def follower_distrust(followed, follower, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
if not follower.is_following(followed):
raise action_error(_('not currently following'), code=400)
follow = Session.query(Follow).filter(
Follow.member_id == followed.id).filter(
Follow.follower_id == follower.id).one()
if not follow:
raise action_error(_('member is not a follower'), code=404)
if follow.type == 'trusted':
follow.type = 'normal'
elif follow.type == 'trusted_invite':
raise action_error(_('follower still has pending invite'), code=400)
elif follow.type == 'normal':
raise action_error(_('follower was not trusted'), code=400)
if not delay_commit:
Session.commit()
# invalidate_member(follower) # GregM: Needed?
# invalidate_member(followed) # GregM: Needed?
follower.send_notification(
messages.follower_distrusted(member=followed, you=follower))
return True
def follower_invite_trusted(followed, follower, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
if follower == followed:
raise action_error(_('may not follow yourself'), code=400)
#if followed in follower.following:
if follower.is_following(followed):
raise action_error(_('already following'), code=400)
if follower.is_follow_trusted_inviter(followed):
raise action_error(_('already invited to follow as trusted'))
follow = Follow()
follow.member = followed
follow.follower = follower
follow.type = 'trusted_invite'
Session.add(follow)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
follower.send_notification(
messages.follow_invite_trusted(member=followed, you=follower))
return True
def unfollow(follower, followed, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
#if followed not in follower.following:
# GregM: can unfollow to remove trusted invite
if not follower.is_following(
followed) and not follower.is_follow_trusted_inviter(followed):
raise action_error(_('not currently following'), code=400)
#follower.following.remove(followed)
follow = Session.query(Follow).filter(
Follow.member_id == followed.id).filter(
Follow.follower_id == follower.id).one()
Session.delete(follow)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
followed.send_notification(
messages.follow_stop(member=follower, you=followed))
return True
def set_account_type(self, id, account_type='plus', do_not_bill=True):
"""
this is tempory measure for upgrading accounts
It is used by the automated tests and should never be triggered by an actual user
TODO needs to be upgraded to take param of account it is going too
"""
if get_member(id).set_payment_account(account_type):
# If account_type is free then no payment account is set on the member
if account_type != 'free':
Session.commit()
get_member(id).payment_account.do_not_bill = do_not_bill
Session.commit()
return 'ok'
def withdraw_assignemnt(assignment, member, delay_commit=False):
member = get_member(member)
assignment = get_content(assignment)
if not member:
raise action_error(_("cant find user"), code=404)
if not assignment:
raise action_error(_("cant find assignment"), code=404)
try:
assignment_accepted = Session.query(MemberAssignment).filter_by(
member_id=member.id, content_id=assignment.id,
status="accepted").one()
assignment_accepted.status = "withdrawn"
#Session.update(assignment_accepted)
Session.commit()
#invalidate_accepted_assignment(member)
assignment.creator.send_notification(
messages.assignment_interest_withdrawn(member=member,
assignment=assignment,
you=assignment.creator))
return True
except:
pass
return False
def respond_assignment(parent_content, member, delay_commit=False):
"""
When creating a response, the accepted record should be flagged as responded
"""
member = get_member(member)
parent_content = get_content(parent_content)
if not member:
raise action_error(_("cant find user"), code=404)
if not parent_content:
raise action_error(_("cant find parent content"), code=404)
if parent_content.__type__ != 'assignment':
return # Nothing to do if parent is not assignment
try:
# upgrade an 'accepted' record to 'responded'
member_assignment = Session.query(MemberAssignment).filter_by(
member_id=member.id, content_id=parent_content.id).one()
member_assignment.status = "responded"
except:
# otherwise create 'responded' record
member_assignment = MemberAssignment()
member_assignment.content = parent_content
member_assignment.member = member
#assignment_accepted.member_id = member.id
member_assignment.status = "responded"
Session.add(member_assignment)
if not delay_commit:
Session.commit()
#invalidate_accepted_assignment(member)
return True
def rate_content(content, member, rating):
content = get_content(content)
member = get_member(member)
rating_value = int(rating)
if not content:
raise action_error(_('unable to find content'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if rating and rating_value < 0 or rating_value > 5:
raise action_error(_("Ratings can only be in the range 0 to 5"),
code=400)
# remove any existing ratings
# we need to commit after removal, otherwise SQLAlchemy
# will optimise remove->add as modify-existing, and the
# SQL trigger will break
try:
existing = Session.query(Rating).filter(
Rating.content == content).filter(Rating.member == member).one()
Session.delete(existing)
Session.commit()
except NoResultFound:
pass
# rating = 0 = remove vote
# add a new one
if rating_value > 0:
r = Rating()
r.content = content
r.member = member
r.rating = rating_value
Session.add(r)
Session.commit()
def payment_member_remove(payment_account, member):
member = get_member(member)
if not member.payment_account == payment_account:
return False
member.payment_account = None
Session.commit()
return True
def payment_member_add(payment_account, member):
member = get_member(member)
if member.payment_account:
return False
member.payment_account = payment_account
Session.commit()
return True
def create(self):
"""
POST /media: Create a new item
With javascript/flash additional media can be uploaded individually
"""
#user_log.debug("User is attempting to upload media:" + pprint.pformat(request.POST))
form = request.POST
if 'file_data' in form and 'content_id' in form and 'member_id' in form and 'key' in form:
form_file = form["file_data"]
content = get_content(int(form['content_id']))
member = get_member(form['member_id'])
if not member.check_action_key("attach to %d" % content.id,
form['key']):
return "invalid action key"
if not content.editable_by(member):
return "can't edit this article"
media = Media()
media.load_from_file(tmp_file=form_file,
original_name=form_file.filename)
content.attachments.append(media)
Session.commit()
user_log.info(
"Media #%d appended to Content #%d using a key from Member %s"
% (media.id, content.id, member.id))
return "ok"
else:
return "missing file_data or content_id"
def is_follow_trusted_invitee(a, b): # Was is_follower_invited_trust
"""
True if 'b' has been invited to follow 'a' as a trusted follower
True if 'b' is the invitee to follow 'a' as a trusted follower
"""
a = get_member(a)
b = get_member(b)
if not a or not b:
return False
try:
if Session.query(Follow).filter(Follow.member_id == a.id).filter(
Follow.follower_id == b.id).filter(
Follow.type == 'trusted_invite').one():
return True
except:
pass
return False
def is_follower_trusted(a, b):
"""
True if 'b' is following 'a' and is trusted by 'a'
True if 'b' is a trusted follower of 'a'
"""
a = get_member(a)
b = get_member(b)
if not a or not b:
return False
try:
if Session.query(Follow).filter(Follow.member_id == a.id).filter(
Follow.follower_id == b.id).filter(
Follow.type == 'trusted').one():
return True
except:
pass
return False
def part_check_member_status(self, username, status):
"""
Check member status against status parameter
"""
member = get_member(username)
self.assertEqual(member.payment_account.billing_status, status)
pac_type = 'free' if status == 'failed' else member.payment_account.type
self.assertEqual(member.account_type, pac_type)
def _to_python(self, value, state):
from civicboom.lib.database.get_cached import get_member
member = get_member(value)
if not member:
raise formencode.Invalid(self.message("not_member", state), value,
state)
if self.return_object:
return member
return member.id
def delete_member(self, username=None):
"""
Not an API call .. this remove the user from the database! - used to stop there being 100's of test users after the tests have run
"""
if not username:
username = self.logged_in_as
self.log_out()
from civicboom.lib.database.get_cached import get_member
member = get_member(username)
member.delete()
def has_account_without_password(user):
user = get_member(user) or get_member_email(user)
password_login = None
if user:
try:
password_login = Session.query(UserLogin).filter(UserLogin.user==user).filter(UserLogin.type == 'password').one()
except Exception:
pass
if not password_login:
return True
return False
def verify_email_hash(user, hash, commit=False):
user = get_member(user)
if user and user.hash() == hash:
if not config['demo_mode']: # AllanC - Demo mode is ALWAYS offline, there is no way we can validate members emails address's. But the hash is correct so return True
if user.email_unverified:
user.email = user.email_unverified
user.email_unverified = None
if commit:
Session.commit()
return True
return False
def has_boomed(content, member):
"""
Return boom_object or None for - has this member boomed this content
"""
content = get_content(content)
member = get_member(member)
try:
return Session.query(Boom).filter(Boom.member_id == member.id).filter(
Boom.content_id == content.id).one()
except:
return None
def follow(follower, followed, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
if follower == followed:
raise action_error(_('may not follow yourself'), code=400)
#if followed in follower.following:
if follower.is_following(followed):
raise action_error(_('already following'), code=400)
# AllanC - I wanted to use is_following and remove the following reference - but as this code is run by base test populator before the site is running it cant be
# GregM: Change invite to follow if is invited, otherwise follow:
if follower.is_follow_trusted_inviter(followed):
follow = Session.query(Follow).filter(
Follow.member_id == followed.id).filter(
Follow.follower_id == follower.id).filter(
Follow.type == 'trusted_invite').one()
follow.type = 'trusted'
else:
#follower.following.append(followed)
follow = Follow()
follow.member = followed
follow.follower = follower
Session.add(follow)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
followed.send_notification(
messages.followed_by(member=follower, you=followed))
return True
def is_follower(a, b):
"""
True if 'b' is following 'a'
True if 'b' is a follower of 'a'
"""
a = get_member(a)
b = get_member(b)
#if not a:
# raise action_error(_('unable to find followed'), code=404)
#if not b:
# raise action_error(_('unable to find follower'), code=404)
if not a or not b:
return False
try:
if Session.query(Follow).filter(Follow.member_id == a.id).filter(
Follow.follower_id == b.id).filter(
Follow.type != 'trusted_invite').one():
return True
except:
pass
return False
def test_upgrade(self):
"""
Create new user
Upgrade user to group
Login as converted new user
check group membership
"""
# Create new user_to_group user
self.sign_up_as('user_to_group')
self.log_out()
# Call admin upgrade call
response = self.app.post(
url(controller='test', action='upgrade_user_to_group'),
params={
'member_to_upgrade_to_group': u'user_to_group',
'new_admins_username': u'user_of_group',
},
)
# Check login record transfered
self.log_in_as('user_of_group')
# Check member is admin of group
response = self.app.get(url(controller='profile',
action='index',
format='json'),
status=200)
response_json = json.loads(response.body)
self.assertEquals(response_json['data']['groups']['count'], 1)
self.assertEquals(
response_json['data']['groups']['items'][0]['username'],
'user_to_group')
self.assertEquals(response_json['data']['groups']['items'][0]['role'],
'admin')
self.set_persona('user_to_group')
# Delete and cleanup group and member
response = self.app.post(url('group',
id='user_to_group',
format='json'),
params={
'_method': 'delete',
'_authentication_token': self.auth_token
},
status=200)
member = get_member('user_of_group')
member.delete()
def accept_assignment(assignment,
member,
status="accepted",
delay_commit=False):
member = get_member(member)
assignment = get_content(assignment)
if not member:
raise action_error(_("cant find user"), code=404)
if not assignment:
raise action_error(_("cant find assignment"), code=404)
if not issubclass(assignment.__class__, AssignmentContent):
raise action_error(_("only _assignments can be accepted"), code=400)
# all permissins hendled by controler action - so this is unneeded here
#if not assignment.viewable_by(c.logged_in_persona):
# raise action_error(_('_assignment is not visible to your user and therefor cannot be accepted'), code=403)
if assignment_previously_accepted_by(assignment, member):
raise action_error(_(
'_assignment has been previously accepted and cannot be accepted again'
),
code=400)
#if assignment.creator == member:
# raise action_error(_("cannot accept your own _assignment"), code=400)
assignment_accepted = MemberAssignment()
assignment.assigned_to.append(assignment_accepted)
assignment_accepted.member = member
assignment_accepted.status = status
Session.add(assignment_accepted)
if not delay_commit:
Session.commit()
#invalidate_accepted_assignment(member)
if status == "accepted":
assignment.creator.send_notification(
messages.assignment_accepted(member=member,
assignment=assignment,
you=assignment.creator))
if status == "pending":
member.send_notification(
messages.assignment_invite(member=assignment.creator,
assignment=assignment,
you=member))
return True
def set_role(group, member, role, delay_commit=False):
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
role = role or membership.role or group.default_role
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if not membership:
raise action_error(_('not a member of group'), code=400)
if role not in group_member_roles.enums:
raise action_error('not a valid role', code=400)
# AllanC - permisions moved to controller
#if not group.is_admin(c.logged_in_persona):
# raise action_error(_('no permissions for this group'), 403)
# AllanC - integrtiy moved to model
#if membership.role=="admin" and num_admins<=1:
# raise action_error('cannot remove last admin', 400)
from pylons import tmpl_context as c
membership.role = role
if membership.status == "request":
membership.status = "active"
member.send_notification(
messages.group_request_accepted(admin=c.logged_in_user,
group=group,
you=member))
group.send_notification(
messages.group_new_member(member=member, group=group))
else:
group.send_notification(
messages.group_role_changed(admin=c.logged_in_user,
member=member,
group=group,
role=role))
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return True
def remove_member(group, member, delay_commit=False):
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if not membership:
raise action_error(_('not a member of group'), code=400)
# AllanC - permissions moved to controller
#if member!=c.logged_in_persona and not group.is_admin(c.logged_in_persona):
# raise action_error('current user has no permissions for this group', 403)
#AllanC - integrety moved to model
#if membership.role=="admin" and num_admins<=1:
# raise action_error('cannot remove last admin', 400)
# Notifications
if membership.status == "active": # member removed
from pylons import tmpl_context as c
if member != c.logged_in_user:
membership.member.send_notification(
messages.group_remove_member_to_member(admin=c.logged_in_user,
group=group))
group.send_notification(
messages.group_remove_member_to_group(admin=c.logged_in_user,
group=group,
member=member))
elif membership.status == "invite": # invitation declined
group.send_notification(
messages.group_invitation_declined(member=member, group=group))
elif membership.status == "request": # request declined
membership.member.send_notification(
messages.group_request_declined(group=group))
Session.delete(membership)
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return True
def set_payment_account(member, value, delay_commit=False):
member = get_member(member)
#account = None
if isinstance(value, PaymentAccount):
member.payment_account = value
elif value in account_types.enums:
if value == 'free':
account = None
else:
account = PaymentAccount()
account.type = value
Session.add(account)
member.payment_account = account
else:
raise action_error('unknown account type: %s' % value)
if not delay_commit:
Session.commit()
return True
def set_persona(persona):
assert c.logged_in_user
persona = get_member(persona)
if persona == c.logged_in_persona:
return True
elif persona == c.logged_in_user:
# If trying to fall back to self login then remove persona selection
session_remove('logged_in_persona')
session_remove('logged_in_persona_role')
session_remove('logged_in_persona_path')
c.logged_in_persona = c.logged_in_user
c.logged_in_persona_role = 'admin'
return True
else:
membership = get_membership(persona, c.logged_in_persona)
if not membership:
raise action_error(_('not a member of this group'), code=403)
if membership.status != "active":
raise action_error(_('not an active member of this group'),
code=403)
role = lowest_role(membership.role, c.logged_in_persona_role)
session_set('logged_in_persona', persona.username)
session_set('logged_in_persona_role', role)
persona_path = session_get('logged_in_persona_path') or str(
c.logged_in_user.id)
persona_path = persona_path.split(
',') #if isinstance(persona_path, basestring) else []
if str(persona.id) in persona_path:
persona_path = persona_path[0:persona_path.index(
str(persona.id
))] #Truncate the list at the occourance of this usename
persona_path.append(persona.id)
session_set('logged_in_persona_path',
','.join([str(i) for i in persona_path]))
# From this point this user is logged in as this persona
c.logged_in_persona = persona
c.logged_in_persona_role = role
return True
return False
def add_to_interests(member, content, delay_commit=False):
content = get_content(content)
member = get_member(member)
if not content:
raise action_error(_('unable to find content'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
#AllanC - TODO: humm ... if we have a duplicate entry being added it will error ... we want to suppress that error
member.interest.append(content)
# Could update "recomended" feed with new criteria?
if not delay_commit:
Session.commit()
return True
def join_group(group, member, delay_commit=False):
return_value = True
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member to add'), code=404)
# AllanC - join permissions moved to controller
if membership and membership.status == "invite":
membership.status = "active"
else:
membership = GroupMembership()
membership.group = group
membership.member = member
membership.role = group.default_role
group.members_roles.append(membership)
# If a join request
if group.join_mode == "invite_and_request":
membership.status = "request"
return_value = "request"
group.send_notification(
messages.group_join_request(member=member, group=group))
# If user has actually become a member (open or reply to invite) then notify group
if return_value == True:
group.send_notification(
messages.group_new_member(member=member, group=group))
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return return_value
def part_regrade(self, username, type="free"):
"""
Regrade account to type (default free)
"""
response = self.app.post(url(controller='payment_actions',
action='regrade',
id=self.payment_account_ids[username],
format="json"),
params=dict(
_authentication_token=self.auth_token,
new_type=type),
status=200)
response = self.app.post(url(controller='payment_actions',
action='regrade',
id=self.payment_account_ids[username],
format="json"),
params=dict(
_authentication_token=self.auth_token,
new_type=type),
status=400)
assert get_member(username).payment_account.type == type
def invite(group, member, role, delay_commit=False):
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
role = role or group.default_role
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if membership:
raise action_error(_('already a member of group'), code=400)
if role not in group_member_roles.enums:
raise action_error('not a valid role', code=400)
# AllanC - permissions moved to controller
#if not group.is_admin(c.logged_in_persona):
# raise action_error(_('no permissions for this group'), 403)
membership = GroupMembership()
membership.group = group
membership.member = member
membership.role = role
membership.status = "invite"
group.members_roles.append(membership)
# Notification of invitation
from pylons import tmpl_context as c
member.send_notification(
messages.group_invite(admin=c.logged_in_user,
group=group,
role=membership.role,
you=member))
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return True
