def delete_user_goals():
user_data = models.UserData.current()
if not user_data.developer:
return api_unauthorized_response("UNAUTHORIZED")
user_override = request.request_user_data("email")
if user_override and user_override.key_email != user_data.key_email:
user_data = user_override
GoalList.delete_all_goals(user_data)
return "Goals deleted"
def get_user_goals():
student = models.UserData.current() or models.UserData.pre_phantom()
user_override = request.request_user_data("email")
if user_override and user_override.key_email != student.key_email:
if not user_override.is_visible_to(student):
return api_unauthorized_response("Cannot view this profile")
else:
# Allow access to this student's profile
student = user_override
goals = GoalList.get_all_goals(student)
return [g.get_visible_data() for g in goals]
def wrapper(*args, **kwargs):
if user_models.UserData.current():
return method(*args, **kwargs)
else:
user_data = _create_phantom_user_data()
if not user_data:
logging.warning("api_create_phantom failed to create "
"user_data properly. xsrf failure? "
"Headers:\n%s" % str(request.headers).strip())
return api_util.api_unauthorized_response(
'Failed to create phantom user')
response = method(*args, **kwargs)
cookie = _get_cookie_from_phantom(user_data)
response.set_cookie(PHANTOM_MORSEL_KEY, cookie)
return response
def wrapper(*args, **kwargs):
if user_models.UserData.current():
return method(*args, **kwargs)
else:
user_data = _create_phantom_user_data()
if not user_data:
logging.warning("api_create_phantom failed to create "
"user_data properly. xsrf failure? "
"Headers:\n%s" % str(request.headers).strip())
return api_util.api_unauthorized_response(
'Failed to create phantom user')
response = method(*args, **kwargs)
cookie = _get_cookie_from_phantom(user_data)
response.set_cookie(PHANTOM_MORSEL_KEY, cookie)
return response