def profile(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
form = EmptyForm()
if user.coords:
lat, lng = user.coords.split(';')
else:
lat, lng = None, None
return render_template('profile.html', user=user, form=form, lat=lat, lng=lng)
def unfollow(username):
users = User.query.order_by(User.username.desc()).all()
form = EmptyForm()
if form.validate_on_submit():
user = User.query.filter_by(username=username).first()
if user is None:
flash('User {} not found.'.format(username))
return redirect(url_for('index'), users=users)
if user == current_user:
flash('You cannot unfollow yourself!')
return redirect(url_for('user', username=username), users=users)
current_user.unfollow(user)
db.session.commit()
flash('You are not following {}.'.format(username))
return redirect(url_for('user', username=username))
else:
return redirect(url_for('index'), users=users)
def user(username):
user = User.query.filter_by(username=username).first_or_404()
posts = [
{'author': user, 'body': 'Test post #1'},
{'author': user, 'body': 'Test post #2'}
]
form = EmptyForm()
return render_template('user.html', user=user, posts=posts, form=form)
def user(username):
user=User.query.filter_by(username=username).first_or_404()
page=request.args.get("page",1,type=int)
posts=user.posts.order_by(Post.timestamp.desc()).paginate(page,app.config["POSTS_PER_PAGE"],False)
next_url=url_for("user",username=user.username,page=posts.next_num) if posts.has_next else None
prev_url=url_for("user",username=user.username,page=posts.prev_num) if posts.has_prev else None
form=EmptyForm()
return render_template("user.html",user=user,posts=posts.items,form=form,next_url=next_url,prev_url=prev_url)
def save_image(pic):
form=EmptyForm()
p_name= pic.filename
image_path = os.path.join(app.root_path, 'static/images/pic',p_name )
i = Image.open(pic)
i.save(image_path)
return p_name
def user(username):
user = User.query.filter_by(username=username).first_or_404()
form = EmptyForm()
posts = [
{'author': user, 'body': 'first dummy post'},
{'author': user, 'body': 'second dummy post'}
]
return render_template('user.html', user=user, posts=posts, form=form)
def follow(username):
form = EmptyForm()
if form.validate_on_submit():
user = User.query.filter_by(username=username).first()
if user is None:
flash('User {} not found'.format(username))
return redirect(url_for('index'))
if user == current_user:
flash('You can not follow yourself!')
return redirect(url_for('user', username=username))
current_user.follow(user)
db.session.commit()
flash('You are following {} now!'.format(username))
return redirect(url_for('user', username=username))
else:
return redirect(url_for('index'))
def following():
form = EmptyForm()
following = current_user.following_list()
followed = current_user.followed.count()
return render_template('following.html',
accounts=following,
count=followed,
form=form)
def user(username):
user = User.query.filter_by(username=username).first_or_404()
posts = user.posts.order_by(Post.timestamp.desc())
form = EmptyForm()
return render_template('user.html',
title='Profile',
form=form,
user=user,
posts=posts)
def follow(handle):
form = EmptyForm() # Empty form for CSRF protection
if form.validate_on_submit():
print("Form validated")
user = models.User.query.filter_by(handle=handle).first()
if user is None:
flash('User {} not found.'.format(handle))
return redirect(url_for('index'))
if user == current_user:
flash('You cannot follow yourself!')
return redirect(unquote(url_for('profile', handle=handle)))
current_user.follow(user)
db.session.commit()
flash('You are following {}!'.format(handle))
return redirect(unquote(url_for('profile', handle=handle)))
else:
print("form not validated")
return redirect(url_for('index'))
def delete_event(id):
post = Post.query.filter_by(id=id).first_or_404()
form = EmptyForm()
if form.validate_on_submit():
post = Post.query.filter_by(id=id).first()
if current_user.user_level > 2 and current_user.id != post.user_id:
flash("you do not have the authority for this action")
redirect(url_for(index))
if post is None:
flash("event {} does not exist".format(id))
return redirect(url_for(index))
db.session.delete(post)
db.session.commit()
flash('event is deleted!!')
return redirect(url_for(index))
else:
return redirect(url_for(index))
def unfollow(username):
""" Remove a user from your friends/follow list """
form = EmptyForm()
if form.validate_on_submit():
usr = User.query.filter_by(username=username).first()
if usr is None:
flash(f'User {username} not found.')
return redirect(url_for('main.index'))
if usr == current_user:
flash('You cannot unfollow yourself!')
return redirect(url_for('main.user', username=username))
current_user.unfollow(usr)
db.session.commit()
flash(f'You are not following {username}.')
return redirect(url_for('main.user', username=username))
else:
return redirect(url_for('main.index'))
def follow(username):
form = EmptyForm()
if form.validate_on_submit():
user = User.query.filter_by(username=username).first()
if user is None:
flash(f'{username} does not exist')
return redirect(url_for('index'))
if user == current_user:
flash(f'no')
return redirect(url_for('index'))
current_user.follow(user)
db.session.commit()
flash(f'Now following {username}')
return redirect(url_for('user', username=username))
else:
return redirect(url_for('index'))
def user(username):
# get user. if not exist return 404
user = User.query.filter_by(username=username).first_or_404()
posts = [
{'author': user, 'body': 'need a new macbook asap as possible'},
{'author': user, 'body': 'allez paris'}
]
form = EmptyForm()
return render_template('user.html', user=user, posts=posts, form=form)
def event_details(id):
post = Post.query.filter_by(id=id).first_or_404()
form = EmptyForm()
list_of_participants = post.participant_list()
return render_template('event_details.html',
post=post,
user=current_user,
form=form,
list_of_participants=list_of_participants)
def follow(username):
form = EmptyForm()
if form.validate_on_submit():
user = User.query.filter_by(username=username).first()
if user is None:
# flash('User {} not found.'.format(username))
flash(_('User %(username)s not found.', username=username))
return redirect(url_for('index'))
if user == current_user: # check this first? query needed for this check?
flash(_('You cannot follow yourself!'))
return redirect(url_for('user', username=username))
current_user.follow(user)
db.session.commit()
# flash('You are following {}!'.format(username))
flash(_('You are following %(username)s!', username=username))
return redirect(url_for('user', username=username))
else:
return redirect(url_for('index'))
def dismiss_case(id):
form = EmptyForm()
if form.validate_on_submit():
report_type = request.args.get('type')
reports = ''
if report_type == 'post':
reports = Report.query.filter_by(post_id=id).all()
elif report_type == 'comment':
reports = Report.query.filter_by(comment_id=id).all()
elif report_type == 'user':
reports = Report.query.filter_by(profile_id=id).all()
else:
reports = Report.query.filter_by(id=id).all()
for report in reports:
db.session.delete(report)
db.session.commit()
flash("Case dismissed")
return redirect(request.referrer)
def follow(username):
form = EmptyForm()
if form.validate_on_submit():
user = User.query.filter_by(username=username).first()
if (user == current_user):
flash('You cannot follow yourself !!!')
return redirect(url_for('user', username=username))
elif (user is None):
flash('User does not exists')
return redirect(url_for('index'))
current_user.follow(user)
db.session.commit()
flash(f'You are now following {username}')
return redirect(url_for('user', username=username))
else:
return redirect(url_for('index'))
def ytunfollow(channelId):
form = EmptyForm()
channel = invidiousFollow.query.filter_by(channelId=channelId).first()
try:
db.session.delete(channel)
db.session.commit()
flash("User unfollowed!")
except:
flash("There was an error unfollowing the user. Try again.")
return redirect(url_for('ytsearch'))
def index():
#Submit post
form0 = SearchProfileForm()
form = EmptyForm()
form2 = PostForm()
if form.validate_on_submit():
file = form2.dare.data
post = Post(body=form2.post.data, author=current_user)
db.session.add(post)
post = Post.query.order_by(Post.timestamp.desc()).first()
filename = secure_filename("{}_{}_{}".format(str(post.author.id),
str(post.author),
str(post.id)))
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
#path = str(app.config['UPLOAD_FOLDER'] + "/" + filename)
post.dare = filename
db.session.commit()
flash('Your post is now live!')
#Standard practice to respond to POST requests with redirect
#as web browsers refresh by re-issuing the last request.
#Without redirecting, refresh will resubmit the form.
return redirect(url_for('index'))
#Page navigation
page = request.args.get('page', 1, type=int)
posts = current_user.followed_posts().filter_by(banned=0).paginate(
page, app.config['POSTS_PER_PAGE'], False)
next_url = url_for('index', page=posts.next_num) \
if posts.has_next else None
prev_url = url_for('index', page=posts.prev_num) \
if posts.has_prev else None
if current_user.banned:
return render_template('banned.html')
return render_template('index.html',
title='Home',
form=form,
form2=form2,
form0=form0,
posts=posts.items,
upvote=Upvote,
badge_colour=badge_colour,
next_url=next_url,
prev_url=prev_url)
def verify(id):
post = Post.query.filter_by(id=id).first_or_404()
form = EmptyForm()
if form.validate_on_submit():
if current_user.user_level > 2:
flash("you do not have the authority for this action")
redirect(url_for(index))
post = Post.query.filter_by(id=id).first()
if post is None:
flash("Event {} does not exist".format(id), 'danger')
return redirect(url_for('index'))
if post.verified is True:
flash('Event already verified', 'info')
return redirect(url_for('event_details', id=id))
post.verified = True
db.session.commit()
flash('Event is verified!!', 'success')
return redirect(url_for('event_details', id=id))
else:
return redirect(url_for(index))
def leave(id):
post = Post.query.filter_by(id=id).first_or_404()
form = EmptyForm()
if form.validate_on_submit():
post = Post.query.filter_by(id=id).first()
if post is None:
flash("Event {} does not exist".format(id), 'danger')
return redirect(url_for('index'))
# if post.verified is False:
# flash("event is not verified yet")
# return redirect(url_for('event_details',id=id))
if post.has_joined(current_user) is False:
flash('You have not joined this event', 'danger')
return redirect(url_for('event_details', id=id))
post.leave(current_user)
db.session.commit()
flash('You have successfully left the event!!', 'info')
return redirect(url_for('event_details', id=id))
else:
return redirect(url_for(index))
def user(username):
form = EmptyForm()
user = User.query.filter_by(username=username).first_or_404()
page = request.args.get('page', 1, type=int)
posts = Post.query.order_by(Post.timestamp.desc()).paginate(page,app.config['POSTS_PER_PAGE'],False)
next_url = url_for('user',username = user.username,page = posts.next_num)\
if posts.has_next else None
prev_url = url_for('user',username = user.username,page = posts.prev_num)\
if posts.has_prev else None
return render_template('user.html', user=user, post= posts.items,form = form,
next_url=next_url, prev_url=prev_url)
def user(username):
user = User.query.filter_by(username=username).first_or_404()
posts = [{
"author": user,
"body": "Test post #1"
}, {
"author": user,
"body": "Test post #2"
}]
form = EmptyForm()
return render_template('user.html', user=user, posts=posts, form=form)
def delete_post(post_id):
""" Deletes a post entry """
form = EmptyForm()
if form.validate_on_submit():
post = Post.query.get(post_id)
# Check the current user owns the post to prevent unauthorised deleting of users posts.
if post.author == current_user:
try:
# Remove post directory and image from disk.
shutil.rmtree(post.image[0].post_dir)
except OSError as e:
print(f"Error: {e.filename} - {e.strerror}")
db.session.delete(post)
db.session.commit()
return redirect(url_for('main.user', username=current_user.username))
def follow(username):
"""Although it may seem that a function that basically lets user follow other users
should be implemented as a a GET request, there needs to be another afterthought. Follow action introduces
change into the application. It would be easier to implement this as a GET request but it also
makes it harder to protect it against CSRF attacks. So we'll use a Form to implement the follow action as a POST
request. As a rule of thumb, any action that introduces change in the application, should be implemented as a POST request
and actions that don't cause any change in the app, GET requests"""
form = EmptyForm()
if form.validate_on_submit():
user = User.query.filter_by(username=username).first()
if user is None:
flash(f'{user} not found')
return redirect(url_for('index'))
if user == current_user:
flash(_('You cannot follow yourself'))
return (redirect(url_for('user', username=username)))
current_user.follow(user)
db.session.commit()
flash(_('You are following %(username)s!', username=username))
return redirect(url_for('user', username=username))
return redirect(url_for('index'))
def ytsearch():
form = ChannelForm()
button_form = EmptyForm()
if form.validate_on_submit():
channelId = form.channelId.data
c = requests.get(
'https://{instance}/api/v1/search?type=channel&q={cid}'.format(
instance=invidiousInstance, cid=channelId))
v = requests.get(
'https://{instance}/api/v1/search?type=video&q={cid}'.format(
instance=invidiousInstance, cid=channelId))
if c.status_code == 200 and v.status_code == 200:
results = json.loads(c.content)
channels = []
videos = []
for res in results:
channels.append({
'username': res['author'],
'channelId': res['authorId'],
'thumbnail': res['authorThumbnails'][0]['url'],
'subCount': letterify(res['subCount'])
})
results = json.loads(v.content)
for data in results:
videos.append({
'instance':
invidiousInstance,
'author':
data['author'],
'videoTitle':
data['title'],
'description':
Markup(data['description'][0:125] + '...'),
'id':
data['videoId'],
'videoThumb':
data['videoThumbnails'][4]['url'],
'channelUrl':
data['authorUrl'],
'views':
data['viewCount'],
'timeStamp':
data['publishedText']
})
return render_template('ytsearch.html',
form=form,
btform=button_form,
results=channels,
videos=videos)
else:
return render_template('ytsearch.html', form=form)
def like(postid):
form = EmptyForm() # Empty form for CSRF protection
if form.validate_on_submit():
print("Form validated")
post = models.Post.query.filter_by(id=postid).first()
if post is None:
flash(f'Post {post} not found.')
return redirect(url_for('index'))
# TODO: Make this its own function
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
print(next_page, 'redirecting to index')
next_page = url_for('index')
current_user.like(post)
db.session.commit()
return redirect(unquote(url_for('profile', handle=post.author.handle)))
else:
print("form not validated")
return redirect(url_for('index'))
def unfollow(username):
form = EmptyForm()
if form.validate_on_submit():
u = db.user.find_one({'username': username})
if u is None:
flash('User {username} not found.')
return redirect(url_for('index'))
user = convert_user(u)
if user == current_user:
flash(f'You cannot unfollow yourself')
return redirect(url_for('index'))
current_user.unfollow(user)
flash(f'You are not following {username}.')
return redirect(url_for('user',username=username))
else:
return redirect(url_for('index'))
def ytfollow(channelId):
form = EmptyForm()
if form.validate_on_submit():
channel = invidiousFollow.query.filter_by(channelId=channelId).first()
if requests.get('https://{instance}/feed/channel/{cid}'.format(
instance=invidiousInstance, cid=channelId)).status_code == 200:
if channel is None:
follow = invidiousFollow()
follow.channelId = channelId
follow.followers.append(current_user)
try:
db.session.add(follow)
db.session.commit()
except:
flash("Something went wrong. Try again!")
return redirect(url_for('invidious'))
flash('You are following {}!'.format(channelId))
else:
flash("Something went wrong... try again")
return redirect(url_for('ytsearch'))
else:
return redirect(url_for('ytsearch'))
