def get(self):
"""
A paginated resource for Domains
"""
auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, required=False, default=1)
parser.add_argument("per_page", type=int, required=False, default=10)
args = parser.parse_args()
query = Domain.query.paginate(args.page, args.per_page)
return make_response(request.url, query)
def get(self, domain):
"""
"""
auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, help="", required=False, default=1)
parser.add_argument("per_page", type=int, help="", required=False, default=10)
args = parser.parse_args()
domain = Domain.query.filter(Domain.name == domain).first()
if not domain:
return {}, 404
pages = Pagination(domain.resources, args.page, args.per_page)
return make_response(request.url, pages)
def get(self):
"""
Paginated access to users
"""
parser = reqparse.RequestParser()
parser.add_argument("me", type=bool, default=None)
parser.add_argument("signups", type=bool, default=None)
parser.add_argument("page", type=int, required=False, default=1)
parser.add_argument("per_page", type=int, required=False, default=10)
args = parser.parse_args()
# Let unauthenticated users see if they can register an account
if args.signups:
if "PERMIT_NEW_ACCOUNTS" in app.config:
return app.config["PERMIT_NEW_ACCOUNTS"]
return None
user = auth(session, required=True)
if args.me:
s = Session.query.filter(Session.session_id == session['session']).first()
response = user.jsonify()
response['session'] = s.jsonify()
return response
if not user.can("see_all"):
return {}, 403
query = User.query.order_by(desc(User.created)).paginate(args.page, args.per_page)
return make_response(request.url, query, revisions=True)
def get(self, username):
user = auth(session, required=True)
parser = reqparse.RequestParser()
parser.add_argument("page", type=int, default=1)
parser.add_argument("per_page", type=int, default=10)
args = parser.parse_args()
if user.username != username and not user.can("see_all"):
return {}, 403
if user.username != username:
user = User.query.filter(User.username == username).first()
if not user:
return {}, 404
query = Friend.query.filter(Friend.user == user)\
.order_by(desc(Friend.created)).paginate(args.page, args.per_page)
response = make_response(request.url, query)
# Check the remote side of each request
for i, friend_request in enumerate(response['data']):
address = friend_request['address']
network, node_id, uid = address.split('/')
router = app.routes.get(network, None)
if router != None:
message_body = {"add": {"from": user.uid, "to": address}}
remote_state = router.protocol.rpc_friend(message_body)
if remote_state[0]:
response['data'][i]['status'] = remote_state[0]['status']
return response
def get(self):
user = auth(session, required=True)
if not user.can("see_all"):
return {}, 403
return config_as_response()
def post(self, username):
"""
Rename, accept or block a Friend. Refer to models.Friend.states
to see what the possible integer values accepted by this method
represent.
Friends with their "received" attribute set to None cannot have
their state attribute modified as they represent sent requests.
"""
user = auth(session, required=True)
parser = reqparse.RequestParser()
parser.add_argument("state", type=int)
parser.add_argument("name", type=str)
parser.add_argument("address", type=str, required=True)
args = parser.parse_args()
friend = Friend.query.filter(and_(Friend.address == args.address,
Friend.user == user)).first()
if not friend:
return {}, 404
if args.name:
friend.name = args.name
if args.state:
friend.state = args.state
db.session.add(friend)
db.session.commit()
return friend.jsonify()
def post(self, username):
user = auth(session, required=True)
if not 'avatar' in request.files:
return {}, 400
upload = request.files['avatar']
revision = Revision()
revision.add(upload)
existing = Revision.query.filter(
Revision.hash == revision.hash
).first()
if existing: # We already have this file
user.avatar = existing
if not existing in user.revisions:
user.revisions.append(existing)
db.session.add(existing)
else:
user.avatar = revision
user.revisions.append(revision)
db.session.add(revision)
db.session.add(user)
db.session.commit()
return redirect("/")
def get(self, username):
"""
View user. Those with see_all may access more attributes.
"""
user = auth(session, required=True)
parser = reqparse.RequestParser()
parser.add_argument("can", type=str)
args = parser.parse_args()
target = User.query.filter(User.username == username).first()
if not target:
return {}, 404
if not user.can("see_all") and username != user.username:
return target.jsonify(address=app.routes._default)
if args.can:
return target.can(args.can)
return target.jsonify(revisions=True,
groups=True,
sessions=True,
address=app.routes._default)
def index(self):
user = auth(session, required=True)
current_session = session['session']
[db.session.delete(s) for s in user.sessions if s.session_id == current_session]
session['session'] = ''
log("%s logged out." % user.username)
return redirect('/')
def delete(self, network):
"""
Remove a peer.
Assembles a nodeple and uses RoutingTable.get_existing_node and
RoutingTable.remove_node to remove a peer and stop republishing
their keys.
"""
user = auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("id", type=str, required=True)
parser.add_argument("ip", type=str, required=True)
parser.add_argument("port", type=int, required=True)
args = parser.parse_args()
routes = app.routes.get(network, None)
if routes == None:
return {}, 404
if not user.can("manage_networks"):
return {}, 403
node = [long(args.id), args.ip, args.port]
node = routes.get_existing_node(node)
if node == None:
return {}, 404
routes.remove_node(node)
return True
def get(self, name):
user = auth(session, required=True)
group = UserGroup.query.filter(UserGroup.name == name).first()
if not group:
return {}, 404
return group.jsonify(with_users=True, with_privs=True)
def get(self):
auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, default=1)
parser.add_argument("per_page", type=int, default=10)
parser.add_argument("network", type=str, default=None)
args = parser.parse_args()
if not args.network:
routes = app.routes._default
else:
routes = app.routes.get(args.network, None)
if not routes:
return {}, 404
peers = [peer for peer in routes]
pages = Pagination(peers, args.page, args.per_page)
return make_response(request.url, pages)
def get(self, hash):
"""
Return a specific revision by hash.
"""
user = auth(session)
rev = Revision.query.filter(and_(Revision.hash == hash, Revision.user == user)).first()
if rev:
return rev.jsonify()
return {}, 404
def authenticate(self):
if not self.user:
user = auth(self.request)
if user and not self.user:
log("Received %s stream connection from %s" % \
(self.socket_type, user.username))
self.user = user
return True
return False
def get(self):
auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, required=False, default=1)
parser.add_argument("per_page", type=int, required=False, default=10)
args = parser.parse_args()
routes = app.routes.values()
pages = Pagination(routes, args.page, args.per_page)
response = make_response(request.url, pages)
# Calculate the number of unique nodes we know of
peers = []
for router in routes:
peers.extend([peer.threeple for peer in router])
peers = set(peers)
response['peers'] = len(peers)
return response
def get(self, network):
auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, default=1)
parser.add_argument("per_page", type=int, default=10)
args = parser.parse_args()
routes = app.routes.get(network, None)
if not routes:
return {}, 404
peers = [peer for peer in routes]
pages = Pagination(peers, args.page, args.per_page)
pages.items = [p.jsonify(string_id=True) for p in pages.items]
# Would like to make the following more elegant.
# for i, j in enumerate(pages.items):
# pages.items[i]['node'] = (str(j['node'][0]), j['node'][1], j['node'][2])
return make_response(request.url, pages, jsonify=False)
def get(self, username):
user = auth(session, required=True)
if user.username != username and not user.can("see_all"):
return {}, 403
user = User.query.filter(User.username == username).first()
if user == None:
return 404
return Revision.query.filter(Revision.user == user).count()
def post(self, username):
"""
Account modification
"""
parser = reqparse.RequestParser()
parser.add_argument("email", type=str)
parser.add_argument("password", type=str)
parser.add_argument("verify_password", type=str)
parser.add_argument("public", type=bool, default=None)
parser.add_argument("active", type=bool, default=None)
args = parser.parse_args()
calling_user = auth(session, required=True)
if calling_user.username != username and not calling_user.can("reset_user_pw"):
return {}, 403
user = User.query.filter(User.username == username).first()
if not user:
return {}, 404
if args.verify_password: # It's here to spare from getting in the logs.
return user.verify_password(args.verify_password)
if args.password:
# must be at least six characters though
if len(args.password) < 6:
return "Must be at least six characters.", 304
user.change_password(args.password)
db.session.add(user)
db.session.commit()
return True
if args.email:
user.email = args.email
if args.public:
user.public = args.public != None
if calling_user.can("deactivate") and args.active != None:
user.active = args.active
if args.active == True:
log("%s reactivated %s's user account." % \
(calling_user.username, user.username))
else:
log("%s deactivated %s's user account." % \
(calling_user.username, user.username))
for s in user.sessions:
db.session.delete(s)
db.session.add(user)
db.session.commit()
return user.jsonify()
def recv_connect(self):
user = auth(self.request)
if not user:
self.request_reconnect()
else:
log("Received presence connection from %s" % user.username)
self.user = user
if not user.can("chat"):
body = {"message":"You don't have permission to chat."}
self.emit("disconnect", body)
self.send("disconnect")
log("%s isn't permitted to chat." % user.username)
def get(self, query):
user = auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, default=1)
parser.add_argument("per_page", type=int, default=10)
args = parser.parse_args()
revisions = [_ for _ in Revision.query.all() if query in _.url and \
(_.user == user or _.public)]
pages = Pagination(revisions, args.page, args.per_page)
response = make_response(request.url, pages)
return response
def delete(self):
"""
Remove a usergroup by name.
"""
parser = restful.reqparse.RequestParser()
parser.add_argument("name", type=str, required=True)
args = parser.parse_args()
user = auth(session, required=True)
group = UserGroup.query.filter(UserGroup.name == args.name).first()
db.session.delete(group)
db.session.commit()
return {}, 204
def get(self, url):
user = auth(session, required=not app.config['OPEN_PROXY'])
revision = fetch.get("http://"+url, request.user_agent, user)
if not revision:
return Response(status=404)
if not "text" in revision.mimetype:
return send_file(revision.bcontent, mimetype=revision.mimetype)
else:
if 'html' in revision.mimetype:
revision.content = parser.parse(revision.content, 'http://' + url)
return revision.as_response
def get(self):
user = auth(session, required=True)
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, default=1)
parser.add_argument("per_page", type=int, default=10)
args = parser.parse_args()
if user.can("see_all"):
query = Revision.query.order_by(desc(Revision.created)).paginate(args.page, args.per_page)
else:
query = Revision.query.filter(or_(Revision.public == True, Revision.user == user))\
.order_by(desc(Revision.created)).paginate(args.page, args.per_page)
return make_response(request.url, query)
def get(self):
"""
Implements /v1/privs
"""
parser = restful.reqparse.RequestParser()
parser.add_argument("page", type=int, required=False, default=1)
parser.add_argument("per_page", type=int, required=False, default=10)
args = parser.parse_args()
user = auth(session, required=True)
if not user.can("see_all"):
return {}, 403
query = Priv.query.order_by(desc(Priv.created)).paginate(args.page, args.per_page)
return make_response(request.url, query)
def delete(self, username):
"""
Account deletion
"""
user = auth(session, required=True)
if user.username != username and not user.can("delete_at_will"):
return {}, 403
user = User.query.filter(User.username == username).first()
if not user:
return {}, 404
db.session.delete(user)
db.session.commit()
return {}, 204
def delete(self, username):
"""
Unfriend an address.
"""
user = auth(session, required=True)
parser = reqparse.RequestParser()
parser.add_argument("address", type=str, required=True)
args = parser.parse_args()
# Will do for now
for friend in user.friends:
if friend.address == args.address:
db.session.delete(friend)
db.session.commit()
return {}, 204
return {}, 404
def get(self, username):
user = auth(session, required=True)
if user.username != username and not user.can("see_all"):
return {}, 403
parser = reqparse.RequestParser()
parser.add_argument("page", type=int, default=1)
parser.add_argument("per_page", type=int, default=20)
args = parser.parse_args()
user = User.query.filter(User.username == username).first()
if user == None:
return 404
query = Revision.query.filter(Revision.user == user)\
.order_by(desc(Revision.created)).paginate(args.page, args.per_page)
return make_response(request.url, query)
def delete(self, network):
"""
Remove a network.
"""
user = auth(session, required=True)
routes = app.routes.get(network, None)
if routes == None:
return {}, 404
if not user.can("manage_networks"):
return {}, 403
log("%s is removing network \"%s\"." % (user.username, network))
app.routes.leave(network)
# Remove the database representation, too
network_in_db = Network.query.filter(Network.name == network).first()
if network_in_db != None:
network_in_db.delete()
def put(self):
"""
Create a new usergroup by name.
"""
parser = restful.reqparse.RequestParser()
parser.add_argument("name", type=str, required=True)
args = parser.parse_args()
user = auth(session, required=True)
if not user.can("modify_usergroup"):
return {}, 403
group = UserGroup(name=args.name)
db.session.add(group)
db.session.commit()
return group.jsonify()
def delete(self, hash):
"""
Delete a revision object by content hash.
"""
user = auth(session, required=True)
if user.can("delete_at_will"):
rev = Revision.query.filter(Revision.hash == hash).first()
else:
rev = Revision.query.filter(
and_(Revision.hash == hash, Revision.user == user)
).first()
if not rev:
return {}, 404
db.session.delete(rev)
db.session.commit()
return {}, 204
