def post(self):
"""This post is for priming/prefetching,
not actually delivering the widget
"""
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
widget_type = self.request.get('widget')
logdiction = {'event':'prefetchwidget',
'api':'get_widget',
'user':user_id,
'is_api':'yes',
'ip':self.request.remote_addr,
'account':account_id,
'widget':widget_type,
'success':'true'}
if widget_type not in constants.VALID_WIDGETS:
logdiction['success'] = 'false'
logdiction['details'] = "Using an invalid widget name"
logs.create(logdiction)
self.response.out.write(bad_args())
return
# Get the account
acc_ref = accounts_dao.authorize_api(account_id, api_key)
if not acc_ref:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
if not user_id and widget_type in constants.WIDGETS_THAT_DONT_NEED_A_USER:
user_id = constants.ANONYMOUS_USER
if not user_id:
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
self.response.out.write(bad_args())
return
user_ref = None
if user_id:
user_ref = users_dao.get_user_with_key(user_id)
if not user_ref and user_id == constants.ANONYMOUS_USER:
users_dao.create_new_user(account_id, constants.ANONYMOUS_USER)
#acc_ref = users_dao.get_account_from_user(user_ref)
# TODO Need to measure if there is an actual gain from this prefetching
# or if it's causing unnecessary contention
values = getattr(self, widget_type + "_values")(user_ref, acc_ref, 500, 300)
logs.create(logdiction)
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
user_key = users_dao.get_user_key(account_id, user_id)
acc = accounts_dao.authorize_api(account_id, api_key)
logdiction = {'event':'getuserdata',
'api': 'get_user_data',
'is_api':'yes',
'user':user_id,
'account':account_id,
'success':'true',
'ip':self.request.remote_addr}
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
user_ref = users_dao.get_user(account_id, user_id)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = user_error()
logs.create(logdiction)
error("User for account %s, %s not found"%(account_id, user_id))
self.response.out.write(user_error())
return
badges = badges_dao.get_user_badges(user_ref)
badge_keys = []
# get the badge image link
for b in badges:
if b.awarded == "yes":
bid = badges_dao.get_badge_id_from_instance_key(b.key().name())
badge_keys.append(bid)
ret = {"status":"success",
"user_id":user_ref.userid,
"is_enabled":user_ref.isEnabled,
"creation_date":str(user_ref.creationDate),
"points":user_ref.points,
"profile_name": user_ref.profileName,
"profile_link": user_ref.profileLink,
"profile_img": user_ref.profileImg,
"badges": badge_keys}
logs.create(logdiction)
self.response.out.write(json.dumps(ret))
timing(start)
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
badge_ref_id = self.request.get('badgeid')
logdiction = {'event':'removebadge',
'api':'remove_badge',
'badgeid':badge_ref_id,
'is_api':'yes',
'ip':self.request.remote_addr,
'user':user_id,
'account':account_id,
'success':'true'}
# Get the account
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
if not user_id or not badge_ref_id:
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
self.response.out.write(bad_args())
return
badge_key = badges_dao.get_key_from_badge_id(account_id, badge_ref_id)
if not badge_key:
logdiction['success'] = 'false'
logdiction['details'] = badge_error()
logs.create(logdiction)
self.response.out.write(badge_error())
return
# Get the user
user_ref = users_dao.get_or_create_user(account_id, user_id, acc)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
return
badge_instance_key = badges_dao.get_badge_instance_key(badge_key, user_id)
# Get the Badge Type (used as a reference for the instances)
badge_ref = badges_dao.get_badge(badge_key)
if not badge_ref:
logdiction['success'] = 'false'
logdiction['details'] = badge_error()
logs.create(logdiction)
self.response.out.write(badge_error())
return
try:
new_badge_instance = badges_dao.delete_badge_instance(badge_instance_key)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
badge_ref_id = self.request.get('badgeid')
reason = self.request.get('reason')
clean = XssCleaner()
reason = clean.strip(reason)
logdiction = {'event':'awardbadge',
'api':'award_badge',
'badgeid':badge_ref_id,
'is_api':'yes',
'ip':self.request.remote_addr,
'user':user_id,
'account':account_id,
'success':'true'}
# Get the account
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
if not user_id or not badge_ref_id:
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
self.response.out.write(bad_args())
error("User id or badge id was not given")
return
# Make sure we have a legit badge before getting/creating a user
badge_key = badges_dao.get_key_from_badge_id(account_id, badge_ref_id)
if not badge_key:
logdiction['success'] = 'false'
logdiction['details'] = badge_error()
logs.create(logdiction)
self.response.out.write(badge_error())
return
# Get the user
user_ref = users_dao.get_or_create_user(account_id, user_id, acc)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
return
badge_instance_key = badges_dao.get_badge_instance_key(badge_key, user_id)
# If the user already has it, skip the award
badge_ref = badges_dao.get_badge_instance(badge_instance_key)
if badge_ref:
if badge_ref.awarded == "yes":
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
# Get the Badge Type (used as a reference for the instances)
badge_ref = badges_dao.get_badge(badge_key)
if not badge_ref:
self.response.out.write(badge_error())
return
if not reason:
reason = badge_ref.description
link = badge_ref.downloadLink
new_badge_instance = badges_dao.create_badge_instance(
badge_instance_key,
badge_ref,
user_ref,
"yes", #isawarded
0, #points
0, #points_needed
"private",
link,
reason)
name = badges_dao.get_badge_name_from_instance_key(badge_instance_key)
notifier.user_badge_award(user_ref, "Badge Awarded", link, reason, acc, badge_ref_id)
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
badge_ref_id = self.request.get('badgeid')
how_to_get_badge = self.request.get('how')
points = self.request.get('pointsawarded')
points_needed = self.request.get('pointsrequired')
reason = self.request.get('reason')
logdiction = {'event':'awardbadgepoints',
'api':'award_badge_points',
'user':user_id,
'is_api':'yes',
'ip':self.request.remote_addr,
'account':account_id,
'badgeid':badge_ref_id,
'points':points,
'success':'true'}
try:
points = int(points)
points_needed = int(points_needed)
except:
logdiction['success'] = 'false'
logdiction['details'] = "The number of points was not a number"
logs.create(logdiction)
self.response.out.write(bad_args())
error("Account %s -- Bad value for points awarded \
%s or points needed %s"\
%(account_id, points, points_needed ))
return
if not reason:
reason = ""
# Get the account
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
# Get the Badge Type (used as a reference for the instances)
# Do this before getting/creating user
badge_key = badges_dao.get_key_from_badge_id(account_id, badge_ref_id)
if not badge_key:
logdiction['success'] = 'false'
logdiction['details'] = badge_error()
logs.create(logdiction)
self.response.out.write(badge_error())
error("Badge not found with key %s"%badge_ref_id)
return
# Get the user, create if it does not exist
user_ref = users_dao.get_or_create_user(account_id, user_id, acc)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
return
badge_ref = badges_dao.get_badge(badge_key)
if not badge_ref:
logdiction['success'] = 'false'
logdiction['details'] = badge_error()
logs.create(logdiction)
ret = badge_error()
self.response.out.write(ret)
return
badge_instance_key = badges_dao.get_badge_instance_key(badge_key, user_id)
badge_instance_ref = badges_dao.get_badge_instance(badge_instance_key)
if not reason:
reason = badge_ref.description
link = badge_ref.downloadLink
if not badge_instance_ref:
# Create a new badge with 0 points
isawarded = "no"
if points >= points_needed:
isawarded = "yes"
perm = badges_dao.get_badge_key_permission(badge_ref_id)
new_badge_instance = badges_dao.create_badge_instance(
badge_instance_key,
badge_ref,
user_ref,
isawarded,
points,
points_needed,
perm,
link,
reason)
if isawarded == "yes":
notifier.user_badge_award(user_ref, "Badge Awarded", link, reason, acc, badge_ref_id)
logdiction['event'] = 'badgeawarded'
else:
isawarded = "no"
points_thus_far = badge_instance_ref.pointsEarned
if points:
points_thus_far += points
incr_args = {"pointsEarned":points}
reg_args = {}
# Update the following if its changed
if badge_instance_ref.pointsRequired != points_needed:
reg_args["pointsRequired"] = points_needed
if badge_instance_ref.pointsEarned < points_needed and \
points_thus_far >= points_needed:
notifier.user_badge_award(user_ref, "Badge Awarded", link, reason, acc, badge_ref_id)
logdiction['event'] = 'badgeawarded'
if points_thus_far >= points_needed:
reg_args["awarded"] = "yes"
try:
ret = badges_dao.update_badge_instance(badge_instance_key,
reg_args, incr_args)
if not ret:
raise
except:
error("Unable to update badge instance with key %s"%\
badge_instance_key)
self.response.out.write(db_error())
return
logs.create(logdiction)
ret = {"status":"success",
"badge_awarded":isawarded}
self.response.out.write(json.dumps(ret))
timing(start)
return
def post(self):
start = time.time()
clean = XssCleaner()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
new_user_id = self.request.get('userid')
# Anything that can possibly be rended should be cleaned
profile_link = self.request.get('profile_link')
# We can't clean it because it will not render if embedded into a site
# Be wary of doing any queries with this data
#profile_link = clean.strip(profile_link)
profile_img = self.request.get('profile_img')
#profile_img = clean.strip(profile_img)
profile_name = self.request.get('profile_name')
profile_name = clean.strip(profile_name)
logdiction = {'event':'loginuser',
'api': 'update_user',
'is_api':'yes',
'ip':self.request.remote_addr,
'user':new_user_id,
'account':account_id,
'success':'true'}
if not account_id or not new_user_id or not api_key:
self.response.out.write(bad_args())
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
return
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
self.response.out.write(auth_error())
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
return
# Create a new user
user_key = users_dao.get_user_key(account_id, new_user_id)
#Update
user_ref = users_dao.get_user_with_key(user_key)
if user_ref:
dict = {}
update = False
if profile_link and profile_link != user_ref.profileLink:
dict["profileLink"] = profile_link
update = True
if profile_img and profile_img != user_ref.profileImg:
dict["profileImg"] = profile_img
update = True
if profile_name and profile_name != user_ref.profileName:
dict["profileName"] = profile_name
update = True
if update:
logdiction['event'] = 'updateuser'
try:
users_dao.update_user(user_key, dict, None)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Error updating user with id %s"%new_user_id)
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
if not profile_img:
profile_img = constants.IMAGE_PARAMS.USER_AVATAR
new_user = Users(key_name=user_key,
userid=new_user_id,
isEnabled="yes",
accountRef=acc,
profileName=profile_name,
profileLink=profile_link,
profileImg=profile_img)
logdiction['event'] = 'createuser'
try:
users_dao.save_user(new_user, user_key)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Error getting user with key %s"%key)
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
badge_name = self.request.get('name')
theme = self.request.get('theme')
description = self.request.get('description')
imagelink = self.request.get('imagelink')
acc = accounts_dao.authorize_api(account_id, api_key)
logdiction = {'event':'createbadge',
'ip':self.request.remote_addr,
'is_api':'yes',
'api':'createbadge',
'account':account_id,
'success':'true'}
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
if not imagelink or not badge_name or not theme or not description:
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
self.response.out.write(bad_args())
return
badge_key = badges_dao.create_badge_key(account_id, theme, badge_name, "private")
logdiction['details'] = badge_key + " " + imagelink
result = ""
try:
result = urlfetch.fetch(url=imagelink)
except:
error("Unable to download badge")
self.response.out.write(bad_args())
return
imgbuf = result.content
if len(imgbuf) == 0:
error("One of the downloads did not work! url:%s"%newbadge)
self.response.out.write(bad_args())
return
def get_file_ext(filename):
ii = filename.rfind(".")
if ii == -1:
return "png"
else:
return filename[ii + 1:]
file_name = files.blobstore.create(mime_type='image/'+ get_file_ext(imagelink))
with files.open(file_name, 'a') as f:
f.write(imgbuf)
files.finalize(file_name)
blob_key = files.blobstore.get_blob_key(file_name)
blob_info = blobstore.BlobInfo.get(blob_key)
badges_dao.create_badge_type(badge_key,
badge_name,
description,
acc,
theme,
get_file_ext(imagelink),
blob_info=blob_info)
self.response.out.write(success_ret())
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
newpoints = self.request.get('pointsawarded')
reason = self.request.get('reason')
logdiction = {'event':'awardpoints',
'api':'award_points',
'points':newpoints,
'is_api':'yes',
'ip':self.request.remote_addr,
'user':user_id,
'account':account_id,
'success':'true'}
clean = XssCleaner()
if reason:
reason = clean.strip(reason)
else:
reason = ""
# Get the account
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
try:
newpoints = int(newpoints)
except:
logdiction['success'] = 'false'
logdiction['details'] = "Points given was not a number"
logs.create(logdiction)
self.response.out.write(bad_args())
error("Points given was not an integer")
return
# Create the user if it doesnt exist
user_ref = users_dao.get_or_create_user(account_id, user_id, acc)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
return
incrArgs = {"points":newpoints}
user_key = users_dao.get_user_key(account_id, user_id)
dbret = users_dao.update_user(user_key, None, incrArgs)
if not dbret:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Unable to update points field account %s, user %s, key: %s"%\
(account_id,user_id, user_key))
return
if not reason:
try:
reason = acc.notifierWidget.title
except:
reason = "Points Awarded"
notifier.user_points(user_ref, newpoints, reason, acc)
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
