def post(self): current_session = Session().get_current_session(self) account_entity = current_session.get_account_entity() email = account_entity.email new_user_id = self.request.get("id") if new_user_id == constants.ANONYMOUS_USER: self.redirect('/adminconsole/users?error=NoUserID') return profile_name = self.request.get("name") profile_link = self.request.get("profile") profile_img = self.request.get("image") user_key = users_dao.get_user_key(email, new_user_id) new_user = Users(key_name=user_key, userid=new_user_id, isEnabled="yes", accountRef=account_entity, profileName=profile_name, profileLink=profile_link, profileImg=profile_img) users_dao.save_user(new_user, user_key) self.redirect('/adminconsole/users')
def calculate_rank(user_ref, acc_ref): rank = constants.NOT_RANKED if not user_ref or not acc_ref: error("Unable to cal rank because of missing ref") return rank if user_ref.rank: rank = user_ref.rank last_ranking = user_ref.last_time_ranked current_time = datetime.datetime.now() recalculate = True if last_ranking: recalculate = (current_time - last_ranking) > datetime.timedelta(minutes=10) # Do not calculate rank unless its been 10 minutes since last time if recalculate: result = db.GqlQuery("SELECT __key__ FROM Users WHERE accountRef=:1 ORDER BY points DESC LIMIT " + constants.NUMBER_RANKED, acc_ref) counter = 1 is_ranked = False for ii in result: if ii.name() == user_ref.key().name(): is_ranked = True break else: counter += 1 if is_ranked: user_ref.rank = counter rank = counter else: user_ref.rank = constants.NOT_RANKED user_ref.last_time_ranked = current_time user_key = user_ref.key().name() try: users_dao.save_user(user_ref, user_key) except: error("Error getting user with key %s"%user_key) return rank
def post(self): start = time.time() clean = XssCleaner() api_key = self.request.get('apikey') account_id = self.request.get('accountid') new_user_id = self.request.get('userid') # Anything that can possibly be rended should be cleaned profile_link = self.request.get('profile_link') # We can't clean it because it will not render if embedded into a site # Be wary of doing any queries with this data #profile_link = clean.strip(profile_link) profile_img = self.request.get('profile_img') #profile_img = clean.strip(profile_img) profile_name = self.request.get('profile_name') profile_name = clean.strip(profile_name) logdiction = {'event':'loginuser', 'api': 'update_user', 'is_api':'yes', 'ip':self.request.remote_addr, 'user':new_user_id, 'account':account_id, 'success':'true'} if not account_id or not new_user_id or not api_key: self.response.out.write(bad_args()) logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) return acc = accounts_dao.authorize_api(account_id, api_key) if not acc: self.response.out.write(auth_error()) logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) return # Create a new user user_key = users_dao.get_user_key(account_id, new_user_id) #Update user_ref = users_dao.get_user_with_key(user_key) if user_ref: dict = {} update = False if profile_link and profile_link != user_ref.profileLink: dict["profileLink"] = profile_link update = True if profile_img and profile_img != user_ref.profileImg: dict["profileImg"] = profile_img update = True if profile_name and profile_name != user_ref.profileName: dict["profileName"] = profile_name update = True if update: logdiction['event'] = 'updateuser' try: users_dao.update_user(user_key, dict, None) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Error updating user with id %s"%new_user_id) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return if not profile_img: profile_img = constants.IMAGE_PARAMS.USER_AVATAR new_user = Users(key_name=user_key, userid=new_user_id, isEnabled="yes", accountRef=acc, profileName=profile_name, profileLink=profile_link, profileImg=profile_img) logdiction['event'] = 'createuser' try: users_dao.save_user(new_user, user_key) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Error getting user with key %s"%key) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return