def moderate(user_hash, locale=None): """ Return all the reviews on the server the user can moderate. """ try: db = ReviewsDatabase(os.environ) db.event_info(_get_client_address(), user_hash, None, "getting moderatable reviews") reviews = db.review_get_all() except CursorError as e: return json_error(str(e)) # only return reviews the user has not already voted on items_new = [] for review in reviews: if locale and not _locale_is_compatible(review.locale, locale): continue if not db.vote_exists(review.review_id, user_hash): item = review.__dict__ item['user_skey'] = _get_user_key(user_hash, review.app_id) items_new.append(item) dat = json.dumps(items_new, sort_keys=True, indent=4, separators=(',', ': ')) return Response(response=dat, status=200, \ mimetype="application/json")
def app(app_id, user_hash=None): """ Return details about an application. """ try: db = ReviewsDatabase(os.environ) db.event_info(_get_client_address(), user_hash, app_id, "getting") reviews = db.review_get_for_app_id(app_id) except CursorError as e: return json_error(str(e)) # add key if user_hash specified items_new = [] for review in reviews: if review.reported > 0: continue item = review.__dict__ if user_hash: item['user_skey'] = _get_user_key(user_hash, review.app_id) items_new.append(item) dat = json.dumps(items_new, sort_keys=True, indent=4, separators=(',', ': ')) return Response(response=dat, status=200, \ mimetype="application/json")
def remove(): """ Remove a review. """ try: item = json.loads(request.data.decode('utf8')) except ValueError as e: return json_error(str(e)) for key in ['review_id', 'app_id', 'user_hash', 'user_skey']: if not key in item: return json_error('invalid data, required %s' % key) if item[key] is None: return json_error('missing data, expected %s' % key) # check format if not len(item['user_hash']) == 40: return json_error('the user_hash is invalid') if not len(item['user_skey']) == 40: return json_error('the user_skey is invalid') # connect to database early try: db = ReviewsDatabase(os.environ) except CursorError as e: return json_error(str(e)) if item['user_skey'] != _get_user_key(item['user_hash'], item['app_id']): db.event_warn(_get_client_address(), item['user_hash'], None, "invalid user_skey of %s" % item['user_skey']) return json_error('invalid user_skey') try: # the user already has a review db.review_remove(item['review_id'], item['user_hash']) db.event_info(_get_client_address(), item['user_hash'], item['app_id'], "removed review") except CursorError as e: return json_error(str(e)) return json_success('removed review #%i' % item['review_id'])
def all(user_hash=None): """ Return all the reviews on the server as a JSON object. """ try: db = ReviewsDatabase(os.environ) db.event_info(_get_client_address(), user_hash, None, "getting all reviews") reviews = db.review_get_all() except CursorError as e: return json_error(str(e)) # the user specified a user_hash if user_hash: for review in reviews: if review.reported > 0: continue item = review.__dict__ item['user_skey'] = _get_user_key(user_hash, review.app_id) dat = json.dumps(reviews, sort_keys=True, indent=4, separators=(',', ': ')) return Response(response=dat, status=200, \ mimetype="application/json")
def vote(val): """ Up or downvote an existing review by @val karma points. """ try: item = json.loads(request.data.decode('utf8')) except ValueError as e: return json_error(str(e)) for key in ['review_id', 'app_id', 'user_hash', 'user_skey']: if not key in item: return json_error('invalid data, required %s' % key) if item[key] is None: return json_error('missing data, expected %s' % key) # check format if not len(item['user_hash']) == 40: return json_error('the user_hash is invalid') if not len(item['user_skey']) == 40: return json_error('the user_skey is invalid') # connect to database early try: db = ReviewsDatabase(os.environ) except CursorError as e: return json_error(str(e)) if item['user_skey'] != _get_user_key(item['user_hash'], item['app_id']): db.event_warn(_get_client_address(), item['user_hash'], None, "invalid user_skey of %s" % item['user_skey']) #print("expected user_skey of %s" % _get_user_key(item['user_hash'], item['app_id'])) return json_error('invalid user_skey') try: # the user already has a review if db.vote_exists(item['review_id'], item['user_hash']): db.event_warn(_get_client_address(), item['user_hash'], item['app_id'], "duplicate vote") return json_error('already voted on this app') # update the per-user karma user = db.user_get_by_hash(item['user_hash']) if not user: db.user_add(item['user_hash']) else: # user is naughty if user.is_banned: return json_error('account has been disabled due to abuse') # the user is too harsh if val < 0 and user.karma < -50: return json_error('all negative karma used up') db.user_update_karma(item['user_hash'], val) # add the vote to the database db.vote_add(item['review_id'], val, item['user_hash']) db.event_info(_get_client_address(), item['user_hash'], item['app_id'], "voted %i on review" % val) except CursorError as e: return json_error(str(e)) return json_success('voted #%i %i' % (item['review_id'], val))
def submit(): """ Submits a new review. """ try: item = json.loads(request.data.decode('utf8')) except ValueError as e: return json_error(str(e)) required_fields = [ 'app_id', 'locale', 'summary', 'description', 'user_hash', 'version', 'distro', 'rating', 'user_display' ] for key in required_fields: if not key in item: return json_error('invalid data, expected %s' % key) if item[key] is None: return json_error('missing data, expected %s' % key) # check format if not len(item['user_hash']) == 40: return json_error('the user_hash is invalid') # check fields for markup and length if not item['app_id'].endswith('.desktop'): return json_error('only applications can be reviewed at this time') if len(item['summary']) > 70: return json_error('summary is too long') if len(item['description']) > 3000: return json_error('description is too long') for key in ['summary', 'description']: if not _check_str(item[key]): return json_error('%s is not a valid string' % key) try: db = ReviewsDatabase(os.environ) # user has already reviewed if db.review_exists(item['app_id'], item['user_hash']): db.event_warn(_get_client_address(), item['user_hash'], item['app_id'], "already reviewed") return json_error('already reviewed this app') # check user has not been banned user = db.user_get_by_hash(item['user_hash']) if user and user.is_banned: return json_error('account has been disabled due to abuse') # create new review = OdrsReview() review.app_id = item['app_id'] review.locale = item['locale'] review.summary = item['summary'] review.description = item['description'] review.user_hash = item['user_hash'] review.version = item['version'] review.distro = item['distro'] review.rating = item['rating'] # check if valid user_display_ignore = ['root', 'Live System User', 'Unknown'] if item['user_display'] not in user_display_ignore: review.user_display = item['user_display'] # log and add db.event_info(_get_client_address(), review.user_hash, review.app_id, "reviewed") db.review_add(review, _get_client_address()) except CursorError as e: return json_error(str(e)) return json_success()