def suspend(request, id): user = get_object_or_404(User, id=id) if not request.user.is_superuser: raise decorators.CommandException(_("Only superusers can suspend other users")) if not request.POST.get('bantype', None): if user.is_suspended(): suspension = user.suspension suspension.cancel(user=request.user, ip=request.META['REMOTE_ADDR']) return decorators.RefreshPageCommand() else: return render_response('users/suspend_user.html', {}, request) data = { 'bantype': request.POST.get('bantype', 'Indefinitely').strip(), 'publicmsg': request.POST.get('publicmsg', _('Bad behaviour')), 'privatemsg': request.POST.get('privatemsg', None) or request.POST.get('publicmsg', ''), 'suspended': user } if data['bantype'] == 'forxdays': try: data['forxdays'] = int(request.POST['forxdays']) except: raise decorators.CommandException(_('Invalid numeric argument for the number of days.')) SuspendAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=data) return decorators.RefreshPageCommand()
def revisions(request, id): post = get_object_or_404(Node, id=id).leaf revisions = list(post.revisions.order_by('revised_at')) rev_ctx = [] for i, revision in enumerate(revisions): rev_ctx.append(dict(inst=revision, html=template.loader.get_template('node/revision.html').render(template.Context({ 'title': revision.title, 'html': revision.html, 'tags': revision.tagname_list(), })))) if i > 0: rev_ctx[i]['diff'] = mark_safe(htmldiff(rev_ctx[i-1]['html'], rev_ctx[i]['html'])) else: rev_ctx[i]['diff'] = mark_safe(rev_ctx[i]['html']) if not (revision.summary): rev_ctx[i]['summary'] = _('Revision n. %(rev_number)d') % {'rev_number': revision.revision} else: rev_ctx[i]['summary'] = revision.summary rev_ctx.reverse() return render_response('revisions.html', { 'post': post, 'revisions': rev_ctx, }, request)
def request_temp_login(request): if request.method == "POST": form = TemporaryLoginRequestForm(request.POST) if form.is_valid(): users = form.user_cache for u in users: if u.is_suspended(): return forward_suspended_user(request, u, False) for u in users: try: hash = get_object_or_404(ValidationHash, user=u, type="templogin") if hash.expiration < datetime.datetime.now(): hash.delete() return request_temp_login(request) except: hash = ValidationHash.objects.create_new(u, "templogin", [u.id]) send_template_email([u], "auth/temp_login_email.html", {"temp_login_code": hash}) request.user.message_set.create(message=_("An email has been sent with your temporary login key")) return HttpResponseRedirect(reverse("index")) else: form = TemporaryLoginRequestForm() return render_response("auth/temp_login_request.html", {"form": form}, request)
def register(request): if request.method == 'POST': form = ClassicRegisterForm(request.POST) if form.is_valid(): username = form.cleaned_data['username'] password = form.cleaned_data['password1'] email = form.cleaned_data['email'] user_ = User(username=username, email=email) user_.set_password(password) if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() return login_and_forward(request, user_, None, _("A welcome email has been sent to your email address. ")) else: form = ClassicRegisterForm(initial={'next':'/'}) return render_response('auth/complete.html', { 'form1': form }, request)
def online_users(request): suser = request.REQUEST.get('q', "") sort = "" if request.GET.get("sort", None): try: sort = int(request.GET["sort"]) except ValueError: logging.error('Found invalid sort "%s", loading %s, refered by %s' % ( request.GET.get("sort", ''), request.path, request.META.get('HTTP_REFERER', 'UNKNOWN') )) raise Http404() page = 0 if request.GET.get("page", None): try: page = int(request.GET["page"]) except ValueError: logging.error('Found invalid page "%s", loading %s, refered by %s' % ( request.GET.get("page", ''), request.path, request.META.get('HTTP_REFERER', 'UNKNOWN') )) raise Http404() pagesize = 10 if request.GET.get("pagesize", None): try: pagesize = int(request.GET["pagesize"]) except ValueError: logging.error('Found invalid pagesize "%s", loading %s, refered by %s' % ( request.GET.get("pagesize", ''), request.path, request.META.get('HTTP_REFERER', 'UNKNOWN') )) raise Http404() users = None if sort == "reputation": users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.reputation) elif sort == "newest" : users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.newest) elif sort == "last": users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.last) elif sort == "name": users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.name) elif sort == "oldest": users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.oldest) elif sort == "newest": users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.newest) elif sort == "votes": users = sorted(ONLINE_USERS.sets.keys(), key=lambda user: user.votes) else: users = sorted(ONLINE_USERS.iteritems(), key=lambda x: x[1]) return render_response('users/online_users.html', { "users" : users, "suser" : suser, "sort" : sort, "page" : page, "pageSize" : pagesize, }, request)
def auth_settings(request, id): user_ = get_object_or_404(User, id=id) if not (request.user.is_superuser or request.user == user_): return HttpResponseUnauthorized(request) if not settings.USERS_CAN_CHANGE_AUTH_SETTINGS: return HttpResponseUnauthorized(request) auth_keys = user_.auth_keys.all() if request.user.is_superuser or (not user_.has_usable_password()): FormClass = SetPasswordForm else: FormClass = ChangePasswordForm if request.POST: form = FormClass(request.POST, user=user_) if form.is_valid(): is_new_pass = not user_.has_usable_password() user_.set_password(form.cleaned_data["password1"]) user_.save() if is_new_pass: request.user.message_set.create(message=_("New password set")) if not request.user.is_superuser: form = ChangePasswordForm(user=user_) else: request.user.message_set.create(message=_("Your password was changed")) return HttpResponseRedirect(reverse("user_authsettings", kwargs={"id": user_.id})) else: form = FormClass(user=user_) auth_keys_list = [] for k in auth_keys: provider = AUTH_PROVIDERS.get(k.provider, None) if provider is not None: name = "%s: %s" % (provider.context.human_name, provider.context.readable_key(k)) else: from forum.authentication.base import ConsumerTemplateContext "unknown: %s" % ConsumerTemplateContext.readable_key(k) auth_keys_list.append({"name": name, "id": k.id}) return render_response( "auth/auth_settings.html", { "view_user": user_, "can_view_private": (user_ == request.user) or request.user.is_superuser, "form": form, "has_password": user_.has_usable_password(), "auth_keys": auth_keys_list, "allow_local_auth": AUTH_PROVIDERS.get("local", None), }, request, )
def validate_email(request, user, code): user = get_object_or_404(User, id=user) if ValidationHash.objects.validate(code, user, "email", [user.email]): EmailValidationAction(user=user, ip=request.META["REMOTE_ADDR"]).save() return login_and_forward(request, user, reverse("index"), _("Thank you, your email is now validated.")) else: return render_response("auth/mail_already_validated.html", {"user": user}, request)
def test_email_settings(request): user = request.user send_template_email([user,], 'osqaadmin/mail_test.html', { 'user' : user }) return render_response( 'osqaadmin/test_email_settings.html', { 'user': user, }, request, parent_template="base.html")
def badge(request, id, slug): badge = Badge.objects.get(id=id) awards = list(Award.objects.filter(badge=badge).order_by('user', 'awarded_at')) award_count = len(awards) awards = sorted([dict(count=len(list(g)), user=k) for k, g in groupby(awards, lambda a: a.user)], lambda c1, c2: c2['count'] - c1['count']) return render_response('badge.html', { 'award_count': award_count, 'awards' : awards, 'badge' : badge, }, request)
def decorated(context, request, *args, **kwargs): if request.user.is_authenticated(): ONLINE_USERS[request.user] = datetime.now() if isinstance(context, HttpResponse): return context if tab is not None: context["tab"] = tab return render_response( context.pop("template", template), context, request, parent_template, pjax_parent, page_template )
def search(request): if request.method == "GET" and "q" in request.GET: keywords = request.GET.get("q") search_type = request.GET.get("t") if not keywords: return HttpResponseRedirect(reverse(index)) if search_type == 'tag': return HttpResponseRedirect(reverse('tags') + '?q=%s' % urlquote(keywords.strip())) elif search_type == "user": return HttpResponseRedirect(reverse('users') + '?q=%s' % urlquote(keywords.strip())) else: return question_search(request, keywords) else: return render_response("search.html", {}, request)
def _retag_question(request, question): if request.method == 'POST': form = RetagQuestionForm(question, request.POST) if form.is_valid(): if form.has_changed(): RetagAction(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=dict(tagnames=form.cleaned_data['tags'])) return HttpResponseRedirect(question.get_absolute_url()) else: form = RetagQuestionForm(question) return render_response('question_retag.html', { 'question': question, 'form' : form, #'tags' : _get_tags_cache_json(), }, request, parent_template="base.html")
def signin_page(request): referer = request.META.get("HTTP_REFERER", "/") # If the referer is equal to the sign up page, e. g. if the previous login attempt was not successful we do not # change the sign in URL. The user should go to the same page. if not referer.replace(settings.APP_URL, "") == reverse("auth_signin"): request.session[ON_SIGNIN_SESSION_ATTR] = referer all_providers = [provider.context for provider in AUTH_PROVIDERS.values() if provider.context] sort = lambda c1, c2: c1.weight - c2.weight can_show = lambda c: not request.user.is_authenticated() or c.show_to_logged_in_user bigicon_providers = sorted( [context for context in all_providers if context.mode == "BIGICON" and can_show(context)], sort ) smallicon_providers = sorted( [context for context in all_providers if context.mode == "SMALLICON" and can_show(context)], sort ) top_stackitem_providers = sorted( [context for context in all_providers if context.mode == "TOP_STACK_ITEM" and can_show(context)], sort ) stackitem_providers = sorted( [context for context in all_providers if context.mode == "STACK_ITEM" and can_show(context)], sort ) try: msg = request.session["auth_error"] del request.session["auth_error"] except: msg = None return render_response( "auth/signin.html", { "msg": msg, "all_providers": all_providers, "bigicon_providers": bigicon_providers, "top_stackitem_providers": top_stackitem_providers, "stackitem_providers": stackitem_providers, "smallicon_providers": smallicon_providers, }, request, )
def page(request): path = request.path[1:] if path in settings.STATIC_PAGE_REGISTRY: try: page = Page.objects.get(id=settings.STATIC_PAGE_REGISTRY[path]) if (not page.published) and (not request.user.is_superuser): return HttpResponseNotFound(request) except: return HttpResponseNotFound(request) else: return HttpResponseNotFound(request) template = page.extra.get('template', 'default') sidebar = page.extra.get('sidebar', '') if template == 'default': base = 'base_content.html' elif template == 'sidebar': base = 'base.html' sidebar_render = page.extra.get('render', 'markdown') if sidebar_render == 'markdown': sidebar = page._as_markdown(sidebar) elif sidebar_render == 'html': sidebar = mark_safe(sidebar) else: return HttpResponse(page.body, mimetype=page.extra.get('mimetype', 'text/html')) render = page.extra.get('render', 'markdown') if render == 'markdown': body = page.as_markdown() elif render == 'html': body = mark_safe(page.body) else: body = page.body return render_response('page.html', { 'page' : page, 'body' : body, 'sidebar': sidebar, 'base': base, }, request)
def ask(request): form = None if request.POST: if request.session.pop('reviewing_pending_data', False): form = AskForm(initial=request.POST, user=request.user) elif "text" in request.POST: form = AskForm(request.POST, user=request.user) if form.is_valid(): if request.user.is_authenticated() and request.user.email_valid_and_can_ask(): ask_action = AskAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data) question = ask_action.node if settings.WIKI_ON and request.POST.get('wiki', False): question.nstate.wiki = ask_action return HttpResponseRedirect(question.get_absolute_url()) else: request.session[PENDING_SUBMISSION_SESSION_ATTR] = { 'POST': request.POST, 'data_name': _("question"), 'type': 'ask', 'submission_url': reverse('ask'), 'time': datetime.datetime.now() } if request.user.is_authenticated(): request.user.message_set.create(message=_("Your question is pending until you %s.") % html.hyperlink( django_settings.APP_URL + reverse('send_validation_email', prefix='/'), _("validate your email") )) return HttpResponseRedirect(reverse('index')) else: return HttpResponseRedirect(reverse('auth_signin')) elif "go" in request.POST: form = AskForm({'title': request.POST['q']}, user=request.user) default_tag = '' if settings.AUTO_SET_TAG_ON_QUESTION and 'tag' in request.GET: default_tag = request.GET['tag'] if not form: form = AskForm(user=request.user, default_tag=default_tag) return render_response('ask.html', { 'form' : form, 'tab' : 'ask' }, request, parent_template="base.html")
def edit_user(request, id, slug): user = get_object_or_404(User, id=id) if not (request.user.is_superuser or request.user == user): return HttpResponseUnauthorized(request) if request.method == "POST": form = EditUserForm(user, request.POST) if form.is_valid(): new_email = sanitize_html(form.cleaned_data['email']) if new_email != user.email: user.email = new_email user.email_isvalid = False try: hash = ValidationHash.objects.get(user=request.user, type='email') hash.delete() except: pass if settings.EDITABLE_SCREEN_NAME: user.username = sanitize_html(form.cleaned_data['username']) user.real_name = sanitize_html(form.cleaned_data['realname']) user.website = sanitize_html(form.cleaned_data['website']) user.location = sanitize_html(form.cleaned_data['city']) user.date_of_birth = form.cleaned_data['birthday'] if user.date_of_birth == "None": user.date_of_birth = datetime(1900, 1, 1, 0, 0) user.about = sanitize_html(form.cleaned_data['about']) user.save() EditProfileAction(user=user, ip=request.META['REMOTE_ADDR']).save() request.user.message_set.create(message=_("Profile updated.")) return HttpResponseRedirect(user.get_profile_url()) else: form = EditUserForm(user) return render_response('users/edit.html', { 'user': user, 'form' : form, 'gravatar_faq_url' : reverse('faq') + '#gravatar', }, request)
def award_points(request, id): if not request.POST: return render_response('users/karma_bonus.html', {}, request) if not request.user.is_superuser: raise decorators.CommandException(_("Only superusers are allowed to award reputation points")) try: points = int(request.POST['points']) except: raise decorators.CommandException(_("Invalid number of points to award.")) user = get_object_or_404(User, id=id) extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points) BonusRepAction(user=request.user, extra=extra).save(data=dict(value=points, affected=user)) return {'commands': { 'update_profile_karma': [user.reputation] }}
def result(context_or_response, request, user, **kwargs): rev_page_title = smart_unicode(user.username) + " - " + tab_description # Check whether the return type of the decorated function is a context or Http Response if isinstance(context_or_response, HttpResponse): response = context_or_response # If it is a response -- show it return response else: # ...if it is a context move forward, update it and render it to response context = context_or_response context.update({ "tab": "users", "active_tab" : tab_name, "tab_description" : tab_description, "page_title" : rev_page_title, "can_view_private": (user == request.user) or request.user.is_superuser }) return render_response(template, context, request)
def edit_answer(request, id): answer = get_object_or_404(Answer, id=id) if answer.deleted and not request.user.can_view_deleted_post(answer): raise Http404 elif not request.user.can_edit_post(answer): raise Http404 if request.method == "POST": revision_form = RevisionForm(answer, data=request.POST) revision_form.is_valid() revision = answer.revisions.get(revision=revision_form.cleaned_data['revision']) if 'select_revision' in request.POST: form = EditAnswerForm(answer, request.user, revision) else: form = EditAnswerForm(answer, request.user, revision, data=request.POST) if not 'select_revision' in request.POST and form.is_valid(): if form.has_changed(): action = ReviseAction(user=request.user, node=answer, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data) if settings.WIKI_ON: if request.POST.get('wiki', False) and not answer.nis.wiki: answer.nstate.wiki = action elif answer.nis.wiki and (not request.POST.get('wiki', False)) and request.user.can_cancel_wiki(answer): answer.nstate.wiki = None else: if not revision == answer.active_revision: RollbackAction(user=request.user, node=answer, ip=request.META['REMOTE_ADDR']).save(data=dict(activate=revision)) return HttpResponseRedirect(answer.get_absolute_url()) else: revision_form = RevisionForm(answer) form = EditAnswerForm(answer, request.user) return render_response('answer_edit.html', { 'answer': answer, 'revision_form': revision_form, 'form': form, }, request)
def feedback(request): if request.method == "POST": form = FeedbackForm(request.user, data=request.POST) if form.is_valid(): context = { 'user': request.user, 'email': request.user.is_authenticated() and request.user.email or form.cleaned_data.get('email', None), 'message': form.cleaned_data['message'], 'name': request.user.is_authenticated() and request.user.username or form.cleaned_data.get('name', None), 'ip': request.META['REMOTE_ADDR'], } recipients = User.objects.filter(is_superuser=True) send_template_email(recipients, "notifications/feedback.html", context) msg = _('Thanks for the feedback!') request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: form = FeedbackForm(request.user, initial={'next':get_next_url(request)}) return render_response('feedback.html', {'form': form}, request)
def _edit_question(request, question, template='question_edit.html', summary='', action_class=ReviseAction, allow_rollback=True, url_getter=lambda q: q.get_absolute_url()): if request.method == 'POST': revision_form = RevisionForm(question, data=request.POST) revision_form.is_valid() revision = question.revisions.get(revision=revision_form.cleaned_data['revision']) if 'select_revision' in request.POST: form = EditQuestionForm(question, request.user, revision) else: form = EditQuestionForm(question, request.user, revision, data=request.POST) if not 'select_revision' in request.POST and form.is_valid(): if form.has_changed(): action = action_class(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data) if settings.WIKI_ON: if request.POST.get('wiki', False) and not question.nis.wiki: question.nstate.wiki = action elif question.nis.wiki and (not request.POST.get('wiki', False)) and request.user.can_cancel_wiki(question): question.nstate.wiki = None else: if not revision == question.active_revision: if allow_rollback: RollbackAction(user=request.user, node=question).save(data=dict(activate=revision)) else: pass return HttpResponseRedirect(url_getter(question)) else: revision_form = RevisionForm(question) form = EditQuestionForm(question, request.user, initial={'summary': summary}) return render_response(template, { 'question': question, 'revision_form': revision_form, 'form' : form, }, request, parent_template="base.html")
def admin_page_wrapper(fn, request, *args, **kwargs): res = fn(request, *args, **kwargs) if isinstance(res, HttpResponse): return res template, context = res context['basetemplate'] = settings.DJSTYLE_ADMIN_INTERFACE and "osqaadmin/djstyle_base.html" or "osqaadmin/base.html" context['allsets'] = Setting.sets context['othersets'] = sorted( [s for s in Setting.sets.values() if not s.name in ('basic', 'users', 'email', 'paths', 'extkeys', 'web', 'repgain', 'minrep', 'voting', 'accept', 'badges', 'about', 'faq', 'sidebar', 'form', 'moderation', 'css', 'headandfoot', 'head', 'view', 'urls')] , lambda s1, s2: s1.weight - s2.weight) context['tools'] = [(name, fn.label) for name, fn in TOOLS.items()] # Show the navigation only to moderators and super users if not context.has_key("hide_navigation"): context['hide_navigation'] = not request.user.is_superuser unsaved = request.session.get('previewing_settings', {}) context['unsaved'] = set([getattr(settings, s).set.name for s in unsaved.keys() if hasattr(settings, s)]) return render_response(template, context, request, parent_template="base.html")
def static(request, title, content): return render_response('static.html', {'content' : content, 'title': title}, request)
def markdown_help(request): return render_response('markdown_help.html', {}, request)
def opensearch(request): return render_response('opensearch.html', {'settings' : settings}, request)
def logout(request): return render_response('logout.html', { 'next' : get_next_url(request), }, request)
def privacy(request): return render_response('privacy.html', {}, request)
def external_register(request): if request.method == "POST" and "bnewaccount" in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): user_ = User( username=form1.cleaned_data["username"], email=form1.cleaned_data["email"], real_name=form1.cleaned_data["real_name"], ) user_.email_isvalid = request.session.get("auth_validated_email", "") == form1.cleaned_data["email"] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() UserJoinsAction(user=user_, ip=request.META["REMOTE_ADDR"]).save() try: assoc_key = request.session["assoc_key"] auth_provider = request.session["auth_provider"] except: request.session["auth_error"] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.error( "Missing session data when trying to complete user registration: %s" % ", ".join(["%s: %s" % (k, v) for k, v in request.META.items()]) ) return HttpResponseRedirect(reverse("auth_signin")) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() del request.session["assoc_key"] del request.session["auth_provider"] return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: auth_provider = request.session.get("auth_provider", None) if not auth_provider: request.session["auth_error"] = _( "Oops, something went wrong in the middle of this process. Please try again." ) logging.error( "Missing session data when trying to complete user registration: %s" % ", ".join(["%s: %s" % (k, v) for k, v in request.META.items()]) ) return HttpResponseRedirect(reverse("auth_signin")) provider_class = AUTH_PROVIDERS[auth_provider].consumer if provider_class.__class__.__name__ == "FacebookAuthConsumer": user_data = provider_class.get_user_data(request.session["access_token"]) else: user_data = provider_class.get_user_data(request.session["assoc_key"]) if not user_data: user_data = request.session.get("auth_consumer_data", {}) username = user_data.get("username", "") email = user_data.get("email", "") real_name = user_data.get("real_name", "") if email: request.session["auth_validated_email"] = email form1 = SimpleRegistrationForm( initial={"next": "/", "username": username, "email": email, "real_name": real_name} ) provider_context = AUTH_PROVIDERS[request.session["auth_provider"]].context return render_response( "auth/complete.html", { "form1": form1, "provider": provider_context and mark_safe(provider_context.human_name) or _("unknown"), "login_type": provider_context.id, "gravatar_faq_url": reverse("faq") + "#gravatar", }, request, )