def put(self, guid): if helpers.authorized(self.request.params['UUID'], self.request.params['authToken'], self.request.params['action']): key = db.Key.from_path('User', int(guid)) user = db.get(key) if not user == None: user_json = simplejson.loads(self.request.body) # if user password hasn't been modified by GUI keep it the same as what is in the database if user_json['password'] == "password": user_json['password'] = user.password status = user_json.get('status') being_deleted = (status != None and status == 'deleted') if being_deleted or helpers.is_login_name_valid(user_json['loginName'], user): # Prevent non-Managers from changing their role currentUserId = self.request.params['UUID'] cukey = db.Key.from_path('User', int(currentUserId)) cuser = db.get(cukey) if str(user.role) != user_json['role'] and str(cuser.role) != "_Manager": user_json['role'] = str(user.role) helpers.report_unauthorized_access(self.response) user = helpers.apply_json_to_model_instance(user, user_json) user.put() if user.password != None and len(user.password) != 0: user_json['password'] = "******" self.response.headers['Content-Type'] = 'application/json' self.response.out.write(simplejson.dumps(user_json)) else: helpers.report_invalid_login_name(self.response) else: helpers.report_missing_record(self.response) else: helpers.report_unauthorized_access(self.response)
def put(self, guid): if helpers.authorized(self.request.params['UUID'], self.request.params['authToken'], self.request.params['action']): key = db.Key.from_path('Comment', int(guid)) comment = db.get(key) if not comment == None: comment_json = simplejson.loads(self.request.body) comment = helpers.apply_json_to_model_instance(comment, comment_json) comment.put() self.response.headers['Content-Type'] = 'application/json' self.response.out.write(simplejson.dumps(comment_json)) else: helpers.report_missing_record(self.response) else: helpers.report_unauthorized_access(self.response)
def post(self): userId = self.request.params['UUID'] key = db.Key.from_path('User', int(userId)) user = db.get(key) if user != None: if user.authToken == self.request.params['authToken']: # clear out authentication token to indicate user was logged out user.authToken = None user.put() self.response.set_status(200, "User logged out") self.response.headers['Content-Type'] = 'application/json' self.response.out.write(simplejson.dumps({ "message": 'Logout successful'})) else: helpers.report_unauthorized_access(self.response) else: helpers.report_missing_record(self.response)
def put(self, guid): if helpers.authorized(self.request.params['UUID'], self.request.params['authToken'], self.request.params['action']): key = db.Key.from_path('Task', int(guid)) task = db.get(key) if task != None: # cache current values before updates taskName = task.name taskType = task.type taskPriority = task.priority taskStatus = task.developmentStatus taskValidation = task.validation taskSubmitterId = task.submitterId taskAssigneeId = task.assigneeId taskEffort = task.effort taskProjectId = task.projectId taskDescription = task.description task_json = simplejson.loads(self.request.body) wantsNotifications = {"true": True, "false": False}.get(self.request.params['notify'].lower()) task = helpers.apply_json_to_model_instance(task, task_json) # ensure Guest-created tasks are unallocated currentUserId = self.request.params['UUID'] cukey = db.Key.from_path('User', int(currentUserId)) user = db.get(cukey) if str(user.role) == '_Guest' and task_json.has_key('projectId') == True and task_json['projectId'] != None: taskProjectId = task.projectId = None task.put() # Push notification email on the queue if we need to notify action = "deleteTask" if task.status == "deleted" else "updateTask" if notification.should_notify(currentUserId, task, wantsNotifications): taskqueue.add(url='/mailer', params={'taskId': int(guid), 'currentUUID': self.request.params['UUID'], 'action': action, 'name': taskName, 'type': taskType, 'priority': taskPriority, 'status': taskStatus, 'validation': taskValidation, 'submitterId': taskSubmitterId, 'assigneeId': taskAssigneeId, 'effort': taskEffort, 'projectId': taskProjectId, 'description': taskDescription}) self.response.headers['Content-Type'] = 'application/json' self.response.out.write(simplejson.dumps(task_json)) else: helpers.report_missing_record(self.response) else: helpers.report_unauthorized_access(self.response)