def get(self):
user = database.users.get_current_user()
if user:
searches = db.GqlQuery("SELECT * FROM Search WHERE created_by_id = :1", user.user_id())
database.render_template(self, 'items/old_searches.html', {'searches': searches})
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
if user and database.get_current_li() and database.get_current_li().is_admin:
token = database.get_current_li().create_xsrf_token()
test_data = database.db.GqlQuery("SELECT * FROM IsTestDataLoaded").get()
if not test_data:
test_data = database.IsTestDataLoaded(test_data_loaded=False)
test_data.put()
is_test_data_loaded = test_data.is_test_data_loaded
activated_users = database.db.GqlQuery(
"SELECT * FROM LoginInformation WHERE is_admin = :1 AND is_active = :2 ORDER BY nickname", False, True
)
deactivated_users = database.db.GqlQuery(
"SELECT * FROM LoginInformation WHERE is_admin = :1 AND is_active = :2 ORDER BY nickname", False, False
)
database.render_template(
self,
"/admin/index.html",
{
"activated_users": activated_users,
"deactivated_users": deactivated_users,
"is_test_data_loaded": is_test_data_loaded,
"xsrf_token": token,
},
)
else:
self.redirect("/")
def get(self):
if database.users.get_current_user():
token = database.get_current_li().create_xsrf_token()
database.logging.info("li id: " + str(database.get_current_li().key().id()))
database.render_template(self, 'items/new_item.html', {"xsrf_token" : token})
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
if user and database.get_current_li() and database.get_current_li().is_admin:
token = database.get_current_li().create_xsrf_token()
partners = database.db.GqlQuery("SELECT * FROM TrustedPartner")
database.render_template(self, "/admin/partners.html", {"partners": partners, "xsrf_token": token})
else:
self.redirect("/")
def get(self):
user = database.users.get_current_user()
if user:
li = database.get_current_li()
token = li.create_xsrf_token()
database.render_template(self, '/users/index.html', {'li': li, 'xsrf_token' : token, 'partners': database.TrustedPartner.all()})
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
current_li = database.get_current_li()
if user and current_li:
token = database.get_current_li().create_xsrf_token()
items = db.GqlQuery("SELECT * FROM Item WHERE created_by_id = :1 ORDER BY created_at DESC", user.user_id())
database.render_template(self, 'items/my_items.html', {'items': items, 'xsrf_token' : token})
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
if user:
feedback = database.db.GqlQuery("SELECT * FROM UserFeedback WHERE for_user_id = :1", cgi.escape(self.request.get('user_id')))
li = db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id = :1", cgi.escape(self.request.get('user_id'))).get()
token = database.get_current_li().create_xsrf_token();
back_url = self.request.referer
database.render_template(self, '/users/list_user_feedback.html', {'feedback': feedback, 'li': li, 'back_url': back_url, 'xsrf_token' : token })
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
current_li = database.get_current_li()
if user and current_li:
token = current_li.create_xsrf_token()
items = db.GqlQuery("SELECT * FROM Item WHERE expiration_date >= :1 AND is_active = :2 AND deactivated = :3", database.datetime.date.today(), True, False)
bad_code = ",".join(["{id:\""+str(item.key().id())+"\", name: \""+item.title+"\"}" for item in items])
database.render_template(self, '/items/new_collection.html', {'list': bad_code, 'xsrf_token' : token})
else:
self.redirect('/')
def get(self):
token = ""
if database.get_current_li() and database.get_current_li().is_admin:
token = database.get_current_li().create_xsrf_token()
items = database.db.GqlQuery("SELECT * FROM Item")
else:
items = database.db.GqlQuery("SELECT * FROM Item WHERE expiration_date >= :1 AND is_active = :2 AND deactivated = :3", database.datetime.date.today(), True, False)
trusted_partners = database.TrustedPartner.all()
database.render_template(self, 'items/index.html', {'items': items, 'xsrf_token' : token, "partners" : trusted_partners })
def get(self):
user = database.users.get_current_user()
current_li = database.get_current_li()
if user and current_li and current_li.is_admin:
token = current_li.create_xsrf_token()
partner = database.db.get(
db.Key.from_path("TrustedPartner", int(cgi.escape(self.request.get("partner_id"))))
)
database.render_template(self, "/admin/edit_partner.html", {"partner": partner, "xsrf_token": token})
else:
self.redirect("/")
def get(self):
user = database.users.get_current_user()
current_li = database.get_current_li()
if user and current_li:
item = db.get(db.Key.from_path('Item', int(cgi.escape(self.request.get('item_id')))))
if item.created_by_id == current_li.user_id:
token = database.get_current_li().create_xsrf_token()
database.render_template(self, 'items/edit_item.html', {'item': item, 'xsrf_token' : token})
else:
self.redirect('/')
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
current_li = database.get_current_li()
collection = db.get(db.Key.from_path('ItemCollection', int(cgi.escape(self.request.get('collection_id')))))
if user and current_li and collection.created_by_id == user.user_id():
if len(collection.get_items()) > 0:
database.render_template(self, '/items/view_collection.html', {'items': collection.get_items()})
else:
db.delete(collection)
self.redirect(self.request.referer)
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
li = database.get_current_li()
if user and li:
items = database.db.GqlQuery("SELECT * FROM Item WHERE created_by_id = :1", user.user_id())
sent_threads = database.db.GqlQuery("SELECT * FROM Thread WHERE created_by_id = :1", user.user_id())
recv_threads = database.db.GqlQuery("SELECT * FROM Thread WHERE recipient_id = :1", user.user_id())
template_values = {'items': items, 'sent_threads': sent_threads, 'recv_threads': recv_threads}
self.response.headers['Content-Type'] = 'text/plain'
database.render_template(self, "/users/export_data.txt", template_values)
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
if user:
lis = db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id != :1", user.user_id())
token = database.get_current_li().create_xsrf_token()
item = None
if self.request.get("about"):
item = db.get(db.Key.from_path('Item', (int(cgi.escape(self.request.get('about'))))))
bad_code = ",".join(["{id:\""+str(li.user_id)+"\", name: \""+li.get_display_name()+"\"}" for li in lis if li.get_display_name()])
database.render_template(self, 'threads/new_thread.html', {'item': item, 'lis': lis, 'list':bad_code, 'xsrf_token' : token})
else:
self.redirect('/')
def get(self):
current_li = database.get_current_li();
if self.request.get('user_id'):
user_id = cgi.escape(self.request.get('user_id'))
else:
user_id = current_li.user_id
li = db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id = :1", user_id).get()
token = ""
if current_li:
token = database.get_current_li().create_xsrf_token();
can_show = li.private == False or (current_li and li.user_id == current_li.user_id)
items = db.GqlQuery("SELECT * FROM Item WHERE created_by_id = :1 ORDER BY created_at DESC", li.user_id)
collections = db.GqlQuery("SELECT * FROM ItemCollection WHERE created_by_id = :1 ORDER BY created_at DESC", li.user_id)
database.render_template(self, '/users/shop.html', { 'li' : li, 'can_show' : can_show, 'items' : items, 'collections': collections, 'xsrf_token' : token })
def get(self):
current_li = database.get_current_li()
item = db.get(db.Key.from_path('Item', int(self.request.get('item_id'))))
li = db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id = :1", item.created_by_id).get()
token = ""
if database.users.get_current_user():
token = database.get_current_li().create_xsrf_token()
feedback = db.GqlQuery("SELECT * FROM ItemFeedback WHERE item_id = :1 ORDER BY created_at DESC", str(item.key().id()))
buyer = database.get_user(item.highest_bid_id)
rating = None
if current_li:
f = database.db.GqlQuery("SELECT * FROM UserFeedback WHERE for_user_id = :1 AND created_by_id = :2", li.user_id, current_li.user_id)
if f.count() > 0:
rating = int(f.get().rating)
database.render_template(self, 'items/view_item.html', {'item': item, 'li': li, 'feedback': feedback, 'buyer': buyer, 'rating':rating, 'xsrf_token' : token})
def get(self):
user = database.users.get_current_user()
if user and database.get_current_li().verify_xsrf_token(self):
token = database.get_current_li().create_xsrf_token()
thread_key = db.Key.from_path('Thread', int(self.request.get('thread_id')))
thread = db.get(thread_key)
if thread.recipient_id == user.user_id() or thread.created_by_id == user.user_id():
children = db.GqlQuery("SELECT * FROM Message WHERE ANCESTOR is :1", thread_key)
for child in children:
if child.recipient_id == user.user_id():
child.read = True
child.put()
database.render_template(self, 'threads/view_thread.html', {'thread': thread, 'children': children, 'xsrf_token' : token})
else:
self.redirect('/')
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
if user and database.get_current_li() and database.get_current_li().is_admin:
token = database.get_current_li().create_xsrf_token()
registered_users = database.db.GqlQuery(
"SELECT * FROM LoginInformation WHERE is_admin = :1 AND is_active = :2 ORDER BY nickname", False, True
)
admin_users = database.db.GqlQuery(
"SELECT * FROM LoginInformation WHERE is_admin = :1 ORDER BY nickname", True
)
database.render_template(
self,
"/admin/modify.html",
{"registered_users": registered_users, "admin_users": admin_users, "xsrf_token": token},
)
else:
self.redirect("/")
def get(self):
user = database.users.get_current_user()
if user:
li = database.db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id = :1", user.user_id())
if li.count() > 0:
li = li.get()
if li.first_name == "" or li.last_name == "" or li.nickname == "" or li.external_user: #if not valid user or they're external, don't create a new li but allow them to visit the page
token = li.create_xsrf_token()
database.render_template(self, '/users/register_user.html', {'new_li': li, 'xsrf_token' : token})
else: #if they're a valid user, they can't re-register
self.redirect('/')
else: #create a brand new li
li = database.LoginInformation(first_name="",last_name="", user_id=user.user_id(), is_active=True)
li.put()
token = li.create_xsrf_token()
database.render_template(self, '/users/register_user.html', {'new_li': li, 'xsrf_token' : token})
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
if user:
token = database.get_current_li().create_xsrf_token()
about = cgi.escape(self.request.get('about'))
partner_id = cgi.escape(self.request.get('partner_id'))
remote_user_id = cgi.escape(self.request.get('remote_user_id'))
remote_username = cgi.escape(self.request.get('remote_username'))
item_title = cgi.escape(self.request.get('item_title'))
partner = database.db.get(db.Key.from_path('TrustedPartner', int(cgi.escape(self.request.get('partner_id')))))
if partner:
database.render_template(self, 'threads/new_remote_thread.html', {'about': about, 'partner_id': partner_id, 'remote_user_id':remote_user_id, 'remote_username' : remote_username, 'xsrf_token' : token, 'item_title' : item_title})
else:
self.redirect("/")
else:
self.redirect('/')
def get(self):
user = database.users.get_current_user()
out_unread_thread = []
in_unread_thread = []
push = False
#ew, (n+1) queries
if database.get_current_li():
token = database.get_current_li().create_xsrf_token()
sent_threads = db.GqlQuery("SELECT * FROM Thread WHERE created_by_id = :1 ORDER BY created_at DESC", user.user_id())
for thread in sent_threads:
children = db.GqlQuery("SELECT * FROM Message WHERE ANCESTOR is :1", thread.key())
for child in children:
if child.recipient_id == user.user_id() and child.read == False:
push = True
break
else:
push = False
out_unread_thread.append(True) if push else out_unread_thread.append(False)
push = False
in_threads = db.GqlQuery("SELECT * FROM Thread WHERE recipient_id = :1 ORDER BY created_at DESC", user.user_id())
for thread in in_threads:
children = db.GqlQuery("SELECT * FROM Message WHERE ANCESTOR is :1", thread.key())
for child in children:
if child.recipient_id == user.user_id() and child.read == False:
push = True
break
else:
push = False
in_unread_thread.append(True) if push else in_unread_thread.append(False)
database.render_template(self, 'threads/index.html', {'sent_threads': sent_threads, 'in_threads': in_threads, 'out_unread_thread': out_unread_thread,
'in_unread_thread': in_unread_thread, 'xsrf_token': token})
else:
self.redirect('/')
def get(self):
query = cgi.escape(database.quick_sanitize(self.request.get('query')))
limit = cgi.escape(database.quick_sanitize(self.request.get('query_limit')))
search_by = cgi.escape(database.quick_sanitize(self.request.get('query_search_by')))
sort_by = {
"a" : {
"sort_field" : cgi.escape(database.quick_sanitize(self.request.get('query_sortA'))),
"order" : cgi.escape(database.quick_sanitize(self.request.get('query_orderA')))
},
"b" : {
"sort_field" : cgi.escape(database.quick_sanitize(self.request.get('query_sortB'))),
"order" : cgi.escape(database.quick_sanitize(self.request.get('query_orderB')))
}
}
items = db.GqlQuery("SELECT * FROM Item ORDER BY created_at DESC") #grab all the items first
#now tokenize the input by spaces
query_tokens = database.string.split(query)
results = []
for item in items:
add = False
for tok in query_tokens:
if database.string.find(item.title, tok) != -1:
add = True
if add:
results.append(item)
user = database.users.get_current_user()
if user:
searches = db.GqlQuery("SELECT * FROM Search WHERE created_by_id = :1 AND search = :2", user.user_id(), query)
if searches.count() == 0:
search = database.Search()
search.created_by_id = user.user_id()
search.search = query
search.put()
trusted_partners = database.TrustedPartner.all()
database.render_template(self, 'items/search.html', { 'items': results, 'query': query, "partners" : trusted_partners, 'limit' : limit, 'search_by' : search_by, 'sort_by' : sort_by })