Ejemplo n.º 1
0
def add_link():
    """Adds a new link for the current user."""
    form = LinkForm(request.form,
                    banlist=[strip_protocol(app.config["LINKSERVER_URL"])])
    client = get_db_client(app, g)

    if request.method == "POST":
        # Validate the form
        form.long_url.data = ensure_protocol(form.long_url.data)
        if form.validate():
            # TODO Decide whether we want to do something with the response
            kwargs = form.to_json()
            try:
                client.create_short_url(
                    netid=current_user.netid,
                    **kwargs
                )
                return redirect("/")
            except Exception as e:
                return render_template("add.html",
                                       errors=["{}".format(e)],
                                       netid=current_user.netid,
                                       admin=current_user.is_admin())

        else:
            # WTForms detects a form validation error
            return render_template("add.html",
                                   errors=form.errors,
                                   netid=current_user.netid,
                                   admin=current_user.is_admin())
    else:
        # GET request
        return render_template("add.html",
                               netid=current_user.netid,
                               admin=current_user.is_admin())
Ejemplo n.º 2
0
def admin_unblock_link():
    """Remove a link from the banned links list."""
    client = get_db_client(app, g)
    if request.method == "POST":
        client.allow_link(request.form["url"])

    return redirect("/admin/links")
Ejemplo n.º 3
0
def admin_delete():
    """Delete an existing administrator."""
    client = get_db_client(app, g)
    if request.method == "POST":
        client.delete_admin(request.form["netid"])

    return redirect("/admin/manage")
Ejemplo n.º 4
0
def delete_link():
    """Deletes a link."""
    client = get_db_client(app, g)

    # TODO Handle the response intelligently, or put that logic somewhere else
    if request.method == "POST":
        app.logger.info("Deleting URL: {}".format(request.form["short_url"]))
        client.delete_url(request.form["short_url"])
    return redirect("/")
Ejemplo n.º 5
0
def admin_unban_user():
    """Unban a user from the blacklist.

    Removes a user from the blacklist, restoring their previous privileges.
    """
    client = get_db_client(app, g)
    if request.method == "POST":
        client.unban_user(request.form["netid"])

    return redirect("/admin/blacklist")
Ejemplo n.º 6
0
def admin_blacklist():
    """Renders the administrator blacklist.

    Allows admins to blacklist users to prevent them from accessing the web
    interface.
    """
    client = get_db_client(app, g)
    return render_template("admin_blacklist.html",
                           admin=True,
                           blacklist=client.get_blacklisted_users(),
                           netid=current_user.netid)
Ejemplo n.º 7
0
def admin_links():
    """Renders the administrator link banlist.

    Allows admins to block (and unblock) particular URLs from being shrunk.
    """
    client = get_db_client(app, g)
    return render_template("admin_links.html",
                           admin=True,
                           banlist=client.get_blocked_links(),
                           form=BlockLinksForm(request.form),
                           netid=current_user.netid)
Ejemplo n.º 8
0
def admin_add():
    """Add a new administrator."""
    client = get_db_client(app, g)
    form = AddAdminForm(request.form)
    if request.method == "POST":
        if form.validate():
            client.add_admin(form.netid.data, current_user.netid)
        else:
            # TODO catch validation errors
            pass

    return redirect("/admin/manage")
Ejemplo n.º 9
0
def admin_manage():
    """Renders a list of administrators.

    Allows an admin to add and remove NetIDs from the list of official
    administrators.
    """
    client = get_db_client(app, g)
    return render_template("admin_list.html",
                           admin=True,
                           admins=client.get_admins(),
                           form=AddAdminForm(request.form),
                           netid=current_user.netid)
Ejemplo n.º 10
0
def admin_ban_user():
    """Ban a user from using the web application.

    Adds a user to the blacklist.
    """
    client = get_db_client(app, g)
    form = BlacklistUserForm(request.form)
    if request.method == "POST":
        if form.validate():
            client.ban_user(form.netid.data, current_user.netid)
        else:
            # TODO Catch validation errors
            pass

    return redirect("/admin/blacklist")
Ejemplo n.º 11
0
def admin_block_link():
    """Block a link from being shrunk.

    Allows an administrator to block a link pattern from being shrunk by the
    web application. URLs matching the given regular expression will be
    prohibited.
    """
    client = get_db_client(app, g)
    form = BlockLinksForm(request.form)
    if request.method == "POST":
        if form.validate():
            client.block_link(form.link.data, current_user.netid)
        else:
            # TODO catch validation errors
            pass

    return redirect("/admin/links")
Ejemplo n.º 12
0
        def redirect_link(short_url):
            """Redirects to the short URL's true destination.

            This looks up the short URL's destination in the database and performs a
            redirect, logging some information at the same time. If no such link
            exists, a not found page is shown.

            :Parameters:
              - `short_url`: A string containing a shrunk-ified URL.
            """
            client = get_db_client(app, g)
            app.logger.info("{} requests {}".format(request.remote_addr, short_url))

            # Perform a lookup and redirect
            long_url = client.get_long_url(short_url)
            if long_url is None:
                return render_template("link-404.html", short_url=short_url)
            else:
                client.visit(short_url, request.remote_addr)
                # Check if a protocol exists
                if "://" in long_url:
                    return redirect(long_url)
                else:
                    return redirect("http://{}".format(long_url))
Ejemplo n.º 13
0
def edit_link():
    """Edits a link.

    On POST, this route expects a form that contains the unique short URL that
    will be edited.
    """
    client = get_db_client(app, g)
    form = LinkForm(request.form)

    if request.method == "POST":
        # Validate form before continuing
        if form.long_url.data.startswith(app.config['LINKSERVER_URL']) or form.long_url.data.startswith(app.config['LINKSERVER_URL'][:7]):
            return render_template("add.html",
                                    errors=["Blocked Link"],
                                    admin=current_user.is_admin()
            )
        if form.validate():
            # Success - make the edits in the database
            kwargs = form.to_json()
            response = client.modify_url(
                request.form["short_url"],
                **kwargs
            )
            return redirect("/")
        else:
            form.long_url.data = "http://" + form.long_url.data
            # TODO Can we do anything with the database response?
            if form.validate():
                kwargs = form.to_json()
                response = client.modify_url(
                    request.form["short_url"],
                    **kwargs
                )
                return redirect("/")
            else:
                # Validation error
                short_url = request.form["short_url"]
                info = client.get_url_info(short_url)
                long_url = info["long_url"]
                title = info["title"]
                return render_template("edit.html",
                                    errors=form.errors,
                                    netid=current_user.netid,
                                    title=title,
                                    short_url=short_url,
                                    long_url=long_url)
    else: # GET request
        # Hit the database to get information
        short_url = request.args["url"]
        info = client.get_url_info(short_url)
        owner = info["netid"]
        if owner != current_user.netid and not current_user.is_admin():
            return render_index(wrong_owner=True)

        long_url = info["long_url"]
        title = info["title"]
        # Render the edit template
        return render_template("edit.html", netid=current_user.netid,
                                            title=title,
                                            short_url=short_url,
                                            long_url=long_url)
Ejemplo n.º 14
0
def render_index(**kwargs):
    """Renders the homepage.

    Renders the homepage for the current user. By default, this renders all of
    the links owned by them. If a search has been made, then only the links
    matching their search query are shown.
    """
    client = get_db_client(app, g)
    if not hasattr(current_user, "netid"):
        # Anonymous user
        return redirect("/login")

    # Grab the current page number
    try:
        page = int(request.args["p"])
    except:
        page = 0

    # If this exists, execute a search query
    try:
        query = request.args["search"]
    except:
        query = ""

    # Display all users or just the current administrator?
    try:
        all_users = request.args["all_users"]
    except:
        if "all_users" in request.cookies:
            all_users = request.cookies["all_users"]
        else:
            all_users = "1"

    # Change sorting preferences
    if "sortby" in request.args:
        sortby = request.args["sortby"]
    elif "sortby" in request.cookies:
        sortby = request.cookies["sortby"]
    else:
        sortby = "0"

    # Depending on the type of user, get info from the database
    is_admin = not current_user.is_anonymous() and current_user.is_admin()
    if is_admin:
        netid = current_user.netid
        if query:
            cursor = client.search(query)
        elif all_users == "1":
            cursor = client.get_all_urls(query)
        else:
            cursor = client.get_urls(current_user.netid)
    else:
        netid = current_user.netid
        if query:
            cursor = client.search(query, netid=netid)
            app.logger.info("search: {}, '{}'".format(netid, query))
        else:
            cursor = client.get_urls(current_user.netid)
            app.logger.info("render index: {}".format(netid))

    # Perform sorting, pagination and get the results
    cursor.sort(sortby)
    page, lastpage = cursor.paginate(page, app.config["MAX_DISPLAY_LINKS"])
    links = cursor.get_results()

    resp = make_response(
            render_template("index.html",
                            admin=is_admin,
                            all_users=all_users,
                            lastpage=lastpage,
                            links=links,
                            linkserver_url=app.config["LINKSERVER_URL"],
                            netid=netid,
                            page=page,
                            query=query,
                            sortby=sortby,
                            **kwargs))
    resp.set_cookie("all_users", all_users)
    resp.set_cookie("sortby", sortby)
    return resp