def post(self): """This post is for priming/prefetching, not actually delivering the widget """ start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') widget_type = self.request.get('widget') logdiction = {'event':'prefetchwidget', 'api':'get_widget', 'user':user_id, 'is_api':'yes', 'ip':self.request.remote_addr, 'account':account_id, 'widget':widget_type, 'success':'true'} if widget_type not in constants.VALID_WIDGETS: logdiction['success'] = 'false' logdiction['details'] = "Using an invalid widget name" logs.create(logdiction) self.response.out.write(bad_args()) return # Get the account acc_ref = accounts_dao.authorize_api(account_id, api_key) if not acc_ref: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return if not user_id and widget_type in constants.WIDGETS_THAT_DONT_NEED_A_USER: user_id = constants.ANONYMOUS_USER if not user_id: logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) self.response.out.write(bad_args()) return user_ref = None if user_id: user_ref = users_dao.get_user_with_key(user_id) if not user_ref and user_id == constants.ANONYMOUS_USER: users_dao.create_new_user(account_id, constants.ANONYMOUS_USER) #acc_ref = users_dao.get_account_from_user(user_ref) # TODO Need to measure if there is an actual gain from this prefetching # or if it's causing unnecessary contention values = getattr(self, widget_type + "_values")(user_ref, acc_ref, 500, 300) logs.create(logdiction) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') user_key = users_dao.get_user_key(account_id, user_id) acc = accounts_dao.authorize_api(account_id, api_key) logdiction = {'event':'getuserdata', 'api': 'get_user_data', 'is_api':'yes', 'user':user_id, 'account':account_id, 'success':'true', 'ip':self.request.remote_addr} if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return user_ref = users_dao.get_user(account_id, user_id) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = user_error() logs.create(logdiction) error("User for account %s, %s not found"%(account_id, user_id)) self.response.out.write(user_error()) return badges = badges_dao.get_user_badges(user_ref) badge_keys = [] # get the badge image link for b in badges: if b.awarded == "yes": bid = badges_dao.get_badge_id_from_instance_key(b.key().name()) badge_keys.append(bid) ret = {"status":"success", "user_id":user_ref.userid, "is_enabled":user_ref.isEnabled, "creation_date":str(user_ref.creationDate), "points":user_ref.points, "profile_name": user_ref.profileName, "profile_link": user_ref.profileLink, "profile_img": user_ref.profileImg, "badges": badge_keys} logs.create(logdiction) self.response.out.write(json.dumps(ret)) timing(start)
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') badge_ref_id = self.request.get('badgeid') logdiction = {'event':'removebadge', 'api':'remove_badge', 'badgeid':badge_ref_id, 'is_api':'yes', 'ip':self.request.remote_addr, 'user':user_id, 'account':account_id, 'success':'true'} # Get the account acc = accounts_dao.authorize_api(account_id, api_key) if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return if not user_id or not badge_ref_id: logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) self.response.out.write(bad_args()) return badge_key = badges_dao.get_key_from_badge_id(account_id, badge_ref_id) if not badge_key: logdiction['success'] = 'false' logdiction['details'] = badge_error() logs.create(logdiction) self.response.out.write(badge_error()) return # Get the user user_ref = users_dao.get_or_create_user(account_id, user_id, acc) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) return badge_instance_key = badges_dao.get_badge_instance_key(badge_key, user_id) # Get the Badge Type (used as a reference for the instances) badge_ref = badges_dao.get_badge(badge_key) if not badge_ref: logdiction['success'] = 'false' logdiction['details'] = badge_error() logs.create(logdiction) self.response.out.write(badge_error()) return try: new_badge_instance = badges_dao.delete_badge_instance(badge_instance_key) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') badge_ref_id = self.request.get('badgeid') reason = self.request.get('reason') clean = XssCleaner() reason = clean.strip(reason) logdiction = {'event':'awardbadge', 'api':'award_badge', 'badgeid':badge_ref_id, 'is_api':'yes', 'ip':self.request.remote_addr, 'user':user_id, 'account':account_id, 'success':'true'} # Get the account acc = accounts_dao.authorize_api(account_id, api_key) if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return if not user_id or not badge_ref_id: logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) self.response.out.write(bad_args()) error("User id or badge id was not given") return # Make sure we have a legit badge before getting/creating a user badge_key = badges_dao.get_key_from_badge_id(account_id, badge_ref_id) if not badge_key: logdiction['success'] = 'false' logdiction['details'] = badge_error() logs.create(logdiction) self.response.out.write(badge_error()) return # Get the user user_ref = users_dao.get_or_create_user(account_id, user_id, acc) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) return badge_instance_key = badges_dao.get_badge_instance_key(badge_key, user_id) # If the user already has it, skip the award badge_ref = badges_dao.get_badge_instance(badge_instance_key) if badge_ref: if badge_ref.awarded == "yes": logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return # Get the Badge Type (used as a reference for the instances) badge_ref = badges_dao.get_badge(badge_key) if not badge_ref: self.response.out.write(badge_error()) return if not reason: reason = badge_ref.description link = badge_ref.downloadLink new_badge_instance = badges_dao.create_badge_instance( badge_instance_key, badge_ref, user_ref, "yes", #isawarded 0, #points 0, #points_needed "private", link, reason) name = badges_dao.get_badge_name_from_instance_key(badge_instance_key) notifier.user_badge_award(user_ref, "Badge Awarded", link, reason, acc, badge_ref_id) logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') badge_ref_id = self.request.get('badgeid') how_to_get_badge = self.request.get('how') points = self.request.get('pointsawarded') points_needed = self.request.get('pointsrequired') reason = self.request.get('reason') logdiction = {'event':'awardbadgepoints', 'api':'award_badge_points', 'user':user_id, 'is_api':'yes', 'ip':self.request.remote_addr, 'account':account_id, 'badgeid':badge_ref_id, 'points':points, 'success':'true'} try: points = int(points) points_needed = int(points_needed) except: logdiction['success'] = 'false' logdiction['details'] = "The number of points was not a number" logs.create(logdiction) self.response.out.write(bad_args()) error("Account %s -- Bad value for points awarded \ %s or points needed %s"\ %(account_id, points, points_needed )) return if not reason: reason = "" # Get the account acc = accounts_dao.authorize_api(account_id, api_key) if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return # Get the Badge Type (used as a reference for the instances) # Do this before getting/creating user badge_key = badges_dao.get_key_from_badge_id(account_id, badge_ref_id) if not badge_key: logdiction['success'] = 'false' logdiction['details'] = badge_error() logs.create(logdiction) self.response.out.write(badge_error()) error("Badge not found with key %s"%badge_ref_id) return # Get the user, create if it does not exist user_ref = users_dao.get_or_create_user(account_id, user_id, acc) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) return badge_ref = badges_dao.get_badge(badge_key) if not badge_ref: logdiction['success'] = 'false' logdiction['details'] = badge_error() logs.create(logdiction) ret = badge_error() self.response.out.write(ret) return badge_instance_key = badges_dao.get_badge_instance_key(badge_key, user_id) badge_instance_ref = badges_dao.get_badge_instance(badge_instance_key) if not reason: reason = badge_ref.description link = badge_ref.downloadLink if not badge_instance_ref: # Create a new badge with 0 points isawarded = "no" if points >= points_needed: isawarded = "yes" perm = badges_dao.get_badge_key_permission(badge_ref_id) new_badge_instance = badges_dao.create_badge_instance( badge_instance_key, badge_ref, user_ref, isawarded, points, points_needed, perm, link, reason) if isawarded == "yes": notifier.user_badge_award(user_ref, "Badge Awarded", link, reason, acc, badge_ref_id) logdiction['event'] = 'badgeawarded' else: isawarded = "no" points_thus_far = badge_instance_ref.pointsEarned if points: points_thus_far += points incr_args = {"pointsEarned":points} reg_args = {} # Update the following if its changed if badge_instance_ref.pointsRequired != points_needed: reg_args["pointsRequired"] = points_needed if badge_instance_ref.pointsEarned < points_needed and \ points_thus_far >= points_needed: notifier.user_badge_award(user_ref, "Badge Awarded", link, reason, acc, badge_ref_id) logdiction['event'] = 'badgeawarded' if points_thus_far >= points_needed: reg_args["awarded"] = "yes" try: ret = badges_dao.update_badge_instance(badge_instance_key, reg_args, incr_args) if not ret: raise except: error("Unable to update badge instance with key %s"%\ badge_instance_key) self.response.out.write(db_error()) return logs.create(logdiction) ret = {"status":"success", "badge_awarded":isawarded} self.response.out.write(json.dumps(ret)) timing(start) return
def post(self): start = time.time() clean = XssCleaner() api_key = self.request.get('apikey') account_id = self.request.get('accountid') new_user_id = self.request.get('userid') # Anything that can possibly be rended should be cleaned profile_link = self.request.get('profile_link') # We can't clean it because it will not render if embedded into a site # Be wary of doing any queries with this data #profile_link = clean.strip(profile_link) profile_img = self.request.get('profile_img') #profile_img = clean.strip(profile_img) profile_name = self.request.get('profile_name') profile_name = clean.strip(profile_name) logdiction = {'event':'loginuser', 'api': 'update_user', 'is_api':'yes', 'ip':self.request.remote_addr, 'user':new_user_id, 'account':account_id, 'success':'true'} if not account_id or not new_user_id or not api_key: self.response.out.write(bad_args()) logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) return acc = accounts_dao.authorize_api(account_id, api_key) if not acc: self.response.out.write(auth_error()) logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) return # Create a new user user_key = users_dao.get_user_key(account_id, new_user_id) #Update user_ref = users_dao.get_user_with_key(user_key) if user_ref: dict = {} update = False if profile_link and profile_link != user_ref.profileLink: dict["profileLink"] = profile_link update = True if profile_img and profile_img != user_ref.profileImg: dict["profileImg"] = profile_img update = True if profile_name and profile_name != user_ref.profileName: dict["profileName"] = profile_name update = True if update: logdiction['event'] = 'updateuser' try: users_dao.update_user(user_key, dict, None) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Error updating user with id %s"%new_user_id) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return if not profile_img: profile_img = constants.IMAGE_PARAMS.USER_AVATAR new_user = Users(key_name=user_key, userid=new_user_id, isEnabled="yes", accountRef=acc, profileName=profile_name, profileLink=profile_link, profileImg=profile_img) logdiction['event'] = 'createuser' try: users_dao.save_user(new_user, user_key) except: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Error getting user with key %s"%key) return logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') badge_name = self.request.get('name') theme = self.request.get('theme') description = self.request.get('description') imagelink = self.request.get('imagelink') acc = accounts_dao.authorize_api(account_id, api_key) logdiction = {'event':'createbadge', 'ip':self.request.remote_addr, 'is_api':'yes', 'api':'createbadge', 'account':account_id, 'success':'true'} if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return if not imagelink or not badge_name or not theme or not description: logdiction['success'] = 'false' logdiction['details'] = bad_args() logs.create(logdiction) self.response.out.write(bad_args()) return badge_key = badges_dao.create_badge_key(account_id, theme, badge_name, "private") logdiction['details'] = badge_key + " " + imagelink result = "" try: result = urlfetch.fetch(url=imagelink) except: error("Unable to download badge") self.response.out.write(bad_args()) return imgbuf = result.content if len(imgbuf) == 0: error("One of the downloads did not work! url:%s"%newbadge) self.response.out.write(bad_args()) return def get_file_ext(filename): ii = filename.rfind(".") if ii == -1: return "png" else: return filename[ii + 1:] file_name = files.blobstore.create(mime_type='image/'+ get_file_ext(imagelink)) with files.open(file_name, 'a') as f: f.write(imgbuf) files.finalize(file_name) blob_key = files.blobstore.get_blob_key(file_name) blob_info = blobstore.BlobInfo.get(blob_key) badges_dao.create_badge_type(badge_key, badge_name, description, acc, theme, get_file_ext(imagelink), blob_info=blob_info) self.response.out.write(success_ret()) return
def post(self): start = time.time() api_key = self.request.get('apikey') account_id = self.request.get('accountid') user_id = self.request.get('userid') newpoints = self.request.get('pointsawarded') reason = self.request.get('reason') logdiction = {'event':'awardpoints', 'api':'award_points', 'points':newpoints, 'is_api':'yes', 'ip':self.request.remote_addr, 'user':user_id, 'account':account_id, 'success':'true'} clean = XssCleaner() if reason: reason = clean.strip(reason) else: reason = "" # Get the account acc = accounts_dao.authorize_api(account_id, api_key) if not acc: logdiction['success'] = 'false' logdiction['details'] = auth_error() logs.create(logdiction) self.response.out.write(auth_error()) return try: newpoints = int(newpoints) except: logdiction['success'] = 'false' logdiction['details'] = "Points given was not a number" logs.create(logdiction) self.response.out.write(bad_args()) error("Points given was not an integer") return # Create the user if it doesnt exist user_ref = users_dao.get_or_create_user(account_id, user_id, acc) if not user_ref: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) return incrArgs = {"points":newpoints} user_key = users_dao.get_user_key(account_id, user_id) dbret = users_dao.update_user(user_key, None, incrArgs) if not dbret: logdiction['success'] = 'false' logdiction['details'] = db_error() logs.create(logdiction) self.response.out.write(db_error()) error("Unable to update points field account %s, user %s, key: %s"%\ (account_id,user_id, user_key)) return if not reason: try: reason = acc.notifierWidget.title except: reason = "Points Awarded" notifier.user_points(user_ref, newpoints, reason, acc) logs.create(logdiction) self.response.out.write(success_ret()) timing(start) return