def call_api_from_request(request, api_call): """Call an API function 'api_call' if it's present in the request parameters. The first parameter to the API call is always the logged-in user. The rest of the parameters may come in two forms: api_call_name=first_param& ... rest of params or api_call_name=& ... rest of params rest_of_params is always turned into Python keyword arguments. If the api_call_name has a value, that is turned into Python positional params. RETURNS: (False, None) if it isn't or the call throws an exception, (True, return value from call) otherwise. """ # TODO(termie): make this only accept POST once we update javascript # to turn the links into POSTs for request_dict in (request.POST, request.GET): if api_call in request_dict: # debug logging.info(">>> CALL: %s", str(api_call)) # end debug call = getattr(api, api_call) try: validate.nonce(request, api_call) confirm_msg = messages.confirmation(api_call) # debug # logging.info(">>> MESSAGE : %s", str(confirm_msg)) # end debug if not confirm_msg is None: validate.confirm_dangerous( request, messages.confirmation(api_call)) kwparams = util.query_dict_to_keywords(request_dict) # debug logging.info(">>> KWPARAMS: %s", str(kwparams)) # end debug if '' in kwparams: del kwparams[''] first_param = kwparams.pop(api_call, '') params = list() if len(first_param): params = (first_param,) validate.nonce(request, api_call) kwparams.pop('_nonce') kwparams.pop('confirm', None) kwparams.pop('redirect_to', None) # debug logging.info("##### CALL: %s", str((params, kwparams))) # end debug return (True, call(request.user, *params, **kwparams)) except: exception.handle_exception(request) return (False, None)
def call_api_from_request(request, api_call): """Call an API function 'api_call' if it's present in the request parameters. The first parameter to the API call is always the logged-in user. The rest of the parameters may come in two forms: api_call_name=first_param& ... rest of params or api_call_name=& ... rest of params rest_of_params is always turned into Python keyword arguments. If the api_call_name has a value, that is turned into Python positional params. RETURNS: (False, None) if it isn't or the call throws an exception, (True, return value from call) otherwise. """ # TODO(termie): make this only accept POST once we update javascript # to turn the links into POSTs for request_dict in (request.POST, request.GET): if api_call in request_dict: call = getattr(api, api_call) try: validate.nonce(request, api_call) confirm_msg = messages.confirmation(api_call) if not confirm_msg is None: validate.confirm_dangerous(request, messages.confirmation(api_call)) kwparams = util.query_dict_to_keywords(request_dict) if '' in kwparams: del kwparams[''] first_param = kwparams.pop(api_call, '') params = list() if len(first_param): params = (first_param, ) validate.nonce(request, api_call) kwparams.pop('_nonce') kwparams.pop('confirm', None) kwparams.pop('redirect_to', None) return (True, call(request.user, *params, **kwparams)) except: exception.handle_exception(request) return (False, None)
def common_photo_upload(request, success="/", nick=None): if not nick: nick = request.user.nick if request.FILES: try: # we're going to handle a file upload, wee validate.nonce(request, 'change_photo') img = request.FILES.get('imgfile') if not img: raise exception.ValidationError('imgfile must be set') validate.avatar_photo_size(img) img_url = api.avatar_upload(request.user, nick, img.read()) api.avatar_set_actor(request.user, nick, img_url) return util.RedirectFlash(success, "Avatar uploaded") except: exception.handle_exception(request) elif 'avatar' in request.POST: try: validate.nonce(request, 'change_photo') avatar_path = request.POST.get('avatar') if not avatar_path: raise exception.ValidationError('avatar must be set') rv = api.avatar_set_actor(request.user, nick, avatar_path) if not rv: raise exception.ValidationError('failed to set avatar') return util.RedirectFlash(success, "Avatar changed") except: exception.handle_exception(request) if 'delete' in request.REQUEST: try: validate.nonce(request, 'delete_photo') validate.confirm_dangerous(request, 'Delete your photo?') rv = api.avatar_clear_actor(request.user, nick) return util.RedirectFlash(success, "Avatar deleted") except: exception.handle_exception(request)