def post(self):
isLocal = os.environ['SERVER_SOFTWARE'].startswith('Dev')
if not isLocal:
return
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
badge_id = self.request.get('badgeid')
badge_theme = self.request.get('theme')
user_id = self.request.get('user')
if not badge_theme or not badge_id or not account_id or not api_key:
ret = bad_args()
self.response.out.write(ret)
return
user_key = users_dao.get_user_key(account_id, user_id)
user_ref = users_dao.get_user(account_id, user_id)
if user_ref:
badge_instances = badges_dao.get_user_badges(user_ref)
for b in badge_instances:
badges_dao.delete_badge_instance(b.key().name())
users_dao.delete_user(user_key)
trophy_case_widget = TrophyCase(key_name=account_id)
points_widget = Points(key_name=account_id)
rank_widget = Rank(key_name=account_id)
notifier_widget = Notifier(key_name=account_id)
leader_widget = Leaderboard(key_name=account_id)
milestones_widget = Milestones(key_name=account_id)
acc = Accounts(key_name=account_id,
email=account_id,
password="******",
isEnabled=constants.ACCOUNT_STATUS.ENABLED,
accountType="admin",
paymentType="free",
cookieKey="xxxxxxxxx",
apiKey=api_key,
trophyWidget=trophy_case_widget,
pointsWidget=points_widget,
rankWidget=rank_widget,
leaderWidget=leader_widget,
milestoneWidget=milestones_widget)
# delete ten badges
for ii in range(0,10):
badgeKey = badges_dao.create_badge_key(account_id, badge_theme, str(ii), "private")
badges_dao.delete_badge_image(badgeKey)
badges_dao.delete_badge(badgeKey)
widgets_dao.delete_widget(account_id, "TrophyCase")
widgets_dao.delete_widget(account_id, "Points")
widgets_dao.delete_widget(account_id, "Rank")
widgets_dao.delete_widget(account_id, "Leaderboard")
widgets_dao.delete_widget(account_id, "Notifier")
widgets_dao.delete_widget(account_id, "Milestones")
accounts_dao.delete_account(account_id)
self.response.out.write(success_ret())
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
user_key = users_dao.get_user_key(account_id, user_id)
acc = accounts_dao.authorize_api(account_id, api_key)
logdiction = {'event':'getuserdata',
'api': 'get_user_data',
'is_api':'yes',
'user':user_id,
'account':account_id,
'success':'true',
'ip':self.request.remote_addr}
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
user_ref = users_dao.get_user(account_id, user_id)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = user_error()
logs.create(logdiction)
error("User for account %s, %s not found"%(account_id, user_id))
self.response.out.write(user_error())
return
badges = badges_dao.get_user_badges(user_ref)
badge_keys = []
# get the badge image link
for b in badges:
if b.awarded == "yes":
bid = badges_dao.get_badge_id_from_instance_key(b.key().name())
badge_keys.append(bid)
ret = {"status":"success",
"user_id":user_ref.userid,
"is_enabled":user_ref.isEnabled,
"creation_date":str(user_ref.creationDate),
"points":user_ref.points,
"profile_name": user_ref.profileName,
"profile_link": user_ref.profileLink,
"profile_img": user_ref.profileImg,
"badges": badge_keys}
logs.create(logdiction)
self.response.out.write(json.dumps(ret))
timing(start)
def post(self):
current_session = Session().get_current_session(self)
account_entity = current_session.get_account_entity()
email = account_entity.email
new_user_id = self.request.get("id")
if new_user_id == constants.ANONYMOUS_USER:
self.redirect('/adminconsole/users?error=NoUserID')
return
profile_name = self.request.get("name")
profile_link = self.request.get("profile")
profile_img = self.request.get("image")
user_key = users_dao.get_user_key(email, new_user_id)
new_user = Users(key_name=user_key,
userid=new_user_id,
isEnabled="yes",
accountRef=account_entity,
profileName=profile_name,
profileLink=profile_link,
profileImg=profile_img)
users_dao.save_user(new_user, user_key)
self.redirect('/adminconsole/users')
def post(self):
current_session = Session().get_current_session(self)
account_entity = current_session.get_account_entity()
email = account_entity.email
new_user_id = self.request.get("id")
if new_user_id == constants.ANONYMOUS_USER:
self.redirect('/adminconsole/users?error=NoUserID')
return
profile_name = self.request.get("name")
profile_link = self.request.get("profile")
profile_img = self.request.get("image")
user_key = users_dao.get_user_key(email, new_user_id)
new_user = Users(key_name=user_key,
userid=new_user_id,
isEnabled="yes",
accountRef=account_entity,
profileName=profile_name,
profileLink=profile_link,
profileImg=profile_img)
users_dao.save_user(new_user, user_key)
self.redirect('/adminconsole/users')
def post(self):
start = time.time()
clean = XssCleaner()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
new_user_id = self.request.get('userid')
# Anything that can possibly be rended should be cleaned
profile_link = self.request.get('profile_link')
# We can't clean it because it will not render if embedded into a site
# Be wary of doing any queries with this data
#profile_link = clean.strip(profile_link)
profile_img = self.request.get('profile_img')
#profile_img = clean.strip(profile_img)
profile_name = self.request.get('profile_name')
profile_name = clean.strip(profile_name)
logdiction = {'event':'loginuser',
'api': 'update_user',
'is_api':'yes',
'ip':self.request.remote_addr,
'user':new_user_id,
'account':account_id,
'success':'true'}
if not account_id or not new_user_id or not api_key:
self.response.out.write(bad_args())
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
return
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
self.response.out.write(auth_error())
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
return
# Create a new user
user_key = users_dao.get_user_key(account_id, new_user_id)
#Update
user_ref = users_dao.get_user_with_key(user_key)
if user_ref:
dict = {}
update = False
if profile_link and profile_link != user_ref.profileLink:
dict["profileLink"] = profile_link
update = True
if profile_img and profile_img != user_ref.profileImg:
dict["profileImg"] = profile_img
update = True
if profile_name and profile_name != user_ref.profileName:
dict["profileName"] = profile_name
update = True
if update:
logdiction['event'] = 'updateuser'
try:
users_dao.update_user(user_key, dict, None)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Error updating user with id %s"%new_user_id)
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
if not profile_img:
profile_img = constants.IMAGE_PARAMS.USER_AVATAR
new_user = Users(key_name=user_key,
userid=new_user_id,
isEnabled="yes",
accountRef=acc,
profileName=profile_name,
profileLink=profile_link,
profileImg=profile_img)
logdiction['event'] = 'createuser'
try:
users_dao.save_user(new_user, user_key)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Error getting user with key %s"%key)
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
def post(self):
start = time.time()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
user_id = self.request.get('userid')
newpoints = self.request.get('pointsawarded')
reason = self.request.get('reason')
logdiction = {'event':'awardpoints',
'api':'award_points',
'points':newpoints,
'is_api':'yes',
'ip':self.request.remote_addr,
'user':user_id,
'account':account_id,
'success':'true'}
clean = XssCleaner()
if reason:
reason = clean.strip(reason)
else:
reason = ""
# Get the account
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
self.response.out.write(auth_error())
return
try:
newpoints = int(newpoints)
except:
logdiction['success'] = 'false'
logdiction['details'] = "Points given was not a number"
logs.create(logdiction)
self.response.out.write(bad_args())
error("Points given was not an integer")
return
# Create the user if it doesnt exist
user_ref = users_dao.get_or_create_user(account_id, user_id, acc)
if not user_ref:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
return
incrArgs = {"points":newpoints}
user_key = users_dao.get_user_key(account_id, user_id)
dbret = users_dao.update_user(user_key, None, incrArgs)
if not dbret:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Unable to update points field account %s, user %s, key: %s"%\
(account_id,user_id, user_key))
return
if not reason:
try:
reason = acc.notifierWidget.title
except:
reason = "Points Awarded"
notifier.user_points(user_ref, newpoints, reason, acc)
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return