def put(self, guid):
if helpers.authorized(self.request.params['UUID'], self.request.params['authToken'], self.request.params['action']):
key = db.Key.from_path('User', int(guid))
user = db.get(key)
if not user == None:
user_json = simplejson.loads(self.request.body)
# if user password hasn't been modified by GUI keep it the same as what is in the database
if user_json['password'] == "password":
user_json['password'] = user.password
status = user_json.get('status')
being_deleted = (status != None and status == 'deleted')
if being_deleted or helpers.is_login_name_valid(user_json['loginName'], user):
# Prevent non-Managers from changing their role
currentUserId = self.request.params['UUID']
cukey = db.Key.from_path('User', int(currentUserId))
cuser = db.get(cukey)
if str(user.role) != user_json['role'] and str(cuser.role) != "_Manager":
user_json['role'] = str(user.role)
helpers.report_unauthorized_access(self.response)
user = helpers.apply_json_to_model_instance(user, user_json)
user.put()
if user.password != None and len(user.password) != 0:
user_json['password'] = "******"
self.response.headers['Content-Type'] = 'application/json'
self.response.out.write(simplejson.dumps(user_json))
else:
helpers.report_invalid_login_name(self.response)
else:
helpers.report_missing_record(self.response)
else:
helpers.report_unauthorized_access(self.response)
def put(self, guid):
if helpers.authorized(self.request.params['UUID'], self.request.params['authToken'], self.request.params['action']):
key = db.Key.from_path('Comment', int(guid))
comment = db.get(key)
if not comment == None:
comment_json = simplejson.loads(self.request.body)
comment = helpers.apply_json_to_model_instance(comment, comment_json)
comment.put()
self.response.headers['Content-Type'] = 'application/json'
self.response.out.write(simplejson.dumps(comment_json))
else:
helpers.report_missing_record(self.response)
else:
helpers.report_unauthorized_access(self.response)
def post(self):
userId = self.request.params['UUID']
key = db.Key.from_path('User', int(userId))
user = db.get(key)
if user != None:
if user.authToken == self.request.params['authToken']:
# clear out authentication token to indicate user was logged out
user.authToken = None
user.put()
self.response.set_status(200, "User logged out")
self.response.headers['Content-Type'] = 'application/json'
self.response.out.write(simplejson.dumps({ "message": 'Logout successful'}))
else:
helpers.report_unauthorized_access(self.response)
else:
helpers.report_missing_record(self.response)
def put(self, guid):
if helpers.authorized(self.request.params['UUID'], self.request.params['authToken'], self.request.params['action']):
key = db.Key.from_path('Task', int(guid))
task = db.get(key)
if task != None:
# cache current values before updates
taskName = task.name
taskType = task.type
taskPriority = task.priority
taskStatus = task.developmentStatus
taskValidation = task.validation
taskSubmitterId = task.submitterId
taskAssigneeId = task.assigneeId
taskEffort = task.effort
taskProjectId = task.projectId
taskDescription = task.description
task_json = simplejson.loads(self.request.body)
wantsNotifications = {"true": True, "false": False}.get(self.request.params['notify'].lower())
task = helpers.apply_json_to_model_instance(task, task_json)
# ensure Guest-created tasks are unallocated
currentUserId = self.request.params['UUID']
cukey = db.Key.from_path('User', int(currentUserId))
user = db.get(cukey)
if str(user.role) == '_Guest' and task_json.has_key('projectId') == True and task_json['projectId'] != None:
taskProjectId = task.projectId = None
task.put()
# Push notification email on the queue if we need to notify
action = "deleteTask" if task.status == "deleted" else "updateTask"
if notification.should_notify(currentUserId, task, wantsNotifications):
taskqueue.add(url='/mailer', params={'taskId': int(guid), 'currentUUID': self.request.params['UUID'], 'action': action, 'name': taskName, 'type': taskType, 'priority': taskPriority, 'status': taskStatus, 'validation': taskValidation, 'submitterId': taskSubmitterId, 'assigneeId': taskAssigneeId, 'effort': taskEffort, 'projectId': taskProjectId, 'description': taskDescription})
self.response.headers['Content-Type'] = 'application/json'
self.response.out.write(simplejson.dumps(task_json))
else:
helpers.report_missing_record(self.response)
else:
helpers.report_unauthorized_access(self.response)
