def post(self, photo_id):
# Session
current_session = Session(self)
# Load response template
template = JINJA_ENVIRONMENT.get_template("static/templates/api.json")
self.response.headers["Content-Type"] = "application/json"
photo = database.PhotosManager.get_photo_by_id(int(photo_id))
if photo is None:
data = '{"error": "Photo does not exist."}'
result = "FAIL"
else:
# Check permission for this petition (only owner or admin can modify)
if (photo.owner == current_session.get_user_key()) or (current_session.get_role_level() > 2):
name = self.request.get("name")
privacy = int(self.request.get("privacy"))
database.PhotosManager.modify_photo(photo.key, name, privacy)
data = '{"message": "Changes done"}'
result = "OK"
else:
data = '{"error": "No permission to change."}'
result = "FAIL"
# Response result json
self.response.write(template.render(feature="user", data=data, query=self.request.url, result=result))
def post(self):
# Load response template
template = JINJA_ENVIRONMENT.get_template("static/templates/api.json")
self.response.headers["Content-Type"] = "application/json"
# Session request handler
current_session = Session(self)
# Retrieve uploaded info
upload_files = self.get_uploads("file")
blob_info = upload_files[0]
# Check if user can upload the photo
if current_session.get_role_level() < 2:
self.response.headers["Content-Type"] = "application/json"
data = '{"error": "Permission denied"}'
result = "FAIL"
self.response.write(template.render(feature="photo", data=data, query=self.request.url, result=result))
# Remove photo from blob store
blobstore.delete(blob_info.key)
return None
# Save photo to database
photo_id = database.PhotosManager.createPhoto("", current_session.get_user_key(), 2, blob_info.key())
# Prompt response to user
data = '{"photo_id": ' + str(photo_id) + "}"
result = "OK"
self.response.write(template.render(feature="photo", data=data, query=self.request.url, result=result))
def post(self):
# Load response template
template = JINJA_ENVIRONMENT.get_template('static/templates/api.json')
self.response.headers['Content-Type'] = 'application/json'
# Session request handler
current_session = Session(self)
# Retrieve uploaded info
upload_files = self.get_uploads("file")
blob_info = upload_files[0]
# Check if user can upload the photo
if current_session.get_role_level() < 2:
self.response.headers['Content-Type'] = 'application/json'
data = '{"error": "Permission denied"}'
result = "FAIL"
self.response.write(template.render(feature="photo",
data=data,
query=self.request.url,
result=result))
# Remove photo from blob store
blobstore.delete(blob_info.key)
return None
# Save photo to database
photo_id = database.PhotosManager.createPhoto("", current_session.get_user_key(), 2, blob_info.key())
# Prompt response to user
data = '{"photo_id": ' + str(photo_id) + '}'
result = "OK"
self.response.write(template.render(feature="photo", data=data, query=self.request.url, result=result))
def post(self, photo_id):
# Session
current_session = Session(self)
# Load response template
template = JINJA_ENVIRONMENT.get_template('static/templates/api.json')
self.response.headers['Content-Type'] = 'application/json'
photo = database.PhotosManager.get_photo_by_id(int(photo_id))
if photo is None:
data = '{"error": "Photo does not exist."}'
result = "FAIL"
else:
# Check permission for this petition (only owner or admin can modify)
if(photo.owner == current_session.get_user_key()) or (current_session.get_role_level() > 2):
name = self.request.get('name')
privacy = int(self.request.get('privacy'))
database.PhotosManager.modify_photo(photo.key, name, privacy)
data = '{"message": "Changes done"}'
result = "OK"
else:
data = '{"error": "No permission to change."}'
result = "FAIL"
# Response result json
self.response.write(template.render(feature="user", data=data, query=self.request.url, result=result))
def get(self, user_id, photo_id, option):
# Session
current_session = Session(self)
# Load response template
template = JINJA_ENVIRONMENT.get_template("static/templates/api.json")
self.response.headers["Content-Type"] = "application/json"
# Check if user and photo exists
photo = database.PhotosManager.get_photo_by_id(int(photo_id))
user = database.UserManager.select_by_id(int(user_id))
if photo is None:
data = '{"error": "Photo does not exist."}'
result = "FAIL"
elif user is None:
data = '{"error": "User does not exist."}'
result = "FAIL"
else:
# Check permission for this petition (only owner or admin can modify)
if (photo.owner == current_session.get_user_key()) or (current_session.get_role_level() > 2):
if option == "give":
result = database.PhotoUserPermissionManager.give_permission(photo, user)
if result is None:
data = '{"error": "Permission already set."}'
result = "FAIL"
else:
data = '{"message": "Permission allowed."}'
result = "OK"
elif option == "restrict":
result = database.PhotoUserPermissionManager.restrict_permission(photo, user)
if result is True:
data = '{"message": "Permission restricted."}'
result = "OK"
else:
data = '{"error": "Permission is not set. Cannot restrict"}'
result = "FAIL"
else:
data = '{"error": "Permission denied. Operation cannot do."}'
result = "FAIL"
# Response result json
self.response.write(template.render(feature="user", data=data, query=self.request.url, result=result))
def get(self, user_id, photo_id, option):
# Session
current_session = Session(self)
# Load response template
template = JINJA_ENVIRONMENT.get_template('static/templates/api.json')
self.response.headers['Content-Type'] = 'application/json'
# Check if user and photo exists
photo = database.PhotosManager.get_photo_by_id(int(photo_id))
user = database.UserManager.select_by_id(int(user_id))
if photo is None:
data = '{"error": "Photo does not exist."}'
result = "FAIL"
elif user is None:
data = '{"error": "User does not exist."}'
result = "FAIL"
else:
# Check permission for this petition (only owner or admin can modify)
if(photo.owner == current_session.get_user_key()) or (current_session.get_role_level() > 2):
if option == "give":
result = database.PhotoUserPermissionManager.give_permission(photo, user)
if result is None:
data = '{"error": "Permission already set."}'
result = "FAIL"
else:
data = '{"message": "Permission allowed."}'
result = "OK"
elif option == "restrict":
result = database.PhotoUserPermissionManager.restrict_permission(photo, user)
if result is True:
data = '{"message": "Permission restricted."}'
result = "OK"
else:
data = '{"error": "Permission is not set. Cannot restrict"}'
result = "FAIL"
else:
data = '{"error": "Permission denied. Operation cannot do."}'
result = "FAIL"
# Response result json
self.response.write(template.render(feature="user", data=data, query=self.request.url, result=result))
def get(self, photo_id):
# Session request handler
current_session = Session(self)
JINJA_ENVIRONMENT.globals['session'] = current_session
# Language request handler
Language.language(self)
# Load jinja template
template = JINJA_ENVIRONMENT.get_template('static/templates/photo.html')
# Check permission
photo = database.PhotosManager.get_photo_by_id(int(photo_id))
if current_session.get_id() is None:
request_user = None
else:
request_user = database.UserManager.select_by_id(current_session.get_id())
if not security.PhotoSecurity.user_is_allowed_to_watch_photo(photo, request_user):
self.redirect("/")
# Get photo info to display
user = photo.owner.get()
privacy = photo.privacy
date = photo.date
# Check if user can edit photo attributes
edition_permission = (current_session.get_role_level() is 3) or (photo.owner == current_session.get_user_key())
# Get user allowed to watch photo
if privacy == 1:
allowed_users = database.PhotoUserPermissionManager.get_allowed_users_by_photo(photo)
else:
allowed_users = None
# Count photo visited by user
if current_session.get_id() is None:
database.PhotoViewManager.newView(photo, None)
else:
database.PhotoViewManager.newView(photo, current_session.user)
# Photo visualization count
photo_views = database.PhotoViewManager.select_users_by_photo(photo)
views_counter = {}
for photo_view in photo_views:
if photo_view.user is None:
if "Anonymous" in views_counter:
views_counter["Anonymous"]['count'] += 1
else:
views_counter["Anonymous"] = {'count':1,
'name':"Anonymous",
'id': None}
else:
photo_view_user = photo_view.user
if photo_view_user.get().name in views_counter:
views_counter[photo_view_user.get().name]['count'] += 1
else:
views_counter[photo_view_user.get().name] = {'count':1,
'name':photo_view_user.get().name,
'id': photo_view_user.id()}
# Response page
self.response.write(template.render(
photo_id=photo_id,
owner=user,
name=photo.name,
edition_permission= edition_permission,
date= date,
privacy=privacy,
views=views_counter,
every_user_list=database.UserManager.select(),
allowed_users=allowed_users
))
