Exemplo n.º 1
0
def authenticate(request, email=None, password=None):
    '''
    Log the Poster in or raise an Unauthenticated error. If email or password 
    is None, will attempt to extract from the request object. This assumes it 
    is a json object. If other formats are used, you must pass in email and 
    password separately. The user object will be placed in the request object 
    after successful login.
    
    @param request: the request to log in
    @param email: the email of the poster
    @param password: the password of the poster
    @return the sessionid, the user object
    '''
    if email is None or password is None:
        try:
            j = read(request)
            email = j["email"]
            password = j["password"]
        except ValueError:
            raise ValueError("Faulty json. Could not parse.")
        except KeyError as ke:
            KeyError(ke)
    user = auth(username=email, password=password)
    if user is None:
        raise AuthenticationError()
    login(request, user)
    return request.session[SESSION_KEY]
Exemplo n.º 2
0
    def dispatch(self, request, *args, **kwargs):
        if request.method.lower() not in self.allowed_methods:
            return err("Method {} not allowed.".format(request.method), 405)

        try:
            check_perms(request, getattr(self, '_perms', {}))
        except BaseAuthError as e:
            return err(e, e.status)
        #It makes sense why these are stored in the request, but i want them
        #in the view for convenience purposes
        self.accept = request.META.get('HTTP_ACCEPT', 'application/json')
        self.params = request.GET
        self.params._mutable = True #no reason for it to stay immutable
        self.fields = [f for f in self.params.get('_fields', "").split(',') 
                       if f in self.field_names]
        
        self.sdepth = (int(self.params['_depth']) 
                       if self.params.get('_depth', None) is not None and 
                       self.params.get('_depth', None).isdigit() else 0)
        if not self.sdepth:
            if hasattr(self, 'expand') or '_expand' in self.params:
                self.sdepth = 1
        if getattr(settings, 'HYPERLINK_VALUES', True):
            self.rootcall = request.scheme + '://' + request.get_host()
        else:
            self.rootcall = ''
        try:
            self.data = read(request)
        except ValueError as e:
            return err(e)
        return super(ViewWrapper, self).dispatch(request, *args, **kwargs)
Exemplo n.º 3
0
 def post(self, request, *args, **kwargs):
     data = read(request)
     a = Assignment.objects.get(id=kwargs['id'])
     for student_id in data.get('add', []):
         student, c = UserAssignment.objects.get_or_create(assignment_id=kwargs['id'],
                                                           owner_id=student_id,
                                                           requirements=a.requirements
                                                           )
     for student_id in data.get('remove', []):
         UserAssignment.objects.filter(assignment_id=kwargs['id'],
                                       owner_id=student_id
                                       ).delete()
     return self._get_assignments_and_students_enrolled_and_not_enrolled(request, *args, **kwargs)
Exemplo n.º 4
0
 def post(self, request, *args, **kwargs):
     '''
     Creates a new poster. The poster object should be of the following json 
     type:
     
         {
             "email" : "<email>",
             "password" : "<password>"
         }
     '''
     j = read(request)
     try:
         p = USER().objects.create_user(**j)
         resp = convert_to_dicts([p], p.field_names, p)[0]
         return jr(resp)
     except IntegrityError as ie:
         return err(ie)