def do_GET(self): self._set_headers(200) response = {} parsed = self.parse_url(self.path) if len(parsed) == 2: (resource, id) = parsed if resource == "latest_post": response = f"{get_latest_post()}" if resource == "posts": if id is not None: response = f"{get_single_post(id)}" else: response = f"{get_all_posts()}" if resource == "users" and id is None: response = get_all_users() if resource == "categories": if id is not None: response = f"{get_single_category(id)}" else: response = f"{get_all_categories()}" if resource == "comments": if id is not None: response = f"{get_single_comment(id)}" else: response = f"{get_all_comments()}" if resource == "tags": if id is not None: response = f"{get_single_tag(id)}" else: response = f"{get_all_tags()}" elif len(parsed) == 3: (resource, key, value) = parsed if key == "email" and resource == "users": response = get_user_by_email(value) if resource == "posts": if key == "category_id": response = get_posts_by_category_id(value) if key == "user_id": response = f"{get_posts_by_user_id(value)}" if key == "post_id" and resource == "post_tags": response = get_post_tags_by_post_id(value) if key == "post_id" and resource == "comments": response = get_comment_by_post(value) self.wfile.write(response.encode())
def do_GET(self): self._set_headers(200) response = {} # Parse URL and store entire tuple in a variable parsed = self.parse_url(self.path) if len(parsed) == 2: (resource, id) = parsed if resource == "categories" and id is None: response = get_categories() if resource == "tags": response = get_tags() if resource == "reactions": response = get_reactions() if resource == "tagPosts" and id is None: response = get_tagPosts() if resource == "subscriptions" and id is None: response = get_subscriptions() if resource == "posts": if id is not None: response = get_single_post(id) else: response = get_all_posts() if resource == "tagPosts" and id is None: response = get_tagPosts() if resource == "reactionPosts" and id is None: response = get_reactionPosts() if resource == "users": if id is not None: response = get_single_user(id) else: response = get_all_users() elif len(parsed) == 3: (resource, key, value) = parsed if key == "email" and resource == "users": response = get_user_by_email(value) if key == "category_id" and resource == "posts": response = get_posts_by_category_id(value) if key == "user_id" and resource == "posts": response = get_posts_by_user_id(value) if key == "tag_id" and resource == "posts": response = get_posts_by_tag_id(value) if key == "post_id" and resource == "tags": response = get_single_post_tags(value) self.wfile.write(response.encode())
def do_GET(self): self._set_headers(200) response = {} # Parse URL and store entire tuple in a variable parsed = self.parse_url(self.path) #All of these take into account the resource to be used and an optional ID, via if else statement if len(parsed) == 2: (resource, id) = parsed if resource == "posts": if id is None: response = f"{get_all_posts()}" elif id is not None: response = f"{get_post_by_id(id)}" if resource == "comments": if id is None: response = f"{get_all_comments()}" if resource == "categories": if id is None: response = f"{get_all_categories()}" elif id is not None: pass if resource == "tags": if id is None: response = f"{get_all_tags()}" elif id is not None: pass if resource == "users": if id is None: response = f"{get_all_users()}" elif id is not None: response = f"{get_user_by_id(id)}" if resource == "postTags": if id is None: response = f"{get_all_post_tags()}" else: response = f"{get_user_by_id(id)}" elif len(parsed) == 3: (resource, key, value) = parsed if key == "user_id" and resource == "posts": response = get_user_posts(value) if key == "email" and resource == "users": response = get_user_by_email(value) self.wfile.write(response.encode())
def do_GET(self): self._set_headers(200) response = {} # Parse URL and store entire tuple in a variable parsed = self.parse_url(self.path) if len(parsed) == 2: (resource, id) = parsed if resource == "categories": response = get_all_categories() if resource == "posts": if id is not None: response = get_single_post(id) pass else: response = get_all_posts() if resource == "users": if id is not None: pass else: response = get_all_users() if resource == "comments": if id is not None: pass else: response = get_all_comments() # Response from parse_url() is a tuple with 3 # items in it, which means the request was for # `/resource?parameter=value` elif len(parsed) == 3: (resource, key, value) = parsed if key == "user_id" and resource == "posts": response = get_posts_by_user(value) if key == "email" and resource == "users": response = get_user_by_email(value) self.wfile.write(response.encode())
def login(): """Initiate user session""" try: urls = [] email = request.form['email'] password = request.form['password'] token = groups.authenticate_group_member(email_id=email, password=password) user_id = users.get_user_by_email(email_id=email) group_id = groups.get_group_id(user_id=user_id) session.clear() session["user"] = email session["group"] = group_id session['token'] = token print(token) if group_id is not None: urls = groups.get_download_url(group_id=group_id, user_token=token) return render_template("filemanager/dashboard.html", files=urls) except Exception as e: logging.exception(e) return render_template("filemanager/failure.html")
def do_POST(self): # Set response code to 'Created' self._set_headers(201) content_len = int(self.headers.get('content-length', 0)) post_body = self.rfile.read(content_len) # Convert JSON string to a Python dictionary post_body = json.loads(post_body) # Parse the URL (resource, id) = self.parse_url(self.path) # Initialize new item new_item = None if resource == "login": new_item = get_user_by_email(post_body) if resource == "register": new_item = create_user(post_body) if resource == "posts": if 'tag_id' in post_body: # Not updating post object so no need to put this call in PUT # For now, POST request in Postman only new_item = add_tag_to_post(post_body) else: new_item = create_post(post_body) # pass if resource == "categories": new_item = create_category(post_body) if resource == "tags": new_item = create_tag(post_body) if resource == "comments": new_item = create_comment(post_body) self.wfile.write(f"{new_item}".encode())
def add_users_to_case(): """Adds a user to a specific case""" # get data case_id = request.form.get('case_id') user_emails = request.form.get('new_users') #nix any spaces user_emails = user_emails.replace(" ", "") #split up the emails user_emails = user_emails.split(",") # start the return string with a <tr> tag update_users = "" # loop through the emails for email in user_emails: # get the user obj for the email # a new user be created if the user is not registered yet user_check = get_user_by_email(email) # Create usercase assocation # update_usercase returns None if the usercase is new case_user_check = update_usercase(case_id, user_check.user_id) close_btn = '<td><button type="button" id="' + str( user_check.user_id ) + '" class="close new-user-x" aria-label="Close"><span aria-hidden="true">×</span></button></td>' # if it's a new assocation - add it as a <td> to response string if case_user_check is None: update_users = update_users + "<tr id ='User_" + str( user_check.user_id ) + "'>" + close_btn + "<td>" + user_check.fname + " " + user_check.lname + "</td>" + "<td>" + email + "</td> </tr>" # add the closing row tag once all the tds are done # update_users = update_users + "</tr>" return update_users
def register_case(): """Handles form and registration of new case""" #if it's a get - render registration form if request.method == "GET": # render registration form return render_template('/register-case.html') #otherwise register case in db if request.method == "POST": # get the case name, list of user emails and the current user case_name = request.form.get('case_name') other_users = request.form.get('user-list') current_user = g.current_user # strip out spaces from the email's input into the form other_users = other_users.replace(" ", "") # split on the comma user_emails = other_users.split(",") # append the existing user to the list of approved users user_emails.append(current_user.email) # instantiate a new case in the db # create_case() returns the newly created case object case = create_case(case_name, current_user.user_id) # cycle through the provided emails for email in user_emails: # get_user_by_email gets the user object for that email address # or registers a new user if the email doesn't exist already user = get_user_by_email(email) #create an association in the usercases table update_usercase(case_id=case.case_id, user_id=user.user_id) return redirect('/cases')
def process_letter(mail_uid, account): raw_mail = download_letter(mail_uid, account) message = email.message_from_bytes(raw_mail) address = re.search("<?(.+\@.+)>?", message["From"]).group(1) user = get_user_by_email(address) item_generic = user.copy() # Base for item object that will be added to INqueue item_generic["collector"] = "imap" item_generic["email_To"] = account["address"] item_generic["email_From"] = address item_generic["email_Subject"] = decode_simple_header(message["Subject"]) if "Subject" in message else "" item_generic["email_Message-ID"] = message["Message-ID"] try: item_generic["output_format"] = "." + re.search("^(test_)?\w*?2?(\w+)@", account["address"]).group(2) except IndexError: pass user_local_path = in_user_local_path(item_generic) logger.debug( "Look for attachments in letter {uid} from {address} to {acc_address}".format( uid=mail_uid, address=address, acc_address=account["address"] ) ) body = "" skip_text_maintype = ( False ) # Help to find main text body of the message. I resume that the first part with the text maintype is the necessary one for part in message.walk(): if not skip_text_maintype and part.get_content_maintype() == "text": body += part.get_payload() skip_text_maintype = True continue if part.get_content_maintype() == "multipart" or not part.get_filename(): continue filename = os.path.basename( decode_simple_header(part.get_filename()) ) # os.path.basename is for security reason local_file = os.path.join(user_local_path, filename) with open(local_file, "wb") as fh: fh.write(part.get_payload(decode=True)) item = item_generic.copy() item["collect_time"] = time.time() item["input_file"] = local_file put_to_queue("IN", item) logger.debug( 'File {input_file} saved from email attachment and putted to the "IN" queue (letter {uid} from {address} to {acc_address}'.format( input_file=item["input_file"], uid=mail_uid, address=address, acc_address=account["address"] ) ) logger.debug( "Look for urls in letter {uid} from {address} to {acc_address}".format( uid=mail_uid, address=address, acc_address=account["address"] ) ) try: body_in_xmltag = "<nothing>" + body + "</nothing>" body_without_xmltags = " ".join(ElementTree.fromstring(body_in_xmltag).itertext()) except ElementTree.ParseError: body_without_xmltags = body urls = set(re.findall(r"https?://[^ ]+", body)) for url in urls: request = requests.get(url, stream=True) try: # Try to get filename from HTTP headers filename = os.path.basename( re.search('^filename="(.+)"$', request.headers["content-disposition"]).group(1) ) # os.path.basename is for security reason # AttributeError — There isn't Content-Disposition HTTP header in HTTP response # KeyError — filename is empty # IndexError — Content-Disposition HTTP header doesn't have filename parameter: except (AttributeError, KeyError, IndexError): unquoted_url = urllib.parse.unquote_plus(url) filename = urllib.parse.urlparse(unquoted_url).path.split("/")[-1] # Get filename from url logger.debug("filename = {}".format(filename)) if filename == "": filename = "index.html" if not os.path.splitext(filename): filename += ".html" local_file = os.path.join(user_local_path, filename) with open(local_file, "wb") as fh: for chunk in request.iter_content(4096): # 4096 is a random count of bytes fh.write(chunk) item = item_generic.copy() item["collect_time"] = time.time() item["input_file"] = local_file put_to_queue("IN", item) logger.debug( 'File {input_file} downloaded through URL from letter {uid} (from {address} to {acc_address}) and putted to the "IN" queue'.format( input_file=item["input_file"], uid=mail_uid, address=address, acc_address=account["address"] ) ) logger.debug( "Processing of letter {uid} is completed (from {address} to {acc_address})".format( uid=mail_uid, address=address, acc_address=account["address"] ) )
def validate_email(form, field): if not get_user_by_email(field.data): raise ValidationError('Email address doesn\'t exists.')