def do_GET(self):
self._set_headers(200)
response = {}
parsed = self.parse_url(self.path)
if len(parsed) == 2:
(resource, id) = parsed
if resource == "latest_post":
response = f"{get_latest_post()}"
if resource == "posts":
if id is not None:
response = f"{get_single_post(id)}"
else:
response = f"{get_all_posts()}"
if resource == "users" and id is None:
response = get_all_users()
if resource == "categories":
if id is not None:
response = f"{get_single_category(id)}"
else:
response = f"{get_all_categories()}"
if resource == "comments":
if id is not None:
response = f"{get_single_comment(id)}"
else:
response = f"{get_all_comments()}"
if resource == "tags":
if id is not None:
response = f"{get_single_tag(id)}"
else:
response = f"{get_all_tags()}"
elif len(parsed) == 3:
(resource, key, value) = parsed
if key == "email" and resource == "users":
response = get_user_by_email(value)
if resource == "posts":
if key == "category_id":
response = get_posts_by_category_id(value)
if key == "user_id":
response = f"{get_posts_by_user_id(value)}"
if key == "post_id" and resource == "post_tags":
response = get_post_tags_by_post_id(value)
if key == "post_id" and resource == "comments":
response = get_comment_by_post(value)
self.wfile.write(response.encode())
def do_GET(self):
self._set_headers(200)
response = {}
# Parse URL and store entire tuple in a variable
parsed = self.parse_url(self.path)
if len(parsed) == 2:
(resource, id) = parsed
if resource == "categories" and id is None:
response = get_categories()
if resource == "tags":
response = get_tags()
if resource == "reactions":
response = get_reactions()
if resource == "tagPosts" and id is None:
response = get_tagPosts()
if resource == "subscriptions" and id is None:
response = get_subscriptions()
if resource == "posts":
if id is not None:
response = get_single_post(id)
else:
response = get_all_posts()
if resource == "tagPosts" and id is None:
response = get_tagPosts()
if resource == "reactionPosts" and id is None:
response = get_reactionPosts()
if resource == "users":
if id is not None:
response = get_single_user(id)
else:
response = get_all_users()
elif len(parsed) == 3:
(resource, key, value) = parsed
if key == "email" and resource == "users":
response = get_user_by_email(value)
if key == "category_id" and resource == "posts":
response = get_posts_by_category_id(value)
if key == "user_id" and resource == "posts":
response = get_posts_by_user_id(value)
if key == "tag_id" and resource == "posts":
response = get_posts_by_tag_id(value)
if key == "post_id" and resource == "tags":
response = get_single_post_tags(value)
self.wfile.write(response.encode())
def do_GET(self):
self._set_headers(200)
response = {}
# Parse URL and store entire tuple in a variable
parsed = self.parse_url(self.path)
#All of these take into account the resource to be used and an optional ID, via if else statement
if len(parsed) == 2:
(resource, id) = parsed
if resource == "posts":
if id is None:
response = f"{get_all_posts()}"
elif id is not None:
response = f"{get_post_by_id(id)}"
if resource == "comments":
if id is None:
response = f"{get_all_comments()}"
if resource == "categories":
if id is None:
response = f"{get_all_categories()}"
elif id is not None:
pass
if resource == "tags":
if id is None:
response = f"{get_all_tags()}"
elif id is not None:
pass
if resource == "users":
if id is None:
response = f"{get_all_users()}"
elif id is not None:
response = f"{get_user_by_id(id)}"
if resource == "postTags":
if id is None:
response = f"{get_all_post_tags()}"
else:
response = f"{get_user_by_id(id)}"
elif len(parsed) == 3:
(resource, key, value) = parsed
if key == "user_id" and resource == "posts":
response = get_user_posts(value)
if key == "email" and resource == "users":
response = get_user_by_email(value)
self.wfile.write(response.encode())
def do_GET(self):
self._set_headers(200)
response = {}
# Parse URL and store entire tuple in a variable
parsed = self.parse_url(self.path)
if len(parsed) == 2:
(resource, id) = parsed
if resource == "categories":
response = get_all_categories()
if resource == "posts":
if id is not None:
response = get_single_post(id)
pass
else:
response = get_all_posts()
if resource == "users":
if id is not None:
pass
else:
response = get_all_users()
if resource == "comments":
if id is not None:
pass
else:
response = get_all_comments()
# Response from parse_url() is a tuple with 3
# items in it, which means the request was for
# `/resource?parameter=value`
elif len(parsed) == 3:
(resource, key, value) = parsed
if key == "user_id" and resource == "posts":
response = get_posts_by_user(value)
if key == "email" and resource == "users":
response = get_user_by_email(value)
self.wfile.write(response.encode())
def login():
"""Initiate user session"""
try:
urls = []
email = request.form['email']
password = request.form['password']
token = groups.authenticate_group_member(email_id=email,
password=password)
user_id = users.get_user_by_email(email_id=email)
group_id = groups.get_group_id(user_id=user_id)
session.clear()
session["user"] = email
session["group"] = group_id
session['token'] = token
print(token)
if group_id is not None:
urls = groups.get_download_url(group_id=group_id, user_token=token)
return render_template("filemanager/dashboard.html", files=urls)
except Exception as e:
logging.exception(e)
return render_template("filemanager/failure.html")
def do_POST(self):
# Set response code to 'Created'
self._set_headers(201)
content_len = int(self.headers.get('content-length', 0))
post_body = self.rfile.read(content_len)
# Convert JSON string to a Python dictionary
post_body = json.loads(post_body)
# Parse the URL
(resource, id) = self.parse_url(self.path)
# Initialize new item
new_item = None
if resource == "login":
new_item = get_user_by_email(post_body)
if resource == "register":
new_item = create_user(post_body)
if resource == "posts":
if 'tag_id' in post_body:
# Not updating post object so no need to put this call in PUT
# For now, POST request in Postman only
new_item = add_tag_to_post(post_body)
else:
new_item = create_post(post_body)
# pass
if resource == "categories":
new_item = create_category(post_body)
if resource == "tags":
new_item = create_tag(post_body)
if resource == "comments":
new_item = create_comment(post_body)
self.wfile.write(f"{new_item}".encode())
def add_users_to_case():
"""Adds a user to a specific case"""
# get data
case_id = request.form.get('case_id')
user_emails = request.form.get('new_users')
#nix any spaces
user_emails = user_emails.replace(" ", "")
#split up the emails
user_emails = user_emails.split(",")
# start the return string with a <tr> tag
update_users = ""
# loop through the emails
for email in user_emails:
# get the user obj for the email
# a new user be created if the user is not registered yet
user_check = get_user_by_email(email)
# Create usercase assocation
# update_usercase returns None if the usercase is new
case_user_check = update_usercase(case_id, user_check.user_id)
close_btn = '<td><button type="button" id="' + str(
user_check.user_id
) + '" class="close new-user-x" aria-label="Close"><span aria-hidden="true">×</span></button></td>'
# if it's a new assocation - add it as a <td> to response string
if case_user_check is None:
update_users = update_users + "<tr id ='User_" + str(
user_check.user_id
) + "'>" + close_btn + "<td>" + user_check.fname + " " + user_check.lname + "</td>" + "<td>" + email + "</td> </tr>"
# add the closing row tag once all the tds are done
# update_users = update_users + "</tr>"
return update_users
def register_case():
"""Handles form and registration of new case"""
#if it's a get - render registration form
if request.method == "GET":
# render registration form
return render_template('/register-case.html')
#otherwise register case in db
if request.method == "POST":
# get the case name, list of user emails and the current user
case_name = request.form.get('case_name')
other_users = request.form.get('user-list')
current_user = g.current_user
# strip out spaces from the email's input into the form
other_users = other_users.replace(" ", "")
# split on the comma
user_emails = other_users.split(",")
# append the existing user to the list of approved users
user_emails.append(current_user.email)
# instantiate a new case in the db
# create_case() returns the newly created case object
case = create_case(case_name, current_user.user_id)
# cycle through the provided emails
for email in user_emails:
# get_user_by_email gets the user object for that email address
# or registers a new user if the email doesn't exist already
user = get_user_by_email(email)
#create an association in the usercases table
update_usercase(case_id=case.case_id, user_id=user.user_id)
return redirect('/cases')
def process_letter(mail_uid, account):
raw_mail = download_letter(mail_uid, account)
message = email.message_from_bytes(raw_mail)
address = re.search("<?(.+\@.+)>?", message["From"]).group(1)
user = get_user_by_email(address)
item_generic = user.copy() # Base for item object that will be added to INqueue
item_generic["collector"] = "imap"
item_generic["email_To"] = account["address"]
item_generic["email_From"] = address
item_generic["email_Subject"] = decode_simple_header(message["Subject"]) if "Subject" in message else ""
item_generic["email_Message-ID"] = message["Message-ID"]
try:
item_generic["output_format"] = "." + re.search("^(test_)?\w*?2?(\w+)@", account["address"]).group(2)
except IndexError:
pass
user_local_path = in_user_local_path(item_generic)
logger.debug(
"Look for attachments in letter {uid} from {address} to {acc_address}".format(
uid=mail_uid, address=address, acc_address=account["address"]
)
)
body = ""
skip_text_maintype = (
False
) # Help to find main text body of the message. I resume that the first part with the text maintype is the necessary one
for part in message.walk():
if not skip_text_maintype and part.get_content_maintype() == "text":
body += part.get_payload()
skip_text_maintype = True
continue
if part.get_content_maintype() == "multipart" or not part.get_filename():
continue
filename = os.path.basename(
decode_simple_header(part.get_filename())
) # os.path.basename is for security reason
local_file = os.path.join(user_local_path, filename)
with open(local_file, "wb") as fh:
fh.write(part.get_payload(decode=True))
item = item_generic.copy()
item["collect_time"] = time.time()
item["input_file"] = local_file
put_to_queue("IN", item)
logger.debug(
'File {input_file} saved from email attachment and putted to the "IN" queue (letter {uid} from {address} to {acc_address}'.format(
input_file=item["input_file"], uid=mail_uid, address=address, acc_address=account["address"]
)
)
logger.debug(
"Look for urls in letter {uid} from {address} to {acc_address}".format(
uid=mail_uid, address=address, acc_address=account["address"]
)
)
try:
body_in_xmltag = "<nothing>" + body + "</nothing>"
body_without_xmltags = " ".join(ElementTree.fromstring(body_in_xmltag).itertext())
except ElementTree.ParseError:
body_without_xmltags = body
urls = set(re.findall(r"https?://[^ ]+", body))
for url in urls:
request = requests.get(url, stream=True)
try: # Try to get filename from HTTP headers
filename = os.path.basename(
re.search('^filename="(.+)"$', request.headers["content-disposition"]).group(1)
) # os.path.basename is for security reason
# AttributeError — There isn't Content-Disposition HTTP header in HTTP response
# KeyError — filename is empty
# IndexError — Content-Disposition HTTP header doesn't have filename parameter:
except (AttributeError, KeyError, IndexError):
unquoted_url = urllib.parse.unquote_plus(url)
filename = urllib.parse.urlparse(unquoted_url).path.split("/")[-1] # Get filename from url
logger.debug("filename = {}".format(filename))
if filename == "":
filename = "index.html"
if not os.path.splitext(filename):
filename += ".html"
local_file = os.path.join(user_local_path, filename)
with open(local_file, "wb") as fh:
for chunk in request.iter_content(4096): # 4096 is a random count of bytes
fh.write(chunk)
item = item_generic.copy()
item["collect_time"] = time.time()
item["input_file"] = local_file
put_to_queue("IN", item)
logger.debug(
'File {input_file} downloaded through URL from letter {uid} (from {address} to {acc_address}) and putted to the "IN" queue'.format(
input_file=item["input_file"], uid=mail_uid, address=address, acc_address=account["address"]
)
)
logger.debug(
"Processing of letter {uid} is completed (from {address} to {acc_address})".format(
uid=mail_uid, address=address, acc_address=account["address"]
)
)
def validate_email(form, field):
if not get_user_by_email(field.data):
raise ValidationError('Email address doesn\'t exists.')
