def emails_view(request):
user_emails = list(request.user.emails_set.all())
if request.method == 'GET':
return api_response({
'emails': [email.to_dict() for email in user_emails],
})
if len([e for e in user_emails if not e.verified]) > 3:
return bad_request('Cannot add another unverified email address.',
errors={'email': ['Too many unverified email addresses.']})
form = EmailForm(request.POST)
if not form.is_valid():
return bad_request('Invalid email address.', errors=form.errors)
new_email = form.cleaned_data['email']
if new_email in [e.email for e in user_emails]:
return bad_request('Cannot add an email you already have.',
errors={'email': ['Account already associated with that address.']})
email = users.associate_user_with_email(request.user,
new_email, verified=False)
if not email:
return bad_request('Email is already in use.',
errors={'email': ['Sorry, that email is already in use.']},
status=409)
return api_response({
'email': email.to_dict(),
})
def screenshot_set_bundle_status_view(request, bundle_id=None):
bundle = ScreenshotBundle.find_by_encrypted_id(bundle_id, user_id=request.user.id)
if not bundle:
return not_found()
if bundle.url:
return api_response({'status': 'ready'})
if bundle.create_time < datetime.now() - timedelta(minutes=30):
return api_response({'status': 'error'})
return api_response({'status': 'building'})
def token_identify_view(request, token=None):
token_obj = tokens.token_by_token(token)
if not token_obj:
return api_response({'valid': False})
return api_response({
'valid':
True,
'lastUsedTime':
SDKToken.date_to_api_date(token_obj.last_used_time),
'owner': {
'id': token_obj.user.encrypted_id,
'name': token_obj.user.short_name,
},
})
def token_identify_view(request, token=None):
token_obj = tokens.token_by_token(token)
if not token_obj:
return api_response({
'valid': False
})
return api_response({
'valid': True,
'lastUsedTime': SDKToken.date_to_api_date(token_obj.last_used_time),
'owner': {
'id': token_obj.user.encrypted_id,
'name': token_obj.user.short_name,
},
})
def get_twitter_app_connections_view(request):
my_apps = appstore.my_apps(request.user)
my_apps_by_id = dict((app.id, app) for app in my_apps)
# FIXME: Remove twitter connections when removing app interests?
my_connections = [
c
for c in twitter_app_connections.get_connections_for_user(request.user)
if c.app_id in my_apps_by_id
]
my_connected_app_ids = set(c.app_id for c in my_connections)
for connection in my_connections:
# update with a decorated app
connection.app = my_apps_by_id[connection.app_id]
connections = sorted(my_connections, key=lambda c: c.app.short_name)
unconnected_apps = sorted(
[a for a in my_apps if a.id not in my_connected_app_ids],
key=lambda a: a.short_name)
return api_response({
'connections': [c.to_dict() for c in connections],
'unconnectedApps': [a.to_dict() for a in unconnected_apps],
'handles':
request.user.twitter_handles,
})
def _websites_view_GET(request):
websites = (AppWebsite.objects.filter(user=request.user).exclude(
delete_time__isnull=False).order_by('-create_time'))
return api_response({
'websites': [w.to_dict() for w in websites],
})
def _create_image_view(request):
if settings.IS_PRODUCTION:
referer = request.META.get('HTTP_REFERER', '')
if not any(referer.startswith(ap) for ap in ACCEPTABLE_PREFIXES):
logging.info('Blocked request with missing referer')
return bad_request()
try:
gae_id = int(request.POST['upload_id'])
except (KeyError, ValueError, TypeError):
gae_id = None
if not gae_id:
return bad_request('Please include `upload_id`.')
user = None
if request.user.is_authenticated():
user = request.user
image_result = fn(gae_id, user)
if image_result.bad_request:
return bad_request('Invalid image provided.')
if image_result.server_error:
return unavailable_response()
image = image_result.image
return api_response({
'image': image.to_dict()
})
def screenshot_set_add_shot_view(request, set_id=None):
my_set = screenshots.get_set_by_encrypted_id(request.user, set_id)
if not my_set:
return not_found()
if my_set.shot_count >= 5:
return bad_request('Maximum number of shots in this set already.')
form = CreateUpdateShotForm(request.POST)
if not form.is_valid():
logging.warn('Invalid shot data: %s', dict(form.errors))
return bad_request('Invalid shot data.', errors=form.errors)
if not form.cleaned_data.get('screenshot_image_id'):
return bad_request('Please supply `screenshot_image_id`.')
fields = form.cleaned_data
post_keys = set(request.POST.keys())
for key in fields.keys():
if key not in post_keys:
# default from the form
del fields[key]
fields['screenshot_image'] = fields['screenshot_image_id']
del fields['screenshot_image_id']
if 'background_image_id' in fields:
fields['background_image'] = fields['background_image_id']
del fields['background_image_id']
shot = screenshots.create_shot_in_set(request.user, my_set, **fields)
return api_response({
'shot': shot.to_dict(),
})
def screenshot_set_create_bundle_view(request, set_id=None):
my_set, shots = screenshots.get_set_and_shots_by_encrypted_id(request.user, set_id,
enable_logged_out=False)
if not my_set:
return not_found()
upload_ids = request.POST.getlist('upload_id') or []
try:
upload_ids = [long(i) for i in upload_ids]
except (ValueError, TypeError):
logging.info('invalid upload_ids: %s (set id: %s)', upload_ids, set_id)
return bad_request('Invalid `upload_id`, each should be long integer.')
if not upload_ids:
logging.info('upload ids: %s body: %s %s %s', upload_ids, request.body, request.POST, request.method)
return bad_request('Invalid `upload_id`, each should be a GAE upload ID.')
upload_names = filter(lambda n: n and n.strip(), request.POST.getlist('upload_name') or [])
if len(upload_ids) != len(upload_names):
logging.info('invalid upload_names: %s upload_ids: %s (set id: %s)', upload_ids, upload_names, set_id)
return bad_request('Invalid `upload_name`, each should be an upload filename corresponding to the `upload_id` provided.')
hq = request.POST.get('hq') == '1'
bundle = screenshot_bundler.build_screenshot_bundle(my_set, request.user, upload_ids, upload_names, hq=hq)
if not bundle:
return unavailable_response()
return api_response({
'bundleId': bundle.encrypted_id,
})
def config_interpolated_view(request):
token_id = request.GET.get('token')
if token_id:
user = tokens.user_by_token(token_id)
else:
user = request.user
if not (user and user.is_authenticated()):
return unauthorized_request('Please provide `token` or `access_token`.')
form = GetConfigForm(request.GET)
if not form.is_valid():
return bad_request('Invalid options for config interpolation', errors=form.errors)
user_labels = form.cleaned_data.get('sdk_user_labels')
if user_labels:
user_labels = ','.split(user_labels)
config = runtime_config.interpolated_config_for_user(
user,
form.cleaned_data['namespace'],
form.cleaned_data['bundle_id'],
version=form.cleaned_data['version'],
build=form.cleaned_data['build'],
ios_version=form.cleaned_data['ios_version'],
debug=form.cleaned_data['debug'],
sdk_user_labels=user_labels)
return api_response({
'config': config,
})
def config_rule_view(request, rule_id):
rule = RuntimeConfigRule.objects.filter(
id=RuntimeConfigRule.decrypt_id(rule_id),
user_id=request.user.id).first()
if not rule:
return not_found()
if request.method == 'POST':
target_form = EditRuleForm(request.POST)
if not target_form.is_valid():
return bad_request('Invalid edit config values.', errors=target_form.errors)
cleaned_data = target_form.cleaned_data
if 'value' in request.POST:
value_form = ValueForm(rule.kind, request.POST)
if not value_form.is_valid():
return bad_request('Invalid edit config values.', errors=value_form.errors)
cleaned_data.update(value_form.cleaned_data)
# strip out arguments that were not present in the actual POSTbody.
cleaned_data = {k: v for k, v in cleaned_data.items() if k in request.POST}
runtime_config.update_rule(rule, **cleaned_data)
return api_response({
'rule': rule.to_dict(),
})
def config_interpolated_view(request):
token_id = request.GET.get('token')
if token_id:
user = tokens.user_by_token(token_id)
else:
user = request.user
if not (user and user.is_authenticated()):
return unauthorized_request(
'Please provide `token` or `access_token`.')
form = GetConfigForm(request.GET)
if not form.is_valid():
return bad_request('Invalid options for config interpolation',
errors=form.errors)
user_labels = form.cleaned_data.get('sdk_user_labels')
if user_labels:
user_labels = ','.split(user_labels)
config = runtime_config.interpolated_config_for_user(
user,
form.cleaned_data['namespace'],
form.cleaned_data['bundle_id'],
version=form.cleaned_data['version'],
build=form.cleaned_data['build'],
ios_version=form.cleaned_data['ios_version'],
debug=form.cleaned_data['debug'],
sdk_user_labels=user_labels)
return api_response({
'config': config,
})
def config_rule_view(request, rule_id):
rule = RuntimeConfigRule.objects.filter(
id=RuntimeConfigRule.decrypt_id(rule_id),
user_id=request.user.id).first()
if not rule:
return not_found()
if request.method == 'POST':
target_form = EditRuleForm(request.POST)
if not target_form.is_valid():
return bad_request('Invalid edit config values.',
errors=target_form.errors)
cleaned_data = target_form.cleaned_data
if 'value' in request.POST:
value_form = ValueForm(rule.kind, request.POST)
if not value_form.is_valid():
return bad_request('Invalid edit config values.',
errors=value_form.errors)
cleaned_data.update(value_form.cleaned_data)
# strip out arguments that were not present in the actual POSTbody.
cleaned_data = {
k: v
for k, v in cleaned_data.items() if k in request.POST
}
runtime_config.update_rule(rule, **cleaned_data)
return api_response({
'rule': rule.to_dict(),
})
def get_sales_metrics_view(request):
requested_date = request.GET.get('requested_date')
if requested_date:
try:
requested_date = float(requested_date)
requested_date = date.fromtimestamp(requested_date)
except ValueError:
return bad_request('Invalid `requsted_date`')
if not requested_date:
requested_date = itunes_connect.get_freshest_sales_report_date()
vendor = itunes_connect.get_chosen_vendor_for_user(request.user)
if not vendor:
return bad_request('No iTunes vendor chosen for this user yet.')
status = itunes_connect.report_status_for_vendor_date(vendor, requested_date)
if status == itunes_connect.REPORT_STATUS_AVAILABLE:
app_sales_metrics, total_sales_metrics = itunes_connect.get_sales_metrics(vendor, requested_date)
for app_metrics in app_sales_metrics:
app_metrics['app'] = app_metrics['app'].to_dict()
else:
app_sales_metrics, total_sales_metrics = None, None
return api_response({
'status': status,
'appSalesMetrics': app_sales_metrics,
'totalSalesMetrics': total_sales_metrics,
'date': APIModel.date_to_api_date(requested_date),
'vendor': vendor.to_dict(),
})
def signup(request):
if request.user.is_authenticated():
return bad_request('You are already signed in.')
user_form = UserSignupForm(request.POST)
if not user_form.is_valid():
return bad_request(message='Invalid user signup data',
errors=user_form.errors)
email = user_form.cleaned_data.get('email')
password = user_form.cleaned_data['password']
user = users.create_user(user_form.cleaned_data['first_name'],
user_form.cleaned_data['last_name'],
email=email,
password=password)
if not user:
logging.warn('Unaccounted for signup error with signup data: %r',
user_form.cleaned_data)
return bad_request(
'Could not create a user with the given credentials.')
return api_response({
'user': user.to_dict(),
})
def _subscriptions_view_POST(request):
form = NewSubscriptionForm(request.POST)
if not form.is_valid():
return bad_request('Invalid subscription data.', errors=form.errors)
email = form.cleaned_data.get('email')
my_email = form.cleaned_data.get('my_email')
slack_url = form.cleaned_data.get('slack_url')
slack_channel_name = form.cleaned_data.get('slack_channel_name')
sub = None
if email:
sub = appstore_sales_report_subscriptions.create_email_subscription(request.user, email)
elif my_email:
sub = appstore_sales_report_subscriptions.create_my_email_subscription(request.user)
elif slack_channel_name:
sub = appstore_sales_report_subscriptions.create_slack_channel_subscription(request.user, slack_channel_name)
elif slack_url:
sub = appstore_sales_report_subscriptions.create_slack_subscription(request.user, slack_url)
if not sub:
return bad_request('Subscription already exists.')
new_flags = []
if not request.user.flags.has_sales_monitor:
new_flags.append('has_sales_monitor')
if new_flags:
request.user.set_flags(new_flags)
return api_response({
'subscription': sub.to_dict(),
})
def get_vendors_view(request):
connected_email = itunes_connect.itunes_credentials_email_for_user_id(request.user.id)
vendors = ItunesConnectVendor.objects.filter(user=request.user)
return api_response({
'appleId': connected_email,
'vendors': [vendor.to_dict() for vendor in vendors]
})
def get_sales_metrics_view(request):
requested_date = request.GET.get('requested_date')
if requested_date:
try:
requested_date = float(requested_date)
requested_date = date.fromtimestamp(requested_date)
except ValueError:
return bad_request('Invalid `requsted_date`')
if not requested_date:
requested_date = itunes_connect.get_freshest_sales_report_date()
vendor = itunes_connect.get_chosen_vendor_for_user(request.user)
if not vendor:
return bad_request('No iTunes vendor chosen for this user yet.')
status = itunes_connect.report_status_for_vendor_date(
vendor, requested_date)
if status == itunes_connect.REPORT_STATUS_AVAILABLE:
app_sales_metrics, total_sales_metrics = itunes_connect.get_sales_metrics(
vendor, requested_date)
for app_metrics in app_sales_metrics:
app_metrics['app'] = app_metrics['app'].to_dict()
else:
app_sales_metrics, total_sales_metrics = None, None
return api_response({
'status': status,
'appSalesMetrics': app_sales_metrics,
'totalSalesMetrics': total_sales_metrics,
'date': APIModel.date_to_api_date(requested_date),
'vendor': vendor.to_dict(),
})
def _websites_view_POST(request):
itunes_id = request.POST.get('itunes_id')
country = request.POST.get('country', 'us')
if itunes_id and country:
itunes_app = appstore.get_app_by_itunes_id(itunes_id, country)
else:
itunes_app = None
post_data = {
'template': '1',
'frame_screenshots': 'white',
}
# Create website from iTunes info.
if itunes_app:
name, tagline = text.app_name_tagline(itunes_app.name)
post_data.update({
'itunes_id': itunes_app.itunes_id,
'country': itunes_app.country,
'app_name': name,
'tagline': tagline,
'long_description': itunes_app.description,
})
for k, v in request.POST.items():
post_data[k] = v or post_data.get(k, '')
form = AppWebsiteForm(post_data)
if not form.is_valid():
logging.info('Website creation problem: %s', dict(form.errors))
return bad_request('Invalid website data.', errors=form.errors)
domain = form.cleaned_data.get('domain')
if domain:
in_use_website = AppWebsite.objects.filter(domain=domain).count()
if in_use_website:
return bad_request('Invalid website data', errors={'domain': ['Domain already in use.']})
screenshots_form = AppWebsiteScreenshotsForm(request.POST)
if not screenshots_form.is_valid():
return bad_request('Invalid screenshots provided.')
new_website = AppWebsite(user=request.user)
_assign_properties_from_dict(new_website, form.cleaned_model_data())
new_website.save()
# ADD ASSOCIATED SCREENSHOTS
iphone_screenshots = screenshots_form.cleaned_data.get('iphone_screenshot_ids', [])
if iphone_screenshots:
websites.update_website_screenshots(new_website, iphone_screenshots, 'iPhone')
request.user.set_flags(['has_websites'])
return api_response({
'website': new_website.to_dict(),
})
def subscription_view(request, subscription_id=None):
sub = appstore_review_subscriptions.get_user_subscription_by_encrypted_id(request.user, subscription_id)
if not sub:
return not_found()
if request.method == 'GET':
return api_response({
'subscription': sub.to_dict(),
})
if request.POST.get('filter_good'):
do_filter = request.POST['filter_good'] == '1'
appstore_review_subscriptions.mark_subscription_filtered_good(sub, do_filter)
return api_response({
'subscription': sub.to_dict(),
})
def get_vendors_view(request):
connected_email = itunes_connect.itunes_credentials_email_for_user_id(
request.user.id)
vendors = ItunesConnectVendor.objects.filter(user=request.user)
return api_response({
'appleId': connected_email,
'vendors': [vendor.to_dict() for vendor in vendors]
})
def user_by_id(request, user_id=None):
user = User.find_by_encrypted_id(user_id)
if not user:
return not_found()
return api_response({
'user': user.to_minimal_dict()
})
def token_view(request, token_id=None):
token = tokens.get_my_token_by_encrypted_id(request.user, token_id)
if not token:
return not_found()
return api_response({
'token': token.to_dict(),
})
def token_view(request, token_id=None):
token = tokens.get_my_token_by_encrypted_id(request.user, token_id)
if not token:
return not_found()
return api_response({
'token': token.to_dict(),
})
def response():
return api_response({
'do': [c.to_dict() for c in commands],
'config':
config,
'user': (sdk_user and sdk_user.to_client_dict())
or DEFAULT_USER_DICT,
})
def _website_view_POST(request, website_id):
website = AppWebsite.find_by_encrypted_id(website_id,
user_id=request.user.id,
for_update=True)
if not website or website.delete_time:
return not_found()
# FORM VALIDATION
form = EditAppWebsiteForm(request.POST)
if not form.is_valid():
logging.info('Website edit problem (id=%s): %s', website.encrypted_id,
dict(form.errors))
return bad_request('Invalid website data.', errors=form.errors)
domain = form.cleaned_data.get('domain')
if domain:
in_use_website = AppWebsite.objects.filter(domain=domain).exclude(
id=website.id).count()
if in_use_website:
return bad_request('Invalid website data',
errors={'domain': ['Domain already in use.']})
screenshots_form = AppWebsiteScreenshotsForm(request.POST)
if not screenshots_form.is_valid():
logging.info('Website screenshots problem (id=%s): %s',
website.encrypted_id, dict(screenshots_form.errors))
return bad_request('Invalid screenshots provided.',
errors=screenshots_form.errors)
# ASSIGN MODIFIED PROPERTIES
# Only assign values that were actually passed in the POSTbody.
_assign_properties_from_dict(
website, form.cleaned_model_data(filter_values=request.POST))
# UPDATE ASSOCIATED SCREENSHOTS
iphone_screenshots = screenshots_form.cleaned_data.get(
'iphone_screenshot_ids', [])
if iphone_screenshots:
websites.update_website_screenshots(website, iphone_screenshots,
'iPhone')
# UPDATE HOSTED PAGES
hosted_pages = EditPageForm(request.POST)
if not hosted_pages.is_valid():
return bad_request('Invalid website data.', errors=hosted_pages.errors)
for field in hosted_pages:
# Check if this field was actually included in the POSTdata with this request.
if field.name in request.POST:
websites.create_or_update_hosted_page(website, field.name,
field.value())
website.save()
return api_response({'website': website.to_dict()})
def _oauth_error_response(error_code, state, error_description=None, error_field=None):
response_dict = {'error': error_code}
if state:
response_dict['state'] = state
if error_description:
response_dict['error_description'] = error_description
if error_field:
response_dict['error_field'] = error_field
return api_response(response_dict, status=400)
def _screenshot_set_view_GET(request, set_id=None):
the_set, shots = screenshots.get_set_and_shots_by_encrypted_id(request.user, set_id, enable_logged_out=True)
if not the_set:
return not_found()
return api_response({
'set': the_set.to_dict(),
'shots': [shot.to_dict() for shot in shots],
})
def token_get_or_create_view(request):
my_tokens = [t for t in tokens.get_my_tokens(request.user) if not t.expire_time]
if my_tokens:
token = my_tokens[0]
else:
token = tokens.generate_token(request.user)
return api_response({
'token': token.to_dict(),
})
def get_example_website_view(request):
itunes_id = request.POST.get('itunes_id')
country = request.POST.get('country', 'us')
if itunes_id:
example_website = websites.example_from_itunes_id(itunes_id, country)
else:
example_website = websites.get_fancy_cluster_example()
return api_response({'website': example_website})
def app_itunes_info_view(request, app):
if app.appstore_app:
appstore_app = app.appstore_app
appstore_app_info.decorate_app(appstore_app, app.appstore_app_country)
else:
appstore_app = appstore.get_app_by_bundle_id(app.bundle_id, request.GET.get('country') or 'us')
return api_response({
'info': appstore_app and appstore_app.decorated_info.to_dict(),
})
def oauth2_token_view(request):
form = OAuthGrantTokenForm(request.POST)
state = request.POST.get('state')
if not form.is_valid():
# Errors from: http://tools.ietf.org/html/rfc6749#section-5.2
# TODO(taylor): When adding support for third-party clients, add
# "unauthorized_client" support -- this should fire when third-party
# clients try using one of the privileged/reserved grant_types.
error_code = 'invalid_request'
if 'client_id' in form.errors or 'client_secret' in form.errors:
error_code = 'invalid_client'
elif 'grant_type' in form.errors:
error_code = 'unsupported_grant_type'
return _oauth_error_response(error_code, state)
# We'll need this later.
scope = form.cleaned_data['scope']
# Depending on grant type, perform authentication.
grant_type = form.cleaned_data['grant_type']
if grant_type == settings.OAUTH_GRANT_PASSWORD:
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user_exists = False
user = None
email = lkforms.clean_email(username)
if email:
maybe_user = users.get_user_by_email(email, for_update=True)
if maybe_user:
user_exists = True
if maybe_user.check_password(password):
user = maybe_user
if not user:
return _oauth_error_response(
'invalid_grant',
state,
error_description=
'Could not find the user with that email and password.',
error_field=user_exists and 'password' or 'username')
# Create a token for this user.
client_id = form.cleaned_data['client_id']
access_token = oauth.create_token_for_user_client_scope(
user, client_id, scope)
response_dict = {
'access_token': access_token,
'token_type': 'Bearer',
}
if state:
response_dict['state'] = state
return api_response(response_dict)
def _websites_view_GET(request):
websites = (
AppWebsite.objects
.filter(user=request.user)
.exclude(delete_time__isnull=False)
.order_by('-create_time')
)
return api_response({
'websites': [w.to_dict() for w in websites],
})
def email_delete_view(request):
form = EmailForm(request.POST)
if not form.is_valid():
return bad_request('Invalid email provided.', errors=form.errors)
if not users.disassociate_user_with_email(request.user, form.cleaned_data['email']):
return bad_request('Could not disassociate that email address.')
return api_response({
'emails': [e.to_dict() for e in request.user.emails_set.all()],
})
def email_set_primary_view(request):
form = EmailForm(request.POST)
if not form.is_valid():
return bad_request('Invalid email provided.', errors=form.errors)
if not users.make_email_primary(request.user, form.cleaned_data['email']):
return bad_request('Could not promote email address to primary.')
return api_response({
'emails': [e.to_dict() for e in request.user.emails_set.all()],
})
def email_set_primary_view(request):
form = EmailForm(request.POST)
if not form.is_valid():
return bad_request('Invalid email provided.', errors=form.errors)
if not users.make_email_primary(request.user, form.cleaned_data['email']):
return bad_request('Could not promote email address to primary.')
return api_response({
'emails': [e.to_dict() for e in request.user.emails_set.all()],
})
def _apps_view_GET(request):
form = ListAppsForm(request.GET)
if not form.is_valid():
return bad_request('Invalid list parameters.', errors=form.errors)
cleaned_data = {k: v for k, v in form.cleaned_data.items() if k in request.GET}
apps = sdk_apps.my_decorated_apps(request.user, **cleaned_data)
return api_response({
'apps': [a.to_dict() for a in apps],
})
def get_example_website_view(request):
itunes_id = request.POST.get('itunes_id')
country = request.POST.get('country', 'us')
if itunes_id:
example_website = websites.example_from_itunes_id(itunes_id, country)
else:
example_website = websites.get_fancy_cluster_example()
return api_response({
'website': example_website
})
def token_get_or_create_view(request):
my_tokens = [
t for t in tokens.get_my_tokens(request.user) if not t.expire_time
]
if my_tokens:
token = my_tokens[0]
else:
token = tokens.generate_token(request.user)
return api_response({
'token': token.to_dict(),
})
def review_view(request, review_id=None):
review = AppStoreReview.find_by_encrypted_id(review_id)
if not review:
return not_found()
app = review.app
appstore_app_info.decorate_app(app, review.country)
return api_response({
'review': review.to_dict(),
'apps': {app.encrypted_id: app.to_dict()}
})
def email_delete_view(request):
form = EmailForm(request.POST)
if not form.is_valid():
return bad_request('Invalid email provided.', errors=form.errors)
if not users.disassociate_user_with_email(request.user,
form.cleaned_data['email']):
return bad_request('Could not disassociate that email address.')
return api_response({
'emails': [e.to_dict() for e in request.user.emails_set.all()],
})
def _oauth_error_response(error_code,
state,
error_description=None,
error_field=None):
response_dict = {'error': error_code}
if state:
response_dict['state'] = state
if error_description:
response_dict['error_description'] = error_description
if error_field:
response_dict['error_field'] = error_field
return api_response(response_dict, status=400)
def _build_response():
user = User.get_cached(request.user.id)
flags = {}
for flag in users.USER_EDITABLE_USER_FLAGS:
flags[flag] = bool(getattr(user.flags, flag))
return api_response({
'user': user.to_dict(),
'emails': [email.to_dict() for email in user.emails_set.all()],
'settings': flags
})
def app_itunes_info_view(request, app):
if app.appstore_app:
appstore_app = app.appstore_app
appstore_app_info.decorate_app(appstore_app, app.appstore_app_country)
else:
appstore_app = appstore.get_app_by_bundle_id(
app.bundle_id,
request.GET.get('country') or 'us')
return api_response({
'info':
appstore_app and appstore_app.decorated_info.to_dict(),
})
def slack_channels_view(request):
connected = slack.user_has_slack_token(request.user)
if not connected:
return bad_request('Unauthorized -- please connect slack first.')
channels = slack.list_channels_for_user(request.user)
# channels being None here means that we could not list any channels,
# so something is probably wrong with the slack access token.
return api_response({
'tokenValid': channels is not None,
'channels': channels,
})
def screenshot_shot_view(request, set_id=None, shot_id=None):
my_set, shots = screenshots.get_set_and_shots_by_encrypted_id(request.user, set_id)
if not my_set:
return not_found()
shot = [s for s in shots if s.encrypted_id == shot_id]
if not shot:
return not_found()
shot = shot[0]
if request.method == 'GET':
return api_response({
'shot': shot.to_dict(),
})
form = CreateUpdateShotForm(request.POST)
if not form.is_valid():
return bad_request('Invalid update shot data.', errors=form.errors)
fields = form.cleaned_data
post_keys = set(request.POST.keys())
for key in fields.keys():
if key not in post_keys:
# default from the form
del fields[key]
if 'screenshot_image_id' in fields:
fields['screenshot_image'] = fields['screenshot_image_id']
del fields['screenshot_image_id']
if 'background_image_id' in fields:
fields['background_image'] = fields['background_image_id']
del fields['background_image_id']
screenshots.update_shot(shot, **fields)
return api_response({
'shot': shot.to_dict(),
})
def connect_twitter_view(request):
app_id = request.GET['app_id']
cb_url = None
if 'callback_url' in request.GET:
cb_url = urllib.unquote(request.GET['callback_url'])
twitter_connect_url = twitter.get_auth_redirect(app_id, cb_url)
if not twitter_connect_url:
return unavailable_response()
return api_response({
'twitterConnectUrl': twitter_connect_url,
})
def screenshot_sets_view(request):
if request.method == 'GET':
my_sets = screenshots.get_my_sets(request.user)
screenshots.decorate_with_preview_images(my_sets)
return api_response({
'sets': [s.to_dict() for s in my_sets],
})
form = NewSetForm(request.POST)
if not form.is_valid():
return bad_request('Invalid new set.', errors=form.errors)
my_sets = screenshots.get_my_sets(request.user)
if not request.user.flags.has_screenshot_builder:
request.user.set_flags(['has_screenshot_builder'])
new_set = screenshots.create_set(request.user,
form.cleaned_data['name'], form.cleaned_data['version'], form.cleaned_data['platform'])
return api_response({
'set': new_set.to_dict(),
})
def connect_twitter_view(request):
app_id = request.GET['app_id']
cb_url = None
if 'callback_url' in request.GET:
cb_url = urllib.unquote(request.GET['callback_url'])
twitter_connect_url = twitter.get_auth_redirect(app_id, cb_url)
if not twitter_connect_url:
return unavailable_response()
return api_response({
'twitterConnectUrl': twitter_connect_url,
})
def oauth2_token_view(request):
form = OAuthGrantTokenForm(request.POST)
state = request.POST.get('state')
if not form.is_valid():
# Errors from: http://tools.ietf.org/html/rfc6749#section-5.2
# TODO(taylor): When adding support for third-party clients, add
# "unauthorized_client" support -- this should fire when third-party
# clients try using one of the privileged/reserved grant_types.
error_code = 'invalid_request'
if 'client_id' in form.errors or 'client_secret' in form.errors:
error_code = 'invalid_client'
elif 'grant_type' in form.errors:
error_code = 'unsupported_grant_type'
return _oauth_error_response(error_code, state)
# We'll need this later.
scope = form.cleaned_data['scope']
# Depending on grant type, perform authentication.
grant_type = form.cleaned_data['grant_type']
if grant_type == settings.OAUTH_GRANT_PASSWORD:
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user_exists = False
user = None
email = lkforms.clean_email(username)
if email:
maybe_user = users.get_user_by_email(email, for_update=True)
if maybe_user:
user_exists = True
if maybe_user.check_password(password):
user = maybe_user
if not user:
return _oauth_error_response('invalid_grant', state,
error_description='Could not find the user with that email and password.',
error_field=user_exists and 'password' or 'username')
# Create a token for this user.
client_id = form.cleaned_data['client_id']
access_token = oauth.create_token_for_user_client_scope(user, client_id, scope)
response_dict = {
'access_token': access_token,
'token_type': 'Bearer',
}
if state:
response_dict['state'] = state
return api_response(response_dict)
def _apps_view_GET(request):
form = ListAppsForm(request.GET)
if not form.is_valid():
return bad_request('Invalid list parameters.', errors=form.errors)
cleaned_data = {
k: v
for k, v in form.cleaned_data.items() if k in request.GET
}
apps = sdk_apps.my_decorated_apps(request.user, **cleaned_data)
return api_response({
'apps': [a.to_dict() for a in apps],
})
