示例#1
0
	def get(self, debug=''):	

		template_values = {
			'debug':DEBUG_MODE,
			'userHTML': user_html(self.request.uri),
			'named': [ ],
			'test': urlparse(os.environ['HTTP_HOST']).netloc,
			'version': __version__,
			'version_date': __date__
		}

		if not os.environ['SERVER_NAME'].startswith('eveshoppingcart'):
			template_values['title'] = "[" + os.environ['SERVER_NAME'] + "] EVE Shopping Cart"
		else:
			template_values['title'] = "EVE Shopping Cart"
		
		if os.environ['PATH_INFO'].startswith('/debug'): 
			template_values['title'] = "[DEBUG]" + template_values['title']
			
		if users.get_current_user():
			template_values['loggedIn'] = True
			list_named = NamedToken.gql("WHERE owner = :owner ORDER BY itemlist_name", owner=users.get_current_user())
			for list in list_named:
				template_values['named'].append({'token':str(list.key()),'name':urllib.unquote_plus(list.itemlist_name)})
		else:
			template_values['loggedIn'] = False
		cookie_verify = "".join(random.sample(string.digits+string.ascii_letters,10))
		self.response.set_cookie('cookieVerify', cookie_verify)	
		template_values['cookieValue'] = cookie_verify
		path = os.path.join(os.path.dirname(__file__), 'templates/eveShoppingCart.html')
		self.response.out.write(template.render(path, template_values))
示例#2
0
	def _do_named(self, token):
		try:
			if token is None:
				list = None
			else:
				list = NamedToken.get(token)
		except BadKeyError:
			if self.user is None:
				logging.error("User (%s) tried to specify illegal named key: %s" % (self.request.remote_addr, token))
			else:
				logging.error("User (%s:%s:%s) tried to specify illegal named key: %s" % (self.user.nickname(),self.user.user_id(),self.request.remote_addr, token))
			self.clear_cookies()
			self.set_error('You specified a token that does not exist in the database.  This could be because it has cycled off (an old list) or a bad link.')
			return
				
		if list is None:
			self.clear_cookies()
			self.set_error(None)
			return
		else:
			self.response.set_cookie('T',token, max_age=self.COOKIE_AGE)
			self.response.delete_cookie('S')
			self.response.set_cookie('Y',"named", max_age=self.COOKIE_AGE)
			if list.owner.user_id() == self.user.user_id():
				self.response.set_cookie('N', list.itemlist_name, max_age=self.COOKIE_AGE)	
			else:
				self.response.delete_cookie('N')
				
			self.set_error(None, list.itemlist_json)
			return
示例#3
0
	def _do_named(self, token):
		try:
			if token is None:
				read_list = None
			else:
				read_list = NamedToken.get(token)
		except BadKeyError:
				self.clear_cookies()
				read_list = None
				
		if self.user is not None:
			if read_list is None:
				if (self.request.cookies['N'] is not None):
					write_list = NamedToken(itemlist_name=self.request.cookies['N'],
																	itemlist_json=self.request.str_POST['itemList'])
					self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
					self.response.delete_cookie('S')
					self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)		
				else:
					write_list = UnauthenticatedToken(itemlist_json=self.request.str_POST['itemList'],
					                                  last_ip=self.request.remote_addr,
					                                  security_string = "".join(random.sample(string.digits+string.ascii_letters,10)))
					self.response.delete_cookie('N')
					self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
					self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)		
			else:
				if read_list.owner.user_id() == self.user.user_id() and self.request.cookies['C'] is None:
					write_list = read_list
					write_list.itemlist_json = self.request.str_POST['itemList']
					self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
					self.response.delete_cookie('S')
					self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)		
				else:
					self.response.delete_cookie('C')
					if (self.request.cookies['N'] is not None):
						write_list = NamedToken(itemlist_name=self.request.cookies['N'],
																		itemlist_json=self.request.str_POST['itemList'])
						self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
						self.response.delete_cookie('S')
						self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)		
					else:
						write_list = UnauthenticatedToken(itemlist_json=self.request.str_POST['itemList'],
						                                  last_ip=self.request.remote_addr,
						                                  security_string = "".join(random.sample(string.digits+string.ascii_letters,10)))
						self.response.delete_cookie('N')
						self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
						self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)		
				
				write_list.put()
				self.response.set_cookie('T', write_list.key(), max_age=self.COOKIE_AGE)
			
			self.set_error(None);
示例#4
0
	def MESSAGE_FORMAT(self, x, y, z):
		result =  {'error':x,'errorText':y,'itemList':z,'userHTML':user_html(self.base_path()),'named':[ ]}
		if self.user is not None:
			result['loggedIn'] = True
			list_named = NamedToken.gql("WHERE owner = :owner ORDER BY itemlist_name", owner=self.user)
			for list in list_named:
				result['named'].append({'token':str(list.key()),'name':list.itemlist_name})
		else:
			result['loggedIn'] = False
		return json.dumps(result, separators=(',',':'))
示例#5
0
	def _do_named(self, token):
		try:
			if token is None:
				read_list = None
			else:	
				read_list = NamedToken.get(token)
		except BadKeyError:
			if self.user is None:
				logging.error("User (%s) tried to specify illegal named key: %s" % (self.request.remote_addr, token))
			else:
				logging.error("User (%s:%s:%s) tried to specify illegal named key: %s" % (self.user.nickname(),self.user.user_id(),self.request.remote_addr, token))
			self.clear_cookies()
			self.set_error('You specified a token that does not exist in the database.  This could be because it has cycled off (an old list) or a bad link.')
			return
			
		if (read_list is None) or (self.user.user_id() != read_list.owner.user_id()):
			self.clear_cookies()
			self.set_error('You are not the owner of this list.')
		else:
			read_list.delete()
			self.clear_cookies()
			self.set_error(None)