def do_phpbb_auth(self):
phpbb_cookie_name = config.get("phpbb_cookie_name") + "_"
user_id = fieldtypes.integer(
self.get_cookie(phpbb_cookie_name + "u", ""))
if not user_id:
pass
else:
if self._verify_phpbb_session(user_id):
# update_phpbb_session is done by verify_phpbb_session if successful
self.user = User(user_id)
self.user.ip_address = self.request.remote_ip
self.user.authorize(self.sid, None, bypass=True)
return True
if not self.user and self.get_cookie(phpbb_cookie_name + "k"):
can_login = db.c.fetch_var(
"SELECT 1 FROM phpbb_sessions_keys WHERE key_id = %s AND user_id = %s",
(hashlib.md5(self.get_cookie(phpbb_cookie_name +
"k")).hexdigest(), user_id))
if can_login == 1:
self._update_phpbb_session(
self._get_phpbb_session(user_id))
self.user = User(user_id)
self.user.ip_address = self.request.remote_ip
self.user.authorize(self.sid, None, bypass=True)
return True
return False
def get_next(sid):
line = cache.get_station(sid, "request_line")
if not line:
return None
song = None
for pos in range(0, len(line)):
if not line[pos]:
pass # ?!?!
elif 'skip' in line[pos] and line[pos]['skip']:
log.debug("request", "Passing on user %s since they're marked as skippable." % line[pos]['username'])
elif not line[pos]['song_id']:
log.debug("request", "Passing on user %s since they have no valid first song." % line[pos]['username'])
else:
entry = line.pop(pos)
song = playlist.Song.load_from_id(entry['song_id'], sid)
log.debug("request", "Fulfilling %s's request for %s." % (entry['username'], song.filename))
song.data['elec_request_user_id'] = entry['user_id']
song.data['elec_request_username'] = entry['username']
u = User(entry['user_id'])
db.c.update("DELETE FROM r4_request_store WHERE user_id = %s AND song_id = %s", (u.id, entry['song_id']))
u.remove_from_request_line()
request_count = db.c.fetch_var("SELECT COUNT(*) FROM r4_request_history WHERE user_id = %s", (u.id,)) + 1
db.c.update("DELETE FROM r4_request_store WHERE song_id = %s AND user_id = %s", (song.id, u.id))
db.c.update("INSERT INTO r4_request_history (user_id, song_id, request_wait_time, request_line_size, request_at_count, sid) "
"VALUES (%s, %s, %s, %s, %s, %s)",
(u.id, song.id, timestamp() - entry['line_wait_start'], len(line), request_count, sid))
db.c.update("UPDATE phpbb_users SET radio_totalrequests = %s WHERE user_id = %s", (request_count, u.id))
song.update_request_count(sid)
break
return song
def prepare(self):
super(MainIndex, self).prepare()
if not cache.get_station(self.sid, "sched_current"):
raise APIException(
"server_just_started",
"Rainwave is Rebooting, Please Try Again in a Few Minutes",
http_code=500)
# self.json_payload = {}
self.jsfiles = None
if not self.user:
self.user = User(1)
self.user.ensure_api_key()
if self.beta or config.get("web_developer_mode") or config.get(
"developer_mode") or config.get("test_mode"):
buildtools.bake_beta_css()
buildtools.bake_beta_templates()
self.jsfiles = []
for root, subdirs, files in os.walk(
os.path.join(os.path.dirname(__file__),
"../static/%s" % self.js_dir)): #pylint: disable=W0612
for f in files:
if f.endswith(".js"):
self.jsfiles.append(
os.path.join(
root[root.find("static/%s" % self.js_dir):],
f))
def test_check_song_for_conflict(self):
db.c.update("DELETE FROM r4_listeners")
db.c.update("DELETE FROM r4_request_store")
e = Election.create(1)
self.assertEqual(False, e._check_song_for_conflict(self.song1))
u = User(2)
u.authorize(sid=1, ip_address=None, api_key=None, bypass=True)
self.assertEqual(1, u.put_in_request_line(1))
# TODO: Use proper request/user methods here instead of DB call
db.c.update(
"UPDATE r4_request_line SET line_top_song_id = %s, line_expiry_tune_in = %s WHERE user_id = %s",
(self.song1.id, int(time.time()) + 9999, u.id))
db.c.update(
"INSERT INTO r4_listeners (sid, user_id, listener_icecast_id) VALUES (1, %s, 1)",
(u.id, ))
db.c.update(
"INSERT INTO r4_request_store (user_id, song_id, sid) VALUES (%s, %s, 1)",
(u.id, self.song1.id))
request.update_cache(1)
request.update_expire_times()
cache.update_local_cache_for_sid(1)
self.assertEqual(True, e._check_song_for_conflict(self.song1))
self.assertEqual(True, e._check_song_for_conflict(self.song5))
self.assertEqual(event.ElecSongTypes.conflict,
self.song5.data['entry_type'])
self.assertEqual(event.ElecSongTypes.request,
self.song1.data['entry_type'])
def rainwave_auth(self):
user_id_present = "user_id" in self.request.arguments
if self.auth_required and not user_id_present:
raise APIException("missing_argument",
argument="user_id",
http_code=400)
if user_id_present and not fieldtypes.numeric(
self.get_argument("user_id")):
# do not spit out the user ID back at them, that would create a potential XSS hack
raise APIException("invalid_argument",
argument="user_id",
reason="not numeric.",
http_code=400)
if (self.auth_required
or user_id_present) and not "key" in self.request.arguments:
raise APIException("missing_argument",
argument="key",
http_code=400)
if user_id_present:
self.user = User(long(self.get_argument("user_id")))
self.user.ip_address = self.request.remote_ip
self.user.authorize(self.sid, self.get_argument("key"))
if not self.user.authorized:
raise APIException("auth_failed", http_code=403)
else:
self._update_phpbb_session(
self._get_phpbb_session(self.user.id))
def prepare(self):
if self.path_kwargs.get("station"):
self.sid = config.stream_filename_to_sid.get(
self.path_kwargs["station"])
if not self.sid:
self.redirect(config.get("base_site_url"))
return
super(MainIndex, self).prepare()
if self.path_kwargs.get("station") is None:
self.redirect("{}{}/".format(
config.get("base_site_url"),
config.station_mount_filenames[self.sid],
))
return
if config.get("enforce_ssl") and self.request.protocol != "https":
self.redirect("{}{}/".format(
config.get("base_site_url"),
config.station_mount_filenames[self.sid],
))
return
if not config.get("developer_mode"
) and self.request.host != config.get("hostname"):
self.redirect("{}{}/".format(
config.get("base_site_url"),
config.station_mount_filenames[self.sid],
))
return
if not cache.get_station(self.sid, "sched_current"):
raise APIException(
"server_just_started",
"Rainwave is Rebooting, Please Try Again in a Few Minutes",
http_code=500,
)
self.jsfiles = None
if not self.user:
self.user = User(1)
self.user.ip_address = self.request.remote_ip
self.user.ensure_api_key()
if (self.beta or config.get("web_developer_mode")
or config.get("developer_mode") or config.get("test_mode")):
buildtools.bake_beta_css()
buildtools.bake_beta_templates()
self.jsfiles = []
for root, _subdirs, files in os.walk(
os.path.join(os.path.dirname(__file__),
"../static/%s" % self.js_dir)):
for f in files:
if f.endswith(".js"):
self.jsfiles.append(
os.path.join(
root[root.find("static/%s" % self.js_dir):],
f))
def fill(self, target_song_length=None, skip_requests=False):
# ONLY RUN _ADD_REQUESTS ONCE PER FILL
if not skip_requests:
self._add_requests()
for i in range(len(self.songs), self._num_songs): #pylint: disable=W0612
try:
if not target_song_length and len(
self.songs) > 0 and 'length' in self.songs[0].data:
target_song_length = self.songs[0].data['length']
log.debug(
"elec_fill",
"Second song in election, aligning to length %s" %
target_song_length)
song = self._fill_get_song(target_song_length)
song.data['entry_votes'] = 0
song.data['entry_type'] = ElecSongTypes.normal
song.data['elec_request_user_id'] = 0
song.data['elec_request_username'] = None
self._check_song_for_conflict(song)
self.add_song(song)
except Exception as e:
log.exception("elec_fill",
"Song failed to fill in an election.", e)
if len(self.songs) == 0:
raise ElectionEmptyException
for song in self.songs:
if 'elec_request_user_id' in song.data and song.data[
'elec_request_user_id']:
log.debug(
"elec_fill",
"Putting user %s back in line after request fulfillment." %
song.data['elec_request_username'])
u = User(song.data['elec_request_user_id'])
u.put_in_request_line(u.get_tuned_in_sid())
request.update_line(self.sid)
def get_next(sid):
line = cache.get_station(sid, "request_line")
if not line:
return None
song = None
for pos in range(0, len(line)):
if not line[pos]:
pass # ?!?!
elif not line[pos]['song_id']:
log.debug("request", "Passing on user %s since they have no valid first song." % line[pos]['username'])
else:
entry = line.pop(pos)
song = playlist.Song.load_from_id(entry['song_id'], sid)
log.debug("request", "Fulfilling %s's request for %s." % (entry['username'], song.filename))
song.data['elec_request_user_id'] = entry['user_id']
song.data['elec_request_username'] = entry['username']
u = User(entry['user_id'])
db.c.update("DELETE FROM r4_request_store WHERE user_id = %s AND song_id = %s", (u.id, entry['song_id']))
u.remove_from_request_line()
if u.has_requests():
u.put_in_request_line(u.get_tuned_in_sid())
request_count = db.c.fetch_var("SELECT COUNT(*) FROM r4_request_history WHERE user_id = %s", (u.id,)) + 1
db.c.update("DELETE FROM r4_request_store WHERE song_id = %s AND user_id = %s", (song.id, u.id))
db.c.update("INSERT INTO r4_request_history (user_id, song_id, request_wait_time, request_line_size, request_at_count, sid) "
"VALUES (%s, %s, %s, %s, %s, %s)",
(u.id, song.id, time.time() - entry['line_wait_start'], len(line), request_count, sid))
db.c.update("UPDATE phpbb_users SET radio_totalrequests = %s WHERE user_id = %s", (request_count, u.id))
song.update_request_count(sid)
# If we fully update the line, the user may sneak in and get 2 requests in the same election.
# This is not a good idea, so we leave it to the scheduler to issue the full cache update.
cache.set_station(sid, "request_line", line, True)
break
return song
def _do_auth(self, message):
try:
if not "user_id" in message or not message['user_id']:
self.write_message({ "wserror": { "tl_key": "missing_argument", "text": self.locale.translate("missing_argument", argument="user_id") } })
if not isinstance(message['user_id'], numbers.Number):
self.write_message({ "wserror": { "tl_key": "invalid_argument", "text": self.locale.translate("invalid_argument", argument="user_id") } })
if not "key" in message or not message['key']:
self.write_message({ "wserror": { "tl_key": "missing_argument", "text": self.locale.translate("missing_argument", argument="key") } })
self.user = User(message['user_id'])
self.user.ip_address = self.request.remote_ip
self.user.authorize(None, message['key'])
if not self.user.authorized:
self.write_message({ "wserror": { "tl_key": "auth_failed", "text": self.locale.translate("auth_failed") } })
self.close()
return
self.authorized = True
self.uuid = str(uuid.uuid4())
global sessions
sessions[self.sid].append(self)
self.votes_by_key = self.request.remote_ip if self.user.is_anonymous() else self.user.id
self.refresh_user()
# no need to send the user's data to the user as that would have come with bootstrap
# and will come with each synchronization of the schedule anyway
self.write_message({ "wsok": True })
# since this will be the first action in any websocket interaction though,
# it'd be a good time to send a station offline message.
self._station_offline_check()
except Exception as e:
log.exception("websocket", "Exception during authentication.", e)
self.close()
def prepare(self):
super(MainIndex, self).prepare()
self.json_payload = []
if not self.user:
self.user = User(1)
self.user.ensure_api_key(self.request.remote_ip)
self.user.data['sid'] = self.sid
def prepare(self):
super(Bootstrap, self).prepare()
if not self.user:
self.user = User(1)
self.user.ensure_api_key()
self.is_mobile = self.request.headers.get("User-Agent").lower().find(
"mobile") != -1 or self.request.headers.get(
"User-Agent").lower().find("android") != -1
def setup_rainwave_session_and_redirect(self, user_id, destination):
session_id = str(uuid.uuid4())
db.c.update(
"INSERT INTO r4_sessions (session_id, user_id) VALUES (%s, %s)",
(session_id, user_id,)
)
self.set_cookie("r4_session_id", session_id)
if destination == "app" or destination == "rw":
user = User(user_id)
user.authorize(1, None, bypass=True)
self.redirect("rw://%s:%[email protected]" % (user.id, user.ensure_api_key()),)
elif destination == "rwpath":
user = User(user_id)
user.authorize(1, None, bypass=True)
self.redirect("rwpath://rainwave.cc/%s/%s" % (user.id, user.ensure_api_key()),)
else:
self.redirect("/")
def prepare(self):
if self.local_only and not self.request.remote_ip in config.get("api_trusted_ip_addresses"):
log.info("api", "Rejected %s request from %s, untrusted address." % (self.url, self.request.remote_ip))
raise APIException("rejected", text="You are not coming from a trusted address.")
if self.allow_cors:
self.set_header("Access-Control-Allow-Origin", "*")
self.set_header("Access-Control-Max-Age", "600")
self.set_header("Access-Control-Allow-Credentials", "false")
if not isinstance(self.locale, locale.RainwaveLocale):
self.locale = self.get_browser_locale()
self.setup_output()
if 'in_order' in self.request.arguments:
self._output = []
self._output_array = True
else:
self._output = {}
self.sid = fieldtypes.integer(self.get_cookie("r4_sid", None))
hostname = self.request.headers.get('Host', None)
if hostname:
hostname = unicode(hostname).split(":")[0]
if hostname in config.station_hostnames:
self.sid = config.station_hostnames[hostname]
sid_arg = fieldtypes.integer(self.get_argument("sid", None))
if sid_arg is not None:
self.sid = sid_arg
if self.sid is None and self.sid_required:
raise APIException("missing_station_id", http_code=400)
self.arg_parse()
self.sid_check()
if self.sid:
self.set_cookie("r4_sid", str(self.sid), expires_days=365, domain=config.get("cookie_domain"))
if self.phpbb_auth:
self.do_phpbb_auth()
else:
self.rainwave_auth()
if not self.user and self.auth_required:
raise APIException("auth_required", http_code=403)
elif not self.user and not self.auth_required:
self.user = User(1)
self.user.ip_address = self.request.remote_ip
self.user.refresh(self.sid)
if self.user and config.get("store_prefs"):
self.user.save_preferences(self.request.remote_ip, self.get_cookie("r4_prefs", None))
self.permission_checks()
def do_rw_session_auth(self):
rw_session_id = self.get_cookie("r4_session_id")
if rw_session_id:
user_id = db.c.fetch_var("SELECT user_id FROM r4_sessions WHERE session_id = %s", (rw_session_id,))
if user_id:
self.user = User(user_id)
self.user.ip_address = self.request.remote_ip
self.user.authorize(self.sid, None, bypass=True)
return True
return False
def update_line(sid):
# Get everyone in the line
line = db.c.fetch_all(
"SELECT username, user_id, line_expiry_tune_in, line_expiry_election, line_wait_start FROM r4_request_line JOIN phpbb_users USING (user_id) WHERE sid = %s ORDER BY line_wait_start",
(sid, ))
new_line = []
# user_positions has user_id as a key and position as the value, this is cached for quick lookups by API requests
# so users know where they are in line
user_positions = {}
t = int(time.time())
position = 1
# For each person
for row in line:
add_to_line = False
u = User(row['user_id'])
u.refresh_sid = sid
row['song_id'] = None
# If their time is up, remove them and don't add them to the new line
if row['line_expiry_tune_in'] and row['line_expiry_tune_in'] <= t:
u.remove_from_request_line()
else:
u.refresh()
# do nothing if they're not tuned in
if not u.data['radio_tuned_in']:
pass
else:
# Get their top song ID
song_id = u.get_top_request_song_id(sid)
# If they have no song and their line expiry has arrived, boot 'em
if not song_id and row['line_expiry_election'] and (
row['line_expiry_election'] <= t):
u.remove_from_request_line()
# Give them a second chance if they still have requests
# They'll get added to the line of whatever station they're tuned in to (if any!)
if u.has_requests():
u.put_in_request_line(u.get_tuned_in_sid())
# If they have no song, start the expiry countdown
elif not song_id:
row['line_expiry_election'] = t + 600
db.c.update(
"UPDATE r4_request_line SET line_expiry_election = %s WHERE user_id = %s",
(row['line_expiry_election'], row['user_id']))
add_to_line = True
# Keep 'em in line
else:
row['song_id'] = song_id
add_to_line = True
if add_to_line:
new_line.append(row)
user_positions[u.id] = position
position = position + 1
cache.set_station(sid, "request_line", new_line, True)
cache.set_station(sid, "request_user_positions", user_positions, True)
def get_next(sid):
entry, line = get_next_entry(sid)
if not entry:
return None
user = User(entry["user_id"])
user.data["name"] = entry["username"]
song = playlist.Song.load_from_id(entry["song_id"], sid)
mark_request_filled(sid, user, song, entry, line)
return song
def do_phpbb_auth(self):
phpbb_cookie_name = config.get("phpbb_cookie_name")
self.user = None
if not fieldtypes.integer(self.get_cookie(phpbb_cookie_name + "u", "")):
self.user = User(1)
else:
user_id = int(self.get_cookie(phpbb_cookie_name + "u"))
if self._verify_phpbb_session(user_id):
# update_phpbb_session is done by verify_phpbb_session if successful
self.user = User(user_id)
self.user.authorize(self.sid, None, None, True)
return True
if not self.user and self.get_cookie(phpbb_cookie_name + "k"):
can_login = db.c_old.fetch_var("SELECT 1 FROM phpbb_sessions_keys WHERE key_id = %s AND user_id = %s", (hashlib.md5(self.get_cookie(phpbb_cookie_name + "k")).hexdigest(), user_id))
if can_login == 1:
self._update_phpbb_session(self._get_phpbb_session(user_id))
self.user = User(user_id)
self.user.authorize(self.sid, None, None, True)
return True
return False
def test_get_request(self):
db.c.update("DELETE FROM r4_listeners")
db.c.update("DELETE FROM r4_request_store")
u = User(2)
u.authorize(1, None, None, True)
u.put_in_request_line(1)
# TODO: Use proper request class here instead of DB call
db.c.update("INSERT INTO r4_listeners (sid, user_id, listener_icecast_id) VALUES (1, %s, 1)", (u.id,))
db.c.update("INSERT INTO r4_request_store (user_id, song_id, sid) VALUES (%s, %s, 1)", (u.id, self.song1.id,))
e = Election.create(1)
req = e.get_request()
self.assertNotEqual(None, req)
self.assertEqual(self.song1.id, req.id)
def get_next_ignoring_cooldowns(sid):
line = db.c.fetch_all(LINE_SQL, (sid, ))
if not line or len(line) == 0:
return None
entry = line[0]
user = User(entry["user_id"])
user.data["name"] = entry["username"]
song = playlist.Song.load_from_id(user.get_top_request_song_id_any(sid),
sid)
mark_request_filled(sid, user, song, entry, line)
return song
def prepare(self):
super(MainIndex, self).prepare()
self.json_payload = {}
self.jsfiles = None
if not self.user:
self.user = User(1)
self.user.ensure_api_key()
if self.beta or config.get("web_developer_mode") or config.get(
"developer_mode") or config.get("test_mode"):
buildtools.bake_beta_css()
self.jsfiles = []
for root, subdirs, files in os.walk(
os.path.join(os.path.dirname(__file__), "../static/js4")):
for f in files:
self.jsfiles.append(
os.path.join(root[root.find("static/js4"):], f))
def get_next(sid):
line = cache.get_station(sid, "request_line")
if not line:
return None
song = None
for pos in range(0, len(line)):
if not line[pos] or not line[pos]['song_id']:
pass
else:
entry = line.pop(pos)
song = playlist.Song.load_from_id(entry['song_id'], sid)
song.data['elec_request_user_id'] = entry['user_id']
song.data['elec_request_username'] = entry['username']
u = User(entry['user_id'])
db.c.update(
"DELETE FROM r4_request_store WHERE user_id = %s AND song_id = %s",
(u.id, entry['song_id']))
u.remove_from_request_line()
user_sid = u.get_tuned_in_sid()
if u.has_requests():
u.put_in_request_line(user_sid)
request_count = db.c.fetch_var(
"SELECT COUNT(*) FROM r4_request_history WHERE user_id = %s",
(u.id, )) + 1
db.c.update(
"DELETE FROM r4_request_store WHERE song_id = %s AND user_id = %s",
(song.id, u.id))
db.c.update(
"INSERT INTO r4_request_history (user_id, song_id, request_wait_time, request_line_size, request_at_count) "
"VALUES (%s, %s, %s, %s, %s)",
(u.id, song.id, time.time() - entry['line_wait_start'],
len(line), request_count))
# Update the user's request cache
u.get_requests(refresh=True)
cache.set_station(sid, "request_line", line, True)
break
return song
def update_line(sid):
# Get everyone in the line
line = db.c.fetch_all(
"SELECT username, user_id, line_expiry_tune_in, line_expiry_election, line_wait_start FROM r4_request_line JOIN phpbb_users USING (user_id) WHERE r4_request_line.sid = %s AND radio_requests_paused = FALSE ORDER BY line_wait_start",
(sid, ))
new_line = []
# user_positions has user_id as a key and position as the value, this is cached for quick lookups by API requests
# so users know where they are in line
user_positions = {}
t = int(time.time())
albums_with_requests = []
position = 1
# For each person
for row in line:
add_to_line = False
u = User(row['user_id'])
row['song_id'] = None
# If their time is up, remove them and don't add them to the new line
if row['line_expiry_tune_in'] and row['line_expiry_tune_in'] <= t:
log.debug(
"request_line",
"%s: Removed user ID %s from line for tune in timeout, expiry time %s current time %s"
% (sid, u.id, row['line_expiry_tune_in'], t))
u.remove_from_request_line()
else:
tuned_in_sid = db.c.fetch_var(
"SELECT sid FROM r4_listeners WHERE user_id = %s AND sid = %s AND listener_purge = FALSE",
(u.id, sid))
tuned_in = True if tuned_in_sid == sid else False
if tuned_in:
# Get their top song ID
song_id = u.get_top_request_song_id(sid)
# If they have no song and their line expiry has arrived, boot 'em
if not song_id and row['line_expiry_election'] and (
row['line_expiry_election'] <= t):
log.debug(
"request_line",
"%s: Removed user ID %s from line for election timeout, expiry time %s current time %s"
% (sid, u.id, row['line_expiry_election'], t))
u.remove_from_request_line()
# Give them more chances if they still have requests
# They'll get added to the line of whatever station they're tuned in to (if any!)
if u.has_requests():
u.put_in_request_line(u.get_tuned_in_sid())
# If they have no song, start the expiry countdown
elif not song_id and not row['line_expiry_election']:
row['line_expiry_election'] = t + 900
db.c.update(
"UPDATE r4_request_line SET line_expiry_election = %s WHERE user_id = %s",
((t + 900), row['user_id']))
add_to_line = True
# Keep 'em in line
else:
if song_id:
albums_with_requests.append(
db.c.fetch_var(
"SELECT album_id FROM r4_songs WHERE song_id = %s",
(song_id, )))
row['song_id'] = song_id
add_to_line = True
elif not row['line_expiry_tune_in'] or row[
'line_expiry_tune_in'] == 0:
db.c.update(
"UPDATE r4_request_line SET line_expiry_tune_in = %s WHERE user_id = %s",
((t + 900), row['user_id']))
add_to_line = True
else:
add_to_line = True
if add_to_line:
new_line.append(row)
user_positions[u.id] = position
position = position + 1
cache.set_station(sid, "request_line", new_line, True)
cache.set_station(sid, "request_user_positions", user_positions, True)
db.c.update(
"UPDATE r4_album_sid SET album_requests_pending = NULL WHERE album_requests_pending = TRUE AND sid = %s",
(sid, ))
for album_id in albums_with_requests:
db.c.update(
"UPDATE r4_album_sid SET album_requests_pending = TRUE WHERE album_id = %s AND sid = %s",
(album_id, sid))
return new_line
def _process_line(line, sid):
new_line = []
# user_positions has user_id as a key and position as the value, this is cached for quick lookups by API requests
# so users know where they are in line
user_positions = {}
t = int(timestamp())
albums_with_requests = []
position = 1
user_viewable_position = 1
valid_positions = 0
# For each person
for row in line:
add_to_line = False
u = User(row["user_id"])
row["song_id"] = None
# If their time is up, remove them and don't add them to the new line
if row["line_expiry_tune_in"] and row["line_expiry_tune_in"] <= t:
log.debug(
"request_line",
"%s: Removed user ID %s from line for tune in timeout, expiry time %s current time %s"
% (sid, u.id, row["line_expiry_tune_in"], t),
)
u.remove_from_request_line()
else:
tuned_in_sid = db.c.fetch_var(
"SELECT sid FROM r4_listeners WHERE user_id = %s AND sid = %s AND listener_purge = FALSE",
(u.id, sid),
)
tuned_in = True if tuned_in_sid == sid else False
if tuned_in:
# Get their top song ID
song_id = u.get_top_request_song_id(sid)
if song_id and not row["line_has_had_valid"]:
row["line_has_had_valid"] = True
db.c.update(
"UPDATE r4_request_line SET line_has_had_valid = TRUE WHERE user_id = %s",
(u.id, ),
)
if row["line_has_had_valid"]:
valid_positions += 1
# If they have no song and their line expiry has arrived, boot 'em
if (not song_id and row["line_expiry_election"]
and (row["line_expiry_election"] <= t)):
log.debug(
"request_line",
"%s: Removed user ID %s from line for election timeout, expiry time %s current time %s"
% (sid, u.id, row["line_expiry_election"], t),
)
u.remove_from_request_line()
# Give them more chances if they still have requests
# They'll get added to the line of whatever station they're tuned in to (if any!)
if u.has_requests():
u.put_in_request_line(u.get_tuned_in_sid())
# If they have no song and they're in 2nd or 1st, start the expiry countdown
elif not song_id and not row[
"line_expiry_election"] and position <= 2:
log.debug(
"request_line",
"%s: User ID %s has no valid requests, beginning boot countdown."
% (sid, u.id),
)
row["line_expiry_election"] = t + 900
db.c.update(
"UPDATE r4_request_line SET line_expiry_election = %s WHERE user_id = %s",
((t + 900), row["user_id"]),
)
add_to_line = True
# Keep 'em in line
else:
log.debug("request_line",
"%s: User ID %s is in line." % (sid, u.id))
if song_id:
albums_with_requests.append(
db.c.fetch_var(
"SELECT album_id FROM r4_songs WHERE song_id = %s",
(song_id, ),
))
row["song"] = db.c.fetch_row(
"SELECT song_id AS id, song_title AS title, album_name FROM r4_songs JOIN r4_albums USING (album_id) WHERE song_id = %s",
(song_id, ),
)
else:
row["song"] = None
row["song_id"] = song_id
add_to_line = True
elif not row["line_expiry_tune_in"] or row[
"line_expiry_tune_in"] == 0:
log.debug(
"request_line",
"%s: User ID %s being marked as tuned out." % (sid, u.id),
)
db.c.update(
"UPDATE r4_request_line SET line_expiry_tune_in = %s WHERE user_id = %s",
((t + 600), row["user_id"]),
)
add_to_line = True
else:
log.debug(
"request_line",
"%s: User ID %s not tuned in, waiting on expiry for action."
% (sid, u.id),
)
add_to_line = True
row["skip"] = not add_to_line
row["position"] = user_viewable_position
new_line.append(row)
user_positions[u.id] = user_viewable_position
user_viewable_position = user_viewable_position + 1
if add_to_line:
position = position + 1
log.debug("request_line",
"Request line valid positions: %s" % valid_positions)
cache.set_station(sid, "request_valid_positions", valid_positions)
cache.set_station(sid, "request_line", new_line, True)
cache.set_station(sid, "request_user_positions", user_positions, True)
db.c.update(
"UPDATE r4_album_sid SET album_requests_pending = NULL WHERE album_requests_pending = TRUE AND sid = %s",
(sid, ),
)
for album_id in albums_with_requests:
db.c.update(
"UPDATE r4_album_sid SET album_requests_pending = TRUE WHERE album_id = %s AND sid = %s",
(album_id, sid),
)
return new_line
def prepare(self):
super(Bootstrap, self).prepare()
if not self.user:
self.user = User(1)
self.user.ensure_api_key()
def prepare(self):
if self.local_only and not self.request.remote_ip in config.get(
"api_trusted_ip_addresses"):
log.info(
"api", "Rejected %s request from %s, untrusted address." %
(self.url, self.request.remote_ip))
raise APIException(
"rejected", text="You are not coming from a trusted address.")
if not isinstance(self.locale, locale.RainwaveLocale):
self.locale = self.get_browser_locale()
if not self.return_name:
self.return_name = self.url[self.url.rfind("/") + 1:] + "_result"
else:
self.return_name = self.return_name
if self.admin_required or self.dj_required:
self.login_required = True
if 'in_order' in self.request.arguments:
self._output = []
self._output_array = True
else:
self._output = {}
self.sid = fieldtypes.integer(self.get_cookie("r4_sid", None))
hostname = self.request.headers.get('Host', None)
if hostname:
hostname = unicode(hostname).split(":")[0]
if hostname in config.station_hostnames:
self.sid = config.station_hostnames[hostname]
self.sid = fieldtypes.integer(self.get_argument("sid",
None)) or self.sid
if self.sid and not self.sid in config.station_ids:
self.sid = None
if not self.sid and self.sid_required:
raise APIException("missing_station_id", http_code=400)
for field, field_attribs in self.__class__.fields.iteritems():
type_cast, required = field_attribs
if required and field not in self.request.arguments:
raise APIException("missing_argument",
argument=field,
http_code=400)
elif not required and field not in self.request.arguments:
self.cleaned_args[field] = None
else:
parsed = type_cast(self.get_argument(field), self)
if parsed == None and required != None:
raise APIException(
"invalid_argument",
argument=field,
reason="%s %s" %
(field,
getattr(fieldtypes, "%s_error" % type_cast.__name__)),
http_code=400)
else:
self.cleaned_args[field] = parsed
if not self.sid and not self.sid_required:
self.sid = 5
if not self.sid in config.station_ids:
raise APIException("invalid_station_id", http_code=400)
self.set_cookie("r4_sid",
str(self.sid),
expires_days=365,
domain=config.get("cookie_domain"))
if self.phpbb_auth:
self.do_phpbb_auth()
else:
self.rainwave_auth()
if not self.user and self.auth_required:
raise APIException("auth_required", http_code=403)
elif not self.user and not self.auth_required:
self.user = User(1)
self.user.ip_address = self.request.remote_ip
self.user.refresh(self.sid)
if self.login_required and (not self.user or self.user.is_anonymous()):
raise APIException("login_required", http_code=403)
if self.tunein_required and (not self.user
or not self.user.is_tunedin()):
raise APIException("tunein_required", http_code=403)
if self.admin_required and (not self.user or not self.user.is_admin()):
raise APIException("admin_required", http_code=403)
if self.dj_required and (not self.user or not self.user.is_dj()):
raise APIException("dj_required", http_code=403)
if self.perks_required and (not self.user
or not self.user.has_perks()):
raise APIException("perks_required", http_code=403)
if self.unlocked_listener_only and not self.user:
raise APIException("auth_required", http_code=403)
elif self.unlocked_listener_only and self.user.data[
'lock'] and self.user.data['lock_sid'] != self.sid:
raise APIException(
"unlocked_only",
station=config.station_id_friendly[self.user.data['lock_sid']],
lock_counter=self.user.data['lock_counter'],
http_code=403)
