def user_info(variables={}, request={}): result = {} try: user_id = Token.Token().query('USERID').where( 'TOKEN', '=', request.params['token']).get()[0]['USERID'] user_query = User.User()\ .query('USERS.ID', 'USERS.USERNAME', 'USERS.FIRSTNAME', 'USERS.LASTNAME', 'USERS.EMAIL')\ .where('USERS.ID', '=', user_id).get()[0] locations = Location.Location()\ .query('LOCATIONS.COUNTRY', 'LOCATIONS.CITY', 'LOCATIONS.STREET')\ .where('USERID', '=', user_id).get() if locations: locations = locations[0] else: locations = dict() prefs = Preference.Preference().query('*').where( 'USERID', '=', user_id).get() if prefs: prefs = prefs[0] else: prefs = dict() result['firstname'] = user_query['USERS.FIRSTNAME'] result['lastname'] = user_query['USERS.LASTNAME'] result['email'] = user_query['USERS.EMAIL'] result['country'] = locations.get('LOCATIONS.COUNTRY', '') result['city'] = locations.get('LOCATIONS.CITY', '') result['street'] = locations.get('LOCATIONS.STREET', '') result['title_preferences'] = prefs.get('PREFERENCE', '') except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
def token_valid(variables={}, request={}): status = 'success' message = '' token_ok = False if not 'token' in request.params: status = 'error' message = 'token must be present for this api' else: token = Token.Token() user_token = request.params['token'] count = len(token.query('ID').where('TOKEN', '=', user_token).get()) if count == 0: status = 'error' message = 'invalid user token' else: token_ok = True if token_ok: return (True, None) else: result = { 'status' : status, 'message' : message } return (False, Controller.response_json(result))
def closure(variables={}, request={}): for param in params: if not param in request.params: result = { 'status': 'error', 'message': 'Parameter %s should be present' % (param) } return (False, Controller.response_json(result)) return (True, None)
def user_info(variables={}, request={}): id = request.params['id'] ok, error_message = Validator.validate([(id, r'^[0-9]|[1-9][0-9]+$', 'id value is invalid')]) user = {} try: if not ok: raise UserWaning(error_message) found_user = User.User().query('*').where('ID', '=', id).get() if not found_user: raise UserWarning('no such user') found_user = found_user[0] book_count = UserBook.UserBook().count().where( 'USERID', '=', found_user['ID']).get()[0] books_query = Book.Book()\ .query('BOOKS.ID')\ .join('USERBOOKS', 'ID', 'BOOKID')\ .where('USERBOOKS.USERID', '=', found_user['ID']).get() books = [] for book_result in books_query: book = BookController.get_book_by_id(book_result['BOOKS.ID']) books.append(book) location = Location.Location().query('*').where( 'USERID', '=', found_user['ID']).get() if location: location = location[0] else: location = dict() prefs = Preference.Preference().query('*').where( 'USERID', '=', found_user['ID']).get() if prefs: prefs = prefs[0] else: prefs = dict() user = { 'id': found_user['ID'], 'username': found_user['USERNAME'], 'first_name': found_user['FIRSTNAME'], 'last_name': found_user['LASTNAME'], 'country': location.get('COUNTRY', ''), 'city': location.get('CITY', ''), 'street': location.get('STREET', ''), 'email': found_user['EMAIL'], 'book_count': book_count['count'], 'books': books, 'title_preference': prefs.get('PREFERENCE', '') } except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
def get_genres(variables={}, request={}): global genres result = { 'status': 'success', 'message': 'genres', 'response': { 'genres': genres } } return Controller.response_json(result)
def recommended(variables={}, request={}): result = [] try: search_results = Book.Book().query('ID').get() logging.debug(search_results) for search_result in search_results[:10]: book = BookController.get_book_by_id(search_result['ID']) result.append(book) except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
def search(variables={}, request={}): keywords = request.params.get('keywords', '.*') authors = request.params.get('authors', '.*') genres = request.params.get('genres', '.*') before = request.params.get('before', '-') after = request.params.get('after', '-') location = request.params.get('location', '-') ok, error_message = Validator.validate([ (keywords, r'^\.\*|[a-zA-Z0-9,. \'"+-=;?]+$', 'keywords value is invalid'), (authors, r'^\.\*|[\w\'-, ]+$', 'authors value is invalid'), (genres, r'^\.\*|(%s)$' % ('|'.join(BookController.genres)), 'genres value is invalid'), (before, r'^\-|([1-9]|([012][0-9])|(3[01]))\-([0]{0,1}[1-9]|1[012])\-\d\d\d\d$', 'before value is invalid'), (after, r'^\-|([1-9]|([012][0-9])|(3[01]))\-([0]{0,1}[1-9]|1[012])\-\d\d\d\d$', 'after value is invalid'), ]) result = [] try: if not ok: raise UserWarning(error_message) search_results = Book.Book().query('BOOKS.ID', 'BOOKS.GOODREADSID', 'BOOKS.ISBN', 'BOOKS.TITLE', 'BOOKS.GENRE', 'BOOKS.EXPIRES', 'BOOKS.AUTHORID', 'BOOKS.COVER', 'AUTHORS.NAME')\ .join('AUTHORS', 'AUTHORID', 'ID')\ .where('BOOKS.title', 'REGEXP', '|'.join(keywords.split(',')))\ .condition('AND', 'BOOKS.GENRE', 'REGEXP', '|'.join(genres.split(',')))\ .condition('AND', 'AUTHORS.NAME', 'REGEXP', '|'.join(authors.split(','))) if before != '-': before = datetime.strptime(before, '%d-%m-%Y').strftime('%Y-%m-%d') search_results = search_results.condition('AND', 'BOOKS.EXPIRES', '<', before) if after != '-': after = datetime.strptime(after, '%d-%m-%Y').strftime('%Y-%m-%d') search_results = search_results.condition('AND', 'BOOKS.EXPIRES', '>', after) search_results = search_results.get() for search_result in search_results: book = BookController.get_book_by_id(search_result['BOOKS.ID']) result.append(book) except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
def propose_exchange(variables={}, request={}): status = 'success' message = '' token = request.params['token'] book_id = request.params['bookid'] dict_book = Book.Book().query("DELETED").where("ID", "=", book_id).get() if not dict_book: status = 'error' message = 'the book does not exist' elif (dict_book[0]['DELETED'] == 1): status = 'error' message = 'the book is not available for exchange' else: dict_receiver = Token.Token().query("USERID").where( "TOKEN", "=", token).get() dict_owner = UserBook.UserBook().query("USERID").where( "BOOKID", "=", book_id).get() logging.debug(dict_owner) if (dict_receiver[0]['USERID'] == dict_owner[0]['USERID']): status = 'error' message = 'users cannot send requests to themselves' else: dict_exchange = Exchange.Exchange().query('ID').where("OWNERID", "=", dict_owner[0]['USERID']). \ condition("AND", "RECEIVERID", "=", dict_receiver[0]['USERID']). \ condition("AND", "BOOKID1", "=", book_id).get() if (dict_exchange): status = 'error' message = 'the exchange already exists' else: date = datetime.datetime.now().strftime("%Y-%m-%d") insert_dict = { 'OWNERID': dict_owner[0]['USERID'], 'RECEIVERID': dict_receiver[0]['USERID'], 'BOOKID1': book_id, 'EXCHANGEDATE': date, 'ISFINISHED': 0, 'HASSUCCEEDED': 0 } message = 'the request has been registered' Exchange.Exchange().insert(insert_dict) result = {'status': status, 'message': message} return Controller.response_json(result)
def get_book(variables={}, request={}): id = request.params['id'] ok, error_message = Validator.validate([ (id, r'^([0-9]|[1-9][0-9]+)$', 'id value is invalid, should be a positive number') ]) result = None try: if not ok: raise UserWarning(error_message) result = get_book_by_id(int(id)) if not result: raise UserWarning('book not found') except UserWarning, e: print 'user warining: ', repr(e) return Controller.response_json({'status': 'error', 'message': str(e)})
def match_book(variables={}, request={}): status = 'success' message = '' token = request.params['token'] receiver_id = request.params['receiverid'] book_id1 = request.params['bookid1'] book_id2 = request.params['bookid2'] user_dict = Token.Token().query("USERID").where("TOKEN", "=", token).get() book1_dict = Book.Book().query("TITLE").where("ID", "=", book_id1).get() book2_dict = Book.Book().query("TITLE").where("ID", "=", book_id2).get() if not book1_dict or not book2_dict: status = 'error' message = 'one of the books does not exist' else: exchange_dict = Exchange.Exchange().query("*").where("OWNERID", "=", user_dict[0]['USERID']). \ condition("AND", "BOOKID1", "=", book_id1). \ condition("AND", "RECEIVERID", "=", receiver_id).get() if not exchange_dict: status = 'error' message = 'the exchange does not exist' else: if exchange_dict[0]['ISFINISHED'] == 1: status = 'error' message = 'the exchange has already been approved/denied' else: if exchange_dict[0]['BOOKID2'] != None: status = 'error' message = 'you cannot respond to this exchange' else: Exchange.Exchange().update({ 'BOOKID2' : book_id2 }). \ where("OWNERID", "=", user_dict[0]['USERID']). \ condition("AND", "BOOKID1", "=", book_id1). \ condition("AND", "RECEIVERID", "=", receiver_id).execute() status = 'success' message = 'user responded to the exchange' result = {'status': status, 'message': message} return Controller.response_json(result)
def register(variables={}, request={}): status = 'success' message = '' username = request.params['username'] password = request.params['password'] user = User.User() response_dict_user = user.query("ID").where("USERNAME", "=", username).condition( "OR", "EMAIL", "=", username).get() if not response_dict_user: message = 'incorrect username or password' status = 'error' else: response_dict_pass = user.query("PASSWORD", "SALT").where( "USERNAME", "=", username).condition("OR", "EMAIL", "=", username).get() input_pass_hash = bcrypt.hashpw(password.encode('utf8'), response_dict_pass[0]["SALT"]) if input_pass_hash != response_dict_pass[0]["PASSWORD"]: message = 'incorrect username or password' status = 'error' else: token = Token.Token() response_dict_token = token.query("TOKEN").where( "USERID", "=", response_dict_user[0]["ID"]).condition("AND", "TOKENTYPE", "=", "booxtoken").get() message = 'log in successful' status = 'success' if status == 'success': response = { 'token': response_dict_token[0]['TOKEN'], 'id': response_dict_user[0]['ID'] } result = {'status': status, 'message': message, 'response': response} else: result = {'status': status, 'message': message} return Controller.response_json(result)
def search_external(variables={}, request={}): query = request.params['query'] limit = request.params.get('limit', '0') ok, error_message = Validator.validate([ (query, r'^[a-zA-Z0-9, \'"+-=;?]+$', 'title query is invalid'), (limit, r'^([0-9]|[1-9][0-9]+)$', 'limit value is invalid, should be a positive number') ]) try: if not ok: raise UserWarning(error_message) limit = int(limit) result = Goodreads.request_search(query, limit) except UserWarning, e: print 'user warining: ', repr(e) return Controller.response_json({'status': 'error', 'message': str(e)})
def get_user_books(variables={}, request={}): status = 'success' message = '' user_id = request.params.get('user', '') exchange_id = request.params.get('exchange_id', '') token = request.params.get('token', '') result = None try: books_query = Book.Book().query('ID').join('USERBOOKS', 'ID', 'BOOKID').where( 'USERBOOKS.USERID', '=', user_id).get() books = [ BookController.get_book_by_id(book['ID']) for book in books_query ] result = books except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
def list_offers(variables={}, request={}): status = 'success' message = '' exchange_status = '' token = request.params['token'] user_dict = Token.Token().query("USERID").where("TOKEN", "=", token).get() exchange_dict = Exchange.Exchange().query("EXCHANGES.OWNERID", "EXCHANGES.RECEIVERID", "EXCHANGES.BOOKID1", "EXCHANGES.BOOKID2", "EXCHANGES.ISFINISHED"). \ where("EXCHANGES.OWNERID", "=", user_dict[0]['USERID']). \ condition("OR", "EXCHANGES.RECEIVERID", "=", user_dict[0]['USERID']).get() result = None if not exchange_dict: status = 'success' message = 'no entries found' result = {'status': status, 'message': message} else: status = 'success' message = 'entries found' response = exchange_dict for exchange in exchange_dict: if exchange['EXCHANGES.ISFINISHED'] == 1: exchange['exchange_status'] = 'exchange_finished' else: if exchange['EXCHANGES.BOOKID2'] == None: exchange['exchange_status'] = 'pending_match' else: exchange['exchange_status'] = 'request_sent' if user_dict[0]['USERID'] == exchange['EXCHANGES.OWNERID']: exchange['user_status'] = 'owner' else: exchange['user_status'] = 'receiver' result = {'status': status, 'message': message, 'response': response} return Controller.response_json(result)
def get_user_by_token(variables={}, request={}): status = 'success' message = '' token = request user_dict = Token.Token().query("TOKENS.USERID").where( "TOKENS.TOKEN", "=", request.params['token']).get() if not user_dict: status = 'error' message = 'invalid token' else: status = 'success' message = 'valid token' if user_dict: response = {'userid': user_dict[0]['TOKENS.USERID']} else: response = [] result = {'status': status, 'message': message, 'response': response} return Controller.response_json(result)
def add_book(variables={}, request={}): status = 'success' message = '' values = {} #title = request.params['title'] #author = request.params['author'] expires = request.params['expires'] genre = request.params['genre'] goodreads_id = request.params['goodreads_id'] ok, error_message = Validator.validate([ #(title, r'^[A-Za-z0-9\s\-_,\.;:()]+$', 'title value is invalid'), #(author, r'^[a-zA-Z0-9 ,.\'-]+$', 'author value is invalid'), (genre, r'^(%s)$' % ('|'.join(genres)), 'genre value is invalid'), (expires, r'^([1-9]|([012][0-9])|(3[01]))\-([0]{0,1}[1-9]|1[012])\-\d\d\d\d$', 'expires value is invalid'), (goodreads_id, r'^[0-9]|[1-9][0-9]+$', 'goodreads_id value is invalid'), ]) try: if not ok: raise UserWarning(error_message) book = Goodreads.find_book_by_id(int(goodreads_id)) if not book: raise UserWarning('no book with such id was found') current_user_id = Token.Token().query('USERID').where( 'TOKEN', '=', request.params['token']).get()[0]['USERID'] if not current_user_id or current_user_id == 0: raise UserWarning('invalid user connected to token') created_author = Author.Author().update_or_create( {'NAME': book['author']}, {'NAME': book['author']}) if not created_author: raise UserWarning('unable to create or update the book author') datetime_object = datetime.strptime(expires, '%d-%m-%Y') created_book = Book.Book().insert({ 'ISBN': book['isbn'], 'GOODREADSID': int(goodreads_id), 'TITLE': book['title'], 'GENRE': genre, 'COVER': book['image_url'], 'EXPIRES': datetime_object.strftime('%Y-%m-%d'), 'AUTHORID': created_author['ID'] }) if not created_book: raise UserWarning('unable to add book to the database') created_user_book = UserBook.UserBook().insert({ 'BOOKID': created_book['ID'], 'USERID': current_user_id }) if not created_user_book: raise UserWarning('unable to connect user to book') message = 'the book has been added' values['book_id'] = created_book['ID'] values['user_id'] = current_user_id values['author_id'] = created_author['ID'] except UserWarning, e: logging.exception('User Warning') return Controller.response_json({'status': 'error', 'message': str(e)})
result = None try: if not ok: raise UserWarning(error_message) result = get_book_by_id(int(id)) if not result: raise UserWarning('book not found') except UserWarning, e: print 'user warining: ', repr(e) return Controller.response_json({'status': 'error', 'message': str(e)}) except Exception, e: print 'fatal error: ', repr(e) return Controller.response_json({ 'status': 'error', 'message': 'fatal error occured' }) return Controller.response_json({ 'status': 'success', 'message': 'search sucessful', 'response': result }) @Routing.Route( url='/book/search', method='GET', middleware=[TokenCheck.token_valid, Params.has_params('token', 'query')]) def search_external(variables={}, request={}):
def add_session(variables={}, request={}): App.session.set(request.params['key'], request.params['msg']) return Controller.response_json({ 'status': 'success', 'message': 'session variable set' })
def user_edit(variables={}, request={}): status = 'success' message = '' fname = request.params.get('fname', '') lname = request.params.get('lname', '') email = request.params.get('email', '') password = request.params.get('password', None) new_password = request.params.get('npassword', None) confirm_new_password = request.params.get('cnpassword', None) country = request.params.get('country', '') city = request.params.get('city', '') street = request.params.get('street', '') title_prefs = request.params.get('title_preferences', '') result = None try: if not fname or not lname or not email: raise UserWarning( 'firstname, lastname and email are mandatory fields') user_id = Token.Token().query('USERID').where( 'TOKEN', '=', request.params['token']).get()[0]['USERID'] User.User().update({ 'FIRSTNAME': fname, 'LASTNAME': lname, 'EMAIL': email }).where('ID', '=', user_id).execute() user = User.User().query('*').where('ID', '=', user_id).get()[0] Preference.Preference().update_or_create( { 'USERID': user_id, 'PREFERENCETYPE': 'bookname' }, { 'USERID': user_id, 'PREFERENCETYPE': 'bookname', 'PREFERENCE': title_prefs }) if country or city or street: Location.Location().update_or_create({'USERID': user_id}, { 'USERID': user_id, 'COUNTRY': country, 'CITY': city, 'STREET': street }) if password: old_password_hash = bcrypt.hashpw(password.encode('utf8'), user['SALT']) if old_password_hash != user['PASSWORD']: raise UserWarning('password incorrect') if new_password != confirm_new_password: raise UserWarning( 'new password and confirm password don\'t match') else: new_password_hash = bcrypt.hashpw(new_password.encode('utf8'), user['SALT']) User.User().update({ 'PASSWORD': new_password_hash }).where('ID', '=', user_id).execute() except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
def general_info(variables={}, request={}): users = 0 connections = 0 locations = 0 books = 0 authors = 0 genres = 0 try: users = User.User().count().get()[0]['count'] connections = Exchange.Exchange().count().get()[0]['count'] locations = Location.Location().count().get()[0]['count'] books = Book.Book().count().get()[0]['count'] authors = Author.Author().count().get()[0]['count'] genres = len(BookController.genres) except Exception, e: print str(e) pass return Controller.response_json({ 'status': 'success', 'message': 'statistics collected', 'response': { 'users': users, 'connections': connections, 'locations': locations, 'books': books, 'authors': authors, 'genres': genres } })
def register(variables={}, request={}): status = 'success' message = '' username = request.params['username'] password = request.params['password'] cpassword = request.params['cpassword'] fname = request.params['fname'] lname = request.params['lname'] email = request.params['email'] ok, error_message = Validator.validate([ (username, r'^[A-Za-z][A-Za-z0-9]+$', 'The username should be only small and big letters with numbers'), (password, r'^.{7,}$', 'Password should be longer than 6 characters'), (cpassword, r'^.{7,}$', 'Password confirm should be longer than 6 characters'), (fname, r'^[\w,-\']+$', 'first name value is invalid'), (lname, r'^[\w,-\']+$', 'last name value is invalid'), (email, r"""^(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])$""", 'email value is invalid'), ]) try: if not ok: raise UserWarning(error_message) user = User.User() token = Token.Token() response_dict_list = user.query("ID").where("USERNAME", "=", username).condition( "OR", "EMAIL", "=", email).get() if not response_dict_list: if (password != cpassword): raise UserWarning('passwords do no match') generated_token = strgen.StringGenerator("[\w\d]{20}").render() salt = bcrypt.gensalt() password_hash = bcrypt.hashpw(password.encode('utf8'), salt) insert_user_dict = { "USERNAME": username, "PASSWORD": password_hash, "SALT": salt, "FIRSTNAME": fname, "LASTNAME": lname, "EMAIL": email, "ISADMINISTRATOR": 0 } inserted_user = user.insert(insert_user_dict) insert_token_dict = { "USERID": inserted_user["ID"], "TOKENTYPE": "booxtoken", "TOKEN": generated_token } token.insert(insert_token_dict) message = 'user registered successfully' else: raise UserWarning('username already exists') except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)})
'country': location.get('COUNTRY', ''), 'city': location.get('CITY', ''), 'street': location.get('STREET', ''), 'email': found_user['EMAIL'], 'book_count': book_count['count'], 'books': books, 'title_preference': prefs.get('PREFERENCE', '') } except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)}) except Exception, e: logging.exception('Fatal error') return Controller.response_json({ 'status': 'error', 'message': 'fatal error occured' }) return Controller.response_json({ 'status': 'success', 'message': 'search sucessful', 'response': user }) @Routing.Route(url='/getuserbytoken', method='GET', middleware=[Params.has_params('token')]) def get_user_by_token(variables={}, request={}): status = 'success' message = ''
"ISADMINISTRATOR": 0 } inserted_user = user.insert(insert_user_dict) insert_token_dict = { "USERID": inserted_user["ID"], "TOKENTYPE": "booxtoken", "TOKEN": generated_token } token.insert(insert_token_dict) message = 'user registered successfully' else: raise UserWarning('username already exists') except UserWarning, e: logging.exception('User warning') return Controller.response_json({'status': 'error', 'message': str(e)}) except Exception, e: logging.exception('Fatal error') return Controller.response_json({ 'status': 'error', 'message': 'fatal error occured' }) return Controller.response_json({ 'status': 'success', 'message': 'register sucessful', 'response': result })