def edit_keys(request, key_id=None, user_id=None):
if not request.is_ajax():
raise PermissionDenied
if key_id:
api_key = get_object_or_404(MemberAPIKey, keyid=key_id)
else:
api_key = None
user = None
if user_id:
user = get_object_or_404(User, pk=user_id)
if request.method == 'POST':
key_id = int(request.POST.get('key_id', None).replace(' ',''))
user = get_object_or_404(User, pk=request.POST.get('user_id', None))
if user != request.user and not request.user.has_perm(
'API.add_keys'):
raise PermissionDenied
vcode = request.POST.get('vcode', None).replace(' ', '')
if api_key:
api_key.keyid = key_id
api_key.vcode = vcode
api_key.user = user
api_key.validate()
else:
api_key = MemberAPIKey(user=user,
keyid=key_id,
vcode=vcode)
api_key.validate()
return TemplateResponse(request, "api_key_form.html", {'key': api_key,
'member': user})
def edit_keys(request, key_id=None, user_id=None):
if not request.is_ajax():
raise PermissionDenied
if key_id:
api_key = get_object_or_404(MemberAPIKey, keyid=key_id)
else:
api_key = None
user = None
if user_id:
user = get_object_or_404(User, pk=user_id)
if request.method == 'POST':
key_id = int(request.POST.get('key_id', None).replace(' ', ''))
user = get_object_or_404(User, pk=request.POST.get('user_id', None))
if user != request.user and not request.user.has_perm('API.add_keys'):
raise PermissionDenied
vcode = request.POST.get('vcode', None).replace(' ', '')
if api_key:
api_key.keyid = key_id
api_key.vcode = vcode
api_key.user = user
api_key.validate()
else:
api_key = MemberAPIKey(user=user, keyid=key_id, vcode=vcode)
api_key.validate()
return TemplateResponse(request, "api_key_form.html", {
'key': api_key,
'member': user
})
def get_api_keys(request, app_id):
app = get_object_or_404(Application, pk=app_id)
if app.applicant != request.user or not request.is_ajax():
raise PermissionDenied
if request.method == "POST":
error_list = []
key_id = request.POST.get("key_id", 0)
key_vcode = request.POST.get("vcode", "")
if not key_id or not key_vcode:
error_list.append("You must provide both Key ID and vCode!")
else:
try:
key_id = int(key_id)
except ValueError:
error_list.append("The Key ID is invalid (not an integer)!")
api_key = MemberAPIKey(keyid=key_id, vcode=key_vcode, user=request.user)
api_key.validate()
if not api_key.validation_error:
return HttpResponse()
else:
error_list.append(api_key.validation_error)
api_key.delete()
if error_list:
error_text = ""
for x in error_list:
error_text += "%s<br />" % x
return HttpResponse(error_text, status=400)
else:
return TemplateResponse(request, "api_widget.html", {"application": app})
def recruiter_api_key_edit(request, app_id, key_id):
if not request.is_ajax():
raise PermissionDenied
app = get_object_or_404(Application, pk=app_id)
if request.method == "GET":
api_key = get_object_or_404(MemberAPIKey, keyid=key_id)
else:
key_id = int(request.POST.get("Recruiter_key_id", None).replace(" ", ""))
vcode = request.POST.get("Recruiter_vcode", None).replace(" ", "")
try:
api_key = MemberAPIKey.objects.get(keyid=key_id, user=app.applicant)
api_key.keyid = key_id
api_key.vcode = vcode
api_key.user = app.applicant
api_key.validate()
except:
api_key = MemberAPIKey(user=app.applicant, keyid=key_id, vcode=vcode)
api_key.validate()
auto_comment = "An API (%s) was added by %s" % (key_id, request.user)
app_comment = AppComment(application=app, author=request.user, comment=auto_comment)
return TemplateResponse(request, "recruiter_api_key_form.html", {"key": api_key, "app": app})