diff options
| author | François Schmidts <francois.schmidts@gmail.com> | 2014-10-29 14:32:24 +0100 |
|---|---|---|
| committer | François Schmidts <francois.schmidts@gmail.com> | 2015-03-03 22:22:14 +0100 |
| commit | 4c14f36ab73f227bdd7ed636667d8035c33986e0 (patch) | |
| tree | 7deb8919953a72a93553f95b3643e75afdb75110 /pyaggr3g470r | |
| parent | Release 6.1. Updated NEWS.rst (diff) | |
| download | newspipe-4c14f36ab73f227bdd7ed636667d8035c33986e0.tar.gz newspipe-4c14f36ab73f227bdd7ed636667d8035c33986e0.tar.bz2 newspipe-4c14f36ab73f227bdd7ed636667d8035c33986e0.zip | |
global esthetics tweak
Diffstat (limited to 'pyaggr3g470r')
| -rw-r--r-- | pyaggr3g470r/__init__.py | 2 | ||||
| -rw-r--r-- | pyaggr3g470r/lib/__init__.py | 0 | ||||
| -rwxr-xr-x | pyaggr3g470r/lib/client.py | 16 | ||||
| -rw-r--r-- | pyaggr3g470r/models/__init__.py (renamed from pyaggr3g470r/models.py) | 24 | ||||
| -rw-r--r-- | pyaggr3g470r/rest.py | 357 | ||||
| -rw-r--r-- | pyaggr3g470r/views/__init__.py | 2 | ||||
| -rw-r--r-- | pyaggr3g470r/views/api.py | 356 | ||||
| -rw-r--r-- | pyaggr3g470r/views/views.py (renamed from pyaggr3g470r/views.py) | 28 |
8 files changed, 426 insertions, 359 deletions
diff --git a/pyaggr3g470r/__init__.py b/pyaggr3g470r/__init__.py index f3f784f4..4ba54095 100644 --- a/pyaggr3g470r/__init__.py +++ b/pyaggr3g470r/__init__.py @@ -45,4 +45,4 @@ app.jinja_env.filters['datetime'] = format_datetime from flask.ext.restful import Api api = Api(app) -from pyaggr3g470r import views, rest +from pyaggr3g470r import views diff --git a/pyaggr3g470r/lib/__init__.py b/pyaggr3g470r/lib/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/pyaggr3g470r/lib/__init__.py diff --git a/pyaggr3g470r/lib/client.py b/pyaggr3g470r/lib/client.py new file mode 100755 index 00000000..da6b1727 --- /dev/null +++ b/pyaggr3g470r/lib/client.py @@ -0,0 +1,16 @@ +#!/usr/bin/env python +import json +import requests +URL = 'domain.net' + + +def get_client(email, password): + client = requests.session() + client.get(URL + 'api/csrf', verify=False, + data=json.dumps({'email': email, + 'password': password})) + return client + + +def get_articles(client): + return client.get(URL + 'api/v1.0/articles/').json diff --git a/pyaggr3g470r/models.py b/pyaggr3g470r/models/__init__.py index b7a75d5f..2618ed73 100644 --- a/pyaggr3g470r/models.py +++ b/pyaggr3g470r/models/__init__.py @@ -87,6 +87,7 @@ class User(db.Model, UserMixin): def __repr__(self): return '<User %r>' % (self.nickname) + class Role(db.Model): """ Represent a role. @@ -96,6 +97,7 @@ class Role(db.Model): user_id = db.Column(db.Integer, db.ForeignKey('user.id')) + class Feed(db.Model): """ Represent a station. @@ -116,6 +118,16 @@ class Feed(db.Model): def __repr__(self): return '<Feed %r>' % (self.title) + def dump(self): + return {"id": self.id, + "title": self.title, + "description": self.description, + "link": self.link, + "site_link": self.site_link, + "nb_articles": self.articles.count(), + } + + class Article(db.Model): """ Represent an article from a feed. @@ -151,3 +163,15 @@ class Article(db.Model): "link": self.link, "content": self.content }) + def dump(self): + return {"id": self.id, + "title": self.title, + "link": self.link, + "content": self.content, + "readed": self.readed, + "like": self.like, + "date": self.date, + "retrieved_date": self.retrieved_date, + "feed_id": self.source.id, + "feed_name": self.source.title, + } diff --git a/pyaggr3g470r/rest.py b/pyaggr3g470r/rest.py deleted file mode 100644 index 6f5dd9b9..00000000 --- a/pyaggr3g470r/rest.py +++ /dev/null @@ -1,357 +0,0 @@ -#! /usr/bin/env python -# -*- coding: utf-8 -*- - -# pyAggr3g470r - A Web based news aggregator. -# Copyright (C) 2010-2015 Cédric Bonhomme - http://cedricbonhomme.org/ -# -# For more information : https://bitbucket.org/cedricbonhomme/pyaggr3g470r/ -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -__author__ = "Cedric Bonhomme" -__version__ = "$Revision: 0.2 $" -__date__ = "$Date: 2014/06/18 $" -__revision__ = "$Date: 2014/07/05 $" -__copyright__ = "Copyright (c) Cedric Bonhomme" -__license__ = "AGPLv3" - -import re -import dateutil.parser -from functools import wraps -from flask import g, Response, request, session, jsonify -from flask.ext.restful import Resource, reqparse - -import conf -if not conf.ON_HEROKU: - import pyaggr3g470r.search as fastsearch -from pyaggr3g470r import api, db -from pyaggr3g470r.models import User, Article, Feed - -def authenticate(func): - """ - Decorator for the authentication to the web services. - """ - @wraps(func) - def wrapper(*args, **kwargs): - if not getattr(func, 'authenticated', True): - return func(*args, **kwargs) - - # authentication based on the session (already logged on the site) - if 'email' in session or g.user.is_authenticated(): - return func(*args, **kwargs) - - # authentication via HTTP only - auth = request.authorization - try: - email = auth.username - user = User.query.filter(User.email == email).first() - if user and user.check_password(auth.password) and user.activation_key == "": - g.user = user - return func(*args, **kwargs) - except AttributeError: - pass - - return Response('<Authentication required>', 401, - {'WWWAuthenticate':'Basic realm="Login Required"'}) - return wrapper - -class ArticleListAPI(Resource): - """ - Defines a RESTful API for Article elements. - """ - method_decorators = [authenticate] - - def __init__(self): - self.reqparse = reqparse.RequestParser() - self.reqparse.add_argument('title', type = unicode, location = 'json') - self.reqparse.add_argument('content', type = unicode, location = 'json') - self.reqparse.add_argument('link', type = unicode, location = 'json') - self.reqparse.add_argument('date', type = str, location = 'json') - self.reqparse.add_argument('feed_id', type = int, location = 'json') - super(ArticleListAPI, self).__init__() - - def get(self): - """ - Returns a list of articles. - """ - feeds = {feed.id: feed.title for feed in g.user.feeds if feed.enabled} - articles = Article.query.filter(Article.feed_id.in_(feeds.keys()), - Article.user_id == g.user.id) - filter_ = request.args.get('filter_', 'unread') - feed_id = int(request.args.get('feed', 0)) - limit = request.args.get('limit', 1000) - if filter_ != 'all': - articles = articles.filter(Article.readed == (filter_ == 'read')) - if feed_id: - articles = articles.filter(Article.feed_id == feed_id) - - articles = articles.order_by(Article.date.desc()) - if limit != 'all': - limit = int(limit) - articles = articles.limit(limit) - - return jsonify(result= [{ - "id": article.id, - "title": article.title, - "link": article.link, - "content": article.content, - "readed": article.readed, - "like": article.like, - "date": article.date, - "retrieved_date": article.retrieved_date, - "feed_id": article.source.id, - "feed_name": article.source.title - } - for article in articles] - ) - - def post(self): - """ - POST method - Create a new article. - """ - args = self.reqparse.parse_args() - article_dict = {} - for k, v in args.iteritems(): - if v != None: - article_dict[k] = v - else: - return {"message":"Missing argument: %s." % (k,)} - article_date = None - try: - article_date = dateutil.parser.parse(article_dict["date"], dayfirst=True) - except: - try: # trying to clean date field from letters - article_date = dateutil.parser.parse(re.sub('[A-z]', '', article_dict["date"], dayfirst=True)) - except: - return jsonify({"message":"Bad format for the date."}) - article = Article(link=article_dict["link"], title=article_dict["title"], - content=article_dict["content"], readed=False, like=False, - date=article_date, user_id=g.user.id, - feed_id=article_dict["feed_id"]) - feed = Feed.query.filter(Feed.id == article_dict["feed_id"], Feed.user_id == g.user.id).first() - feed.articles.append(article) - try: - db.session.commit() - return jsonify({"message":"ok"}) - except: - return jsonify({"message":"Impossible to create the article."}) - -class ArticleAPI(Resource): - """ - Defines a RESTful API for Article elements. - """ - method_decorators = [authenticate] - - def __init__(self): - self.reqparse = reqparse.RequestParser() - self.reqparse.add_argument('like', type = bool, location = 'json') - self.reqparse.add_argument('readed', type = bool, location = 'json') - super(ArticleAPI, self).__init__() - - def get(self, id=None): - """ - Returns an article. - """ - result = [] - if id is not None: - article = Article.query.filter(Article.user_id == g.user.id, Article.id == id).first() - if article is not None: - if not article.readed: - article.readed = True - db.session.commit() - result.append(article) - - return jsonify(result= [{ - "id": article.id, - "title": article.title, - "link": article.link, - "content": article.content, - "readed": article.readed, - "like": article.like, - "date": article.date, - "retrieved_date": article.retrieved_date, - "feed_id": article.source.id, - "feed_name": article.source.title - } - for article in result] - ) - - def put(self, id): - """ - Update an article. - It is only possible to update the status ('like' and 'readed') of an article. - """ - args = self.reqparse.parse_args() - article = Article.query.filter(Article.id == id).first() - if article is not None and article.source.subscriber.id == g.user.id: - if None is not args.get('like', None): - article.like = args['like'] - if None is not args.get('readed', None): - article.readed = args['readed'] - db.session.commit() - - try: - fastsearch.delete_article(g.user.id, article.feed_id, article.id) - except: - pass - - return jsonify({"message":"ok"}) - else: - return jsonify({'message': 'Article not found.'}) - - def delete(self, id): - """ - Delete an article. - """ - article = Article.query.filter(Article.id == id).first() - if article is not None and article.source.subscriber.id == g.user.id: - db.session.delete(article) - db.session.commit() - return jsonify({"message":"ok"}) - else: - return jsonify({'message': 'Article not found.'}) - -api.add_resource(ArticleListAPI, '/api/v1.0/articles', endpoint = 'articles.json') -api.add_resource(ArticleAPI, '/api/v1.0/articles/<int:id>', endpoint = 'article.json') - -class FeedListAPI(Resource): - """ - Defines a RESTful API for Feed elements. - """ - method_decorators = [authenticate] - - def __init__(self): - self.reqparse = reqparse.RequestParser() - self.reqparse.add_argument('title', type = unicode, default = "", location = 'json') - self.reqparse.add_argument('description', type = unicode, default = "", location = 'json') - self.reqparse.add_argument('link', type = unicode, location = 'json') - self.reqparse.add_argument('site_link', type = unicode, default = "", location = 'json') - self.reqparse.add_argument('email_notification', type = bool, default = False, location = 'json') - self.reqparse.add_argument('enabled', type = bool, default = True ,location = 'json') - super(FeedListAPI, self).__init__() - - def get(self): - """ - Returns a list of feeds. - """ - return jsonify(result= [{ - "id": feed.id, - "title": feed.title, - "description": feed.description, - "link": feed.link, - "site_link": feed.site_link, - "email_notification": feed.email_notification, - "enabled": feed.enabled, - "created_date": feed.created_date - } - for feed in g.user.feeds] - ) - - def post(self): - """ - POST method - Create a new feed. - """ - args = self.reqparse.parse_args() - feed_dict = {} - for k, v in args.iteritems(): - if v != None: - feed_dict[k] = v - else: - return jsonify({'message': 'missing argument: %s' % (k,)}) - new_feed = Feed(title=feed_dict["title"], description=feed_dict["description"], - link=feed_dict["link"], site_link=feed_dict["site_link"], - email_notification=feed_dict["email_notification"], - enabled=feed_dict["enabled"]) - g.user.feeds.append(new_feed) - try: - db.session.commit() - return jsonify({"message":"ok"}) - except: - return jsonify({'message': 'Impossible to create the feed.'}) - -class FeedAPI(Resource): - """ - Defines a RESTful API for Feed elements. - """ - method_decorators = [authenticate] - - def __init__(self): - self.reqparse = reqparse.RequestParser() - self.reqparse.add_argument('title', type = unicode, location = 'json') - self.reqparse.add_argument('description', type = unicode, location = 'json') - self.reqparse.add_argument('link', type = unicode, location = 'json') - self.reqparse.add_argument('site_link', type = unicode, location = 'json') - self.reqparse.add_argument('email_notification', type = bool, location = 'json') - self.reqparse.add_argument('enabled', type = bool ,location = 'json') - super(FeedAPI, self).__init__() - - def get(self, id=None): - """ - Returns a feed. - """ - result = [] - if id is not None: - feed = Feed.query.filter(Feed.id == id, Feed.user_id == g.user.id).first() - if feed is not None: - result.append(feed) - return jsonify(result= [{ - "id": feed.id, - "title": feed.title, - "description": feed.description, - "link": feed.link, - "site_link": feed.site_link, - "nb_articles": feed.articles.count() - } - for feed in result] - ) - return jsonify({'message': 'Feed not found'}) - - def put(self, id): - """ - Update a feed. - """ - args = self.reqparse.parse_args() - feed = Feed.query.filter(Feed.id == id, Feed.user_id == g.user.id).first() - if feed is not None: - if None is not args.get('title', None): - feed.title = args['title'] - if None is not args.get('description', None): - feed.description = args['description'] - if None is not args.get('link', None): - feed.link = args['link'] - if None is not args.get('site_link', None): - feed.site_link = args['site_link'] - if None is not args.get('email_notification', None): - feed.email_notification = args['email_notification'] - if None is not args.get('enabled', None): - feed.enabled = args['enabled'] - db.session.commit() - return jsonify({"message":"ok"}) - else: - return jsonify({'message': 'Feed not found.'}) - - def delete(self, id): - """ - Delete a feed. - """ - feed = Feed.query.filter(Feed.id == id, Feed.user_id == g.user.id).first() - if feed is not None: - db.session.delete(feed) - db.session.commit() - return jsonify({"message":"ok"}) - else: - return jsonify({'message': 'Feed not found.'}) - -api.add_resource(FeedListAPI, '/api/v1.0/feeds', endpoint = 'feeds.json') -api.add_resource(FeedAPI, '/api/v1.0/feeds/<int:id>', endpoint = 'feed.json')
\ No newline at end of file diff --git a/pyaggr3g470r/views/__init__.py b/pyaggr3g470r/views/__init__.py new file mode 100644 index 00000000..ad71048a --- /dev/null +++ b/pyaggr3g470r/views/__init__.py @@ -0,0 +1,2 @@ +from .views import * +from .api import * diff --git a/pyaggr3g470r/views/api.py b/pyaggr3g470r/views/api.py new file mode 100644 index 00000000..c220d0bc --- /dev/null +++ b/pyaggr3g470r/views/api.py @@ -0,0 +1,356 @@ +#! /usr/bin/env python +# -*- coding: utf-8 -*- + +# pyAggr3g470r - A Web based news aggregator. +# Copyright (C) 2010-2015 Cédric Bonhomme - http://cedricbonhomme.org/ +# +# For more information : https://bitbucket.org/cedricbonhomme/pyaggr3g470r/ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +__author__ = "Cedric Bonhomme" +__version__ = "$Revision: 0.2 $" +__date__ = "$Date: 2014/06/18 $" +__revision__ = "$Date: 2014/07/05 $" +__copyright__ = "Copyright (c) Cedric Bonhomme" +__license__ = "AGPLv3" + +import re +import dateutil.parser +from functools import wraps +from flask import g, Response, request, session, jsonify +from flask.ext.restful import Resource, reqparse + +import conf +if not conf.ON_HEROKU: + import pyaggr3g470r.search as fastsearch +from pyaggr3g470r import api, db +from pyaggr3g470r.models import User, Article, Feed + + +def authenticate(func): + """ + Decorator for the authentication to the web services. + """ + @wraps(func) + def wrapper(*args, **kwargs): + if not getattr(func, 'authenticated', True): + return func(*args, **kwargs) + + # authentication based on the session (already logged on the site) + if 'email' in session or g.user.is_authenticated(): + return func(*args, **kwargs) + + # authentication via HTTP only + auth = request.authorization + try: + email = auth.username + user = User.query.filter(User.email == email).first() + if user and user.check_password(auth.password) and user.activation_key == "": + g.user = user + return func(*args, **kwargs) + except AttributeError: + pass + + return Response('<Authentication required>', 401, + {'WWWAuthenticate':'Basic realm="Login Required"'}) + return wrapper + + +def to_response(func): + def wrapper(*args, **kwargs): + res = func(*args, **kwargs) + if type(res) is tuple and len(res) == 2 and type(res[1]) is int: + response = jsonify(**res[0]) + response.status_code = res[1] + if isinstance(res, Response): + return res + else: + response = jsonify(**res) + return response + return wrapper + + +class ArticleListAPI(Resource): + """ + Defines a RESTful API for Article elements. + """ + method_decorators = [authenticate, to_response] + + def __init__(self): + self.reqparse = reqparse.RequestParser() + self.reqparse.add_argument('title', type=unicode, location='json') + self.reqparse.add_argument('content', type=unicode, location='json') + self.reqparse.add_argument('link', type=unicode, location='json') + self.reqparse.add_argument('date', type=str, location='json') + self.reqparse.add_argument('feed_id', type=int, location='json') + super(ArticleListAPI, self).__init__() + + def get(self): + """ + Returns a list of articles. + """ + feeds = {feed.id: feed.title for feed in g.user.feeds if feed.enabled} + articles = Article.query.filter(Article.feed_id.in_(feeds.keys()), + Article.user_id == g.user.id) + filter_ = request.args.get('filter_', 'unread') + feed_id = int(request.args.get('feed', 0)) + limit = request.args.get('limit', 1000) + if filter_ != 'all': + articles = articles.filter(Article.readed == (filter_ == 'read')) + if feed_id: + articles = articles.filter(Article.feed_id == feed_id) + + articles = articles.order_by(Article.date.desc()) + if limit != 'all': + limit = int(limit) + articles = articles.limit(limit) + + return {'result': [article.dump() for article in articles]} + + def post(self): + """ + POST method - Create a new article. + """ + args = self.reqparse.parse_args() + article_dict = {} + for k, v in args.iteritems(): + if v != None: + article_dict[k] = v + else: + return {"message": "Missing argument: %s." % (k,)}, 400 + article_date = None + try: + article_date = dateutil.parser.parse(article_dict["date"], dayfirst=True) + except: + try: # trying to clean date field from letters + article_date = dateutil.parser.parse(re.sub('[A-z]', '', article_dict["date"], dayfirst=True)) + except: + return jsonify({"message": "Bad format for the date."}), 400 + article = Article(link=article_dict["link"], title=article_dict["title"], + content=article_dict["content"], readed=False, like=False, + date=article_date, user_id=g.user.id, + feed_id=article_dict["feed_id"]) + feed = Feed.query.filter(Feed.id == article_dict["feed_id"], Feed.user_id == g.user.id).first() + feed.articles.append(article) + try: + db.session.commit() + return {"message": "ok"}, 201 + except: + return {"message": "Impossible to create the article."}, 500 + + +class ArticleAPI(Resource): + """ + Defines a RESTful API for Article elements. + """ + method_decorators = [authenticate, to_response] + + def __init__(self): + self.reqparse = reqparse.RequestParser() + self.reqparse.add_argument('like', type=bool, location='json') + self.reqparse.add_argument('readed', type=bool, location= 'json') + super(ArticleAPI, self).__init__() + + def get_article_or_raise(self, article_id=None): + if article_id is None: + raise Exception({'message': 'Bad id'}, 400) + article = Article.query.filter(Article.id == article_id).first() + if article.source.subscriber.id != g.user.id: + return {'message': "Bad user for article."}, 403 + if article is None: + return {'message': 'Article not found'}, 404 + return article + + def get(self, id=None): + "Returns an article." + try: + article = self.get_article_or_raise(id) + except Exception, error: + return error.args + if not article.readed: + article.readed = True + db.session.commit() + return {'result': [article.dump()]} + + def put(self, id): + """ Update an article. It is only possible to update the status + ('like' and 'readed') of an article.""" + args = self.reqparse.parse_args() + try: + article = self.get_article_or_raise(id) + except Exception, error: + return error.args + if None is not args.get('like', None): + article.like = args['like'] + if None is not args.get('readed', None): + article.readed = args['readed'] + db.session.commit() + + try: + fastsearch.delete_article(g.user.id, article.feed_id, article.id) + except: + pass + return {"message": "ok"} + + def delete(self, id): + """ + Delete an article. + """ + try: + article = self.get_article_or_raise(id) + except Exception, error: + return error.args + db.session.delete(article) + db.session.commit() + return {"message": "ok"}, 204 + + +class FeedListAPI(Resource): + """ + Defines a RESTful API for Feed elements. + """ + method_decorators = [authenticate, to_response] + + def __init__(self): + self.reqparse = reqparse.RequestParser() + self.reqparse.add_argument('title', + type=unicode, default="", location='json') + self.reqparse.add_argument('description', + type=unicode, default="", location='json') + self.reqparse.add_argument('link', type=unicode, location='json') + self.reqparse.add_argument('site_link', + type=unicode, default="", location='json') + self.reqparse.add_argument('email_notification', + type=bool, default=False, location='json') + self.reqparse.add_argument('enabled', + type=bool, default=True, location='json') + super(FeedListAPI, self).__init__() + + def get(self): + """ + Returns a list of feeds. + """ + return {'result': [{"id": feed.id, + "title": feed.title, + "description": feed.description, + "link": feed.link, + "site_link": feed.site_link, + "email_notification": feed.email_notification, + "enabled": feed.enabled, + "created_date": feed.created_date, + } for feed in g.user.feeds]} + + def post(self): + """ + POST method - Create a new feed. + """ + args = self.reqparse.parse_args() + feed_dict = {} + for k, v in args.iteritems(): + if v != None: + feed_dict[k] = v + else: + return {'message': 'missing argument: %s' % (k,)}, 400 + new_feed = Feed(title=feed_dict["title"], + description=feed_dict["description"], + link=feed_dict["link"], + site_link=feed_dict["site_link"], + email_notification=feed_dict["email_notification"], + enabled=feed_dict["enabled"]) + g.user.feeds.append(new_feed) + try: + db.session.commit() + return {"message": "ok"} + except: + return {'message': 'Impossible to create the feed.'}, 500 + + +class FeedAPI(Resource): + """ + Defines a RESTful API for Feed elements. + """ + method_decorators = [authenticate, to_response] + + def __init__(self): + self.reqparse = reqparse.RequestParser() + self.reqparse.add_argument('title', type=unicode, location='json') + self.reqparse.add_argument('description', + type=unicode, location='json') + self.reqparse.add_argument('link', type=unicode, location='json') + self.reqparse.add_argument('site_link', type=unicode, location='json') + self.reqparse.add_argument('email_notification', + type=bool, location='json') + self.reqparse.add_argument('enabled', type=bool ,location='json') + super(FeedAPI, self).__init__() + + def get_feed_or_raise(self, feed_id=None): + if feed_id is None: + raise Exception({'message': 'Bad id'}, 400) + feed = Article.query.filter(Article.id == feed_id).first() + if feed.source.subscriber.id != g.user.id: + return {'message': "Bad user for article."}, 403 + if feed is None: + return {'message': 'Article not found'}, 404 + return feed + + def get(self, id=None): + "Returns a feed" + try: + feed = self.get_feed_or_raise(id) + except Exception, error: + return error.args + return {'result': [feed.dump()]} + + def put(self, id): + "Update a feed" + args = self.reqparse.parse_args() + try: + feed = self.get_feed_or_raise(id) + except Exception, error: + return error.args + if 'title' in args: + feed.title = args['title'] + if 'description' in args: + feed.description = args['description'] + if 'link' in args: + feed.link = args['link'] + if 'site_link' in args: + feed.site_link = args['site_link'] + if 'email_notification' in args: + feed.email_notification = args['email_notification'] + if 'enabled' in args: + feed.enabled = args['enabled'] + db.session.commit() + return {"message": "ok"} + + def delete(self, id): + """ + Delete a feed. + """ + try: + feed = self.get_feed_or_raise(id) + except Exception, error: + return error.args + db.session.delete(feed) + db.session.commit() + return {"message": "ok"}, 204 + + +api.add_resource(ArticleListAPI, '/api/v1.0/articles', + endpoint='articles.json') +api.add_resource(ArticleAPI, '/api/v1.0/articles/<int:id>', + endpoint='article.json') +api.add_resource(FeedListAPI, '/api/v1.0/feeds', endpoint = 'feeds.json') +api.add_resource(FeedAPI, '/api/v1.0/feeds/<int:id>', endpoint = 'feed.json') diff --git a/pyaggr3g470r/views.py b/pyaggr3g470r/views/views.py index f0422c3c..0a50d8d0 100644 --- a/pyaggr3g470r/views.py +++ b/pyaggr3g470r/views/views.py @@ -27,9 +27,10 @@ __copyright__ = "Copyright (c) Cedric Bonhomme" __license__ = "AGPLv3" import os +import json import datetime from collections import namedtuple -from flask import abort, render_template, request, flash, session, \ +from flask import abort, render_template, request, flash, session, Response, \ url_for, redirect, g, current_app, make_response, jsonify from flask.ext.login import LoginManager, login_user, logout_user, \ login_required, current_user, AnonymousUserMixin @@ -157,6 +158,31 @@ def login(): return redirect(url_for('home')) return render_template('login.html', form=form) +@app.route('/api/csrf', methods=['GET']) +def get_csrf(): + try: + data = json.loads(request.data) + except ValueError: + return Response(status=400) + email = data.get('email') + password = data.get('password') + if login is None or password is None: + return Response(status=401) + user = User.query.filter(User.email == email).first() + if not user: + return Reponse(status=404) + if not user.check_password(password): + return Reponse(status=401) + if not user.activation_key == "": + return Reponse(status=403) + login_user(user) + g.user = user + session['email'] = email + identity_changed.send(current_app._get_current_object(), + identity=Identity(user.id)) + return 'ok', 200 + + @app.route('/logout') @login_required def logout(): |