def testChangePassword(self):
oldTime = PlayerPassword.objects.get(player__id=3).time_set
newPassword = "******"
response = self.doPost('/udj/0_6/players/3/password', {'password': newPassword})
self.assertEqual(response.status_code, 200, "Error: " + response.content)
playerPassword = PlayerPassword.objects.get(player__id=3)
self.assertEqual(playerPassword.password_hash, hashPlayerPassword(newPassword))
self.assertTrue(oldTime < playerPassword.time_set)
def testSetPassword(self):
newPassword = '******'
response = self.doPost('/udj/0_6/players/1/password',
{'password': newPassword})
self.assertEqual(response.status_code, 200)
playerPassword = PlayerPassword.objects.get(player__id=1)
self.assertEqual(playerPassword.password_hash,
hashPlayerPassword(newPassword))
def createPlayer(request):
user = getUserForTicket(request)
try:
newPlayerJSON = json.loads(request.raw_post_data)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
#Ensure the name attribute was provided with the JSON
try:
newPlayerName = newPlayerJSON['name']
except KeyError:
return HttpResponseBadRequest('No name given')
#Determine which sorting algorithm to use
if 'sorting_algorithm_id' in newPlayerJSON:
try:
sortingAlgo = SortingAlgorithm.objects.get(pk=newPlayerJSON['sorting_algorithm_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'sorting-algorithm'
return toReturn
else:
try:
sortingAlgo = SortingAlgorithm.objects.get(function_name=default_sorting_algo)
except ObjectDoesNotExist:
raise ImproperlyConfigured('Default sorting algorithm is not in database')
#Ensure that the suers doesn't already have a player with the given name
conflictingPlayer = Player.objects.filter(owning_user=user, name=newPlayerName)
if conflictingPlayer.exists():
return HttpResponse('A player with that name already exists', status=409)
#Create and save new player
newPlayer = Player(
owning_user=user,
name=newPlayerName,
sorting_algo=sortingAlgo)
newPlayer.save()
#If password provided, create and save password
if 'password' in newPlayerJSON:
PlayerPassword(player=newPlayer, password_hash=hashPlayerPassword(newPlayerJSON['password'])).save()
#If locaiton provided, geocode it and save it
if 'location' in newPlayerJSON:
location = newPlayerJSON['location']
if isValidLocation(location):
try:
setPlayerLocation(location, newPlayer)
except LocationNotFoundError as e:
return HttpResponseBadRequest('Location not found. Geocoder error: ' + str(e))
else:
return HttpResponseBadRequest('Bad location')
return HttpJSONResponse(json.dumps(newPlayer, cls=UDJEncoder), status=201)
def testChangePassword(self):
oldTime = PlayerPassword.objects.get(player__id=3).time_set
newPassword = "******"
response = self.doPost('/udj/0_6/players/3/password',
{'password': newPassword})
self.assertEqual(response.status_code, 200,
"Error: " + response.content)
playerPassword = PlayerPassword.objects.get(player__id=3)
self.assertEqual(playerPassword.password_hash,
hashPlayerPassword(newPassword))
self.assertTrue(oldTime < playerPassword.time_set)
def participateWithPlayer(request, player_id, player):
def onSuccessfulPlayerAuth(activePlayer, user):
#very important to check if they're banned or player is full first.
#otherwise we might might mark them as actually participating
if Participant.objects.filter(user=user, player=activePlayer, ban_flag=True).exists():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'banned'
return toReturn
if activePlayer.isFull():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'player-full'
return toReturn
obj, created = Participant.objects.get_or_create(player=activePlayer, user=user)
if not created:
obj.time_last_interation = datetime.now()
obj.kick_flag = False
obj.logout_flag = False
obj.save()
return HttpResponse(status=201)
user = getUserForTicket(request)
playerPassword = PlayerPassword.objects.filter(player=player)
if playerPassword.exists():
hashedPassword = ""
if not request.META.has_key('CONTENT_TYPE'):
return HttpResponseBadRequest("must specify content type")
elif request.META['CONTENT_TYPE'] != 'text/json':
return HttpResponse("must send json", status=415)
elif request.raw_post_data == '':
return HttpResponseBadRequest("Bad JSON")
try:
password_json = json.loads(request.raw_post_data)
password = password_json['password']
hashedPassword = hashPlayerPassword(password)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
if hashedPassword == playerPassword[0].password_hash:
return onSuccessfulPlayerAuth(player, user)
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'player-password'
return toReturn
else:
return onSuccessfulPlayerAuth(player, user)
def setPlayerPassword(request, player_id, player):
givenPassword = request.POST['password']
if givenPassword == '':
return HttpResponseBadRequest("Bad password")
hashedPassword = hashPlayerPassword(givenPassword)
playerPassword, created = PlayerPassword.objects.get_or_create(
player=player, defaults={'password_hash': hashedPassword})
if not created:
playerPassword.password_hash = hashedPassword
playerPassword.save()
return HttpResponse()
def setPlayerPassword(request, player_id, player):
givenPassword = request.POST['password']
if givenPassword == '':
return HttpResponseBadRequest("Bad password")
hashedPassword = hashPlayerPassword(givenPassword)
playerPassword , created = PlayerPassword.objects.get_or_create(
player=player,
defaults={'password_hash': hashedPassword})
if not created:
playerPassword.password_hash = hashedPassword
playerPassword.save()
return HttpResponse()
def testCreatePasswordPlayer(self):
playerName = "Yunyoung Player"
password = '******'
passwordHash = hashPlayerPassword(password)
payload = {'name' : playerName, 'password' : password}
response = self.doJSONPut('/udj/0_6/players/player', json.dumps(payload))
self.assertEqual(response.status_code, 201, "Error: " + response.content)
self.isJSONResponse(response)
givenPlayerId = json.loads(response.content)['player_id']
addedPlayer = Player.objects.get(pk=givenPlayerId)
self.assertEqual(addedPlayer.name, playerName)
self.assertEqual(addedPlayer.owning_user.id, 7)
self.assertFalse(PlayerLocation.objects.filter(player=addedPlayer).exists())
addedPassword = PlayerPassword.objects.get(player=addedPlayer)
self.assertEqual(addedPassword.password_hash, passwordHash)
def testCreatePasswordPlayer(self):
playerName = "Yunyoung Player"
password = "******"
passwordHash = hashPlayerPassword(password)
payload = {"name": playerName, "password": password}
response = self.doJSONPut("/udj/0_6/players/player", json.dumps(payload))
self.assertEqual(response.status_code, 201, "Error: " + response.content)
self.isJSONResponse(response)
givenPlayerId = json.loads(response.content)["id"]
addedPlayer = Player.objects.get(pk=givenPlayerId)
self.assertEqual(addedPlayer.name, playerName)
self.assertEqual(addedPlayer.owning_user.id, 7)
self.assertFalse(PlayerLocation.objects.filter(player=addedPlayer).exists())
addedPassword = PlayerPassword.objects.get(player=addedPlayer)
self.assertEqual(addedPassword.password_hash, passwordHash)
self.verify_libs_created(addedPlayer)
self.verify_permissions_set(addedPlayer)
def testCreatePasswordPlayer(self):
playerName = "Yunyoung Player"
password = '******'
passwordHash = hashPlayerPassword(password)
payload = {'name': playerName, 'password': password}
response = self.doJSONPut('/udj/0_6/players/player',
json.dumps(payload))
self.assertEqual(response.status_code, 201,
"Error: " + response.content)
self.isJSONResponse(response)
givenPlayerId = json.loads(response.content)['player_id']
addedPlayer = Player.objects.get(pk=givenPlayerId)
self.assertEqual(addedPlayer.name, playerName)
self.assertEqual(addedPlayer.owning_user.id, 7)
self.assertFalse(
PlayerLocation.objects.filter(player=addedPlayer).exists())
addedPassword = PlayerPassword.objects.get(player=addedPlayer)
self.assertEqual(addedPassword.password_hash, passwordHash)
def participateWithPlayer(request, player_id, player):
def onSuccessfulPlayerAuth(activePlayer, user):
#very important to check if they're banned or player is full first.
#otherwise we might might mark them as actually participating
if Participant.objects.filter(user=user,
player=activePlayer,
ban_flag=True).exists():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'banned'
return toReturn
if activePlayer.isFull():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'player-full'
return toReturn
obj, created = Participant.objects.get_or_create(player=activePlayer,
user=user)
if not created:
obj.time_last_interation = datetime.now()
obj.kick_flag = False
obj.logout_flag = False
obj.save()
return HttpResponse(status=201)
user = getUserForTicket(request)
playerPassword = PlayerPassword.objects.filter(player=player)
if playerPassword.exists():
if DJANGO_PLAYER_PASSWORD_HEADER in request.META:
hashedPassword = hashPlayerPassword(
request.META[DJANGO_PLAYER_PASSWORD_HEADER])
if hashedPassword == playerPassword[0].password_hash:
return onSuccessfulPlayerAuth(player, user)
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'player-password'
return toReturn
else:
return onSuccessfulPlayerAuth(player, user)
def participateWithPlayer(request, player_id, player):
def onSuccessfulPlayerAuth(activePlayer, user):
#very important to check if they're banned or player is full first.
#otherwise we might might mark them as actually participating
if Participant.objects.filter(user=user, player=activePlayer, ban_flag=True).exists():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'banned'
return toReturn
if activePlayer.isFull():
toReturn = HttpResponseForbidden()
toReturn[FORBIDDEN_REASON_HEADER] = 'player-full'
return toReturn
obj, created = Participant.objects.get_or_create(player=activePlayer, user=user)
if not created:
obj.time_last_interation = datetime.now()
obj.kick_flag = False
obj.logout_flag = False
obj.save()
return HttpResponse(status=201)
user = getUserForTicket(request)
playerPassword = PlayerPassword.objects.filter(player=player)
if playerPassword.exists():
if DJANGO_PLAYER_PASSWORD_HEADER in request.META:
hashedPassword = hashPlayerPassword(request.META[DJANGO_PLAYER_PASSWORD_HEADER])
if hashedPassword == playerPassword[0].password_hash:
return onSuccessfulPlayerAuth(player, user)
toReturn = HttpResponse(status=401)
toReturn['WWW-Authenticate'] = 'player-password'
return toReturn
else:
return onSuccessfulPlayerAuth(player, user)
def testSetPassword(self):
newPassword = '******'
response = self.doPost('/udj/0_6/players/1/password', {'password': newPassword})
self.assertEqual(response.status_code, 200)
playerPassword = PlayerPassword.objects.get(player__id=1)
self.assertEqual(playerPassword.password_hash, hashPlayerPassword(newPassword))
def createPlayer(request):
user = getUserForTicket(request)
try:
newPlayerJSON = json.loads(request.raw_post_data)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
#Ensure the name attribute was provided with the JSON
try:
newPlayerName = newPlayerJSON['name']
except KeyError:
return HttpResponseBadRequest('No name given')
#Determine which sorting algorithm to use
if 'sorting_algorithm_id' in newPlayerJSON:
try:
sortingAlgo = SortingAlgorithm.objects.get(pk=newPlayerJSON['sorting_algorithm_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'sorting-algorithm'
return toReturn
else:
try:
sortingAlgo = SortingAlgorithm.objects.get(function_name=DEFAULT_SORTING_ALGO)
except ObjectDoesNotExist:
raise ImproperlyConfigured('Default sorting algorithm is not in database')
#Ensure that the suers doesn't already have a player with the given name
conflictingPlayer = Player.objects.filter(owning_user=user, name=newPlayerName)
if conflictingPlayer.exists():
return HttpResponse('A player with that name already exists', status=409)
#Create and save new player
newPlayer = Player(
owning_user=user,
name=newPlayerName,
sorting_algo=sortingAlgo)
newPlayer.save()
#If password provided, create and save password
if 'password' in newPlayerJSON:
PlayerPassword(player=newPlayer, password_hash=hashPlayerPassword(newPlayerJSON['password'])).save()
#If locaiton provided, geocode it and save it
if 'location' in newPlayerJSON:
location = newPlayerJSON['location']
if isValidLocation(location):
try:
setPlayerLocation(location, newPlayer)
except LocationNotFoundError as e:
return HttpResponseBadRequest('Location not found. Geocoder error: ' + str(e))
else:
return HttpResponseBadRequest('Bad location')
#create default library for new player
new_library = Library(name="Default library", description="default library", pub_key="")
new_library.save()
new_default = DefaultLibrary(library=new_library, player=newPlayer)
new_default.save()
new_owned = OwnedLibrary(library=new_library, owner=user)
new_owned.save()
new_associated = AssociatedLibrary(library=new_library, player=newPlayer)
new_associated.save()
#Create Owner Permissions Group
owner_group = PlayerPermissionGroup(player=newPlayer, name="owner")
owner_group.save()
owner_group.add_member(user)
#Create Admin Permissions Group
admin_group = PlayerPermissionGroup(player=newPlayer, name="admin")
admin_group.save()
#Add owner_group and admin group to select permissions
set_default_player_permissions(newPlayer, owner_group)
set_default_player_permissions(newPlayer, admin_group)
return HttpJSONResponse(json.dumps(newPlayer, cls=UDJEncoder), status=201)
def createPlayer(request):
user = getUserForTicket(request)
try:
newPlayerJSON = json.loads(request.raw_post_data)
except ValueError:
return HttpResponseBadRequest('Bad JSON')
#Ensure the name attribute was provided with the JSON
try:
newPlayerName = newPlayerJSON['name']
except KeyError:
return HttpResponseBadRequest('No name given')
#Determine which sorting algorithm to use
if 'sorting_algorithm_id' in newPlayerJSON:
try:
sortingAlgo = SortingAlgorithm.objects.get(
pk=newPlayerJSON['sorting_algorithm_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'sorting_algorithm'
return toReturn
else:
try:
sortingAlgo = SortingAlgorithm.objects.get(
function_name=default_sorting_algo)
except ObjectDoesNotExist:
raise ImproperlyConfigured(
'Default sorting algorithm is not in database')
#Determine external library
externalLib = None
if 'external_library_id' in newPlayerJSON:
try:
externalLib = ExternalLibrary.objects.get(
pk=newPlayerJSON['external_library_id'])
except ObjectDoesNotExist:
toReturn = HttpResponseNotFound()
toReturn[MISSING_RESOURCE_HEADER] = 'external_library'
return toReturn
#Ensure that the suers doesn't already have a player with the given name
conflictingPlayer = Player.objects.filter(owning_user=user,
name=newPlayerName)
if conflictingPlayer.exists():
return HttpResponse('A player with that name already exists',
status=409)
#Create and save new player
newPlayer = Player(owning_user=user,
name=newPlayerName,
sorting_algo=sortingAlgo,
external_library=externalLib)
newPlayer.save()
#If password provided, create and save password
if 'password' in newPlayerJSON:
PlayerPassword(player=newPlayer,
password_hash=hashPlayerPassword(
newPlayerJSON['password'])).save()
#If locaiton provided, geocode it and save it
if 'location' in newPlayerJSON:
location = newPlayerJSON['location']
if isValidLocation(location):
try:
setPlayerLocation(location, newPlayer)
except LocationNotFoundError:
return HttpResponseBadRequest('Location not found')
else:
return HttpResponseBadRequest('Bad location')
return HttpJSONResponse(json.dumps({'player_id': newPlayer.id}),
status=201)