def createdb():
""" Create the database entities. """
db.create_all()
admin_data = {'screen_name': 'admin', 'name': 'Systems Admin'}
if User.by_screen_name(admin_data.get('screen_name')) is None:
user = User.create(admin_data)
db.session.flush()
user.api_key = app.config.get('SECRET_KEY')
db.session.commit()
def authentication():
""" Attempt HTTP authentication via API keys on a per-request basis. """
auth_header = request.headers.get('Authorization')
api_key = request.args.get('api_key')
if auth_header is not None:
auth_type, api_key = auth_header.split(' ', 1)
if api_key is not None:
try:
request.user = User.by_api_key(api_key)
except:
raise Unauthorized('Invalid API key.')
elif 'user_id' in session:
request.user = User.by_id(session['user_id'])
else:
request.user = None
def authentication():
""" Attempt HTTP authentication via API keys on a per-request basis. """
auth_header = request.headers.get('Authorization')
api_key = request.args.get('api_key')
if auth_header is not None:
auth_type, api_key = auth_header.split(' ', 1)
if api_key is not None:
try:
request.user = User.by_api_key(api_key)
except:
raise Unauthorized('Invalid API key.')
elif 'user_id' in session:
request.user = User.by_id(session['user_id'])
else:
request.user = None
def update(login):
user = obj_or_404(User.by_login(login))
authz.require(user.id == current_user.id)
user.update(request_data())
db.session.add(user)
db.session.commit()
return view(login)
def update(login):
user = obj_or_404(User.by_login(login))
authz.require(user.id == current_user.id)
user.update(request_data())
db.session.add(user)
db.session.commit()
return view(login)
def facebook_authorized(resp):
next_url = request.args.get('next') or url_for('index')
if resp is None:
#flash(u'You denied the request to sign in.')
return redirect(next_url)
session['facebook_token'] = (resp['access_token'], '')
res = facebook.get('/me').data
user = User.by_facebook_id(res['id'])
if user is None:
user_data = {
'facebook_id': res['id'],
'screen_name': res['username'],
'email': res['email'],
'name': res['name']
}
user = User.create(user_data)
db.session.commit()
session['user_id'] = user.id
return redirect(next_url)
def authorized(resp):
next_url = session.get('next_url', url_for('ui'))
if resp is None or 'oauth_token' not in resp:
return redirect(next_url)
session['twitter_token'] = (resp['oauth_token'],
resp['oauth_token_secret'])
res = twitter.get('users/show.json?user_id=%s' % resp.get('user_id'))
data = {
'login': res.data.get('screen_name'),
'oauth_id': res.data.get('id')
}
user = User.load(data)
db.session.commit()
login_user(user, remember=True)
return redirect(next_url)
def twitter_authorized(resp):
next_url = request.args.get('next') or url_for('index')
if resp is None:
#flash(u'You denied the request to sign in.')
return redirect(next_url)
session['twitter_token'] = (
resp['oauth_token'],
resp['oauth_token_secret']
)
res = twitter.get('users/show.json',
data={'user_id': resp['user_id']}).data
user = User.by_twitter_id(res['id_str'])
if user is None:
user_data = {
'twitter_id': res['id_str'],
'screen_name': res['screen_name'],
'name': res['name']
}
user = User.create(user_data)
db.session.commit()
session['user_id'] = user.id
return redirect(next_url)
def authorized(resp):
next_url = session.get('next_url', url_for('ui'))
if resp is None or 'oauth_token' not in resp:
return redirect(next_url)
session['twitter_token'] = (resp['oauth_token'],
resp['oauth_token_secret'])
res = twitter.get('users/show.json?user_id=%s' % resp.get('user_id'))
data = {
'login': res.data.get('screen_name'),
'oauth_id': res.data.get('id')
}
user = User.load(data)
db.session.commit()
login_user(user, remember=True)
return redirect(next_url)
def install(filename):
""" Load or update a service configuration form a JSON configuration. """
with open(filename, 'rb') as fh:
data = json.load(fh)
service = Service.by_key(data.get('key'))
if service is None:
service = Service.create(data)
else:
service.update(data)
events = []
for event_data in data.get('events', []):
event_data['service'] = service
event = Event.by_key(service, event_data['key'])
if event is None:
event = Event.create(event_data)
else:
event.update(event_data)
events.append(event)
service.events = events
service.editors = []
for editor_id in data.get('editors', [1]):
user = User.by_id(editor_id)
service.editors.append(user)
db.session.commit()
def load_user_from_request(request):
api_key = request.headers.get('X-API-Key') \
or request.args.get('api_key')
if api_key is not None:
return User.by_api_key(api_key)
def index():
authz.require(authz.logged_in())
q = User.all()
return jsonify(Pager(q))
def view(login):
user = obj_or_404(User.by_login(login))
data = user.to_dict()
if user.id == current_user.id:
data['email'] = user.email
return jsonify(data)
def view(login):
user = obj_or_404(User.by_login(login))
data = user.to_dict()
if user.id == current_user.id:
data['email'] = user.email
return jsonify(data)
def index():
authz.require(authz.logged_in())
q = User.all()
return jsonify(Pager(q))
def get(id):
user = obj_or_404(User.by_id(id))
#require.service.view(service)
return jsonify(user)
def index():
q = User.all()
return query_pager(q, 'users.index')
def load_user_from_request(request):
api_key = request.headers.get('X-API-Key') \
or request.args.get('api_key')
if api_key is not None:
return User.by_api_key(api_key)