class PingResource(Resource): def __init__(self): self.logger = Logger(__name__) def get(self): self.logger.debug('Pinged.') return ResponseBuilder.build_response({}, status_code=200)
class StoriesResource(Resource): def __init__(self): self.logger = Logger(__name__) def _get_token_from_header(self): return RequestBuilder.get_field_from_header('token') def post(self): try: # get token from header token = self._get_token_from_header() # identify with token username = Token.identify(token) # get data from request story_data = {} story_data['media'] = self._get_media_from_request() story_data['location'] = self._get_location_from_request() timestamp = self._get_timestamp_from_request() is_private = self._get_privateness_from_request() story_data['title'] = self._try_get_title_from_request() story_data['description'] = self._try_get_description_from_request( ) story_data['username'] = username # validated data story_data['timestamp'] = InputSanitizer.sanitize_integer( timestamp) story_data['is_private'] = InputSanitizer.sanitize_boolean( is_private) # ask SS for storage service? # save new Story at AS self.logger.debug( "At POST@/stories got story_data {}".format(story_data)) new_story_id = User.save_new_story(story_data) # generate response response = dict(story_data) response['story_id'] = new_story_id # save stat StatCollector.save_event_story_post(story_data["timestamp"]) # return response return ResponseBuilder.build_response(response) except (MissingFieldException, InvalidTokenException, ExpiredTokenException, InvalidFormatException) as e: return ResponseBuilder.build_error_response( e.message, e.error_code) def _get_media_from_request(self): return RequestBuilder.get_field_from_request('media') def _get_timestamp_from_request(self): return RequestBuilder.get_field_from_request('timestamp') def _get_location_from_request(self): return RequestBuilder.get_field_from_request('location') def _get_privateness_from_request(self): return RequestBuilder.get_field_from_request('is_private') def _try_get_title_from_request(self): return RequestBuilder.get_field_from_request_or_default('title', "") def _try_get_description_from_request(self): return RequestBuilder.get_field_from_request_or_default( 'description', "")
class FlashResource(Resource): def __init__(self): self.logger = Logger(__name__) def _get_token_from_header(self): return RequestBuilder.get_field_from_header('token') def get(self, flash_id): try: # get token from header token = self._get_token_from_header() # identify with token username = Token.identify(token) # get flash by flash_id flash = Flash.get_flash(flash_id) # if <username is not the uploader> and <uploader and username are not friends> return 403 uploader = flash["username"] self.logger.debug( "at GET@/flash/{} username requesting is {} and uploader is {}" .format(flash_id, username, uploader)) if username != uploader and not Friendship.are_friends( username, uploader): return ResponseBuilder.build_error_response( "Flash is not from a friend", 403) # return response return ResponseBuilder.build_response(flash) except (InvalidTokenException, MissingFieldException, ExpiredTokenException, FlashNotFoundException) as e: return ResponseBuilder.build_error_response( e.message, e.error_code) def delete(self, flash_id): try: # get token from header token = self._get_token_from_header() # identify with token username = Token.identify(token) # get flash by flash_id flash = Flash.get_flash(flash_id) # if username is not the uploader return 403 flash_uploader = flash["username"] self.logger.debug( "at DELETE@/flash/{} username requesting is {} and uploader is {}" .format(flash_id, username, flash_uploader)) if username != flash_uploader: return ResponseBuilder.build_error_response( "Flash is not own", 403) # delete flash deleted_flash_id = Flash.delete_flash(flash_id) # generate response output = {"target_flash_id": deleted_flash_id} # return response return ResponseBuilder.build_response(output) except (InvalidTokenException, ExpiredTokenException, FlashNotFoundException, MissingFieldException) as e: return ResponseBuilder.build_error_response( e.message, e.error_code)
class StoryResource(Resource): def __init__(self): self.logger = Logger(__name__) def _get_token_from_header(self): return RequestBuilder.get_field_from_header('token') def get(self, story_id): try: # get token from header token = self._get_token_from_header() # identify with token username = Token.identify(token) # get story by story_id story = Story.get_story(story_id) # if <username is not the uploader> and <story is private> and ... # ... <uploader and username are not friends> return 403 is_private = story["is_private"] story_uploader = story["username"] self.logger.debug("At GET@/stories requesting user is {}, uploader is {} and story {} private".format( username, story_uploader, "is" if is_private else "is not")) if username != story_uploader and \ InputSanitizer.sanitize_boolean(is_private) and \ not Friendship.are_friends(username, story_uploader): return ResponseBuilder.build_error_response("Story is private", 403) # generate response # return response return ResponseBuilder.build_response(story) except (InvalidTokenException, MissingFieldException, ExpiredTokenException, StoryNotFoundException) as e: return ResponseBuilder.build_error_response(e.message, e.error_code) def delete(self, story_id): try: # get token from header token = self._get_token_from_header() # identify with token username = Token.identify(token) # get story by story_id story = Story.get_story(story_id) # if username is not the uploader return 403 story_uploader = story["username"] self.logger.debug("At DELETE@/stories requesting user is {} and uploader is {}".format( username, story_uploader)) if username != story_uploader: return ResponseBuilder.build_error_response("Story is not own", 403) # delete story deleted_story_obj = Story.delete_story(story_id) deleted_story_id = str(deleted_story_obj) # generate response output = {"target_story_id": deleted_story_id} # return response return ResponseBuilder.build_response(output) except (InvalidTokenException, ExpiredTokenException, StoryNotFoundException, MissingFieldException) as e: return ResponseBuilder.build_error_response(e.message, e.error_code)