def edits(request, instance, user_id): if (int(user_id) != request.user.pk): return create_401unauthorized() user = request.user result_offset = int(request.GET.get("offset", 0)) num_results = min(int(request.GET.get("length", 15)), 15) audits = Audit.objects.filter(instance=instance)\ .filter(user=user)\ .filter(model_in=['Tree', 'Plot'])\ .order_by('-created', 'id') audits = audits[result_offset:(result_offset + num_results)] keys = [] for audit in audits: d = {} plot = extract_plot_from_audit(audit) d["plot_id"] = plot.pk if plot.pk: d["plot"] = context_dict_for_plot(request, plot) d["id"] = audit.pk d["name"] = audit.display_action d["created"] = datetime_to_iso_string(audit.created) d["value"] = audit.current_value keys.append(d) return keys
def edits(request, instance, user_id): if (int(user_id) != request.user.pk): return create_401unauthorized() user = User.objects.get(pk=user_id) result_offset = int(request.REQUEST.get("offset", 0)) num_results = min(int(request.REQUEST.get("length", 15)), 15) audits = Audit.objects.filter(instance=instance)\ .filter(user=user)\ .filter(model_in=['Tree', 'Plot'])\ .order_by('-created', 'id') audits = audits[result_offset:(result_offset+num_results)] keys = [] for audit in audits: d = {} plot = extract_plot_from_audit(audit) d["plot_id"] = plot.pk if plot.pk: d["plot"] = plot_to_dict( plot, longform=True, user=user) d["id"] = audit.pk d["name"] = audit.display_action d["created"] = datetime_to_iso_string(audit.created) d["value"] = audit.current_value keys.append(d) return keys
def recent_edits(request, user_id): if (int(user_id) != request.user.pk): return create_401unauthorized() result_offset = int(request.REQUEST.get("offset",0)) num_results = min(int(request.REQUEST.get("length",15)),15) acts = UserReputationAction.objects.filter(user=request.user).order_by('-date_created')[result_offset:(result_offset+num_results)] keys = [] for act in acts: d = {} plot_id = extract_plot_id_from_rep(act) d["plot_id"] = plot_id if plot_id: d["plot"] = plot_to_dict(Plot.objects.get(pk=plot_id),longform=True,user=request.user) d["id"] = act.pk d["name"] = act.action.name d["created"] = datetime_to_iso_string(act.date_created) d["value"] = act.value keys.append(d) return keys
def wrapperf(request, *args, **kwargs): user = parse_user_from_request(request) or request.user if user is not None and not user.is_anonymous(): request.user = user return view_f(request, *args, **kwargs) return create_401unauthorized()
def wrapperf(request, *args, **kwargs): # Request must have signature and access_key # parameters sig = request.REQUEST.get('signature') if not sig: sig = request.META.get('HTTP_X_SIGNATURE') if not sig: return _missing_request # Signature may have had "+" changed to spaces so change them # back sig = sig.replace(' ', '+') timestamp = request.REQUEST.get('timestamp') if not timestamp: return _missing_request try: timestamp = datetime.datetime.strptime( timestamp, SIG_TIMESTAMP_FORMAT) expires = timestamp + datetime.timedelta(minutes=15) if expires < datetime.datetime.now(): return _bad_request except ValueError: return _missing_request if not sig: return _missing_request key = request.REQUEST.get('access_key') if not key: return _bad_request try: cred = APIAccessCredential.objects.get(access_key=key) except APIAccessCredential.DoesNotExist: return _bad_request if not cred.enabled: return create_401unauthorized() signed = get_signature_for_request(request, cred.secret_key) if len(signed) != len(sig): return _bad_request # Don't bail early matches = 0 for (c1, c2) in zip(sig, signed): matches = (ord(c1) ^ ord(c2)) | matches if matches == 0: if cred.user: user = cred.user else: user = parse_user_from_request(request) if require_login: if user is None or user.is_anonymous(): return create_401unauthorized() if user is None: user = AnonymousUser() request.user = user return view_f(request, *args, **kwargs) else: return _bad_request
def wrapperf(request, *args, **kwargs): # Request must have signature and access_key # parameters sig = request.REQUEST.get('signature') if not sig: sig = request.META.get('HTTP_X_SIGNATURE') if not sig: return _missing_request # Signature may have had "+" changed to spaces so change them # back sig = sig.replace(' ', '+') timestamp = request.REQUEST.get('timestamp') if not timestamp: return _missing_request try: timestamp = datetime.datetime.strptime(timestamp, SIG_TIMESTAMP_FORMAT) expires = timestamp + datetime.timedelta(minutes=15) if expires < datetime.datetime.now(): return _bad_request except ValueError: return _missing_request if not sig: return _missing_request key = request.REQUEST.get('access_key') if not key: return _bad_request try: cred = APIAccessCredential.objects.get(access_key=key) except APIAccessCredential.DoesNotExist: return _bad_request if not cred.enabled: return create_401unauthorized() signed = get_signature_for_request(request, cred.secret_key) if len(signed) != len(sig): return _bad_request # Don't bail early matches = 0 for (c1, c2) in zip(sig, signed): matches = (ord(c1) ^ ord(c2)) | matches if matches == 0: if cred.user: user = cred.user else: user = parse_user_from_request(request) if require_login: if user is None or user.is_anonymous(): return create_401unauthorized() if user is None: user = AnonymousUser() request.user = user return view_f(request, *args, **kwargs) else: return _bad_request