Beispiel #1
0
 def reported(self, page=1):
     if not h.is_admin():
         h.add_message('You must be an admin to perform that action.', 'error')
         return render('/blank.mako')
     quotes = db.query(Quote).filter(Quote.status == QSTATUS['reported']).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'reported'
     return render('/browse.mako')
Beispiel #2
0
 def unapproved(self, page=1):
     if not h.is_admin():
         h.add_message('You must be an admin to perform that action.', 'error')
         return render('/blank.mako')
     quotes = db.query(Quote).filter(Quote.approved == 0).order_by(Quote.submitted.desc()).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'unapproved'
     return render(self._get_template_name())
Beispiel #3
0
 def reported(self, page=1):
     if not h.is_admin():
         h.add_message('You must be an admin to perform that action.',
                       'error')
         return render('/blank.mako')
     quotes = db.query(Quote).filter(
         Quote.status == QSTATUS['reported']).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'reported'
     return render('/browse.mako')
Beispiel #4
0
    def reset_password(self):
        c.page = 'pw reset'
        c.key = request.params.get('key')
        c.redirect_url = url(controller='account', action='login')
        if request.environ['REQUEST_METHOD'] == 'GET':
            if not c.key:
                return render('/pw_reset/request.mako')
            else:
                reset_token = self._check_valid_pw_reset_key(c.key)
                if not reset_token:
                    h.add_message('Invalid reset token', 'error')
                    return render('/blank.mako')
                return render('/pw_reset/set.mako')
        elif request.environ['REQUEST_METHOD'] == 'POST':
            if not c.key:
                # create a password request key
                email = request.params['email']
                user = db.query(User).filter(User.email == email).first()
                if not user:
                    h.add_message('Invalid email address provided.', 'error')
                    return render('/pw_reset/request.mako')
                already_requested = db.query(PasswordResets).filter(PasswordResets.user_id == user.id).first()
                if already_requested:
                    if already_requested.created < now() - datetime.timedelta(hours=2):
                        db.delete(already_requested)
                    else:
                        h.add_message('A password reset has already been requested for this user.', 'error')
                        return render('/blank.mako')
                pw_reset_key = PasswordResets()
                pw_reset_key.user_id = user.id
                pw_reset_key.key = self._generate_pw_reset_key()
                db.add(pw_reset_key)
                db.commit()

                send_reset_password_email(user.email, pw_reset_key.key)
                h.add_message('Password reset email sent!', 'success')
                return render('/blank.mako')
            else:
                # reset the user's password to what they've submitted
                reset_token = self._check_valid_pw_reset_key(c.key)
                if not reset_token:
                    h.add_message('Invalid reset token', 'error')
                    return render('/blank.mako')
                password = request.params['password']
                password_confirm = request.params['password_confirm']
                valid_password = validate_password(password, password_confirm)
                if not valid_password['status']:
                    h.add_message(valid_password['msg'], 'error')
                    return render('/pw_reset/set.mako')
                user = db.query(User).filter(User.id == reset_token.user_id).first()
                hashed_pass = h.hash_password(password)
                user.password = hashed_pass
                db.delete(reset_token)
                db.commit()

                h.add_message('Password successfully set. You should now be able to login.', 'success')
                return render('/blank.mako')
Beispiel #5
0
    def tags(self, tag=None, page=1):
        c.page = 'tags'
        if tag is None:
            c.rainbow = False
            if 'rainbow' in request.params:
                c.rainbow = ['', 'label-success', 'label-warning', 
                             'label-important', 'label-info', 'label-inverse']

            c.tags = self._generate_tagcloud()
            return render('/tagcloud.mako')
        else:
            tag_obj = db.query(Tag).filter(Tag.tag == tag).first()
            quotes = db.query(Quote).filter(Quote.tags.contains(tag_obj)).filter(Quote.status == QSTATUS['approved']).all()
            c.paginator = self._create_paginator(quotes, page)
            c.tag_filter = tag
            return render('/browse.mako')
Beispiel #6
0
 def view_one(self, ref_id):
     quote = db.query(Quote).filter(Quote.id == ref_id).first()
     if not quote or quote.approved != 1:
         abort(404)
     else:
         c.quote = quote
         c.page = 'browse'
         return render(self._get_template_name())
Beispiel #7
0
 def disapproved(self, page=1):
     authorize()
     quotes = db.query(Quote).filter(
         Quote.status == QSTATUS['disapproved']).order_by(
             Quote.submitted.desc()).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'disapproved'
     return render('/browse.mako')
Beispiel #8
0
 def view_one(self, ref_id):
     quote = db.query(Quote).filter(Quote.id == ref_id).first()
     if not quote or quote.status != QSTATUS['approved']:
         abort(404)
     else:
         c.quote = quote
         c.page = 'browse'
         return render('/browse.mako')
Beispiel #9
0
 def view_one(self, ref_id):
     quote = db.query(Quote).filter(Quote.id == ref_id).first()
     if not quote or quote.status != QSTATUS['approved']:
         abort(404)
     else:
         c.quote = quote
         c.page = 'browse'
         return render('/browse.mako')
Beispiel #10
0
 def search(self, keyword='', page=1):
     if request.environ['REQUEST_METHOD'] == 'POST':
         keyword = request.params.get('keyword', '')
         redirect(url(controller='browse', action='search', keyword=keyword))
     query = '%' + keyword + '%'
     quotes = db.query(Quote).filter(Quote.body.like(query)).order_by(Quote.submitted.desc()).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'search: %s' % keyword
     return render(self._get_template_name())
Beispiel #11
0
 def search(self, term='', page=1):
     if request.environ['REQUEST_METHOD'] == 'POST':
         term = request.params.get('term', '')
         redirect(url(controller='browse', action='search', term=term))
     query = '%' + term + '%'
     quotes = db.query(Quote).filter(Quote.body.like(query)).filter(Quote.status == QSTATUS['approved']).order_by(Quote.submitted.desc()).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'search: %s' % term
     return render('/browse.mako')
Beispiel #12
0
 def quote(self):
     authorize()
     c.page = 'new quote'
     if request.environ['REQUEST_METHOD'] == 'GET':
         return render('/create/form.mako')
     elif request.environ['REQUEST_METHOD'] == 'POST':
         quote_body = request.params.get('quote_body', '')
         if not quote_body:
             abort(400)
         notes = request.params.get('notes', '')
         tags = request.params.get('tags', '').split(' ')
         
         result = create_quote(quote_body, notes, tags)
         if result:
             return render('/create/success.mako')
         else:
             abort(500)
     else:
         abort(400)
Beispiel #13
0
    def tags(self, tag=None, page=1):
        c.page = 'tags'
        if tag is None:
            c.rainbow = False
            if 'rainbow' in request.params:
                c.rainbow = [
                    '', 'label-success', 'label-warning', 'label-important',
                    'label-info', 'label-inverse'
                ]

            c.tags = self._generate_tagcloud()
            return render('/tagcloud.mako')
        else:
            tag_obj = db.query(Tag).filter(Tag.tag == tag).first()
            quotes = db.query(Quote).filter(
                Quote.tags.contains(tag_obj)).filter(
                    Quote.status == QSTATUS['approved']).all()
            c.paginator = self._create_paginator(quotes, page)
            c.tag_filter = tag
            return render('/browse.mako')
Beispiel #14
0
 def search(self, term='', page=1):
     if request.environ['REQUEST_METHOD'] == 'POST':
         term = request.params.get('term', '')
         redirect(url(controller='browse', action='search', term=term))
     query = '%' + term + '%'
     quotes = db.query(Quote).filter(Quote.body.like(query)).filter(
         Quote.status == QSTATUS['approved']).order_by(
             Quote.submitted.desc()).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'search: %s' % term
     return render('/browse.mako')
Beispiel #15
0
 def login(self):
     c.page = 'log in'
     c.redirect_url = request.GET.get('redirect_url', '')
     if request.environ['REQUEST_METHOD'] == 'GET':
         if request.GET.get('warn', ''):
             h.add_message('You need to be logged in to perform that action.',
                           'info')
         return render('/login.mako')
     elif request.environ['REQUEST_METHOD'] == 'POST':
         username = request.params['username']
         password = request.params['password']
         success = authenticate(username, password)
         if success:
             if c.redirect_url and not c.redirect_url in ['/signup', 
                                                          '/logout']:
                 redirect(c.redirect_url)
             else:
                 redirect(url(controller='home', action='main'))
         else:
             h.add_message('Incorrect username / password', 'error')
             return render('/login.mako')
Beispiel #16
0
    def quote(self):
        authorize()
        c.page = 'new quote'
        if request.environ['REQUEST_METHOD'] == 'GET':
            return render('/create/form.mako')
        elif request.environ['REQUEST_METHOD'] == 'POST':
            quote_body = request.params.get('quote_body', '')
            if not quote_body:
                abort(400)
            notes = request.params.get('notes', '')
            tags = filter(
                None,
                request.params.get('tags', '').replace(',', ' ').split(' '))

            result = create_quote(quote_body, notes, tags)
            if result:
                return render('/create/success.mako')
            else:
                abort(500)
        else:
            abort(400)
Beispiel #17
0
 def login(self):
     c.page = 'log in'
     c.redirect_url = request.GET.get('redirect_url', '')
     if request.environ['REQUEST_METHOD'] == 'GET':
         if request.GET.get('warn', ''):
             h.add_message(
                 'You need to be logged in to perform that action.', 'info')
         return render('/login.mako')
     elif request.environ['REQUEST_METHOD'] == 'POST':
         username = request.params['username']
         password = request.params['password']
         success = authenticate(username, password)
         if success:
             if c.redirect_url and not c.redirect_url in [
                     '/signup', '/logout', '/reset_password'
             ]:
                 redirect(c.redirect_url)
             else:
                 redirect(url(controller='home', action='main'))
         else:
             h.add_message('Incorrect username / password', 'error')
             return render('/login.mako')
Beispiel #18
0
 def create(self):
     c.page = 'sign up'
     if request.environ['REQUEST_METHOD'] == 'GET':
         return render('/signup/form.mako')
     elif request.environ['REQUEST_METHOD'] == 'POST':
         username = request.params['username']
         password = request.params['password']
         password_confirm = request.params['password_confirm']
         email = request.params['email']
         
         validity = validate_signup(username, password,
                                    password_confirm, email)
         if not validity['status']:
             h.add_message(validity['msg'], 'error')
             return render('/signup/form.mako')
         try:
             create_user(username, password, email)
             authenticate(username, password)
             c.logged_in = True
             c.user = db.query(User).filter(User.username == username).first()
             return render('/signup/success.mako')
         except NameError, e:
             h.add_message(e.__str__, 'error')
             return render('/signup/form.mako')
Beispiel #19
0
 def document(self):
     """Render the error document"""
     request = self._py_object.request
     resp = request.environ.get('pylons.original_response')
     code = cgi.escape(request.GET.get('code', ''))
     content = cgi.escape(request.GET.get('message', ''))
     if resp:
         content = literal(resp.status)
         code = code or cgi.escape(str(resp.status_int))
     if not code:
         raise Exception('No status code was found')
     c.code = code
     c.message = content
     c.page = None
     return render('/error.mako')
Beispiel #20
0
 def document(self):
     """Render the error document"""
     request = self._py_object.request
     resp = request.environ.get('pylons.original_response')
     code = cgi.escape(request.GET.get('code', ''))
     content = cgi.escape(request.GET.get('message', ''))
     if resp:
         content = literal(resp.status)
         code = code or cgi.escape(str(resp.status_int))
     if not code:
         raise Exception('No status code was found')
     c.code = code
     c.message = content
     c.page = None
     return render('/error.mako')
Beispiel #21
0
 def main(self):
     c.page = 'home'
     return render('/home.mako')
Beispiel #22
0
 def worst(self, page=1):
     quotes = db.query(Quote).order_by(
         Quote.rating).filter(Quote.status == QSTATUS['approved']).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'worst'
     return render('/browse.mako')
Beispiel #23
0
 def disapproved(self, page=1):
     authorize()
     quotes = db.query(Quote).filter(Quote.status == QSTATUS['disapproved']).order_by(Quote.submitted.desc()).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'disapproved'
     return render('/browse.mako')
Beispiel #24
0
 def random(self):
     c.quote = db.query(Quote).order_by(sql.func.rand()).filter(
         Quote.status == QSTATUS['approved']).first()
     c.page = 'random'
     return render('/browse.mako')
Beispiel #25
0
 def main(self, page=1):
     quotes = db.query(Quote).order_by(Quote.submitted.desc()).filter(Quote.approved == 1).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'browse'
     return render(self._get_template_name())
Beispiel #26
0
 def worst(self, page=1):
     quotes = db.query(Quote).order_by(Quote.score).filter(Quote.approved == 1).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'worst'
     return render(self._get_template_name())
Beispiel #27
0
 def logout(self):
     c.page = 'logout'
     clear_cookies()
     c.logged_in = False
     h.add_message('Logged out successfully!', 'info')
     return render('/home.mako')
Beispiel #28
0
 def worst(self, page=1):
     quotes = db.query(Quote).order_by(Quote.rating).filter(Quote.status == QSTATUS['approved']).all()
     c.paginator = self._create_paginator(quotes, page)
     c.page = 'worst'
     return render('/browse.mako')
Beispiel #29
0
 def favourites(self, page=1):
     authorize()
     c.paginator = self._create_paginator(c.user.favourites, page)
     c.page = 'favourites'
     return render('/browse.mako')
Beispiel #30
0
 def logout(self):
     c.page = 'logout'
     clear_cookies()
     c.logged_in = False
     h.add_message('Logged out successfully!', 'info')
     return render('/home.mako')
Beispiel #31
0
 def random(self):
     c.quote = db.query(Quote).order_by(sql.func.rand()).filter(Quote.approved == 1).first()
     c.page = 'random'
     return render(self._get_template_name())
Beispiel #32
0
    def reset_password(self):
        c.page = 'pw reset'
        c.key = request.params.get('key')
        c.redirect_url = url(controller='account', action='login')
        if request.environ['REQUEST_METHOD'] == 'GET':
            if not c.key:
                return render('/pw_reset/request.mako')
            else:
                reset_token = self._check_valid_pw_reset_key(c.key)
                if not reset_token:
                    h.add_message('Invalid reset token', 'error')
                    return render('/blank.mako')
                return render('/pw_reset/set.mako')
        elif request.environ['REQUEST_METHOD'] == 'POST':
            if not c.key:
                # create a password request key
                email = request.params['email']
                user = db.query(User).filter(User.email == email).first()
                if not user:
                    h.add_message('Invalid email address provided.', 'error')
                    return render('/pw_reset/request.mako')
                already_requested = db.query(PasswordResets).filter(
                    PasswordResets.user_id == user.id).first()
                if already_requested:
                    if already_requested.created < now() - datetime.timedelta(
                            hours=2):
                        db.delete(already_requested)
                    else:
                        h.add_message(
                            'A password reset has already been requested for this user.',
                            'error')
                        return render('/blank.mako')
                pw_reset_key = PasswordResets()
                pw_reset_key.user_id = user.id
                pw_reset_key.key = self._generate_pw_reset_key()
                db.add(pw_reset_key)
                db.commit()

                send_reset_password_email(user.email, pw_reset_key.key)
                h.add_message('Password reset email sent!', 'success')
                return render('/blank.mako')
            else:
                # reset the user's password to what they've submitted
                reset_token = self._check_valid_pw_reset_key(c.key)
                if not reset_token:
                    h.add_message('Invalid reset token', 'error')
                    return render('/blank.mako')
                password = request.params['password']
                password_confirm = request.params['password_confirm']
                valid_password = validate_password(password, password_confirm)
                if not valid_password['status']:
                    h.add_message(valid_password['msg'], 'error')
                    return render('/pw_reset/set.mako')
                user = db.query(User).filter(
                    User.id == reset_token.user_id).first()
                hashed_pass = h.hash_password(password)
                user.password = hashed_pass
                db.delete(reset_token)
                db.commit()

                h.add_message(
                    'Password successfully set. You should now be able to login.',
                    'success')
                return render('/blank.mako')
Beispiel #33
0
 def favourites(self, page=1):
     authorize()
     c.paginator = self._create_paginator(c.user.favourites, page)
     c.page = 'favourites'
     return render('/browse.mako')
Beispiel #34
0
 def random(self):
     c.quote = db.query(Quote).order_by(sql.func.rand()).filter(Quote.status == QSTATUS['approved']).first()
     c.page = 'random'
     return render('/browse.mako')
Beispiel #35
0
 def favourites(self, page=1):
     authorize()
     c.paginator = self._create_paginator(c.user.favourites, page)
     c.page = 'favourites'
     return render(self._get_template_name())