def get(self, mode=''):
if mode == 'login':
if 'allowed' in self.request.cookies and \
self.request.cookies['allowed'].count('_'):
_twitter_id, _login_hash = \
self.request.cookies['allowed'].split('_', 1)
user_info = UserInfo.all().filter('twitter_id =',
_twitter_id).get()
if user_info and _sha512(user_info.acc_key) == _login_hash:
self.session = Session()
self.session['twitter_id'] = _twitter_id
return self.redirect('/home')
auth = _oauth_handler()
auth_url = auth.get_authorization_url()
memcache.set(auth.request_token.key, auth.request_token.secret,
3600)
return self.redirect(auth_url)
elif mode == 'verify':
auth = _oauth_handler()
ver = self.request.get('oauth_verifier')
req_key = self.request.get('oauth_token')
req_sec = memcache.get(req_key)
auth.set_request_token(req_key, req_sec)
acc_token = auth.get_access_token(ver)
api = tweepy.API(auth_handler=auth)
me = api.me()
if not UserInfo.all().filter('twitter_id =', str(me.id)).get():
user_info = UserInfo(twitter_id=str(me.id),
screen_name=me.screen_name,
name=me.name,
image=me.profile_image_url,
acc_key=acc_token.key,
acc_sec=acc_token.secret)
user_info.put()
self.session = Session()
self.session.delete_item('twitter_id')
self.session['twitter_id'] = str(me.id)
c = SimpleCookie()
c['allowed'] = '%d_%s' % (me.id, _sha512(acc_token.key))
c['allowed']['path'] = '/auth'
c['allowed']['expires'] = 86400 * 10
self.response.headers.add_header('Set-Cookie', c.output(header=''))
return self.redirect('/home')
elif mode == 'logout':
user_info = _login_user(self)
if user_info:
self.session = Session()
self.session.delete_item('twitter_id')
return self.redirect('/')
def post(self):
session = Session()
greeting = db.get(self.request.get("key"))
tweets = Tweet.gql("WHERE img = :1 ", str(self.request.get("key")))
db.delete(greeting)
db.delete(tweets)
self.redirect('/main')
def post(self):
try:
domain = self.request.get('domain')
task_id = int(self.request.get('id'))
assignee = self.request.get('assignee')
except (TypeError, ValueError):
self.error(403)
logging.error("Invalid input")
return
user = api.get_and_validate_user(domain)
if not user:
self.error(403)
return
assignee = User.get_by_key_name(assignee)
if not assignee:
self.error(403)
logging.error("No assignee")
return
task = api.assign_task(domain, task_id, user, assignee)
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
add_message(
session,
"Task '%s' assigned to '%s'" % (task.title(), assignee.name))
self.redirect('/d/%s/' % domain)
def post(self):
try:
domain = self.request.get('domain')
description = self.request.get('description')
parent_identifier = self.request.get('parent', "")
if not description:
raise ValueError("Empty description")
# The checkbox will return 'on' if checked and None
# otherwise.
self_assign = bool(self.request.get('assign_to_self'))
except (TypeError, ValueError):
self.error(400)
return
user = api.get_and_validate_user(domain)
if not user:
self.error(401)
return
self.session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
assignee = user if self_assign else None
if not parent_identifier:
parent_identifier = None
task = api.create_task(domain,
user,
description,
assignee=assignee,
parent_task=parent_identifier)
add_message(self.session, "Task '%s' created" % task.title())
if parent_identifier:
self.redirect('/d/%s/task/%s' % (domain, parent_identifier))
else:
self.redirect('/d/%s/' % domain)
def get(self, domain_identifier, task_identifier):
task = api.get_task(domain_identifier, task_identifier)
if not task:
self.error(404)
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
user = api.get_user()
domain = api.get_domain(domain_identifier)
subtasks = api.get_all_subtasks(domain_identifier, task)
parent_task = task.parent_task
parent_identifier = parent_task.identifier() if parent_task else ""
parent_title = parent_task.title() if parent_task else ""
template_values = {
'domain_name': domain.name,
'domain_identifier': domain_identifier,
'user_name': user.name,
'user_identifier': user.identifier(),
'messages': get_and_delete_messages(session),
'task_title': task.title(),
'task_description': task.description_body(),
'task_assignee': assignee_description(task),
'task_identifier': task.identifier(),
'task_can_assign_to_self': api.can_assign_to_self(task, user),
'subtasks': _task_template_values(subtasks, user),
'parent_identifier': parent_identifier,
'parent_title': parent_title,
}
path = os.path.join(os.path.dirname(__file__),
'templates/taskdetail.html')
self.response.out.write(template.render(path, template_values))
def _view(request, *args, **kwargs):
# get the session and check for a user, fail if it doesn't exist
if Session().get("user") is None:
# failed request
return _json_unauthorized_response()
# return the original API call through
return view_func(request, *args, **kwargs)
def post(self):
try:
domain_identifier = self.request.get('domain')
task_identifier = self.request.get('task_id')
except (TypeError, ValueError):
self.error(400)
return
user = api.get_and_validate_user(domain_identifier)
if not user:
self.error(401)
return
self.session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
try:
description = self.request.get('description')
task = api.change_task_description(domain_identifier,
task_identifier, description,
user)
except ValueError:
self.error(403)
self.response.out.write("Error while editing task: %s" % error)
return
add_message(self.session, "Task '%s' edited" % task.title())
self.redirect('/d/%s/task/%s' % (domain_identifier, task_identifier))
def get(self, domain_identifier, task_identifier):
task = api.get_task(domain_identifier, task_identifier)
user = api.get_and_validate_user(domain_identifier)
view = self.request.get('view', 'all')
if not task or not user:
self.error(404)
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
user = api.get_logged_in_user()
domain = api.get_domain(domain_identifier)
if view == 'yours':
subtasks = api.get_assigned_tasks(domain_identifier,
user,
root_task=task,
limit=200)
subtasks_heading = "Subtasks of '%s' Assigned to You" % task.title(
)
no_subtasks_description = "No subtasks are assigned to you."
elif view == 'open':
subtasks = api.get_open_tasks(domain_identifier,
root_task=task,
limit=200)
subtasks_heading = "Open Subtasks of '%s'" % task.title()
no_subtasks_description = "No open subtasks for this task."
else: # view == 'all' or None
view = 'all'
user_id = user.identifier()
subtasks = api.get_all_direct_subtasks(domain_identifier,
root_task=task,
limit=200,
user_identifier=user_id)
subtasks_heading = "All Subtasks of '%s'" % task.title()
no_subtasks_description = "No subtasks for this task."
parent_task = task.parent_task
parent_identifier = parent_task.identifier() if parent_task else ""
parent_title = parent_task.title() if parent_task else ""
template_values = {
'domain_name': domain.name,
'domain_identifier': domain_identifier,
'view_mode': view,
'user_name': user.name,
'user_identifier': user.identifier(),
'messages': get_and_delete_messages(session),
'task_title': task.title(),
'task_description': task.description_body(),
'task_assignee': task.assignee_description(),
'task_identifier': task.identifier(),
'task_has_subtasks': not task.atomic(),
'task_can_assign_to_self': api.can_assign_to_self(task, user),
'task_can_edit': api.can_edit_task(domain, task, user),
'subtasks': _task_template_values(subtasks, user),
'parent_identifier': parent_identifier,
'parent_title': parent_title,
'subtasks_heading': subtasks_heading,
'no_subtasks_description': no_subtasks_description,
}
self.response.out.write(
render_template('templates/taskdetail.html', template_values))
def get(self):
session = Session()
greeting = db.get(self.request.get("img_id"))
if greeting.avatar:
self.response.headers['Content-Type'] = "image/png"
self.response.out.write(greeting.avatar)
else:
self.response.out.write("No image")
def get(self):
session = Session()
session["name"] = "no name"
session["tag"] = ""
session["pass"] = ""
path = os.path.join(os.path.dirname(__file__), 'index.html')
template_value = {}
self.response.out.write(template.render(path, template_value))
def get_session():
secure, httponly = False, True
if DEV:
secure = False
session = Session(cookie_name='andrewtrusty.appspot',
secure=secure,
httponly=httponly)
return session
def post(self):
session = Session()
room = Room.get_or_insert(session["tag"])
room.isPass = not room.isPass
if not room.isPass:
room.password = self.request.get("pass")
session["pass"] = room.password
room.put()
self.redirect('/main')
def post(self):
session = Session()
if len(self.request.get("tag")) > 0:
session["tag"] = self.request.get("tag")
if len(self.request.get("name")) > 0:
session["name"] = self.request.get("name")
room = Room.get_or_insert(session["tag"])
room.put()
self.redirect('/main')
def getLoggedInUser(self):
mySession = Session() # user is stored in Session variable if logged in
if 'username' in mySession:
user = mySession['username']
if user > ' ':
#self.response.out.write("User="******"<BR>")
return user
else:
return None
else:
return None
def loggedin(self):
mySession = Session() # user is stored in Session variable if logged in
if 'username' in mySession:
user = mySession['username']
if user:
#self.response.out.write("User="******"<BR>")
return user
log = CumulusLog()
log.category = "Debug"
log.message = "No User in Session, redirecting to /login page"
log.put()
self.redirect("/login")
def GetGDocsAuthenticatedClientForCurrentUser():
"""
Logon to Google with the user currently logged on to Cumulus.
See more detailed programming/API comments in GetGDocsAuthenticatedClient.
"""
providerName = "GoogleAppAccount"
mySession = Session()
if not 'subscriberkey' in mySession:
raise ("no subscriberkey in Session")
subscriberkey = mySession['subscriberkey']
subscriber = Subscriber.get(subscriberkey)
if not subscriber:
raise ("Subscriber not found with subscriberkey=" + str(subscriberkey))
query = Provider.gql("where name = :1 ", providerName)
LIMIT = 1
providerList = query.fetch(LIMIT)
if len(providerList) > 0:
provider = providerList[0]
else:
raise Exception("Provider not found with providerName= " +
providerName)
query = SubscriberProviderCredentials.gql(
"where subscriber = :1 and provider = :2 ", subscriber, provider)
LIMIT = 1
credentialsList = query.fetch(LIMIT)
if len(credentialsList) > 0:
credentials = credentialsList[0]
else:
raise Exception("No credentials found for provider=" + providerName +
" and subscriber = " + subscriber.firstname + " " +
subscriber.lastname)
# Tell the client that we are running in single user mode, and it should not
# automatically try to associate the token with the current user then store
# it in the datastore.
client = gdata.docs.service.DocsService()
gdata.alt.appengine.run_on_appengine(client,
store_tokens=False,
single_user_mode=True)
objKeyValuePair = KeyValuePair()
#userid = subscriber.googleAppsUserid
#password = subscriber.googleAppsPassword
client.email = credentials.userid
client.password = credentials.password
client.service = 'writely' #for Google Docs (include spreadsheets?)
client.accountType = "HOSTED"
client.ClientLogin(client.email, client.password)
return client
def get(self):
from appengine_utilities.sessions import Session
import uuid
session = Session()
session['kkk'] = str(uuid.uuid4())
Session.delete_all_sessions()
msg = ''
memcache.flush_all()
self.response.headers['content-type'] = 'text/plain'
self.response.out.write('deleteSession memcache.flush_all ok. %s' %
msg)
def post(self):
session = Session()
tweet = Tweet()
tweet.img = str(self.request.get("key"))
tweet.content = self.request.get("comment")
tweet.author = session["name"]
tweet.put()
greeting = db.get(self.request.get("key"))
greeting.modify = datetime.datetime.now()
greeting.put()
self.redirect('/main')
def post(self):
session = Session()
greetings = Greeting.gql("WHERE tag = :1", tag)
for greeting in greetings:
greeting.tag = self.request.get("newtag")
greeting.put()
room = Room.get_or_insert(session["tag"])
db.delete(room)
newroom = Room.get_or_insert(self.request.get("newtag"))
newroom.put()
session["tag"] = self.request.get("newtag")
self.redirect('/main')
def SessionCheck():
return True
sess = Session()
if (not sess.get(keyname='user')):
return False
fname = sess['fname']
lname = sess['lname']
if (not (fname == 'Roger')):
return False
return True
def auth(request):
"""
API Method - /auth
If credentials are correct a new session is created for this
user which authorizes them to use protected API methods.
@method POST
@param email: user's email address
@param password: user's password
@returns stock JSON response
"""
# required parameters
email = request.POST.get("email")
password = request.POST.get("password")
# hash the password
password = _hash_password(password)
# Look up a User object that matches the email/password
users = User.all()
users \
.filter("email =", email) \
.filter("password ="******"Email or password is invalid.")
# Somehow more than one client with the same user/password have
# been created, which should never happen. Error out here.
if users.count() > 1:
return _json_response(
details=None,
success=False,
msg="Internal security error. Contact an administrator")
# Pull the User from the datastore
user = users.get()
# Build a new session object and store the user
session = Session()
session["user"] = user
# return stock JSON with user details
return _json_response(user=user.to_json())
def post(self):
"""Handels the get request for the MainHandler.
Retrieves a list of all of the domain's users and sends it
to the Client as a JSON object.
"""
users_list = []
session = Session()
domain = session['domain']
client = AppsClient(domain=domain)
client.auth_token = self.Get2loToken()
client.ssl = True
feed = client.RetrieveAllUsers()
for entry in feed.entry:
users_list.append(entry.login.user_name)
self.response.out.write(json.dumps(users_list))
def logout(request):
"""
API Method - /logout
Destroys the active user's session object. Any further use of
protected API methods will require a new session via the auth
API.
@method GET
@returns stock JSON response
"""
# delete session and return stock JSON response with a msg
# indicating the user has logged out
session = Session()
session.delete()
return _json_response(msg="User has been logged out.")
def post(self):
try:
domain_id = self.request.get('domain')
title = self.request.get('title')
except (TypeError, ValueError):
self.error(403)
return
user = api.get_user()
domain = api.create_domain(domain_id, title, user)
if not domain:
self.response.out.write("Could not create domain")
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
add_message(session, "Created domain '%s'" % domain.key().name())
self.redirect('/d/%s/' % domain.key().name())
def get(self, domain_identifier):
user = api.get_and_validate_user(domain_identifier)
if not user:
self.error(404) # hides domain identifiers
return
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
view = self.request.get('view', 'all')
domain = api.get_domain(domain_identifier)
if view == 'yours':
tasks = api.get_assigned_tasks(domain_identifier,
user,
root_task=None,
limit=200)
no_tasks_message = "You do not have any unfinished tasks"
tasks_heading = "Your Tasks"
elif view == 'open':
tasks = api.get_open_tasks(domain_identifier,
root_task=None,
limit=200)
no_tasks_message = "No open subtasks in this domain"
tasks_heading = "Open Tasks"
else: # view == 'all' or None
view = 'all'
user_id = user.identifier()
tasks = api.get_all_direct_subtasks(domain_identifier,
root_task=None,
limit=200,
user_identifier=user_id)
tasks_heading = "All Tasks"
no_tasks_message = "No tasks are created in this domain"
template_values = {
'domain_name': domain.name,
'domain_identifier': domain_identifier,
'user_name': user.name,
'user_identifier': user.identifier(),
'messages': get_and_delete_messages(session),
'tasks': _task_template_values(tasks, user),
'tasks_heading': tasks_heading,
'no_tasks_message': no_tasks_message,
'view_mode': view,
}
self.response.out.write(
render_template('templates/overview.html', template_values))
def get(self):
user = api.get_user()
domains = api.get_all_domains_for_user(user)
session = Session(writer='cookie',
wsgiref_headers=self.response.headers)
template_values = {
'username':
user.name,
'domains': [{
'identifier': domain.identifier(),
'name': domain.name
} for domain in domains],
'messages':
get_and_delete_messages(session),
}
path = os.path.join(os.path.dirname(__file__),
'templates/landing.html')
self.response.out.write(template.render(path, template_values))
def post(self):
session = Session()
greetings = Greeting.gql("WHERE author = :1", self.request.get("name"))
tags = set([])
for greeting in greetings:
tags |= set([greeting.tag])
chars = []
length = []
for t in tags:
chars.append(t[:2])
length.append("x" * (len(t) - 2))
lists = zip(chars, length)
template_value = {
'name': self.request.get("name"),
'lists': lists,
}
path = os.path.join(os.path.dirname(__file__), 'forgot.html')
self.response.out.write(template.render(path, template_value))
def get(self):
session = Session()
if 'tag' in session:
pass
else:
self.response.out.write(
"<font color='ff0000'> Enter Any Tag. </font>")
self.redirect("/")
room = Room.get_by_key_name(session["tag"])
if room.isPass == False and session["pass"] != room.password:
self.response.out.write(
"""Password: <form action='/check' method='post'><textarea name='pass' rows='1' cols='10'></textarea><input type='submit' value='submit'></form>"""
)
else:
isPass = room.isPass
greetings = Greeting.gql("WHERE tag = :1 ORDER BY date DESC",
session["tag"])
tweets_list = []
for greeting in greetings:
temps = Tweet.gql("WHERE img = :1 ORDER BY date ASC",
str(greeting.key()))
tweets_list.append(temps)
lists = zip(greetings, tweets_list)
names = set([])
for greeting in greetings:
names |= set([greeting.author])
members = list(names)
members.sort()
template_value = {
'tag': session["tag"],
'name': session["name"],
'members': members,
'lists': lists,
'isPass': isPass,
}
path = os.path.join(os.path.dirname(__file__), 'main.html')
self.response.out.write(template.render(path, template_value))
def post(self):
"""Fetches a request token and redirects the user to the approval page."""
self.session = Session()
if users.get_current_user():
# 1.) REQUEST TOKEN STEP. Provide the data scope(s) and the page we'll
# be redirected back to after the user grants access on the approval page.
req_token = gdocs.FetchOAuthRequestToken(
scopes=SETTINGS['SCOPES'], oauth_callback=self.request.uri)
# Generate the URL to redirect the user to. Add the hd paramter for a
# better user experience. Leaving it off will give the user the choice
# of what account (Google vs. Google Apps) to login with.
domain = self.request.get('domain', default_value='default')
approval_page_url = gdocs.GenerateOAuthAuthorizationURL(
extra_params={'hd': domain})
# 2.) APPROVAL STEP. Redirect to user to Google's OAuth approval page.
self.redirect(approval_page_url)
def get(self, username):
"""Handels the get request for the UserDetailsHandler.
Sends groups, organization unit and nicknames for the user
in a JSON object.
Args:
username: A string denoting the user's username.
"""
session = Session()
domain = session['domain']
if not domain:
self.redirect('/')
details = {}
details['groups'] = self.GetGroups(domain, username)
details['orgunit'] = self.GetOrgunit(domain, username)
details['nicknames'] = self.GetNicknames(domain, username)
data = json.dumps(details)
logging.debug('Sending data...')
logging.debug(data)
self.response.out.write(data)
logging.debug('Data sent successfully')
