def singin_user(self, request): current_user = request.email if current_user is None: raise endpoints.UnauthorizedException('No user is logged in.') if (functions.auth_user(current_user)): return (LoginResponse(signedIn=True)) else: raise endpoints.UnauthorizedException('Ivalid token.')
def permission_user(self, request): current_user = request.email if current_user is None: raise endpoints.UnauthorizedException('Invalid token.') if (functions.auth_user(current_user)): return PermissionResponse( permission=functions.permission_user(current_user)) else: raise endpoints.UnauthorizedException('Invalid token.')
def attachments_delete(self, request): """Retrieve metainfo for a single attachments for a timeline card""" current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException("Authentication required.") card = ndb.Key("TimelineItem", request.itemId).get() if card is None or card.user != current_user: raise endpoints.NotFoundException("Attachment not found.") if card.attachments is not None: for att in card.attachments: if att.id == request.attachmentId: # Delete attachment from blobstore blobkey = blobstore.BlobKey(request.attachmentId) blobstore.delete(blobkey) # Remove attachment from timeline card card.attachments.remove(att) card.put() return AttachmentResponse(id=att.id) raise endpoints.NotFoundException("Attachment not found.")
def ValidateUserIsAuthorized(): """Raises endpoints.UnauthorizedException if the caller is not signed in or is not allowed to publish content. """ user = endpoints.get_current_user() if user is None or user.email() not in CONTENT_DEVELOPERS: raise endpoints.UnauthorizedException()
def insert_user(self, user): if (functions.auth_user(user.email)): user.put() return user else: raise endpoints.UnauthorizedException( 'This method requires you to be authenticated. You may need to activate the toggle above to authorize your request using OAuth 2.0.' )
def _set_value(self, entity, value): """Internal helper to set value on model entity. If the value to be set is null, will try to retrieve the current user and will return a 401 if a user can't be found and raise_unauthorized is True. Args: entity: An instance of some NDB model. value: The value of this property to be set on the instance. """ if value is None: value = endpoints.get_current_user() if self._raise_unauthorized and value is None: raise endpoints.UnauthorizedException('Invalid token.') super(EndpointsUserProperty, self)._set_value(entity, value)
def get_endpoints_current_user(raise_unauthorized=True): """Returns a current user and (optionally) causes an HTTP 401 if no user. Args: raise_unauthorized: Boolean; defaults to True. If True, this method raises an exception which causes an HTTP 401 Unauthorized to be returned with the request. Returns: The signed in user if there is one, else None if there is no signed in user and raise_unauthorized is False. """ current_user = endpoints.get_current_user() if raise_unauthorized and current_user is None: raise endpoints.UnauthorizedException('Invalid token.') return current_user
def get_task_lists_for_user(self, request): """ Returns all the TaskLists for the logged in user. """ current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException('Invalid token.') current_users_task_user = TaskUser.get_task_user_by_email( current_user.email().lower()) users_task_lists = [] for a_task_list_key in current_users_task_user.task_list_keys: a_task_list = a_task_list_key.get() all_tasks_in_list = [] for a_task_key in a_task_list.task_keys: a_task = a_task_key.get() assigned_to_task_user_msg = None if a_task.assigned_to_email: assigned_to_task_user = TaskUser.get_task_user_by_email( a_task.assigned_to_email) assigned_to_task_user_msg = TaskUserResponseMessage( lowercase_email=assigned_to_task_user.lowercase_email, preferred_name=assigned_to_task_user.preferred_name, google_plus_id=assigned_to_task_user.google_plus_id) all_tasks_in_list.append( TaskResponseMessage(identifier=a_task.key.id(), text=a_task.text, details=a_task.details, complete=a_task.complete, assigned_to=assigned_to_task_user_msg)) all_task_users_in_list = [] for a_task_user_email in a_task_list.task_user_emails: a_task_user = TaskUser.get_task_user_by_email( a_task_user_email) all_task_users_in_list.append( TaskUserResponseMessage( lowercase_email=a_task_user.lowercase_email, preferred_name=a_task_user.preferred_name, google_plus_id=a_task_user.google_plus_id)) users_task_lists.append( TaskListResponseMessage(identifier=a_task_list.key.id(), title=a_task_list.title, tasks=all_tasks_in_list, task_users=all_task_users_in_list)) logging.info("Returning a list of TaskList, count = " + str(len(users_task_lists))) return TaskListListResponse(items=users_task_lists)
def attachments_get(self, request): """Retrieve metainfo for a single attachments for a timeline card""" current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException("Authentication required.") card = ndb.Key("TimelineItem", request.itemId).get() if card is None or card.user != current_user: raise endpoints.NotFoundException("Attachment not found.") if card.attachments is not None: for att in card.attachments: if att.id == request.attachmentId: return AttachmentResponse(id=att.id, contentType=att.contentType, contentUrl=att.contentUrl, isProcessingContent=att.isProcessingContent) raise endpoints.NotFoundException("Attachment not found.")
def insert_user(self, _user): if (functions.auth_user(_user.email)): user_key = ndb.Key('AIESEC', 'User') u = User.get_user() if _user.user_id in u: return _user else: user = User(parent=user_key, user_id=_user.user_id, email=_user.email, user=_user.user, university=_user.university, state=_user.state) user.put() User.get_user(True) return _user else: raise endpoints.UnauthorizedException( 'This method requires you to be authenticated. You may need to activate the toggle above to authorize your request using OAuth 2.0.' )
def attachments_list(self, request): """Retrieve attachments for a timeline card""" current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException("Authentication required.") card = ndb.Key("TimelineItem", request.itemId).get() if card is None or card.user != current_user: raise endpoints.NotFoundException("Card not found.") attachments = [] if card.attachments is not None: for att in card.attachments: attachments.append(AttachmentResponse(id=att.id, contentType=att.contentType, contentUrl=att.contentUrl, isProcessingContent=att.isProcessingContent)) return AttachmentList(items=attachments)
def action_insert(self, action): """Perform an action on a timeline card for the current user. This isn't part of the actual Mirror API but necessary for the emulator to send actions to the subscribed services. Returns just a simple success message """ current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException('Authentication required.') # TODO: check if card exists and belongs to the user data = None operation = None if action.action == MenuAction.SHARE: operation = Operation.UPDATE data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = ({"type": MenuAction.SHARE.name}, ) if action.action == MenuAction.REPLY or action.action == MenuAction.REPLY_ALL: operation = Operation.INSERT data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = ({"type": MenuAction.REPLY.name}, ) if action.action == MenuAction.DELETE: operation = Operation.DELETE data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = ({"type": MenuAction.DELETE.name}, ) if action.action == MenuAction.CUSTOM: operation = Operation.UPDATE data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = ({ "type": MenuAction.DELETE.name, "payload": action.value }, ) if data is not None and operation is not None: header = {"Content-type": "application/json"} query = Subscription.query().filter( Subscription.user == current_user).filter( Subscription.operation == operation) for subscription in query.fetch(): data["userToken"] = subscription.userToken data["verifyToken"] = subscription.verifyToken req = urllib2.Request(subscription.callbackUrl, json.dumps(data), header) try: urllib2.urlopen(req) except urllib2.URLError as e: logging.error(e) return ActionResponse(success=True)
def action_insert(self, action): """Perform an action on a timeline card for the current user. This isn't part of the actual Mirror API but necessary for the emulator to send actions to the subscribed services. Returns just a simple success message """ current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException("Authentication required.") card = ndb.Key("TimelineItem", action.itemId).get() if card is None or card.user != current_user: raise endpoints.NotFoundException("Card not found.") data = None operation = None if action.action == MenuAction.SHARE: operation = Operation.UPDATE data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = [{"type": MenuAction.SHARE.name}] if action.action == MenuAction.REPLY or action.action == MenuAction.REPLY_ALL: operation = Operation.INSERT data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = [{"type": MenuAction.REPLY.name}] if action.action == MenuAction.DELETE: operation = Operation.DELETE data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = [{"type": MenuAction.DELETE.name}] if action.action == MenuAction.CUSTOM: operation = Operation.UPDATE data = {} data["collection"] = "timeline" data["itemId"] = action.itemId data["operation"] = operation.name data["userActions"] = [{ "type": MenuAction.CUSTOM.name, "payload": action.value }] if data is not None and operation is not None: header = {"Content-type": "application/json"} query = Subscription.query().filter( Subscription.user == current_user) query = query.filter(Subscription.collection == "timeline") query = query.filter(Subscription.operation == operation) for subscription in query.fetch(): data["userToken"] = subscription.userToken data["verifyToken"] = subscription.verifyToken req = urllib2.Request(subscription.callbackUrl, json.dumps(data), header) try: urllib2.urlopen(req) except: logging.error(sys.exc_info()[0]) # Report back to Glass emulator channel.send_message(current_user.email(), json.dumps({"id": action.itemId})) return ActionResponse(success=True)
def login_required(): current_user = endpoints.get_current_user() if current_user is None: raise endpoints.UnauthorizedException('Invalid token.') return current_user