Пример #1
0
    def post(self):
        oauth_verifier = self.request.get("oauth_verifier",
                default_value="None")
        user_identifier = self.request.get("user_identifier", default_value="")

        if not oauth_verifier == "":
            key_verifier = "oauth_verifier_" + oauth_verifier
            twitter_user_data = memcache.get(key_verifier)
            if not twitter_user_data == None:
                # Checks if the username was stored previously
                stored_credentials = ndb_pb.searchToken(twitter_user_data["token_id"], "twitter")
                if not stored_credentials == None:
                    # We store the new set of credentials
                    user_key = ndb_pb.modifyToken(twitter_user_data["token_id"],
                            twitter_user_data["access_token"], "twitter")
                    user_id = ndb_pb.getUserId(user_key)
                    session_id = self.login(user_key)

                    # Gets the user_id to generate the user cookie
                    user_id = ndb_pb.getUserId(user_key)
                    
                    # Returns the session, social_network and user cookie
                    self.response.set_cookie("session", session_id,
                            path="/", domain=domain, secure=True)
                    self.response.set_cookie("social_network",
                            value="twitter", path="/", domain=domain,
                            secure=True)
                    self.response.set_cookie("user",
                            value=user_id, path="/", domain=domain,
                            secure=True)

                    # Builds the response
                    response = {"status": "User logged successfully", "user_id": user_id}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(200)
                else:
                    response = \
                    {"error": "The token_id provided does not belong to a registered user in the system. Consider perform a signup request instead"}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(400)
            else:
                response = \
                    {"error": "There isn\"t any session in the system for the oauth_verifier value specified"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(404)
        else:
            response = \
                {"error": "You must specify a value for the oauth_verifier param in the request"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(400)
Пример #2
0
    def post_login(self, social_network):
        try:
            # We get the params from the POST data
            access_token = self.request.POST["access_token"]
            token_id = self.request.POST["token_id"]

            # Checks if the username was stored previously
            stored_credentials = ndb_pb.searchToken(token_id,
                    social_network)
            if not stored_credentials == None:
                # We store the new set of credentials
                user_key = ndb_pb.modifyToken(token_id,
                        access_token, social_network)
                user_id = ndb_pb.getUserId(user_key)
                session_id = self.login(user_key)

                # Gets the user_id to generate the user cookie
                user_id = ndb_pb.getUserId(user_key)
                # Returns the session cookie
                self.response.set_cookie("session", session_id, path="/", domain=domain, secure=True)
                self.response.set_cookie("social_network", social_network, path="/", domain=domain, secure=True)
                self.response.set_cookie("user", user_id, path="/", domain=domain, secure=True)

                # Builds the response
                response = {"status": "User logged successfully", "user_id": user_id}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(200)
            else:
                response = \
                {"error": "The token_id provided does not belong to any user in the system. Consider perform a signup request instead"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(400)
        except KeyError:
            response = \
                {"error": "You must provide a valid pair of access_token and token_id in the request"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(400)
Пример #3
0
    def get_credentials(self, social_network, token_id):
        cookie_value = self.request.cookies.get("session")
        # Obtains info related to the user authenticated in the system
        if not cookie_value == None:
            logged_user = self.getUserInfo(cookie_value)
            # Searchs for user"s credentials
            if not logged_user == None:
                # Obtains user info
                logged_user_id = ndb_pb.getUserId(logged_user)

                # Obtains user credentials
                user_credentials = ndb_pb.getToken(token_id, social_network)
                if not user_credentials == None:
                    if user_credentials["user_id"] == logged_user_id:
                        response = \
                            {"user_id": user_credentials["user_id"],
                            "access_token": user_credentials["token"]}
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(response))
                        self.response.set_status(200)
                    else:
                        response = {"user_id": user_credentials["user_id"]}
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(response))
                        self.response.set_status(200)
                else:
                    response = \
                        {"error": "The active user does not have a pair of token_id" \
                         + " and access_token in " + social_network + " stored in the system"}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(404)
            else:
                response = \
                {"error": "The cookie session provided does not belongs to any active user"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(400)       
        # If we don't provide a cookie in the request, we search for the token in the system
        # and return a 200 o 404 status. It is a request included in the login flow of the system
        else:
            user_credentials = ndb_pb.getToken(token_id,social_network)
            if not user_credentials == None:
                response = {"user_id": user_credentials["user_id"]}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(200)   
            else:
                response =  {"error": "Token not found in the system"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(404)
Пример #4
0
 def get(self, user_id):
   cookie_value = self.request.cookies.get("session")
   component_info = self.request.get("component_info", default_value="reduced")
   if not cookie_value == None:
     # Obtains info related to the user authenticated in the system
     user_logged_key = self.getUserInfo(cookie_value)
     if not user_logged_key == None:
       # Obtains the info related to the resource requested
       component_detailed_info = True if component_info == "detailed" else False
       user_info = ndb_pb.getUser(user_id, component_detailed_info)
       if user_info == None:
         self.response.content_type = "application/json"
         self.response.write(json.dumps({"error": "The user requested does not exist"}))
         self.response.set_status(404)
       else:
         # Obtains the user_id to check if the user active is the resource owner
         user_logged_id = ndb_pb.getUserId(user_logged_key)
         # Depending on the user making the request, the info returned will be one or another
         if user_id == user_logged_id:
           self.response.content_type = "application/json"
           self.response.write(json.dumps(user_info))
           self.response.set_status(200)
         else:
           user_dict = {"user_id": user_info["user_id"],
                         "description": user_info["description"],
                         "image": user_info["image"],
                         "website": user_info["website"],
                         "networks": user_info["nets"],
                         "components": user_info["components"]}
           if user_info["private_email"] == False:
             user_dict["email"] = user_info["email"]
           if user_info["private_phone"] == False:
             user_dict["phone"] = user_info["phone"]
           self.response.content_type = "application/json"
           self.response.write(json.dumps(user_dict))
           self.response.set_status(200)
     else:
       self.response.content_type = "application/json"
       self.response.write(json.dumps({"error": "The session cookie header does not belong to an active user in the system"}))
       self.response.set_status(400)
   
   # If the request doesn't come along a cookie, we search for the user_id in the system
   # (We only return an object verifying that the user_id requested exists in the system)
   else:
     self.response.content_type = "application/json"
     user = ndb_pb.getUser(user_id)
     if not user == None:
       self.response.set_status(200)
     else:
       self.response.write(json.dumps({"error": "User not found in the system"}))
       self.response.set_status(404)
Пример #5
0
    def post_credentials(self, social_network):
        cookie_value = self.request.cookies.get("session")
        if not cookie_value == None:
            user = self.getUserInfo(cookie_value)
            if not user == None:
                try:
                    # Gets the data from the request form
                    access_token = self.request.POST["access_token"]
                    token_id = self.request.POST["token_id"]

                    # Checks if the username was stored previously
                    stored_credentials = ndb_pb.getToken(token_id,
                            social_network)
                    if stored_credentials == None:
                        # Adds the token to the user credentials list
                        ndb_pb.insertToken(user, social_network, access_token, token_id)
                        #Builds the response
                        user_id = ndb_pb.getUserId(user)
                        response = {"user_id": user_id}
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(response))    
                        self.response.set_status(201)
                    else:
                        # We update the user credentials
                        user_id = ndb_pb.modifyToken(token_id, access_token,
                                social_network)
                        # Builds the response
                        response = {"user_id": stored_credentials["user_id"]}
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(response))    
                        self.response.set_status(200)
                except KeyError:
                    response = \
                        {"error": "You must provide a valid pair of access_token and token_id in the request"}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(400)
            else:
                response = \
                    {"error": "The cookie session provided does not belongs to any active user"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(400)
        else:
            response = \
                {"error": "You must provide a session cookie"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(401)
Пример #6
0
 def delete_credentials(self, social_network, token_id):
     cookie_value = self.request.cookies.get("session")
     if not cookie_value == None:
         # Searchs for user"s credentials
         logged_user_key = self.getUserInfo(cookie_value)
         if not logged_user_key == None:
             logged_user_id = ndb_pb.getUserId(logged_user_key)
             token = ndb_pb.getToken(token_id, social_network)
             if not token == None:
                 token_owner_id = token['user_id']
                 if logged_user_id == token_owner_id:
                     # Deletes the token from the user
                     token_deleted = ndb_pb.deleteCredentials(logged_user_key, social_network, token_id)
                     if token_deleted:
                         response = \
                             {"status": "Credentials deleted successfully"}
                         self.response.content_type = "application/json"
                         self.response.write(json.dumps(response))
                         self.response.set_status(204)
                     else:
                         response = \
                             {"error": "This token cannot be deleted, because it is being used as the only token " + \
                              "to perform the login action in the system"}
                         self.response.content_type = "application/json"
                         self.response.write(json.dumps(response))
                         self.response.set_status(403)
                 else:
                     response = \
                         {"error": "You do not have permissions to perform this request"}
                     self.response.content_type = "application/json"
                     self.response.write(json.dumps(response))
                     self.response.set_status(401)
             else:
                 response = \
                         {"error": "Token not found in the system"}
                 self.response.content_type = "application/json"
                 self.response.write(json.dumps(response))
                 self.response.set_status(404)
         else:
             response = \
                 {"error": "The cookie session provided does not belongs to any active user"}
             self.response.content_type = "application/json"
             self.response.write(json.dumps(response))
             self.response.set_status(400)
     else:
         response = {"error": "You must provide a session cookie"}
         self.response.content_type = "application/json"
         self.response.write(json.dumps(response))
         self.response.set_status(401)
Пример #7
0
  def delete(self, user_id):
    cookie_value = self.request.cookies.get("session")
    if not cookie_value == None:
      user_logged_key = self.getUserInfo(cookie_value)
      if not user_logged_key == None:
        user_logged_id = ndb_pb.getUserId(user_logged_key)
        # It is neccesary to get the parameters from the request
        user_info = ndb_pb.getUser(user_id)
        if user_info == None:
          self.response.content_type = "application/json"
          self.response.write(json.dumps({"error": "The user requested does not exist"}))
          self.response.set_status(404)
        elif not user_info == None and user_logged_id == user_id:
          # Logout of the user in the system
          logout_status = self.logout(cookie_value)
          # Invalidates the cookie
          self.response.delete_cookie("session")

          # Deletes the user from the datastore
          ndb_pb.deleteUser(user_logged_key)
          
          # Builds the response
          self.response.set_status(204)
        else:
          self.response.content_type = "application/json"
          self.response.write(json.dumps({"error": "You do not have the proper rights to delete this resource" +
          " (The cookie session header does not match with the resource requested)"}))
          self.response.set_status(401)
      else:
        self.response.content_type = "application/json"
        self.response.write(json.dumps({"error": "The session cookie header does not belong to an active user in the system"}))
        self.response.set_status(400)
    else:
      self.response.content_type = "application/json"
      self.response.write(json.dumps({"error": "The user is not authenticated"}))
      self.response.set_status(401)
Пример #8
0
  def post(self, user_id):
    cookie_value = self.request.cookies.get("session")
    if not cookie_value == None:
      user_logged_key = self.getUserInfo(cookie_value)
      if not user_logged_key == None:
        user_logged_id = ndb_pb.getUserId(user_logged_key)
        user_info = ndb_pb.getUser(user_id)
        # Checks if the user active is the owner of the resource (if exists)
        if user_info == None:
          self.response.content_type = "application/json"
          self.response.write(json.dumps({"error": "The user requested does not exist"}))
          self.response.set_status(404)
        elif not user_info == None and user_logged_id==user_id: 
          values = self.request.POST
          # Dict that contains the user values and fields to be updated
          update_data = {}

          # We parse the data received in the request
          if values.has_key("description"):
            update_data["description"] = values.get("description")
          if values.has_key("website"):
            update_data["website"] = values.get("website")
          if values.has_key("image"):
            update_data["image"] = values.get("image")
          if values.has_key("phone"):
            update_data["phone"] = int(values.get("phone"))
          if values.has_key("email"):
            update_data["email"] = values.get("email")
          if values.has_key("private_phone"):
            # Checks if private_phone has a proper value
            if values.get("private_phone") in ["True", "true"]:
              private_phone = True
              update_data["private_phone"] = private_phone
            elif values.get("private_phone") in ["False", "false"]:
              private_phone = False
              update_data["private_phone"] = private_phone
          if values.has_key("private_email"):
             # Checks if private_email has a proper value
            if values.get("private_email") in ["True", "true"]:
              private_email = True
              update_data["private_email"] = private_email
            elif values.get("private_email")in ["False", "false"]:
              private_email = False
              update_data["private_email"] = private_email
          if values.has_key("component"):
            component_id = values.get("component")      
            component = ndb_pb.getComponent(user_logged_key, component_id)
            # If the component_id provided in the request exists in the system and the user has not added it previously,
            # we add the component_id provided to the list of user's data to be updated
            if not component == None:
              update_data["component"] = component_id
          
          # Updates the resource 
          if not len(update_data) == 0:
            updated_info = ndb_pb.updateUser(user_logged_key, update_data)
            if not len(updated_info) == 0:
              self.response.content_type = "application/json"
              self.response.write(json.dumps({"details": "The update has been successfully executed", "status": "Updated", "updated": update_data.keys()}))
              self.response.set_status(200)
            else:
              self.response.content_type = "application/json"
              self.response.write(json.dumps({"details": "Resource not modified (check parameters and values provided)", "status": "Not Modified"}))
              self.response.set_status(304)   
          else:
            self.response.content_type = "application/json"
            self.response.write(json.dumps({"details": "Resource not modified (check parameters and values provided)", "status": "Not Modified"}))
            self.response.set_status(304) 
        else:
          self.response.content_type = "application/json"
          self.response.write(json.dumps({"error": "You don\"t have the proper rights to modify this resource" +
            " (The cookie session header does not match with the resource requested)"}))
          self.response.set_status(401)
      else:
        self.response.content_type = "application/json"
        self.response.write(json.dumps({"error": "The session cookie header does not belong to an active user in the system"}))
        self.response.set_status(400)
    else:
      self.response.content_type = "application/json"
      self.response.write(json.dumps({"error": "The user is not authenticated"}))
      self.response.set_status(401)
Пример #9
0
    def get(self, user_id):
        cookie_value = self.request.cookies.get("session")
        if not cookie_value == None:
            user_logged_key = self.getUserInfo(cookie_value)
            if not user_logged_key == None:
                user_logged_id = ndb_pb.getUserId(user_logged_key)
                user_info = ndb_pb.getUser(user_id)
                # Checks if the user active is the owner of the resource (if exists)
                if user_info == None:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps(
                            {"error": "The user requested does not exist"}))
                    self.response.set_status(404)
                elif not user_info == None and user_logged_key == user_id:
                    cred_info = ndb_pb.getUserTokens(user_id)
                    if cred_info == None:
                        self.response.content_type = "application/json"
                        self.response.write(
                            json.dumps({
                                "error":
                                "The user has not credentials added to his profile"
                            }))
                        self.response.set_status(404)
                    else:
                        self.response.content_type = "application/json"
                        self.response.write(cred_info)
                        self.response.set_status(200)
                else:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps({
                            "error":
                            "You don\"t have the proper rights to modify this resource"
                            +
                            " (The cookie session header does not match with the resource requested)"
                        }))
                    self.response.set_status(401)
            else:
                # We invalidate the session cookies received
                expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
                self.response.set_cookie("session",
                                         "",
                                         path="/",
                                         domain=domain,
                                         secure=True,
                                         expires=expire_date)
                # We delete and invalidate other cookies received, like the user logged nickname
                # and social network in which the user performed the login
                if not self.request.cookies.get("social_network") == None:
                    self.response.set_cookie("social_network",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)
                if not self.request.cookies.get("user") == None:
                    self.response.set_cookie("user",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)

                # Builds the response
                self.response.content_type = "application/json"
                self.response.write(
                    json.dumps({
                        "error":
                        "The session cookie header does not belong to an active user in the system"
                    }))
                self.response.set_status(400)
        else:
            self.response.content_type = "application/json"
            self.response.write(
                json.dumps({"error": "The user is not authenticated"}))
            self.response.set_status(401)
Пример #10
0
    def post(self, user_id):
        cookie_value = self.request.cookies.get("session")
        if not cookie_value == None:
            user_logged_key = self.getUserInfo(cookie_value)
            if not user_logged_key == None:
                users_logged_id = ndb_pb.getUserId(user_logged_key)
                user_info = ndb_pb.getUser(user_id)
                if user_info == None:
                    self.response.content_type = "application/json"
                    self.response.write(
                        {"error": "The requested user does not exist"})
                    self.response.set_status(404)
                elif not user_info == None and user_logged_id == user_id:
                    values = self.request.POST
                    # Dictionary in which the updated data will be stored
                    updated_data = {}

                    if values.hasKey("age"):
                        updated_data["age"] = int(values.get("age"))
                    if values.hasKey("studies"):
                        updated_data["studies"] = values.get("studies")
                    if values.hasKey("tech_exp"):
                        updated_data["tech_exp"] = values.get("tech_exp")
                    if values.hasKey("social_nets_use"):
                        updated_data["social_nets_use"] = values.get(
                            "social_nets_use")
                    if values.hasKey("gender"):
                        updated_data["gender"] = values.get("gender")
                    if values.hasKey("name"):
                        updated_data["name"] = values.get("name")
                    if values.hasKey("surname"):
                        updated_data["surname"] = values.get("surname")

                    if not len(updated_data) == 0:
                        updated_info = ndb_pb.updateProfile(
                            user_id, updated_data)
                        if not len(updated_info) == 0:
                            self.response.content_type = "application/json"
                            self.response.write(
                                json.dumps({
                                    "details":
                                    "The update has been successfully executed",
                                    "status": "Updated",
                                    "updated": update_data.keys()
                                }))
                            self.response.set_status(200)
                        else:
                            self.response.content_type = "application/json"
                            self.response.write(
                                json.dumps({
                                    "details":
                                    "Resource not modified (check parameters and values provided)",
                                    "status": "Not Modified"
                                }))
                            self.set_status(304)
                else:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps({
                            "error":
                            "You don\"t have the proper rights to modify this resource"
                            +
                            " (The cookie session header does not match with the resource requested)"
                        }))
                    self.response.set_status(401)
            else:
                # We invalidate the session cookies received
                expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
                self.response.set_cookie("session",
                                         "",
                                         path="/",
                                         domain=domain,
                                         secure=True,
                                         expires=expire_date)
                # We delete and invalidate other cookies received, like the user logged nickname
                # and social network in which the user performed the login
                if not self.request.cookies.get("social_network") == None:
                    self.response.set_cookie("social_network",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)
                if not self.request.cookies.get("user") == None:
                    self.response.set_cookie("user",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)

                # Builds the response
                self.response.content_type = "application/json"
                self.response.write(
                    json.dumps({
                        "error":
                        "The session cookie header does not belong to an active user in the system"
                    }))
                self.response.set_status(400)
        else:
            self.response.content_type = "application/json"
            self.response.write(
                json.dumps({"error": "The user is not authenticated"}))
            self.response.set_status(401)
Пример #11
0
    def delete(self, user_id):
        cookie_value = self.request.cookies.get("session")
        if not cookie_value == None:
            user_logged_key = self.getUserInfo(cookie_value)
            if not user_logged_key == None:
                user_logged_id = ndb_pb.getUserId(user_logged_key)
                # It is neccesary to get the parameters from the request
                user_info = ndb_pb.getUser(user_id)
                if user_info == None:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps(
                            {"error": "The user requested does not exist"}))
                    self.response.set_status(404)
                elif not user_info == None and user_logged_id == user_id:
                    # Logout of the user in the system
                    logout_status = self.logout(cookie_value)
                    # Invalidates the cookie
                    self.response.delete_cookie("session")

                    # Deletes the user from the datastore
                    ndb_pb.deleteUser(user_logged_key)

                    # Builds the response
                    self.response.set_status(204)
                else:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps({
                            "error":
                            "You do not have the proper rights to delete this resource"
                            +
                            " (The cookie session header does not match with the resource requested)"
                        }))
                    self.response.set_status(401)
            else:
                # We invalidate the session cookies received
                expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
                self.response.set_cookie("session",
                                         "",
                                         path="/",
                                         domain=domain,
                                         secure=True,
                                         expires=expire_date)
                # We delete and invalidate other cookies received, like the user logged nickname
                # and social network in which the user performed the login
                if not self.request.cookies.get("social_network") == None:
                    self.response.set_cookie("social_network",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)
                if not self.request.cookies.get("user") == None:
                    self.response.set_cookie("user",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)
                # Builds the response
                self.response.content_type = "application/json"
                self.response.write(
                    json.dumps({
                        "error":
                        "The session cookie header does not belong to an active user in the system"
                    }))
                self.response.set_status(400)
        else:
            self.response.content_type = "application/json"
            self.response.write(
                json.dumps({"error": "The user is not authenticated"}))
            self.response.set_status(401)
Пример #12
0
    def post(self, user_id):
        cookie_value = self.request.cookies.get("session")
        if not cookie_value == None:
            user_logged_key = self.getUserInfo(cookie_value)
            if not user_logged_key == None:
                user_logged_id = ndb_pb.getUserId(user_logged_key)
                user_info = ndb_pb.getUser(user_id)
                # Checks if the user active is the owner of the resource (if exists)
                if user_info == None:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps(
                            {"error": "The user requested does not exist"}))
                    self.response.set_status(404)
                elif not user_info == None and user_logged_id == user_id:
                    values = self.request.POST
                    # Dict that contains the user values and fields to be updated
                    update_data = {}

                    # We parse the data received in the request
                    if values.has_key("description"):
                        update_data["description"] = values.get("description")
                    if values.has_key("website"):
                        update_data["website"] = values.get("website")
                    if values.has_key("image"):
                        update_data["image"] = values.get("image")
                    if values.has_key("phone"):
                        update_data["phone"] = int(values.get("phone"))
                    if values.has_key("email"):
                        update_data["email"] = values.get("email")
                    if values.has_key("private_phone"):
                        # Checks if private_phone has a proper value
                        if values.get("private_phone") in ["True", "true"]:
                            private_phone = True
                            update_data["private_phone"] = private_phone
                        elif values.get("private_phone") in ["False", "false"]:
                            private_phone = False
                            update_data["private_phone"] = private_phone
                    if values.has_key("private_email"):
                        # Checks if private_email has a proper value
                        if values.get("private_email") in ["True", "true"]:
                            private_email = True
                            update_data["private_email"] = private_email
                        elif values.get("private_email") in ["False", "false"]:
                            private_email = False
                            update_data["private_email"] = private_email
                    if values.has_key("component"):
                        component_id = values.get("component")
                        component = ndb_pb.getComponent(
                            user_logged_key, component_id)
                        # If the component_id provided in the request exists in the system and the user has not added it previously,
                        # we add the component_id provided to the list of user's data to be updated
                        if not component == None:
                            update_data["component"] = component_id

                    # Updates the resource and return the proper response to the client
                    if not len(update_data) == 0:
                        updated_info = ndb_pb.updateUser(
                            user_logged_key, update_data)
                        if not len(updated_info) == 0:
                            self.response.content_type = "application/json"
                            self.response.write(
                                json.dumps({
                                    "details":
                                    "The update has been successfully executed",
                                    "status": "Updated",
                                    "updated": update_data.keys()
                                }))
                            self.response.set_status(200)
                        # We return a custom error message if the request had as purpose adding a component to the user's dashboard
                        elif len(updated_info) == 0:
                            self.response.content_type = "application/json"
                            self.response.set_status(304)
                            if update_data.has_key("component_id"):
                                self.response.write(
                                    json.dumps({
                                        "details":
                                        "Resource not modified (The component specified does not exists"
                                        +
                                        "or the user has not added to its account the social networks that consumes the component)",
                                        "status":
                                        "Not Modified"
                                    }))
                            else:
                                self.response.write(
                                    json.dumps({
                                        "details":
                                        "Resource not modified (check parameters and values provided)",
                                        "status": "Not Modified"
                                    }))
                    else:
                        self.response.content_type = "application/json"
                        self.response.write(
                            json.dumps({
                                "details":
                                "Resource not modified (It hasn't been specified any valid parameter for this method)",
                                "status": "Not Modified"
                            }))
                        self.response.set_status(304)

                # Status errors related to permission and user authentication
                else:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps({
                            "error":
                            "You don\"t have the proper rights to modify this resource"
                            +
                            " (The cookie session header does not match with the resource requested)"
                        }))
                    self.response.set_status(401)
            else:
                # We invalidate the session cookies received
                expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
                self.response.set_cookie("session",
                                         "",
                                         path="/",
                                         domain=domain,
                                         secure=True,
                                         expires=expire_date)
                # We delete and invalidate other cookies received, like the user logged nickname
                # and social network in which the user performed the login
                if not self.request.cookies.get("social_network") == None:
                    self.response.set_cookie("social_network",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)
                if not self.request.cookies.get("user") == None:
                    self.response.set_cookie("user",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)

                # Builds the response
                self.response.content_type = "application/json"
                self.response.write(
                    json.dumps({
                        "error":
                        "The session cookie header does not belong to an active user in the system"
                    }))
                self.response.set_status(400)
        else:
            self.response.content_type = "application/json"
            self.response.write(
                json.dumps({"error": "The user is not authenticated"}))
            self.response.set_status(401)
Пример #13
0
    def get(self, user_id):
        cookie_value = self.request.cookies.get("session")
        component_info = self.request.get("component_info",
                                          default_value="reduced")
        if not cookie_value == None:
            # Obtains info related to the user authenticated in the system
            user_logged_key = self.getUserInfo(cookie_value)
            if not user_logged_key == None:
                # Obtains the info related to the resource requested
                component_detailed_info = True if component_info == "detailed" else False
                user_info = ndb_pb.getUser(user_id, component_detailed_info)
                if user_info == None:
                    self.response.content_type = "application/json"
                    self.response.write(
                        json.dumps(
                            {"error": "The user requested does not exist"}))
                    self.response.set_status(404)
                else:
                    # Obtains the user_id to check if the user active is the resource owner
                    user_logged_id = ndb_pb.getUserId(user_logged_key)
                    # Depending on the user making the request, the info returned will be one or another
                    if user_id == user_logged_id:
                        user_profile = ndb_pb.getProfile(user_id)
                        if user_profile == None:
                            user_info["age"] = ""
                            user_info["studies"] = ""
                            user_info["tech_exp"] = ""
                            user_info["social_nets_use"] = ""
                            user_info["gender"] = ""
                            user_info["name"] = ""
                            user_info["surname"] = ""
                        else:
                            user_profile = json.loads(user_profile)
                            user_info["age"] = user_profile["age"]
                            user_info["studies"] = user_profile["studies"]
                            user_info["tech_exp"] = user_profile["tech_exp"]
                            user_info["social_nets_use"] = user_profile[
                                "social_nets_use"]
                            user_info["gender"] = user_profile["gender"]
                            user_info["name"] = user_profile["name"]
                            user_info["surname"] = user_profile["surname"]
                        refs_list = []
                        components_list_js = ndb_pb.getUserComponentList(
                            user_id, component_detailed_info=True)
                        components_list = json.loads(components_list_js)
                        for comp in components_list["data"]:
                            ident = comp["component_id"]
                            # component = ndb_pb.getComponentEntity(ident)
                            version = comp["version"]
                            static = "/"
                            if str(ident) == "twitter-timeline":
                                static = "/static/"
                            ref = "/bower_components/" + \
                                  str(ident) + "-" + str(version) + static + str(ident) + ".html"
                            refs_list.append(ref)
                        user_info["references"] = refs_list
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(user_info))
                        self.response.set_status(200)
                    else:
                        user_dict = {
                            "user_id": user_info["user_id"],
                            "description": user_info["description"],
                            "image": user_info["image"],
                            "website": user_info["website"],
                            "networks": user_info["nets"],
                            "components": user_info["components"],
                            "age": "",
                            "studies": "",
                            "tech_exp": "",
                            "social_nets_use": "",
                            "gender": ""
                        }
                        if user_info["private_email"] == False:
                            user_dict["email"] = user_info["email"]
                        if user_info["private_phone"] == False:
                            user_dict["phone"] = user_info["phone"]
                        for comp in user_info.components:
                            dict_comp = json.loads(comp)
                            ident = dict_comp["component_id"]
                            preversion = ndb_pb.getComponentEntity(
                                comp["component_id"])
                            version = preversion.version
                            static = "/"
                            if ident == "twitter-timeline": static = "/static/"
                            ref = "/bower_components/" + \
                                  ident + "-" + version + static + ident + ".html"
                            refs_list.append(ref)
                        user_dict["references"] = refs_list
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(user_dict))
                        self.response.set_status(200)
            else:
                # We invalidate the session cookies received
                expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
                self.response.set_cookie("session",
                                         "",
                                         path="/",
                                         domain=domain,
                                         secure=True,
                                         expires=expire_date)
                # We delete and invalidate other cookies received, like the user logged nickname
                # and social network in which the user performed the login
                if not self.request.cookies.get("social_network") == None:
                    self.response.set_cookie("social_network",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)
                if not self.request.cookies.get("user") == None:
                    self.response.set_cookie("user",
                                             "",
                                             path="/",
                                             domain=domain,
                                             secure=True,
                                             expires=expire_date)

                # Builds the response
                self.response.content_type = "application/json"
                self.response.write(
                    json.dumps({
                        "error":
                        "The session cookie header does not belong to an active user in the system"
                    }))
                self.response.set_status(400)

        # If the request doesn't come along a cookie, we search for the user_id in the system
        # (We only return an object verifying that the user_id requested exists in the system)
        else:
            self.response.content_type = "application/json"
            user = ndb_pb.getUser(user_id)
            if not user == None:
                self.response.set_status(200)
            else:
                self.response.write(
                    json.dumps({"error": "User not found in the system"}))
                self.response.set_status(404)