quay/endpoints/web.py

import logging
import requests
import stripe

from flask import (abort, redirect, request, url_for, render_template,
                   make_response, Response)
from flask.ext.login import login_user, UserMixin, current_user
from flask.ext.principal import identity_changed
from urlparse import urlparse

from data import model
from app import app, login_manager, mixpanel
from auth.permissions import (QuayDeferredPermissionUser,
                              AdministerOrganizationPermission)
from util.invoice import renderInvoiceToPdf
from util.seo import render_snapshot
from endpoints.api import get_route_data
from endpoints.common import common_login

logger = logging.getLogger(__name__)

def render_page_template(name):
  return render_template(name, route_data = get_route_data())

@app.route('/', methods=['GET'], defaults={'path': ''})
@app.route('/repository/<path:path>', methods=['GET'])
@app.route('/organization/<path:path>', methods=['GET'])
def index(path):
  return render_page_template('index.html')


@app.route('/snapshot', methods=['GET'])
@app.route('/snapshot/', methods=['GET'])
@app.route('/snapshot/<path:path>', methods=['GET'])
def snapshot(path = ''):
  parsed = urlparse(request.url)
  final_url = '%s://%s/%s' % (parsed.scheme, 'localhost', path)
  result = render_snapshot(final_url)
  if result:
    return result

  abort(404)


@app.route('/plans/')
def plans():
  return index('')


@app.route('/guide/')
def guide():
  return index('')


@app.route('/organizations/')
@app.route('/organizations/new/')
def organizations():
  return index('')

@app.route('/user/')
def user():
  return index('')


@app.route('/signin/')
def signin():
  return index('')


@app.route('/new/')
def new():
  return index('')


@app.route('/repository/')
def repository():
  return index('')


@app.route('/security/')
def security():
  return index('')


@app.route('/v1')
@app.route('/v1/')
def v1():
  return index('')


@app.route('/status', methods=['GET'])
def status():
  return make_response('Healthy')


@app.route('/tos', methods=['GET'])
def tos():
  return render_page_template('tos.html')


@app.route('/disclaimer', methods=['GET'])
def disclaimer():
  return render_page_template('disclaimer.html')


@app.route('/privacy', methods=['GET'])
def privacy():
  return render_page_template('privacy.html')


@app.route('/receipt', methods=['GET'])
def receipt():
  if not current_user.is_authenticated():
    abort(401)
    return

  id =  request.args.get('id')
  if id:
    invoice = stripe.Invoice.retrieve(id)
    if invoice:
      user_or_org = model.get_user_or_org_by_customer_id(invoice.customer)
      
      if user_or_org:
        if user_or_org.organization:
          admin_org = AdministerOrganizationPermission(user_or_org.username)
          if not admin_org.can():
            abort(404)
            return
        else:
          if not user_or_org.username == current_user.db_user().username:
            abort(404)
            return      

      file_data = renderInvoiceToPdf(invoice, user_or_org)          
      return Response(file_data,
                      mimetype="application/pdf",
                      headers={"Content-Disposition": "attachment;filename=receipt.pdf"})
  abort(404)


@app.route('/oauth2/github/callback', methods=['GET'])
def github_oauth_callback():
  code = request.args.get('code')
  payload = {
    'client_id': app.config['GITHUB_CLIENT_ID'],
    'client_secret': app.config['GITHUB_CLIENT_SECRET'],
    'code': code,
  }
  headers = {
    'Accept': 'application/json'
  }

  get_access_token = requests.post(app.config['GITHUB_TOKEN_URL'],
                                   params=payload, headers=headers)

  token = get_access_token.json()['access_token']

  token_param = {
    'access_token': token,
  }
  get_user = requests.get(app.config['GITHUB_USER_URL'], params=token_param)

  user_data = get_user.json()
  username = user_data['login']
  github_id = user_data['id']

  v3_media_type = {
    'Accept': 'application/vnd.github.v3'
  }
  get_email = requests.get(app.config['GITHUB_USER_EMAILS'],
                           params=token_param, headers=v3_media_type)

  # We will accept any email, but we prefer the primary
  found_email = None
  for user_email in get_email.json():
    found_email = user_email['email']
    if user_email['primary']:
      break

  to_login = model.verify_federated_login('github', github_id)
  if not to_login:
    # try to create the user
    try:
      to_login = model.create_federated_user(username, found_email, 'github',
                                             github_id)

      # Success, tell mixpanel
      mixpanel.track(to_login.username, 'register', {'service': 'github'})

      state = request.args.get('state', None)
      if state:
        logger.debug('Aliasing with state: %s' % state)
        mixpanel.alias(to_login.username, state)

    except model.DataModelException, ex:
      return render_page_template('githuberror.html', error_message=ex.message)

  if common_login(to_login):
    return redirect(url_for('index'))

  return render_page_template('githuberror.html')


@app.route('/confirm', methods=['GET'])
def confirm_email():
  code = request.values['code']

  try:
    user = model.confirm_user_email(code)
  except model.DataModelException as ex:
    return redirect(url_for('signin'))

  common_login(user)

  return redirect(url_for('index'))


@app.route('/recovery', methods=['GET'])
def confirm_recovery():
  code = request.values['code']
  user = model.validate_reset_code(code)

  if user:
    common_login(user)
    return redirect(url_for('user'))
  else:
    abort(403)


@app.route('/reset', methods=['GET'])
def password_reset():
  pass