def get_api_keys(request, app_id):
app = get_object_or_404(Application, pk=app_id)
if app.applicant != request.user or not request.is_ajax():
raise PermissionDenied
if request.method == "POST":
error_list = []
key_id = request.POST.get("key_id", 0)
key_vcode = request.POST.get("vcode", "")
if not key_id or not key_vcode:
error_list.append("You must provide both Key ID and vCode!")
else:
try:
key_id = int(key_id)
except ValueError:
error_list.append("The Key ID is invalid (not an integer)!")
api_key = MemberAPIKey(keyid=key_id, vcode=key_vcode, user=request.user)
api_key.validate()
if not api_key.validation_error:
return HttpResponse()
else:
error_list.append(api_key.validation_error)
api_key.delete()
if error_list:
error_text = ""
for x in error_list:
error_text += "%s<br />" % x
return HttpResponse(error_text, status=400)
else:
return TemplateResponse(request, "api_widget.html", {"application": app})
