def edit_code_package(request, id): """edit a code package""" # prepare messages mm = MessageManager(request) cp = get_object_or_404(CodePackage, pk=id) if request.user.is_authenticated() and request.user.username == cp.user.username: if request.POST: form = EditCodePackageForm(request.POST, user=request.user) if form.is_valid(): form.save(request, cp) mm.set_success("Your code package has been updated") return redirect(cp.get_absolute_url()) else: # form had errors return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp}) else: # prepare new form for user cpk = None if cp.group(): cpk = cp.group().pk term_str = delim_list(object_taxon(cp), ',') form = EditCodePackageForm(user=request.user, initial={'group': cpk, 'title':cp.title, 'description':cp.description, 'terms':term_str}) return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def edit_account(request, username): """edit a user's account details""" # prepare messages mm = MessageManager(request) try: u = cUser.objects.get(username=username) except cUser.DoesNotExist: u = get_object_or_404(User, username=username) # must be an authenticated user and own the profile in order to get the form. if request.user.is_authenticated() and request.user == u: if request.POST: # collect form form = EditAccountForm(request.POST) if form.is_valid(): form.update(request, u) mm.set_success("Your account has been updated") return redirect(request.user.get_absolute_url()) else: return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages()) else: # prepare form form = EditAccountForm(initial={'username':u.username, 'email':u.email}) return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages()) else: return redirect(u.get_absolute_url())
def edit_link(request, id): """edit a link""" # prepare messages mm = MessageManager(request) link = get_object_or_404(Link, pk=id) if request.user.is_authenticated() and request.user.username == link.user.username: if request.POST: form = CreateLinkForm(request.POST, request.FILES, user=request.user) if form.is_valid(): form.update(request, link) mm.set_success("Your link has been updated") return redirect(link.get_absolute_url()) else: # form had errors return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link}) else: # prepare new form for user lpk = None if link.group(): lpk = link.group().pk term_str = delim_list(object_taxon(link), ',') form = CreateLinkForm(user=request.user, initial={'group': lpk, 'title':link.title, 'url':link.url, 'terms':term_str}) return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def edit_discussion(request, id): """edit a discussion""" # prepare messages mm = MessageManager(request) d = get_object_or_404(Discussion, pk=id) if request.user.is_authenticated() and request.user.username == d.user.username: if request.POST: form = CreateDiscussionForm(request.POST, request.FILES, user=request.user) if form.is_valid(): form.update(request, d) mm.set_success("Your discussion has been updated") return redirect(d.get_absolute_url()) else: # form had errors return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d}) else: # prepare new form for user dpk = None if d.group(): dpk = d.group().pk term_str = delim_list(object_taxon(d), ',') form = CreateDiscussionForm(user=request.user, initial={'group': dpk, 'title':d.title, 'body':d.body, 'type':d.type, 'terms':term_str}) return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def contact(request): """contact page""" # prepare messages mm = MessageManager(request) if request.POST: form = ContactForm(request.POST) if form.is_valid(): data = request.POST.copy() # make sure we have a human if not form.isValidHuman(data): mm.set_error('Sorry only humans can contact us. Try reloading the page.') return render(request, 'main/contact.html', mm.messages(), {'form':form}) # prepare email email_subject = 'Comperio Form Submission' email_body =\ "Form submission from %s\n\nName: %s\nEmail: %s\n\n%s" % ( SITE_URL, data['name'], data['email'], data['message']) emails = [x[1] for x in ADMINS] send_mail(email_subject, email_body, '*****@*****.**', emails) mm.set_success("Thank you! We received your message.") return redirect('/') else: return render(request, 'main/contact.html', {'form':form}, mm.messages()) else: form = ContactForm() return render(request, 'main/contact.html', {'form':form}, mm.messages())
def upload(request): """upload a code package to a user profile""" mm = MessageManager(request) if request.POST: form = UploadCodePackageForm(request.POST, request.FILES) if form.is_valid(): e = form.cleaned_data['username'] p = form.cleaned_data['password'] try: user = authenticate(username=e, password=p) except NameError: user = None if user is not None: if user.is_active: if form.save(request, user): mm.set_success("package uploaded") form = UploadCodePackageForm() else: mm.set_error("package could not be uploaded") else: # account is disabled mm.set_error('This account has been disabled, or has not been activated.') else: # invalid login mm.set_error('Invalid credentials.') return render(request, 'api/upload.html', {'form':form}, mm.messages()) else: # return form errors to user return render(request, 'api/upload.html', {'form':form}, mm.messages()) else: form = UploadCodePackageForm() return render(request, 'api/upload.html', {'form':form}, mm.messages())
def list_user_code(request): """return a list of code packages uploaded by a user""" mm = MessageManager(request) if request.GET: form = LoginForm(request.GET) if form.is_valid(): e = form.cleaned_data['username'] p = form.cleaned_data['password'] try: user = authenticate(username=e, password=p) except NameError: user = None if user is not None: if user.is_active: packages = CodePackage.objects.filter(user=user) results = '' for p in packages: results += p.title + "\n" return render_to_response('api/serve.html', {'result':results.rstrip('\n')}) else: # account is disabled mm.set_error('This account has been disabled, or has not been activated.') else: # invalid login mm.set_error('Invalid credentials.') return render(request, 'api/list_user_code.html', {'form':form}, mm.messages()) else: # return form errors to user return render(request, 'api/list_user_code.html', {'form':form}, mm.messages()) else: form = DeleteCodePackageForm() return render(request, 'api/list_user_code.html', {'form':form}, mm.messages())
def user_account(request, username): """display user account details page""" mm = MessageManager(request) # must be an authenticated user and own the profile in order to get the form. if request.user.is_authenticated() and request.user.username == username: # must also be of type cUser. since the super is default to a User. if request.user.__class__ == cUser: if request.POST: # collect form form = SettingsForm(request.POST) if form.is_valid(): s = request.user.settings s.public_comments = form.cleaned_data['public_comments'] s.code_pkg_updates = form.cleaned_data['code_pkg_updates'] s.save() mm.set_success("Your settings have been saved") return render(request, 'accounts/user/account.html', {'form':form}, mm.messages()) else: mm.set_error("Sorry! We encountered an error and were unable to save your settings") form = SettingsForm(instance=request.user.settings) return render(request, 'accounts/user/account.html', {'form':form}, mm.messages()) else: # prepare form form = SettingsForm(instance=request.user.settings) return render(request, 'accounts/user/account.html', {'form':form}, mm.messages()) return render(request, 'accounts/user/account.html', mm.messages())
def admin_tools(request, tool): """automatically provides a list of tools to the administrator from the AdminTools class""" # # Do not add/register new tools in this def. it handles the AdminTools automatically # # debug is checked in AdminTools, so this is just extra protection. if DEBUG is False: return redirect('/') # prepare messages mm = MessageManager(request) # prepare tools at = AdminTools() if request.user.is_authenticated and request.user.is_superuser: # get the tools so we can compare them with the requested tool. tool_list = class_linker(AdminTools, '') # display tool index if tool == '': return render(request, 'main/admin/tools.html', mm.messages()) # Run the tools for t, d, u in tool_list: if tool == t: log_list = eval("at.%s(%s)" % (t, True)) log_message = "successfully performed \"%s\" on %s objects." % (t, len(log_list)) for log in log_list: log_message += "<Br />%s" % log mm.set_notice(log_message) break return redirect(request.META.get('HTTP_REFERER','/'))
def edit_task(request, id): """edit and existing task""" mm = MessageManager(request) t = get_object_or_404(Task, pk=id) if request.user.is_authenticated() and request.user.username == t.user.username: if request.POST: # receive sent form form = NewTaskForm(request.POST) if form.is_valid(): mm.set_success("task updated") t.due_date = form.cleaned_data['due_date'] t.description = form.cleaned_data['description'] notify = form.cleaned_data['notify'] if notify is False: t.notify = False else: t.notify = True t.save() return redirect(t.get_absolute_url()) else: mm.set_error("error") # error pass else: # setup new form form = NewTaskForm(initial={'due_date':t.due_date, 'description':t.description, 'notify':t.notify}) return render(request, 'tasks/edit.html', {'form':form, 'task':t}, mm.messages()) else: mm.set_notice("you are not authorized to edit that task.") return redirect(request.META.get('HTTP_REFERER','/'))
def confirm_delete(request, removal_key): """confirm a account removal""" # prepare messages mm = MessageManager(request) user = get_object_or_404(cUser, removal_key=removal_key) if user.key_expires < datetime.datetime.today(): mm.set_notice("This removal code as expired.") return render(request, 'accounts/confirm_delete.html', mm.messages(), {'expired':True}) user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1) user.is_active = False user.save() logout(request) mm.set_success("Your account has been successfully removed. Please visit us again!") return render(request, 'main/index.html', mm.messages())
def create_group(request): """create a new user group""" mm = MessageManager(request) if request.user.is_authenticated() and request.user.__class__ is cUser: if request.POST: form = CreateGroupForm(request.POST) if form.is_valid(): data = request.POST.copy() # make sure the group name is unique try: cGroup.objects.get(name=data["title"]) mm.set_error("that group name is already taken") return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) except cGroup.DoesNotExist: # create group g = cGroup() g.name = data["title"] g.description = data["description"] g.type = data["type"] g.visibility = data["visibility"] g.open_registration = data.has_key("open_registration") g.save() # add user to group request.user.groups.add(g) g.managers.add(request.user) # Build the invitation key salt = sha.new(str(random.random())).hexdigest()[:5] g.invitation_key = sha.new(salt+g.name).hexdigest()[:13] g.key_expires = datetime.datetime.today() + datetime.timedelta(2) g.save() manage_url = reverse('manage-group', None, (), {'gid':g.pk}) invite_url = "%s%s/%s" % (SITE_URL, reverse('join-group', None, (), {'gid':g.pk}), g.invitation_key) mm.set_success("Successfully Created Group \"%s\"!<p> We automatically generated an invitation url that you can share with your friends. For more information check out the <a href=\"%s\">Administration Page</a>.</p><p>Invitation Url: <a href=\"%s\">%s</a></p>" % (g.name, manage_url, invite_url, invite_url)) # TODO: take to new group page return redirect(g.get_absolute_url()) else: return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) else: # prepare new form for user form = CreateGroupForm(initial={'open_registration':True}) return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) else: mm.set_error("you are not allowed to create a group") return redirect(request.META.get('HTTP_REFERER','/'))
def tags_page(request): """display a page of all the tags (tag cloud)""" # TODO: make a tag cloud. may be able to use the api from our analytics framework mm = MessageManager(request) return render(request, 'main/tags.html', mm.messages()) # #def image_uploader(request): # """uploads an image to the server""" # return None
def create_bug(request): """create a new bug report""" # prepare messages mm = MessageManager(request) if request.user.is_authenticated(): if request.POST: form = BugForm(request.POST) if form.is_valid(): form.save(request) mm.set_success("Thanks! We'll fix this bug as soon as possible.") return redirect('/') else: return render(request, 'bugs/create.html', mm.messages(), {'form':form}) else: form = BugForm() return render(request, 'bugs/create.html', mm.messages(), {'form':form}) mm.set_notice("You must log in before you can report a bug") return login_view(request)
def manage_group(request, gid): """manage a group""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if request.user.is_authenticated() and request.user.is_group_manager(g): return render(request, 'accounts/groups/manage.html', mm.messages(), {'group':g}) else: mm.set_error("you are not allowed to manage this group") return redirect(g.get_absolute_url())
def edit_group(request, gid): """edit a group""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if request.user.is_authenticated() and request.user.is_group_manager(g): if request.POST: form = CreateGroupForm(request.POST) if form.is_valid(): data = request.POST.copy() # make sure the group name is unique #try: # cGroup.objects.get(name=data["title"]) # mm.set_error("that group name is already taken") # return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) #except cGroup.DoesNotExist: # create group #g = cGroup() g.name = data["title"] g.description = data["description"] g.type = data["type"] g.visibility = data["visibility"] g.open_registration = data.has_key("open_registration") g.save() # add user to group #request.user.groups.add(g) #g.managers.add(request.user) #g.save() mm.set_success("edits were successfull") # TODO: take to new group page return redirect(g.get_absolute_url()) else: return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g}) else: # prepare new form for user form = CreateGroupForm(initial={'title': g.name, 'description':g.description, 'type':g.type, 'open_registration':g.open_registration}) return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g}) else: mm.set_error("you are not allowed to edit this group") return redirect(g.get_absolute-url())
def create_link(request, gid=None): """page to create a new link object""" # prepare messages mm = MessageManager(request) if request.user.is_authenticated(): # TODO: allow unauthorized users to create temporary content, but require them to # sign up for an account before it can be saved. (html5 local db) form = None if request.POST: form = CreateLinkForm(request.POST, request.FILES, user=request.user) if form.is_valid(): new = form.save(request, gid) mm.set_success("You successfully created a new link \"%s\"" % new.title) # TODO: take to new link page if new.group(): return redirect(new.group().get_absolute_url()) else: return redirect(request.user.get_absolute_url()) else: # form had errors data = request.POST.copy() formerr = form dgroup=None if gid: form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox dgroup = get_object_or_404(cGroup, pk=gid) form.fields['group'].widget.choices = ((gid,dgroup.name),) return render(request, 'main/link/create.html', mm.messages(), {'form':form, 'group':dgroup}) else: # prepare new form for user form = CreateLinkForm(user=request.user, initial={'group': gid}) dgroup=None if gid: form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox dgroup = get_object_or_404(cGroup, pk=gid) return render(request, 'main/link/create.html', mm.messages(), {'form':form, 'group':dgroup}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def group_page(request, gid): """display the group page""" mm = MessageManager(request) group = get_object_or_404(cGroup, pk=gid) manager = False member = False if request.user.is_authenticated() and request.user.__class__ == cUser: manager = request.user.is_group_manager(group) member = request.user.is_group_member(group) pending = request.user in group.pending_users.all() return render(request, 'accounts/groups/group_page.html', mm.messages(), {'group':group,'is_group_manager':manager, 'is_group_member':member, 'is_pending_member':pending})
def delete_code_package(request): """delete a code package from a user account""" mm = MessageManager(request) if request.POST: form = DeleteCodePackageForm(request.POST, request.FILES) if form.is_valid(): e = form.cleaned_data['username'] p = form.cleaned_data['password'] try: user = authenticate(username=e, password=p) except NameError: user = None if user is not None: if user.is_active: p = form.cleaned_data['packageName'] try: # TODO: can we match the package field instead? # TODO: catch multiple items returned p = CodePackage.objects.get(user=user, title=p) p.delete() mm.set_success("package deleted") form = DeleteCodePackageForm() except CodePackage.DoesNotExist: mm.set_notice('package could not be found') else: # account is disabled mm.set_error('This account has been disabled, or has not been activated.') else: # invalid login mm.set_error('Invalid credentials.') return render(request, 'api/delete_code_package.html', {'form':form}, mm.messages()) else: # return form errors to user return render(request, 'api/delete_code_package.html', {'form':form}, mm.messages()) else: form = DeleteCodePackageForm() return render(request, 'api/delete_code_package.html', {'form':form}, mm.messages())
def create_curriculum(request): """create a new curriculum container""" mm = MessageManager(request) if request.POST: form = CreateCurriculumForm(request.POST) if form.is_valid(): # save it c = form.save(request) mm.set_success("the curriculum was saved") return redirect(c.get_absolute_url()) else: mm.set_error("the form has errors") pass else: form = CreateCurriculumForm() return render(request, 'curricula/create_curriculum.html', {'form':form}, mm.messages())
def login_view(request): """Login to a user account and redirect to profile""" # TODO: put link on profile page to return to original page # prepare messages mm = MessageManager(request) if request.user.is_authenticated(): return redirect(request.user.get_absolute_url()) if request.POST: if request.session.test_cookie_worked(): request.session.delete_test_cookie() # cookies are enabled form = LoginForm(request.POST) if not form == None and form.is_valid(): # log the user in. we extended to backend to allow using email # instead of just username e = form.cleaned_data['username'] p = form.cleaned_data['password'] try: user = authenticate(username=e, password=p) except NameError: user = None if user is not None: if user.is_active: #request.user = user login(request, user) mm.set_success('you are logged in!') return redirect(request.user.get_absolute_url()) else: # account is disabled mm.set_error('This account has been disabled, or has not been activated.') else: # invalid login mm.set_error('Invalid credentials.') else: #mm.set_error('The form is invalid') pass else: # cookies are not enabled mm.set_error('Please enable cookies and try again.') else: form = LoginForm() request.session.set_test_cookie() return render(request, 'accounts/login.html', {'form':form}, mm.messages())
def link(request, id): """display a link""" mm = MessageManager(request) try: l = Link.objects.select_related('user', 'group').get(pk=id) except Discussion.DoesNotExist: return Http404 #update metrics try: dmet = Metric.objects.get_metric(l, key='views') dmet.value = int(dmet.value) + 1 except Metric.DoesNotExist: dmet = Metric.objects.create(l, 'views', 1) dmet.save() return render(request, 'main/link/index.html', {'link':l, 'views':dmet.value}, mm.messages())
def move_link(request, gid, id=None, remove=0): """edit a link""" # prepare messages mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if request.user.is_authenticated() and request.user.is_group_member(g) or request.user.is_group_manager(g): if id: l = get_object_or_404(Link, pk=id, user=request.user) if remove == '1': l.set_group(None) else: l.set_group(g) links = Link.objects.select_related('group').filter(user=request.user) return render(request, 'main/link/move.html', mm.messages(), {'group':g, 'links':links}) else: mm.set_notice("You can't do that!") return redirect(request.META.get('HTTP_REFERER','/'))
def move_discussion(request, gid, id=None, remove=0): """edit a discussion""" # prepare messages mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if request.user.is_authenticated() and request.user.is_group_member(g) or request.user.is_group_manager(g): if id: d = get_object_or_404(Discussion, pk=id, user=request.user) if remove == '1': d.set_group(None) else: d.set_group(g) discussions = Discussion.objects.select_related('group').filter(user=request.user) return render(request, 'main/discussion/move.html', mm.messages(), {'group':g, 'discussions':discussions}) else: mm.set_notice("You can't do that!") return redirect(request.META.get('HTTP_REFERER','/'))
def move_code_package(request, gid, id=None, remove=0): """edit a code package""" # prepare messages mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if request.user.is_authenticated() and request.user.is_group_member(g) or request.user.is_group_manager(g): if id: cp = get_object_or_404(CodePackage, pk=id, user=request.user) if remove == '1': cp.set_group(None) else: cp.set_group(g) codepkgs = CodePackage.objects.select_related('group').filter(user=request.user) return render(request, 'main/code_package/move.html', mm.messages(), {'group':g, 'code_packages':codepkgs}) else: mm.set_notice("You can't do that!") return redirect(request.META.get('HTTP_REFERER','/'))
def user_metrics(request, username): """display user metrics page""" # TODO: only group administrators can view user metrics mm = MessageManager(request) try: u = cUser.objects.get(username=username) except cUser.DoesNotExist: u = get_object_or_404(User, username=username) has_permission_to_see_metrics = False if request.user.is_authenticated() and request.user.username == username: has_permission_to_see_metrics = True elif is_manager(request.user, u): has_permission_to_see_metrics = True if has_permission_to_see_metrics: return render(request, 'accounts/user/metrics.html', {'profile_user':u}, mm.messages()) else: #raise Http404 mm.set_notice("you do not have permission to view that page") return redirect(request.META.get('HTTP_REFERER','/'))
def confirm(request, activation_key): """confirm a user registration""" # prepare messages mm = MessageManager(request) if request.user.is_active and request.user.activation_key == activation_key: raise Http404() user = get_object_or_404(cUser, activation_key=activation_key) if user.key_expires < datetime.datetime.today(): mm.set_notice("This activation code as expired. Try creating a new account") # TODO: completely remove accounts that have expired return render(request, 'accounts/confirm.html', mm.messages(), {'expired':True}) user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1) mm.set_success("Congratulations! You just activated your account!") request.session.set_test_cookie() if request.session.test_cookie_worked(): request.session.delete_test_cookie() # cookies are enabled # we need to call authenticate to set some varibles before calling login() auth_user = None try: auth_user = authenticate(username=user.username, password=user.activation_key) # activate the user after authentication so we can't # login with the activation key anymore #auth_user.is_active = True #auth_user.save() except NameError: pass if auth_user is not None: if auth_user.is_active: login(request, auth_user) # TODO: we don't cover all our bases here. we need to be more thorough with error checking if auth_user: return redirect(auth_user.get_absolute_url()) else: return redirect('/')
def add_task(request): """add a new task""" mm = MessageManager(request) if request.POST: # receive sent form form = NewTaskForm(request.POST) if form.is_valid(): mm.set_success("task created") dd = form.cleaned_data['due_date'] desc = form.cleaned_data['description'] note = form.cleaned_data['notify'] task = Task(due_date=dd, description=desc, notify=note, author=request.user, status=0) task.set_object(request.user) task.save() return redirect(request.user.get_absolute_url()) else: mm.set_error("error") # error pass else: # setup new form form = NewTaskForm() return render(request, 'tasks/new.html', {'form':form}, mm.messages())
def bugs(request): """bugs page""" # prepare messages mm = MessageManager(request) bugs = Bug.objects.all() return render(request, 'bugs/index.html', {'bugs':bugs}, mm.messages())
def view_bug(request, id): """view an individual bug report""" # prepare messages mm = MessageManager(request) return render(request, 'bugs/view.html', mm.messages())