def create_new_user(account_id, user_id):
"""
Create a new user entity and save
Look up account with account_id and use in reference when creating new user
"""
account_entity = memcache_db.get_entity(account_id, "Accounts")
user_key = get_user_key(account_id, user_id)
new_user = Users(key_name=user_key,
userid=user_id,
isEnabled="yes",
accountRef=account_entity)
try:
memcache_db.save_entity(new_user, user_key)
except:
logging.error("Error saving new user entity")
return
def post(self):
current_session = Session().get_current_session(self)
account_entity = current_session.get_account_entity()
email = account_entity.email
new_user_id = self.request.get("id")
if new_user_id == constants.ANONYMOUS_USER:
self.redirect('/adminconsole/users?error=NoUserID')
return
profile_name = self.request.get("name")
profile_link = self.request.get("profile")
profile_img = self.request.get("image")
user_key = users_dao.get_user_key(email, new_user_id)
new_user = Users(key_name=user_key,
userid=new_user_id,
isEnabled="yes",
accountRef=account_entity,
profileName=profile_name,
profileLink=profile_link,
profileImg=profile_img)
users_dao.save_user(new_user, user_key)
self.redirect('/adminconsole/users')
def get_or_create_user(account_id, user_id, acc_ref):
"""
Create the user if it doesnt exist
"""
user_ref = get_user(account_id, user_id)
if not user_ref:
# insert a new user, but lacking optional fields
user_key = get_user_key(account_id, user_id)
new_user = Users(key_name=user_key,
userid=user_id,
isEnabled="yes",
accountRef=acc_ref)
try:
memcache_db.save_entity(new_user, user_key)
except:
logging.error("Error saving user with key %s, userid %s for account %s"%\
(user_key, user_id, account_id))
return None
user_ref = get_user(account_id, user_id)
if not user_ref:
logging.error("Error getting user with key %s, userid %s for account %s"%\
(user_key, user_id, account_id))
return None
return user_ref
def post(self):
start = time.time()
clean = XssCleaner()
api_key = self.request.get('apikey')
account_id = self.request.get('accountid')
new_user_id = self.request.get('userid')
# Anything that can possibly be rended should be cleaned
profile_link = self.request.get('profile_link')
# We can't clean it because it will not render if embedded into a site
# Be wary of doing any queries with this data
#profile_link = clean.strip(profile_link)
profile_img = self.request.get('profile_img')
#profile_img = clean.strip(profile_img)
profile_name = self.request.get('profile_name')
profile_name = clean.strip(profile_name)
logdiction = {'event':'loginuser',
'api': 'update_user',
'is_api':'yes',
'ip':self.request.remote_addr,
'user':new_user_id,
'account':account_id,
'success':'true'}
if not account_id or not new_user_id or not api_key:
self.response.out.write(bad_args())
logdiction['success'] = 'false'
logdiction['details'] = bad_args()
logs.create(logdiction)
return
acc = accounts_dao.authorize_api(account_id, api_key)
if not acc:
self.response.out.write(auth_error())
logdiction['success'] = 'false'
logdiction['details'] = auth_error()
logs.create(logdiction)
return
# Create a new user
user_key = users_dao.get_user_key(account_id, new_user_id)
#Update
user_ref = users_dao.get_user_with_key(user_key)
if user_ref:
dict = {}
update = False
if profile_link and profile_link != user_ref.profileLink:
dict["profileLink"] = profile_link
update = True
if profile_img and profile_img != user_ref.profileImg:
dict["profileImg"] = profile_img
update = True
if profile_name and profile_name != user_ref.profileName:
dict["profileName"] = profile_name
update = True
if update:
logdiction['event'] = 'updateuser'
try:
users_dao.update_user(user_key, dict, None)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Error updating user with id %s"%new_user_id)
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
if not profile_img:
profile_img = constants.IMAGE_PARAMS.USER_AVATAR
new_user = Users(key_name=user_key,
userid=new_user_id,
isEnabled="yes",
accountRef=acc,
profileName=profile_name,
profileLink=profile_link,
profileImg=profile_img)
logdiction['event'] = 'createuser'
try:
users_dao.save_user(new_user, user_key)
except:
logdiction['success'] = 'false'
logdiction['details'] = db_error()
logs.create(logdiction)
self.response.out.write(db_error())
error("Error getting user with key %s"%key)
return
logs.create(logdiction)
self.response.out.write(success_ret())
timing(start)
return
