def moderate(user_hash, locale=None):
"""
Return all the reviews on the server the user can moderate.
"""
try:
db = ReviewsDatabase(os.environ)
db.event_info(_get_client_address(), user_hash, None,
"getting moderatable reviews")
reviews = db.review_get_all()
except CursorError as e:
return json_error(str(e))
# only return reviews the user has not already voted on
items_new = []
for review in reviews:
if locale and not _locale_is_compatible(review.locale, locale):
continue
if not db.vote_exists(review.review_id, user_hash):
item = review.__dict__
item['user_skey'] = _get_user_key(user_hash, review.app_id)
items_new.append(item)
dat = json.dumps(items_new,
sort_keys=True,
indent=4,
separators=(',', ': '))
return Response(response=dat,
status=200, \
mimetype="application/json")
def app(app_id, user_hash=None):
"""
Return details about an application.
"""
try:
db = ReviewsDatabase(os.environ)
db.event_info(_get_client_address(), user_hash, app_id, "getting")
reviews = db.review_get_for_app_id(app_id)
except CursorError as e:
return json_error(str(e))
# add key if user_hash specified
items_new = []
for review in reviews:
if review.reported > 0:
continue
item = review.__dict__
if user_hash:
item['user_skey'] = _get_user_key(user_hash, review.app_id)
items_new.append(item)
dat = json.dumps(items_new,
sort_keys=True,
indent=4,
separators=(',', ': '))
return Response(response=dat,
status=200, \
mimetype="application/json")
def remove():
"""
Remove a review.
"""
try:
item = json.loads(request.data.decode('utf8'))
except ValueError as e:
return json_error(str(e))
for key in ['review_id', 'app_id', 'user_hash', 'user_skey']:
if not key in item:
return json_error('invalid data, required %s' % key)
if item[key] is None:
return json_error('missing data, expected %s' % key)
# check format
if not len(item['user_hash']) == 40:
return json_error('the user_hash is invalid')
if not len(item['user_skey']) == 40:
return json_error('the user_skey is invalid')
# connect to database early
try:
db = ReviewsDatabase(os.environ)
except CursorError as e:
return json_error(str(e))
if item['user_skey'] != _get_user_key(item['user_hash'], item['app_id']):
db.event_warn(_get_client_address(), item['user_hash'], None,
"invalid user_skey of %s" % item['user_skey'])
return json_error('invalid user_skey')
try:
# the user already has a review
db.review_remove(item['review_id'], item['user_hash'])
db.event_info(_get_client_address(), item['user_hash'], item['app_id'],
"removed review")
except CursorError as e:
return json_error(str(e))
return json_success('removed review #%i' % item['review_id'])
def all(user_hash=None):
"""
Return all the reviews on the server as a JSON object.
"""
try:
db = ReviewsDatabase(os.environ)
db.event_info(_get_client_address(), user_hash, None,
"getting all reviews")
reviews = db.review_get_all()
except CursorError as e:
return json_error(str(e))
# the user specified a user_hash
if user_hash:
for review in reviews:
if review.reported > 0:
continue
item = review.__dict__
item['user_skey'] = _get_user_key(user_hash, review.app_id)
dat = json.dumps(reviews, sort_keys=True, indent=4, separators=(',', ': '))
return Response(response=dat,
status=200, \
mimetype="application/json")
def vote(val):
"""
Up or downvote an existing review by @val karma points.
"""
try:
item = json.loads(request.data.decode('utf8'))
except ValueError as e:
return json_error(str(e))
for key in ['review_id', 'app_id', 'user_hash', 'user_skey']:
if not key in item:
return json_error('invalid data, required %s' % key)
if item[key] is None:
return json_error('missing data, expected %s' % key)
# check format
if not len(item['user_hash']) == 40:
return json_error('the user_hash is invalid')
if not len(item['user_skey']) == 40:
return json_error('the user_skey is invalid')
# connect to database early
try:
db = ReviewsDatabase(os.environ)
except CursorError as e:
return json_error(str(e))
if item['user_skey'] != _get_user_key(item['user_hash'], item['app_id']):
db.event_warn(_get_client_address(), item['user_hash'], None,
"invalid user_skey of %s" % item['user_skey'])
#print("expected user_skey of %s" % _get_user_key(item['user_hash'], item['app_id']))
return json_error('invalid user_skey')
try:
# the user already has a review
if db.vote_exists(item['review_id'], item['user_hash']):
db.event_warn(_get_client_address(), item['user_hash'],
item['app_id'], "duplicate vote")
return json_error('already voted on this app')
# update the per-user karma
user = db.user_get_by_hash(item['user_hash'])
if not user:
db.user_add(item['user_hash'])
else:
# user is naughty
if user.is_banned:
return json_error('account has been disabled due to abuse')
# the user is too harsh
if val < 0 and user.karma < -50:
return json_error('all negative karma used up')
db.user_update_karma(item['user_hash'], val)
# add the vote to the database
db.vote_add(item['review_id'], val, item['user_hash'])
db.event_info(_get_client_address(), item['user_hash'], item['app_id'],
"voted %i on review" % val)
except CursorError as e:
return json_error(str(e))
return json_success('voted #%i %i' % (item['review_id'], val))
def submit():
"""
Submits a new review.
"""
try:
item = json.loads(request.data.decode('utf8'))
except ValueError as e:
return json_error(str(e))
required_fields = [
'app_id', 'locale', 'summary', 'description', 'user_hash', 'version',
'distro', 'rating', 'user_display'
]
for key in required_fields:
if not key in item:
return json_error('invalid data, expected %s' % key)
if item[key] is None:
return json_error('missing data, expected %s' % key)
# check format
if not len(item['user_hash']) == 40:
return json_error('the user_hash is invalid')
# check fields for markup and length
if not item['app_id'].endswith('.desktop'):
return json_error('only applications can be reviewed at this time')
if len(item['summary']) > 70:
return json_error('summary is too long')
if len(item['description']) > 3000:
return json_error('description is too long')
for key in ['summary', 'description']:
if not _check_str(item[key]):
return json_error('%s is not a valid string' % key)
try:
db = ReviewsDatabase(os.environ)
# user has already reviewed
if db.review_exists(item['app_id'], item['user_hash']):
db.event_warn(_get_client_address(), item['user_hash'],
item['app_id'], "already reviewed")
return json_error('already reviewed this app')
# check user has not been banned
user = db.user_get_by_hash(item['user_hash'])
if user and user.is_banned:
return json_error('account has been disabled due to abuse')
# create new
review = OdrsReview()
review.app_id = item['app_id']
review.locale = item['locale']
review.summary = item['summary']
review.description = item['description']
review.user_hash = item['user_hash']
review.version = item['version']
review.distro = item['distro']
review.rating = item['rating']
# check if valid
user_display_ignore = ['root', 'Live System User', 'Unknown']
if item['user_display'] not in user_display_ignore:
review.user_display = item['user_display']
# log and add
db.event_info(_get_client_address(), review.user_hash, review.app_id,
"reviewed")
db.review_add(review, _get_client_address())
except CursorError as e:
return json_error(str(e))
return json_success()
