def inviteusers_POST(self,id=0): """ admin is sending out a number of invites to users """ raise Exception("not implemented") if 'emails' in self.request.arguments: emails = self.get_argument("emails") delay = 4 from demisauce.lib import scheduler for email in emails.split(','): email = email.strip().lower() user = Person.by_email(self.user.site_id,email) if user is None: user = Person(site_id=c.site_id,email=email, displayname=email) user.save() #send emails url2 = urllib.quote_plus('/user/viewh/%s' % (user.hashedemail)) dnew = {} dnew['link'] = '%s/user/verify?unique=%s&node=%s&return_url=%s' %\ (base_url(),user.user_uniqueid,user.id,url2) dnew['from'] = self.user.displayname a = Activity(site_id=user.site_id,person_id=user.id,activity='sending email invite') a.ip = self.request.remote_ip a.ref_url = 'account admin invite' a.category = 'account' a.save() scheduler.add_interval_task(send_emails,0,('invitation_to_demisauce',[user.email],dnew) , initialdelay=delay) delay += 3 return 'from form %s' % emails return 'error'
def googleauth(self,id=0): """ User is coming in from google, should have an auth token """ # NEED SITE???? Or does that not make sense? import gdata import gdata.contacts import gdata.contacts.service authsub_token = self.get_argument("token") log.info('calling gdata_authsubtoke = %s' % (authsub_token)) #TODO: upgrade to gdata 1.2+ which breaks this gd_client = gdata.contacts.service.ContactsService() gd_client.auth_token = authsub_token gd_client.UpgradeToSessionToken() query = gdata.contacts.service.ContactsQuery() query.max_results = 2 feed = gd_client.GetContactsFeed(query.ToUri()) email = feed.author[0].email.text name = feed.author[0].name.text user = meta.DBSession.query(Person).filter_by( email=email.lower()).first() if not user: user = Person(site_id=1,email=email,displayname=name) user.authn = 'google' user.save() log.info('creating a google user') self.set_current_user(user,is_authenticated = True,islogon=True) expires_seconds = 60*60*24*31 self.set_cookie('dsuserkey', user.user_uniqueid,expires_days=31) if 'url' in self.request.arguments: url = request.GET['url'] self.redirect(str(url)) self.render('/comment/comment_login.html')
def view(self,id=0): if not self.user: self.redirect('/') if self.user.issysadmin and id > 0: person = Person.get(-1,id) elif id > 0: person = Person.get(self.user.site_id,id) return self._view(person,True)
def edit_POST(self, id=0): """ User has selected to change site config info """ site = Site.get(-1, self.get_argument("id")) form = SiteForm(QueryDict(self.request.arguments)) if form and site and form.validate(): if site is None: self.add_error("We experienced an error, please try again") else: site.name = form.name.data log.debug("description pre sanitize = %s" % form.description.data) site.description = sanitize.sanitize(form.description.data) site.email = form.email.data site.slug = self.get_argument("real_permalink") # TODO, check uniqueness site.public = bool(form.public.data) site.base_url = form.base_url.data site.site_url = form.site_url.data site.save() # refresh session store user = Person.get(self.user.site_id, self.user.id) self.set_current_user(user) self.add_alert("Site settings were updated") else: log.error(form.errors) log.error("There was an Error site=%s form.data%s" % (site, form.data)) self.add_error("There was an Error") return self.render("/site/site_edit.html", item=site, form=form) return self.redirect("/site/view?msg=Site+Updated")
def pre_init_user(self): """A push to pre-initiate session (step 1) optional body of json to add/update user""" user = None user_dict = {} if self.request.method == 'POST': if self.is_json_post(): user_dict = json.loads(self.request.body) else: user_dict = self.args_todict() log.debug("Loaded data user_dict=%s" % user_dict) self.action_get_object(self.id, user_dict) if not self.object: log.debug("creating new user, not found %s dict=%s" % (self.id,user_dict)) self.object = Person(site_id=self.site.id,foreign_id=self.id) if self.object: self.object.from_dict(user_dict,allowed_keys=Person._allowed_api_keys) self.object.save() if hasattr(self.object,'is_new') and self.object.is_new: self._queue_actions.update({'new_user':{'user_id':self.object.id}}) else: self.action_get_object(self.id) if self.object: user_key = self.object.id log.debug("setting cache = %s, %s" % (str(user_key),self.site.key)) self.db.cache.set(str(user_key),self.site.key,120) # 2 minutes only site_key = self.db.cache.get(str(user_key)) log.debug("site_key, self.site.key = %s, %s" % (site_key, self.site.key)) assert site_key == self.site.key self.qry = [self.object]
def interest(self,id=0): """ User has selected to enter an email to be on waitinglist """ log.debug(self.request.arguments) form = SignupForm(QueryDict(self.request.arguments)) log.debug(form.data) if 'email' in self.request.arguments and form.validate(): user = meta.DBSession.query(Person).filter_by( email=self.get_argument("email").lower()).first() if user is None: new_email = form.email.data.lower() site = Site(name=new_email,email=new_email) site.save() user = Person(site_id=site.id,email=new_email, displayname=new_email) user.slug = user.hashedemail user.save() a = Activity(site_id=user.site_id,person_id=user.id,activity='Signup Interest Form') #a.ref_url = 'comment url' a.ip = self.request.remote_ip a.category = 'account' a.save() link = '%s/user/verify?unique=%s&node=%s&return_url=%s' %\ (options.base_url, user.user_uniqueid, user.id, urllib.quote_plus('/user/viewh/%s' % (user.hashedemail))) json_dict = { 'emails':[user.email], 'template_name':'thank_you_for_registering_with_demisauce', 'template_data':{ 'link':link, 'displayname':user.displayname, 'email':user.email, 'title':'welcome' } } self.db.gearman_client.do_task(Task("email_send",json.dumps(json_dict), background=True)) self.add_alert("Thank You!") self.redirect("/") return self.render('/user/signup.html',form=form)
def get_current_user(self): """get current user""" if not hasattr(self, "_current_user") or self.get_argument("reload", None): # log.debug("get_current_user: no _current_user attr, finding") user_cookie = self.get_secure_cookie("dsuser") if not user_cookie: return None self._user_json = tornado.escape.json_decode(user_cookie) if "id" not in self._user_json: return None if self.get_argument("reload", None): redis_user_json = None else: # log.debug("get_current_user: found cookie, getting user from cache") redis_user_json = self.db.redis.get("DS-person-%s" % self._user_json["id"]) if not redis_user_json: p = None if self.get_cookie("dsu", None): p = Person.by_unique(self.get_cookie("dsu").lower()) elif self.get_cookie("dsuserkey", None): p = Person.by_unique(self.get_cookie("dsuserkey").lower()) if p: self.set_current_user(p, islogon=False) redis_user_json = p.to_json() # make sure current_user returned is NOT an SA Person obj, but pure json derived if redis_user_json: p = Person() self._current_user = p.from_json(redis_user_json) else: self._current_user = None log.error("Critical error get_current_user() no redis_user_json user_json=%s" % self._user_json) # log.debug(self._user_json) if not self._current_user: return None # set is authenticated/not flag, make sure not to persist this other than cookie if "is_authenticated" in self._user_json: self._current_user.is_authenticated = self._user_json["is_authenticated"] else: self._current_user.is_authenticated = False return self._current_user
def validate(self,id="0"): 'for validating' if self.user and self.user.is_authenticated: user = Person.saget(self.user.id) if isinstance(user.extra_json,(dict)) and 'wordpress_user_id' in user.extra_json: self.write(user.extra_json['wordpress_user_id']) log.debug(user.extra_json['wordpress_user_id']) self.set_status(200) else: self.set_status(403)
def index(self,id=''): if id > 0: person = Person.get(self.user.site_id,id) activities = Activity.activity_by_person(self.user.site_id,id) activities_by_day = Activity.stats_by_person(self.user.site_id,id) categories = Activity.categories(self.user.site_id,id) return self.render('/activity.html',person=person,activities=activities, activities_by_day=activities_by_day,categories=categories) else: self.write("no id? %s" % id)
def object_load_dict(self,o,data_dict): 'http post handle args' if 'post_type' in data_dict: o.post_type = data_dict['post_type'] data_dict.pop('post_type') if 'demisauce_id' in data_dict: o.person_id = int(data_dict['demisauce_id']) data_dict.pop('demisauce_id') p = Person.get(self.site.id,o.person_id) o.displayname = p.displayname return data_dict
def account_edit(self,id=0): """ User has selected to update profile """ if self.user and self.has_args('email','id'): id = int(self.get_argument('id')) if id == self.user.id or self.user.isadmin: user = Person.get(self.user.site_id,id) user.displayname = self.get_argument('displayname') user.set_email(self.get_argument('email')) user.url = self.get_argument('url') user.save() if id == self.user.id: self.set_current_user(user) self.render('/user/settings.html',person=user)
def init_user(self): # Need site? ds_id = self.id site_key = self.db.cache.get(str(ds_id)) log.debug("init_user ds_id,site_key = %s = %s" % (ds_id,site_key)) if site_key: site = Site.by_apikey(str(site_key)) if site: user = Person.get(site.id,ds_id) if not user: log.error("user not found? id = %s" % ds_id) else: log.error("no site? %s" % ds_id) self.set_current_user(user,is_authenticated = True) log.debug("tried to init_user succeeded") self.set_status(204) # succuess, no content else: log.error("tried to init_user failed ds_id = %s, url=%s" % (ds_id,self.request.full_url())) self.set_status(400) self.write("{'status':'failure'}")
def action_get_object(self,id, data_dict = {}): if isinstance(self.id,int) and self.id > 0: #meta.DBSession.close() #meta.DBSession() self.object = Person.get(self.site.id,self.id) if not self.object: # ?? self.object = Person.by_foreignid(self.site.id,self.id) elif isinstance(self.id,int) and self.id == 0 and 'email' in data_dict: self.object = Person.by_email(self.site.id,data_dict['email'].lower()) elif 'foreign_id' in data_dict: self.object = Person.by_foreignid(self.site.id,data_dict['foreign_id']) else: id = urllib.unquote_plus(self.id) if mailsrch.match(id): self.object = Person.by_email(self.site.id,id) else: self.object = Person.by_hashedemail(self.site.id,id) log.debug('getting by hashed/email: %s, %s' % (id, self.object)) if self.object: self.qry = [self.object]
def view_mini(self,id=0): person = None if id > 0: person = Person.get(self.user.site_id,id) self.render('/user/profile_mini.html',person=person)
class PersonApiHandler(ApiSecureHandler): object_cls = Person def after_save(self,data_dict): if hasattr(self.object,'is_new') and self.object.is_new: self._queue_actions.update({'new_user':{'user_id':self.object.id}}) def object_load_dict(self,o,data_dict): 'http post handle args' if 'attributes' in data_dict: attr_list = [] if isinstance(data_dict['attributes'],list): attr_list = data_dict['attributes'] elif isinstance(data_dict['attributes'],dict): attr_list = [data_dict['attributes']] for attr in attr_list: object_type = "attribute" if not 'object_type' in attr else attr['object_type'] category = "attribute" if not 'category' in attr else attr['category'] encoding = 'str' if not 'encoding' in attr else attr['encoding'] o.add_attribute(attr['name'],attr['value'],object_type=object_type, encoding=encoding,category=category) data_dict.pop('attributes') if 'delete_attributes' in data_dict: for attr in data_dict['delete_attributes']: ua = o.get_attribute(attr['name']) log.debug('deletting attribute = id=%s, name=%s' % (ua.id, ua.name)) ua.delete() data_dict.pop('delete_attributes') return data_dict def change_email(self): self.handle_post() def delete_by_get(self): self.action_get_object(self.id) if self.object and hasattr(self.object,'delete'): url = self.request.full_url() log.debug("DELETE id=%s for url=%s" % (self.id,url)) self.object.delete() cache.cache.delete(cache.cache_key(url)) self.object = None self.qry = [] self.set_status(204) else: log.error("not found? %s, %s" % (self.noun, self.id)) def action_get_object(self,id, data_dict = {}): if isinstance(self.id,int) and self.id > 0: #meta.DBSession.close() #meta.DBSession() self.object = Person.get(self.site.id,self.id) if not self.object: # ?? self.object = Person.by_foreignid(self.site.id,self.id) elif isinstance(self.id,int) and self.id == 0 and 'email' in data_dict: self.object = Person.by_email(self.site.id,data_dict['email'].lower()) elif 'foreign_id' in data_dict: self.object = Person.by_foreignid(self.site.id,data_dict['foreign_id']) else: id = urllib.unquote_plus(self.id) if mailsrch.match(id): self.object = Person.by_email(self.site.id,id) else: self.object = Person.by_hashedemail(self.site.id,id) log.debug('getting by hashed/email: %s, %s' % (id, self.object)) if self.object: self.qry = [self.object] def json_formatter(self,o): if o: return o.to_dict_api() return None def action_get_list(self,q=None): if q: qry = self.db.session.query(Person).filter(and_( Person.name.like('%' + q + '%'),Person.is_anonymous==1)) else: qry = self.db.session.query(Person).filter(and_(Person.site_id==self.site.id)) self.qry = qry def pre_init_user(self): """A push to pre-initiate session (step 1) optional body of json to add/update user""" user = None user_dict = {} if self.request.method == 'POST': if self.is_json_post(): user_dict = json.loads(self.request.body) else: user_dict = self.args_todict() log.debug("Loaded data user_dict=%s" % user_dict) self.action_get_object(self.id, user_dict) if not self.object: log.debug("creating new user, not found %s dict=%s" % (self.id,user_dict)) self.object = Person(site_id=self.site.id,foreign_id=self.id) if self.object: self.object.from_dict(user_dict,allowed_keys=Person._allowed_api_keys) self.object.save() if hasattr(self.object,'is_new') and self.object.is_new: self._queue_actions.update({'new_user':{'user_id':self.object.id}}) else: self.action_get_object(self.id) if self.object: user_key = self.object.id log.debug("setting cache = %s, %s" % (str(user_key),self.site.key)) self.db.cache.set(str(user_key),self.site.key,120) # 2 minutes only site_key = self.db.cache.get(str(user_key)) log.debug("site_key, self.site.key = %s, %s" % (site_key, self.site.key)) assert site_key == self.site.key self.qry = [self.object] def options(self,site_slug='',format='json'): log.debug("in person api OPTIONS")