def api_call(request, format="json"): """ the public api attempts to validate a request as a valid oauth request then builds the appropriate api_user object and tries to dispatch to the provided method """ servertime = api.utcnow() try: kwargs = oauth_util.get_method_kwargs(request) json_params = kwargs.pop('json_params', None) if json_params: parsed = simplejson.loads(json_params) # Turn the keys from unicode to str so that they can be used as method # parameters. kwargs.update(dict([(str(k), v) for k, v in parsed.iteritems()])) method = kwargs.pop('method', '').replace('.', '_') if method == 'presence_send': method = 'post' if not method: raise exception.ApiException(exception.NO_METHOD, "No method specified") # Allows us to turn off authentication for testing purposes if not settings.API_DISABLE_VERIFICATION: api_user = request.user else: api_user = api.ROOT method_ref = api.PublicApi.get_method(method, api_user) if not method_ref: raise exception.ApiException(exception.INVALID_METHOD, 'Invalid method: %s' % method) if not api_user: raise exception.ApiException(0x00, 'Invalid API user') if getattr(api_user, 'legacy', None) and method == 'post': kwargs['nick'] = api_user.nick rv = method_ref(api_user, **kwargs) if rv is None: raise exception.ApiException(0x00, 'method %s returned None' % (method)) return render_api_response(rv, format, servertime=servertime) except oauth_util.OAuthError, e: exc = exception.ApiException(exception.OAUTH_ERROR, e.message) return render_api_response(exc, format)
def api_vendor_sms_receive(request, vendor_secret=None): """ a one off implementation for receiving sms from IPX """ if vendor_secret != settings.SMS_VENDOR_SECRET: raise exception.ApiException(0x00, "Invalid secret") sms_message = sms_protocol.SmsMessage.from_request(request) sms_service = sms.SmsService(sms_protocol.SmsConnection()) sms_service.init_handlers() rv = sms_service.handle_message(sms_message.sender, sms_message.target, sms_message.message) return http.HttpResponse(rv)
def api_vendor_queue_process(request): """ process a queue item, redirect to self if there were more """ secret = request.REQUEST.get('secret') if secret != settings.QUEUE_VENDOR_SECRET: raise exception.ApiException(0x00, "Invalid secret") try: rv = api.task_process_any(api.ROOT) if rv: return http.HttpResponseRedirect(request.get_full_path()) except exception.ApiNoTasks: pass return http.HttpResponse('')
if getattr(api_user, 'legacy', None) and method == 'post': kwargs['nick'] = api_user.nick rv = method_ref(api_user, **kwargs) if rv is None: raise exception.ApiException(0x00, 'method %s returned None' % (method)) return render_api_response(rv, format, servertime=servertime) except oauth_util.OAuthError, e: exc = exception.ApiException(exception.OAUTH_ERROR, e.message) return render_api_response(exc, format) except exception.ApiException, e: return render_api_response(e, format) except TypeError, e: exc = exception.ApiException(exception.INVALID_ARGUMENTS, str(e)) return render_api_response(exc, format) except: exception.handle_exception(request) return render_api_response(request.errors[0], format) # some error happened return render_api_response(request.errors[0], format) def api_xmlrpc(request): return _XML_RPC_DISPATCHER.dispatch(request) @decorator.debug_only def api_loaddata(request):
def actor_settings(request, nick, page='index'): """ just a static page that links to the rest""" nick = clean.nick(nick) view = api.actor_lookup_nick(api.ROOT, nick) if not api.actor_owns_actor(request.user, view): raise exception.ApiException(exception.PRIVACY_ERROR, 'Operation not allowed') handled = common_views.handle_view_action( request, { 'activation_activate_mobile': view.url('/settings/mobile'), 'activation_request_email': view.url('/settings/email'), 'activation_request_mobile': view.url('/settings/mobile'), 'settings_change_notify': view.url('/settings/notifications'), 'settings_change_privacy': request.path, 'settings_update_account': view.url('/settings/profile'), 'actor_remove': '/logout', #'oauth_remove_consumer': request.path, #'oauth_remove_access_token': request.path }) if handled: return handled # TODO(tyler/termie): This conflicts with the global settings import. # Also, this seems fishy. Do none of the settings.* items work in templates? import settings # TODO(tyler): Merge this into handle_view_action, if possible if 'password' in request.POST: try: validate.nonce(request, 'change_password') password = request.POST.get('password', '') confirm = request.POST.get('confirm', '') validate.password_and_confirm(password, confirm, field='password') api.settings_change_password(request.user, view.nick, password) response = util.RedirectFlash(view.url() + '/settings/password', 'Password updated') request.user.password = util.hash_password(request.user.nick, password) # TODO(mikie): change when cookie-auth is changed user.set_user_cookie(response, request.user) return response except: exception.handle_exception(request) if page == 'feeds': try: if not settings.FEEDS_ENABLED: raise exception.DisabledFeatureError( 'Feeds are currently disabled') except: exception.handle_exception(request) if page == 'photo': redirect_to = view.url() + '/settings/photo' handled = common_views.common_photo_upload(request, redirect_to) if handled: return handled area = 'settings' full_page = page.capitalize() if page == 'mobile': full_page = 'Mobile Number' mobile = api.mobile_get_actor(request.user, view.nick) sms_notify = view.extra.get('sms_notify', False) elif page == 'im': full_page = 'IM Address' im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) elif page == 'index': email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get('email_notify', False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) elif page == 'feeds': full_page = 'Web Feeds' elif page == 'email': full_page = 'Email Address' email_notify = view.extra.get('email_notify', False) # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == 'design': handled = common_views.common_design_update(request, view.nick) if handled: return handled full_page = 'Look and Feel' elif page == 'notifications': email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get('email_notify', False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) mobile = api.mobile_get_actor(request.user, request.user.nick) sms_notify = view.extra.get('sms_notify', False) sms_confirm = sms_notify and not view.extra.get('sms_confirmed', False) # TODO(termie): remove this once we can actually receive sms sms_confirm = False elif page == 'profile': # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == 'photo': avatars = display.DEFAULT_AVATARS small_photos = api.image_get_all_keys(request.user, view.nick, size='f') # TODO(tyler): Fix this avatar nonsense! own_photos = [{ 'path': small_photo.key().name(), 'name': small_photo.key().name()[len('image/'):-len('_f.jpg')], } for small_photo in small_photos] elif page == 'privacy': PRIVACY_PUBLIC = api.PRIVACY_PUBLIC PRIVACY_CONTACTS = api.PRIVACY_CONTACTS elif page == 'jsbadge': full_page = 'Javascript Badges' elif page == 'badge': badges = [ { 'id': 'badge-stream', 'width': '200', 'height': '300', 'src': '/themes/%s/badge.swf' % settings.DEFAULT_THEME, 'title': 'Stream', }, { 'id': 'badge-map', 'width': '200', 'height': '255', 'src': '/themes/%s/badge-map.swf' % settings.DEFAULT_THEME, 'title': 'Map', }, { 'id': 'badge-simple', 'width': '200', 'height': '200', 'src': '/themes/%s/badge-simple.swf' % settings.DEFAULT_THEME, 'title': 'Simple', }, ] elif page in ['password', 'delete']: # Catch for remaining pages before we generate a 404. pass else: return common_views.common_404(request) # rendering c = template.RequestContext(request, locals()) t = loader.get_template('actor/templates/settings_%s.html' % page) return http.HttpResponse(t.render(c))