def _ValidateUploadReply(jsonData):
# text is optional
# key is optional
# text and key cannot both be null
# threadID is required
threadID = jsonData[Const.Views.UploadReply.JsonRequestKey.THREAD_ID]
text = jsonData[Const.Views.UploadReply.JsonRequestKey.REPLY_TEXT]
key = jsonData[Const.Views.UploadReply.JsonRequestKey.REPLY_URL]
# If the key exists, check if it is valid
if (not Utils.StringIsEmpty(key) and not _S3KeyIsValid(key)):
return False
# if threadID is empty or corrupt, invalid
if (not _GravityUUIDIsValid(threadID)):
return False
# if text and key are both empty, invalid
if (Utils.StringIsEmpty(text) and Utils.StringIsEmpty(key)):
return False
# check max lengths of text
if (Utils.StringExceedsMaxLength(text, Const.Database.MaxLengths.Content.REPLY_TEXT)):
return False
# else
return True
def __init__(self, text, time, id, key):
# self.name = name
self.text = text
self.time = time
self.id = id
self.key = key
# Format the optional fields - if they are null, use empty string
# if Utils.StringIsEmpty(name):
# self.name = ''
if Utils.StringIsEmpty(text):
self.text = ''
if Utils.StringIsEmpty(key):
self.key = ''
def __init__(self, id, text, time, key, order, replies, unique, arn):
self.id = id
self.text = text
self.time = time
self.key = key
self.order = order
self.replies = replies
self.unique = unique
self.arn= arn
# Format the optional fields - if they are null, use empty string
if Utils.StringIsEmpty(key):
self.key = ''
if Utils.StringIsEmpty(text):
self.text = ''
def UploadLive(requestData):
TAG = Const.Tags.Urls.UPLOAD_LIVE
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.userObject
clientSession = securityProperties.userSession
clientThreadText= securityProperties.jsonRequestData[Const.Views.UploadThread.JsonRequestKey.THREAD_TEXT]
clientThreadKey = securityProperties.jsonRequestData[Const.Views.UploadThread.JsonRequestKey.THREAD_URL]
clientThreadARN = securityProperties.jsonRequestData[Const.Views.UploadThread.JsonRequestKey.THREAD_ARN]
# check if this user is posting too fast
if (settings.RATE_LIMIT_LIVE and RateLimiter.UserLiveRateLimitExceeded(clientUser.id)):
# log the warning and return if too many threads
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
messageCode=Const.DataCollection.MessageCodes.UploadLive.RATE_LIMIT_EXCEEDED)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.MessageCodes.UploadLive.RATE_LIMIT_EXCEEDED)
# Save the live thread in the DB
# Save title as an empty string if it is empty
if (Utils.StringIsEmpty(clientThreadText)):
clientThreadText = ''
Thread.objects.create(fromUser=clientUser,
fromSession=clientSession,
contentType=Const.Tags.ContentTypes.THREAD,
text=clientThreadText,
key=clientThreadKey,
arn=clientThreadARN)
QueryManager.CheckAndPruneThreads()
# FOR RELEASE 1.1
# return the list of threads after a successful thread upload
jsonString = GetThreadListJsonString()
# log and return on success
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.UploadLive.POST_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
jsonString, 'application/json')
except Exception as e:
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.UploadLive.POST_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.UploadLive.POST_FAILED_SERVER_ERROR)
def _ValidateUploadLive(jsonData):
# key and arn are required
# text is optional
text = jsonData[Const.Views.UploadThread.JsonRequestKey.THREAD_TEXT]
key = jsonData[Const.Views.UploadThread.JsonRequestKey.THREAD_URL]
arn = jsonData[Const.Views.UploadThread.JsonRequestKey.THREAD_ARN]
# Check that the key exists and is valid
if (not _S3KeyIsValid(key)):
return False
# Check that the arn exists
if (Utils.StringIsEmpty(arn)):
return False
# If the text, or arn exceed max lengths, invalid
if (Utils.StringExceedsMaxLength(text, Const.Database.MaxLengths.Content.THREAD_TEXT) or
Utils.StringExceedsMaxLength(arn, Const.Database.MaxLengths.AWS_ARN)):
return False
#else
return True
def UploadMessage(requestData):
TAG = Const.Tags.Urls.UPLOAD_MESSAGE
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.clientUserObject
clientRecipientUserUUID = securityProperties.jsonRequestData[
Const.Views.UploadMessage.JsonRequestKey.TO_USER_ID]
clientMessageText = securityProperties.jsonRequestData[
Const.Views.UploadMessage.JsonRequestKey.TEXT]
clientMessageURL = securityProperties.jsonRequestData[
Const.Views.UploadMessage.JsonRequestKey.URL]
# Find the recipient user in the DB
try:
recipientUser = User.objects.get(
uuid=Utils.ConvertUUIDToBinary(clientRecipientUserUUID))
except ObjectDoesNotExist:
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.ClientError.
CODE_UNPROCESSABLE_ENTITY,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.UploadMessage.
RECIPIENT_NOT_FOUND,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.TO_USER:
Utils.ConvertBinaryToUUID(recipientUser.uuid),
Const.DataCollection.ParamNames.HAS_TEXT:
(not Utils.StringIsEmpty(clientMessageText))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ClientError.
CODE_UNPROCESSABLE_ENTITY, Const.DataCollection.MessageCodes.
UploadMessage.RECIPIENT_NOT_FOUND)
# Save the message in the DB
newMessage = Message(toUser=recipientUser,
fromUser=clientUser,
text=clientMessageText,
url=clientMessageURL,
contentType=Const.Tags.ContentTypes.MESSAGE)
# If there is an exception, roll back this db transaction
with transaction.atomic():
newMessage.save()
# log and return on success
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.UploadMessage.
POST_SUCCESSFUL,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.TO_USER:
Utils.ConvertBinaryToUUID(recipientUser.uuid),
Const.DataCollection.ParamNames.HAS_TEXT:
(not Utils.StringIsEmpty(clientMessageText))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadMessage.POST_SUCCESSFUL)
except Exception as e:
DataCollector.logServerError(e)
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.UploadMessage.
POST_FAILED_SERVER_ERROR,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.TO_USER:
Utils.ConvertBinaryToUUID(recipientUser.uuid),
Const.DataCollection.ParamNames.HAS_TEXT:
(not Utils.StringIsEmpty(clientMessageText))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR, Const.DataCollection.MessageCodes.
UploadMessage.POST_FAILED_SERVER_ERROR)
def UploadReply(requestData):
TAG = Const.Tags.Urls.UPLOAD_REPLY
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.userObject
clientSession = securityProperties.userSession
clientThreadID = securityProperties.jsonRequestData[Const.Views.UploadReply.JsonRequestKey.THREAD_ID]
clientReplyText= securityProperties.jsonRequestData[Const.Views.UploadReply.JsonRequestKey.REPLY_TEXT]
clientReplyKey = securityProperties.jsonRequestData[Const.Views.UploadReply.JsonRequestKey.REPLY_URL]
# Moderation - check if this user is posting replies too fast
if (settings.RATE_LIMIT_LIVE and RateLimiter.UserReplyRateLimitExceeded(clientUser.id)):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
messageCode=Const.DataCollection.MessageCodes.UploadReply.RATE_LIMIT_EXCEEDED)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.MessageCodes.UploadReply.RATE_LIMIT_EXCEEDED)
# Find the parent thread to reply to in the DB
threadToReplyTo = QueryManager.GetObjectByID(Thread, clientThreadID)
if (not threadToReplyTo):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND,
messageCode=Const.DataCollection.MessageCodes.UploadReply.THREAD_NOT_FOUND)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND,
Const.DataCollection.MessageCodes.UploadReply.THREAD_NOT_FOUND)
# These fields are optional. Make sure that they go into the DB
# as an empty string if they are not present
if (Utils.StringIsEmpty(clientReplyText)):
clientReplyText = ''
if (Utils.StringIsEmpty(clientReplyKey)):
clientReplyKey = ''
# Save the reply in the DB
newReply = Reply.objects.create(fromUser=clientUser,
fromSession=clientSession,
contentType=Const.Tags.ContentTypes.REPLY,
parentThread=threadToReplyTo,
text=clientReplyText,
key=clientReplyKey)
# Broadcast the reply out to this thread's subscribers using GCM
# Create the client reply object
newReplyClientObject = GetReplyClientObject(text=newReply.text,
time=newReply.timeCreated,
id=Utils.BinaryToUUID(newReply.id),
key=newReply.key)
# Turn it into JSON and send it off
googleResponseCode = GCMManager.BroadcastReplyToSubscribers(parentThreadID=clientThreadID,
newReplyJSON=newReplyClientObject.getDict())
# Check the response code from google
# If it is not successful, return and log a warning, but still
# return a 200 code to the client (since the reply saved ok)
if (googleResponseCode != Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.UploadReply.GCM_BROADCAST_FAILED)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadReply.GCM_BROADCAST_FAILED)
# log and return on success
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.UploadReply.POST_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadReply.POST_SUCCESSFUL)
except Exception as e:
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.UploadReply.POST_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.UploadReply.POST_FAILED_SERVER_ERROR)
def UploadLocalPost(requestData):
TAG = Const.Tags.Urls.UPLOAD_LOCAL
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.clientUserObject
clientLatitude = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.LATITUDE]
clientLongitude = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.LONGITUDE]
clientPostText = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.TEXT]
clientPostURL = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.URL]
clientARN = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.ARN]
# Moderation - check if this user is posting too fast
if (settings.RATE_LIMIT_LOCAL and _UserLocalRateLimitExceeded(clientUser.id)):
DataCollector.logURL(TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE: Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.ParamNames.MESSAGE_CODE: Const.DataCollection.MessageCodes.UploadLocal.RATE_LIMIT_EXCEEDED,
Const.DataCollection.ParamNames.FROM_USER: Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.LATITUDE: clientLatitude,
Const.DataCollection.ParamNames.LONGITUDE: clientLongitude,
Const.DataCollection.ParamNames.HAS_TEXT: (not Utils.StringIsEmpty(clientPostText)) })
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.MessageCodes.UploadLocal.RATE_LIMIT_EXCEEDED)
# Creating a localPost and saving it in the DB
# Create a new LocalPost and populate the fields from the Json
newPost = LocalPost(fromUser=clientUser,
latitude=clientLatitude,
longitude=clientLongitude,
text=clientPostText,
url=clientPostURL,
contentType=Const.Tags.ContentTypes.LOCALPOST,
arn=clientARN)
# If there is an exception, roll back this db transaction
# Save the post in the database
with transaction.atomic():
newPost.save()
# log and return on success
DataCollector.logURL(TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE: Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.ParamNames.MESSAGE_CODE: Const.DataCollection.MessageCodes.UploadLocal.POST_SUCCESSFUL,
Const.DataCollection.ParamNames.FROM_USER: Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.LATITUDE: clientLatitude,
Const.DataCollection.ParamNames.LONGITUDE: clientLongitude,
Const.DataCollection.ParamNames.HAS_TEXT: (not Utils.StringIsEmpty(clientPostText)) })
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadLocal.POST_SUCCESSFUL)
except Exception as e:
# log and return on error
DataCollector.logServerError(e)
DataCollector.logURL(TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE: Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.ParamNames.MESSAGE_CODE: Const.DataCollection.MessageCodes.UploadLocal.POST_FAILED_SERVER_ERROR,
Const.DataCollection.ParamNames.FROM_USER: Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.LATITUDE: clientLatitude,
Const.DataCollection.ParamNames.LONGITUDE: clientLongitude,
Const.DataCollection.ParamNames.HAS_TEXT: (not Utils.StringIsEmpty(clientPostText)) })
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.UploadLocal.POST_FAILED_SERVER_ERROR)