def post(self):
self.session = True
user = UserInfo()
user.whoIs(self)
if 'published' in self.request.arguments():
logging.info('adding a sketch and the published field has been sent')
preview = self.request.get('preview')
submitted = self.request.get('submitted')
published = ('published' in self.request.arguments())
theKey = Sketch.generateKey()
sketch = Sketch(key_name = theKey)
sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip()
sketch.description = util.Sanitize(self.request.get('text_input'))
# minimal protection against spammers, redirect to root if the program contains too many urls
#logging.info('occurrences of http ' + str(sketch.sourceCode.count("http")))
sketch_sourceCode_count_http = sketch.sourceCode.count("http://")
sketch_sourceCode_count_url_http = sketch.sourceCode.count("[url=http://")
sketch_description_count_http = sketch.description.count("http://")
if sketch_sourceCode_count_http > 10:
self.redirect("/")
return
if sketch_sourceCode_count_url_http > 0:
self.redirect("/")
return
if sketch_description_count_http > 7:
self.redirect("/")
return
if sketch_description_count_http + sketch_sourceCode_count_http > 12:
self.redirect("/")
return
sketch_title = self.request.get('title_input')
# now let's check in some other ways if the content is suspicious
suspiciousContent = False
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title,sketch_tags_commas):
suspiciousContent = True
if any(util.doesItContainProfanity(text)\
for text in(sketch_title,
sketch.sourceCode,
sketch.description)
):
suspiciousContent = True
gallerySketch = GallerySketch(key_name = theKey) # the gallery must be ordered by time, most recent first
if user.user:
#authorSketchesSketch = AuthorSketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
#mySketchesSketch = MySketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
user_id_in_fixed_digits = '-%023d' % (int(user.user_id))
authorSketchesSketch = AuthorSketchesSketch(key_name = user_id_in_fixed_digits + theKey)
mySketchesSketch = MySketchesSketch(key_name = user_id_in_fixed_digits + theKey)
authorSketchesSketch.user_id_string = util.convDecToBase(string._long(user.user_id),62)
mySketchesSketch.user_id_string = util.convDecToBase(string._long(user.user_id),62)
else:
authorSketchesSketch = AuthorSketchesSketch(key_name = '-%023d' % (0) + theKey)
mySketchesSketch = MySketchesSketch(key_name = '-%023d' % (0) + theKey)
authorSketchesSketch.user_id_string = "anonymous"
mySketchesSketch.user_id_string = "anonymous"
# propagate the "suspicious" flag in all the records that we are adding
sketch.suspiciousContent = suspiciousContent
gallerySketch.suspiciousContent = suspiciousContent
authorSketchesSketch.suspiciousContent = suspiciousContent
mySketchesSketch.suspiciousContent = suspiciousContent
sketch.set_title(sketch_title)
gallerySketch.title = sketch.title
authorSketchesSketch.title = sketch.title
mySketchesSketch.title = sketch.title
if suspiciousContent == True:
sketch.published = False
authorSketchesSketch.published = False
mySketchesSketch.published = False
elif user.user:
sketch.published = published
authorSketchesSketch.published = published
mySketchesSketch.published = published
else:
sketch.published = True
authorSketchesSketch.published = True
mySketchesSketch.published = True
sketch.sourceCode = clean_sourcecode(sketch.sourceCode)
#sketch.author_user = user.user
sketch.author_email = user.email
sketch.author_user_id = user.user_id
if user.user:
sketch.author_string_user_id = util.convDecToBase(string._long(user.user_id),62)
sketch.author_nickname = user.nickname
else:
sketch.author_string_user_id = "anonymous"
sketch.author_nickname = "anonymous"
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
sketch.tags_commas = self.request.get('tags')
gallerySketch.tags_commas = self.request.get('tags')
authorSketchesSketch.tags_commas = self.request.get('tags')
mySketchesSketch.tags_commas = self.request.get('tags')
template_values = {
'sketch': sketch,
'published': sketch.published,
'preview': preview,
'submitted': submitted,
'action': "addBlog",
'tags': self.request.get('tags'),
}
sketch.set_randomID()
sketch.parentSketchRandomID = self.request.get('parentSketchRandomID')
if sketch.parentSketchRandomID is None:
sketch.parentSketchRandomID = ''
if sketch.parentSketchRandomID == '':
sketch.oldestParentSketchRandomID = sketch.randomID;
else:
sketch.oldestParentSketchRandomID = self.request.get('oldestParentSketchRandomID')
sketch.set_parents(self.request.get('parent_idList'),self.request.get('parent_nicknamesList'))
gallerySketch.randomID = sketch.randomID
authorSketchesSketch.randomID = sketch.randomID
mySketchesSketch.randomID = sketch.randomID
sketch.save()
# if this is an anonymous user adding a sketch, we have forced this flag to True
if sketch.published:
authorSketchesSketch.save()
gallerySketch.save()
mySketchesSketch.save()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('add blog, thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info('add blog, thumbnail data not empty - adding/overwriting thumbnail')
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID,thumbnailData)
else:
logging.info('add blog, no thumbnail data')
if user.user and suspiciousContent and ('published' in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID="+sketch.randomID)
else:
self.redirect(sketch.full_permalink())
def get(self):
if not authorized.checkIfUserIsInWhiteList():
self.redirect(authorized.getLoginPage())
self.session = True
self.response.out.write(
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
)
self.response.out.write(
'<html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml">'
)
self.response.out.write('<head>')
self.response.out.write('<title>Change identity</title>')
self.response.out.write('</head>')
self.response.out.write('<script type="text/javascript">')
self.response.out.write('function deleteCookie(name){')
self.response.out.write('document.cookie = name +')
self.response.out.write(
'\'=; expires=Thu, 01-Jan-70 00:00:01 GMT;path=/\';')
self.response.out.write('} ')
self.response.out.write('function deleteClientSideUserInfoCookies(){')
self.response.out.write(' alert(\'clearing live cookies\');')
self.response.out.write(' deleteCookie(\'user.user_id\');')
self.response.out.write(
' deleteCookie(\'user.is_current_user_admin\');')
self.response.out.write(' deleteCookie(\'user.user\');')
self.response.out.write(' deleteCookie(\'user.nickname\');')
self.response.out.write(' deleteCookie(\'firstLogin\');')
self.response.out.write('} ')
self.response.out.write('</script>')
self.response.out.write('<body>')
self.response.out.write('<b>Real identity</b>')
user = users.get_current_user()
self.response.out.write('<br>Your real user_id: ' + user.user_id())
self.response.out.write('<br>Your real email: ' + user.email())
self.response.out.write('<br>Your real nickname: ' + user.nickname())
self.response.out.write('<br>Your real is_current_user_admin: ' +
str(users.is_current_user_admin()))
'''
self.response.out.write('<hr>')
self.response.out.write('<b>Last user info update</b>')
self.response.out.write('<br>You posted this user_id: ' + self.request.get('user_id'))
self.response.out.write('<br>You posted this email: ' + self.request.get('email'))
self.response.out.write('<br>You posted this nickname: ' + self.request.get('nickname'))
self.response.out.write('<br>You posted this is_current_user_admin: ' + self.request.get('is_current_user_admin'))
'''
#self.response.out.write('<hr>')
#self.response.out.write('<b>Info on session update</b>')
'''
# first, if any parameters are sent, we create the session, or we catch the previous one
if self.request.get('is_current_user_admin') != "" or self.request.get('user_id') != "" or self.request.get('email') != "" or self.request.get('nickname') != "":
if sess.is_new():
#self.response.out.write('<br>New session - setting counter to 0.<br>')
sess['myCounter']=0
else:
#self.response.out.write('<br>Modifying the current session<br>')
sess['myCounter']+=1
self.response.out.write('<br>Session counter is ' + str(sess['myCounter']) + '<br>')
'''
# second, if anything changed, we modify the session
if self.request.get('user') != "":
#self.response.out.write('user not empy - setting it in session <br>')
self.session['user'] = self.request.get('user')
if self.request.get('user_id') != "":
#self.response.out.write('user_id not empy - setting it in session <br>')
self.session['user_id'] = self.request.get('user_id')
if self.request.get('email') != "":
#self.response.out.write('email not empy - setting it in session <br>')
self.session['email'] = self.request.get('email')
if self.request.get('nickname') != "":
#self.response.out.write('nickname not empy - setting it in session <br>')
self.session['nickname'] = self.request.get('nickname')
if self.request.get('is_current_user_admin') != "":
#self.response.out.write('is_current_user_admin not empy - setting it in session <br>')
self.session['is_current_user_admin'] = self.request.get(
'is_current_user_admin')
if self.request.get('clear') != "":
self.session.delete()
self.session = None
logging.info('invalidated the session')
'''
self.response.out.write('<hr>')
self.response.out.write('<b>Session info</b>')
if not self.session:
self.response.out.write('<br><br>no session')
else:
try:
self.response.out.write('<br>user in session: ' + self.session['user'] )
except KeyError:
self.response.out.write('<br>No user in session ')
try:
self.response.out.write('<br>user_id in session: ' + self.session['user_id'] )
except KeyError:
self.response.out.write('<br>No user_id in session ')
try:
self.response.out.write('<br>email in session: ' + self.session['email'] )
except KeyError:
self.response.out.write('<br>No email in session ')
try:
self.response.out.write('<br>nickname in session: ' + self.session['nickname'] )
except KeyError:
self.response.out.write('<br>No nickname in session ')
try:
self.response.out.write('<br>is_current_user_admin in session: ' + str(self.session['is_current_user_admin'] == 'True') )
except KeyError:
self.response.out.write('<br>No is_current_user_admin in session ')
'''
self.response.out.write('<hr>')
self.response.out.write('<b>Cover Identity</b>')
user2 = UserInfo()
user2.whoIs(self)
self.response.out.write('<br>Your UserInfo user (as string): ' +
str(user2.user))
self.response.out.write('<br>Your UserInfo user_id: ' +
str(user2.user_id))
self.response.out.write('<br>Your UserInfo email: ' + str(user2.email))
self.response.out.write('<br>Your UserInfo nickname: ' +
str(user2.nickname))
self.response.out.write('<br>Your UserInfo is_current_user_admin: ' +
str(user2.is_current_user_admin))
impersonatedUser = users.User(str(user2.email))
if impersonatedUser is not None:
key = UserTrick(user=impersonatedUser).put()
obj = UserTrick.get(key)
self.response.out.write('<hr>')
self.response.out.write(
'<b>Full identity of user with this email</b>')
self.response.out.write('<br>Your real user_id: ' +
str(obj.user.user_id()))
self.response.out.write('<br>Your real email: ' + obj.user.email())
self.response.out.write('<br>Your real nickname: ' +
obj.user.nickname())
self.response.out.write('<hr>')
self.response.out.write(
'<b>Overwrite any part of your identity (blanks will stay the same)</b>'
)
self.response.out.write(
'<br><br><form name="input" action="." method="get">')
self.response.out.write('user:<input type="user" name="user" />')
self.response.out.write(
'user_id:<input type="user_id" name="user_id" />')
self.response.out.write('email:<input type="email" name="email" />')
self.response.out.write(
'nickname:<input type="nickname" name="nickname" />')
self.response.out.write(
'is_current_user_admin:<input type="is_current_user_admin" name="is_current_user_admin" />'
)
self.response.out.write(
'<input type="submit" value="Submit" onClick="deleteClientSideUserInfoCookies();"/>'
)
self.response.out.write('</form>')
self.response.out.write('<hr>')
self.response.out.write(
'<br><a href="/admin/userid/">Refresh page</a> ')
self.response.out.write(
'<br><a href="/admin/userid/?clear=y" onClick="deleteClientSideUserInfoCookies();">Return to original identity</a> '
)
self.response.out.write(
'<br><a href="/admin/userid/?user=None&user_id=None&email=None&nickname=None&is_current_user_admin=None" onClick="deleteClientSideUserInfoCookies();">Make anonymous (all None)</a> '
)
self.response.out.write(
'<br><a href="#" onClick="deleteClientSideUserInfoCookies();">clean the "live" cookies</a> (these are used in the live environment so that the client can render the effects of the permissions on its own so that we can keep one and only page in the cache, not one for each user!)'
)
self.response.out.write(
'<br><br><a href="/index.html">Back to home page</a> ')
# for formatting, see http://www.network-theory.co.uk/docs/pytut/FancierOutputFormatting.html
# for python date and time operations see http://docs.python.org/library/datetime.html
# for controlling keys in GAE datastore see: http://code.google.com/appengine/docs/python/datastore/keysandentitygroups.html
self.response.out.write('<hr>')
self.response.out.write(
'<b>Tests with date and time objects to create the sketch key</b><br>'
)
d = datetime.date(2028, 7,
3) # third of July 2028. I would be 50 on that day
t = datetime.time(12, 30)
refdate = datetime.datetime.combine(d, t)
difference = refdate - datetime.datetime.now()
self.response.out.write(
'<br>difference between now and 3rd July 2028: ' + str(difference))
self.response.out.write('<br>i.e. ' + str(difference.days) +
' days and ' + str(difference.seconds) +
' seconds and ' +
str(difference.microseconds) + ' microseconds')
self.response.out.write(
'<br>compactly and with a random number: %04d %05d %06d %05d' %
(difference.days, difference.seconds, difference.microseconds,
random.random() * 100000))
self.response.out.write(
'<br>key I will use: %04d%05d%06d%05d' %
(difference.days, difference.seconds, difference.microseconds,
random.random() * 100000))
self.response.out.write('<hr>')
self.response.out.write(
'<b>Tests with stringification of userID</b><br>')
if user2.user_id is None:
self.response.out.write(
'<br>your are marked to be anonymous, so this doesnt apply to you'
)
else:
self.response.out.write('<br>your userid: ' + user2.user_id)
self.response.out.write(
'<br>converted to base 62: ' +
util.convDecToBase(string._long(user2.user_id), 62))
self.response.out.write('<br>back to base 10: ' + str(
util.toBase10(
util.convDecToBase(string._long(user2.user_id), 62), 62)))
self.response.out.write('</body>')
self.response.out.write('</html>')
def whoIs(self, requester):
logging.info('whois function started')
if requester != None:
logging.info('requester is not none')
c = Cookie.SimpleCookie(requester.request.headers.get('Cookie'))
logging.info('got the cookie')
"""
if "groupLoginCode" in c.keys():
logging.info('groupLoginCode is one of the cookies and it is: ' + c["groupLoginCode"].value)
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890154"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group1"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890155"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group2"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890156"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group3"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890157"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group4"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890158"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group5"
self.is_current_user_admin = None
return
"""
# in this case, we give the user session plain and simple
self.user = users.get_current_user()
if self.user: self.user_id = self.user.user_id()
else: self.user_id = None
if self.user:
self.string_user_id = str(
util.convDecToBase(string._long(self.user_id), 62))
else:
self.string_user_id
if self.user: self.email = self.user.email()
else: self.email = None
if self.user:
self.nickname = (self.user.nickname().partition("@"))[0].replace(
".", "_")
else:
self.nickname = None
if self.user:
self.is_current_user_admin = users.is_current_user_admin()
else:
self.is_current_user_admin = None
if self.user: self.user = users.get_current_user()
else: self.user = None
return
def post(self):
self.session = True
user = UserInfo()
user.whoIs(self)
if 'published' in self.request.arguments():
logging.info(
'adding a sketch and the published field has been sent')
preview = self.request.get('preview')
submitted = self.request.get('submitted')
published = ('published' in self.request.arguments())
theKey = Sketch.generateKey()
sketch = Sketch(key_name=theKey)
sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip()
sketch.description = util.Sanitize(self.request.get('text_input'))
# minimal protection against spammers, redirect to root if the program contains too many urls
#logging.info('occurrences of http ' + str(sketch.sourceCode.count("http")))
sketch_sourceCode_count_http = sketch.sourceCode.count("http://")
sketch_sourceCode_count_url_http = sketch.sourceCode.count(
"[url=http://")
sketch_description_count_http = sketch.description.count("http://")
if sketch_sourceCode_count_http > 10:
self.redirect("/")
return
if sketch_sourceCode_count_url_http > 0:
self.redirect("/")
return
if sketch_description_count_http > 7:
self.redirect("/")
return
if sketch_description_count_http + sketch_sourceCode_count_http > 12:
self.redirect("/")
return
sketch_title = self.request.get('title_input')
# now let's check in some other ways if the content is suspicious
suspiciousContent = False
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title, sketch_tags_commas):
suspiciousContent = True
if any(util.doesItContainProfanity(text)\
for text in(sketch_title,
sketch.sourceCode,
sketch.description)
):
suspiciousContent = True
gallerySketch = GallerySketch(
key_name=theKey
) # the gallery must be ordered by time, most recent first
if user.user:
#authorSketchesSketch = AuthorSketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
#mySketchesSketch = MySketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
user_id_in_fixed_digits = '-%023d' % (int(user.user_id))
authorSketchesSketch = AuthorSketchesSketch(
key_name=user_id_in_fixed_digits + theKey)
mySketchesSketch = MySketchesSketch(
key_name=user_id_in_fixed_digits + theKey)
authorSketchesSketch.user_id_string = util.convDecToBase(
string._long(user.user_id), 62)
mySketchesSketch.user_id_string = util.convDecToBase(
string._long(user.user_id), 62)
else:
authorSketchesSketch = AuthorSketchesSketch(key_name='-%023d' %
(0) + theKey)
mySketchesSketch = MySketchesSketch(key_name='-%023d' % (0) +
theKey)
authorSketchesSketch.user_id_string = "anonymous"
mySketchesSketch.user_id_string = "anonymous"
# propagate the "suspicious" flag in all the records that we are adding
sketch.suspiciousContent = suspiciousContent
gallerySketch.suspiciousContent = suspiciousContent
authorSketchesSketch.suspiciousContent = suspiciousContent
mySketchesSketch.suspiciousContent = suspiciousContent
sketch.set_title(sketch_title)
gallerySketch.title = sketch.title
authorSketchesSketch.title = sketch.title
mySketchesSketch.title = sketch.title
if suspiciousContent == True:
sketch.published = False
authorSketchesSketch.published = False
mySketchesSketch.published = False
elif user.user:
sketch.published = published
authorSketchesSketch.published = published
mySketchesSketch.published = published
else:
sketch.published = True
authorSketchesSketch.published = True
mySketchesSketch.published = True
sketch.sourceCode = clean_sourcecode(sketch.sourceCode)
#sketch.author_user = user.user
sketch.author_email = user.email
sketch.author_user_id = user.user_id
if user.user:
sketch.author_string_user_id = util.convDecToBase(
string._long(user.user_id), 62)
sketch.author_nickname = user.nickname
else:
sketch.author_string_user_id = "anonymous"
sketch.author_nickname = "anonymous"
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
sketch.tags_commas = self.request.get('tags')
gallerySketch.tags_commas = self.request.get('tags')
authorSketchesSketch.tags_commas = self.request.get('tags')
mySketchesSketch.tags_commas = self.request.get('tags')
template_values = {
'sketch': sketch,
'published': sketch.published,
'preview': preview,
'submitted': submitted,
'action': "addBlog",
'tags': self.request.get('tags'),
}
sketch.set_randomID()
sketch.parentSketchRandomID = self.request.get('parentSketchRandomID')
if sketch.parentSketchRandomID is None:
sketch.parentSketchRandomID = ''
if sketch.parentSketchRandomID == '':
sketch.oldestParentSketchRandomID = sketch.randomID
else:
sketch.oldestParentSketchRandomID = self.request.get(
'oldestParentSketchRandomID')
sketch.set_parents(self.request.get('parent_idList'),
self.request.get('parent_nicknamesList'))
gallerySketch.randomID = sketch.randomID
authorSketchesSketch.randomID = sketch.randomID
mySketchesSketch.randomID = sketch.randomID
sketch.save()
# if this is an anonymous user adding a sketch, we have forced this flag to True
if sketch.published:
authorSketchesSketch.save()
gallerySketch.save()
mySketchesSketch.save()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('add blog, thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info(
'add blog, thumbnail data not empty - adding/overwriting thumbnail'
)
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID, thumbnailData)
else:
logging.info('add blog, no thumbnail data')
if user.user and suspiciousContent and ('published'
in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID=" +
sketch.randomID)
else:
self.redirect(sketch.full_permalink())
def get(self):
if not authorized.checkIfUserIsInWhiteList():
self.redirect(authorized.getLoginPage())
self.session = True
self.response.out.write('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">')
self.response.out.write('<html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml">')
self.response.out.write('<head>')
self.response.out.write('<title>Change identity</title>')
self.response.out.write('</head>')
self.response.out.write('<script type="text/javascript">')
self.response.out.write('function deleteCookie(name){')
self.response.out.write('document.cookie = name +')
self.response.out.write('\'=; expires=Thu, 01-Jan-70 00:00:01 GMT;path=/\';')
self.response.out.write('} ')
self.response.out.write('function deleteClientSideUserInfoCookies(){')
self.response.out.write(' alert(\'clearing live cookies\');')
self.response.out.write(' deleteCookie(\'user.user_id\');')
self.response.out.write(' deleteCookie(\'user.is_current_user_admin\');')
self.response.out.write(' deleteCookie(\'user.user\');')
self.response.out.write(' deleteCookie(\'user.nickname\');')
self.response.out.write(' deleteCookie(\'firstLogin\');')
self.response.out.write('} ')
self.response.out.write('</script>')
self.response.out.write('<body>')
self.response.out.write('<b>Real identity</b>')
user = users.get_current_user()
self.response.out.write('<br>Your real user_id: ' + user.user_id())
self.response.out.write('<br>Your real email: ' + user.email())
self.response.out.write('<br>Your real nickname: ' + user.nickname())
self.response.out.write('<br>Your real is_current_user_admin: ' + str(users.is_current_user_admin()))
'''
self.response.out.write('<hr>')
self.response.out.write('<b>Last user info update</b>')
self.response.out.write('<br>You posted this user_id: ' + self.request.get('user_id'))
self.response.out.write('<br>You posted this email: ' + self.request.get('email'))
self.response.out.write('<br>You posted this nickname: ' + self.request.get('nickname'))
self.response.out.write('<br>You posted this is_current_user_admin: ' + self.request.get('is_current_user_admin'))
'''
#self.response.out.write('<hr>')
#self.response.out.write('<b>Info on session update</b>')
'''
# first, if any parameters are sent, we create the session, or we catch the previous one
if self.request.get('is_current_user_admin') != "" or self.request.get('user_id') != "" or self.request.get('email') != "" or self.request.get('nickname') != "":
if sess.is_new():
#self.response.out.write('<br>New session - setting counter to 0.<br>')
sess['myCounter']=0
else:
#self.response.out.write('<br>Modifying the current session<br>')
sess['myCounter']+=1
self.response.out.write('<br>Session counter is ' + str(sess['myCounter']) + '<br>')
'''
# second, if anything changed, we modify the session
if self.request.get('user') != "":
#self.response.out.write('user not empy - setting it in session <br>')
self.session['user'] = self.request.get('user')
if self.request.get('user_id') != "":
#self.response.out.write('user_id not empy - setting it in session <br>')
self.session['user_id'] = self.request.get('user_id')
if self.request.get('email') != "":
#self.response.out.write('email not empy - setting it in session <br>')
self.session['email'] = self.request.get('email')
if self.request.get('nickname') != "":
#self.response.out.write('nickname not empy - setting it in session <br>')
self.session['nickname'] = self.request.get('nickname')
if self.request.get('is_current_user_admin') != "":
#self.response.out.write('is_current_user_admin not empy - setting it in session <br>')
self.session['is_current_user_admin'] = self.request.get('is_current_user_admin')
if self.request.get('clear') != "" :
self.session.delete()
self.session = None
logging.info('invalidated the session')
'''
self.response.out.write('<hr>')
self.response.out.write('<b>Session info</b>')
if not self.session:
self.response.out.write('<br><br>no session')
else:
try:
self.response.out.write('<br>user in session: ' + self.session['user'] )
except KeyError:
self.response.out.write('<br>No user in session ')
try:
self.response.out.write('<br>user_id in session: ' + self.session['user_id'] )
except KeyError:
self.response.out.write('<br>No user_id in session ')
try:
self.response.out.write('<br>email in session: ' + self.session['email'] )
except KeyError:
self.response.out.write('<br>No email in session ')
try:
self.response.out.write('<br>nickname in session: ' + self.session['nickname'] )
except KeyError:
self.response.out.write('<br>No nickname in session ')
try:
self.response.out.write('<br>is_current_user_admin in session: ' + str(self.session['is_current_user_admin'] == 'True') )
except KeyError:
self.response.out.write('<br>No is_current_user_admin in session ')
'''
self.response.out.write('<hr>')
self.response.out.write('<b>Cover Identity</b>')
user2 = UserInfo()
user2.whoIs(self)
self.response.out.write('<br>Your UserInfo user (as string): ' + str(user2.user))
self.response.out.write('<br>Your UserInfo user_id: ' + str(user2.user_id))
self.response.out.write('<br>Your UserInfo email: ' + str(user2.email))
self.response.out.write('<br>Your UserInfo nickname: ' + str(user2.nickname))
self.response.out.write('<br>Your UserInfo is_current_user_admin: ' + str(user2.is_current_user_admin))
impersonatedUser = users.User(str(user2.email))
if impersonatedUser is not None:
key = UserTrick(user=impersonatedUser).put()
obj = UserTrick.get(key)
self.response.out.write('<hr>')
self.response.out.write('<b>Full identity of user with this email</b>')
self.response.out.write('<br>Your real user_id: ' + str(obj.user.user_id()))
self.response.out.write('<br>Your real email: ' + obj.user.email())
self.response.out.write('<br>Your real nickname: ' + obj.user.nickname())
self.response.out.write('<hr>')
self.response.out.write('<b>Overwrite any part of your identity (blanks will stay the same)</b>')
self.response.out.write('<br><br><form name="input" action="." method="get">')
self.response.out.write('user:<input type="user" name="user" />')
self.response.out.write('user_id:<input type="user_id" name="user_id" />')
self.response.out.write('email:<input type="email" name="email" />')
self.response.out.write('nickname:<input type="nickname" name="nickname" />')
self.response.out.write('is_current_user_admin:<input type="is_current_user_admin" name="is_current_user_admin" />')
self.response.out.write('<input type="submit" value="Submit" onClick="deleteClientSideUserInfoCookies();"/>')
self.response.out.write('</form>')
self.response.out.write('<hr>')
self.response.out.write('<br><a href="/admin/userid/">Refresh page</a> ')
self.response.out.write('<br><a href="/admin/userid/?clear=y" onClick="deleteClientSideUserInfoCookies();">Return to original identity</a> ')
self.response.out.write('<br><a href="/admin/userid/?user=None&user_id=None&email=None&nickname=None&is_current_user_admin=None" onClick="deleteClientSideUserInfoCookies();">Make anonymous (all None)</a> ')
self.response.out.write('<br><a href="#" onClick="deleteClientSideUserInfoCookies();">clean the "live" cookies</a> (these are used in the live environment so that the client can render the effects of the permissions on its own so that we can keep one and only page in the cache, not one for each user!)')
self.response.out.write('<br><br><a href="/index.html">Back to home page</a> ')
# for formatting, see http://www.network-theory.co.uk/docs/pytut/FancierOutputFormatting.html
# for python date and time operations see http://docs.python.org/library/datetime.html
# for controlling keys in GAE datastore see: http://code.google.com/appengine/docs/python/datastore/keysandentitygroups.html
self.response.out.write('<hr>')
self.response.out.write('<b>Tests with date and time objects to create the sketch key</b><br>')
d = datetime.date(2028, 7, 3) # third of July 2028. I would be 50 on that day
t = datetime.time(12, 30)
refdate = datetime.datetime.combine(d, t)
difference = refdate - datetime.datetime.now()
self.response.out.write('<br>difference between now and 3rd July 2028: ' + str(difference))
self.response.out.write('<br>i.e. ' + str(difference.days) + ' days and ' + str(difference.seconds) + ' seconds and ' + str(difference.microseconds) + ' microseconds')
self.response.out.write('<br>compactly and with a random number: %04d %05d %06d %05d' % (difference.days, difference.seconds, difference.microseconds, random.random()*100000) )
self.response.out.write('<br>key I will use: %04d%05d%06d%05d' % (difference.days, difference.seconds, difference.microseconds, random.random()*100000) )
self.response.out.write('<hr>')
self.response.out.write('<b>Tests with stringification of userID</b><br>')
if user2.user_id is None:
self.response.out.write('<br>your are marked to be anonymous, so this doesnt apply to you')
else:
self.response.out.write('<br>your userid: ' + user2.user_id)
self.response.out.write('<br>converted to base 62: ' + util.convDecToBase(string._long(user2.user_id),62))
self.response.out.write('<br>back to base 10: ' + str(util.toBase10(util.convDecToBase(string._long(user2.user_id),62), 62)))
self.response.out.write('</body>')
self.response.out.write('</html>')
def whoIs(self,requester):
logging.info('whois function started')
if requester != None:
logging.info('requester is not none')
c = Cookie.SimpleCookie(requester.request.headers.get('Cookie'))
logging.info('got the cookie')
"""
if "groupLoginCode" in c.keys():
logging.info('groupLoginCode is one of the cookies and it is: ' + c["groupLoginCode"].value)
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890154"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group1"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890155"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group2"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890156"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group3"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890157"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group4"
self.is_current_user_admin = None
return
if c["groupLoginCode"].value == "xxxx":
logging.info('...and it is True')
self.user = users.User("*****@*****.**")
self.user_id = "12345678901234567890158"
self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
self.email = "*****@*****.**"
self.nickname = "RaveJuly2011Group5"
self.is_current_user_admin = None
return
"""
# in this case, we give the user session plain and simple
self.user = users.get_current_user()
if self.user: self.user_id = self.user.user_id()
else: self.user_id = None
if self.user: self.string_user_id = str(util.convDecToBase(string._long(self.user_id),62))
else: self.string_user_id
if self.user: self.email = self.user.email()
else: self.email = None
if self.user: self.nickname = (self.user.nickname().partition("@"))[0].replace(".","_")
else: self.nickname = None
if self.user: self.is_current_user_admin = users.is_current_user_admin()
else: self.is_current_user_admin = None
if self.user: self.user = users.get_current_user()
else: self.user = None
return
