def routeIgnorePost(id=None): if g.redis.sismember("meta.user.%s.post_follows" % g.user.username, id): g.redis.srem("meta.user.%s.post_follows" % g.user.username, id) p = ForumPost.select().where(ForumPost.id == int(id)) g.redis.srem("meta.forum.post.%s.follows" % p[0].id, g.user.id) return flashy("Unfollowed post!", "success", p[0].getUrl()) #@DEV fall through return flashy("You dont follow that post!", "success", "/forum")
def routeRegister(): if g.user: return flashy("You cannot confirm an email when you are logged in!", "error", "/") if not request.values.get('email') or not request.values.get("id"): return flashy("Invalid register request!", "error", "/") if g.redis.exists("meta.register.%s" % request.values.get('email')): v = g.redis.get("meta.register.%s" % request.values.get("email")) try: v = json.loads(v) except: print "Error w/ conf: %s" % v return flashy("Error with confirmation request!", "error", "/") if v['key'] == request.values.get("id"): if not request.values.get("pw"): return render_template("register.html", id=request.values.get("id"), email=request.values.get("email")) u = User() u.username = v['user'] u.email = v['email'] u.password = hashPassword(request.values.get("pw")) u.registered = True u.registered_date = datetime.now() u.level = 0 u.altlevel = 0 u.save() g.user = u session['u'] = u.username g.redis.delete("meta.register.%s" % u.email) return flashy("You are now registered! Enjoy!", "success", "/") return flashy("Invalid confirmation request!", "error", "/")
def routeDeletePost(id=None): if not id: return flashy("Invalid delete request!", "error", "/forum") p = ForumPost.select().where(ForumPost.id == int(id)) if not p.count(): return flashy("Invalid post!", "error", "/forum") p = p[0] if not p.author == g.user and not g.user.level >= 60: return flashy("You dont have permission to do that!", "error", "/forum") p.delete_instance() return flashy("Deleted post!", "success", "/forum")
def routeLockPost(id=None): if not id: return flashy("Invalid lock request!", "error", "/forum") if not g.user.level >= 60: return flashy("You dont have permission to do that!", "error", "/forum") p = ForumPost.select().where(ForumPost.id == int(id)) if not p.count(): return flashy("Invalid post!", "error", "/forum") p = p[0] p.locked = True p.save() return flashy("Locked post!", "success", "/forum")
def routeBoard(bid=None, page=1): if not g.user: level = 0 else: level = g.user.level if not bid: return flashy("No such board!", "error", "/forum") cats = Forum.select().where((Forum.perm_view <= level) & (Forum.cat == True)).order_by(Forum.order) board = Forum.select().where((Forum.perm_view <= level) & (Forum.cat == False) & (Forum.id == int(bid))) if not board.count(): return flashy("Invalid board!", "error", "/forum") sticks = ForumPost.select().where((ForumPost.forum == board), (ForumPost.first == True), (ForumPost.sticky==True)).order_by(ForumPost.last_update.desc()).paginate(int(page), 25) posts = ForumPost.select().where((ForumPost.forum == board), (ForumPost.first == True), (ForumPost.sticky==False)).order_by(ForumPost.last_update.desc()).paginate(int(page), 25) return render_template("forum.html", cats=cats, posts=[i for i in sticks]+[i for i in posts], board=board[0])
def auth_route_logout(): if 'redirect' in request.values or "realm" in request.values: url = build_url(request.values.get("realm", ""), request.values.get("redirect", "")) else: url = build_url("", "") if g.user: del session['id'] return flashy(u"You have been logged out!", "success", u=url) return flashy(u"You are not currently logged in!", u=url)
def create_or_login(resp): match = steam.steam_id_re.search(resp.identity_url) try: g.user = User.steamGetOrCreate(match.group(1)) g.uid = g.user.id except Exception as e: return flashy("Error: %s" % e) if g.user.getActiveBans().count(): return flashy("You are banned!", "error") resp = flashy("Welcome back %s!" % g.user.username, "success") resp.set_cookie("sid", g.user.login(), expires=time.time() + Session.LIFETIME) return resp
def routeLogin(): if session.get('u'): return flashy("You are already logged in!", "warning", "/") if 'user' in request.values and 'pw' in request.values: u = User.select().where(User.username == request.values['user']) if u.count(): u = u.get() if u.checkPassword(request.values['pw']): #@TODO check if banned session['u'] = u.username return flashy("Welcome back %s!" % u.username, "success", "/") return flashy("Invalid username/password!", "error", "/") else: return flashy("Invalid login request!", "error", "/")
def routePost(bid=None, pid=None, page=1): follows = False if not g.user: level = 0 else: level = g.user.level if not pid or not bid: return flashy("Invalid request!", "error", "/forum") p = ForumPost.select().where(ForumPost.id == int(pid)) if not p.count(): return flashy("No such post!", "error", "/forum") #p[0].views += 1 #@DEV redis this? #p[0].save() follows = followsPost(p[0]) cats = Forum.select().where((Forum.perm_view <= level) & (Forum.cat == True)).order_by(Forum.order) return render_template("post.html", post=p[0], cats=cats, page=int(page), follows=follows)
def routeEditPostPage(id=None): if not id: id = request.form.get("post") p = ForumPost.select().where(ForumPost.id == int(id)) if not p.count(): return flashy("Invalid Post!", "error", "/forum") p = p[0] if p.isLocked(): return flashy("Post is locked!", "error", p.getUrl()) if p.author != g.user and g.user.level < 60: return flashy("You dont have permission to do that!", "error", "/forum") if not request.form.get("post") or not request.form.get("content"): return render_template("forum.html", epost=p, cats=Forum.select().where((Forum.perm_view <= g.user.level) & (Forum.cat == True)).order_by(Forum.order)) p.content = request.form.get("content") p.save() return flashy("Post edited!", "success", p.getUrl())
def routeDisputeInfraction(): if not request.form.get("inf") or not request.form.get("content") or not request.form.get("inf").isdigit(): return flashy("Invalid dispute request!", "error", "/acct") id = int(request.form.get("inf")) if id >= g.ruser.getInfractionCount(): return flashy("Invalid Infraction ID!", "error", "/acct") i = g.ruser.getInfraction(id) if i: i['status'] = 1 i['dispute'] = request.form.get("content") g.ruser.updateInfraction(id, i) return flashy("Dispute sent! Please allow up too 3-5 days for an admin response.", "success", "/acct") return flashy("Error!", "error", "/acct")
def login(): """ Login URL for steam openid, limited to 20 requests a minute """ if g.user is not None: return flashy("You are already logged in!") return oid.try_login('http://steamcommunity.com/openid')
def routeFriends(user=None, action=None): if not user or not action: return "Invalid Request", 400 q = User.select().where(User.username ** user) if q.count() == 1: user = q[0] else: return flashy("That user doesnt seem to exist!", "error", "/") if g.user == user: return flashy("You can't add yourself as a friend silly!", "error", "/") if action == "add": if not g.user.canFriend(user): return flashy("You can't friend that user!", "error", "/") f = Friendship(a=g.user, b=user, confirmed=False, ignored=False, date=datetime.now(), note=n) f.save() n = Notification(user=user, title="%s wants to be your friend!" % g.user.username, content=friend_msg.format(user=g.user.username), reference=f.id) n.save() return flashy("Your friend request has been sent too '%s'!" % user.username, "success", "/") elif action == "rmv": if not g.user.isFriendsWith(user): return flashy("Your not friends with that user!", "error", "/") f = g.user.getFriendship(user) f[0].delete_instance() return flashy("You are no longer friends with '%s' :(" % user.username, "success", "/") elif action == "conf": f = Friendship.select().where(Friendship.a == user, Friendship.b == g.user, Friendship.confirmed == False, Friendship.ignored == False) if not f.count(): return flashy("Invalid link!", "error", "/") f = f[0] f.confirmed = True f.respdate = datetime.now() f.save() f.note.read = True f.note.save() n = Notification(user=user, title="%s accepted your friend request!" % g.user.username, content=friend_accpt_msg.format(user=g.user.username)) return flashy("You are now friends with %s" % user.username, "success", "/acct") elif action == "deny": f = Friendship.select().where(Friendship.a == user, Friendship.b == g.user, Friendship.confirmed == False, Friendship.ignored == False) if not f.count(): return flashy("You've already responded to this request!", "error", "/") f = f[0] f.ignored = True f.respdate = datetime.now() f.note.read = True f.note.save() f.save() return flashy("The friend request from %s has been denied!" % user.username, "warning", "/acct")
def routeReplyPost(): if not request.form.get("content") or not request.form.get("post"): return flashy("Invalid reply-post request!", "error", "/forum") p = ForumPost.select().where(ForumPost.id == int(request.form.get("post"))) if not p.count(): return flashy("Invalid post!", "error", "/forum") p = p[0] if p.forum.perm_post > g.user.level: return flashy("You dont have permission to do that!", "error", "/forum") q = ForumPost.select().where(ForumPost.content == request.form.get("content"), ForumPost.author == g.user) if q.count(): return flashy("You've already posted that!", "error", "/forum") if p.locked: return flashy("That post is locked!", "error", "/forum") if time.time()-g.ruser.getLastPost() < 15: return flashy("Your doing that too quickly! Please wait a bit before posting again!", "warning", "/forum") r = ForumPost( author=g.user, forum=p.forum, original=p, date=datetime.now(), content=request.form.get("content"), title=None) r.save() g.ruser.setLastPost() p.last_update = datetime.now() p.save() if g.redis.scard("meta.forum.post.%s.follows" % p.id): #@DEV thread? for user in g.redis.smembers("meta.forum.post.%s.follows" % p.id): u = User.select().where(User.id == int(user)) if not u.count(): continue if u[0] == g.user: continue prev = Notification.select().where(Notification.user==u[0], Notification.reference==p.id) if prev.count(): prev[0].delete_instance() n = Notification(user=u[0], title='%s replied to %s' % (g.user.username, p.title), content=forum_note_content % (g.user.username, r.getUrl()), reference=p.id) n.save() return flashy("Added reply!", "success", r.getUrl())
def graphPoc(user=None): u = User.select().where(User.username ** user) if not u.count(): return flashy("Unknown user!", "error", "/") u = u[0] ru = RUser(u.username, u.id, g.redis) graph1 = {"key": "Kills", "values": plugins[2].getField("kills").getWeekly(user=u.username)} graph2 = {"key": "Deaths (PvE)", "values": plugins[2].getField("deaths_pve").getWeekly(user=u.username)} graph3 = {"key": "Deaths (PvP)", "values": plugins[2].getField("deaths_pvp").getWeekly(user=u.username)} end = json.dumps([graph1, graph2, graph3], default=dthandler) return render_template("graph_poc.html", u=u, ru=ru, plugins=plugins, v=end)
def routeEditProfile(): fields = ["tag_line", "gender", "location", "youtube", "twitch", "twitter", "skype", "description"] for k, v in request.form.items(): if k in fields: if k == "gender" and not v in ['Male', 'Female', 'Unlabelable']: continue setattr(g.user, k, v) g.user.save() return flashy("Edited profile!", "success", "/acct")
def before_request(): g.user = None if request.path.startswith("/static"): return if 'id' in session: try: g.user = User.get(User.id == session['id']) except User.DoesNotExist: return flashy(u"Your session is invalid!", "error", u=build_url("", ""))
def routeInfraction(id): if id >= g.ruser.getInfractionCount(): return flashy("Invalid infraction ID!", "error", "/acct") i = g.ruser.getInfraction(id) i['id'] = id if not i['seen']: i['seen'] = True g.ruser.updateInfraction(id, i) return render_template("infraction.html", inf=i)
def routeNotes(id=None, action=None): if not id or not action: return "Invalid Request", 400 q = Notification.select().where(Notification.id == int(id)) if q.count(): note = q[0] else: return flashy("That note does not exist!", "error", "/acct") if action == "markread": note.read = True note.save() return "success" if action == "delete": note.delete_instance() return "success"
def routeAddPost(): if not request.form.get('title') or not request.form.get("content") or not request.form.get("board"): return flashy("Invalid add-post request!", "error", "/forum") b = Forum.select().where(Forum.id == int(request.form.get('board'))) if not b.count(): return flashy("Invalid board!", "error", "/forum") b = b[0] if b.perm_post > g.user.level: return flashy("You dont have permission to do that!", "error", "/forum") if request.form.get('sticky') and g.user.level >= 60: stick = True else: stick = False if time.time()-g.ruser.getLastPost() < 15: return flashy("Your doing that too quickly! Please wait a bit before posting again!", "warning", "/forum") p = ForumPost( author=g.user, forum=b, first=True, date=datetime.now(), content=request.form.get("content"), title=request.form.get("title"), sticky=stick) p.save() g.ruser.setLastPost() if 'thread' in request.form.keys(): pass return flashy("Added post!", "success", "/forum/b/%s/%s" % (b.id, p.id))
def beforeRequest(): g.user = None g.uid = -1 g.state = STATE if request.path.startswith("/static"): return # Normal session if request.cookies.get("sid"): s = Session.find(request.cookies.get("sid")) if s: # Eventually we should be lazily loading this in, or cacheing it at redis try: g.user = User.select().where(User.id == s['user']).get() g.uid = g.user.id except User.DoesNotExist: resp = flashy("Wow! Something really went wrong. Contact support!") resp.set_cookie('sid', '', expires=0) return resp
def create_or_login(resp): match = steam.steam_id_re.search(resp.identity_url) sid = match.group(1) # Attempt to get a current user, otherwise create them try: g.user = User.select(User.id, User.steamid).where(User.steamid == sid).get() except User.DoesNotExist: g.user = User(steamid=sid) # HARDCOODE PARKOURRR if sid == "76561198037632722": g.user.level = User.Level.ADMIN g.user.save() # Set the sessionid and welcome the user back session['id'] = g.user.id return flashy(u"Welcome back %s!" % g.user.get_nickname(), "success", u=openid.get_next_url())
def logout(): if g.user: resp = flashy("You have been logged out!", "success") resp.set_cookie('sid', '', expires=0) return resp return flashy("You are not logged in!")
def route_logout(): g.user = None return flashy("You have been logged out!")
def to_response(self): return flashy(self.response, self.mtype, self.redirect)
def routeFollowPost(id=None): p = ForumPost.select().where(ForumPost.id == int(id)) if not p.count(): return flashy("Invalid Post!", "error", "/forum") g.redis.sadd("meta.user.%s.post_follows" % g.user.username, p[0].id) g.redis.sadd("meta.forum.post.%s.follows" % p[0].id, g.user.id) return flashy("Followed post!", "success", p[0].getUrl())
def routePage(id=None): if id.isdigit(): p = Page().select().where(Page.id==id) else: p = Page().select().where(Page.title**id) if not p.count() == 1: return flashy("Error finding page!", "error", "/") return render_template("page.html", page=p[0])
def routeProfile(user=None): if not user: return flashy("You must specify a user!", "error", "/") u = User.select().where(User.username ** user) if u.count(): return render_template("profile.html", user=u[0], ruser=RUser(u[0].username, u[0].id, g.redis)) return flashy("No such user '%s'" % user, "error", "/")
def routeLogout(): if session.get('u'): session['u'] = None return flashy("You've have been logged out. See ya soon!", "success", "/") return redirect('/')
def test(id): g.user = User.select().where(User.id == id).get() g.uid = g.user.id resp = flashy("Welcome back %s!" % g.user.username, "success") resp.set_cookie("sid", g.user.login(), expires=time.time() + Session.LIFETIME) return resp