def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "Admin access only.")
vq = appuser.VizQuery(service.AppService, "WHERE name=:1", "pubpts")
svcs = vq.fetch(1, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
if not len(svcs): # create the entry as a placeholder
svc = service.AppService(name="pubpts", ckey="", csec="", data="")
svc.put()
res = [] # result accumulator
if len(svcs) > 0 and len(svcs[0].data) > 100:
for ptid in svcs[0].data.split(","):
pt = Point.get_by_id(int(ptid))
if is_deleted_point(pt):
continue
res.append(pt)
else: # no point ids to process, fetch everything
pts = Point.all()
for pt in pts:
if is_deleted_point(pt):
continue
res.append(pt)
appuser.return_json(self, res)
def post(self):
if not appuser.verify_secure_comms(self):
return
data = appuser.read_params(self, ["uidp", "tlid", "st", "svs", "pts"])
if data["uidp"] and data["tlid"] and data["pts"]:
write_dc_entry(self, "tlsave", data)
appuser.return_json(self, "[]")
def get(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["tlid"]);
tlid = int(params["tlid"])
vq = appuser.VizQuery(TLComp, "WHERE tlid=:1 LIMIT 50", tlid)
res = vq.fetch(50, read_policy=db.EVENTUAL_CONSISTENCY, deadline=40)
appuser.return_json(self, res)
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid"])
orgid = params["orgid"] # str
org = appuser.cached_get(orgid, {"dboc": Organization, "byid": orgid})
appuser.return_json(self, [org])
def get(self):
# PENDING: verify caller is an org contributor
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
ptid = self.request.get('pointid')
if not ptid:
return appuser.srverr(self, 400, "pointid required for lookup")
pt = Point.get_by_id(int(ptid))
if not pt:
return appuser.srverr(self, 404, "Point " + ptid + " not found")
appuser.return_json(self, [pt])
def post(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, [
"instid", "name", "ctype", "cids", "svs", "slug", "title",
"subtitle", "featured", "lang", "comment", "about"
])
timeline = update_or_create_timeline(self, acc, params)
if timeline:
updated = update_timeline_list(acc.built, timeline)
if updated != acc.built:
acc.built = updated
appuser.cached_put(acc.email, acc)
appuser.return_json(self, [timeline, acc])
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if acc.orgid != 1 or acc.lev != 2:
return appuser.srverr(self, 403, "System admin access only.")
pn = "Placeholder"
vq = appuser.VizQuery(Organization, "WHERE name=:1 LIMIT 1", pn)
orgs = vq.fetch(1, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
if len(orgs) > 0:
org = orgs[0]
else:
org = Organization(name=pn)
org.put()
appuser.return_json(self, [org])
def get(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid"])
if not params["orgid"] or int(params["orgid"]) != acc.orgid:
return appuser.srverr(self, 403, "Not your Organization")
vq = appuser.VizQuery(appuser.AppUser, "WHERE orgid=:1",
int(params["orgid"]))
res = vq.fetch(500, read_policy=db.EVENTUAL_CONSISTENCY, deadline=20)
oms = []
for user in res: # only public info and org info, no email etc..
oms.append(public_member_record(user))
logging.info("Org " + params["orgid"] + " has " + str(len(oms)) +
" members")
appuser.return_json(self, oms)
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
fields = [
"orgid", "name", "code", "contacturl", "projecturl", "groups",
"regions", "categories", "tags"
]
params = appuser.read_params(self, fields)
orgid = int(params["orgid"])
org = Organization.get_by_id(orgid)
if acc.orgid != orgid or acc.lev != 2:
return appuser.srverr(self, 403, "Not Organization Administrator")
org = update_organization(org, params)
if org:
appuser.return_json(self, [org])
def get(self):
tlid = self.request.get("tlid")
slug = ""
if tlid:
tl = fetch_timeline_by_id(tlid)
else:
slug = self.request.get("slug")
if not slug:
slug = "default"
slug = slug.lower() # just in case someone camel cases a url..
tl = fetch_timeline_by_slug(slug)
if not tl and slug == "default":
tl = make_bootstrap_demo()
if not tl:
return appuser.srverr(self, 404, "No Timeline " + tlid)
uidp = self.request.get("uidp")
if uidp:
daycount.note_timeline_fetch(self, tl, uidp)
tls = contained_timelines(tl)
appuser.return_json(self, tls)
def post(self):
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["tlid", "tlname", "tltitle",
"tlsubtitle"]);
tlid = params["tlid"]
started = json.loads(acc.started)
proginst = [pi for pi in started if pi["tlid"] == tlid]
if not len(proginst):
return appuser.srverr(self, 400, "Timeline " + tlid + " (" +
params["tlname"] + ") not found")
proginst = proginst[0]
tstamp = appuser.nowISO()
comp = TLComp(userid=acc.key().id(), tlid=int(tlid), username=acc.name,
tlname=params["tlname"], data=json.dumps(proginst),
created=tstamp)
comp.put()
# Update the account and return the updated version
started = [pi for pi in started if pi["tlid"] != tlid]
completed = json.loads(acc.completed)
compinst = [ci for ci in completed if ci["tlid"] == tlid]
if len(compinst):
compinst = compinst[0]
if "count" not in compinst: # completed before count introduced
compinst["count"] = 1 # at least one completion, start there
compinst["name"] = params["tlname"] # update name in case changed
else:
compinst = {"tlid":tlid, "name":params["tlname"],
"count":0, "first":tstamp}
compinst["latest"] = tstamp
compinst["count"] += 1
compinst["title"] = params["tltitle"]
compinst["subtitle"] = params["tlsubtitle"]
compinst["stats"] = completion_stats(proginst)
completed = [ci for ci in completed if ci["tlid"] != tlid]
completed.append(compinst)
acc.started = json.dumps(started)
acc.completed = json.dumps(completed)
cached_put(acc.email, acc)
appuser.return_json(self, [acc, {"token":appuser.token_for_user(acc)}])
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
if not acc.orgid or acc.lev != 2:
return appuser.srverr(self, 403, "Not an Administrator")
params = appuser.read_params(self, ["membermail"])
mem = appuser.account_from_email(params["membermail"])
if not mem:
return appuser.srverr(self, 404, "User not found")
if mem.orgid:
if mem.orgid == acc.orgid:
return appuser.srverr(self, 400, "Already a member")
else:
return appuser.srverr(self, 403, "Member of other Org")
mem.orgid = acc.orgid
mem.lev = 0
appuser.cached_put(mem.email, mem)
appuser.return_json(self, [public_member_record(mem)])
def post(self):
if not appuser.verify_secure_comms(self):
return
acc = appuser.authenticated(self.request)
if not acc:
return srverr(self, 401, "Authentication failed")
params = appuser.read_params(self, ["orgid", "userid", "lev"])
if not params["orgid"] or int(params["orgid"]) != acc.orgid:
return appuser.srverr(self, 403, "Not your Organization")
orgid = int(params["orgid"])
userid = int(params["userid"])
lev = int(params["lev"])
if acc.key().id() != userid and acc.lev != 2:
return appuser.srverr(self, 403, "Not an Administrator")
if acc.key().id() == userid and lev > acc.lev:
return appuser.srverr(self, 403, "Can't promote yourself")
user = appuser.AppUser.get_by_id(userid)
if lev < 0:
user.orgid = 0
user.lev = 0
else:
user.lev = lev
appuser.cached_put(user.email, user)
appuser.return_json(self, [])
