()
dblist = []
for item in cmplist:
if item._avatar:
dblist.append(item._avatar)
for image in avatars:
if not image in dblist:
return image
return avatars[randint(0, len(avatars)-1)]
def oauth(oauth_token):
if oauth_token is None:
return render_template("index.html", messages={'error': 'OAuth Fail'})
try:
response = requests.get("https://api.github.com/user?access_token=" + oauth_token)
user_data = json.loads(response.content)
response = requests.get("https://api.github.com/user/emails?access_token=" + oauth_token)
userEmails = json.loads(response.content)
except Exception:
return "<h1>Max Retries connection To Github</h1><p>github has aborted connection due to to many retries. you need to wait</p>"
resault = User.all()
resault.filter("username ="******"login"]))
print user_data["login"]
for u in resault.run():
print "Exists!!!"
u.seToken = str(uuid.uuid4())
u.accessToken = oauth_token
u.put()
return cookieMonster(u.seToken)
tempName = ";"
if 'email' in user_data:
if user_data["email"] == "":
for email in userEmails:
if email["primary"] and email["verified"]:
tempEmail = email["email"]
else:
tempEmail = user_data["email"]
user = User(username=user_data["login"], name=tempName, avatar_url=user_data["avatar_url"], email=tempEmail, isLecturer=False, accessToken=oauth_token, seToken=str(uuid.uuid4()))
db.put(user)
db.save
return cookieMonster(user.seToken)