def update_color_pref():
colormap = {'green': 0, 'red': 1, 'purple': 2, 'blue': 3, 'orange': 4}
color = request.args.get('color', type=str)
v = sess.query(Users).filter_by(userid=session['userid']).first()
v.color = colormap[color]
sess.commit()
return jsonify('color pref updated')
def recover_password():
email = request.form['email']
exists = sess.query(Users).filter_by(email=email).count()
if exists == 0:
return jsonify("Can't find that email address")
elif exists > 1:
return jsonify("Something terrible has happened")
else:
userid = sess.query(Users).filter_by(email=email).one().userid
now = datetime.datetime.utcnow()
m = hashlib.sha256()
for i in [str(userid), str(now), email]:
m.update(i.encode("utf-8"))
token = m.hexdigest()
newrequest = PasswordReset(userid=userid,
token=token,
date=now,
used='f')
sess.add(newrequest)
sess.commit()
resetlink = "https://cartoforum.com/resetpassword?token={}".format(
token)
msg = Message('Hello', sender='Cartoforum', recipients=[email])
msg.body = resetlink
mail.send(msg)
return render_template('index.html', status='resetlinksent')
def request_invite():
gid = request.form['gid']
newinvite = InviteMe(userid=session['userid'],
groupid=gid,
date=datetime.datetime.utcnow())
sess.add(newinvite)
sess.commit()
return render_template("discovery.html", invite="sent")
def cast_vote():
post = request.args.get('post', 0, type=int)
vote = request.args.get('vote', 0, type=int)
v = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post)
if v.count() > 0:
v = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post).first()
v.vote = vote
else:
v = Votes(postid=post, userid=session['userid'], vote=vote)
sess.add(v)
sess.commit()
pid = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post).one().postid
oid = sess.query(Post).filter_by(postid=pid).one().objectid
score_ind = carto.update_object_stats(oid)
return jsonify(score_ind)
def create_account():
username = request.form['username']
email = request.form['email']
if email in ['email address', '']:
email = None
password = request.form['password']
m = hashlib.sha256()
m.update(password.encode("utf-8"))
hashpass = m.hexdigest()
emailexists = sess.query(Users).filter_by(email=email).count()
if emailexists > 0 and email is not None:
return render_template(email)
else:
newuser = Users(email=email, password=hashpass, username=username)
sess.add(newuser)
sess.commit()
return render_template('index.html', account='created')
def save_thread():
nick = request.args.get('nick', 0, type=str)
name = request.args.get('name', 0, type=str)
ug = sess.query(UsersGroups).filter_by(userid=session['userid']).filter_by(groupid=session['groupid']).one().userid
if not ug:
return jsonify("user not permitted to do this")
t_exists = sess.query(Thread).filter_by(nickname=nick).filter_by(groupid=session['groupid']).count()
if t_exists == 1:
return jsonify("group already exists")
try:
insert_thread = Thread(nickname=nick, groupid=session['groupid'])
sess.add(insert_thread)
sess.commit()
return jsonify("success")
except:
return jsonify("something went wrong")
def delete_post():
postid = request.args.get('postid', 0, type=int)
is_this_my_post = sess.query(Post).filter_by(userid=session['userid']).filter_by(postid=postid).one()
if is_this_my_post.userid != session['userid']:
return jsonify('request not allowed')
objectid = is_this_my_post.objectid
canIdelete = sess.query(Post).filter_by(responseto=postid).count()
if canIdelete > 0:
return jsonify('request not allowed')
sess.query(Post).filter_by(userid=session['userid']).filter_by(postid=postid).delete()
sess.commit()
# check if you can delete the geometry
usingobject = cur.execute("SELECT count(*) from posts where objectid = {}".format(objectid))
response = cur.fetchall()
for row in response:
if row[0] == 0:
cur.execute("DELETE from mapobjects where objectid = {}".format(objectid))
pgconnect.commit()
return jsonify('success')
def select_username_for_twitter():
alt_name = request.form['username']
userquery = sess.query(Users).filter_by(
username='******'.format(alt_name)).count()
if userquery == 0:
# move on with their alt
twitterid = sess.query(TwitterUsers).filter_by(
username=session['twitter_user']).one().oauth_uid
newuser = Users(username='******'.format(alt_name),
password='******',
twitterid=twitterid)
sess.add(newuser)
sess.commit()
tulogged = sess.query(Users).filter_by(
username='******'.format(alt_name)).one()
session['userid'] = tulogged.userid
session['logged_in'] = True
return render_template('groupselect.html', username=alt_name)
else:
# offer them a different name
alt_name = utils.get_alternate_username(session['twitter_user'])
return render_template('select_username.html', alt_name=alt_name)
def save_post():
threadid = request.form['threadid']
replyID = request.form['replyID']
objid = request.form['objid']
if not objid:
objid = 0
text = request.form['text']
ug = sess.query(UsersGroups).filter_by(userid=session['userid']).filter_by(groupid=session['groupid']).one().userid
if not ug:
return jsonify("user not permitted to do this")
if replyID:
thread_id = sess.query(Post).filter_by(postid=replyID).one().threadid
insert_post = Post(userid=session['userid'], groupid=session['groupid'], date=datetime.datetime.utcnow(),
responseto=replyID, objectid=objid, postcontent=text, threadid=thread_id)
else:
insert_post = Post(userid=session['userid'], groupid=session['groupid'], date=datetime.datetime.utcnow(),
objectid=objid, postcontent=text, threadid=threadid)
sess.add(insert_post)
sess.commit()
return jsonify("success")
def invite_user():
invitee = request.args.get('invitee', type=str)
try:
inviteeuserid = sess.query(Users).filter_by(
username=invitee).one().userid
except:
return jsonify(response="user doesn't exist")
inviteexists = sess.query(GroupRequests).filter_by(invitee=inviteeuserid).\
filter_by(groupid=session['groupid']).count()
if inviteexists > 0:
return jsonify(response='invite already exists')
useringroup = sess.query(UsersGroups).filter_by(
groupid=session['groupid']).filter_by(userid=inviteeuserid).count()
if useringroup > 0:
return jsonify(response='user already in group')
newinvite = GroupRequests(requester=session['userid'],
invitee=inviteeuserid,
groupid=session['groupid'],
dateissued=datetime.datetime.utcnow(),
complete='f')
sess.add(newinvite)
sess.commit()
return jsonify(response='invite sent')
def quit_group():
groupid = request.form['groupid']
uid = sess.query(UsersGroups).filter_by(groupid=groupid).filter_by(
userid=session['userid']).count()
if uid > 0:
cur.execute(
"DELETE FROM Votes where userid = {} and postid in (Select postid from posts where groupid = {})"
.format(session['userid'], groupid))
sess.query(Post).filter_by(groupid=groupid).filter_by(
userid=session['userid']).delete()
cur.execute(
"DELETE FROM mapobjects Where userid = {} and groupid = {}".format(
session['userid'], groupid))
pgconnect.commit()
sess.query(UsersGroups).filter_by(groupid=groupid).filter_by(
userid=session['userid']).delete()
sess.query(GroupRequests).filter_by(groupid=groupid).filter_by(
invitee=session['userid']).delete()
sess.query(InviteMe).filter_by(groupid=groupid).filter_by(
userid=session['userid']).delete()
sess.commit()
username = sess.query(Users).filter_by(
userid=session['userid']).one().username
return render_template('groupselect.html', username=username)
def oauth_callback():
provider = 'google'
oauth = OAuthSignIn.get_provider(provider)
username, email = oauth.callback()
if email is None:
# I need a valid email address for my user identification
flash('Authentication failed.')
return redirect(url_for('index'))
# Look if the user already exists
nickname = username
if username is None or username == "":
nickname = email.split('@')[0]
googleuser = sess.query(TwitterUsers).filter_by(username=nickname).filter_by(oauth_provider='google')\
.count()
# log in oauth database
if googleuser == 0:
gu = TwitterUsers(oauth_provider='google', username=nickname, oauth_uid=nickname)
sess.add(gu)
sess.commit()
else:
gu = sess.query(TwitterUsers).filter_by(username=nickname).filter_by(oauth_provider='google').first()
sess.commit()
# log in users table
userquery = sess.query(Users).filter_by(username='******'.format(nickname)).count()
if userquery == 0:
newuser = Users(username='******'.format(nickname), password='******')
sess.add(newuser)
sess.commit()
tulogged = sess.query(Users).filter_by(username='******'.format(nickname)).one()
session['userid'] = tulogged.userid
session['logged_in'] = True
# check if there's a session groupid, if so they probably came from a viewmap.
# add them to the group and send them there if it's open
if session['groupid']:
opengroup = sess.query(Group).filter_by(groupid=session['groupid']).one().opengroup
if opengroup:
adduser_group = UsersGroups(userid=session['userid'], groupid=session['groupid'])
sess.add(adduser_group)
sess.commit
return redirect(url_for('go_to_group'))
return render_template('groupselect.html', username=nickname)
def update_basemap_pref():
basemap = request.args.get('basemap', 0, type=int)
v = sess.query(Users).filter_by(userid=session['userid']).first()
v.basemap = basemap
sess.commit()
return jsonify('basemap pref updated')
def select_username():
username = request.form['username']
u = sess.query(Users).filter_by(userid=session['userid']).first()
u.username = username
sess.commit()
return app.index()
def oauth_authorized(resp):
next_url = request.args.get('next') or url_for('index')
if resp is None:
flash(u'You denied the request to sign in.')
return redirect(next_url)
session['twitter_token'] = (resp['oauth_token'],
resp['oauth_token_secret'])
username = resp['screen_name']
session['twitter_user'] = username
if session.has_key('groupid'):
open = sess.query(Group).filter_by(groupid=session['groupid'])
# check if twitter user has already logged in to cartoforum
twitteruser = sess.query(TwitterUsers).filter_by(username=username).count()
flash('You were signed in as %s' % username)
if twitteruser == 0:
tu = TwitterUsers(oauth_provider='twitter',
username=username,
oauth_uid=resp['user_id'],
oauth_token=resp['oauth_token'],
oauth_secret=resp['oauth_token_secret'])
sess.add(tu)
sess.commit()
else:
tu = sess.query(TwitterUsers).filter_by(username=username).first()
tu.oauth_token = resp['oauth_token']
tu.oauth_secret = resp['oauth_token_secret']
sess.commit()
# check if the twitter users screen name has already been taken.
userquery = sess.query(Users).filter_by(
username='******'.format(username)).count()
if userquery == 0:
# move on with their twitter screen name
newuser = Users(username='******'.format(username),
password='******',
twitterid=resp['user_id'])
sess.add(newuser)
sess.commit()
else:
# this username exists, is the twitterid different from what we have logged?
twitterid = sess.query(TwitterUsers).filter_by(
username='******'.format(username)).count()
if twitterid == 0:
# offer them a different name
alt_name = utils.get_alternate_username(session['twitter_user'])
if not session['groupid']:
return render_template('select_username.html',
alt_name=alt_name)
else:
username = sess.query(Users).filter_by(
twitterid=resp['user_id']).one().username
tulogged = sess.query(Users).filter_by(
username='******'.format(username)).one()
session['userid'] = tulogged.userid
session['logged_in'] = True
if session.has_key('groupid'):
cur.execute("INSERT INTO usersgroups VALUES ({},{})".format(
session['userid'], session['groupid']))
cur.execute(
"SELECT groupname,bounds from groups where groupid = {}".format(
session['groupid']))
pgconnect.commit()
response = cur.fetchall()
for row in response:
groupname = row[0]
bounds = row[1]
# Check for group membership, return group name and bounds and username
user = sess.query(Users).filter_by(userid=session['userid']).one()
username = user.username
basemap = user.basemap
color = user.color
# TODO: check that user is a member of group
return render_template('map.html',
groupid=session['groupid'],
userid=session['userid'],
username=username,
basemap=basemap,
color=color,
groupname=groupname,
bounds=bounds)
else:
return render_template('groupselect.html', username=username)