def rest__send_user_feedback__email():
"""
REST API endpoint: send user feedback by email along with screen capture attachments
"""
def sanitize_input(req):
req_dict = req.get_json()
url = req_dict['url']
note = req_dict['note']
img = decode_base64_uri(req_dict['img'])
html = req_dict['html']
user_agent = req_dict['browser']['userAgent']
return RZ_User_Feedback(url=url,
note=note,
img=img,
html=html,
user_agent=user_agent)
try:
u_feedback = sanitize_input(request)
except:
log.warn('failed to sanitize inputs. request: %s' % request)
return make_response__json(status=400) # bad Request
# FIXME: should be async via celery (or another method)
session_user = session.get('username')
msg_body = [
'Feedback from user:'******'',
'user: %s' % (session_user if session_user else "<not-logged-in>"),
'user-agent: %s' % (u_feedback.user_agent),
'watching URL: %s' % (u_feedback.url),
'user-note: %s' % (u_feedback.note), ''
]
msg_body = '\n'.join(msg_body)
try:
send_email__flask_ctx(
recipients=[current_app.rz_config.feedback_recipient],
subject="User Feedback",
body=msg_body,
attachments=[
('feedback_screenshot.png', 'image/png', u_feedback.img),
('feedback_page.html', 'text/html',
u_feedback.html.encode('utf-8')),
])
return make_response__json() # return empty json response
except Exception:
log.exception(
'send_user_feedback__email: exception while sending email'
) # exception derived from stack
return make_response__json(status=500)
def rest__send_user_feedback__email():
"""
REST API endpoint: send user feedback by email along with screen capture attachments
"""
def sanitize_input(req):
req_dict = req.get_json()
url = req_dict['url']
note = req_dict['note']
img = decode_base64_uri(req_dict['img'])
html = req_dict['html']
user_agent = req_dict['browser']['userAgent']
return RZ_User_Feedback(url=url,
note=note,
img=img,
html=html,
user_agent=user_agent)
try:
u_feedback = sanitize_input(request)
except:
log.warn('failed to sanitize inputs. request: %s' % request)
return make_response__json(status=400) # bad Request
# FIXME: should be async via celery (or another method)
session_user = session.get('username')
msg_body = ['Feedback from user:'******'',
'user: %s' % (session_user if session_user else "<not-logged-in>"),
'user-agent: %s' % (u_feedback.user_agent),
'watching URL: %s' % (u_feedback.url),
'user-note: %s' % (u_feedback.note),
''
]
msg_body = '\n'.join(msg_body)
try:
send_email__flask_ctx(recipients=[current_app.rz_config.feedback_recipient],
subject="User Feedback",
body=msg_body,
attachments=[('feedback_screenshot.png', 'image/png', u_feedback.img),
('feedback_page.html', 'text/html', u_feedback.html.encode('utf-8')),
])
return make_response__json() # return empty json response
except Exception:
log.exception('send_user_feedback__email: exception while sending email') # exception derived from stack
return make_response__json(status=500)
def socketio_route_handler(url_path):
# FIXME: rm if unused
if None == request.environ.get('socketio'): # attempt ws upgrade process for non socketio clients
header__upgrade = request.headers.get('Upgrade')
if 'websocket' == header__upgrade:
resp = make_response__http__empty(101) # 'switching protocols' HTTP status code
resp.headers['Upgrade'] = 'websocket'
resp.headers['Connection'] = 'Upgrade'
rmt_addr, rmt_port = request.req_probe__sock_addr.probe_client_socket_addr__ws_conn(request.environ)
log.debug('ws: \'Upgrade: websocket\' header detected, serving \'101\': remote-socket-addr: %s:%s' % (rmt_addr, rmt_port))
return resp
else:
raise Exception('ws: failed to obtain socketio object from WSGI environment')
# init websocket-env
ws_req_env = WS_Req_Env()
ws_req_env.kernel = kernel
ws_req_env.peer_sock_addr = ws_srv.req_probe__sock_addr.probe_client_socket_addr__ws_conn(request.environ)
try:
socketio_manage(request.environ, {'/graph': WebSocket_Graph_NS}, ws_req_env) # connect socketio manager
except:
log.exception("ws: exception while handling connection", exc_info=True)
return make_response__json(status=HTTP_STATUS__500_INTERNAL_SERVER_ERROR)
def rest__login():
def sanitize_input(req):
req_json = request.get_json()
email_address = req_json['email_address']
p = req_json['password']
return email_address, p
if request.method == 'POST':
try:
email_address, p = sanitize_input(request)
except:
log.warn('failed to sanitize inputs. request: %s' % request)
return make_response__json(
status=HTTP_STATUS__401_UNAUTORIZED) # return empty response
u_account = None
try:
_uid, u_account = current_app.user_db.lookup_user__by_email_address(
email_address)
except:
log.warn(
'login: login attempt to unknown account: email_address: \'%s\''
% (email_address))
return make_response__json(
status=HTTP_STATUS__401_UNAUTORIZED) # return empty response
try:
salt = current_app.rz_config.secret_key
pw_hash = hash_pw(p, salt)
current_app.user_db.validate_login(
email_address=u_account.email_address, pw_hash=pw_hash)
except Exception as e:
# login failed
log.warn('login: unauthorized: user: %s' % (email_address))
return make_response__json(
status=HTTP_STATUS__401_UNAUTORIZED) # return empty response
# login successful
session['username'] = email_address
log.debug('login: success: user: %s' % (email_address))
return make_response__json(
status=HTTP_STATUS__200_OK) # return empty response
if request.method == 'GET':
return render_template(
'login.html', signup_enabled=current_app.rz_config.signup_enabled)
def rzdoc__create(rzdoc_name):
"""
create RZ doc
"""
s_rzdoc_name = sanitize_input__rzdoc_name(rzdoc_name)
kernel = flask.current_app.kernel
ctx = __context__common(rzdoc_name=None) # avoid rzdoc cache lookup exception
try:
kernel.rzdoc__create(s_rzdoc_name, ctx)
except RZDoc_Exception__already_exists as e:
return common_resp_handle__server_error(error='rzdoc already exists')
return make_response__json(status=HTTP_STATUS__201_CREATED)
def rzdoc__create(rzdoc_name):
"""
create RZ doc
"""
s_rzdoc_name = sanitize_input__rzdoc_name(rzdoc_name)
kernel = flask.current_app.kernel
ctx = __context__common(
rzdoc_name=None) # avoid rzdoc cache lookup exception
try:
kernel.rzdoc__create(s_rzdoc_name, ctx)
except RZDoc_Exception__already_exists as e:
return common_resp_handle__server_error(error='rzdoc already exists')
return make_response__json(status=HTTP_STATUS__201_CREATED)
def rest__login():
def sanitize_input(req):
req_json = request.get_json()
email_address = req_json['email_address']
p = req_json['password']
return email_address, p
if request.method == 'POST':
try:
email_address, p = sanitize_input(request)
except:
log.warn('failed to sanitize inputs. request: %s' % request)
return make_response__json(status=HTTP_STATUS__401_UNAUTORIZED) # return empty response
u_account = None
try:
_uid, u_account = current_app.user_db.lookup_user__by_email_address(email_address)
except:
log.warn('login: login attempt to unknown account: email_address: \'%s\'' % (email_address))
return make_response__json(status=HTTP_STATUS__401_UNAUTORIZED) # return empty response
try:
salt = current_app.rz_config.secret_key
pw_hash = hash_pw(p, salt)
current_app.user_db.validate_login(email_address=u_account.email_address, pw_hash=pw_hash)
except Exception as e:
# login failed
log.warn('login: unauthorized: user: %s' % (email_address))
return make_response__json(status=HTTP_STATUS__401_UNAUTORIZED) # return empty response
# login successful
session['username'] = email_address
log.debug('login: success: user: %s' % (email_address))
return make_response__json(status=HTTP_STATUS__200_OK) # return empty response
if request.method == 'GET':
return render_template('login.html', signup_enabled=current_app.rz_config.signup_enabled)
def rest__logout():
"""
REST API endpoint: logout
"""
# remove the username from the session if it's there
u = session.pop('username', None)
assert None != u # assert user session was found - note: /logout is login protected
log.debug('logout: success: user: %s' % (u))
# redirect on GET, invalidate cookie on GET/POST
if request.method == 'GET':
resp = make_response(redirect(url_for('login')))
if request.method == 'POST':
resp = make_response__json()
resp.set_cookie(key='session', value='', expires=0) # UNIX timestamp 0
return resp
def rest__logout():
"""
REST API endpoint: logout
"""
# remove the username from the session if it's there
u = session.pop('username', None)
assert None != u # assert user session was found - note: /logout is login protected
log.debug('logout: success: user: %s' % (u))
# redirect on GET, invalidate cookie on GET/POST
if request.method == 'GET':
resp = make_response(redirect(url_for('login')))
if request.method == 'POST':
resp = make_response__json()
resp.set_cookie(key='session', value='', expires=0) # UNIX timestamp 0
return resp
def socketio_route_handler(url_path):
# FIXME: rm if unused
if None == request.environ.get(
'socketio'
): # attempt ws upgrade process for non socketio clients
header__upgrade = request.headers.get('Upgrade')
if 'websocket' == header__upgrade:
resp = make_response__http__empty(
101) # 'switching protocols' HTTP status code
resp.headers['Upgrade'] = 'websocket'
resp.headers['Connection'] = 'Upgrade'
rmt_addr, rmt_port = request.req_probe__sock_addr.probe_client_socket_addr__ws_conn(
request.environ)
log.debug(
'ws: \'Upgrade: websocket\' header detected, serving \'101\': remote-socket-addr: %s:%s'
% (rmt_addr, rmt_port))
return resp
else:
raise Exception(
'ws: failed to obtain socketio object from WSGI environment'
)
# init websocket-env
ws_req_env = WS_Req_Env()
ws_req_env.kernel = kernel
ws_req_env.peer_sock_addr = ws_srv.req_probe__sock_addr.probe_client_socket_addr__ws_conn(
request.environ)
try:
socketio_manage(request.environ, {'/graph': WebSocket_Graph_NS},
ws_req_env) # connect socketio manager
except:
log.exception("ws: exception while handling connection",
exc_info=True)
return make_response__json(
status=HTTP_STATUS__500_INTERNAL_SERVER_ERROR)
def rzdoc__delete(rzdoc_name):
kernel = flask.current_app.kernel
ctx = __context__common(rzdoc_name)
kernel.rzdoc__delete(ctx.rzdoc, ctx)
return make_response__json(status=HTTP_STATUS__204_NO_CONTENT)
def rzdoc__delete(rzdoc_name):
kernel = flask.current_app.kernel
ctx = __context__common(rzdoc_name)
kernel.rzdoc__delete(ctx.rzdoc, ctx)
return make_response__json(status=HTTP_STATUS__204_NO_CONTENT)
