def get(self, accountId):
queryDeveloperApp = ApplicationDeveloper.query.filter_by(
accountid=accountId).all()
if not queryDeveloperApp:
return res.resourceMissing(
"No apps for developer with account {} found.".format(
accountId))
developerapps, error = applicationdevelopers_schema.dump(
queryDeveloperApp)
if error:
return res.internalServiceError(error)
allapps = []
for developerapp in developerapps:
queryApplication = Application.query.filter(
Application.id == developerapp["appid"]).filter(
or_(
Application.active == True,
and_(Application.active == False,
Application.runningversion == 0))).first()
if queryApplication:
queryAppVersion = ApplicationVersion.query.filter(
ApplicationVersion.app == queryApplication.id).first()
developerapp["appDetails"] = application_schema.dump(
queryApplication).data
if queryAppVersion:
developerapp["appDetails"][
"appversionDetails"] = applicationversion_schema.dump(
queryAppVersion).data
allapps.append(developerapp)
return res.getSuccess(data=allapps)
def post(self, adminId):
# Verifying data required was given
data = request.get_json()
if not data or not data.get("vin") or not data.get(
"carmodel") or not data.get("raspbpi"):
return res.badRequestError("Missing data to process POST request.")
# Verifying vin number is not duplicated
queryvin = Car.query.filter_by(vin=data.get("vin")).first()
if queryvin:
return res.resourceExistsError("VIN {} already registered.".format(
data.get("vin")))
# Verifying raspberry pi is not duplicated
querypi = Car.query.filter_by(raspbpi=data.get("raspbpi")).first()
if querypi:
return res.resourceExistsError(
"Raspberrypi {} already linked to car {}".format(
data.get("raspbpi"), querypi.id))
# Adding Car to Database
newCarDetails = {
"vin": data.get("vin"),
"carmodel": data.get("carmodel"),
"raspbpi": data.get("raspbpi")
}
newCar, error = car_schema.load(newCarDetails)
if error:
return res.badRequestError(error)
db.session.add(newCar)
db.session.commit()
return res.postSuccess("Successful car added to database.", newCar)
def post(self):
openid = None
try:
request = json.loads(self.request.body.decode())
id = request.get('id', None)
openid = request.get('openid', None)
if openid is None:
raise AttributeError
if id is None:
user = yield dbutil.do(
User.select(User.id).where(User.openid == openid).get)
id = user.get_id()
modified_user = shortcuts.dict_to_model(User,
request,
ignore_unknown=True)
modified_user.set_id(id)
yield dbutil.do(modified_user.save)
self.write(Response(status=1, msg='ok', result={}).json())
except AttributeError as e:
self.write(Response(msg='sorry,亲,修改用户信息时必须包含openid').json())
logging.exception('UpdateUserInfoHandler error: {0}'.format(
str(e)))
except DoesNotExist as e:
self.write(
Response(msg='sorry,亲,用户不存在 openid={0}'.format(openid)).json())
logging.exception('UpdateUserInfoHandler error: {0}'.format(
str(e)))
except Exception as e:
self.write(Response(msg='sorry,亲,修改用户信息失败').json())
logging.exception('UpdateUserInfoHandler error: {0}'.format(
str(e)))
def post(self):
try:
param = json.loads(self.request.body.decode())
url = urllib.request.unquote(param['url'])
if url.find('#') != -1:
url = url[0:url.index('#')]
jsapi_ticket = yield wxutil.get_jsapi_ticket()
noncestr = self.random_str()
timestamp = int(time.time())
param = {
'url': url,
'timestamp': timestamp,
'jsapi_ticket': jsapi_ticket,
'noncestr': noncestr
}
tmp_str = '&'.join([
'{0}={1}'.format(key, param[key])
for key in sorted(param.keys())
])
sha1 = hashlib.sha1(tmp_str.encode()).hexdigest()
del param['jsapi_ticket']
param['signature'] = sha1
config = yield dbutil.do(Config.get)
param['appid'] = config.appid
self.write(Response(status=1, msg='ok', result=param).json())
except Exception as e:
self.write(Response(msg='sorry,亲,js api签名失败').json())
logging.exception('GetUserInfoHandler error: {0}'.format(str(e)))
def put(self, appversionId):
data = request.get_json()
#print (data)
#print(data["status"])
print(data.get("status"))
# Validates request data
if not data or not data["status"]:
return res.badRequestError("Missing data to proccess request.")
if (int(data.get("status")) < 1 or int(data.get("status")) > 5):
return res.badRequestError("Invalid status code {}.".format(
data["status"]))
print("passed error")
# Verifies app version exists
queryAppVersion = ApplicationVersion.query.filter_by(
id=appversionId).first()
if not queryAppVersion:
return res.resourceMissing(
"No version record {} exists.".format(appversionId))
queryAppVersion.status = data.get("status")
queryAppVersion.approved = True
print(queryAppVersion.status)
db.session.commit()
return res.putSuccess("Update version {} status to {}.".format(
appversionId, data.get("status")))
def delete(self, accountId):
queryAccount = Account.query.filter_by(id=accountId).first()
if not queryAccount:
return res.resourceMissing("No account with id {} was found.".format(accountId))
queryAccount.active = False
db.session.commit()
return res.deleteSuccess("Account {} with username {} deleted.".format(accountId, queryAccount.username))
def post(self, accountId):
data = request.get_json()
# Verifying data required for endpoint was given
if not data or not data.get("vinNumber"):
return res.badRequestError("Missing data to process request.")
# Verifying car given exists in database
queryCar = Car.query.filter_by(vin=data.get("vinNumber")).first()
if not queryCar:
return res.resourceMissing("Car {} does not exist.".format(
data.get("vinNumber")))
# Verifying car given is NOT registered under the given customer
queryCarUser = CarUser.query.filter_by(car=queryCar.id,
account=accountId).first()
if queryCarUser:
return res.resourceExistsError(
"Car already registered under customer {}.".format(accountId))
# Creata the link from user to the registered car in the database
newCarUserDetails = {"car": queryCar.id, "account": accountId}
newCarUser, error = caruser_schema.load(newCarUserDetails)
if error:
return res.internalServiceError(error)
db.session.add(newCarUser)
db.session.commit()
return res.postSuccess("Car {} registered under customer {}.".format(
data.get("vinNumber"), accountId))
def post(self, request):
"""
Execute app from user
---
response_serializer: api.serializers.ResultSerializer
parameters:
- name: app
type: integer
- name: params
type: string
"""
form = AppExecuteForm(request.POST)
if not form.is_valid():
return HttpResponseBadRequest()
data = form.cleaned_data
app = data['app']
if not request.user.userapp_set.filter(app=app).count():
return Response(
{
'errors': [{
'code':
'NOT_OWN_APP_EXECUTION',
'message':
'You need to own this application before using it.',
}],
},
status=status.HTTP_401_UNAUTHORIZED)
result = Result.objects.create(app=app, user=request.user)
execute_app.delay(result.id, json_params=data['json_params'])
return Response({'result': result})
def put(self, appversionId):
print(appversionId)
queryAppVersion = ApplicationVersion.query.filter_by(
id=appversionId).first()
queryApp = Application.query.filter_by(id=queryAppVersion.app).first()
# Ensures app exists in database
if not queryAppVersion:
return res.resourceMissing(
"No record with {} found for any app version.".format(
appversionId))
if queryApp.runningversion > queryAppVersion.id:
return res.badRequestError("Running version > than this version.")
# Ensures app is approved
if queryAppVersion.status is not 4:
print("awaiting to be approved")
return res.resourceExistsError(
"App v.{} is still awaiting to be approved.".format(
queryAppVersion.version))
queryApp.runningversion = queryAppVersion.id
queryAppVersion.status = 2
queryApp.active = True
db.session.commit()
return res.putSuccess(
"{} v.{} launched. Now available in MakitiAppStore !".format(
queryApp.appname, queryAppVersion.version))
def get(self, requestId):
queryAppRequest = AppRequest.query.filter_by(id=requestId).first()
if not queryAppRequest:
return res.resourceMissing(
"No data found for app request #{}.".format(requestId))
return res.getSuccess(
data=apprequest_schema.dump(queryAppRequest).data)
def get(self):
queryAppRequests = AppRequest.query.filter(
AppRequest.customer == 0).filter(AppRequest.status == 1
or AppRequest.status == 2).all()
if not queryAppRequests:
return res.resourceMissing("No app requests penging found.")
return res.getSuccess(apprequests_schema.dump(queryAppRequests).data)
def get(self, appId):
queryApp = Application.query.filter_by(id=appId).first()
# Checks application exists
if not queryApp:
return res.resourceMissing("No application found")
return res.getSuccess(data=application_schema.dump(queryApp).data)
def get(self, accountId):
queryCustomerApps = AppRequest.query.filter_by(
customer=accountId).all()
if not queryCustomerApps:
return res.resourceMissing(
"No apps downloaded by customer {}.".format(accountId))
return res.getSuccess(
data=apprequests_schema.dump(queryCustomerApps).data)
def api_login(request):
"""
Function used for API login validation and authentication
(:http:post:`POST </accounts/login>`). There are two required parameters.
.. http:post:: /accounts/login
:DC-bound?:
* |dc-no|
:Permissions:
* |APIAccess|
:Asynchronous?:
* |async-no|
:arg string data.username: **required** - Username used for authentication
:arg string data.password: **required** - Password used for authentication
:status 200: Login successful
:status 400: Bad request
"""
serializer = APIAuthTokenSerializer(data=request.data)
if serializer.is_valid():
user = serializer.object['user']
token, created = Token.objects.get_or_create(user=user)
if not created: # Old Token - regenerate token and datetime
# TODO: We do this by deleting the old token (could be done better)
token.delete()
token = Token.objects.create(user=user)
auth_logger.info('User %s successfully logged in from %s (%s)', user,
get_client_ip(request),
request.META.get('HTTP_USER_AGENT', ''))
request.user = user
request.dc = Dc.objects.get_by_id(user.current_dc_id)
return Response(
{
'token': token.key,
'expires': (token.created + AUTHTOKEN_TIMEDELTA).isoformat(),
'detail': 'Welcome to Danube Cloud API.'
},
status=scode.HTTP_200_OK,
request=request)
auth_logger.warning('User %s login failed from %s (%s)',
request.data.get('username', None),
get_client_ip(request),
request.META.get('HTTP_USER_AGENT', ''))
try:
error_message = serializer.errors['non_field_errors'][0]
except (KeyError, IndexError):
error_message = serializer.errors
return Response({'detail': error_message},
status=scode.HTTP_400_BAD_REQUEST)
def post(self):
try:
request = json.loads(self.request.body.decode())
code = request['code']
logging.debug('code: {0}'.format(code))
result = yield event_service.query_fulltext_code(code)
self.write(Response(status=1, msg='ok', result=result).json())
except Exception as e:
self.write(Response(msg='sorry,亲,查询活动失败').json())
logging.exception('GetEventHandler error: {0}'.format(str(e)))
def get():
try:
data = get_leaderboards()
return Response.success(status=200,
message="Successful GET of page",
data=data)
except Exception as err:
return Response.server_error(
status=400, # TODO: Create proper status for server error
message="Server Error: {}".format(err))
def get(self, developerId):
query = AppRequest.query.filter_by(developer=developerId).all()
if not query:
return res.getSuccess(data=None)
developerrequests, error = apprequests_schema.dump(query)
if error:
return res.internalServiceError(error)
return res.getSuccess(
"Requests made by developer {} retrieved".format(developerId),
developerrequests)
def get(self, appversionId):
queryRequests = AppRequest.query.filter_by(
appversion=appversionId).all()
if not queryRequests:
return res.getSuccess(data=None)
apprequests, error = apprequests_schema.dump(queryRequests)
if error:
return res.internalServiceError(error)
return res.getSuccess(
"Requests for app {} retrieved".format(appversionId), apprequests)
def put(self, requestId):
data = request.get_json()
if not data or not data.get("action"):
return res.badRequestError(
"Missing data to proccess action on app request")
if data.get("action") < 1 or data.get(
"action") > 5: # ********* too hardcoded change later
return res.badRequestError("Invalid Action")
apprequest = AppRequest.query.filter_by(id=requestId).first()
apprequest.status = data.get("action")
return res.putSuccess(
"Succesfully submitted action for request {}.".format(requestId))
def delete(self, appId):
queryApp = Application.query.filter_by(id=appId).first()
# Checks application exists in database
if not queryApp:
return res.resourceMissing("No application found.")
queryApp.active = False
db.session.commit()
return res.deleteSuccess(
"{} succesfully removed from Makiti App Store".format(
queryApp.appname),
application_schema.dump(queryApp).data)
def post(self):
# Verifying request body is not empty
data = request.get_json()
if not data or not data.get("username") or not data.get("password"):
return res.badRequestError("Missing information to login user.")
# Verifies user exists in database
query = Account.query.filter_by(username=data.get("username")).first()
if not query:
return res.badRequestError("Incorrect login information.")
if query.active == False:
return res.badRequestError("This account is deactivated.")
if query.password != data.get("password"):
return res.resourceMissing("Incorrect password for user {}.".format(query.username))
return res.postSuccess(data=account_schema.dump(query).data)
def get(self):
queryApps = Application.query.filter_by(active=True).all()
print(queryApps)
if not queryApps:
return res.resourceMissing("No apps in AppStore yet. Brah!")
apps, error = applications_schema.dump(queryApps)
if error:
return res.internalServiceError(error)
for a in apps:
queryAppVersion = ApplicationVersion.query.filter_by(
id=a["runningversion"]).first()
a["appversionDetails"] = applicationversion_schema.dump(
queryAppVersion).data
return res.getSuccess(data=apps)
def get(self, appId):
data = request.get_json()
if not data:
return res.badRequestError("Missing data to process request.")
queryApp = Application.query.filter_by(id=appId).first()
if not queryApp:
return res.badRequestError("App {} does not exist.".format(appId))
queryAppVersions = ApplicationVersion.query.filter_by(app=appId).all()
if not queryAppVersions:
return res.resourceMissing("No versions found for app {}.".format(
queryApp.appname))
return res.getSuccess(
data=applicationversions_schema.dump(queryAppVersions).data)
def exception_handler(exc, request=None):
"""
Returns the response that should be used for any given exception.
By default we handle the REST framework `APIException`, and also
Django's builtin `Http404` and `PermissionDenied` exceptions.
Any unhandled exceptions may return `None`, which will cause a 500 error
to be raised.
"""
if isinstance(exc, exceptions.APIException):
headers = {}
if getattr(exc, 'auth_header', None):
# noinspection PyUnresolvedReferences
headers['WWW-Authenticate'] = exc.auth_header
if getattr(exc, 'wait', None):
# noinspection PyUnresolvedReferences
headers['Retry-After'] = '%d' % exc.wait
if isinstance(exc.detail, (list, dict)):
data = exc.detail
else:
data = {'detail': exc.detail}
set_rollback()
return Response(data,
status=exc.status_code,
headers=headers,
request=request)
elif isinstance(exc, Http404):
msg = _('Not found')
data = {'detail': six.text_type(msg)}
set_rollback()
return Response(data,
status=status.HTTP_404_NOT_FOUND,
request=request)
elif isinstance(exc, PermissionDenied):
msg = _('Permission denied')
data = {'detail': six.text_type(msg)}
set_rollback()
return Response(data,
status=status.HTTP_403_FORBIDDEN,
request=request)
# Note: Unhandled exceptions will raise a 500 error.
return None
def get(self, appversionId):
queryAppVersion = ApplicationVersion.query.filter_by(
id=appversionId).first()
if not queryAppVersion:
return res.resourceMissing(
"No version record {} exists.".format(appversionId))
appVersion, error = applicationversion_schema.dump(queryAppVersion)
if error:
return res.internalServiceError(error)
queryApp = Application.query.filter_by(id=queryAppVersion.app).first()
if not queryApp:
return res.resourceMissing("App {} does not exist.".format(
queryAppVersion.app))
appVersion["appDetails"] = application_schema.dump(queryApp).data
return res.getSuccess(data=appVersion)
def post(self):
try:
data = json.loads(self.request.body.decode())
code = data['eventcode']
openid = data['openid']
star = yield dbutil.do(
Star.select().where((Star.eventcode == code)
& (Star.openid == openid)).get)
star.status = -1
star.updatetime = datetime.datetime.now()
yield dbutil.do(star.save)
self.write(Response(status=1, msg='ok', result={}).json())
except Exception as e:
self.write(Response(msg='sorry,亲,取消关注活动失败').json())
logging.exception('UnStarEventHandler error: {0}'.format(str(e)))
def post(self):
body = request.json
Logger.info("A user as been registered (%s, %s).",
body["username"], body["email"])
return Response.success(body, status=201)
def get(self):
return Response.success({
"description": f"{variables.SERVICE_LABEL} API "
f"{variables.V1_NAMESPACE}",
"status": "online",
"version": variables.V1_VERSION
})
def post(self):
data = request.get_json()
if not data or not data.get("firstname") or not data.get("lastname") or not data.get("username") or not data.get("password"):
return res.badRequestError("Missing information to process account creation.")
# check username is unique
query = Account.query.filter_by(username=data.get("username")).first()
if query:
return res.resourceExistsError("Username {} already taken.".format(data.get("username")))
newAccountDetails = {"firstname": data.get("firstname"), "lastname": data.get("lastname"), "username": data.get("username"), "password": data.get("password") }
newAccount, error = account_schema.load(newAccountDetails)
if error:
return res.internalServiceError(error)
db.session.add(newAccount)
db.session.commit()
return res.postSuccess("Account succesfully created for username {}.".format(newAccount.username), account_schema.dump(newAccount).data)
def options(self, request, *args, **kwargs):
"""
Handler method for HTTP 'OPTIONS' request.
We may as well implement this as Django will otherwise provide
a less useful default implementation.
"""
return Response(self.metadata(request), status=status.HTTP_200_OK)
class ResultSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = models.Result
fields = ('id', )
class UserAppSerializer(serializers.ModelSerializer):
app = AppDetailSerializer(read_only=True)
class Meta:
model = models.UserApp
fields = ('id', 'user', 'app', 'expires', 'expires_str')
class OrderSerializer(serializers.ModelSerializer):
class Meta:
model = models.Order
fields = ('id', 'user', 'website', 'steps', 'email', 'price')
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = get_user_model()
fields = ('id', 'username')
Response.register_serializers(AppSerializer, AppDetailSerializer, ResultSerializer, UserAppSerializer,
UserSerializer)
