def handle(self, *args, **options):
# get the params from the command line
self.refreshRate = options['rate']
self.filterByType = options['type']
self.excludeOffline = options['excludeoffline']
# set up interrupt handler for ctrl+C exit event
signal.signal(signal.SIGINT, signal_handler)
Utils.ClearConsole()
# Constantly refresh
while (True):
# Create a new table for the results each time
table = None
table = PrettyTable(['CID', 'Type', 'TimeCreated', 'FromUser', 'NumReports', 'ModAction' , 'Online'])
# Get the list of reports
reports = self._GetReports()
# For each report group, gather the data to be displayed
# and add it to the table if there is any data returned
for report in reports:
data = self._GetTableDataForReport(report)
if (data):
table.add_row(data)
# Print the results and pause for the refreshRate
print (table)
time.sleep(float(self.refreshRate))
Utils.ClearConsole()
print('Updating results every ', self.refreshRate, ' seconds')
def _ValidateUploadReply(jsonData):
# text is optional
# key is optional
# text and key cannot both be null
# threadID is required
threadID = jsonData[Const.Views.UploadReply.JsonRequestKey.THREAD_ID]
text = jsonData[Const.Views.UploadReply.JsonRequestKey.REPLY_TEXT]
key = jsonData[Const.Views.UploadReply.JsonRequestKey.REPLY_URL]
# If the key exists, check if it is valid
if (not Utils.StringIsEmpty(key) and not _S3KeyIsValid(key)):
return False
# if threadID is empty or corrupt, invalid
if (not _GravityUUIDIsValid(threadID)):
return False
# if text and key are both empty, invalid
if (Utils.StringIsEmpty(text) and Utils.StringIsEmpty(key)):
return False
# check max lengths of text
if (Utils.StringExceedsMaxLength(text, Const.Database.MaxLengths.Content.REPLY_TEXT)):
return False
# else
return True
def _ModActionMark(self, modActionResultCode):
# Create the mod action
newModAction = ModAction.objects.create(
result=modActionResultCode,
cid=Utils.UUIDToBinary(self.contentID),
contentType=self.content.contentType)
# Update all reports
Report.objects.filter(cid=Utils.UUIDToBinary(self.contentID))\
.update(modAction=newModAction)
def __init__(self, text, time, id, key):
# self.name = name
self.text = text
self.time = time
self.id = id
self.key = key
# Format the optional fields - if they are null, use empty string
# if Utils.StringIsEmpty(name):
# self.name = ''
if Utils.StringIsEmpty(text):
self.text = ''
if Utils.StringIsEmpty(key):
self.key = ''
def __init__(self, id, text, time, key, order, replies, unique, arn):
self.id = id
self.text = text
self.time = time
self.key = key
self.order = order
self.replies = replies
self.unique = unique
self.arn= arn
# Format the optional fields - if they are null, use empty string
if Utils.StringIsEmpty(key):
self.key = ''
if Utils.StringIsEmpty(text):
self.text = ''
def UploadLive(requestData):
TAG = Const.Tags.Urls.UPLOAD_LIVE
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.userObject
clientSession = securityProperties.userSession
clientThreadText= securityProperties.jsonRequestData[Const.Views.UploadThread.JsonRequestKey.THREAD_TEXT]
clientThreadKey = securityProperties.jsonRequestData[Const.Views.UploadThread.JsonRequestKey.THREAD_URL]
clientThreadARN = securityProperties.jsonRequestData[Const.Views.UploadThread.JsonRequestKey.THREAD_ARN]
# check if this user is posting too fast
if (settings.RATE_LIMIT_LIVE and RateLimiter.UserLiveRateLimitExceeded(clientUser.id)):
# log the warning and return if too many threads
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
messageCode=Const.DataCollection.MessageCodes.UploadLive.RATE_LIMIT_EXCEEDED)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.MessageCodes.UploadLive.RATE_LIMIT_EXCEEDED)
# Save the live thread in the DB
# Save title as an empty string if it is empty
if (Utils.StringIsEmpty(clientThreadText)):
clientThreadText = ''
Thread.objects.create(fromUser=clientUser,
fromSession=clientSession,
contentType=Const.Tags.ContentTypes.THREAD,
text=clientThreadText,
key=clientThreadKey,
arn=clientThreadARN)
QueryManager.CheckAndPruneThreads()
# FOR RELEASE 1.1
# return the list of threads after a successful thread upload
jsonString = GetThreadListJsonString()
# log and return on success
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.UploadLive.POST_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
jsonString, 'application/json')
except Exception as e:
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.UploadLive.POST_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.UploadLive.POST_FAILED_SERVER_ERROR)
def _QueryForLocalPosts(latitude, longitude, radius, postsToExclude, clientID,
blockedUsers, numOfPostsToGet, excludeOwnPosts):
cursor = connection.cursor()
query = _GetLocalQuery(excludeOwnPosts=excludeOwnPosts,
checkRadius=(False if not radius else True))
# Becuase sometimes we need 7 or 8 query params
if (query.count('%s') == 8):
queryArgs = [latitude,
longitude,
radius,
Const.Views.GetLocalPost.DISTANCEUNIT,
postsToExclude,
clientID,
blockedUsers,
numOfPostsToGet]
else:
queryArgs = [latitude,
longitude,
radius,
Const.Views.GetLocalPost.DISTANCEUNIT,
postsToExclude,
blockedUsers,
numOfPostsToGet]
cursor.execute(query, queryArgs)
results = Utils.FetchallAsNamedTuple(cursor)
return results
def Report(requestData):
TAG = Const.Tags.Urls.MODERATION_REPORT
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.userObject
clientContentId = securityProperties.jsonRequestData[Const.Views.Report.JsonRequestKey.CONTENT_ID]
# check that the content exists in the database
clientContent = QueryManager.GetObjectByID(OnlineContent, clientContentId)
if (not clientContent):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND,
messageCode=Const.DataCollection.MessageCodes.ModerationReport.CONTENT_NOT_FOUND)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND,
Const.DataCollection.MessageCodes.ModerationReport.CONTENT_NOT_FOUND)
# get the content type that the user is reporting
contentType = clientContent.contentType
# check if this user has already tried to create this report
userDupeReports = ReportModel.objects.filter(fromUser=clientUser,
contentID=clientContentId)
# If so, log the hit and return an error to client
if (userDupeReports):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_CONFLICT,
messageCode=Const.DataCollection.MessageCodes.ModerationReport.REPORT_EXISTS)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_CONFLICT,
Const.DataCollection.MessageCodes.ModerationReport.REPORT_EXISTS)
# Create the report
ReportModel.objects.create(fromUser=clientUser,
contentID=Utils.UUIDToBinary(clientContentId),
contentType=contentType)
# Log the hit and return
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.ModerationReport.REQUEST_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.ModerationReport.REQUEST_SUCCESSFUL)
except Exception as e:
# log and return on error
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.ModerationReport.REQUEST_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.ModerationReport.REQUEST_FAILED_SERVER_ERROR)
def _PrintLocalPost(self):
if (self.archived):
lp = QueryManager.GetObjectByID(ArchivedLocalPost, self.contentID)
else:
lp = QueryManager.GetObjectByID(LocalPost, self.contentID)
Utils.PrintStartLine()
print('LOCALPOST (CID ', self.contentID, ')')
print('TimeCreated: ',
Utils.GetPrettyFormatTimestamp(self.content.timeCreated))
print('FromUser: '******'GPS: (', lp.latitude, ' , ', lp.longitude, ')')
print('Text: ', lp.text)
# Gather and print the mod info if the setting is set
if (self.showModInfo):
self._PrintModInfo(self.contentID)
Utils.PrintEndLine()
def _PrintMessage(self):
if (self.archived):
ms = QueryManager.GetObjectByID(ArchivedMessage, self.contentID)
else:
ms = QueryManager.GetObjectByID(Message, self.contentID)
Utils.PrintStartLine()
print('MESSAGE (CID ', self.contentID, ')')
print('TimeCreated: ',
Utils.GetPrettyFormatTimestamp(self.content.timeCreated))
print('FromUser: '******'ToUser: '******'Text: ', ms.text)
# Gather and print the mod info if the setting is set
if (self.showModInfo):
self._PrintModInfo(self.contentID)
Utils.PrintEndLine()
def _PrintThreadReplies(self):
replies = QueryManager.GetThreadReplies(self.contentID)
print('PRINITING REPLIES FOR THEAD (CID ', self.contentID, ')')
for re in replies:
print(
'--------------------------------------------------------------------------------'
)
print('REPLY (CID ', Utils.BinaryToUUID(re.cid.id), ')')
print('TimeCreated: ',
Utils.GetPrettyFormatTimestamp(re.timeCreated))
print('FromUser: '******'OpName: ', re.name)
print('HasImage: ', bool(re.url))
print('Text: ', re.text)
Utils.PrintEndLine()
def _ValidateAnalyticsFeedback(jsonData):
# text is required
text = jsonData[Const.Views.AnalyticsFeedback.JsonRequestKey.TEXT]
# check length of text
if (Utils.StringExceedsMaxLength(text, Const.Database.MaxLengths.Analytics.FEEDBACK)):
return False
return True
def _PrintReply(self):
if (self.archived):
re = QueryManager.GetObjectByID(ArchivedReply, self.contentID)
else:
re = QueryManager.GetObjectByID(Reply, self.contentID)
Utils.PrintStartLine()
print('REPLY (CID ', self.contentID, ')')
print('TimeCreated: ',
Utils.GetPrettyFormatTimestamp(self.content.timeCreated))
print('FromUser: '******'OpName: ', re.name)
print('HasImage: ', bool(re.url))
print('Text: ', re.text)
# Gather and print the mod info if the setting is set
if (self.showModInfo):
self._PrintModInfo()
Utils.PrintEndLine()
def _GetTableDataForReport(self, report):
# Init data
cid = Utils.StipUUIDDashes(report['contentID'])
modActionID = report['modAction_id']
numReports = report['num_reports']
contentType = report['contentType']
timeCreated = ''
fromUser = ''
modActionType = ''
online = False
# Get the mod action from this report group if it exists
try:
modActionType = ModAction.objects.get(pk=modActionID).result
except ObjectDoesNotExist:
pass
# Try to lookup the content from the online table
onlineContent = QueryManager.GetObject(OnlineContent, id=cid)
# If it is there, then use the info from it
if (onlineContent):
online = True
contentType = onlineContent.contentType
timeCreated = Utils.GetPrettyFormatTimestamp(onlineContent.timeCreated)
fromUser = onlineContent.fromUser.id
return [cid, contentType, timeCreated, fromUser, numReports, modActionType, online]
# if the content is not online, then check the archives
# (Only if the --excludeoffline flag is not set)
elif (not self.excludeOffline):
# Try to get the archived content
archivedContent = QueryManager.GetObject(ArchivedContent, pk=cid)
if (archivedContent):
contentType = archivedContent.contentType
timeCreated = Utils.GetPrettyFormatTimestamp(archivedContent.timeCreated)
fromUser = archivedContent.fromUser.id
return [cid, contentType, timeCreated, fromUser, numReports, modActionType, online]
def _BanUser(self):
Utils.PrintStartLine()
print('Creating a new user ban...')
print('Enter the ban length in hours (whole numbers only): ')
# Take the ban length. No partial hours, only whole numbers
banLength = input()
# Check that ban length is good
if (Utils.IsPositiveInt(banLength)):
# Check if this user is currently banned . If so, then exit
if (QueryManager.UserIsBanned(self.user)):
print('This user is currently under a ban already. Please run\
this script on the user to verify')
sys.exit(0)
# Otherwise, confirm and create the ban
else:
print('Are you sure you want to ban user ', self.userID,\
' for ', banLength, ' hours? (y/n)')
response = input()
if (response == 'Y' or response == 'y'):
Ban.objects.create(bannedUser=self.user,
timeBanExpires=int(banLength) * Const.SECONDS_IN_HOUR)
print('Ban created successfully. Please run this script on\
the user to verify')
else:
print('Okay, exiting now')
else:
print('Ban length must be a positive int. Exiting.')
sys.exit(0)
Utils.PrintEndLine()
def handle(self, *args, **options):
numberToDisplay = int(options['num'])
# Get the most recent errors
recentErrors = Error.objects.order_by('-timeCreated')[:numberToDisplay]
Utils.ClearConsole()
errors = DataCollector.ServerErrorsToString(recentErrors)
# Print each one, in reversed list order
# (Console printing stops at the last thing printed)
for error in reversed(errors):
print(error)
def _ValidateUploadLive(jsonData):
# key and arn are required
# text is optional
text = jsonData[Const.Views.UploadThread.JsonRequestKey.THREAD_TEXT]
key = jsonData[Const.Views.UploadThread.JsonRequestKey.THREAD_URL]
arn = jsonData[Const.Views.UploadThread.JsonRequestKey.THREAD_ARN]
# Check that the key exists and is valid
if (not _S3KeyIsValid(key)):
return False
# Check that the arn exists
if (Utils.StringIsEmpty(arn)):
return False
# If the text, or arn exceed max lengths, invalid
if (Utils.StringExceedsMaxLength(text, Const.Database.MaxLengths.Content.THREAD_TEXT) or
Utils.StringExceedsMaxLength(arn, Const.Database.MaxLengths.AWS_ARN)):
return False
#else
return True
def _PrintThread(self):
if (self.archived):
th = QueryManager.GetObjectByID(ArchivedThread, self.contentID)
else:
th = QueryManager.GetObjectByID(Thread, self.contentID)
Utils.PrintStartLine()
print('THREAD (CID ', self.contentID, ')')
print('TimeCreated: ',
Utils.GetPrettyFormatTimestamp(self.content.timeCreated))
print('FromUser: '******'Title: ', th.title)
print('OpName: ', th.name)
print('NumReplies: ', th.replyCount)
print('Text: ', th.text)
# Gather and print the mod info if the setting is set
if (self.showModInfo):
self._PrintModInfo(self.contentID)
Utils.PrintEndLine()
if (self.showFullThread):
self._PrintThreadReplies(self.contentID)
def CreateUser(requestData):
TAG = Const.Tags.Urls.SECURITY_CREATE
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
# Create the new user identity in the db
with transaction.atomic():
newUser = User.objects.create()
newUserID = Utils.BinaryToUUID(newUser.id)
identityID = ''
# Create a new identity on Cognito with the new uuid
# Only when in not in DEBUG. I don't want to get charged ;)
if (not settings.DEBUG):
identityID = AuthManager.CreateNewCognitoIdentity(newUserID)
jsonDict = _CreateUserClientObject(newUserID,
identityID).getOrderedDict()
jsonString = json.dumps(jsonDict)
logger.info(jsonString)
# Update the URL hit and return
DataCollector.UpdateURLHit(
hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.
CODE_OK,
messageCode=Const.DataCollection.MessageCodes.SecurityCreate.
CREATE_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
jsonString, 'application/json')
except Exception as e:
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(
hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.SecurityCreate.
CREATE_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR, Const.DataCollection.MessageCodes.
SecurityCreate.CREATE_FAILED_SERVER_ERROR)
def GetThreadListJsonString():
# get the threads by time created
threads = QueryManager.GetLiveThreadsByTimeLastActive()
# Get the stuff we need from the thread, package and return to the client
clientThreadsToReturn = []
for index, thread in enumerate(threads):
objectToReturn = _GetThreadClientObject(id=Utils.BinaryToUUID(thread.id),
text=thread.text,
time=thread.timeCreated,
key=thread.key,
order=index,
replies=thread.replyCount,
unique=thread.uniquePostersCount,
arn=thread.arn)
clientThreadsToReturn.append(objectToReturn.getOrderedDict())
return json.dumps(clientThreadsToReturn)
def _PrintModInfo(self, contentID):
numReports = Report.objects.filter(
cid=Utils.UUIDToBinary(contentID)).count()
online = False
archived = False
modActionType = ''
if (QueryManager.ContentIsOnline(contentID)):
online = True
if (QueryManager.ContentIsArchived(contentID)):
archived = True
# Get the mod action associated with the piece of content, if there is one
modActionType = QueryManager.GetMostRecentModActionResult(contentID)
print('NumReports: ', numReports)
print('Online: ', online)
print('Archived: ', archived)
print('Most recent mod action: ', 'N/A' if not modActionType else
modActionType) # ternary operator in python ;)
def _SearchUser(self):
Utils.PrintStartLine()
print('ALL CONTENT FOR USER ' , self.userID)
# Get all content posted by this user (archived and online)
onlineContent = OnlineContent.objects.filter(fromUser=self.user)
archivedContent = ArchivedContent.objects.filter(fromUser=self.user)
table = PrettyTable(['CID', 'Type', 'TimeCreated', 'NumReports', 'ModAction' , 'Online'])
for content in onlineContent:
numReports = Report.objects.filter(contentID=).count()
table.add_row([content.id, content.contentType, content.timeCreated,
numReports, modActionType, True])
for contentID in allContentIDs:
online = False
archived = False
# If the content is online, get the content from live db
if (Utils.ContentIsOnline(contentID)):
content = PostableContent.objects.get(pk=contentID)
online = True
# If the content is also archived, set the archived flag
if (Utils.ContentIsArchived(contentID)):
archived = True
# Otherwise, get the content from the archive db
else:
content = ArchivedPostableContent.objects.get(pk=contentID)
archived = True
contentType = content.contentType
timeCreated = Utils.GetPrettyFormatTimestamp(content.timeCreated)
# Get the number of reports
numReports = Report.objects.filter(cid=contentID).count()
modActionType = Utils.GetMostRecentModActionResult(contentID)
print(table)
Utils.PrintEndLine()
def _DisplayUser(self):
currentTime = time.time()
Utils.PrintStartLine()
# Get basic user info
print('USER ', self.userID, 'details')
print('TimeCreated: ', Utils.GetPrettyFormatTimestamp(self.user.timeCreated))
print('TimeLastUsed: ', Utils.GetPrettyFormatTimestamp(self.user.timeLastUsed))
# Look up how many people have blocked this user on local
userLocalBlocks = Block.objects.filter(blockedUser=self.user).count()
print(userLocalBlocks, 'users have blocked this user on local')
# Look up and print all user bans for this user
userBans = Ban.objects.filter(bannedUser=self.user)
if (userBans):
print('Global user bans found:')
for index, ban in enumerate(userBans): # gets the index and the iterator value
# Check if the ban is current
banIsCurrent = False
if (ban.timeExpires > currentTime):
banIsCurrent = True
# output info for each ban
print('Ban ', (index + 1), ':')
print(' Issued on: ', Utils.GetPrettyFormatTimestamp(ban.timeCreated))
print(' Duration (hours): ', ban.banLengthHours)
print(' Expires: ', Utils.GetPrettyFormatTimestamp(ban.timeCreated + (ban.banLengthHours * Const.SECONDS_IN_HOUR)))
if (banIsCurrent):
print(' THIS BAN IS CURRENTLY IN EFFECT')
else:
print('No global bans found (past or current) for this user')
Utils.PrintEndLine()
def UploadMessage(requestData):
TAG = Const.Tags.Urls.UPLOAD_MESSAGE
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.clientUserObject
clientRecipientUserUUID = securityProperties.jsonRequestData[
Const.Views.UploadMessage.JsonRequestKey.TO_USER_ID]
clientMessageText = securityProperties.jsonRequestData[
Const.Views.UploadMessage.JsonRequestKey.TEXT]
clientMessageURL = securityProperties.jsonRequestData[
Const.Views.UploadMessage.JsonRequestKey.URL]
# Find the recipient user in the DB
try:
recipientUser = User.objects.get(
uuid=Utils.ConvertUUIDToBinary(clientRecipientUserUUID))
except ObjectDoesNotExist:
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.ClientError.
CODE_UNPROCESSABLE_ENTITY,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.UploadMessage.
RECIPIENT_NOT_FOUND,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.TO_USER:
Utils.ConvertBinaryToUUID(recipientUser.uuid),
Const.DataCollection.ParamNames.HAS_TEXT:
(not Utils.StringIsEmpty(clientMessageText))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ClientError.
CODE_UNPROCESSABLE_ENTITY, Const.DataCollection.MessageCodes.
UploadMessage.RECIPIENT_NOT_FOUND)
# Save the message in the DB
newMessage = Message(toUser=recipientUser,
fromUser=clientUser,
text=clientMessageText,
url=clientMessageURL,
contentType=Const.Tags.ContentTypes.MESSAGE)
# If there is an exception, roll back this db transaction
with transaction.atomic():
newMessage.save()
# log and return on success
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.UploadMessage.
POST_SUCCESSFUL,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.TO_USER:
Utils.ConvertBinaryToUUID(recipientUser.uuid),
Const.DataCollection.ParamNames.HAS_TEXT:
(not Utils.StringIsEmpty(clientMessageText))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadMessage.POST_SUCCESSFUL)
except Exception as e:
DataCollector.logServerError(e)
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.UploadMessage.
POST_FAILED_SERVER_ERROR,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.TO_USER:
Utils.ConvertBinaryToUUID(recipientUser.uuid),
Const.DataCollection.ParamNames.HAS_TEXT:
(not Utils.StringIsEmpty(clientMessageText))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR, Const.DataCollection.MessageCodes.
UploadMessage.POST_FAILED_SERVER_ERROR)
def GetMessage(requestData):
TAG = Const.Tags.Urls.GET_MESSAGE
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.clientUserObject
# Retrieve all this user's messages from the DB
messages = Message.objects.filter(toUser=clientUser)
clientMessageListToReturn = []
for lm in messages:
clientMessageToReturn = _GetMessageClientObject(
id=lm.id,
time=lm.timeCreated,
fromUserId=str(ConvertBinaryToUUID(lm.fromUser.uuid)),
text=lm.text,
url=lm.url)
clientMessageListToReturn.append(
clientMessageToReturn.getOrderedDict())
jsonString = json.dumps(clientMessageListToReturn)
# Delete all this user's messages from the DB, since we are about to give
# them their messages (this is temporary)
for m in messages:
m.delete()
# log and return on success
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.GetMessage.
REQUEST_SUCCESSFUL,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.NUM_MESSAGES_RECEIVED:
len(list(messages))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
jsonString, 'application/json')
except Exception as e:
DataCollector.logServerError(e)
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.GetMessage.
REQUEST_FAILED_SERVER_ERROR,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.NUM_MESSAGES_RECEIVED:
len(list(messages))
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR, Const.DataCollection.MessageCodes.
GetMessage.REQUEST_FAILED_SERVER_ERROR)
def MakeSecurityErrorHttpResponse(securityProperties):
securityHttpResponse = HttpResponse()
errorsList = securityProperties.errorsList
# Set the appropriate status code, given the security error
# 404
if (Const.DataCollection.MessageCodes.Security.URL_NOT_FOUND
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND
# 401 (unauthorized)
# Session token expired, bad, or missing
# or userID is bad or missing
elif (Const.DataCollection.MessageCodes.Security.NO_CLIENT_ID in errorsList
or Const.DataCollection.MessageCodes.Security.BAD_CLIENT_ID
in errorsList
or Const.DataCollection.MessageCodes.Security.NO_SESSION_TOKEN
in errorsList
or Const.DataCollection.MessageCodes.Security.BAD_SESSION_TOKEN
in errorsList
or Const.DataCollection.MessageCodes.Security.EXPIRED_SESSION
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_UNAUTHORIZED
# User is banned
elif (Const.DataCollection.MessageCodes.Security.BANNED_FROM_SERVICE
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_FORBIDDEN
# Bad request method
elif (Const.DataCollection.MessageCodes.Security.BAD_REQUEST_METHOD
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_METHOD_NOT_ALLOWED
# Bad content-type
elif (Const.DataCollection.MessageCodes.Security.BAD_CONTENT_TYPE
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_UNSUPPORED_CONTENT_TYPE
# Bad request (a client data error)
elif (Const.DataCollection.MessageCodes.Security.MALFORMED_JSON
in errorsList or
Const.DataCollection.MessageCodes.Security.WRONG_NUMBER_JSON_PARAMS
in errorsList
or Const.DataCollection.MessageCodes.Security.INVALID_JSON_PARAMS
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_BAD_REQUEST
# Data validation failure
elif (Const.DataCollection.MessageCodes.Security.DATA_VALIDATION_FAIL
in errorsList):
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_UNPROCESSABLE_ENTITY
# Otherwise, there is a bug
else:
securityHttpResponse.status_code = Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR
# Send the list of security errors, if HTTP response messages are enabled
if (settings.HTTP_RESPONSE_MESSAGES):
securityHttpResponse.content = Utils.ListToCSV(errorsList)
return securityHttpResponse
def GetReply(requestData):
TAG = Const.Tags.Urls.GET_REPLY
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.userObject
clientThreadID = securityProperties.jsonRequestData[
Const.Views.GetReply.JsonRequestKey.THREAD_ID]
# Retrieve the thread and replies from the database
thread = QueryManager.GetObjectByID(Thread, clientThreadID)
threadReplies = Reply.objects.filter(parentThread=thread)
if (not thread):
DataCollector.UpdateURLHit(
hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.
ClientError.CODE_NOT_FOUND,
messageCode=Const.DataCollection.MessageCodes.GetReply.
THREAD_NOT_FOUND)
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ClientError.
CODE_NOT_FOUND,
Const.DataCollection.MessageCodes.GetReply.THREAD_NOT_FOUND)
# Package the thread replies and return
clientReplyListToReturn = []
for reply in threadReplies:
replyClientObject = GetReplyClientObject(text=reply.text,
time=reply.timeCreated,
id=Utils.BinaryToUUID(
reply.id),
key=reply.key)
clientReplyListToReturn.append(replyClientObject.getDict())
jsonString = json.dumps(clientReplyListToReturn)
# log and return on success
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.
ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.
MessageCodes.GetReply.REQUEST_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
jsonString, 'application/json')
except Exception as e:
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(
hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.GetReply.
REQUEST_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR, Const.DataCollection.MessageCodes.
GetReply.REQUEST_FAILED_SERVER_ERROR)
def GetBanInfo(requestData):
TAG = Const.Tags.Urls.SECURITY_GETBANINFO
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.clientUserObject
banLength = ''
banTimeCreated = ''
# Check if the user has any bans
userBan = Ban.objects.filter(
bannedUser=clientUser).order_by('-timeCreated')[:1]
# If there is a ban, check to make sure it is still active
if (userBan):
userBan = userBan[0]
banExpires = userBan.timeCreated + (userBan.banLengthHours *
Const.SECONDS_IN_HOUR)
# If the ban expir. time is past the current time, then the user is
# still currently under a ban
if (banExpires > time.time()):
banTimeCreated = userBan.timeCreated
banLength = userBan.banLengthHours
clientObject = _BanInfoClientObject(
banStartTime=banTimeCreated,
banEndTime=(banTimeCreated + (banLength * Const.SECONDS_IN_HOUR)))
jsonString = json.dumps(clientObject.getOrderedDict())
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.SecurityGetBanInfo.
REQUEST_SUCCESSFUL,
Const.DataCollection.ParamNames.FROM_USER:
Utils.ConvertBinaryToUUID(clientUser.uuid)
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
jsonString, 'application/json')
except Exception as e:
DataCollector.logServerError(e)
DataCollector.logURL(
TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE:
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.ParamNames.MESSAGE_CODE:
Const.DataCollection.MessageCodes.SecurityGetBanInfo.
REQUEST_FAILED_SERVER_ERROR,
Const.DataCollection.ParamNames.NEW_USER:
''
})
return HttpResponseFactory.MakeHttpResponse(
Const.HttpResponseFactory.ResponseCodes.ServerError.
CODE_INTERNAL_SERVER_ERROR, Const.DataCollection.MessageCodes.
SecurityGetBanInfo.REQUEST_FAILED_SERVER_ERROR)
def UploadReply(requestData):
TAG = Const.Tags.Urls.UPLOAD_REPLY
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.userObject
clientSession = securityProperties.userSession
clientThreadID = securityProperties.jsonRequestData[Const.Views.UploadReply.JsonRequestKey.THREAD_ID]
clientReplyText= securityProperties.jsonRequestData[Const.Views.UploadReply.JsonRequestKey.REPLY_TEXT]
clientReplyKey = securityProperties.jsonRequestData[Const.Views.UploadReply.JsonRequestKey.REPLY_URL]
# Moderation - check if this user is posting replies too fast
if (settings.RATE_LIMIT_LIVE and RateLimiter.UserReplyRateLimitExceeded(clientUser.id)):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
messageCode=Const.DataCollection.MessageCodes.UploadReply.RATE_LIMIT_EXCEEDED)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.MessageCodes.UploadReply.RATE_LIMIT_EXCEEDED)
# Find the parent thread to reply to in the DB
threadToReplyTo = QueryManager.GetObjectByID(Thread, clientThreadID)
if (not threadToReplyTo):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND,
messageCode=Const.DataCollection.MessageCodes.UploadReply.THREAD_NOT_FOUND)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_NOT_FOUND,
Const.DataCollection.MessageCodes.UploadReply.THREAD_NOT_FOUND)
# These fields are optional. Make sure that they go into the DB
# as an empty string if they are not present
if (Utils.StringIsEmpty(clientReplyText)):
clientReplyText = ''
if (Utils.StringIsEmpty(clientReplyKey)):
clientReplyKey = ''
# Save the reply in the DB
newReply = Reply.objects.create(fromUser=clientUser,
fromSession=clientSession,
contentType=Const.Tags.ContentTypes.REPLY,
parentThread=threadToReplyTo,
text=clientReplyText,
key=clientReplyKey)
# Broadcast the reply out to this thread's subscribers using GCM
# Create the client reply object
newReplyClientObject = GetReplyClientObject(text=newReply.text,
time=newReply.timeCreated,
id=Utils.BinaryToUUID(newReply.id),
key=newReply.key)
# Turn it into JSON and send it off
googleResponseCode = GCMManager.BroadcastReplyToSubscribers(parentThreadID=clientThreadID,
newReplyJSON=newReplyClientObject.getDict())
# Check the response code from google
# If it is not successful, return and log a warning, but still
# return a 200 code to the client (since the reply saved ok)
if (googleResponseCode != Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK):
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.UploadReply.GCM_BROADCAST_FAILED)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadReply.GCM_BROADCAST_FAILED)
# log and return on success
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
messageCode=Const.DataCollection.MessageCodes.UploadReply.POST_SUCCESSFUL)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadReply.POST_SUCCESSFUL)
except Exception as e:
DataCollector.logServerError(e)
DataCollector.UpdateURLHit(hitID=securityProperties.hitID,
responseCode=Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
messageCode=Const.DataCollection.MessageCodes.UploadReply.POST_FAILED_SERVER_ERROR)
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.UploadReply.POST_FAILED_SERVER_ERROR)
def UploadLocalPost(requestData):
TAG = Const.Tags.Urls.UPLOAD_LOCAL
securityProperties = RunThroughSecurityLayer(TAG, requestData)
if (not securityProperties.isSecure):
return securityProperties.httpResponse
try:
clientUser = securityProperties.clientUserObject
clientLatitude = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.LATITUDE]
clientLongitude = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.LONGITUDE]
clientPostText = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.TEXT]
clientPostURL = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.URL]
clientARN = securityProperties.jsonRequestData[Const.Views.UploadLocalPost.JsonRequestKey.ARN]
# Moderation - check if this user is posting too fast
if (settings.RATE_LIMIT_LOCAL and _UserLocalRateLimitExceeded(clientUser.id)):
DataCollector.logURL(TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE: Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.ParamNames.MESSAGE_CODE: Const.DataCollection.MessageCodes.UploadLocal.RATE_LIMIT_EXCEEDED,
Const.DataCollection.ParamNames.FROM_USER: Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.LATITUDE: clientLatitude,
Const.DataCollection.ParamNames.LONGITUDE: clientLongitude,
Const.DataCollection.ParamNames.HAS_TEXT: (not Utils.StringIsEmpty(clientPostText)) })
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ClientError.CODE_TOO_MANY_REQUESTS,
Const.DataCollection.MessageCodes.UploadLocal.RATE_LIMIT_EXCEEDED)
# Creating a localPost and saving it in the DB
# Create a new LocalPost and populate the fields from the Json
newPost = LocalPost(fromUser=clientUser,
latitude=clientLatitude,
longitude=clientLongitude,
text=clientPostText,
url=clientPostURL,
contentType=Const.Tags.ContentTypes.LOCALPOST,
arn=clientARN)
# If there is an exception, roll back this db transaction
# Save the post in the database
with transaction.atomic():
newPost.save()
# log and return on success
DataCollector.logURL(TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE: Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.ParamNames.MESSAGE_CODE: Const.DataCollection.MessageCodes.UploadLocal.POST_SUCCESSFUL,
Const.DataCollection.ParamNames.FROM_USER: Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.LATITUDE: clientLatitude,
Const.DataCollection.ParamNames.LONGITUDE: clientLongitude,
Const.DataCollection.ParamNames.HAS_TEXT: (not Utils.StringIsEmpty(clientPostText)) })
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.Success.CODE_OK,
Const.DataCollection.MessageCodes.UploadLocal.POST_SUCCESSFUL)
except Exception as e:
# log and return on error
DataCollector.logServerError(e)
DataCollector.logURL(TAG, {
Const.DataCollection.ParamNames.RESPONSE_CODE: Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.ParamNames.MESSAGE_CODE: Const.DataCollection.MessageCodes.UploadLocal.POST_FAILED_SERVER_ERROR,
Const.DataCollection.ParamNames.FROM_USER: Utils.ConvertBinaryToUUID(clientUser.uuid),
Const.DataCollection.ParamNames.LATITUDE: clientLatitude,
Const.DataCollection.ParamNames.LONGITUDE: clientLongitude,
Const.DataCollection.ParamNames.HAS_TEXT: (not Utils.StringIsEmpty(clientPostText)) })
return HttpResponseFactory.MakeHttpResponse(Const.HttpResponseFactory.ResponseCodes.ServerError.CODE_INTERNAL_SERVER_ERROR,
Const.DataCollection.MessageCodes.UploadLocal.POST_FAILED_SERVER_ERROR)