def edit_contact_groups_form(contact_id, _user):
"""
Form to edit which SubscriptionGroups a contact is in.
"""
contact = Contact.get(contact_id)
if not contact:
abort(404, 'No such contact')
sub = _user.contact.subscribed_to(contact)
if not sub:
abort(404, 'No such contact')
data = {
'actions': {
'save_groups': url_for(
'.save_contact_groups',
contact_id=contact.id,
_external=True
)
},
'subscription': json_contact_with_groups(sub, _user)
}
add_logged_in_user_to_data(data, _user)
return render_response('roster_edit_group.tpl', data)
def create_form():
"""
Display the form to create a new user account.
"""
if not _can_create_account():
abort(403, 'Disabled by site administrator')
return render_response('users_create_form.tpl')
def create_form():
"""
Display the form to create a new user account.
"""
if not _can_create_account():
abort(403, 'Disabled by site administrator')
return render_response('users_create_form.tpl')
def feed(tag_name, _user):
"""
Display recent public posts on a particular topic (Tag).
"""
from pyaspora.post.models import Post, Share
from pyaspora.post.views import json_posts
tag = Tag.get_by_name(tag_name, create=False)
if not tag:
abort(404, 'No such tag')
data = json_tag(tag)
posts = db.session.query(Post). \
join(PostTag). \
join(Tag). \
join(Share). \
filter(Tag.Queries.public_posts_for_tags([tag.id])). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
limit(100)
data['feed'] = json_posts([(p, None) for p in posts])
add_logged_in_user_to_data(data, _user)
return render_response('tags_feed.tpl', data)
def view(_user):
"""
Show the logged-in user their own feed.
"""
from pyaspora.diaspora.models import MessageQueue
if MessageQueue.has_pending_items(_user):
return redirect(url_for('diaspora.run_queue', _external=True))
limit = int(request.args.get('limit', 99))
friend_ids = [f.id for f in _user.contact.friends()]
clauses = [Post.Queries.shared_with_contact(_user.contact)]
if friend_ids:
clauses.append(
Post.Queries.authored_by_contacts_and_public(friend_ids))
tag_ids = [t.id for t in _user.contact.interests]
if tag_ids:
clauses.append(Tag.Queries.public_posts_for_tags(tag_ids))
feed_query = or_(*clauses)
feed = db.session.query(Share).join(Post). \
outerjoin(PostTag).outerjoin(Tag). \
filter(feed_query). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
options(contains_eager(Share.post)). \
limit(limit)
data = {'feed': json_posts([(s.post, s) for s in feed], _user, True)}
add_logged_in_user_to_data(data, _user)
return render_response('feed.tpl', data)
def view(_user):
"""
Show the logged-in user their own feed.
"""
from pyaspora.diaspora.models import MessageQueue
if MessageQueue.has_pending_items(_user):
return redirect(url_for('diaspora.run_queue', _external=True))
limit = int(request.args.get('limit', 99))
friend_ids = [f.id for f in _user.contact.friends()]
clauses = [Post.Queries.shared_with_contact(_user.contact)]
if friend_ids:
clauses.append(
Post.Queries.authored_by_contacts_and_public(friend_ids))
tag_ids = [t.id for t in _user.contact.interests]
if tag_ids:
clauses.append(Tag.Queries.public_posts_for_tags(tag_ids))
feed_query = or_(*clauses)
feed = db.session.query(Share).join(Post). \
outerjoin(PostTag).outerjoin(Tag). \
filter(feed_query). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
options(contains_eager(Share.post)). \
limit(limit)
data = {
'feed': json_posts([(s.post, s) for s in feed], _user, True)
}
add_logged_in_user_to_data(data, _user)
return render_response('feed.tpl', data)
def create_form():
"""
Display the form to create a new user account.
"""
if not current_app.config.get('ALLOW_CREATION', False):
abort(403, 'Disabled by site administrator')
return render_response('users_create_form.tpl')
def logout():
"""
End a user session.
"""
session['key'] = None
session['user_id'] = None
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_logged_out.tpl', data)
def profile(contact_id):
"""
Display the profile (possibly with feed) for the contact.
"""
data, contact = _profile_base(contact_id,
request.args.get('public', False))
if not contact.user and not logged_in_user():
abort(404, 'No such contact', force_status=True)
if contact.user and not contact.user.activated:
abort(404, 'No such contact', force_status=True)
return render_response('contacts_profile.tpl', data)
def info(_user):
"""
Form to view or edit information on the currently logged-in user.
"""
data = json_user(_user)
add_logged_in_user_to_data(data, _user)
data.update({
'notification_frequency_hours': _user.notification_hours,
'email': _user.email
})
return render_response('users_edit.tpl', data)
def logout():
"""
End a user session.
"""
session['key'] = None
session['user_id'] = None
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_logged_out.tpl', data)
def info(_user):
"""
Form to view or edit information on the currently logged-in user.
"""
data = json_user(_user)
add_logged_in_user_to_data(data, _user)
data.update({
'notification_frequency_hours': _user.notification_hours,
'email': _user.email
})
return render_response('users_edit.tpl', data)
def create_form(_user):
"""
Start a new Post.
"""
data = _base_create_form(_user)
data['use_advanced_form'] = True
if request.args.get('target_type') and request.args.get('target_id'):
data['default_target'] = {
'type': request.args['target_type'],
'id': request.args['target_id'],
}
return render_response('posts_create_form.tpl', data)
def create_form(_user):
"""
Start a new Post.
"""
data = _base_create_form(_user)
data['use_advanced_form'] = True
if request.args.get('target_type') and request.args.get('target_id'):
data['default_target'] = {
'type': request.args['target_type'],
'id': int(request.args['target_id']),
}
return render_response('posts_create_form.tpl', data)
def profile(contact_id):
"""
Display the profile (possibly with feed) for the contact.
"""
data, contact = _profile_base(
contact_id,
request.args.get('public', False)
)
if not contact.user and not logged_in_user():
abort(404, 'No such contact', force_status=True)
if contact.user and not contact.user.activated:
abort(404, 'No such contact', force_status=True)
return render_response('contacts_profile.tpl', data)
def login():
"""
Display the user login form.
"""
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_login_form.tpl', data)
def view(_user):
"""
Show the logged-in user their own feed.
"""
from pyaspora.diaspora.models import MessageQueue
if MessageQueue.has_pending_items(_user):
return redirect(url_for('diaspora.run_queue', _external=True))
limit = int(request.args.get('limit', 10))
friend_ids = [f.id for f in _user.contact.friends()]
clauses = [Post.Queries.shared_with_contact(_user.contact)]
if friend_ids:
clauses.append(
Post.Queries.authored_by_contacts_and_public(friend_ids))
tag_ids = [t.id for t in _user.contact.interests]
if tag_ids:
clauses.append(Tag.Queries.public_posts_for_tags(tag_ids))
feed_query = or_(*clauses)
my_share = aliased(Share)
feed = db.session.query(Share).join(Post). \
outerjoin( # Stuff user hasn't hidden
my_share,
and_(
Post.id == my_share.post_id,
my_share.contact == _user.contact
)
). \
outerjoin(PostTag).outerjoin(Tag). \
filter(feed_query). \
filter(or_(my_share.hidden == None, not_(my_share.hidden))). \
filter(Post.parent == None). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
options(contains_eager(Share.post)). \
options(joinedload(Share.post, Post.diasp)). \
limit(limit)
data = {
'feed': json_posts([(s.post, s) for s in feed], _user, True),
'limit': limit,
'actions': {},
}
if len(data['feed']) >= limit:
data['actions']['more'] = url_for('feed.view', limit=limit + 10, _external=True)
add_logged_in_user_to_data(data, _user)
return render_response('feed.tpl', data)
def view(_user):
"""
Show the logged-in user their own feed.
"""
from pyaspora.diaspora.models import MessageQueue
if MessageQueue.has_pending_items(_user):
return redirect(url_for('diaspora.run_queue', _external=True))
limit = int(request.args.get('limit', 10))
friend_ids = [f.id for f in _user.contact.friends()]
clauses = [Post.Queries.shared_with_contact(_user.contact)]
if friend_ids:
clauses.append(
Post.Queries.authored_by_contacts_and_public(friend_ids))
tag_ids = [t.id for t in _user.contact.interests]
if tag_ids:
clauses.append(Tag.Queries.public_posts_for_tags(tag_ids))
feed_query = or_(*clauses)
my_share = aliased(Share)
feed = db.session.query(Share).join(Post). \
outerjoin( # Stuff user hasn't hidden
my_share,
and_(
Post.id == my_share.post_id,
my_share.contact == _user.contact
)
). \
outerjoin(PostTag).outerjoin(Tag). \
filter(feed_query). \
filter(or_(my_share.hidden == None, not_(my_share.hidden))). \
filter(Post.parent == None). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
options(contains_eager(Share.post)). \
options(joinedload(Share.post, Post.diasp)). \
limit(limit)
data = {
'feed': json_posts([(s.post, s) for s in feed], _user, True),
'limit': limit,
}
if len(data['feed']) >= limit:
data['actions'] = {
'more': url_for('feed.view', limit=limit + 10, _external=True)
}
add_logged_in_user_to_data(data, _user)
return render_response('feed.tpl', data)
def view(_user):
"""
View and edit the logged in user's roster.
"""
subs = db.session.query(Subscription). \
filter(Subscription.from_contact == _user.contact)
data = {
'subscriptions': [json_contact_with_groups(s, _user) for s in subs],
'actions': {
'search': url_for('contacts.search', _external=True)
}
}
add_logged_in_user_to_data(data, _user)
return render_response('roster_view.tpl', data)
def view(_user):
"""
View and edit the logged in user's roster.
"""
subs = db.session.query(Subscription). \
filter(Subscription.from_contact == _user.contact)
data = {
'subscriptions': [json_contact_with_groups(s, _user) for s in subs],
'actions': {
'search': url_for('contacts.search', _external=True)
}
}
add_logged_in_user_to_data(data, _user)
return render_response('roster_view.tpl', data)
def view_group(group_id, _user):
"""
Display the info and members of one SubscriptionGroup.
"""
group = SubscriptionGroup.get(group_id)
if not (group) or group.user_id != _user.id:
abort(404, 'No such group')
data = {
'subscriptions':
[json_contact_with_groups(s, _user) for s in group.subscriptions],
'group':
json_group(group)
}
add_logged_in_user_to_data(data, _user)
return render_response('roster_view_group.tpl', data)
def login():
"""
Display the user login form.
"""
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
data = {}
add_logged_in_user_to_data(data, None)
if _can_create_account():
data['logged_in']['actions']['sign_up'] = url_for('users.create',
_external=True)
return render_response('users_login_form.tpl', data)
def view_group(group_id, _user):
"""
Display the info and members of one SubscriptionGroup.
"""
group = SubscriptionGroup.get(group_id)
if not(group) or group.user_id != _user.id:
abort(404, 'No such group')
data = {
'subscriptions': [
json_contact_with_groups(s, _user)
for s in group.subscriptions
],
'group': json_group(group)
}
add_logged_in_user_to_data(data, _user)
return render_response('roster_view_group.tpl', data)
def activate(user_id, key_hash):
"""
Activate a user. This is intended to be a clickable link from the sign-up
email that confirms the email address is valid.
"""
matched_user = models.User.get(user_id)
if not matched_user:
abort(404, 'Not found')
if matched_user.activated:
abort(404, 'Not found')
if key_hash != _hash_for_pk(matched_user):
abort(404, 'Not found')
matched_user.activate()
db.session.commit()
return render_response('users_activation_success.tpl')
def subscriptions(contact_id, _user):
"""
Display the friend list for the contact (who must be local to this server,
because this server doesn't hold the full friend list for remote users).
"""
contact = Contact.get(contact_id)
if not (contact.user and contact.user.activated):
abort(404, 'No such contact', force_status=True)
# Looking at our own list? You'll be wanting the edit view.
if contact.id == _user.contact.id:
return redirect(url_for('roster.view', _external=True))
data = json_contact(contact, _user)
data['subscriptions'] = [json_contact(c, _user) for c in contact.friends()]
add_logged_in_user_to_data(data, _user)
return render_response('contacts_friend_list.tpl', data)
def activate(user_id, key_hash):
"""
Activate a user. This is intended to be a clickable link from the sign-up
email that confirms the email address is valid.
"""
matched_user = models.User.get(user_id)
if not matched_user:
abort(404, 'Not found')
if matched_user.activated:
abort(404, 'Not found')
if key_hash != _hash_for_pk(matched_user):
abort(404, 'Not found')
matched_user.activate()
db.session.commit()
return render_response('users_activation_success.tpl')
def subscriptions(contact_id, _user):
"""
Display the friend list for the contact (who must be local to this server,
because this server doesn't hold the full friend list for remote users).
"""
contact = Contact.get(contact_id)
if not(contact.user and contact.user.activated):
abort(404, 'No such contact', force_status=True)
# Looking at our own list? You'll be wanting the edit view.
if contact.id == _user.contact.id:
return redirect(url_for('roster.view', _external=True))
data = json_contact(contact, _user)
data['subscriptions'] = [json_contact(c, _user)
for c in contact.friends()]
add_logged_in_user_to_data(data, _user)
return render_response('contacts_friend_list.tpl', data)
def login():
"""
Display the user login form.
"""
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
data = {}
add_logged_in_user_to_data(data, None)
if _can_create_account():
data['logged_in']['actions']['sign_up'] = url_for(
'users.create',
_external=True
)
return render_response('users_login_form.tpl', data)
def search(_user):
from pyaspora.diaspora.models import DiasporaContact
term = request.args.get('searchterm', None) or \
abort(400, 'No search term provided')
if re_match('[A-Za-z0-9._]+@[A-Za-z0-9.]+$', term):
try:
DiasporaContact.get_by_username(term)
except:
current_app.logger.debug(format_exc())
matches = db.session.query(Contact).outerjoin(DiasporaContact).filter(
or_(DiasporaContact.username.contains(term),
Contact.realname.contains(term))).order_by(
Contact.realname).limit(99)
data = {'contacts': [json_contact(c, _user) for c in matches]}
add_logged_in_user_to_data(data, _user)
return render_response('contacts_search_results.tpl', data)
def comment(post_id, _user):
"""
Comment on (reply to) an existing Post.
"""
post = Post.get(post_id)
if not post:
abort(404, 'No such post', force_status=True)
if not post.has_permission_to_view(_user.contact):
abort(403, 'Forbidden')
data = _base_create_form(_user, post)
data.update({
'relationship': {
'type': 'comment',
'object': json_post(post, children=False),
'description': 'Comment on this item'
}
})
return render_response('posts_create_form.tpl', data)
def comment(post_id, _user):
"""
Comment on (reply to) an existing Post.
"""
post = Post.get(post_id)
if not post:
abort(404, 'No such post', force_status=True)
if not post.has_permission_to_view(_user.contact):
abort(403, 'Forbidden')
data = _base_create_form(_user, post)
data.update({
'relationship': {
'type': 'comment',
'object': json_post(post, children=False),
'description': 'Comment on this item'
}
})
return render_response('posts_create_form.tpl', data)
def search(_user):
from pyaspora.diaspora.models import DiasporaContact
term = request.args.get('searchterm', None) or \
abort(400, 'No search term provided')
if re_match('[A-Za-z0-9._]+@[A-Za-z0-9.]+$', term):
try:
DiasporaContact.get_by_username(term)
except:
current_app.logger.debug(format_exc())
matches = db.session.query(Contact).outerjoin(DiasporaContact).filter(or_(
DiasporaContact.username.contains(term),
Contact.realname.contains(term)
)).order_by(Contact.realname).limit(99)
data = {
'contacts': [json_contact(c, _user) for c in matches]
}
add_logged_in_user_to_data(data, _user)
return render_response('contacts_search_results.tpl', data)
def run_queue(_user):
start = datetime.now()
retry = True
processed = int(request.args.get('processed', 0))
while datetime.now() < start + timedelta(seconds=3):
if not MessageQueue.has_pending_items(_user):
retry = False
break
MessageQueue.process_incoming_queue(_user, max_items=1)
processed += 1
data = {
'count': processed,
'next': url_for('.run_queue', processed=processed, _external=True)
}
add_logged_in_user_to_data(data, _user)
if retry:
resp = make_response(render_response('diaspora_queue.tpl', data))
resp.headers['Refresh'] = '1;{0}'.format(data['next'])
return resp
else:
return redirect(url_for('feed.view'))
def run_queue(_user):
start = datetime.now()
retry = True
processed = int(request.args.get('processed', 0))
while datetime.now() < start + timedelta(seconds=3):
if not MessageQueue.has_pending_items(_user):
retry = False
break
MessageQueue.process_incoming_queue(_user, max_items=1)
processed += 1
data = {
'count': processed,
'next': url_for('.run_queue', processed=processed, _external=True)
}
add_logged_in_user_to_data(data, _user)
if retry:
resp = make_response(render_response('diaspora_queue.tpl', data))
resp.headers['Refresh'] = '1;{0}'.format(data['next'])
return resp
else:
return redirect(url_for('feed.view'))
def share(post_id, _user):
"""
Form to share an existing Post with more Contacts.
"""
post = Post.get(post_id)
if not post:
abort(404, 'No such post', force_status=True)
if not post.has_permission_to_view(_user.contact):
abort(403, 'Forbidden')
data = _base_create_form(_user)
data.update({
'relationship': {
'type': 'share',
'object': json_post(post, children=False),
'description': 'Share this item'
},
'default_target': {
'type': 'all_friends',
'id': None
}
})
return render_response('posts_create_form.tpl', data)
def edit_contact_groups_form(contact_id, _user):
"""
Form to edit which SubscriptionGroups a contact is in.
"""
contact = Contact.get(contact_id)
if not contact:
abort(404, 'No such contact')
sub = _user.contact.subscribed_to(contact)
if not sub:
abort(404, 'No such contact')
data = {
'actions': {
'save_groups':
url_for('.save_contact_groups',
contact_id=contact.id,
_external=True)
},
'subscription': json_contact_with_groups(sub, _user)
}
add_logged_in_user_to_data(data, _user)
return render_response('roster_edit_group.tpl', data)
def share(post_id, _user):
"""
Form to share an existing Post with more Contacts.
"""
post = Post.get(post_id)
if not post:
abort(404, 'No such post', force_status=True)
if not post.has_permission_to_view(_user.contact):
abort(403, 'Forbidden')
data = _base_create_form(_user)
data.update({
'relationship': {
'type': 'share',
'object': json_post(post, children=False),
'description': 'Share this item'
},
'default_target': {
'type': 'all_friends',
'id': None
}
})
return render_response('posts_create_form.tpl', data)
def create():
"""
Create a new User (sign-up).
"""
if not _can_create_account():
abort(403, 'Disabled by site administrator')
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
name = post_param('name', template='users_create_form.tpl')
password = post_param('password', template='users_create_form.tpl')
email = post_param('email', template='users_create_form.tpl')
my_user = models.User()
my_user.email = email
my_user.contact.realname = name
my_user.generate_keypair(password)
db.session.commit()
send_template(my_user.email, 'user_activate_email.tpl', {
'link': url_for(
'.activate',
user_id=my_user.id,
key_hash=_hash_for_pk(my_user),
_external=True
)
})
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_created.tpl', data)
def create():
"""
Create a new User (sign-up).
"""
if not current_app.config.get('ALLOW_CREATION', False):
abort(403, 'Disabled by site administrator')
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
name = post_param('name', template='users_create_form.tpl')
password = post_param('password', template='users_create_form.tpl')
email = post_param('email', template='users_create_form.tpl')
my_user = models.User()
my_user.email = email
my_user.contact.realname = name
my_user.generate_keypair(password)
db.session.commit()
send_template(my_user.email, 'user_activate_email.tpl', {
'link': url_for(
'.activate',
user_id=my_user.id,
key_hash=_hash_for_pk(my_user),
_external=True
)
})
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_created.tpl', data)
