def get(self): """ A paginated resource for Domains """ auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, required=False, default=1) parser.add_argument("per_page", type=int, required=False, default=10) args = parser.parse_args() query = Domain.query.paginate(args.page, args.per_page) return make_response(request.url, query)
def get(self, domain): """ """ auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, help="", required=False, default=1) parser.add_argument("per_page", type=int, help="", required=False, default=10) args = parser.parse_args() domain = Domain.query.filter(Domain.name == domain).first() if not domain: return {}, 404 pages = Pagination(domain.resources, args.page, args.per_page) return make_response(request.url, pages)
def get(self): """ Paginated access to users """ parser = reqparse.RequestParser() parser.add_argument("me", type=bool, default=None) parser.add_argument("signups", type=bool, default=None) parser.add_argument("page", type=int, required=False, default=1) parser.add_argument("per_page", type=int, required=False, default=10) args = parser.parse_args() # Let unauthenticated users see if they can register an account if args.signups: if "PERMIT_NEW_ACCOUNTS" in app.config: return app.config["PERMIT_NEW_ACCOUNTS"] return None user = auth(session, required=True) if args.me: s = Session.query.filter(Session.session_id == session['session']).first() response = user.jsonify() response['session'] = s.jsonify() return response if not user.can("see_all"): return {}, 403 query = User.query.order_by(desc(User.created)).paginate(args.page, args.per_page) return make_response(request.url, query, revisions=True)
def get(self, username): user = auth(session, required=True) parser = reqparse.RequestParser() parser.add_argument("page", type=int, default=1) parser.add_argument("per_page", type=int, default=10) args = parser.parse_args() if user.username != username and not user.can("see_all"): return {}, 403 if user.username != username: user = User.query.filter(User.username == username).first() if not user: return {}, 404 query = Friend.query.filter(Friend.user == user)\ .order_by(desc(Friend.created)).paginate(args.page, args.per_page) response = make_response(request.url, query) # Check the remote side of each request for i, friend_request in enumerate(response['data']): address = friend_request['address'] network, node_id, uid = address.split('/') router = app.routes.get(network, None) if router != None: message_body = {"add": {"from": user.uid, "to": address}} remote_state = router.protocol.rpc_friend(message_body) if remote_state[0]: response['data'][i]['status'] = remote_state[0]['status'] return response
def get(self): user = auth(session, required=True) if not user.can("see_all"): return {}, 403 return config_as_response()
def post(self, username): """ Rename, accept or block a Friend. Refer to models.Friend.states to see what the possible integer values accepted by this method represent. Friends with their "received" attribute set to None cannot have their state attribute modified as they represent sent requests. """ user = auth(session, required=True) parser = reqparse.RequestParser() parser.add_argument("state", type=int) parser.add_argument("name", type=str) parser.add_argument("address", type=str, required=True) args = parser.parse_args() friend = Friend.query.filter(and_(Friend.address == args.address, Friend.user == user)).first() if not friend: return {}, 404 if args.name: friend.name = args.name if args.state: friend.state = args.state db.session.add(friend) db.session.commit() return friend.jsonify()
def post(self, username): user = auth(session, required=True) if not 'avatar' in request.files: return {}, 400 upload = request.files['avatar'] revision = Revision() revision.add(upload) existing = Revision.query.filter( Revision.hash == revision.hash ).first() if existing: # We already have this file user.avatar = existing if not existing in user.revisions: user.revisions.append(existing) db.session.add(existing) else: user.avatar = revision user.revisions.append(revision) db.session.add(revision) db.session.add(user) db.session.commit() return redirect("/")
def get(self, username): """ View user. Those with see_all may access more attributes. """ user = auth(session, required=True) parser = reqparse.RequestParser() parser.add_argument("can", type=str) args = parser.parse_args() target = User.query.filter(User.username == username).first() if not target: return {}, 404 if not user.can("see_all") and username != user.username: return target.jsonify(address=app.routes._default) if args.can: return target.can(args.can) return target.jsonify(revisions=True, groups=True, sessions=True, address=app.routes._default)
def index(self): user = auth(session, required=True) current_session = session['session'] [db.session.delete(s) for s in user.sessions if s.session_id == current_session] session['session'] = '' log("%s logged out." % user.username) return redirect('/')
def delete(self, network): """ Remove a peer. Assembles a nodeple and uses RoutingTable.get_existing_node and RoutingTable.remove_node to remove a peer and stop republishing their keys. """ user = auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("id", type=str, required=True) parser.add_argument("ip", type=str, required=True) parser.add_argument("port", type=int, required=True) args = parser.parse_args() routes = app.routes.get(network, None) if routes == None: return {}, 404 if not user.can("manage_networks"): return {}, 403 node = [long(args.id), args.ip, args.port] node = routes.get_existing_node(node) if node == None: return {}, 404 routes.remove_node(node) return True
def get(self, name): user = auth(session, required=True) group = UserGroup.query.filter(UserGroup.name == name).first() if not group: return {}, 404 return group.jsonify(with_users=True, with_privs=True)
def get(self): auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, default=1) parser.add_argument("per_page", type=int, default=10) parser.add_argument("network", type=str, default=None) args = parser.parse_args() if not args.network: routes = app.routes._default else: routes = app.routes.get(args.network, None) if not routes: return {}, 404 peers = [peer for peer in routes] pages = Pagination(peers, args.page, args.per_page) return make_response(request.url, pages)
def get(self, hash): """ Return a specific revision by hash. """ user = auth(session) rev = Revision.query.filter(and_(Revision.hash == hash, Revision.user == user)).first() if rev: return rev.jsonify() return {}, 404
def authenticate(self): if not self.user: user = auth(self.request) if user and not self.user: log("Received %s stream connection from %s" % \ (self.socket_type, user.username)) self.user = user return True return False
def get(self): auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, required=False, default=1) parser.add_argument("per_page", type=int, required=False, default=10) args = parser.parse_args() routes = app.routes.values() pages = Pagination(routes, args.page, args.per_page) response = make_response(request.url, pages) # Calculate the number of unique nodes we know of peers = [] for router in routes: peers.extend([peer.threeple for peer in router]) peers = set(peers) response['peers'] = len(peers) return response
def get(self, network): auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, default=1) parser.add_argument("per_page", type=int, default=10) args = parser.parse_args() routes = app.routes.get(network, None) if not routes: return {}, 404 peers = [peer for peer in routes] pages = Pagination(peers, args.page, args.per_page) pages.items = [p.jsonify(string_id=True) for p in pages.items] # Would like to make the following more elegant. # for i, j in enumerate(pages.items): # pages.items[i]['node'] = (str(j['node'][0]), j['node'][1], j['node'][2]) return make_response(request.url, pages, jsonify=False)
def get(self, username): user = auth(session, required=True) if user.username != username and not user.can("see_all"): return {}, 403 user = User.query.filter(User.username == username).first() if user == None: return 404 return Revision.query.filter(Revision.user == user).count()
def post(self, username): """ Account modification """ parser = reqparse.RequestParser() parser.add_argument("email", type=str) parser.add_argument("password", type=str) parser.add_argument("verify_password", type=str) parser.add_argument("public", type=bool, default=None) parser.add_argument("active", type=bool, default=None) args = parser.parse_args() calling_user = auth(session, required=True) if calling_user.username != username and not calling_user.can("reset_user_pw"): return {}, 403 user = User.query.filter(User.username == username).first() if not user: return {}, 404 if args.verify_password: # It's here to spare from getting in the logs. return user.verify_password(args.verify_password) if args.password: # must be at least six characters though if len(args.password) < 6: return "Must be at least six characters.", 304 user.change_password(args.password) db.session.add(user) db.session.commit() return True if args.email: user.email = args.email if args.public: user.public = args.public != None if calling_user.can("deactivate") and args.active != None: user.active = args.active if args.active == True: log("%s reactivated %s's user account." % \ (calling_user.username, user.username)) else: log("%s deactivated %s's user account." % \ (calling_user.username, user.username)) for s in user.sessions: db.session.delete(s) db.session.add(user) db.session.commit() return user.jsonify()
def recv_connect(self): user = auth(self.request) if not user: self.request_reconnect() else: log("Received presence connection from %s" % user.username) self.user = user if not user.can("chat"): body = {"message":"You don't have permission to chat."} self.emit("disconnect", body) self.send("disconnect") log("%s isn't permitted to chat." % user.username)
def get(self, query): user = auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, default=1) parser.add_argument("per_page", type=int, default=10) args = parser.parse_args() revisions = [_ for _ in Revision.query.all() if query in _.url and \ (_.user == user or _.public)] pages = Pagination(revisions, args.page, args.per_page) response = make_response(request.url, pages) return response
def delete(self): """ Remove a usergroup by name. """ parser = restful.reqparse.RequestParser() parser.add_argument("name", type=str, required=True) args = parser.parse_args() user = auth(session, required=True) group = UserGroup.query.filter(UserGroup.name == args.name).first() db.session.delete(group) db.session.commit() return {}, 204
def get(self, url): user = auth(session, required=not app.config['OPEN_PROXY']) revision = fetch.get("http://"+url, request.user_agent, user) if not revision: return Response(status=404) if not "text" in revision.mimetype: return send_file(revision.bcontent, mimetype=revision.mimetype) else: if 'html' in revision.mimetype: revision.content = parser.parse(revision.content, 'http://' + url) return revision.as_response
def get(self): user = auth(session, required=True) parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, default=1) parser.add_argument("per_page", type=int, default=10) args = parser.parse_args() if user.can("see_all"): query = Revision.query.order_by(desc(Revision.created)).paginate(args.page, args.per_page) else: query = Revision.query.filter(or_(Revision.public == True, Revision.user == user))\ .order_by(desc(Revision.created)).paginate(args.page, args.per_page) return make_response(request.url, query)
def get(self): """ Implements /v1/privs """ parser = restful.reqparse.RequestParser() parser.add_argument("page", type=int, required=False, default=1) parser.add_argument("per_page", type=int, required=False, default=10) args = parser.parse_args() user = auth(session, required=True) if not user.can("see_all"): return {}, 403 query = Priv.query.order_by(desc(Priv.created)).paginate(args.page, args.per_page) return make_response(request.url, query)
def delete(self, username): """ Account deletion """ user = auth(session, required=True) if user.username != username and not user.can("delete_at_will"): return {}, 403 user = User.query.filter(User.username == username).first() if not user: return {}, 404 db.session.delete(user) db.session.commit() return {}, 204
def delete(self, username): """ Unfriend an address. """ user = auth(session, required=True) parser = reqparse.RequestParser() parser.add_argument("address", type=str, required=True) args = parser.parse_args() # Will do for now for friend in user.friends: if friend.address == args.address: db.session.delete(friend) db.session.commit() return {}, 204 return {}, 404
def get(self, username): user = auth(session, required=True) if user.username != username and not user.can("see_all"): return {}, 403 parser = reqparse.RequestParser() parser.add_argument("page", type=int, default=1) parser.add_argument("per_page", type=int, default=20) args = parser.parse_args() user = User.query.filter(User.username == username).first() if user == None: return 404 query = Revision.query.filter(Revision.user == user)\ .order_by(desc(Revision.created)).paginate(args.page, args.per_page) return make_response(request.url, query)
def delete(self, network): """ Remove a network. """ user = auth(session, required=True) routes = app.routes.get(network, None) if routes == None: return {}, 404 if not user.can("manage_networks"): return {}, 403 log("%s is removing network \"%s\"." % (user.username, network)) app.routes.leave(network) # Remove the database representation, too network_in_db = Network.query.filter(Network.name == network).first() if network_in_db != None: network_in_db.delete()
def put(self): """ Create a new usergroup by name. """ parser = restful.reqparse.RequestParser() parser.add_argument("name", type=str, required=True) args = parser.parse_args() user = auth(session, required=True) if not user.can("modify_usergroup"): return {}, 403 group = UserGroup(name=args.name) db.session.add(group) db.session.commit() return group.jsonify()
def delete(self, hash): """ Delete a revision object by content hash. """ user = auth(session, required=True) if user.can("delete_at_will"): rev = Revision.query.filter(Revision.hash == hash).first() else: rev = Revision.query.filter( and_(Revision.hash == hash, Revision.user == user) ).first() if not rev: return {}, 404 db.session.delete(rev) db.session.commit() return {}, 204