def toggle_status_ignoring(status):
try:
status = sqla.session.query(sqlm.StatusUpdate).filter_by(id=status)[0]
except:
return abort(404)
try:
status_user = sqla.session.query(sqlm.StatusUpdateUser).filter_by(
status=status, author=current_user)[0]
except IndexError:
status_user = None
if not status_user:
try:
status.participants.append(current_user)
return app.jsonify(url="/status/" + str(status.id))
except:
return app.jsonify(url="/status/" + str(status.id))
status_user.ignoring = not status_user.ignoring
sqla.session.add(status_user)
sqla.session.commit()
return app.jsonify(url="/status/" + str(status.id))
def acknowledge_notification():
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(seen=False, user=current_user) \
.update({sqlm.Notification.seen: True})
request_json = request.get_json(force=True)
try:
notification = sqla.session.query(sqlm.Notification) \
.filter_by(id=request_json.get("notification",""))[0]
if notification.user != current_user:
return app.jsonify(success=False)
sqla.session.query(sqlm.Notification) \
.filter_by(id=request_json.get("notification","")) \
.update({sqlm.Notification.acknowledged: True})
except:
return app.jsonify(success=False)
try:
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(acknowledged=False, user=current_user, url=notification.url) \
.update({sqlm.Notification.acknowledged: True})
except:
return app.jsonify(success=False)
_count = current_user.get_notification_count()
thread = Thread(target=send_message, args=({"users": [current_user.listener_token, ], "count_update": _count}, ))
thread.start()
return app.jsonify(success=True, count=_count)
def blog_list_api():
query = request.args.get("q", "")[0:300]
if len(query) < 2:
return app.jsonify(results=[])
q_ = parse_search_string(query, sqlm.Blog, sqla.session.query(sqlm.Blog), [
"name",
])
blogs = q_.all()
results = [{"text": str(b.name), "id": str(b.id)} for b in blogs]
return app.jsonify(results=results)
def remove_image_from_character_gallery(slug):
request_json = request.get_json(force=True)
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
return abort(404)
if current_user != character.author and not current_user.is_admin:
return abort(404)
try:
attachment = sqla.session.query(sqlm.Attachment).filter_by(id=request_json["pk"])[0]
except IndexError:
return abort(404)
if attachment.character != character:
return abort(404)
if attachment == character.default_avatar:
character.default_avatar = None
if attachment == character.default_gallery_image:
character.default_gallery_image = None
attachment.character_gallery = False
attachment.character = None
attachment.hidden = True
sqla.session.add(character)
sqla.session.commit()
sqla.session.add(attachment)
sqla.session.commit()
return app.jsonify(success=True)
def toggle_character_gallery_image_emote(slug):
request_json = request.get_json(force=True)
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
return abort(404)
if current_user != character.author and not current_user.is_admin:
return abort(404)
try:
attachment = sqla.session.query(sqlm.Attachment).filter_by(id=request_json["pk"])[0]
except IndexError:
return abort(404)
if attachment.character != character:
return abort(404)
if attachment.character_avatar == None:
attachment.character_avatar = True
attachment.character_avatar = not attachment.character_avatar
sqla.session.add(attachment)
sqla.session.commit()
return app.jsonify(success=True)
def send_user_characters():
characters = sqla.session.query(sqlm.Character).filter_by(
author = current_user,
hidden = False
).order_by(sqlm.Character.name)
character_data = []
for character in characters:
parsed_character = {}
parsed_character["name"] = character.name
parsed_character["slug"] = character.slug
try:
parsed_character["default_avvie"] = character.get_avatar(50)
except:
parsed_character["default_avvie"] = ""
parsed_character["alternate_avvies"] = []
for attachment in sqla.session.query(sqlm.Attachment) \
.filter_by(character_avatar=True, character=character) \
.order_by(sqlm.Attachment.character_gallery_weight):
parsed_attachment = {}
parsed_attachment["url"] = attachment.get_specific_size(50)
parsed_attachment["alt"] = attachment.alt
parsed_attachment["id"] = attachment.id
parsed_character["alternate_avvies"].append(parsed_attachment)
character_data.append(parsed_character)
return app.jsonify(characters=character_data)
def character_recent_activity_api(slug):
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
abort(404)
try:
draw = int(request.args.get("draw"))
except:
draw = 0
table_data = []
posts = sqla.session.query(sqlm.Post).filter_by(character=character).all()
for i, post in enumerate(posts):
table_data.append(
[
"""<a href="/t/%s/page/1/post/%s">%s</a>""" % (
post.topic.slug,
post.id,
post.topic.title
),
post.author.display_name,
humanize_time(post.created),
arrow.get(post.created).timestamp
]
)
data = {
"draw": draw,
"recordsTotal": len(table_data),
"recordsFiltered": len(table_data),
"data": table_data
}
return app.jsonify(data)
def remove_custom_field(login_name):
try:
user = sqla.session.query(
sqlm.User).filter_by(my_url=login_name.strip().lower())[0]
except IndexError:
abort(404)
if current_user != user and not current_user.is_admin:
abort(404)
request_json = request.get_json(force=True)
if request_json.get("field", "") not in sqlm.User.AVAILABLE_PROFILE_FIELDS:
abort(404)
if request_json.get("value", "").strip() == "":
abort(404)
tmp_data = user.data.copy()
if "my_fields" not in tmp_data:
abort(404)
for i, f in enumerate(tmp_data["my_fields"]):
if f[0] == request_json.get("field", "") and f[1] == request_json.get(
"value", ""):
tmp_data["my_fields"].pop(i)
user.data = tmp_data
flag_modified(user, "data")
sqla.session.add(user)
sqla.session.commit()
return app.jsonify(success=True)
def toggle_follow_blog(slug):
try:
blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0]
except IndexError:
sqla.session.rollback()
return abort(404)
if not current_user in blog.subscribers:
blog.subscribers.append(current_user)
broadcast(to=[
blog.author,
],
category="followed",
url="/blog/%s" % (str(blog.slug), ),
title="followed blog %s" % (str(blog.name)),
description="",
content=blog,
author=current_user)
else:
try:
blog.subscribers.remove(current_user)
except:
pass
try:
sqla.session.add(blog)
sqla.session.commit()
except:
sqla.session.rollback()
return app.jsonify(url="/blog/%s" % (blog.slug))
def toggle_ignore_user(login_name):
try:
user = sqla.session.query(
sqlm.User).filter_by(my_url=login_name.strip().lower())[0]
except IndexError:
abort(404)
if current_user == user:
return abort(404)
existed = False
try:
ignore_setting = sqla.session.query(sqlm.IgnoringUser) \
.filter_by(
user=current_user,
ignoring=user
)[0]
existed = True
except IndexError:
ignore_setting = sqlm.IgnoringUser(
user=current_user,
ignoring=user,
created=arrow.utcnow().datetime.replace(tzinfo=None))
if existed:
sqla.session.delete(ignore_setting)
sqla.session.commit()
else:
sqla.session.add(ignore_setting)
sqla.session.commit()
return app.jsonify(url="/member/" + str(user.my_url))
def ignore_users(login_name):
try:
user = sqla.session.query(
sqlm.User).filter_by(my_url=login_name.strip().lower())[0]
except IndexError:
abort(404)
request_json = request.get_json(force=True)
try:
to_ignore = list(
sqla.session.query(sqlm.User) \
.filter(sqlm.User.id.in_(request_json.get("data"))) \
.all()
)
except:
pass
for user_ in to_ignore:
if user_ in [u.ignoring for u in user.ignored_users]:
continue
if user_ == user:
continue
new_ignore = sqlm.IgnoringUser()
new_ignore.user = user
new_ignore.ignoring = user_
new_ignore.created = arrow.utcnow().datetime.replace(tzinfo=None)
sqla.session.add(new_ignore)
sqla.session.commit()
return app.jsonify(url="/member/" + str(user.my_url) + "/change-settings")
def request_friendship(login_name):
try:
user = sqla.session.query(
sqlm.User).filter_by(my_url=login_name.strip().lower())[0]
except IndexError:
abort(404)
if current_user == user:
return abort(404)
if not current_user in user.rejected_friends():
if current_user not in user.pending_friends(
) and current_user not in user.friends():
friendship = sqlm.Friendship(
user=current_user,
friend=user,
created=arrow.utcnow().datetime.replace(tzinfo=None),
)
sqla.session.add(friendship)
sqla.session.commit()
broadcast(to=[
user,
],
category="friend",
url="/member/%s/friends" % (str(user.my_url)),
title="sent you a friend request",
description="",
content=current_user,
author=current_user)
return app.jsonify(url="/member/" + str(user.my_url))
def set_default_character_avatar(slug):
request_json = request.get_json(force=True)
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
return abort(404)
if current_user != character.author and not current_user.is_admin:
return abort(404)
try:
attachment = sqla.session.query(sqlm.Attachment).filter_by(id=request_json["pk"])[0]
except IndexError:
return abort(404)
if attachment.character != character:
return abort(404)
character.legacy_avatar_field = None
character.default_avatar = attachment
# attachment.character_avatar = True
sqla.session.add(character)
sqla.session.commit()
# sqla.session.add(attachment)
# sqla.session.commit()
return app.jsonify(success=True)
def edit_gallery_image(slug):
request_json = request.get_json(force=True)
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
return abort(404)
if current_user != character.author and not current_user.is_admin:
return abort(404)
try:
attachment = sqla.session.query(sqlm.Attachment).filter_by(id=request_json["pk"])[0]
except IndexError:
return abort(404)
if attachment.character != character:
return abort(404)
cleaner = ForumHTMLCleaner()
attachment.caption=cleaner.basic_escape(request_json.get("author", ""))
attachment.alt=cleaner.basic_escape(request_json.get("caption", ""))
attachment.origin_url=cleaner.basic_escape(request_json.get("source", ""))
sqla.session.add(attachment)
sqla.session.commit()
return app.jsonify(success=True)
def dashboard_notifications():
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(
user=current_user,
acknowledged=False) \
.options(joinedload(sqlm.Notification.author))\
.order_by(sqlm.Notification.created).all()
parsed_notifications = []
for notification in notifications:
try:
parsed_ = {}
parsed_["time"] = humanize_time(notification.created)
parsed_["stamp"] = arrow.get(notification.created).timestamp
parsed_["member_disp_name"] = notification.author.display_name
parsed_["member_url"] = notification.author.my_url
parsed_["member_pk"] = str(notification.author.id)
parsed_["member_avatar"] = notification.author.get_avatar_url("40")
parsed_["text"] = notification.message
parsed_["id"] = notification.id
parsed_["_id"] = notification.id
parsed_["category"] = notification.category
parsed_["url"] = notification.url
parsed_["ref"] = md5(notification.url+notification.message)
parsed_notifications.append(parsed_)
except AttributeError:
pass
return app.jsonify(notifications=parsed_notifications)
def status_update_replies(status):
try:
status = sqla.session.query(sqlm.StatusUpdate).filter_by(id=status)[0]
except:
return abort(404)
request.canonical = app.config['BASE'] + "/status/%s" % (status, )
if status.hidden == True and (current_user.is_admin != True
or current_user.is_mod != True):
return abort(404)
cleaner = ForumHTMLCleaner()
replies = []
for reply in sqla.session.query(sqlm.StatusComment).filter_by(
status=status, hidden=False).order_by(sqlm.StatusComment.created):
parsed_reply = {}
parsed_reply["text"] = cleaner.escape(reply.message)
parsed_reply["user_name"] = reply.author.display_name
parsed_reply["author_login_name"] = reply.author.my_url
parsed_reply["user_avatar"] = reply.author.get_avatar_url("60")
parsed_reply["user_avatar_x"] = reply.author.avatar_60_x
parsed_reply["user_avatar_y"] = reply.author.avatar_60_y
parsed_reply["is_admin"] = current_user.is_admin
parsed_reply["time"] = humanize_time(reply.created)
parsed_reply["idx"] = reply.id
replies.append(parsed_reply)
return app.jsonify(replies=replies, count=status.get_comment_count())
def edit_profile(login_name):
try:
user = sqla.session.query(
sqlm.User).filter_by(my_url=login_name.strip().lower())[0]
except IndexError:
abort(404)
if current_user != user and not current_user.is_admin:
abort(404)
try:
if len(request.form.get("about_me")) > 50000:
return app.jsonify(error="Your profile text is too large.")
except TypeError:
pass
if request.method == 'POST':
cleaner = ForumHTMLCleaner()
user.about_me = cleaner.clean(request.form.get("about_me"))
sqla.session.add(user)
sqla.session.commit()
parser = ForumPostParser()
# user.about_me = parser.parse(user.about_me)
return json.jsonify(about_me=parser.parse(user.about_me, _object=user))
else:
return json.jsonify(content=user.about_me)
def toggle_status_hide(status):
try:
status = sqla.session.query(sqlm.StatusUpdate).filter_by(id=status)[0]
except:
return abort(404)
if current_user.is_admin != True or current_user.is_mod != True:
return abort(404)
if not status.hidden:
if current_user != status.author:
broadcast(to=[
status.author,
],
category="status",
url="/status/" + str(status.id),
title="Your status update was hidden",
description=status.message,
content=status,
author=current_user)
broadcast(to=list(
sqla.session.query(sqlm.User).filter_by(is_admin=True)),
category="mod",
url="/status/" + str(status.id),
title="status update hidden",
description=status.message,
content=status,
author=current_user)
status.hidden = not status.hidden
sqla.session.add(status)
sqla.session.commit()
return app.jsonify(url="/status/" + str(status.id))
def add_to_pm(pk):
try:
topic = sqla.session.query(sqlm.PrivateMessage).filter_by(id=pk)[0]
except IndexError:
return abort(404)
if not current_user == topic.author:
return abort(404)
request_json = request.get_json(force=True)
try:
to_add = list(
sqla.session.query(sqlm.User) \
.filter(sqlm.User.id.in_(request_json.get("authors"))) \
.all()
)
except:
to_add = []
for user in to_add:
try:
participant = sqla.session.query(
sqlm.PrivateMessageUser).filter_by(pm=topic, author=user)[0]
continue
except IndexError:
pass
participant = sqlm.PrivateMessageUser(author=user, pm=topic)
sqla.session.add(participant)
sqla.session.commit()
return app.jsonify(url="/messages/" + str(topic.id))
def rss_get_comments(key, entry):
request_json = request.get_json(force=True)
try:
rss_feed = sqlm.RSSScraper.query.filter_by(
rss_key=request_json.get(key, ""))[0]
except IndexError:
return app.jsonify(error="RSS Feed does not exist.")
try:
rss_content = sqlm.RSSContent.query.filter_by(
remote_id=request_json.get(entry, ""))[0]
except IndexError:
return app.jsonify(error="RSS Content does not exist.")
return app.jsonify(version="Prerelease 4")
def edit_post_in_pm_topic(pk):
try:
topic = sqla.session.query(sqlm.PrivateMessage).filter_by(id=pk)[0]
except IndexError:
return abort(404)
try:
pm_user = sqla.session.query(sqlm.PrivateMessageUser).filter_by(
pm=topic, author=current_user)[0]
except IndexError:
return abort(404)
request_json = request.get_json(force=True)
try:
message = sqla.session.query(sqlm.PrivateMessageReply).filter_by(
id=request_json.get("pk"), pm=topic)[0]
except IndexError:
return abort(404)
if current_user != message.author:
return abort(404)
if request_json.get("text", "").strip() == "":
return app.jsonify(error="Your post is empty.")
if len(request_json.get("text", "")) > 50000:
return app.jsonify(error="Your post is too large.")
cleaner = ForumHTMLCleaner()
try:
post_html = cleaner.clean(request_json.get("post", ""))
except:
return abort(500)
message.message = post_html
message.modified = arrow.utcnow().datetime
sqla.session.add(message)
sqla.session.commit()
clean_html_parser = ForumPostParser()
return app.jsonify(html=clean_html_parser.parse(message.message,
_object=message),
success=True)
def mark_all_notifications():
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(seen=False, user=current_user) \
.update({sqlm.Notification.seen: True})
_count = current_user.get_notification_count()
thread = Thread(target=send_message, args=({"users": [current_user.listener_token, ], "count_update": _count}, ))
thread.start()
return app.jsonify(success=True)
def clear_search_lookup():
session["start_date"] = ""
session["end_date"] = ""
session["categories"] = []
session["topics"] = []
session["content_type"] = "posts"
session["search_authors"] = []
session["query"] = ""
return app.jsonify(url="/search")
def toggle_follow_blog_entry(slug, entry_slug):
try:
blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0]
except IndexError:
sqla.session.rollback()
return abort(404)
try:
entry = sqla.session.query(sqlm.BlogEntry).filter_by(
blog=blog, slug=entry_slug)[0]
except IndexError:
sqla.session.rollback()
return abort(404)
if blog.privacy_setting == "you" and current_user != blog.author:
return abort(404)
elif blog.privacy_setting == "editors" and (
current_user != blog.author and current_user not in blog.editors):
return abort(404)
elif blog.privacy_setting == "members" and not current_user.is_authenticated:
return abort(404)
if not current_user in entry.subscribers:
entry.subscribers.append(current_user)
broadcast(to=[
entry.author,
],
category="followed",
url="/blog/%s/e/%s" % (str(blog.slug), str(entry.slug)),
title="followed blog entry %s" % (str(entry.title)),
description="",
content=entry,
author=current_user)
else:
try:
entry.subscribers.remove(current_user)
except:
pass
try:
sqla.session.add(entry)
sqla.session.commit()
except:
sqla.session.rollback()
if not current_user in blog.subscribers:
blog.subscribers.append(current_user)
try:
sqla.session.add(blog)
sqla.session.commit()
except:
sqla.session.rollback()
return app.jsonify(url="/blog/%s/e/%s" % (blog.slug, entry.slug))
def create_attachment_for_character(slug):
file = request.files['file']
if file:
filename = secure_filename(file.filename)
image = Image(file=file)
img_bin = image.make_blob()
img_hash = hashlib.sha512(img_bin).hexdigest()
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
abort(404)
if current_user != character.author and not current_user.is_admin:
return abort(404)
_time = time.time()
attach = sqlm.Attachment()
attach.character = character
attach.character_gallery = True
attach.character_avatar = False
attach.character_gallery_weight = 100000
attach.extension = filename.split(".")[-1]
attach.x_size = image.width
attach.y_size = image.height
attach.mimetype = mimetypes.guess_type(filename)[0]
attach.size_in_bytes = len(img_bin)
attach.owner_name = current_user.login_name
attach.owner = current_user
attach.alt = filename
attach.used_in = 0
attach.created_date = arrow.utcnow().datetime
attach.file_hash = img_hash
attach.linked = False
upload_path = os.path.join(os.getcwd(), "lamia/static/uploads", str(_time)+"_"+str(current_user.id)+filename)
attach.path = str(_time)+"_"+str(current_user.id)+filename
sqla.session.add(attach)
sqla.session.commit()
image.save(filename=upload_path)
if character.default_avatar == None and character.legacy_avatar_field == None:
character.default_avatar = attach
if character.default_gallery_image == None and character.legacy_gallery_field == None:
character.default_gallery_image = attach
sqla.session.add(character)
sqla.session.commit()
return app.jsonify(attachment=str(attach.id), xsize=attach.x_size)
else:
return abort(404)
def validate_user(login_name):
try:
user = sqla.session.query(
sqlm.User).filter_by(my_url=login_name.strip().lower())[0]
except IndexError:
abort(404)
if current_user.is_admin != True:
return abort(404)
user.validated = True
user.new_user_token = ""
user.new_user_token_date = None
broadcast(
to=sqla.session.query(sqlm.User).filter_by(
banned=False,
).filter(sqlm.User.login_name != user.login_name) \
.filter(sqlm.User.hidden_last_seen > arrow.utcnow().replace(hours=-24).datetime.replace(tzinfo=None)) \
.all(),
category="new_member",
url="/member/"+str(user.my_url),
title="joined the forum! Greet them!",
description="",
content=user,
author=user
)
broadcast(to=[
user,
],
category="new_member",
url="/category/welcome",
title="Welcome! Click here to introduce yourself!",
description="",
content=user,
author=user)
sqla.session.add(user)
sqla.session.commit()
send_mail_w_template(send_to=[
user,
],
template="manual_validation_welcome",
subject="Welcome to %s!" %
(app.get_site_config("core.site-name"), ),
variables={
"_user": user,
"address": app.config['BASE'] + "/sign-in"
})
return app.jsonify(url="/member/" + str(user.my_url))
def toggle_status_lock(status):
try:
status = sqla.session.query(sqlm.StatusUpdate).filter_by(id=status)[0]
except:
return abort(404)
if current_user.is_admin != True or current_user.is_mod != True:
return abort(404)
status.locked = not status.locked
sqla.session.add(status)
sqla.session.commit()
return app.jsonify(url="/status/" + str(status.id))
def ack_all_notifications():
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(user=current_user) \
.update({
sqlm.Notification.acknowledged: True,
sqlm.Notification.seen: True,
sqlm.Notification.emailed: True,
})
_count = 0
thread = Thread(target=send_message, args=({"users": [current_user.listener_token, ], "count_update": _count}, ))
thread.start()
return app.jsonify(success=True, url="/dashboard")
def status_hide_reply(status, idx):
try:
comment = sqla.session.query(sqlm.StatusComment).filter_by(id=idx)[0]
except:
return abort(404)
if (current_user.is_admin != True or current_user.is_mod != True):
return abort(404)
comment.hidden = True
sqla.session.add(comment)
sqla.session.commit()
return app.jsonify(success=True)
def acknowledge_category():
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(seen=False, user=current_user) \
.update({sqlm.Notification.seen: True})
request_json = request.get_json(force=True)
notifications = sqla.session.query(sqlm.Notification) \
.filter_by(acknowledged=False, user=current_user, category=request_json.get("category","")) \
.update({sqlm.Notification.acknowledged: True})
_count = current_user.get_notification_count()
thread = Thread(target=send_message, args=({"users": [current_user.listener_token, ], "count_update": _count}, ))
thread.start()
return app.jsonify(success=True, count=_count)