def report_spam(request, pagename=None):
if pagename is None:
pagename ='home'
page = get_page(request.site._id, pagename)
if not page or page._id is None:
raise NotFound
# send spam to akismet if need or send false positive
if request.site.alias:
site_url = "http://%s.%s" % (request.site.alias, settings.SERVER_NAME)
else:
site_url = "http://%s/%s" % (settings.SERVER_NAME, request.site.cname)
ak = Akismet(site_url, request.site.akismet_key)
if page.is_spam:
fun_spam = ak.submit_ham
else:
fun_spam = ak.submit_spam
try:
fun_spam(page.user.ip, page.user.ua, page.content)
except:
pass
# save new flag
page.is_spam = not page.is_spam
page.save()
if not page.is_spam and page.title != "Home":
redirect_url = url_for('show_page', pagename=pagename)
else:
redirect_url = url_for('show_spam', pagename=pagename)
return redirect(redirect_url)
def revisions_feed(request=None, pagename=None, feedtype="atom"):
if pagename is None:
pagename ='Home'
page = get_page(request.site._id, pagename)
if not page:
raise NotFound
all_revisions = [page] + page.revisions()
if feedtype == "atom":
feed = AtomFeed(
title="%s: Latest revisions of %s" % (request.site.cname, page.title),
subtitle=request.site.subtitle,
updated = page.updated,
feed_url = request.url
)
for rev in all_revisions:
title = ''
_url="%s%s" % (request.host_url, url_for("revision_page",
pagename=pagename,
nb_revision=rev.nb_revision
))
for change in rev.changes:
if change['type'] != "unmod":
title = "\n".join(change['changed']['lines'])
title = do_truncate(do_striptags(title), 60)
title = title and title or "Edited."
feed.add(title, convert_markdown(rev.content),
updated=rev.updated,
url=_url,
id=_url,
author=rev.title.replace(' ', '_')
)
return feed.get_response()
else:
json = {
'title': "%s: Latest revisions of %s" % (request.site.cname, page.title),
'subtitle': request.site.subtitle,
'updated':datetime_tojson(page.updated),
'feed_url': request.url,
'revisions': []
}
for rev in all_revisions:
title = ''
for change in rev.changes:
if change['type'] != "unmod":
title = "\n".join(change['changed']['lines'])
title = do_truncate(do_striptags(title), 60)
title = title and title or "Edited."
url = "%s%s" % (request.host_url, url_for("revision_page",
cname=request.site.cname, pagename=pagename,
nb_revision=rev.nb_revision
))
json['revisions'].append({
'title': title,
'content': rev.content,
'url': url,
'updated':datetime_tojson(rev.updated),
'id':rev.nb_revision
})
return send_json(json)
def site_changes(request, feedtype=None):
pages = all_pages(request.site._id)
changes = get_changes(request.site._id)
if feedtype == "atom":
feed = AtomFeed(
title="%s: Latest changes" % request.site.title and request.site.title or request.site.cname,
subtitle=request.site.subtitle,
updated = changes[0].updated,
feed_url = request.url
)
for rev in changes:
_url = "%s%s" % (request.host_url, url_for("show_page", pagename=rev.title.replace(' ', '_')))
feed.add(rev.title, convert_markdown(rev.content),
updated=rev.updated,
url=_url,
id=_url,
author=rev.title.replace(' ', '_')
)
return feed.get_response()
elif feedtype == 'json':
json = {
'title': "%s: Latest changes" % request.site.title and request.site.title or request.site.cname,
'subtitle': request.site.subtitle,
'updated':datetime_tojson(changes[0].updated),
'feed_url': request.url,
'pages': []
}
for rev in changes:
url = "%s%s" % (request.host_url, url_for("show_page", pagename=rev.title.replace(' ', '_')))
json['pages'].append({
'title': rev.title,
'content': rev.content,
'url': url,
'updated':datetime_tojson(rev.updated),
'id':rev.title.replace(' ', '_')
})
return send_json(json)
elif feedtype == 'rdf':
site_title = request.site.title and request.site.title or request.site.cname
site_url = request.host_url
if not local.site_url:
site_url += local.site_url
sioc = SiocWiki(site_url, site_title, datetime_tojson(request.site.created))
for rev in changes:
_url = "%s%s" % (request.host_url, url_for("show_page", pagename=rev.title.replace(' ', '_')))
sioc.add_page(rev.content, rev.title, _url, datetime_tojson(rev.updated))
return send_sioc(sioc.to_str())
return render_response('site/changes.html', changes=changes, pages=pages)
def show_page(request=None, pagename=None):
mimetypes = request.accept_mimetypes
if pagename is None:
pagename ='home'
#pagename = pagename.replace(" ", "_")
redirect_from = request.values.get('redirect_from', '')
page = get_page(request.site._id, pagename)
if not page or page._id is None:
alias = AliasPage.get_alias(request.site._id, pagename)
if alias is not None:
page = Page.get(alias.page)
return redirect(url_for('show_page',
pagename=page.title.replace(' ', '_'),
redirect_from=pagename))
if not page or page._id is None:
if pagename.lower() in FORBIDDEN_PAGES:
redirect_url = "%s?error=%s" % (
url_for('show_page', pagename='home'),
u"Page name invalid."
)
return redirect(redirect_url)
page = Page(
site=request.site._id,
title=pagename.replace("_", " ")
)
if mimeparse.best_match(['application/rdf+xml', 'text/xml', 'text/html'],
request.headers['ACCEPT']) == "application/rdf+xml":
site_title = request.site.title and request.site.title or request.site.cname
site_url = request.host_url
if not local.site_url:
site_url += local.site_url
sioc = SiocWiki(site_url, site_title, datetime_tojson(request.site.created))
sioc.add_page(page.content, page.title, request.url, datetime_tojson(page.updated))
return send_sioc(sioc.to_str())
# get all pages
pages = all_pages(request.site._id)
response = render_response('page/show.html', page=page, pages=pages,
lexers=LEXERS_CHOICE, redirect_from=redirect_from)
return response
def site_forgot_password(request):
back=request.values.get('back', '')
if request.method == 'POST':
back = request.form.get('back', '')
# create token
otoken = PasswordToken(site=request.site._id)
otoken.save()
if request.site.alias:
site_url = "http://%s.%s" % (request.site.alias, settings.SERVER_NAME)
else:
site_url = "http://%s/%s" % (settings.SERVER_NAME, request.site.cname)
# send email
mail_subject = u"Password to your couchit site"
mail_content = render_template('site/forgot_password.txt', url=site_url, token=otoken._id)
send_mail(mail_subject, mail_content, "CouchIt <*****@*****.**>",
[request.site.email], fail_silently=True)
request.session['notify'] = u"We've sent out the secret link. Go check your email!"
redirect_url = url_for('site_login', back=back)
return redirect(redirect_url)
return render_response('site/forgot_password.html', back=back)
def revision_page(request=None, pagename=None, nb_revision=None):
if pagename is None:
pagename ='Home'
page = get_page(request.site._id, pagename)
if not page:
raise NotFound
if nb_revision is None:
nb_revision = 0
else:
try:
nb_revision = int(nb_revision)
except ValueError:
raise NotFound
revision = page.revision(nb_revision)
if revision is None:
return render_response('page/revision_notfound.html', page=page, pages=pages, site=request.site)
# revert page
if request.method == "POST" and "srevert" in request.form:
page.content = revision.content
page.save()
return redirect(url_for("show_page", pagename=pagename))
# get all pages
pages = all_pages(request.site._id)
return render_response('page/show.html', page=revision, pages=pages)
def delete_spam(request):
pages = request.values.getlist('d')
docs = []
for p in pages:
thash, docid, rev = p.split('_')
if thash != sha256("Home").hexdigest(): # make sure we don't delete home
docs.append({'_id': docid, '_rev': rev})
db.bulk_delete(docs)
return redirect(url_for('site_spam'))
def delete_page(request, pagename):
if pagename == 'Home': #security reason
return redirect(url_for('show_page', pagename='Home'))
page = get_page(request.site._id, pagename)
if not page or page._id is None:
raise NotFound
del db[page._id]
if local.site_url:
redirect_url = local.site_url
else:
redirect_url = '/'
return redirect(redirect_url)
def change_password_authenticated(request):
error = None
if request.method == 'POST':
site = get_site(request.site.cname)
p1 = request.form.get('password', '')
p2 = request.form.get('old_password', '')
if not p1:
error = u"New password can't be empty"
elif not p2:
error = u"Old password can't be empty"
elif make_hash(p2) != site.password:
error = u"Old password is invalid."
else:
h = make_hash(p1)
if (h != site.password):
site.password = h
site.save()
request.site = site
return redirect(url_for('site_settings'))
return render_response('site/change_password_authenticated.html', error=error)
def decorated(request, **kwargs):
authenticated = request.session.get('%s_authenticated' % request.site.cname, False)
if request.site.claimed and not authenticated:
redirect_url = url_for('site_login')
return redirect(redirect_url)
return f(request, **kwargs)
def site_export(request, feedtype="atom"):
def _zinfo(fname, date_time):
zinfo = zipfile.ZipInfo()
zinfo.filename = fname
zinfo.compress_type = zipfile.ZIP_DEFLATED
zinfo.date_time = date_time
return zinfo
pages = all_pages(request.site._id)
if pages:
pages.sort(lambda a,b: cmp(a.updated, b.updated))
if feedtype == "atom":
feed = AtomFeed(
title="%s: Latest changes" % request.site.title and request.site.title or request.site.cname,
subtitle=request.site.subtitle,
updated = pages[0].updated,
feed_url = request.url
)
for page in pages:
_url = "%s%s" % (request.host_url, url_for("show_page", pagename=page.title.replace(' ', '_')))
feed.add(page.title, escape(page.content),
updated=page.updated,
url=_url,
id=_url,
author=page.title.replace(' ', '_')
)
return feed.get_response()
elif feedtype == "json":
json = {
'title': "%s: Latest changes" % request.site.title and request.site.title or request.site.cname,
'subtitle': request.site.subtitle,
'updated':datetime_tojson(pages[0].updated),
'pages': []
}
for page in pages:
url = url_for("show_page",
pagename=page.title.replace(' ', '_')
)
json['pages'].append({
'title': page.title,
'content': page.content,
'url': url,
'updated':datetime_tojson(page.updated),
'id':page.title.replace(' ', '_')
})
return send_json(json)
elif feedtype == "zip":
pages = all_pages(request.site._id)
zip_content = StringIO()
zfile = zipfile.ZipFile(zip_content, "w", zipfile.ZIP_DEFLATED)
import time, codecs
for page in pages:
zinfo = _zinfo("markdown/%s" % smart_str(page.title.replace(" ", "_")) + ".txt",
time.localtime()[:6])
zfile.writestr(zinfo, codecs.BOM_UTF8 + page.content.encode('utf-8'))
zinfo = _zinfo("%s" % smart_str(page.title.replace(" ", "_")) + ".html",
time.localtime()[:6])
zfile.writestr(zinfo, codecs.BOM_UTF8 + render_template("page/export.html",
page=page, request=request, pages=pages).encode( "utf-8" ))
zinfo = _zinfo("index.html", time.localtime()[:6])
zfile.writestr(zinfo, codecs.BOM_UTF8 + render_template("page/export_index.html",
pages=pages, request=request).encode( "utf-8" ))
zfile.close()
response = BCResponse(zip_content.getvalue())
response.headers['content-type'] = "application/x-zip-compressed"
return response
def edit_page(request, pagename=None):
if pagename is None:
pagename ='Home'
page = get_page(request.site._id, pagename)
if not page or page._id is None:
page = Page(
site=request.site._id,
title=pagename.replace("_", " ")
)
if request.is_xhr and request.method=="POST":
error = ""
data = json.loads(request.data)
new_title = data.get('new_title')
if new_title and new_title is not None:
try:
page.rename(new_title)
redirect_url = url_for('show_page', pagename=new_title.replace(' ', '_'))
return send_json({"ok": True, "redirect_url": redirect_url})
except PageExist:
error = "A page already exist with this name"
else:
error = "An unexpected error happened, please contact administrator."
else:
error = u"New title is empty"
return send_json({
"ok": False,
"error": error
})
if request.method == "POST":
if 'new_title' in request.form:
new_title = request.form['new_title']
try:
page.rename(new_title)
redirect_url = url_for('show_page', pagename=new_title.replace(' ', '_'))
return redirect(redirect_url)
except PageExist:
error = "A page already exist with this name"
else:
error = "An unexpected error happened, please contact administrator."
else:
content = request.form.get('content', '')
# check spam with akismet
if request.site.akismet_key:
if request.site.alias:
site_url = "http://%s.%s" % (request.site.alias, settings.SERVER_NAME)
else:
site_url = "http://%s/%s" % (settings.SERVER_NAME, request.site.cname)
ak = Akismet(site_url, request.site.akismet_key)
try:
is_spam = ak.comment_check(request.environ['REMOTE_ADDR'],
request.environ['HTTP_USER_AGENT'], content)
except: # fail silently
is_spam = False
else:
is_spam = False
page.content = content
page.is_spam = is_spam # flag page
page.user = UserInfos(ip=request.environ['REMOTE_ADDR'], ua=request.environ['HTTP_USER_AGENT'])
page.save()
if not page.is_spam and page.title != "Home":
redirect_url = url_for('show_page', pagename=pagename)
else:
redirect_url = url_for('show_spam', pagename=pagename)
return redirect(redirect_url)
return redirect(url_for('show_page', pagename=pagename, error=error))
expires = time.time() + settings.SESSION_COOKIE_AGE
session_store.save(request.session)
response.set_cookie(
settings.SESSION_COOKIE_NAME,
request.session.sid,
expires=expires, max_age=max_age,
path=settings.SESSION_COOKIE_PATH,
domain=settings.SESSION_COOKIE_DOMAIN,
secure=settings.SESSION_COOKIE_SECURE
)
if hasattr(request, 'site'):
if request.site.privacy == "private" and not authenticated and endpoint!='site_login' and endpoint!='forgot_password' and endpoint !='change_password':
back = ''
if endpoint:
back = url_for(endpoint, **args)
response = redirect(url_for('site_login', back=back))
elif not subdomain and request.site.alias:
redirect_url = "http://%s.%s/%s" % (request.site.alias, settings.SERVER_NAME,
path_info)
print redirect_url
response = redirect(redirect_url)
return response(environ, start_response)
def __call__(self, environ, start_response):
local.application = self
return ClosingIterator(self.dispatch(environ, start_response),
[local_manager.cleanup])
