def tenant_group_update(id, tenant_id, values, session=None):
    if not session:
        session = get_session()
    with session.begin():
        tenant_ref = tenant_group_get(id, tenant_id, session)
        tenant_ref.update(values)
        tenant_ref.save(session=session)

    def put(self, path, data, metadata={}, reduced_redundancy=False, encrypt_key=False, callback=None):
        """
        Stores data at given path
        :param string path: Path or 'key' for created/updated object
        :param bytes data: Data to write
        :param dict metadata: Metadata to store with this data
        :param bool reduced_redundancy: Whether to reduce storage redundancy or not?
        :param bool encrypt_key: Encrypt data?
        :param callable callback: Called function once done
        """
        storage_class = 'REDUCED_REDUNDANCY' if reduced_redundancy else 'STANDARD'

        args = dict(
            callback=callback,
            Bucket=self._bucket,
            Key=self._clean_key(path),
            Body=data,
            Metadata=metadata,
            StorageClass=storage_class,
        )

        if encrypt_key:
            args['ServerSideEncryption'] = 'AES256'

        my_session = session_handler.get_session(self._endpoint is not None)
        session = Botocore(service='s3', region_name=self._region,
                           operation='PutObject', session=my_session,
                           endpoint_url=self._endpoint)

        session.call(**args)

def log_annotation(collection, document, status, action, args):
    """
    Logs an annotation operation of type action in the given document
    of the given collection. Status is an arbitrary string marking the
    status of processing the request and args a dictionary giving
    the arguments of the action.
    """

    l = ann_logger()

    if not l:
        return False

    try:
        user = get_session()['user']
    except KeyError:
        user = 'anonymous'

    # avoid redundant logging (assuming first two args are
    # collection and document)
    # TODO: get rid of the assumption, parse the actual args
    other_args = args[2:]

    # special case for "log only" action: don't redundantly
    # record the uninformative action name, but treat the
    # first argument as the 'action'.
    if action == 'logAnnotatorAction':
        action = other_args[0]
        other_args = other_args[1:]

    l.info('%s\t%s\t%s\t%s\t%s\t%s' % (_detab(user), _detab(collection), 
                                       _detab(document), _detab(status), 
                                       _detab(action),
                                       '\t'.join([_detab(unicode(a)) for a in other_args])))

    def post(self, key):
        """ Add a tag by the current user on a given photo """
        current_session = session.get_session()
        if not current_session or not current_session.is_active():
            self.error(403)
            return

        try:
            user = current_session['me']
        except KeyError:
            self.error(403)
            return

        try:
            photo = models.Photo.get(controllers.unquote(key))
        except db.BadKeyError:
            self.error(400)
            return

        tag = self.request.get('tag')

        logging.error(self.request.body)
        if not comment:
            logging.error('no tag')
            self.error(400)
            return

        # Prevent double tag
        tag = photo.tag_set.filter('tag = ', tag).filter('user = ', user).get()
        if not tag:
            tag = models.Tag(tag=tag, photo=photo, user=user)
            tag.put()

        self.redirect('/photos/%s' % key)

def user_update(id, values, session=None):
    if not session:
        session = get_session()
    with session.begin():
        user_ref = user_get(id, session)
        user_ref.update(values)
        user_ref.save(session=session)

def get_buyhistory(itemid):
    """ get buy history, first page only
    
    :param itemid: itemid for item
    :returns: list of (price/sold, sold/price, date) tuple
    """
    s = get_session()
    content = s.get('http://item.taobao.com/item.htm?id={}'.format(itemid)).content
    url = re.compile(r'detail:params="(.*?),showBuyerList').search(content).group(1)
    url += '&callback=jsonp'
    patjsonp = re.compile(r'jsonp\((.*?)\);?', re.DOTALL)
    s = get_blank_session()
    s.headers['Referer'] = 'http://detail.tmall.com/item.htm'
    try:
        content = s.get(url+'&callback=jsonp', timeout=30).content
        content = content.replace('\\"', '"')
        if content == 'jsonp({"status":1111,"wait":5})':
            print 'baned, sleeping for 5 mins'
            time.sleep(5*60)
            return get_buyhistory(itemid)
        ret1 = re.compile('<em class="tb-rmb-num">([^<]+)</em>.*?<td class="tb-amount">(\d+)</td>.*?<td class="tb-time">([^>]+)</td>', re.DOTALL).findall(content)
        ret2 = re.compile('<em>(\d+)</em>.*?<td>(\d+)</td>.*?<td>([^<]+)</td>', re.DOTALL).findall(content)
        ret1.extend(ret2)
        return ret1
    except:
        print '!!!', itemid
        traceback.print_exc()

def model_query(model, *args, **kwargs):
    """Query helper that accounts for context's `read_deleted` field.

    :param context: context to query under
    :param session: if present, the session to use
    :param read_deleted: if present, overrides context's read_deleted field.
    :param project_only: if present and context is user-type, then restrict
            query to match the context's project_id. If set to 'allow_none',
            restriction includes project_id = None.
    """
    session = kwargs.get('session') or get_session()
    read_deleted = kwargs.get('read_deleted') or 'no'

    query = session.query(model, *args)

    if read_deleted == 'no':
        query = query.filter_by(deleted=False)
    elif read_deleted == 'yes':
        pass  # omit the filter to include deleted and active
    elif read_deleted == 'only':
        query = query.filter_by(deleted=True)
    else:
        raise Exception(
                _("Unrecognized read_deleted value '%s'") % read_deleted)

    return query

def login(user, password):
    if not _is_authenticated(user, password):
        raise InvalidAuthError

    get_session()['user'] = user
    Messager.info('Hello!')
    return {}

	def authorized(cls, identity):
		with get_session() as session:
			user = session.query( cls ).filter(cls.name == identity).first()
			if not user:
				return False
			else:
				return True

def onp_check_session(request):
    if not _check_args(request, "session_id"):
        return not_enough_args(request)
    sess = session.get_session(request["session_id"])
    if not _session_checker(request, sess):
        return not_enough_rights(request)
    return {"error_code": 0, "id": request["id"], "admin_priv": sess["admin_priv"], "roles": sess["roles"]}

 def get_all(cls,
             session=None,
             columns=None,
             offset=None,
             limit=None,
             order_by=None,
             lock_mode=None):
     if not session:
         session = Session.get_session()
     if columns:
         if isinstance(columns, (tuple, list)):
             query = session.query(*columns)
         else:
             query = session.query(columns)
             if isinstance(columns, str):
                 query = query.select_from(cls)
     else:
         query = session.query(cls)
     if order_by is not None:
         if isinstance(order_by, (tuple, list)):
             query = query.order_by(*order_by)
         else:
             query = query.order_by(order_by)
     if offset:
         query = query.offset(offset)
     if limit:
         query = query.limit(limit)
     if lock_mode:
         query = query.with_lockmode(lock_mode)
     return query.all()

 def count_all(cls, session=None, lock_mode=None):
     if not session:
         session = Session.get_session()
     query = session.query(func.count('*')).select_from(cls)
     if lock_mode:
         query = query.with_lockmode(lock_mode)
     return query.scalar()

def tenant_group_get(id, tenant, session=None):
    if not session:
        session = get_session()
    result = session.query(models.Group).filter_by(id=id, \
            tenant_id=tenant).first()

    return result

    def get_by_all(cls,
                   key,
                   value,
                   session=None,
                   columns=None,
                   lock_mode=None):

        if not session:
            session = Session.get_session()
        if hasattr(cls, key):
            scalar = False
            if columns:
                if isinstance(columns, (tuple, list)):
                    query = session.query(*columns)
                else:
                    scalar = True
                    query = session.query(columns)
            else:
                query = session.query(cls)
            if lock_mode:
                query = query.with_lockmode(lock_mode)
            query = query.filter(getattr(cls, key) == value)
            if scalar:
                return query.scalar()
            return query.all()
        return None

def tenant_group_is_empty(id, session=None):
    if not session:
        session = get_session()
    a_user = session.query(models.UserGroupAssociation).filter_by(
        group_id=id).first()
    if a_user != None:
        return False
    return True

def whoami():
    json_dic = {}
    try:
        json_dic['user'] = get_session().get('user')
    except KeyError:
        # TODO: Really send this message?
        Messager.error('Not logged in!', duration=3)
    return json_dic

    def set_attr(cls, id, attr, value, session=None):
        if not session:
            session = Session.get_session()

        if hasattr(cls, 'id'):
            session.query(cls).filter(cls.id == id).update({
                attr: value
            })
            session.commit()

def onp_get_schools(request):
    if not _check_args(request, "from", "count", "session_id"):
        return not_enougth_args(request)
    sess = session.get_session(request["session_id"])
    if not _session_checker(request, sess):
        return not_enough_rights(request)
    sql = "SELECT id, title, number, address, city_id, type_id from school order by id limit %(from)s, %(count)s"
    result = _exec_sql_get_func(request, sql)
    return result

def onp_get_city_types(request):
    if not _check_args(request, "from", "count", "session_id"):
        return not_enougth_args(request)
    sess = session.get_session(request["session_id"])
    if not _session_checker(request, sess):
        return not_enough_rights(request)
    sql = "SELECT id, short_title, full_title from city_type order by id limit %(from)s, %(count)s"
    result = _exec_sql_get_func(request, sql)
    return result

def logout():
    try:
        del get_session()['user']
    except KeyError:
        # Already deleted, let it slide
        pass
    # TODO: Really send this message?
    Messager.info('Bye!')
    return {}