def deleteNoteID(NoteID):
sessionUser = checkCookiesSessionUser();
response.content_type = 'application/json';
returnedMessage = {
"NoteID" : NoteID,
"valid" : "false",
"deleted": "false",
"status" : "You're not allowed to do this action"
}
if (sessionUser == None):
return json.dumps(returnedMessage);
note = db.getNotebyNoteID(NoteID);
if (note == None):
returnedMessage["deleted"] = "false";
returnedMessage["status"] = "This note doesn't exist on our system or has changed location";
return json.dumps(returnedMessage); # The note doesn't exist on our database
userID_note = note['UserID'];
userID_session = sessionUser['UserID'];
if (userID_note == userID_session):
if (db.deleteNote(NoteID)):
returnedMessage['valid'] = 'true';
returnedMessage['deleted'] = "true";
returnedMessage['status'] = "We have deleted your note!";
else:
returnedMessage['deleted'] = "false";
returnedMessage['status'] = "You're not allowed to delete this note.";
return json.dumps(returnedMessage);
def updateNotebyID(NoteID):
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return redirectHome();
newTitle = request.forms.get('titleNote');
newContent = request.forms.get('contentNote');
updatedTime = datetime.now().strftime('%Y-%m-%d %H:%M:%S');
#Update fields for the note before inserting into database..
note = db.getNotebyNoteID(NoteID); #get note object from the previous note.
note['Title'] = newTitle;
note['Content'] = newContent;
note['EditedAt'] = updatedTime;
note['Color'] = request.forms.get('colorNote');
note['Private'] = request.forms.get('privateNote');
note['Published']= int(request.forms.get('publishedNote'));
if db.updateNote(note): #update the note into the database.
response.status = 303
user = db.getUserbyID(note['UserID'])
response.set_header('Location', '/'+user['Username']+'/'+note['Permalink']);
return template('singleNote', note=note, user=user); #Show login screen
return template('singleNote', note=note, user=user);
else:
#problems updating note.
return template('error', user=sessionUser)
def userProfile():
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return redirectHome();
user = db.getUserbyID(sessionUser['UserID']);
notes = db.getNotesByUserID(user['UserID']);
if user != None:
return template("profile", user=user, notes=notes);
else:
return redirectLogin();
def profile(username):
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return redirectHome();
user = db.getUserbyUsername(username);
if user != None and user['UserID'] == sessionUser['UserID']: # if user and session is the same as the query user
notes = db.getNotesByUserID(user['UserID']);
return template('notes', searchTemplate=False, notes=notes, user=user); # Show the notes for that user!
else:
return redirectPrivateZone(); # Users are not ALLOWED
def searchOnNotes():
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return template('login', user=None)
user = db.getUserbyID(sessionUser['UserID'])
if (user != None):
Keyword = request.forms.get('query');
notes = db.searchNotesFromUser(Keyword, sessionUser['UserID']);
return template('notes', Keyword=Keyword, searchTemplate=True, notes=notes, user=user);
else:
return redirectHome();
def displayNoteToBeupdated(Username, Permalink):
sessionUser = checkCookiesSessionUser();
if sessionUser == None:
return template('login', user=sessionUser)
note = db.getNoteby_Username_Permalink(Username, Permalink);
if note == None:
return redirectHome();
if sessionUser['UserID'] == note['UserID']:
colors = db.getColorsAvailable(); # get all the available colors
return template('createNote', note=note, colors=colors,user=sessionUser, editNote=True)
return redirectPrivateZone(); # Private note. Guest can't read this note
def registerUserDatabase():
sessionUser = checkCookiesSessionUser();
if (sessionUser != None):
return redirectHome();
# Dictionary with information for new user (following database model)
password = encryptPassword(request.forms.get('passwordsignup'))
newUser = {
"UserID": None,
"Email" : request.forms.get('emailsignup'),
"Password" : password,
"Name": request.forms.get('namesignup'),
"Surname": request.forms.get('surnamesignup'),
"Username": request.forms.get('usernamesignup'),
"Birthday": request.forms.get('birthdaysignup'),
"City": request.forms.get('citysignup'),
"Premium": 0
}
created = db.createUser(newUser);
if created: # user created successfully
return template('signup-success', user=sessionUser);
else:
return template('signup-fail', user=None);
def getNodeByID_api(NoteID):
sessionUser = checkCookiesSessionUser();
errorNote = { "NoteID" : NoteID, "valid": "false", "status": "notExist"}
note = db.getNotebyNoteID(NoteID);
response.content_type = 'application/json';
if (note != None):
if note['Private'] == 0 or (note['Private'] == 1 and sessionUser['UserID'] == note['UserID']):
# Is a public note or session user is the owner.
note['valid'] = "true";
note['status'] = "OK";
return json.dumps(note); # return a not empty note.
else:
errorNote['valid'] = "false";
errorNote['status'] = "You don't permissions to see this content. Sorry.";
else:
errorNote['valid'] = "false";
errorNote['status'] = "The note you're trying to read doesn't exist or was removed.";
return json.dumps(errorNote); # return error note.
if (sessionUser['UserID'] != note['UserID']):
errorNote['status'] = "You don't permissions to see this content. Sorry.";
return json.dumps(errorNote);
elif (note == None):
errorNote['status'] = "The note you're trying to read doesn't exist or was removed.";
return json.dumps(errorNote);
else:
# At this point the user is the correct one and the note is not None
note['valid'] = "true";
errorNote['status'] = "OK";
response.content_type = 'application/json'
return json.dumps(note);
def getColorsAvailable(): colors = []; response.content_type = 'application/json'; colors = db.getColorsAvailable(); #print colors; return json.dumps(colors);
def createNoteForm():
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return redirectLogin();
note = {} # Empty dictionary. Because template for createNote is used also by Edit Note
colors = db.getColorsAvailable(); # Get colors on our database.
return template('createNote', note=note, colors=colors, editNote=False, user=sessionUser)
def editSessionUser():
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return redirectLogin();
user = db.getUserbyID(sessionUser['UserID']);
user['Name'] = request.forms.get('namesignup');
user['Surname'] = request.forms.get('surnamesignup');
user['Birthday'] = request.forms.get('birthdaysignup');
user['City'] = request.forms.get('citysignup');
if db.updateUser(user):
notes = db.getNotesByUserID(user['UserID']);
return template("profile", notes=notes, user=user);
else:
return template("profile-update-fail", user=sessionUser);
def showFormToEditUser():
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return redirectHome();
user = db.getUserbyID(sessionUser['UserID']); # Get a user dictionary
if user != None and sessionUser['UserID'] == user['UserID']: # if the user exists.
return template("signup", user=user, editUser=True);
else:
return redirectHome();
def checkCookiesSessionUser():
sessionUser = None;
sessionEmail = request.get_cookie("Email", secret="secret123")
sessionUserID = request.get_cookie("UserID", secret="secret123")
if (sessionEmail == None or sessionUserID == None):
return None; # Cookies doesn't match
identifiedUser = db.getUserbyID(sessionUserID); # Return identified user. If the user was removed from our system, will return null user.
return identifiedUser;
def deleteNoteID(NoteID):
sessionUser = checkCookiesSessionUser();
if (sessionUser == None):
return template('login')
note = db.getNotebyNoteID(NoteID);
if (note == None):
return redirectHome(); # The note doesn't exist on our database
userID_note = note['UserID'];
userID_session = sessionUser['UserID'];
if (userID_note == userID_session):
if (db.deleteNote(NoteID)):
return template('note-deleted', user=sessionUser);
else:
return "Problems deleting that note<a href='/'>Go to your profile</a>"
return template('error')
else:
return redirectPrivateZone(); # Private note. Guest can't read this note
def displayNote(Username, Permalink):
sessionUser = checkCookiesSessionUser();
note = db.getNoteby_Username_Permalink(Username, Permalink);
if (note == None):
return redirectHome(); #return "The note you're trying to read dont exist";
if sessionUser == None:
if int(note['Private']) == 0: #Gues user. Only shows the note if is public
return template('singleNote', note=note, user=sessionUser);
if sessionUser != None: # For logged in users. They can read "Public" notes and those notes owned by them
if int(note['Private']) == 0 or sessionUser['UserID'] == note['UserID']: #la NOTa es publica o el usuario esta conectado
return template('singleNote', note=note, user=sessionUser);
return redirectPrivateZone(); # Not allowd to see this content
def login():
sessionUser = checkCookiesSessionUser();
email = request.forms.get('email');
password = request.forms.get('password');
user = db.getUserbyEmail(email);
if user == None:
return template('login-fail', user=None, failError="<span>User not registered on our system.</span><span>Want a free acount? <a href='/register'>Create yours</a></span>");
return "There's no any user with that email. <p><a href='/login'>Try again </a></p>";
if verifyPassword(password, user['Password']):
setCookiesSessionUser(user); #password verified. Set the cookies for the session
return redirectToProfile(user['Username']);
else:
return template('login-fail', user=None, failError="Your email/password doesn't match");
return "Your password is not correct <p><a href='/login'>Try again </a></p>";
def createnewNote(api):
sessionUser = checkCookiesSessionUser();
errorNote = {
# only for the api...
"error" : True,
"message" : "You're not allowed to do this...",
}
if (sessionUser == None):
if (api):
response.content_type = 'application/json';
return json.dumps(errorNote);
else:
return template('login', user=None)
title = cleanTitle(request.forms.get('titleNote'));
content = cleanContent(request.forms.get('contentNote'));
permalink = generatePermalink(title);
today = getToday();
color = request.forms.get('colorNote');
private = int(request.forms.get('privateNote'));
published = int(request.forms.get('publishedNote'));
newNote = {
# only for the api...
"error" : True,
"message" : "Note was not created successfully",
"NoteID" : None,
"UserID" : sessionUser['UserID'],
"Title" : title, # Truncate title to 200 words
"Permalink" : permalink,
"Content" : content, # Truncate title to 200 words
"CreatedAt" : today,
"EditedAt" : today,
"Published" : published,
"Private" : private,
"Color" : color
}
createdNote = db.createNote(newNote);
if createdNote != None:
if api:
response.content_type = 'application/json';
colorToHEX = db.colorToHexadecimal(createdNote['Color']);
#print colorToHEX
newNote['ColorHexadecimal'] = colorToHEX;
newNote['message'] = "Note created successfully"
newNote['error'] = False;
return json.dumps(newNote);
else:
return template('note-created', user=sessionUser);
response.status = 303
response.set_header('Location', '/'+ sessionUser['Username']);
else:
if api:
response.content_type = 'application/json';
return json.dumps(newNote);
else:
return template('createNote', note=newNote, colors=None, user=sessionUser, editNote=False)
