示例#1
0
def album_api(album_id):
    album = extensions.get_album(album_id)
    if album == None:
        return send_404()
    response = {}
    picLis = []
    if request.method == 'GET':
        for photo in album.get_picList():
            thisPic = {}
            thisPic['albumid'] = photo.get_albumID()
            thisPic['caption'] = photo.get_caption()
            thisPic['format'] = photo.get_format()
            thisPic['next'] = photo.get_nextID()
            thisPic['picid'] = photo.get_picid()
            thisPic['prev'] = photo.get_prevID()
            picLis.append(thisPic)
        if album.is_private() == True:
            if 'username' not in session:
                return send_401()
            if session['username'] != album.get_username():
                return send_403()
            response['access'] = 'private'
        else:
            response['access'] = 'public'
        response['albumid'] = album.get_id()
        response['created'] = str(album.get_created())
        response['lastupdated'] = str(album.get_lastUpdated())
        response['pics'] = picLis
        response['title'] = album.get_title()
        response['username'] = album.get_username()
    #elif request.method == 'POST':
    #	req = request.get_json(force=True)
    #	#not sure what to do with retrived data
    return jsonify(response), 200
示例#2
0
文件: index.py 项目: dkinol/SEdemo
def logout_api():
	if 'username' not in session:
		return send_401()
	session.pop('username', None)
	session.pop('firstname', None)
	session.pop('lastname', None)
	return ('', 204)
示例#3
0
def pic_api(pic):
    errors = []
    print "got to route"
    if request.method == 'PUT':
        req = request.get_json(force=True)
        if ('albumid' not in req) or ('caption' not in req) or (
                'format' not in req) or ('next' not in req) or (
                    'picid' not in req) or ('prev' not in req):
            errors.append("You did not provide the necessary fields")
            return jsonify(generate_error_response(errors)), 422
        photo = extensions.get_photo(pic)
        if photo == None:
            return send_404()
        if 'username' not in session:
            return send_401()
        if session['username'] != photo.get_username_owner():
            return send_403()
        if req['albumid'] != photo.get_albumID(
        ) or req['format'] != photo.get_format(
        ) or req['next'] != photo.get_nextID(
        ) or req['picid'] != photo.get_picid(
        ) or req['prev'] != photo.get_prevID():
            errors.append("You can only update caption")
            return jsonify(generate_error_response(errors)), 403
        pic = req['picid']
        if photo.get_username_owner() == session['username']:
            extensions.update_photo_caption(pic, req['caption'])
    if pic != '':
        response = {}
        photo = extensions.get_photo(pic)
        if photo == None:
            return send_404()
        response['albumid'] = photo.get_albumID()
        response['caption'] = photo.get_caption()
        response['format'] = photo.get_format()
        response['next'] = photo.get_nextID()
        response['picid'] = pic
        response['prev'] = photo.get_prevID()
        if photo.is_private():
            if 'username' not in session:
                return send_401()
            elif photo.has_access(session['username']):
                return jsonify(response)
            else:
                return send_403()
        return jsonify(response), 200
示例#4
0
def user_api():
    username = ''
    print 'got to func'
    print 'got hereereee'
    if request.method == 'POST':
        req = request.get_json(force=True)
        errors = []
        if ('username' not in req) or ('firstname' not in req) or (
                'lastname' not in req) or ('email' not in req) or (
                    'password1' not in req) or ('password2' not in req):
            errors.append('You did not provide the necessary fields')
            return jsonify(generate_error_response(errors)), 422
        if (req['username'] == '') or (req['email'] == '') or (
                req['password1'] == '') or (req['password2'] == ''):
            errors.append('You did not provide the necessary fields')
            return jsonify(generate_error_response(errors)), 422
        if req['password1'] != req['password2']:
            errors.append('Passwords do not match')
        user = User(req['username'], req['firstname'], req['lastname'],
                    req['password1'], req['email'])
        errors = errors + user.validate()
        temp_user = extensions.get_user(req['username'])
        if temp_user != None:
            errors.append('This username is taken')
        if errors != []:
            return jsonify(generate_error_response(errors)), 422
        user.create_salt()
        user.hash_pass()
        extensions.add_user(user)
        username = req['username']
        if username == '':
            if 'username' not in session:
                return send_401()
        return get_api_user_helper(username)
    print "GOT HERE"
    if 'username' not in session:
        return send_401()
    username = session['username']
    return get_api_user_helper(username)
示例#5
0
def user_edit_api():
    if 'username' not in session:
        return send_401()
    req = request.get_json(force=True)
    username = session['username']
    this_user = extensions.get_user(username)
    if (req['username'] != this_user.get_username()):
        return send_403()
    if ('username' not in req) or ('firstname' not in req) or (
            'lastname' not in req) or ('email' not in req) or (
                'password1' not in req) or ('password2' not in req):
        errors.append('You did not provide the necessary fields')
        return jsonify(generate_error_response(errors)), 422
    if (req['username'] == '') or (req['email'] == ''):
        errors.append('You did not provide the necessary fields')
        return jsonify(generate_error_response(errors)), 422
    errors = []
    if req['password1'] != req['password2']:
        errors.append('Passwords do not match')
    this_user.set_firstname(req['firstname'])
    this_user.set_lastname(req['lastname'])
    this_user.set_email(req['email'])
    if req['password1'] != '' and req['password2'] != '':
        print 'CHANGED PASSWORD'
        this_user.set_password(req['password1'])
    errors = errors + this_user.validate()
    if errors != []:
        return jsonify(generate_error_response(errors)), 422
    elif req['password1'] != '':
        this_user.create_salt()
        this_user.hash_pass()
    extensions.update_user(this_user)
    print 'will return now'
    session['firstname'] = this_user.get_firstname()
    session['lastname'] = this_user.get_lastname()
    return user_api()