def edit_code_package(request, id):
"""edit a code package"""
# prepare messages
mm = MessageManager(request)
cp = get_object_or_404(CodePackage, pk=id)
if request.user.is_authenticated() and request.user.username == cp.user.username:
if request.POST:
form = EditCodePackageForm(request.POST, user=request.user)
if form.is_valid():
form.save(request, cp)
mm.set_success("Your code package has been updated")
return redirect(cp.get_absolute_url())
else:
# form had errors
return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp})
else:
# prepare new form for user
cpk = None
if cp.group():
cpk = cp.group().pk
term_str = delim_list(object_taxon(cp), ',')
form = EditCodePackageForm(user=request.user, initial={'group': cpk, 'title':cp.title, 'description':cp.description, 'terms':term_str})
return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def edit_account(request, username):
"""edit a user's account details"""
# prepare messages
mm = MessageManager(request)
try:
u = cUser.objects.get(username=username)
except cUser.DoesNotExist:
u = get_object_or_404(User, username=username)
# must be an authenticated user and own the profile in order to get the form.
if request.user.is_authenticated() and request.user == u:
if request.POST:
# collect form
form = EditAccountForm(request.POST)
if form.is_valid():
form.update(request, u)
mm.set_success("Your account has been updated")
return redirect(request.user.get_absolute_url())
else:
return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages())
else:
# prepare form
form = EditAccountForm(initial={'username':u.username, 'email':u.email})
return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages())
else:
return redirect(u.get_absolute_url())
def edit_link(request, id):
"""edit a link"""
# prepare messages
mm = MessageManager(request)
link = get_object_or_404(Link, pk=id)
if request.user.is_authenticated() and request.user.username == link.user.username:
if request.POST:
form = CreateLinkForm(request.POST, request.FILES, user=request.user)
if form.is_valid():
form.update(request, link)
mm.set_success("Your link has been updated")
return redirect(link.get_absolute_url())
else:
# form had errors
return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link})
else:
# prepare new form for user
lpk = None
if link.group():
lpk = link.group().pk
term_str = delim_list(object_taxon(link), ',')
form = CreateLinkForm(user=request.user, initial={'group': lpk, 'title':link.title, 'url':link.url, 'terms':term_str})
return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def edit_discussion(request, id):
"""edit a discussion"""
# prepare messages
mm = MessageManager(request)
d = get_object_or_404(Discussion, pk=id)
if request.user.is_authenticated() and request.user.username == d.user.username:
if request.POST:
form = CreateDiscussionForm(request.POST, request.FILES, user=request.user)
if form.is_valid():
form.update(request, d)
mm.set_success("Your discussion has been updated")
return redirect(d.get_absolute_url())
else:
# form had errors
return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d})
else:
# prepare new form for user
dpk = None
if d.group():
dpk = d.group().pk
term_str = delim_list(object_taxon(d), ',')
form = CreateDiscussionForm(user=request.user, initial={'group': dpk, 'title':d.title, 'body':d.body, 'type':d.type, 'terms':term_str})
return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def contact(request):
"""contact page"""
# prepare messages
mm = MessageManager(request)
if request.POST:
form = ContactForm(request.POST)
if form.is_valid():
data = request.POST.copy()
# make sure we have a human
if not form.isValidHuman(data):
mm.set_error('Sorry only humans can contact us. Try reloading the page.')
return render(request, 'main/contact.html', mm.messages(), {'form':form})
# prepare email
email_subject = 'Comperio Form Submission'
email_body =\
"Form submission from %s\n\nName: %s\nEmail: %s\n\n%s" % (
SITE_URL,
data['name'],
data['email'],
data['message'])
emails = [x[1] for x in ADMINS]
send_mail(email_subject,
email_body,
'*****@*****.**',
emails)
mm.set_success("Thank you! We received your message.")
return redirect('/')
else:
return render(request, 'main/contact.html', {'form':form}, mm.messages())
else:
form = ContactForm()
return render(request, 'main/contact.html', {'form':form}, mm.messages())
def upload(request):
"""upload a code package to a user profile"""
mm = MessageManager(request)
if request.POST:
form = UploadCodePackageForm(request.POST, request.FILES)
if form.is_valid():
e = form.cleaned_data['username']
p = form.cleaned_data['password']
try:
user = authenticate(username=e, password=p)
except NameError:
user = None
if user is not None:
if user.is_active:
if form.save(request, user):
mm.set_success("package uploaded")
form = UploadCodePackageForm()
else:
mm.set_error("package could not be uploaded")
else:
# account is disabled
mm.set_error('This account has been disabled, or has not been activated.')
else:
# invalid login
mm.set_error('Invalid credentials.')
return render(request, 'api/upload.html', {'form':form}, mm.messages())
else:
# return form errors to user
return render(request, 'api/upload.html', {'form':form}, mm.messages())
else:
form = UploadCodePackageForm()
return render(request, 'api/upload.html', {'form':form}, mm.messages())
def list_user_code(request):
"""return a list of code packages uploaded by a user"""
mm = MessageManager(request)
if request.GET:
form = LoginForm(request.GET)
if form.is_valid():
e = form.cleaned_data['username']
p = form.cleaned_data['password']
try:
user = authenticate(username=e, password=p)
except NameError:
user = None
if user is not None:
if user.is_active:
packages = CodePackage.objects.filter(user=user)
results = ''
for p in packages:
results += p.title + "\n"
return render_to_response('api/serve.html', {'result':results.rstrip('\n')})
else:
# account is disabled
mm.set_error('This account has been disabled, or has not been activated.')
else:
# invalid login
mm.set_error('Invalid credentials.')
return render(request, 'api/list_user_code.html', {'form':form}, mm.messages())
else:
# return form errors to user
return render(request, 'api/list_user_code.html', {'form':form}, mm.messages())
else:
form = DeleteCodePackageForm()
return render(request, 'api/list_user_code.html', {'form':form}, mm.messages())
def user_account(request, username):
"""display user account details page"""
mm = MessageManager(request)
# must be an authenticated user and own the profile in order to get the form.
if request.user.is_authenticated() and request.user.username == username:
# must also be of type cUser. since the super is default to a User.
if request.user.__class__ == cUser:
if request.POST:
# collect form
form = SettingsForm(request.POST)
if form.is_valid():
s = request.user.settings
s.public_comments = form.cleaned_data['public_comments']
s.code_pkg_updates = form.cleaned_data['code_pkg_updates']
s.save()
mm.set_success("Your settings have been saved")
return render(request, 'accounts/user/account.html', {'form':form}, mm.messages())
else:
mm.set_error("Sorry! We encountered an error and were unable to save your settings")
form = SettingsForm(instance=request.user.settings)
return render(request, 'accounts/user/account.html', {'form':form}, mm.messages())
else:
# prepare form
form = SettingsForm(instance=request.user.settings)
return render(request, 'accounts/user/account.html', {'form':form}, mm.messages())
return render(request, 'accounts/user/account.html', mm.messages())
def admin_tools(request, tool):
"""automatically provides a list of tools to the administrator from the AdminTools class"""
#
# Do not add/register new tools in this def. it handles the AdminTools automatically
#
# debug is checked in AdminTools, so this is just extra protection.
if DEBUG is False:
return redirect('/')
# prepare messages
mm = MessageManager(request)
# prepare tools
at = AdminTools()
if request.user.is_authenticated and request.user.is_superuser:
# get the tools so we can compare them with the requested tool.
tool_list = class_linker(AdminTools, '')
# display tool index
if tool == '':
return render(request, 'main/admin/tools.html', mm.messages())
# Run the tools
for t, d, u in tool_list:
if tool == t:
log_list = eval("at.%s(%s)" % (t, True))
log_message = "successfully performed \"%s\" on %s objects." % (t, len(log_list))
for log in log_list:
log_message += "<Br />%s" % log
mm.set_notice(log_message)
break
return redirect(request.META.get('HTTP_REFERER','/'))
def edit_task(request, id):
"""edit and existing task"""
mm = MessageManager(request)
t = get_object_or_404(Task, pk=id)
if request.user.is_authenticated() and request.user.username == t.user.username:
if request.POST:
# receive sent form
form = NewTaskForm(request.POST)
if form.is_valid():
mm.set_success("task updated")
t.due_date = form.cleaned_data['due_date']
t.description = form.cleaned_data['description']
notify = form.cleaned_data['notify']
if notify is False:
t.notify = False
else:
t.notify = True
t.save()
return redirect(t.get_absolute_url())
else:
mm.set_error("error")
# error
pass
else:
# setup new form
form = NewTaskForm(initial={'due_date':t.due_date, 'description':t.description, 'notify':t.notify})
return render(request, 'tasks/edit.html', {'form':form, 'task':t}, mm.messages())
else:
mm.set_notice("you are not authorized to edit that task.")
return redirect(request.META.get('HTTP_REFERER','/'))
def confirm_delete(request, removal_key):
"""confirm a account removal"""
# prepare messages
mm = MessageManager(request)
user = get_object_or_404(cUser, removal_key=removal_key)
if user.key_expires < datetime.datetime.today():
mm.set_notice("This removal code as expired.")
return render(request, 'accounts/confirm_delete.html', mm.messages(), {'expired':True})
user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1)
user.is_active = False
user.save()
logout(request)
mm.set_success("Your account has been successfully removed. Please visit us again!")
return render(request, 'main/index.html', mm.messages())
def create_group(request):
"""create a new user group"""
mm = MessageManager(request)
if request.user.is_authenticated() and request.user.__class__ is cUser:
if request.POST:
form = CreateGroupForm(request.POST)
if form.is_valid():
data = request.POST.copy()
# make sure the group name is unique
try:
cGroup.objects.get(name=data["title"])
mm.set_error("that group name is already taken")
return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
except cGroup.DoesNotExist:
# create group
g = cGroup()
g.name = data["title"]
g.description = data["description"]
g.type = data["type"]
g.visibility = data["visibility"]
g.open_registration = data.has_key("open_registration")
g.save()
# add user to group
request.user.groups.add(g)
g.managers.add(request.user)
# Build the invitation key
salt = sha.new(str(random.random())).hexdigest()[:5]
g.invitation_key = sha.new(salt+g.name).hexdigest()[:13]
g.key_expires = datetime.datetime.today() + datetime.timedelta(2)
g.save()
manage_url = reverse('manage-group', None, (), {'gid':g.pk})
invite_url = "%s%s/%s" % (SITE_URL, reverse('join-group', None, (), {'gid':g.pk}), g.invitation_key)
mm.set_success("Successfully Created Group \"%s\"!<p> We automatically generated an invitation url that you can share with your friends. For more information check out the <a href=\"%s\">Administration Page</a>.</p><p>Invitation Url: <a href=\"%s\">%s</a></p>" % (g.name, manage_url, invite_url, invite_url))
# TODO: take to new group page
return redirect(g.get_absolute_url())
else:
return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
else:
# prepare new form for user
form = CreateGroupForm(initial={'open_registration':True})
return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
else:
mm.set_error("you are not allowed to create a group")
return redirect(request.META.get('HTTP_REFERER','/'))
def tags_page(request):
"""display a page of all the tags (tag cloud)"""
# TODO: make a tag cloud. may be able to use the api from our analytics framework
mm = MessageManager(request)
return render(request, 'main/tags.html', mm.messages())
#
#def image_uploader(request):
# """uploads an image to the server"""
# return None
def create_bug(request):
"""create a new bug report"""
# prepare messages
mm = MessageManager(request)
if request.user.is_authenticated():
if request.POST:
form = BugForm(request.POST)
if form.is_valid():
form.save(request)
mm.set_success("Thanks! We'll fix this bug as soon as possible.")
return redirect('/')
else:
return render(request, 'bugs/create.html', mm.messages(), {'form':form})
else:
form = BugForm()
return render(request, 'bugs/create.html', mm.messages(), {'form':form})
mm.set_notice("You must log in before you can report a bug")
return login_view(request)
def manage_group(request, gid):
"""manage a group"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if request.user.is_authenticated() and request.user.is_group_manager(g):
return render(request, 'accounts/groups/manage.html', mm.messages(), {'group':g})
else:
mm.set_error("you are not allowed to manage this group")
return redirect(g.get_absolute_url())
def edit_group(request, gid):
"""edit a group"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if request.user.is_authenticated() and request.user.is_group_manager(g):
if request.POST:
form = CreateGroupForm(request.POST)
if form.is_valid():
data = request.POST.copy()
# make sure the group name is unique
#try:
# cGroup.objects.get(name=data["title"])
# mm.set_error("that group name is already taken")
# return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
#except cGroup.DoesNotExist:
# create group
#g = cGroup()
g.name = data["title"]
g.description = data["description"]
g.type = data["type"]
g.visibility = data["visibility"]
g.open_registration = data.has_key("open_registration")
g.save()
# add user to group
#request.user.groups.add(g)
#g.managers.add(request.user)
#g.save()
mm.set_success("edits were successfull")
# TODO: take to new group page
return redirect(g.get_absolute_url())
else:
return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g})
else:
# prepare new form for user
form = CreateGroupForm(initial={'title': g.name, 'description':g.description, 'type':g.type, 'open_registration':g.open_registration})
return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g})
else:
mm.set_error("you are not allowed to edit this group")
return redirect(g.get_absolute-url())
def create_link(request, gid=None):
"""page to create a new link object"""
# prepare messages
mm = MessageManager(request)
if request.user.is_authenticated():
# TODO: allow unauthorized users to create temporary content, but require them to
# sign up for an account before it can be saved. (html5 local db)
form = None
if request.POST:
form = CreateLinkForm(request.POST, request.FILES, user=request.user)
if form.is_valid():
new = form.save(request, gid)
mm.set_success("You successfully created a new link \"%s\"" % new.title)
# TODO: take to new link page
if new.group():
return redirect(new.group().get_absolute_url())
else:
return redirect(request.user.get_absolute_url())
else:
# form had errors
data = request.POST.copy()
formerr = form
dgroup=None
if gid:
form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox
dgroup = get_object_or_404(cGroup, pk=gid)
form.fields['group'].widget.choices = ((gid,dgroup.name),)
return render(request, 'main/link/create.html', mm.messages(), {'form':form, 'group':dgroup})
else:
# prepare new form for user
form = CreateLinkForm(user=request.user, initial={'group': gid})
dgroup=None
if gid:
form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox
dgroup = get_object_or_404(cGroup, pk=gid)
return render(request, 'main/link/create.html', mm.messages(), {'form':form, 'group':dgroup})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def group_page(request, gid):
"""display the group page"""
mm = MessageManager(request)
group = get_object_or_404(cGroup, pk=gid)
manager = False
member = False
if request.user.is_authenticated() and request.user.__class__ == cUser:
manager = request.user.is_group_manager(group)
member = request.user.is_group_member(group)
pending = request.user in group.pending_users.all()
return render(request, 'accounts/groups/group_page.html', mm.messages(), {'group':group,'is_group_manager':manager, 'is_group_member':member, 'is_pending_member':pending})
def delete_code_package(request):
"""delete a code package from a user account"""
mm = MessageManager(request)
if request.POST:
form = DeleteCodePackageForm(request.POST, request.FILES)
if form.is_valid():
e = form.cleaned_data['username']
p = form.cleaned_data['password']
try:
user = authenticate(username=e, password=p)
except NameError:
user = None
if user is not None:
if user.is_active:
p = form.cleaned_data['packageName']
try:
# TODO: can we match the package field instead?
# TODO: catch multiple items returned
p = CodePackage.objects.get(user=user, title=p)
p.delete()
mm.set_success("package deleted")
form = DeleteCodePackageForm()
except CodePackage.DoesNotExist:
mm.set_notice('package could not be found')
else:
# account is disabled
mm.set_error('This account has been disabled, or has not been activated.')
else:
# invalid login
mm.set_error('Invalid credentials.')
return render(request, 'api/delete_code_package.html', {'form':form}, mm.messages())
else:
# return form errors to user
return render(request, 'api/delete_code_package.html', {'form':form}, mm.messages())
else:
form = DeleteCodePackageForm()
return render(request, 'api/delete_code_package.html', {'form':form}, mm.messages())
def create_curriculum(request):
"""create a new curriculum container"""
mm = MessageManager(request)
if request.POST:
form = CreateCurriculumForm(request.POST)
if form.is_valid():
# save it
c = form.save(request)
mm.set_success("the curriculum was saved")
return redirect(c.get_absolute_url())
else:
mm.set_error("the form has errors")
pass
else:
form = CreateCurriculumForm()
return render(request, 'curricula/create_curriculum.html', {'form':form}, mm.messages())
def login_view(request):
"""Login to a user account and redirect to profile"""
# TODO: put link on profile page to return to original page
# prepare messages
mm = MessageManager(request)
if request.user.is_authenticated():
return redirect(request.user.get_absolute_url())
if request.POST:
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# cookies are enabled
form = LoginForm(request.POST)
if not form == None and form.is_valid():
# log the user in. we extended to backend to allow using email
# instead of just username
e = form.cleaned_data['username']
p = form.cleaned_data['password']
try:
user = authenticate(username=e, password=p)
except NameError:
user = None
if user is not None:
if user.is_active:
#request.user = user
login(request, user)
mm.set_success('you are logged in!')
return redirect(request.user.get_absolute_url())
else:
# account is disabled
mm.set_error('This account has been disabled, or has not been activated.')
else:
# invalid login
mm.set_error('Invalid credentials.')
else:
#mm.set_error('The form is invalid')
pass
else:
# cookies are not enabled
mm.set_error('Please enable cookies and try again.')
else:
form = LoginForm()
request.session.set_test_cookie()
return render(request, 'accounts/login.html', {'form':form}, mm.messages())
def link(request, id):
"""display a link"""
mm = MessageManager(request)
try:
l = Link.objects.select_related('user', 'group').get(pk=id)
except Discussion.DoesNotExist:
return Http404
#update metrics
try:
dmet = Metric.objects.get_metric(l, key='views')
dmet.value = int(dmet.value) + 1
except Metric.DoesNotExist:
dmet = Metric.objects.create(l, 'views', 1)
dmet.save()
return render(request, 'main/link/index.html', {'link':l, 'views':dmet.value}, mm.messages())
def move_link(request, gid, id=None, remove=0):
"""edit a link"""
# prepare messages
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if request.user.is_authenticated() and request.user.is_group_member(g) or request.user.is_group_manager(g):
if id:
l = get_object_or_404(Link, pk=id, user=request.user)
if remove == '1':
l.set_group(None)
else:
l.set_group(g)
links = Link.objects.select_related('group').filter(user=request.user)
return render(request, 'main/link/move.html', mm.messages(), {'group':g, 'links':links})
else:
mm.set_notice("You can't do that!")
return redirect(request.META.get('HTTP_REFERER','/'))
def move_discussion(request, gid, id=None, remove=0):
"""edit a discussion"""
# prepare messages
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if request.user.is_authenticated() and request.user.is_group_member(g) or request.user.is_group_manager(g):
if id:
d = get_object_or_404(Discussion, pk=id, user=request.user)
if remove == '1':
d.set_group(None)
else:
d.set_group(g)
discussions = Discussion.objects.select_related('group').filter(user=request.user)
return render(request, 'main/discussion/move.html', mm.messages(), {'group':g, 'discussions':discussions})
else:
mm.set_notice("You can't do that!")
return redirect(request.META.get('HTTP_REFERER','/'))
def move_code_package(request, gid, id=None, remove=0):
"""edit a code package"""
# prepare messages
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if request.user.is_authenticated() and request.user.is_group_member(g) or request.user.is_group_manager(g):
if id:
cp = get_object_or_404(CodePackage, pk=id, user=request.user)
if remove == '1':
cp.set_group(None)
else:
cp.set_group(g)
codepkgs = CodePackage.objects.select_related('group').filter(user=request.user)
return render(request, 'main/code_package/move.html', mm.messages(), {'group':g, 'code_packages':codepkgs})
else:
mm.set_notice("You can't do that!")
return redirect(request.META.get('HTTP_REFERER','/'))
def user_metrics(request, username):
"""display user metrics page"""
# TODO: only group administrators can view user metrics
mm = MessageManager(request)
try:
u = cUser.objects.get(username=username)
except cUser.DoesNotExist:
u = get_object_or_404(User, username=username)
has_permission_to_see_metrics = False
if request.user.is_authenticated() and request.user.username == username:
has_permission_to_see_metrics = True
elif is_manager(request.user, u):
has_permission_to_see_metrics = True
if has_permission_to_see_metrics:
return render(request, 'accounts/user/metrics.html', {'profile_user':u}, mm.messages())
else:
#raise Http404
mm.set_notice("you do not have permission to view that page")
return redirect(request.META.get('HTTP_REFERER','/'))
def confirm(request, activation_key):
"""confirm a user registration"""
# prepare messages
mm = MessageManager(request)
if request.user.is_active and request.user.activation_key == activation_key:
raise Http404()
user = get_object_or_404(cUser, activation_key=activation_key)
if user.key_expires < datetime.datetime.today():
mm.set_notice("This activation code as expired. Try creating a new account")
# TODO: completely remove accounts that have expired
return render(request, 'accounts/confirm.html', mm.messages(), {'expired':True})
user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1)
mm.set_success("Congratulations! You just activated your account!")
request.session.set_test_cookie()
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# cookies are enabled
# we need to call authenticate to set some varibles before calling login()
auth_user = None
try:
auth_user = authenticate(username=user.username, password=user.activation_key)
# activate the user after authentication so we can't
# login with the activation key anymore
#auth_user.is_active = True
#auth_user.save()
except NameError:
pass
if auth_user is not None:
if auth_user.is_active:
login(request, auth_user)
# TODO: we don't cover all our bases here. we need to be more thorough with error checking
if auth_user:
return redirect(auth_user.get_absolute_url())
else:
return redirect('/')
def add_task(request):
"""add a new task"""
mm = MessageManager(request)
if request.POST:
# receive sent form
form = NewTaskForm(request.POST)
if form.is_valid():
mm.set_success("task created")
dd = form.cleaned_data['due_date']
desc = form.cleaned_data['description']
note = form.cleaned_data['notify']
task = Task(due_date=dd, description=desc, notify=note, author=request.user, status=0)
task.set_object(request.user)
task.save()
return redirect(request.user.get_absolute_url())
else:
mm.set_error("error")
# error
pass
else:
# setup new form
form = NewTaskForm()
return render(request, 'tasks/new.html', {'form':form}, mm.messages())
def bugs(request):
"""bugs page"""
# prepare messages
mm = MessageManager(request)
bugs = Bug.objects.all()
return render(request, 'bugs/index.html', {'bugs':bugs}, mm.messages())
def view_bug(request, id):
"""view an individual bug report"""
# prepare messages
mm = MessageManager(request)
return render(request, 'bugs/view.html', mm.messages())
