def forum_detail(slug):
response = controllers.get_forum_detail(slug)
if response['status_code'] == 200:
return json_response(response['forum'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def vote_add(slug_or_id):
json_request = request.get_json()
vote_data = json_request
response = controllers.vote_add(slug_or_id, vote_data)
if response['status_code'] == 200:
return json_response(response['thread'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def thread_create(slug):
json_request = request.get_json()
thread_data = json_request
response = controllers.thread_create(slug, thread_data)
if response['status_code'] == 201 or response['status_code'] == 409:
return json_response(response['thread'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def forum_create():
json_request = request.get_json()
forum_data = json_request
response = controllers.forum_create(forum_data)
if response['status_code'] == 201 or response['status_code'] == 409:
return json_response(response['forum'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def thread_detail(slug_or_id):
if request.method == 'GET':
response = controllers.get_thread_detail(slug_or_id)
else:
json_request = request.get_json()
thread_data = json_request
response = controllers.update_thread_detail(slug_or_id, thread_data)
if response['status_code'] == 200:
return json_response(response['thread'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def post_detail(id):
if request.method == 'GET':
related = request.args.get('related')
response = controllers.get_post_detail(id, related)
else:
json_request = request.get_json()
post_data = json_request
response = controllers.update_post_detail(id, post_data)
if response['status_code'] == 200:
return json_response(response['post'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def wrapped_f(*args, **kwargs):
if session.get('user', None):
resp = Response(
True, "Opération interdite vous n'êtes pas déconnecté !")
return json_response(resp.json(), status_code=403)
else:
return f(*args, **kwargs)
def wrapped_f(*args, **kwargs):
if not _check_authorized(request.form):
return json_response(Response(True,
"You're not connected.").json(),
status_code=403)
else:
return f(*args, **kwargs)
def account_update_password():
err = True
pwd_old = request.form['password_old']
pwd_clear = request.form['password1']
pwd_clear2 = request.form['password2']
# verification des champs
content = {}
# if pwd_old != ancien mdp
if db.check_user_password(session['user']['id'], _hash_pwd(pwd_old)):
content['password_old'] = "Le mot de passe est incorrect !"
if len(pwd_clear) < 6:
content['password1'] = "Le mot de passe doit faire au minimum 6 caractères !"
if pwd_clear2 != pwd_clear:
content['password2'] = "Les deux mots de passe doivent être identiques !"
# hash password
pwd_hash = _hash_pwd(pwd_clear)
# realisation si pas d'erreur
if len(content.keys()) == 0:
content = "La mise à jour du profil a échouée"
# verification de l'existence de l'utilisateur
if db.update_user(session['user']['id'], pwd=pwd_hash):
# _update_user(session, session['user']['id'])
# mise à jour des variables de réponse
err = False
content = 'ok'
return json_response(Response(err, content).json(), status_code=200)
def password_reset():
email = request.form['email']
modlgr.debug('Asking for password reset for: {0}'.format(email))
if not db.user_exists(email):
error = True
content = "Cette adresse électronique n'est associée à aucun utilisateur."
modlgr.error('{0} does not exist'.format(email))
return json_response(Response(error, content).json(), status_code=200)
token = db.create_or_update_password_reset(email, app.secret_key)
modlgr.debug("Created/updated user's password reset object with token '{0}'".format(token))
reset_link = "{0}password-reset?token={1}&email={2}".format(request.url_root, token, email)
user = db.retrieve_user_by_email(email)
emails.send_password_reset_mail(email, user.firstname, token)
modlgr.debug("Process finished sending mail to {0} with link '{1}'".format(email, reset_link))
error = False
content = "Un lien pour modifier ton mot de passe a été envoyé à cette adresse, il expirera dans 10 minutes."
return json_response(Response(error, content).json(), status_code=200)
def user_profile(nickname):
if request.method == 'GET':
response = controllers.get_user_data(nickname)
if response['status_code'] == 200:
return json_response(response['user'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
else:
json_request = request.get_json()
user_data = json_request
response = controllers.set_user_data(nickname, user_data)
if response['status_code'] == 200:
return json_response(response['user'],
status_code=response['status_code'])
return json_response(response['message'],
status_code=response['status_code'])
def wrapped_f(*args, **kwargs):
try:
return f(*args, **kwargs)
except Exception as e:
timestamp = time.strftime('%d%m%H%M%S')
desc = '`mapif.{0}()` at `{1}` error: details below.'.format(
f.__name__, timestamp)
modlgr.exception(desc)
code = '{0}.{1}'.format(err_code, timestamp)
resp = Response(has_error=True, code=code, content='')
return json_response(resp.json(), status_code=500)
def login():
content = "L'utilisateur et/ou le mot de passe est érroné."
email = request.form['email']
pwd_clear = request.form['password']
pwd_hash = _hash_pwd(pwd_clear)
_load_user(session, email, pwd_hash)
err = True
if _check_connected(session):
err = False
content = "Vous êtes maintenant connecté !"
return json_response(Response(err, content).json(), status_code=200)
def posts_create(slug_or_id):
json_request = request.get_json()
posts_data = json_request
response = controllers.posts_create(slug_or_id, posts_data)
if response['status_code'] == 201:
json_resp = app.response_class(response=json.dumps(response['posts']),
status=response['status_code'],
mimetype='application/json')
return json_resp
return json_response(response['message'],
status_code=response['status_code'])
def wrapped_f(*args, **kwargs):
try:
return f(*args, **kwargs)
except Exception as e:
timestamp = time.strftime('%d%m%H%M%S')
desc = '`mapif.{0}()` at `{1}` error: details below.'.format(
f.__name__, timestamp
)
modlgr.exception(desc)
code = '{0}.{1}'.format(err_code, timestamp)
resp = Response(has_error=True, code=code, content='')
return json_response(resp.json(), status_code=500)
def predict():
if request.json is None:
return json_response(wrap_error("Expected a JSON request"), 400)
if "instances" not in request.json or request.json["instances"] is None:
return json_response(wrap_error("The request body did not contain any instances"), 400)
try:
iter(request.json["instances"])
except TypeError:
return json_response(wrap_error("The instances field is not iterable"), 400)
if isinstance(request.json["instances"], str):
return json_response(wrap_error("Instances field must not be a string"), 400)
instances = []
if all(map(lambda instance: isinstance(instance, str), request.json["instances"])):
instances.extend([FEVERRequestInstance(**{"id":idx,"claim":instance}) for idx, instance in enumerate(request.json["instances"])])
elif all(map(lambda instance: "id" in instance
and "claim" in instance
and isinstance(instance["id"], int)
and isinstance(instance["claim"], str), request.json["instances"])):
instances.extend([FEVERRequestInstance(**instance) for instance in request.json["instances"]])
else:
return json_response(wrap_error("Instances field must contain a list of strings or objects containing 'id':int and 'claim':str fields"), 400)
app.logger.info("Predicting with {} instances".format(len(instances)))
predictions = predict_function(instances)
for prediction, instance in zip(predictions,instances):
prediction["request_instance"] = instance
app.logger.info("Predicting complete")
return json_response(wrap_predictions(predictions))
def get_categories_resource():
"""Endpoint for fetching categories from the top level down."""
global cached_category_collection
category_collection = cached_category_collection or get_categories()
if not cached_category_collection:
category_collection.links = [
LinkDto(href=url_for('get_categories_resource'), rel='categories'),
LinkDto(href=url_for('get_summary_resource'), rel='summary')
]
cached_category_collection = category_collection
return json_response(
to_json(CategoryCollectionDtoSerializer, category_collection))
def wrapped_f(*args, **kwargs):
try:
return f(*args, **kwargs)
except Exception as e:
timestamp = time.strftime('%d%m%H%M%S')
print(
'mapif.{0}() at {1} error: details below.'.format(
f.__name__, timestamp), e)
code = '{0}.{1}'.format(err_code, timestamp)
return json_response(Response(has_error=True,
code=code,
content='').json(),
status_code=500)
def locations():
err = True
code = 200
uid = request.form['uid']
content = "Une erreur s'est produite, l'identifiant de l'utilisateur passé en paramètre n'est pas valide."
if not validator.validate(uid, 'int'):
uid = int(uid)
locations = db.retrieve_user_locations(uid)
content = "Une erreur s'est produite, aucune localisation n'a été trouvée pour cet utilisateur."
if locations:
err = False
content = locations
return json_response(Response(err, content).json(), status_code=code)
def user_create(nickname):
if request.method == 'POST':
json_request = request.get_json()
user_data = json_request
user_data['nickname'] = nickname
response = controllers.create_user(user_data)
if response['status_code'] == 409:
json_resp = app.response_class(response=json.dumps(
response['user']),
status=response['status_code'],
mimetype='application/json')
return json_resp
return json_response(response['user'],
status_code=response['status_code'])
def get_forum_active_users(slug):
parameters = dict()
parameters['limit'] = request.args.get('limit') or 999999
parameters['order'] = 'DESC' if request.args.get(
'desc') == 'true' else 'ASC'
parameters['since'] = request.args.get('since')
response = controllers.get_forum_active_users(slug, parameters)
if response['status_code'] == 200:
json_resp = app.response_class(response=json.dumps(response['users']),
status=response['status_code'],
mimetype='application/json')
return json_resp
return json_response(response['message'],
status_code=response['status_code'])
def get_summary_resource():
"""Endpoint for fetching topmost categories."""
category_summary = get_summary()
category_summary.links = [
LinkDto(href=url_for('get_categories_resource'), rel='categories'),
LinkDto(href=url_for('get_summary_resource'), rel='summary')
]
for category in category_summary.categories:
category.links = [
LinkDto(href=url_for('get_category_resource',
category_id=category.category_id))
]
return json_response(
to_json(CategoryCollectionDtoSerializer, category_summary))
def account_create():
content = "Captcha invalide. Annulation de l'inscription ! Encore un bot..."
err = True
if app.debug or validator.check_captcha(request):
# recuperation du contenu de la requete
firstname = escape(request.form['firstname'].strip())
lastname = escape(request.form['lastname'].strip())
email = request.form['email'].strip()
pwd_clear = request.form['password1']
pwd_clear2 = request.form['password2']
promo = request.form['promo'].strip()
# verification des champs
content = {}
if validator.is_empty(firstname):
content['firstname'] = "Le champ prénom ne doit pas être vide !"
if validator.is_empty(lastname):
content['lastname'] = "Le champ nom ne doit pas être vide !"
if not validator.validate(email, 'email'):
content['email'] = "L'email ne respecte pas le format attendu !"
if not validator.validate(promo, 'year'):
content['promo'] = "La promo n'est pas une année correctement formaté !"
if int(promo) < 1969 or int(promo) >= (datetime.datetime.now().year+4):
content['promo'] = "L'année est en dehors de l'intervalle autorisé !"
if len(pwd_clear) < 6:
content['password1'] = "Le mot de passe doit faire au minimum 6 caractères !"
if pwd_clear2 != pwd_clear:
content['password2'] = "Les deux mots de passe doivent être identiques !"
# hash password
pwd_hash = _hash_pwd(pwd_clear)
# realisation si pas d'erreur
if len(content.keys()) == 0:
content = "Cette adresse email est déjà attribuée à un utilisateur."
# verification de l'existence de l'utilisateur
if not db.user_exists(email):
# creation de l'utilisateur
db.create_user(firstname, lastname, email, pwd_hash, promo)
# chargement de l'utilisateur créé dans la session (connexion automatique après inscription)
_load_user(session, email, pwd_hash)
# mise à jour des variables de réponse
err = False
content = 'ok'
msg = """A new user joined MapIF!
*{0} {1}*
promo *{2}*
*{3}*
:D
""".format(firstname, lastname, promo, email)
modlgr.info(msg)
return json_response(Response(err, content).json(), status_code=200)
def get_thread_posts(slug_or_id):
parameters = dict()
parameters['limit'] = request.args.get('limit') or 'ALL'
parameters['sort'] = request.args.get('sort') or 'flat'
parameters['order'] = 'DESC' if request.args.get(
'desc') == 'true' else 'ASC'
parameters['since'] = request.args.get('since')
response = controllers.get_thread_posts(slug_or_id, parameters)
if response['status_code'] == 200:
json_resp = app.response_class(response=json.dumps(response['posts']),
status=response['status_code'],
mimetype='application/json')
return json_resp
return json_response(response['message'],
status_code=response['status_code'])
def location_delete():
# recupération des données du post
uid = session['user']['id']
ulid = escape(request.form['ulid'].strip())
# vérification des champs
content = {}
err = True
if not validator.validate(ulid, 'int'):
content['ulid'] = "L'ulid transmis ne respecte pas le format attendu: nombre entier."
if len(content.keys()) == 0:
# delete location
content = "La suppression de la localisation n'a pas aboutie !"
if db.delete_user_location(uid, ulid):
err = False
content = "La localisation a été supprimée de votre historique."
return json_response(Response(err, content).json(), status_code=200)
def account_delete():
uid = session['user']['id']
msg = """A user left MapIF.
*{0} {1}*
promo *{2}*
*{3}*
:/""".format(
session['user']['firstname'],
session['user']['lastname'],
session['user']['promo'],
session['user']['email'])
db.delete_user(uid)
session.pop('user', None)
err = False
content = "Le compte a été supprimé avec succès."
modlgr.warning(msg)
return json_response(Response(err, content).json(), status_code=200)
def account_update_promo():
err = True
promo = request.form['promo'].strip()
# verification des champs
content = {}
if not validator.validate(promo, 'year'):
content['promo'] = "La promo n'est pas une année correctement formaté !"
if int(promo) < 1969 or int(promo) >= (datetime.datetime.now().year+4):
content['promo'] = "L'année est en dehors de l'intervalle autorisé !"
# realisation si pas d'erreur
if len(content.keys()) == 0:
content = "La mise à jour du profil a échouée"
# verification de l'existence de l'utilisateur
if db.update_user(session['user']['id'], promo=promo):
_update_user(session, session['user']['id'])
# mise à jour des variables de réponse
err = False
content = 'ok'
return json_response(Response(err, content).json(), status_code=200)
def get_category_tree_resource(category_id):
"""Endpoint for fetching category by id, including all children."""
global cached_category_trees
category = next(
(c for c in cached_category_trees if c.category_id == category_id),
None)
if not category:
category = get_category(category_id, tree=True)
category.links = [
LinkDto(href=url_for('get_category_resource',
category_id=category_id),
rel='category'),
LinkDto(href=url_for('get_category_tree_resource',
category_id=category_id),
rel='category-tree')
]
cached_category_trees.append(category)
return json_response(to_json(CategoryDtoSerializer, category))
def account_update_names():
err = True
firstname = escape(request.form['firstname'].strip())
lastname = escape(request.form['lastname'].strip())
# verification des champs
content = {}
if validator.is_empty(firstname):
content['firstname'] = "Le champ prénom ne doit pas être vide !"
if validator.is_empty(lastname):
content['lastname'] = "Le champ nom ne doit pas être vide !"
# realisation si pas d'erreur
if len(content.keys()) == 0:
content = "La mise à jour du profil a échouée"
# verification de l'existence de l'utilisateur
if db.update_user(session['user']['id'], firstname=firstname, lastname=lastname):
_update_user(session, session['user']['id'])
# mise à jour des variables de réponse
err = False
content = 'ok'
return json_response(Response(err, content).json(), status_code=200)
def account_update_email():
err = True
email = request.form['email'].strip()
# verification des champs
content = {}
if not validator.validate(email, 'email'):
content['email'] = "L'email ne respecte pas le format attendu !"
# realisation si pas d'erreur
if len(content.keys()) == 0:
content['email'] = "Cette adresse email est déjà attribuée à un utilisateur."
# verification de l'existence de l'utilisateur
if not db.user_exists(email):
content = "La mise à jour du profil a échouée"
# verification de l'existence de l'utilisateur
if db.update_user(session['user']['id'], email=email):
_update_user(session, session['user']['id'])
# mise à jour des variables de réponse
err = False
content = 'ok'
return json_response(Response(err, content).json(), status_code=200)
def location_update():
# recupération des données du post
uid = session['user']['id']
ulid = escape(request.form['ulid'].strip())
timestamp = escape(request.form['timestamp'].strip())
# construction du bloc de metadonnées
metadata = {}
metadata['reason'] = escape(request.form['reason'].strip())
# vérification des champs
content = {}
err = True
if not validator.validate(ulid, 'int'):
content['ulid'] = "L'ulid transmis ne respecte pas le format attendu: nombre entier."
if not validator.validate(timestamp, 'timestamp'):
content['timestamp'] = "Le timestamp ne respecte pas le format attendu: YYYY-mm-dd"
if metadata['reason'] not in db.META_REASON_ENUM:
content['meta']['reason'] = "La valeur de la métadonnée raison est invalide."
if len(content.keys()) == 0:
# update timestamp
content = "La mise à jour de la localisation est un échec. Une erreur de persistence s'est produite."
if db.update_user_location(uid, ulid, timestamp, metadata):
err = False
content = "La localisation a été mise à jour."
return json_response(Response(err, content).json(), status_code=200)
def location_create():
# recupération des données du post
uid = session['user']['id']
osm_id = escape(request.form['osm_id'].strip())
osm_type = escape(request.form['osm_type'].strip())
# construction du bloc de metadonnées
metadata = {}
metadata['reason'] = escape(request.form['reason'].strip())
# vérification des champs
content = {}
err = True
if not validator.validate(osm_id, 'int'):
content['osm_id'] = "Le champ osm_id doit être un identifiant numérique !"
if validator.is_empty(osm_type):
content['osm_type'] = "Le champ osm_type ne doit pas être vide !"
if metadata['reason'] not in db.META_REASON_ENUM:
content['meta']['reason'] = "La valeur de la métadonnée raison est invalide."
if len(content.keys()) == 0:
# create user - location mapping record in db
content = "L'ajout de la localisation a échoué. La localisation n'a pas été confirmée par Nominatim."
if db.create_user_location(uid, osm_id, osm_type, metadata):
err = False
content = "La nouvelle localisation a été enregistrée."
return json_response(Response(err, content).json(), status_code=200)
def handle_success(data):
data.update({'result': 'success'})
return json_response(data, 200)
def wrapped_f(*args, **kwargs):
if session.get('user', None):
resp = Response(True, "Opération interdite vous n'êtes pas déconnecté !")
return json_response(resp.json(), status_code=403)
else:
return f(*args, **kwargs)
def handle_error(ex, code):
return json_response({'result': 'error', 'message': str(ex)}, code)
def search_users():
filters = request.form['filters']
content = db.search_users(filters)
return json_response(Response(False, content).json(), status_code=200)
