Merge master into branch

2014-09-04 18:08:18 -04:00 · 2014-09-04 18:08:18 -04:00 · e028d4ae0a
commit e028d4ae0a
parent 1c2de35f28 bf3077f922
103 changed files with 2319 additions and 1187 deletions
--- a/endpoints/api/user.py
+++ b/endpoints/api/user.py
@ -7,8 +7,9 @@ from flask.ext.principal import identity_changed, AnonymousIdentity

 from app import app, billing as stripe, authentication
 from endpoints.api import (ApiResource, nickname, resource, validate_json_request, request_error,
-                           log_action, internal_only, NotFound, require_user_admin,
-                           InvalidToken, require_scope, format_date, hide_if, show_if, license_error)
+                           log_action, internal_only, NotFound, require_user_admin, parse_args,
+                           query_param, InvalidToken, require_scope, format_date, hide_if, show_if,
+                           license_error,  require_fresh_login)
 from endpoints.api.subscribe import subscribe
 from endpoints.common import common_login
 from data import model
@ -150,6 +151,7 @@ class User(ApiResource):
    return user_view(user)

  @require_user_admin
+  @require_fresh_login
  @nickname('changeUserDetails')
  @internal_only
  @validate_json_request('UpdateUser')
@ -158,7 +160,7 @@ class User(ApiResource):
    user = get_authenticated_user()
    user_data = request.get_json()

-    try:
+    try:     
      if 'password' in user_data:
        logger.debug('Changing password for user: %s', user.username)
        log_action('account_change_password', user.username)
@ -363,6 +365,37 @@ class Signin(ApiResource):
    return conduct_signin(username, password)


+@resource('/v1/signin/verify')
+@internal_only
+class VerifyUser(ApiResource):
+  """ Operations for verifying the existing user. """
+  schemas = {
+    'VerifyUser': {
+      'id': 'VerifyUser',
+      'type': 'object',
+      'description': 'Information required to verify the signed in user.',
+      'required': [
+        'password',
+      ],
+      'properties': {
+        'password': {
+          'type': 'string',
+          'description': 'The user\'s password',
+        },
+      },
+    },
+  }
+
+  @require_user_admin
+  @nickname('verifyUser')
+  @validate_json_request('VerifyUser')
+  def post(self):
+    """ Verifies the signed in the user with the specified credentials. """
+    signin_data = request.get_json()
+    password = signin_data['password']
+    return conduct_signin(get_authenticated_user().username, password)
+
+
@resource('/v1/signout')
@internal_only
 class Signout(ApiResource):
@ -410,11 +443,24 @@ class Recovery(ApiResource):
@internal_only
 class UserNotificationList(ApiResource):
  @require_user_admin
+  @parse_args
+  @query_param('page', 'Offset page number. (int)', type=int, default=0)
+  @query_param('limit', 'Limit on the number of results (int)', type=int, default=5)
  @nickname('listUserNotifications')
-  def get(self):
-    notifications = model.list_notifications(get_authenticated_user())
+  def get(self, args):
+    page = args['page']
+    limit = args['limit']
+
+    notifications = list(model.list_notifications(get_authenticated_user(), page=page, limit=limit + 1))
+    has_more = False
+
+    if len(notifications) > limit:
+      has_more = True
+      notifications = notifications[0:limit]
+
    return {
-      'notifications': [notification_view(notification) for notification in notifications]
+      'notifications': [notification_view(notification) for notification in notifications],
+      'additional': has_more
    }