def AssertBasePermission(self, mr):
"""Check whether the user has any permission to ban users.
Args:
mr: commonly used info parsed from the request.
"""
super(BanSpammer, self).AssertBasePermission(mr)
if not permissions.CanBan(mr, self.services):
raise permissions.PermissionException(
'User is not allowed to ban users.')
def ProcessFormData(self, mr, post_data):
"""Process the posted form."""
if not permissions.CanBan(mr, self.services):
raise permissions.PermissionException(
"You do not have permission to ban users.")
framework_helpers.UserSettings.ProcessBanForm(
mr.cnxn, self.services.user, post_data,
mr.viewed_user_auth.user_id, mr.viewed_user_auth.user_pb)
# TODO(jrobbins): Check all calls to FormatAbsoluteURL for include_project.
return framework_helpers.FormatAbsoluteURL(
mr,
mr.viewed_user_auth.user_view.profile_url,
include_project=False,
saved=1,
ts=int(time.time()))
def GatherPageData(self, mr):
"""Build up a dictionary of data values to use when rendering the page."""
viewed_user = mr.viewed_user_auth.user_pb
if self.services.usergroup.GetGroupSettings(
mr.cnxn, mr.viewed_user_auth.user_id):
url = framework_helpers.FormatAbsoluteURL(mr,
'/g/%s/' %
viewed_user.email,
include_project=False)
self.redirect(url, abort=True) # Show group page instead.
with work_env.WorkEnv(mr, self.services) as we:
project_lists = we.GetUserProjects(
mr.viewed_user_auth.effective_ids)
(visible_ownership, visible_archived, visible_membership,
visible_contrib) = project_lists
with mr.profiler.Phase('Getting user groups'):
group_settings = self.services.usergroup.GetAllGroupSettings(
mr.cnxn, mr.viewed_user_auth.effective_ids)
member_ids, owner_ids = self.services.usergroup.LookupAllMembers(
mr.cnxn, list(group_settings.keys()))
friend_project_ids = [] # TODO(issue 4202): implement this.
visible_group_ids = []
for group_id in group_settings:
if permissions.CanViewGroupMembers(mr.perms,
mr.auth.effective_ids,
group_settings[group_id],
member_ids[group_id],
owner_ids[group_id],
friend_project_ids):
visible_group_ids.append(group_id)
user_group_views = framework_views.MakeAllUserViews(
mr.cnxn, self.services.user, visible_group_ids)
user_group_views = sorted(list(user_group_views.values()),
key=lambda ugv: ugv.email)
with mr.profiler.Phase('Getting linked accounts'):
linked_parent = None
linked_children = []
linked_views = framework_views.MakeAllUserViews(
mr.cnxn, self.services.user, [viewed_user.linked_parent_id],
viewed_user.linked_child_ids)
if viewed_user.linked_parent_id:
linked_parent = linked_views[viewed_user.linked_parent_id]
if viewed_user.linked_child_ids:
linked_children = [
linked_views[child_id]
for child_id in viewed_user.linked_child_ids
]
offer_unlink = (mr.auth.user_id == viewed_user.user_id
or mr.auth.user_id in linked_views)
incoming_invite_users = []
outgoing_invite_users = []
possible_parent_accounts = []
can_edit_invites = mr.auth.user_id == mr.viewed_user_auth.user_id
display_link_invites = can_edit_invites or mr.auth.user_pb.is_site_admin
# TODO(jrobbins): allow site admin to edit invites for other users.
if display_link_invites:
with work_env.WorkEnv(mr,
self.services,
phase='Getting link invites'):
incoming_invite_ids, outgoing_invite_ids = we.GetPendingLinkedInvites(
user_id=viewed_user.user_id)
invite_views = framework_views.MakeAllUserViews(
mr.cnxn, self.services.user, incoming_invite_ids,
outgoing_invite_ids)
incoming_invite_users = [
invite_views[uid] for uid in incoming_invite_ids
]
outgoing_invite_users = [
invite_views[uid] for uid in outgoing_invite_ids
]
possible_parent_accounts = _ComputePossibleParentAccounts(
we, mr.viewed_user_auth.user_view, linked_parent,
linked_children)
viewed_user_display_name = framework_views.GetViewedUserDisplayName(mr)
with work_env.WorkEnv(mr, self.services) as we:
starred_projects = we.ListStarredProjects(
viewed_user_id=mr.viewed_user_auth.user_id)
logged_in_starred = we.ListStarredProjects()
logged_in_starred_pids = {p.project_id for p in logged_in_starred}
starred_user_ids = self.services.user_star.LookupStarredItemIDs(
mr.cnxn, mr.viewed_user_auth.user_id)
starred_user_dict = framework_views.MakeAllUserViews(
mr.cnxn, self.services.user, starred_user_ids)
starred_users = list(starred_user_dict.values())
starred_users_json = json.dumps(
[uv.display_name for uv in starred_users])
is_user_starred = self._IsUserStarred(mr.cnxn, mr.auth.user_id,
mr.viewed_user_auth.user_id)
if viewed_user.last_visit_timestamp:
last_visit_str = timestr.FormatRelativeDate(
viewed_user.last_visit_timestamp, days_only=True)
last_visit_str = last_visit_str or 'Less than 2 days ago'
else:
last_visit_str = 'Never'
if viewed_user.email_bounce_timestamp:
last_bounce_str = timestr.FormatRelativeDate(
viewed_user.email_bounce_timestamp, days_only=True)
last_bounce_str = last_bounce_str or 'Less than 2 days ago'
else:
last_bounce_str = None
can_ban = permissions.CanBan(mr, self.services)
viewed_user_is_spammer = viewed_user.banned.lower() == 'spam'
viewed_user_may_be_spammer = not viewed_user_is_spammer
all_projects = self.services.project.GetAllProjects(mr.cnxn)
for project_id in all_projects:
project = all_projects[project_id]
viewed_user_perms = permissions.GetPermissions(
viewed_user, mr.viewed_user_auth.effective_ids, project)
if (viewed_user_perms != permissions.EMPTY_PERMISSIONSET
and viewed_user_perms != permissions.USER_PERMISSIONSET):
viewed_user_may_be_spammer = False
ban_token = None
ban_spammer_token = None
if mr.auth.user_id and can_ban:
form_token_path = mr.request.path + 'ban.do'
ban_token = xsrf.GenerateToken(mr.auth.user_id, form_token_path)
form_token_path = mr.request.path + 'banSpammer.do'
ban_spammer_token = xsrf.GenerateToken(mr.auth.user_id,
form_token_path)
page_data = {
'user_tab_mode':
'st2',
'viewed_user_display_name':
viewed_user_display_name,
'viewed_user_may_be_spammer':
ezt.boolean(viewed_user_may_be_spammer),
'viewed_user_is_spammer':
ezt.boolean(viewed_user_is_spammer),
'viewed_user_is_banned':
ezt.boolean(viewed_user.banned),
'owner_of_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in visible_ownership
],
'committer_of_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in visible_membership
],
'contributor_to_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in visible_contrib
],
'owner_of_archived_projects':
[project_views.ProjectView(p) for p in visible_archived],
'starred_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in starred_projects
],
'starred_users':
starred_users,
'starred_users_json':
starred_users_json,
'is_user_starred':
ezt.boolean(is_user_starred),
'viewing_user_page':
ezt.boolean(True),
'last_visit_str':
last_visit_str,
'last_bounce_str':
last_bounce_str,
'vacation_message':
viewed_user.vacation_message,
'can_ban':
ezt.boolean(can_ban),
'ban_token':
ban_token,
'ban_spammer_token':
ban_spammer_token,
'user_groups':
user_group_views,
'linked_parent':
linked_parent,
'linked_children':
linked_children,
'incoming_invite_users':
incoming_invite_users,
'outgoing_invite_users':
outgoing_invite_users,
'possible_parent_accounts':
possible_parent_accounts,
'can_edit_invites':
ezt.boolean(can_edit_invites),
'offer_unlink':
ezt.boolean(offer_unlink),
}
viewed_user_prefs = None
if mr.perms.HasPerm(permissions.EDIT_OTHER_USERS, None, None):
with work_env.WorkEnv(mr, self.services) as we:
viewed_user_prefs = we.GetUserPrefs(
mr.viewed_user_auth.user_id)
user_settings = (
framework_helpers.UserSettings.GatherUnifiedSettingsPageData(
mr.auth.user_id, mr.viewed_user_auth.user_view, viewed_user,
viewed_user_prefs))
page_data.update(user_settings)
return page_data
def GatherPageData(self, mr):
"""Build up a dictionary of data values to use when rendering the page."""
viewed_user = mr.viewed_user_auth.user_pb
if self.services.usergroup.GetGroupSettings(
mr.cnxn, mr.viewed_user_auth.user_id):
url = framework_helpers.FormatAbsoluteURL(mr,
'/g/%s/' %
viewed_user.email,
include_project=False)
self.redirect(url, abort=True) # Show group page instead.
with self.profiler.Phase('GetUserProjects'):
project_lists = sitewide_helpers.GetUserProjects(
mr.cnxn, self.services, mr.auth.user_pb, mr.auth.effective_ids,
mr.viewed_user_auth.effective_ids)
(visible_ownership, visible_archived, visible_membership,
visible_contrib) = project_lists
viewed_user_display_name = framework_views.GetViewedUserDisplayName(mr)
with self.profiler.Phase('GetStarredProjects'):
starred_projects = sitewide_helpers.GetViewableStarredProjects(
mr.cnxn, self.services, mr.viewed_user_auth.user_id,
mr.auth.effective_ids, mr.auth.user_pb)
logged_in_starred_pids = []
if mr.auth.user_id:
logged_in_starred_pids = self.services.project_star.LookupStarredItemIDs(
mr.cnxn, mr.auth.user_id)
starred_user_ids = self.services.user_star.LookupStarredItemIDs(
mr.cnxn, mr.viewed_user_auth.user_id)
starred_user_dict = framework_views.MakeAllUserViews(
mr.cnxn, self.services.user, starred_user_ids)
starred_users = starred_user_dict.values()
is_user_starred = self._IsUserStarred(mr.cnxn, mr.auth.user_id,
mr.viewed_user_auth.user_id)
if viewed_user.last_visit_timestamp:
last_visit_str = timestr.FormatRelativeDate(
viewed_user.last_visit_timestamp, days_only=True)
last_visit_str = last_visit_str or 'Less than 2 days ago'
else:
last_visit_str = 'Never'
if viewed_user.email_bounce_timestamp:
last_bounce_str = timestr.FormatRelativeDate(
viewed_user.email_bounce_timestamp, days_only=True)
last_bounce_str = last_bounce_str or 'Less than 2 days ago'
else:
last_bounce_str = None
can_ban = permissions.CanBan(mr, self.services)
viewed_user_is_spammer = viewed_user.banned.lower() == 'spam'
viewed_user_may_be_spammer = not viewed_user_is_spammer
all_projects = self.services.project.GetAllProjects(mr.cnxn)
for project_id in all_projects:
project = all_projects[project_id]
viewed_user_perms = permissions.GetPermissions(
viewed_user, mr.viewed_user_auth.effective_ids, project)
if (viewed_user_perms != permissions.EMPTY_PERMISSIONSET
and viewed_user_perms != permissions.USER_PERMISSIONSET):
viewed_user_may_be_spammer = False
ban_token = None
ban_spammer_token = None
if mr.auth.user_id and can_ban:
form_token_path = mr.request.path + 'ban.do'
ban_token = xsrf.GenerateToken(mr.auth.user_id, form_token_path)
form_token_path = mr.request.path + 'banSpammer.do'
ban_spammer_token = xsrf.GenerateToken(mr.auth.user_id,
form_token_path)
page_data = {
'user_tab_mode':
'st2',
'viewed_user_display_name':
viewed_user_display_name,
'viewed_user_may_be_spammer':
ezt.boolean(viewed_user_may_be_spammer),
'viewed_user_is_spammer':
ezt.boolean(viewed_user_is_spammer),
'viewed_user_is_banned':
ezt.boolean(viewed_user.banned),
'viewed_user_ignore_action_limits':
(ezt.boolean(viewed_user.ignore_action_limits)),
'owner_of_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in visible_ownership
],
'committer_of_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in visible_membership
],
'contributor_to_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in visible_contrib
],
'owner_of_archived_projects':
[project_views.ProjectView(p) for p in visible_archived],
'starred_projects': [
project_views.ProjectView(p,
starred=p.project_id
in logged_in_starred_pids)
for p in starred_projects
],
'starred_users':
starred_users,
'is_user_starred':
ezt.boolean(is_user_starred),
'viewing_user_page':
ezt.boolean(True),
'last_visit_str':
last_visit_str,
'last_bounce_str':
last_bounce_str,
'vacation_message':
viewed_user.vacation_message,
'can_ban':
ezt.boolean(can_ban),
'ban_token':
ban_token,
'ban_spammer_token':
ban_spammer_token
}
settings = framework_helpers.UserSettings.GatherUnifiedSettingsPageData(
mr.auth.user_id, mr.viewed_user_auth.user_view, viewed_user)
page_data.update(settings)
return page_data