class AuthHandler(webapp.RequestHandler):
def get(self, mode=''):
if mode == 'login':
if 'allowed' in self.request.cookies and \
self.request.cookies['allowed'].count('_'):
_twitter_id, _login_hash = \
self.request.cookies['allowed'].split('_', 1)
user_info = UserInfo.all().filter('twitter_id =',
_twitter_id).get()
if user_info and _sha512(user_info.acc_key) == _login_hash:
self.session = Session()
self.session['twitter_id'] = _twitter_id
return self.redirect('/home')
auth = _oauth_handler()
auth_url = auth.get_authorization_url()
memcache.set(auth.request_token.key, auth.request_token.secret,
3600)
return self.redirect(auth_url)
elif mode == 'verify':
auth = _oauth_handler()
ver = self.request.get('oauth_verifier')
req_key = self.request.get('oauth_token')
req_sec = memcache.get(req_key)
auth.set_request_token(req_key, req_sec)
acc_token = auth.get_access_token(ver)
api = tweepy.API(auth_handler=auth)
me = api.me()
if not UserInfo.all().filter('twitter_id =', str(me.id)).get():
user_info = UserInfo(twitter_id=str(me.id),
screen_name=me.screen_name,
name=me.name,
image=me.profile_image_url,
acc_key=acc_token.key,
acc_sec=acc_token.secret)
user_info.put()
self.session = Session()
self.session.delete_item('twitter_id')
self.session['twitter_id'] = str(me.id)
c = SimpleCookie()
c['allowed'] = '%d_%s' % (me.id, _sha512(acc_token.key))
c['allowed']['path'] = '/auth'
c['allowed']['expires'] = 86400 * 10
self.response.headers.add_header('Set-Cookie', c.output(header=''))
return self.redirect('/home')
elif mode == 'logout':
user_info = _login_user(self)
if user_info:
self.session = Session()
self.session.delete_item('twitter_id')
return self.redirect('/')
class RPXSessionRequestHandler(webapp.RequestHandler):
def __init__(self):
webapp.RequestHandler.__init__(self)
self.session = Session()
if not 'is_logged_in' in self.session:
self.session['is_logged_in'] = False
def get_session_user(self):
if self.is_logged_in():
session_user = SessionUser(
identifier = self.session.get('identifier', ''),
username = self.session.get('username', ''),
nickname = self.session.get('nickname', ''),
email = self.session.get('email', ''),
auth_provider = self.session.get('auth_provider', ''),
phone_number = self.session.get('phone_number', ''),
)
return session_user
else:
return None
def log_in(self, session_user):
self.session['identifier'] = session_user.identifier
self.session['username'] = session_user.username
self.session['nickname'] = session_user.nickname
self.session['auth_provider'] = session_user.auth_provider
self.session['email'] = session_user.email
self.session['phone_number'] = session_user.phone_number
self.session['is_logged_in'] = True
def log_out(self):
self.session['is_logged_in'] = False
def is_logged_in(self):
return self.session['is_logged_in']
class AuthHandler(webapp.RequestHandler):
def get(self, mode = ''):
if mode == 'login':
if 'allowed' in self.request.cookies and \
self.request.cookies['allowed'].count('_'):
_twitter_id, _login_hash = \
self.request.cookies['allowed'].split('_', 1)
user_info = UserInfo.all().filter('twitter_id =', _twitter_id).get()
if user_info and _sha512(user_info.acc_key) == _login_hash:
self.session = Session()
self.session['twitter_id'] = _twitter_id
return self.redirect('/home')
auth = _oauth_handler()
auth_url = auth.get_authorization_url()
memcache.set(auth.request_token.key,
auth.request_token.secret,
3600)
return self.redirect(auth_url)
elif mode == 'verify':
auth = _oauth_handler()
ver = self.request.get('oauth_verifier')
req_key = self.request.get('oauth_token')
req_sec = memcache.get(req_key)
auth.set_request_token(req_key, req_sec)
acc_token = auth.get_access_token(ver)
api = tweepy.API(auth_handler = auth)
me = api.me()
if not UserInfo.all().filter('twitter_id =', str(me.id)).get():
user_info = UserInfo(twitter_id = str(me.id),
screen_name = me.screen_name,
name = me.name,
image = me.profile_image_url,
acc_key = acc_token.key,
acc_sec = acc_token.secret)
user_info.put()
self.session = Session()
self.session.delete_item('twitter_id')
self.session['twitter_id'] = str(me.id)
c = SimpleCookie()
c['allowed'] = '%d_%s' % (me.id, _sha512(acc_token.key))
c['allowed']['path'] = '/auth'
c['allowed']['expires'] = 86400 * 10
self.response.headers.add_header('Set-Cookie', c.output(header = ''))
return self.redirect('/home')
elif mode == 'logout':
user_info = _login_user(self)
if user_info:
self.session = Session()
self.session.delete_item('twitter_id')
return self.redirect('/')
class SessionRequestHandler(webapp.RequestHandler):
"""
A SessionRequestHandler handler contains information about
the current session. It depends on the appengine_utilities.sessions
package to maintain a session.
"""
def __init__(self):
webapp.RequestHandler.__init__(self)
self.session = Session()
if not 'is_logged_in' in self.session:
self.session['is_logged_in'] = False
def get_session_user(self):
if self.is_logged_in():
session_user = SessionUser(
username = self.session.get('username', ''),
nickname = self.session.get('nickname', ''),
email = self.session.get('email', '')
)
return session_user
else:
return None
def log_in(self, session_user):
self.session['username'] = session_user.username
self.session['nickname'] = session_user.nickname
self.session['email'] = session_user.email
self.session['is_logged_in'] = True
def log_out(self):
self.session['is_logged_in'] = False
def is_logged_in(self):
return self.session['is_logged_in']
def get(self):
from appengine_utilities.sessions import Session
import uuid
session = Session()
session['kkk'] =str(uuid.uuid4())
Session.delete_all_sessions()
msg = ''
memcache.flush_all()
self.response.headers['content-type'] = 'text/plain'
self.response.out.write('deleteSession memcache.flush_all ok. %s'%msg)
def get(self):
from appengine_utilities.sessions import Session
import uuid
session = Session()
session["kkk"] = str(uuid.uuid4())
Session.delete_all_sessions()
msg = ""
memcache.flush_all()
self.response.headers["content-type"] = "text/plain"
self.response.out.write("deleteSession memcache.flush_all ok. %s" % msg)
class UnlogHandler(mkhandler.MKGAEHandler):
def base_directory(self):
return os.path.dirname(__file__)
def get(self):
self.wr(users.get_current_user().email())
self.session = Session()
self.session.delete()
self.redirect(users.create_logout_url('/admin/'))
def internal_post(self):
self.internal_get()
def get(self):
from appengine_utilities.sessions import Session
import uuid
session = Session()
session['kkk'] = str(uuid.uuid4())
Session.delete_all_sessions()
msg = ''
memcache.flush_all()
self.response.headers['content-type'] = 'text/plain'
self.response.out.write('deleteSession memcache.flush_all ok. %s' %
msg)
def SessionCheck():
return True
sess = Session()
if (not sess.get(keyname='user')):
return False
fname = sess['fname']
lname = sess['lname']
if (not (fname == 'Roger')):
return False
return True
def post(self):
try:
domain = self.request.get('domain')
task_id = int(self.request.get('id'))
assignee = self.request.get('assignee')
except (TypeError, ValueError):
self.error(403)
logging.error("Invalid input")
return
user = api.get_and_validate_user(domain)
if not user:
self.error(403)
return
assignee = User.get_by_key_name(assignee)
if not assignee:
self.error(403)
logging.error("No assignee")
return
task = api.assign_task(domain, task_id, user, assignee)
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
add_message(
session,
"Task '%s' assigned to '%s'" % (task.title(), assignee.name))
self.redirect('/d/%s/' % domain)
def post(self):
try:
domain = self.request.get('domain')
description = self.request.get('description')
parent_identifier = self.request.get('parent', "")
if not description:
raise ValueError("Empty description")
# The checkbox will return 'on' if checked and None
# otherwise.
self_assign = bool(self.request.get('assign_to_self'))
except (TypeError, ValueError):
self.error(400)
return
user = api.get_and_validate_user(domain)
if not user:
self.error(401)
return
self.session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
assignee = user if self_assign else None
if not parent_identifier:
parent_identifier = None
task = api.create_task(domain,
user,
description,
assignee=assignee,
parent_task=parent_identifier)
add_message(self.session, "Task '%s' created" % task.title())
if parent_identifier:
self.redirect('/d/%s/task/%s' % (domain, parent_identifier))
else:
self.redirect('/d/%s/' % domain)
def get(self, domain_identifier, task_identifier):
task = api.get_task(domain_identifier, task_identifier)
if not task:
self.error(404)
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
user = api.get_user()
domain = api.get_domain(domain_identifier)
subtasks = api.get_all_subtasks(domain_identifier, task)
parent_task = task.parent_task
parent_identifier = parent_task.identifier() if parent_task else ""
parent_title = parent_task.title() if parent_task else ""
template_values = {
'domain_name': domain.name,
'domain_identifier': domain_identifier,
'user_name': user.name,
'user_identifier': user.identifier(),
'messages': get_and_delete_messages(session),
'task_title': task.title(),
'task_description': task.description_body(),
'task_assignee': assignee_description(task),
'task_identifier': task.identifier(),
'task_can_assign_to_self': api.can_assign_to_self(task, user),
'subtasks': _task_template_values(subtasks, user),
'parent_identifier': parent_identifier,
'parent_title': parent_title,
}
path = os.path.join(os.path.dirname(__file__),
'templates/taskdetail.html')
self.response.out.write(template.render(path, template_values))
def logout(request):
"""
API Method - /logout
Destroys the active user's session object. Any further use of
protected API methods will require a new session via the auth
API.
@method GET
@returns stock JSON response
"""
# delete session and return stock JSON response with a msg
# indicating the user has logged out
session = Session()
session.delete()
return _json_response(msg="User has been logged out.")
def _view(request, *args, **kwargs):
# get the session and check for a user, fail if it doesn't exist
if Session().get("user") is None:
# failed request
return _json_unauthorized_response()
# return the original API call through
return view_func(request, *args, **kwargs)
def logout(request):
"""
API Method - /logout
Destroys the active user's session object. Any further use of
protected API methods will require a new session via the auth
API.
@method GET
@returns stock JSON response
"""
# delete session and return stock JSON response with a msg
# indicating the user has logged out
session = Session()
session.delete()
return _json_response(msg="User has been logged out.")
def post(self):
try:
domain_identifier = self.request.get('domain')
task_identifier = self.request.get('task_id')
except (TypeError, ValueError):
self.error(400)
return
user = api.get_and_validate_user(domain_identifier)
if not user:
self.error(401)
return
self.session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
try:
description = self.request.get('description')
task = api.change_task_description(domain_identifier,
task_identifier, description,
user)
except ValueError:
self.error(403)
self.response.out.write("Error while editing task: %s" % error)
return
add_message(self.session, "Task '%s' edited" % task.title())
self.redirect('/d/%s/task/%s' % (domain_identifier, task_identifier))
def get(self, domain_identifier, task_identifier):
task = api.get_task(domain_identifier, task_identifier)
user = api.get_and_validate_user(domain_identifier)
view = self.request.get('view', 'all')
if not task or not user:
self.error(404)
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
user = api.get_logged_in_user()
domain = api.get_domain(domain_identifier)
if view == 'yours':
subtasks = api.get_assigned_tasks(domain_identifier,
user,
root_task=task,
limit=200)
subtasks_heading = "Subtasks of '%s' Assigned to You" % task.title(
)
no_subtasks_description = "No subtasks are assigned to you."
elif view == 'open':
subtasks = api.get_open_tasks(domain_identifier,
root_task=task,
limit=200)
subtasks_heading = "Open Subtasks of '%s'" % task.title()
no_subtasks_description = "No open subtasks for this task."
else: # view == 'all' or None
view = 'all'
user_id = user.identifier()
subtasks = api.get_all_direct_subtasks(domain_identifier,
root_task=task,
limit=200,
user_identifier=user_id)
subtasks_heading = "All Subtasks of '%s'" % task.title()
no_subtasks_description = "No subtasks for this task."
parent_task = task.parent_task
parent_identifier = parent_task.identifier() if parent_task else ""
parent_title = parent_task.title() if parent_task else ""
template_values = {
'domain_name': domain.name,
'domain_identifier': domain_identifier,
'view_mode': view,
'user_name': user.name,
'user_identifier': user.identifier(),
'messages': get_and_delete_messages(session),
'task_title': task.title(),
'task_description': task.description_body(),
'task_assignee': task.assignee_description(),
'task_identifier': task.identifier(),
'task_has_subtasks': not task.atomic(),
'task_can_assign_to_self': api.can_assign_to_self(task, user),
'task_can_edit': api.can_edit_task(domain, task, user),
'subtasks': _task_template_values(subtasks, user),
'parent_identifier': parent_identifier,
'parent_title': parent_title,
'subtasks_heading': subtasks_heading,
'no_subtasks_description': no_subtasks_description,
}
self.response.out.write(
render_template('templates/taskdetail.html', template_values))
def post(self):
session = Session()
greeting = db.get(self.request.get("key"))
tweets = Tweet.gql("WHERE img = :1 ", str(self.request.get("key")))
db.delete(greeting)
db.delete(tweets)
self.redirect('/main')
def get(self):
session = Session()
session["name"] = "no name"
session["tag"] = ""
session["pass"] = ""
path = os.path.join(os.path.dirname(__file__), 'index.html')
template_value = {}
self.response.out.write(template.render(path, template_value))
def getSessionVal(self, session_key):
if self.session is None:
self.session = Session()
try:
session_val_test = self.session[session_key]
except KeyError:
session_val_test = None
return session_val_test
def get(self):
session = Session()
greeting = db.get(self.request.get("img_id"))
if greeting.avatar:
self.response.headers['Content-Type'] = "image/png"
self.response.out.write(greeting.avatar)
else:
self.response.out.write("No image")
def get_session():
secure, httponly = False, True
if DEV:
secure = False
session = Session(cookie_name='andrewtrusty.appspot',
secure=secure,
httponly=httponly)
return session
def post(self):
session = Session()
room = Room.get_or_insert(session["tag"])
room.isPass = not room.isPass
if not room.isPass:
room.password = self.request.get("pass")
session["pass"] = room.password
room.put()
self.redirect('/main')
def post(self):
session = Session()
if len(self.request.get("tag")) > 0:
session["tag"] = self.request.get("tag")
if len(self.request.get("name")) > 0:
session["name"] = self.request.get("name")
room = Room.get_or_insert(session["tag"])
room.put()
self.redirect('/main')
def setSessionVal(self, session_key, initial_Value):
if self.session is None:
self.session = Session()
bolRet = True
try:
self.session[session_key] = initial_Value
except KeyError:
bolRet = False
return bolRet
def getLoggedInUser(self):
mySession = Session() # user is stored in Session variable if logged in
if 'username' in mySession:
user = mySession['username']
if user > ' ':
#self.response.out.write("User="******"<BR>")
return user
else:
return None
else:
return None
def loggedin(self):
mySession = Session() # user is stored in Session variable if logged in
if 'username' in mySession:
user = mySession['username']
if user:
#self.response.out.write("User="******"<BR>")
return user
log = CumulusLog()
log.category = "Debug"
log.message = "No User in Session, redirecting to /login page"
log.put()
self.redirect("/login")
def GetGDocsAuthenticatedClientForCurrentUser():
"""
Logon to Google with the user currently logged on to Cumulus.
See more detailed programming/API comments in GetGDocsAuthenticatedClient.
"""
providerName = "GoogleAppAccount"
mySession = Session()
if not 'subscriberkey' in mySession:
raise ("no subscriberkey in Session")
subscriberkey = mySession['subscriberkey']
subscriber = Subscriber.get(subscriberkey)
if not subscriber:
raise ("Subscriber not found with subscriberkey=" + str(subscriberkey))
query = Provider.gql("where name = :1 ", providerName)
LIMIT = 1
providerList = query.fetch(LIMIT)
if len(providerList) > 0:
provider = providerList[0]
else:
raise Exception("Provider not found with providerName= " +
providerName)
query = SubscriberProviderCredentials.gql(
"where subscriber = :1 and provider = :2 ", subscriber, provider)
LIMIT = 1
credentialsList = query.fetch(LIMIT)
if len(credentialsList) > 0:
credentials = credentialsList[0]
else:
raise Exception("No credentials found for provider=" + providerName +
" and subscriber = " + subscriber.firstname + " " +
subscriber.lastname)
# Tell the client that we are running in single user mode, and it should not
# automatically try to associate the token with the current user then store
# it in the datastore.
client = gdata.docs.service.DocsService()
gdata.alt.appengine.run_on_appengine(client,
store_tokens=False,
single_user_mode=True)
objKeyValuePair = KeyValuePair()
#userid = subscriber.googleAppsUserid
#password = subscriber.googleAppsPassword
client.email = credentials.userid
client.password = credentials.password
client.service = 'writely' #for Google Docs (include spreadsheets?)
client.accountType = "HOSTED"
client.ClientLogin(client.email, client.password)
return client
def post(self):
session = Session()
tweet = Tweet()
tweet.img = str(self.request.get("key"))
tweet.content = self.request.get("comment")
tweet.author = session["name"]
tweet.put()
greeting = db.get(self.request.get("key"))
greeting.modify = datetime.datetime.now()
greeting.put()
self.redirect('/main')
def ask(request):
"""
API Method - /ask
Creates a new Question and adds it to the datastore
@method POST
@param question: the text of the question
@param latitude: latitude of the location
@param longitude: longitude of the location
@param pay_key: the pay key from a successful PayPal purchase
@returns stock success or failure JSON response along with
the question and user objects.
"""
# authenticated user
user = Session().get("user")
# required parameters
question = request.REQUEST.get("question")
latitude = float(request.REQUEST.get("latitude"))
longitude = float(request.REQUEST.get("longitude"))
pay_key = request.REQUEST.get("pay_key")
# Using the PayKey you could validate it using PayPal APIs
# to confirm that a user paid and the transaction is complete.
# This is left up to the curious coder to implement :)
# Create the question with the required fields and tie it
# to the authenticated user
q = Question(question=question,
location=GeoPt(latitude, longitude),
user=user)
q.update_location()
q.put()
# return stock JSON with the Question object details
return _json_response(question=q.to_json(), user=user.to_json())
def get(self):
session = Session()
auth = create_oauth()
if not session.has_key('accesstoken'):
if not session.has_key('requesttoken'):
self.redirect('/login')
return
else:
# save verifier and get access token
rtok = session['requesttoken']
auth.setRequestToken(rtok[0], rtok[1])
verifier = self.request.get('oauth_verifier')
auth.saveVerifier(verifier)
auth.getAccessToken()
session['accesstoken'] = (auth.atok.tok, auth.atok.sec)
# fetch home timeline
tok = session['accesstoken']
auth.setAccessToken(tok[0], tok[1])
api = twitterlib.API(auth)
lst = api.statuses.home_timeline()
u = api.account.verify_credentials().screen_name
tl = '<br>'.join([s.user.screen_name + ' ' + s.text for s in lst])
htmldoc = """
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>timeline</title>
</head>
<body>
<h3>hello, %s!</h3>
<p><a href="./logout">logout</a></p>
%s
</body>
</html>
""" % (u, tl)
self.response.out.write(htmldoc)
def ask(request):
"""
API Method - /ask
Creates a new Question and adds it to the datastore
@method POST
@param question: the text of the question
@param latitude: latitude of the location
@param longitude: longitude of the location
@param pay_key: the pay key from a successful PayPal purchase
@returns stock success or failure JSON response along with
the question and user objects.
"""
# authenticated user
user = Session().get("user")
# required parameters
question = request.REQUEST.get("question")
latitude = float(request.REQUEST.get("latitude"))
longitude = float(request.REQUEST.get("longitude"))
pay_key = request.REQUEST.get("pay_key")
# Using the PayKey you could validate it using PayPal APIs
# to confirm that a user paid and the transaction is complete.
# This is left up to the curious coder to implement :)
# Create the question with the required fields and tie it
# to the authenticated user
q = Question(question=question,
location=GeoPt(latitude, longitude),
user=user)
q.update_location()
q.put()
# return stock JSON with the Question object details
return _json_response(question=q.to_json(), user=user.to_json())
def post(self):
session = Session()
greetings = Greeting.gql("WHERE tag = :1", tag)
for greeting in greetings:
greeting.tag = self.request.get("newtag")
greeting.put()
room = Room.get_or_insert(session["tag"])
db.delete(room)
newroom = Room.get_or_insert(self.request.get("newtag"))
newroom.put()
session["tag"] = self.request.get("newtag")
self.redirect('/main')
def get(self):
game = Game.get(self.request.get(u'game'))
self.sess = Session()
if self.sess.has_key(u'vc') and self.sess[u'vc'] == game.games.coll.key():
path = os.path.join(os.path.dirname(__file__), 'game.html')
self.response.out.write(template.render(path, {
u'title' : game.title,
u'home' : game.games.coll.keyword,
u'home_url' : game.games.coll.home_url,
u'pageid' : game.key(),
u'game': game
}))
else:
del self.sess[u'vc']
self.redirect(u'/')
def auth(request):
"""
API Method - /auth
If credentials are correct a new session is created for this
user which authorizes them to use protected API methods.
@method POST
@param email: user's email address
@param password: user's password
@returns stock JSON response
"""
# required parameters
email = request.POST.get("email")
password = request.POST.get("password")
# hash the password
password = _hash_password(password)
# Look up a User object that matches the email/password
users = User.all()
users \
.filter("email =", email) \
.filter("password ="******"Email or password is invalid.")
# Somehow more than one client with the same user/password have
# been created, which should never happen. Error out here.
if users.count() > 1:
return _json_response(
details=None,
success=False,
msg="Internal security error. Contact an administrator")
# Pull the User from the datastore
user = users.get()
# Build a new session object and store the user
session = Session()
session["user"] = user
# return stock JSON with user details
return _json_response(user=user.to_json())
def post(self):
try:
domain_id = self.request.get('domain')
title = self.request.get('title')
except (TypeError, ValueError):
self.error(403)
return
user = api.get_user()
domain = api.create_domain(domain_id, title, user)
if not domain:
self.response.out.write("Could not create domain")
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
add_message(session, "Created domain '%s'" % domain.key().name())
self.redirect('/d/%s/' % domain.key().name())
def post(self):
"""Handels the get request for the MainHandler.
Retrieves a list of all of the domain's users and sends it
to the Client as a JSON object.
"""
users_list = []
session = Session()
domain = session['domain']
client = AppsClient(domain=domain)
client.auth_token = self.Get2loToken()
client.ssl = True
feed = client.RetrieveAllUsers()
for entry in feed.entry:
users_list.append(entry.login.user_name)
self.response.out.write(json.dumps(users_list))
def get(self, domain_identifier):
user = api.get_and_validate_user(domain_identifier)
if not user:
self.error(404) # hides domain identifiers
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
view = self.request.get('view', 'all')
domain = api.get_domain(domain_identifier)
if view == 'yours':
tasks = api.get_assigned_tasks(domain_identifier,
user,
root_task=None,
limit=200)
no_tasks_message = "You do not have any unfinished tasks"
tasks_heading = "Your Tasks"
elif view == 'open':
tasks = api.get_open_tasks(domain_identifier,
root_task=None,
limit=200)
no_tasks_message = "No open subtasks in this domain"
tasks_heading = "Open Tasks"
else: # view == 'all' or None
view = 'all'
user_id = user.identifier()
tasks = api.get_all_direct_subtasks(domain_identifier,
root_task=None,
limit=200,
user_identifier=user_id)
tasks_heading = "All Tasks"
no_tasks_message = "No tasks are created in this domain"
template_values = {
'domain_name': domain.name,
'domain_identifier': domain_identifier,
'user_name': user.name,
'user_identifier': user.identifier(),
'messages': get_and_delete_messages(session),
'tasks': _task_template_values(tasks, user),
'tasks_heading': tasks_heading,
'no_tasks_message': no_tasks_message,
'view_mode': view,
}
self.response.out.write(
render_template('templates/overview.html', template_values))
def get(self):
user = api.get_user()
domains = api.get_all_domains_for_user(user)
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
template_values = {
'username':
user.name,
'domains': [{
'identifier': domain.identifier(),
'name': domain.name
} for domain in domains],
'messages':
get_and_delete_messages(session),
}
path = os.path.join(os.path.dirname(__file__),
'templates/landing.html')
self.response.out.write(template.render(path, template_values))
def post(self):
session = Session()
greetings = Greeting.gql("WHERE author = :1", self.request.get("name"))
tags = set([])
for greeting in greetings:
tags |= set([greeting.tag])
chars = []
length = []
for t in tags:
chars.append(t[:2])
length.append("x" * (len(t) - 2))
lists = zip(chars, length)
template_value = {
'name': self.request.get("name"),
'lists': lists,
}
path = os.path.join(os.path.dirname(__file__), 'forgot.html')
self.response.out.write(template.render(path, template_value))
def post(self):
path = os.path.join(os.path.dirname(__file__), 'form.html')
readSize = int(self.request.get('readSize'));
genomeSize = int(self.request.get('genomeSize'));
numReads = int(self.request.get('numReads'));
k = int(self.request.get('k'));
self.session = Session();
mem = -109635 + 18977*readSize + 86326*genomeSize + 233353*numReads - 51092*k;
self.session['values']['mem'] = mem;
self.session['values']['mem_gb'] = int(math.ceil(mem/(1024.0*1024)));
self.session['values']['cov'] = readSize*numReads*1.0/genomeSize;
self.session['values']['readSize'] = readSize;
self.session['values']['genomeSize'] = genomeSize;
self.session['values']['numReads'] = numReads;
self.session['values']['k'] = k;
self.response.out.write(template.render(self.form_path, self.session['values']))
def get(self):
session = Session()
if 'tag' in session:
pass
else:
self.response.out.write(
"<font color='ff0000'> Enter Any Tag. </font>")
self.redirect("/")
room = Room.get_by_key_name(session["tag"])
if room.isPass == False and session["pass"] != room.password:
self.response.out.write(
"""Password: <form action='/check' method='post'><textarea name='pass' rows='1' cols='10'></textarea><input type='submit' value='submit'></form>"""
)
else:
isPass = room.isPass
greetings = Greeting.gql("WHERE tag = :1 ORDER BY date DESC",
session["tag"])
tweets_list = []
for greeting in greetings:
temps = Tweet.gql("WHERE img = :1 ORDER BY date ASC",
str(greeting.key()))
tweets_list.append(temps)
lists = zip(greetings, tweets_list)
names = set([])
for greeting in greetings:
names |= set([greeting.author])
members = list(names)
members.sort()
template_value = {
'tag': session["tag"],
'name': session["name"],
'members': members,
'lists': lists,
'isPass': isPass,
}
path = os.path.join(os.path.dirname(__file__), 'main.html')
self.response.out.write(template.render(path, template_value))
def __init__(self, template=None):
#Main Response Parameters
self.template = template
self.session = SohoResponseSession()
self.params = {}
#User
self.user = users.GetCurrentUser()
self.access_rights = None
self.signup_user = None
self.is_admin = None
self.signed_up = False
if self.user:
self.signed_up = True
#Data
self.company_id = 0
self.entity_id = 0
self.companys = None
self.company = None
self.entity = None
self.entity_render_type = 0
self.customer_id = 0
self.customers = None
self.customer = None
self.mainmessages = None
self.application_version = 0.6
self.logged_in_required = True
self.header_text = 'Soho Scheduler'
self.sub_header_text = 'Pioneering small business simplicity.'
self.mode = 'Manage Individual Company'
self.EntityCount = 0
self.is_design_mode = False
self.is_admin_screen = False
self.tabSelected = None
self.entity_access_rights = False
self.access_rights = None
#Display
self.sign_out = users.CreateLogoutURL('/')
self.sign_in = None
def post(self):
"""Fetches a request token and redirects the user to the approval page."""
self.session = Session()
if users.get_current_user():
# 1.) REQUEST TOKEN STEP. Provide the data scope(s) and the page we'll
# be redirected back to after the user grants access on the approval page.
req_token = gdocs.FetchOAuthRequestToken(
scopes=SETTINGS['SCOPES'], oauth_callback=self.request.uri)
# Generate the URL to redirect the user to. Add the hd paramter for a
# better user experience. Leaving it off will give the user the choice
# of what account (Google vs. Google Apps) to login with.
domain = self.request.get('domain', default_value='default')
approval_page_url = gdocs.GenerateOAuthAuthorizationURL(
extra_params={'hd': domain})
# 2.) APPROVAL STEP. Redirect to user to Google's OAuth approval page.
self.redirect(approval_page_url)
class VelvetMem(webapp.RequestHandler):
values = {'mem': 0,
'mem_gb':0,
'cov':0,
'readSize':50,
'genomeSize':5,
'k':23,
'backurl':'/',
'numReads': 200}
form_path = os.path.join(os.path.dirname(__file__), 'velvetmem.html')
session = Session()
def get(self):
self.session = Session()
if (not self.session.has_key('values')):
self.session['values']=self.values
self.response.out.write(template.render(self.form_path, self.session['values']))
def post(self):
path = os.path.join(os.path.dirname(__file__), 'form.html')
readSize = int(self.request.get('readSize'));
genomeSize = int(self.request.get('genomeSize'));
numReads = int(self.request.get('numReads'));
k = int(self.request.get('k'));
self.session = Session();
mem = -109635 + 18977*readSize + 86326*genomeSize + 233353*numReads - 51092*k;
self.session['values']['mem'] = mem;
self.session['values']['mem_gb'] = int(math.ceil(mem/(1024.0*1024)));
self.session['values']['cov'] = readSize*numReads*1.0/genomeSize;
self.session['values']['readSize'] = readSize;
self.session['values']['genomeSize'] = genomeSize;
self.session['values']['numReads'] = numReads;
self.session['values']['k'] = k;
self.response.out.write(template.render(self.form_path, self.session['values']))
def accept(request):
"""
API Method - /accept
Accepts an answer for a question. The question must be owned by the
current authenticated user accepting the question and not already
have an accepted answer.
This method also takes care of sending the owner of the answer
an email saying their answer was accepted. The accepted answer
owner will also be given one karma point.
@method POST
@param answer_id: id of the answer being accepted
@returns stock JSON object
"""
# session and authenticated user
user = Session().get("user")
# required parameters
answer_id = int(request.REQUEST.get("answer_id"))
# find the answer associated with the answer_id
answer = Answer.get_by_id(answer_id)
# no answer with the given id
if answer is None:
return _json_response(success=False, msg="Answer does not exist.")
# associated question
question = answer.question
# make sure the question for this answer is owned by this user
question = answer.question
if question.user.key().id() != user.key().id():
return _json_response(success=False, msg="You must be the owner of the question to accept an answer.")
# also make sure the question is not already answered
if question.closed:
return _json_response(success=False, msg="Question already has an accepted answer.")
# change the accepted flag of the answer and save it.
answer.accepted_answer = True
answer.put()
# close the question and save it
question.closed = True
question.put()
# update the answer owner's karma points
answer.user.karma += 1
answer.user.put()
# send an email to the address assigned to the answer
answer_owner_email = answer.user.email
mail.send_mail(sender=SENDER_EMAIL_ADDRESS,
to=answer_owner_email,
subject="Your answer was accepted!",
body="""
This is to inform you that one of your answers has
been accepted! You have been given one karma point.
The question you answered:
%s
Your answer:
%s
Regards,
Inquire Application
""" % (question.question, answer.answer))
# return stock success JSON
return _json_response()
def get(self):
session = Session()
session.delete()
self.redirect("/")
def registration_code():
session = Session()
if session.has_key("registration_code"):
return session["registration_code"]
else:
return None
def __init__(self):
webapp.RequestHandler.__init__(self)
self.session = Session()
if not "is_logged_in" in self.session:
self.session["is_logged_in"] = False
def get(self):
self.session = Session()
self.session.delete()
self.redirect('/login')
def words_iter():
session = Session()
if session.has_key("words_iter"):
return session["words_iter"]
else:
return None
def get(self):
self.session = Session()
if (not self.session.has_key('values')):
self.session['values']=self.values
self.response.out.write(template.render(self.form_path, self.session['values']))
def delete_session():
session = Session()
session.delete()
def current_user():
session = Session()
if session.has_key(session_key):
return session[session_key]
else:
return None
class SohoResponse(webapp.RequestHandler):
def __init__(self, template=None):
#Main Response Parameters
self.template = template
self.session = SohoResponseSession()
self.params = {}
#User
self.user = users.GetCurrentUser()
self.access_rights = None
self.signup_user = None
self.is_admin = None
self.signed_up = False
if self.user:
self.signed_up = True
#Data
self.company_id = 0
self.entity_id = 0
self.companys = None
self.company = None
self.entity = None
self.entity_render_type = 0
self.customer_id = 0
self.customers = None
self.customer = None
self.mainmessages = None
self.application_version = 0.6
self.logged_in_required = True
self.header_text = 'Soho Scheduler'
self.sub_header_text = 'Pioneering small business simplicity.'
self.mode = 'Manage Individual Company'
self.EntityCount = 0
self.is_design_mode = False
self.is_admin_screen = False
self.tabSelected = None
self.entity_access_rights = False
self.access_rights = None
#Display
self.sign_out = users.CreateLogoutURL('/')
self.sign_in = None
def respond(self):
#Refresh Session Variable If Required
self.setupSession()
self.sign_in = users.CreateLoginURL('/')
if not self.template.endswith('.html'):
self.template += '.html'
#1. Check that user is logged in if not then you cannot access this resource
if self.logged_in_required:
if self.IsRegularUser() == False:
return self.redirect('/')
self.application_version = 0.8
EntityHasAccess = False
#1. Check we have access to a company
if int(self.entity_id) > 0:
self.entity_access_rights = appcode.sohosecurity.SohoSecurityHelper(self.session).getEntityAccessRights(self.entity_id)
EntityHasAccess = self.entity_access_rights['View']
if EntityHasAccess == False and users.IsCurrentUserAdmin():
EntityHasAccess = True
if EntityHasAccess:
self.EntityCount = 1
else:
return self.redirect('/')
else:
self.EntityCount = entity.helpers.HelperSignupEntityAccess().GetMyEntityCount()
#3. If we get to here then we can process
self.params = {}
self.access_rights = self.session['access_rights']
#3.1. Setup headertext
if self.entity:
self.header_text = self.entity.name
self.sub_header_text = 'powered by soho scheduler'
message_has_been_shown = self.session.get('message_has_been_shown',True)
if message_has_been_shown==False:
self.session['message_has_been_shown'] = True
else:
self.session['temp_message_title'] = ""
self.session['temp_message_body'] = ""
#3.2 Check if in design mode
self.is_design_mode = False
self.entity_render_type = appcode.sohosecurity.SohoSecurityHelper(self.session).getEntityRenderType(self.entity_id)
if self.entity_render_type == "2":
self.is_design_mode = True
self.entity_id = int(self.entity_id)
for key in dir(self):
if '__' not in key:
value = getattr(self, key)
self.params[key] = value
django_http_response = render_to_response(self.template, self.params)
self.response.out.write(django_http_response.content)
def json_respond(self, dictResponse):
jsontext = simplejson.dumps(dictResponse)
django_http_response = HttpResponse(jsontext, mimetype="application/json")
self.response.out.write(django_http_response.content)
def respond_blank(self):
obj_list = []
#return HttpResponse(simplejson.dumps(None), mimetype='application/javascript')
return HttpResponse("", mimetype='application/javascript')
def setupSession(self):
#1. Determine whether session is needed to be refreshed
refresh_session = False
session_refresh_session = None
#1.5 Setup session refresh session variable
refresh_session = self.getSessionVal('refresh_session')
if refresh_session is None:
self.setSessionVal('refresh_session', True)
self.setSessionVal('user_id', 0)
refresh_session = True
#3. Is there a logged in user and no session information set
if self.getSessionVal('user_id') == 0 and self.user:
refresh_session = True
#4. Refresh session variables
if refresh_session:
self.signup_user = DataServer().getMySignup()
if self.signup_user:
self.session['signup_user'] = self.signup_user
self.session['signup_id'] = self.signup_user.key().id()
self.session['is_admin'] = users.IsCurrentUserAdmin()
accessRights = entity.helpers.HelperSignupEntityAccess().getUserAccessRightsAsList()
self.session['access_rights'] = accessRights
#asd=1/0
else:
self.session['signup_user'] = "******"
self.session['signup_id'] = 0
self.session['is_admin'] = False
#5. Allocate SOhoresponse variables from session
self.signup_user = self.session['signup_user']
self.signup_id = self.session['signup_id']
self.is_admin = self.session['is_admin']
self.session['refresh_session'] = False
def setSessionVal(self, session_key, initial_Value):
if self.session is None:
self.session = Session()
bolRet = True
try:
self.session[session_key] = initial_Value
except KeyError:
bolRet = False
return bolRet
def getSessionVal(self, session_key):
if self.session is None:
self.session = Session()
try:
session_val_test = self.session[session_key]
except KeyError:
session_val_test = None
return session_val_test
def getUserAccessRights(self):
#1. Does user have access anywhere?
user_access_rights = entity.helpers.HelperSignupEntityAccess().getUserAccessRights()
current_signup = DataServer().getMySignup()
#2. If no access entries returned then assume this has not yet been setup for the user.
#. Therefore create the required entries by returning all their entities.
if user_access_rights.count() < 1:
entity.helpers.HelperSignupEntityAccess().analyzeUserProfileAndCreateUserAccessRights(current_signup)
#3. Re-get the entities and convert them into a dictionary for the session.
user_access_rights = entity.helpers.HelperSignupEntityAccess().getUserAccessRights()
#3. Get Access Information
accessRights = []
for gqr in user_access_rights:
newRow = {}
newRow['id'] = str(gqr.key().id())
newRow['key'] = str(gqr.key())
newRow['access_right_code'] = str(gqr.access_right_code.name)
newRow['entity_id'] = str(gqr.entity_reference.key().id())
accessRights.append(newRow)
return accessRights
def GetRedirectToDefaultDashboard(self, entity_id):
#Called by functions on non ajax calls that redirects to dashboard 0 entity_id supplied
#1. If entity_id is supplied then we do not need to redirect as everything is ok
if int(entity_id) > 0:
return None
#2. Get Default Entity ID and or create one if not exists.
this_entity = entity.helpers.HelperEntity().GetDefaultEntity(self.request)
if this_entity:
entity_id = this_entity.key().id()
#return http.HttpResponseRedirect('/%s/%r/dashboard/' % (strCompanyEntity, int(entity_id)))
redirect_url = reverse('dashboard.views.index', args=[entity_id])
return redirect_url
else:
return None
def IsAjaxRequest(self):
env = self.request.environ
retVal = env.has_key('HTTP_X_REQUESTED_WITH') and env.get('HTTP_X_REQUESTED_WITH') == 'XMLHttpRequest'
return retVal
def showNotification(self,this_message,message_type=""):
self.session['temp_message_count'] = 0
self.session['temp_message_body'] = this_message
self.session['temp_message_type'] = message_type
self.session['message_has_been_shown'] = False
return None
def IsAdminUser(self):
#Check for admin user if not redirect to home
bolIsAdminUser=False
if self.user:
bolIsAdminUser = users.is_current_user_admin()
return bolIsAdminUser
def IsRegularUser(self):
#Check for admin user if not redirect to home
bolIsUser=False
if self.user:
bolIsUser = True
return bolIsUser
def GetInt(self,input_value):
retVal = input_value
if retVal.isdigit():
retVal = int(input_value)
else:
retVal = 0
return retVal
def logout():
s = Session()
s.delete();
class SessionRequestHandler(webapp.RequestHandler):
def __init__(self):
webapp.RequestHandler.__init__(self)
self.session = Session()
if not "is_logged_in" in self.session:
self.session["is_logged_in"] = False
def get_session_user(self):
if self.is_logged_in():
session_user = SessionUser(
identifier=self.session.get("identifier", ""),
username=self.session.get("username", ""),
nickname=self.session.get("nickname", ""),
email=self.session.get("email", ""),
verified_email=self.session.get("verified_email", ""),
auth_provider=self.session.get("auth_provider", ""),
profile_url=self.session.get("profile_url", ""),
formatted_name=self.session.get("formatted_name", ""),
first_name=self.session.get("first_name", ""),
last_name=self.session.get("last_name", ""),
middle_name=self.session.get("middle_name", ""),
prefix=self.session.get("prefix", ""),
suffix=self.session.get("suffix", ""),
gender=self.session.get("gender", ""),
phone_number=self.session.get("phone_number", ""),
photo=self.session.get("photo", ""),
birthdate=self.session.get("birthdate", models.DEFAULT_BIRTHDATE_STRING),
birthdate_year=self.session.get("birthdate_year", models.DEFAULT_BIRTHDATE[0]),
birthdate_month=self.session.get("birthdate_month", models.DEFAULT_BIRTHDATE[1]),
birthdate_day=self.session.get("birthdate_day", models.DEFAULT_BIRTHDATE[2]),
address_formatted=self.session.get("address_formatted", ""),
address_state_province=self.session.get("address_state_province", ""),
address_street_name=self.session.get("address_street_name", ""),
address_locality=self.session.get("address_locality", ""),
address_zip_code=self.session.get("address_zip_code", ""),
address_country=self.session.get("address_country", ""),
)
return session_user
else:
return None
def log_in(self, session_user):
self.session["identifier"] = session_user.identifier
self.session["username"] = session_user.username
self.session["nickname"] = session_user.nickname
self.session["verified_email"] = session_user.verified_email
self.session["auth_provider"] = session_user.auth_provider
self.session["email"] = session_user.email
self.session["profile_url"] = session_user.profile_url
self.session["formatted_name"] = session_user.formatted_name
self.session["first_name"] = session_user.first_name
self.session["last_name"] = session_user.last_name
self.session["middle_name"] = session_user.middle_name
self.session["prefix"] = session_user.prefix
self.session["suffix"] = session_user.suffix
self.session["gender"] = session_user.gender
self.session["phone_number"] = session_user.phone_number
self.session["photo"] = session_user.photo
self.session["birthdate"] = session_user.birthdate
self.session["birthdate_day"] = session_user.birthdate_day
self.session["birthdate_month"] = session_user.birthdate_month
self.session["birthdate_year"] = session_user.birthdate_year
self.session["address_formatted"] = session_user.address_formatted
self.session["address_state_province"] = session_user.address_state_province
self.session["address_street_name"] = session_user.address_street_name
self.session["address_locality"] = session_user.address_locality
self.session["address_zip_code"] = session_user.address_zip_code
self.session["address_country"] = session_user.address_country
self.session["is_logged_in"] = True
def log_out(self):
self.session["is_logged_in"] = False
def is_logged_in(self):
return self.session["is_logged_in"]
def is_user_authorized(self):
retval = models.AUTH_LEVEL_NEW_USER
session_user = self.get_session_user()
if session_user:
auth_user = models.User.get_user_from_identifier(session_user.identifier)
logging.info("[session_user profile] " + str(auth_user))
if auth_user:
retval = models.AUTH_LEVEL_REGISTERED_USER
if auth_user.is_active and not auth_user.is_deleted:
retval = models.AUTH_LEVEL_ACTIVATED_USER
return retval
def get(self):
self.wr(users.get_current_user().email())
self.session = Session()
self.session.delete()
self.redirect(users.create_logout_url('/admin/'))
class LogoutHandler(webapp.RequestHandler):
def get(self):
self.session = Session()
self.session.delete()
self.redirect('/login')
class SessionRequestHandler(webapp.RequestHandler):
def __init__(self):
webapp.RequestHandler.__init__(self)
self.session = Session()
if not 'is_logged_in' in self.session:
self.session['is_logged_in'] = False
def get_session_user(self):
if self.is_logged_in():
session_user = SessionUser(
identifier = self.session.get('identifier', ''),
username = self.session.get('username', ''),
nickname = self.session.get('nickname', ''),
email = self.session.get('email', ''),
verified_email = self.session.get('verified_email', ''),
auth_provider = self.session.get('auth_provider', ''),
profile_url = self.session.get('profile_url', ''),
formatted_name = self.session.get('formatted_name', ''),
first_name = self.session.get('first_name', ''),
last_name = self.session.get('last_name', ''),
middle_name = self.session.get('middle_name', ''),
prefix = self.session.get('prefix', ''),
suffix = self.session.get('suffix', ''),
gender = self.session.get('gender', ''),
phone_number = self.session.get('phone_number', ''),
photo = self.session.get('photo', ''),
birthdate = self.session.get('birthdate', models.DEFAULT_BIRTHDATE_STRING),
birthdate_year = self.session.get('birthdate_year', models.DEFAULT_BIRTHDATE[0]),
birthdate_month = self.session.get('birthdate_month', models.DEFAULT_BIRTHDATE[1]),
birthdate_day = self.session.get('birthdate_day', models.DEFAULT_BIRTHDATE[2]),
address_formatted = self.session.get('address_formatted', ''),
address_state_province = self.session.get('address_state_province', ''),
address_street_name = self.session.get('address_street_name', ''),
address_locality = self.session.get('address_locality', ''),
address_zip_code = self.session.get('address_zip_code', ''),
address_country = self.session.get('address_country', '')
)
return session_user
else:
return None
def log_in(self, session_user):
self.session['identifier'] = session_user.identifier
self.session['username'] = session_user.username
self.session['nickname'] = session_user.nickname
self.session['verified_email'] = session_user.verified_email
self.session['auth_provider'] = session_user.auth_provider
self.session['email'] = session_user.email
self.session['profile_url'] = session_user.profile_url
self.session['formatted_name'] = session_user.formatted_name
self.session['first_name'] = session_user.first_name
self.session['last_name'] = session_user.last_name
self.session['middle_name'] = session_user.middle_name
self.session['prefix'] = session_user.prefix
self.session['suffix'] = session_user.suffix
self.session['gender'] = session_user.gender
self.session['phone_number'] = session_user.phone_number
self.session['photo'] = session_user.photo
self.session['birthdate'] = session_user.birthdate
self.session['birthdate_day'] = session_user.birthdate_day
self.session['birthdate_month'] = session_user.birthdate_month
self.session['birthdate_year'] = session_user.birthdate_year
self.session['address_formatted'] = session_user.address_formatted
self.session['address_state_province'] = session_user.address_state_province
self.session['address_street_name'] = session_user.address_street_name
self.session['address_locality'] = session_user.address_locality
self.session['address_zip_code'] = session_user.address_zip_code
self.session['address_country'] = session_user.address_country
self.session['is_logged_in'] = True
def log_out(self):
self.session['is_logged_in'] = False
def is_logged_in(self):
return self.session['is_logged_in']
def is_user_authorized(self):
retval = models.AUTH_LEVEL_NEW_USER
session_user = self.get_session_user()
if session_user:
auth_user = models.User.get_user_from_identifier(session_user.identifier)
logging.info('[session_user profile] ' + str(auth_user))
if auth_user:
retval = models.AUTH_LEVEL_REGISTERED_USER
if auth_user.is_active and not auth_user.is_deleted:
retval = models.AUTH_LEVEL_ACTIVATED_USER
return retval
