Esempio n. 1
0
  def post(self):
    isLocal = os.environ['SERVER_SOFTWARE'].startswith('Dev')
    if not isLocal:
      return
    api_key = self.request.get('apikey')
    account_id = self.request.get('accountid')
    badge_id = self.request.get('badgeid')
    badge_theme = self.request.get('theme')
    user_id = self.request.get('user')
    if not badge_theme or not badge_id or not account_id or not api_key:
      ret = bad_args()
      self.response.out.write(ret)
      return

    user_key = users_dao.get_user_key(account_id, user_id)
    user_ref = users_dao.get_user(account_id, user_id)
    if user_ref:
      badge_instances = badges_dao.get_user_badges(user_ref)
      for b in badge_instances:
        badges_dao.delete_badge_instance(b.key().name())
      users_dao.delete_user(user_key)

    trophy_case_widget = TrophyCase(key_name=account_id)
    points_widget = Points(key_name=account_id)
    rank_widget = Rank(key_name=account_id)
    notifier_widget = Notifier(key_name=account_id)
    leader_widget = Leaderboard(key_name=account_id)
    milestones_widget = Milestones(key_name=account_id)
    acc = Accounts(key_name=account_id,
                   email=account_id,
                   password="******",
                   isEnabled=constants.ACCOUNT_STATUS.ENABLED, 
                   accountType="admin",
                   paymentType="free",
                   cookieKey="xxxxxxxxx", 
                   apiKey=api_key, 
                   trophyWidget=trophy_case_widget,
                   pointsWidget=points_widget,
                   rankWidget=rank_widget,
                   leaderWidget=leader_widget,
                   milestoneWidget=milestones_widget)

     # delete ten badges
    for ii in range(0,10):
      badgeKey = badges_dao.create_badge_key(account_id, badge_theme, str(ii), "private")
      badges_dao.delete_badge_image(badgeKey)
      badges_dao.delete_badge(badgeKey)

    widgets_dao.delete_widget(account_id, "TrophyCase")
    widgets_dao.delete_widget(account_id, "Points")
    widgets_dao.delete_widget(account_id, "Rank")
    widgets_dao.delete_widget(account_id, "Leaderboard")
    widgets_dao.delete_widget(account_id, "Notifier")
    widgets_dao.delete_widget(account_id, "Milestones")
    accounts_dao.delete_account(account_id)
    self.response.out.write(success_ret())
    return
Esempio n. 2
0
  def post(self):
    start = time.time()
    api_key = self.request.get('apikey')
    account_id = self.request.get('accountid')
    user_id = self.request.get('userid')
    user_key = users_dao.get_user_key(account_id, user_id)
    acc = accounts_dao.authorize_api(account_id, api_key)

    logdiction = {'event':'getuserdata', 
                  'api': 'get_user_data',
                  'is_api':'yes',
                  'user':user_id,
                  'account':account_id,
                  'success':'true',
                  'ip':self.request.remote_addr}
    if not acc:
      logdiction['success'] = 'false'
      logdiction['details'] = auth_error()
      logs.create(logdiction)
      self.response.out.write(auth_error())
      return 

    user_ref = users_dao.get_user(account_id, user_id)
    if not user_ref:
      logdiction['success'] = 'false'
      logdiction['details'] = user_error()
      logs.create(logdiction)
      error("User for account %s, %s not found"%(account_id, user_id))
      self.response.out.write(user_error())
      return 

    badges = badges_dao.get_user_badges(user_ref)
    badge_keys = []

    # get the badge image link
    for b in badges:
      if b.awarded == "yes":
        bid = badges_dao.get_badge_id_from_instance_key(b.key().name())
        badge_keys.append(bid)
    ret = {"status":"success",
           "user_id":user_ref.userid,
           "is_enabled":user_ref.isEnabled,
           "creation_date":str(user_ref.creationDate),
           "points":user_ref.points,
           "profile_name": user_ref.profileName,
           "profile_link": user_ref.profileLink,
           "profile_img": user_ref.profileImg,
           "badges": badge_keys}
    logs.create(logdiction)
    self.response.out.write(json.dumps(ret)) 
    timing(start) 
Esempio n. 3
0
  def post(self):
    current_session = Session().get_current_session(self)
    account_entity = current_session.get_account_entity()
    email = account_entity.email
    new_user_id = self.request.get("id")
    if new_user_id == constants.ANONYMOUS_USER:
      self.redirect('/adminconsole/users?error=NoUserID')
      return 
    profile_name = self.request.get("name")
    profile_link = self.request.get("profile")
    profile_img = self.request.get("image")
    user_key = users_dao.get_user_key(email, new_user_id)
 
    new_user = Users(key_name=user_key,
                     userid=new_user_id,
                     isEnabled="yes",
                     accountRef=account_entity,
                     profileName=profile_name,
                     profileLink=profile_link,
                     profileImg=profile_img)
    users_dao.save_user(new_user, user_key)
    self.redirect('/adminconsole/users')
Esempio n. 4
0
    def post(self):
        current_session = Session().get_current_session(self)
        account_entity = current_session.get_account_entity()
        email = account_entity.email
        new_user_id = self.request.get("id")
        if new_user_id == constants.ANONYMOUS_USER:
            self.redirect('/adminconsole/users?error=NoUserID')
            return
        profile_name = self.request.get("name")
        profile_link = self.request.get("profile")
        profile_img = self.request.get("image")
        user_key = users_dao.get_user_key(email, new_user_id)

        new_user = Users(key_name=user_key,
                         userid=new_user_id,
                         isEnabled="yes",
                         accountRef=account_entity,
                         profileName=profile_name,
                         profileLink=profile_link,
                         profileImg=profile_img)
        users_dao.save_user(new_user, user_key)
        self.redirect('/adminconsole/users')
Esempio n. 5
0
  def post(self):
    start = time.time()
    clean = XssCleaner()
    api_key = self.request.get('apikey')
    account_id = self.request.get('accountid')
    new_user_id = self.request.get('userid')
    # Anything that can possibly be rended should be cleaned 
    profile_link = self.request.get('profile_link')
  
    # We can't clean it because it will not render if embedded into a site
    # Be wary of doing any queries with this data
    #profile_link = clean.strip(profile_link)
    profile_img = self.request.get('profile_img') 
    #profile_img = clean.strip(profile_img)
    profile_name = self.request.get('profile_name')
    profile_name = clean.strip(profile_name)
    logdiction = {'event':'loginuser', 
                  'api': 'update_user',
                  'is_api':'yes',
                  'ip':self.request.remote_addr,
                  'user':new_user_id,
                  'account':account_id,
                  'success':'true'}
    if not account_id or not new_user_id or not api_key:
      self.response.out.write(bad_args())
      logdiction['success'] = 'false'
      logdiction['details'] = bad_args()
      logs.create(logdiction)
      return

    acc = accounts_dao.authorize_api(account_id, api_key)
    if not acc:
      self.response.out.write(auth_error())
      logdiction['success'] = 'false'
      logdiction['details'] = auth_error()
      logs.create(logdiction)
      return 

    # Create a new user
    user_key = users_dao.get_user_key(account_id, new_user_id)

    #Update
    user_ref = users_dao.get_user_with_key(user_key)
    if user_ref:
      dict = {}
      update = False
      if profile_link and profile_link != user_ref.profileLink: 
        dict["profileLink"] = profile_link
        update = True
      if profile_img and profile_img != user_ref.profileImg: 
        dict["profileImg"] = profile_img
        update = True
      if profile_name and profile_name != user_ref.profileName: 
        dict["profileName"] = profile_name
        update = True
      if update: 
        logdiction['event'] = 'updateuser'
        try:
          users_dao.update_user(user_key, dict, None)
        except:
          logdiction['success'] = 'false'
          logdiction['details'] = db_error()
          logs.create(logdiction)
          self.response.out.write(db_error())
          error("Error updating user with id %s"%new_user_id)
          return  

      logs.create(logdiction)

      self.response.out.write(success_ret())
      timing(start)
      return  

    if not profile_img:   
      profile_img = constants.IMAGE_PARAMS.USER_AVATAR

    new_user = Users(key_name=user_key,
                     userid=new_user_id,
                     isEnabled="yes",
                     accountRef=acc,
                     profileName=profile_name,
                     profileLink=profile_link,
                     profileImg=profile_img)
    logdiction['event'] = 'createuser'
    try:
      users_dao.save_user(new_user, user_key)
    except:
      logdiction['success'] = 'false'
      logdiction['details'] = db_error()
      logs.create(logdiction)
      self.response.out.write(db_error())
      error("Error getting user with key %s"%key)
      return  

    logs.create(logdiction)
    self.response.out.write(success_ret())
    timing(start)
    return 
Esempio n. 6
0
  def post(self):
    start = time.time()
    api_key = self.request.get('apikey')
    account_id = self.request.get('accountid')
    user_id = self.request.get('userid')
    newpoints = self.request.get('pointsawarded')
    reason = self.request.get('reason')
    logdiction = {'event':'awardpoints', 
                  'api':'award_points',
                  'points':newpoints,
                  'is_api':'yes',
                  'ip':self.request.remote_addr,
                  'user':user_id,
                  'account':account_id,
                  'success':'true'}

    clean = XssCleaner()
    if reason:
      reason = clean.strip(reason)
    else:
      reason = ""

    # Get the account 
    acc = accounts_dao.authorize_api(account_id, api_key)
    if not acc:
      logdiction['success'] = 'false'
      logdiction['details'] = auth_error()
      logs.create(logdiction)
      self.response.out.write(auth_error())
      return 

    try:
      newpoints = int(newpoints)
    except:
      logdiction['success'] = 'false'
      logdiction['details'] = "Points given was not a number"
      logs.create(logdiction)
      self.response.out.write(bad_args())
      error("Points given was not an integer")
      return  

    # Create the user if it doesnt exist
    user_ref = users_dao.get_or_create_user(account_id, user_id, acc)
    if not user_ref:
      logdiction['success'] = 'false'
      logdiction['details'] = db_error()
      logs.create(logdiction)
      self.response.out.write(db_error())
      return 

    incrArgs = {"points":newpoints}
    user_key = users_dao.get_user_key(account_id, user_id)
    dbret = users_dao.update_user(user_key, None, incrArgs)
    if not dbret:
      logdiction['success'] = 'false'
      logdiction['details'] = db_error()
      logs.create(logdiction)
      self.response.out.write(db_error())
      error("Unable to update points field account %s, user %s, key: %s"%\
            (account_id,user_id, user_key))
      return  
    if not reason:
      try:
        reason = acc.notifierWidget.title
      except:
        reason = "Points Awarded"
    notifier.user_points(user_ref, newpoints, reason, acc)
      
    logs.create(logdiction)
    self.response.out.write(success_ret())
    timing(start)
    return