def update(self, request):
template = self.view.get_template('hook/update.html')
repo = Repo.retrieve(name=request.params['repo'])
if (repo.owner.object != request.user
and not InnerPermission.is_accepted('update_repository',
repo.owner, request.user)):
return Response.redirect(
self.app.convert_url('/' + request.params['repo'] + '/hook'))
error = ''
if request.method == 'POST':
form = HookCreateForm(request.post())
shutil.move(
self.app.project_dir / 'repos/{}.git/hooks/{}'.format(
repo.name, request.params['hook']), self.app.project_dir /
'repos/{}.git/hooks/{}'.format(repo.name, form['name']))
with open(
self.app.project_dir /
'repos/{}.git/hooks/{}'.format(repo.name, form['name']),
'w') as f:
f.write(form['code'])
return Response.redirect(
self.app.convert_url('/{}/hook/{}'.format(
repo.name, form['name'])))
with open(self.app.project_dir / 'repos/{}.git/hooks/{}'.format(
repo.name, request.params['hook'])) as f:
code = f.read()
return Response.render(
template, {
'repo': repo,
'name': request.params['hook'],
'code': code,
'error': error
})
def update_profile(self, req):
template = self.view.get_template("user/update/profile.html")
user = User.retrieve(screen_name=req.params["id"])
roles = Role.list()
error = ""
if req.method == "POST":
try:
form = UserUpdateForm(req.post())
user.screen_name = form["screen_name"]
user.name = form["name"]
user.icon = (resize_icon(form["icon"])
if form["icon"] is not None else user.icon)
roles_ = []
for role in form["roles"]:
roles_.append(Role.retrieve(role))
user.roles = roles_
user.update()
return Response.redirect(
self.app.convert_url("/users/" + user.screen_name +
"/settings"))
except Exception as err:
error = str(err)
return Response.render(
template,
{
"user": user,
"screen_name": user.screen_name,
"name": user.name,
"icon": user.icon,
"roles": roles,
"error": error
},
)
def handle(self, request):
if not is_admin(request.user):
return Response.redirect(self.app.convert_url('/'))
error = ""
if request.method == "POST":
try:
form = SettingsForm(request.post())
for screen_name, permission_roles in form['permission'].items(
):
permission = InnerPermission.retrieve(
screen_name=screen_name)
permission.roles = [
InnerRole.retrieve(screen_name=role)
for role in permission_roles
]
permission.update()
error = "変更を保存しました"
except Exception as err:
error = str(err)
template = self.view.get_template('settings.html')
return Response.render(
template, {
"roles": InnerRole.list(),
"permissions": InnerPermission.list(),
"error": error
})
def update_notification(self, req):
template = self.view.get_template("user/update/notification.html")
user = User.retrieve(screen_name=req.params["id"])
if user._id != req.user._id:
return Response.redirect(self.app.convert_url("/"))
error = ""
if req.method == "POST":
try:
form = SubscriptionForm(req.post())
if form["action"] == "subscribe":
subscription = PushSubscription()
subscription.subscription = form["subscription"]
subscription.create()
user.subscriptions.append(subscription)
user.update()
error = "通知の購読を設定しました"
else:
subscription = PushSubscription.retrieve(
subscription=form["subscription"])
subscription.delete()
error = "通知の購読を解除しました"
except Exception as err:
error = str(err)
return Response.render(
template,
{
"user": user,
"vapid_public_key": self.app.project.vapid["public_key"],
"error": error
},
)
def create(self, request):
template = self.view.get_template('merge/create.html')
repo = Repo.retrieve(name=request.params['repo'])
error = ""
if request.method == "POST":
try:
form = MergeCreateForm(request.post())
merge = Merge()
merge.base = form['base']
merge.compare = form['compare']
merge.title = form['title']
merge.body = form['body']
merge.repo = repo
merge.user = request.user
merge.create()
return Response.redirect(
self.app.convert_url('/' + repo.name + '/merge/' +
merge._id))
except Exception as err:
error = str(err)
return Response.render(template, {
"repo": repo,
"entity": repo.entity,
"error": error
})
def create(self, request):
template = self.view.get_template("repo/create.html")
nodes = [*Group.list(), *User.list()]
try:
if request.method == 'POST':
body = request.post()
repo = Repo()
repo.name = body['name']
repo.owner = Node.retrieve(body['owner'])
repo.create()
if not (self.app.project_dir / 'git_template').is_dir:
git.Repo.init(self.app.project_dir / 'git_template',
bare=True)
git.Repo.init(self.app.project_dir /
('repos/' + repo.name + '.git'),
bare=True,
template=self.app.project_dir / 'git_template')
return Response.redirect(self.app.convert_url('/' + repo.name))
except Exception as err:
error = str(err)
traceback.print_exc(err)
return Response.render(template, {
'post': body,
'error': error,
'nodes': nodes
})
return Response.render(template, {'post': dict(), 'nodes': nodes})
def first_create(self, request):
template = self.view.get_template("create/profile.html")
error = ""
if request.method == "POST":
try:
form = ProfileForm(request.post())
prof = Profile()
prof.name = form["name"]
prof.ruby = form["ruby"]
prof.epoch = form["epoch"]
prof.image = resize(form["image"])
extra = form["extra"]
prof.email = form["email"]
prof.contactOption = int(form["contactOption"])
prof.contactIdent = form["contactIdent"]
prof.create()
for colid, value in extra.items():
col = ExtraColumn.retrieve(colid)
val = ExtraColumnValue()
val.column = col
val.profile = prof
val.value = value
val.create()
sess = request.session()
sess["profile_id"] = prof._id
return Response.redirect(
self.app.convert_url("/create/second"))
except Exception as err:
error = str(err)
return Response.render(template, {
"title": "図鑑登録",
"error": error,
"extra_columns": ExtraColumn.list()
})
def delete(self, request):
template = self.view.get_template("repo/delete.html")
repo = Repo.retrieve(name=request.params['repo'])
if (repo.owner != request.user and not InnerPermission.is_accepted(
'delete_repository', repo.owner.object, request.user)):
return Response.redirect(self.app.convert_url('/'))
try:
if request.method == 'POST':
if not request.user.password_check(request.post()['password']):
raise Exception('wrong password')
shutil.rmtree(self.app.project_dir /
('repos/' + repo.name + '.git'))
repo.delete()
return Response.redirect(self.app.convert_url('/'))
except Exception as err:
error = str(err)
return Response.render(template, {'repo': repo, 'error': error})
return Response.render(template, {'repo': repo})
def process(self, request, handler):
sess = request.session()
try:
if "jwt_token" in sess:
request.user = User.check_jwt(sess["jwt_token"])
else:
return Response.redirect(
request.app.project.login_page
+ "?redirect_to="
+ urllib.parse.quote(str(request.url), safe="")
)
except Exception:
return Response.redirect(
request.app.project.login_page
+ "?redirect_to="
+ urllib.parse.quote(str(request.url), safe="")
)
return handler(request)
def delete(self, request):
template = self.view.get_template('hook/delete.html')
repo = Repo.retrieve(name=request.params['repo'])
if (isinstance(repo.owner.object, Group)
and not InnerPermission.is_accepted(
'update_repository', repo.owner.object, request.user)):
return Response.redirect(
self.app.convert_url('/' + request.params['repo'] + '/hook'))
error = ''
if request.method == 'POST':
os.remove(self.app.project_dir / 'repos/{}.git/hooks/{}'.format(
repo.name, request.params['hook']))
return Response.redirect(
self.app.convert_url('/{}/hook'.format(repo.name)))
return Response.render(template, {
'repo': repo,
'name': request.params['hook'],
'error': error
})
def second_create(self, request):
template = self.view.get_template("create/tables.html")
error = ""
form = {}
sess = request.session()
try:
prof = Profile.retrieve(sess["profile_id"])
except Exception:
return Response.redirect(self.app.convert_url("/create"))
if request.method == "POST":
form = CareerForm(request.post())
try:
careers = form["careers"]
histories = form["histories"]
for career_ in careers.values():
try:
career = Career()
career.type = int(career_["type"])
career.grade = int(career_["grade"])
career.profile = prof
career.create()
except Exception:
pass
for history_ in histories.values():
try:
history = TravelHistory()
history.year = history_["year"]
history.place = history_["place"]
history.profile = prof
history.description = history_["description"]
history.create()
except Exception:
pass
return Response.redirect(self.app.convert_url("/create/fin"))
except Exception as err:
error = str(err)
return Response.render(template, {
"title": "図鑑登録",
"error": error,
"form": form
})
def remove_group(self, req):
try:
group = Group.retrieve(screen_name=req.params["id"])
child = Group.retrieve(req.params["gid"])
group.remove(child)
except Exception as err:
print(err)
pass
finally:
return Response.redirect(
self.app.convert_url("/groups/" + group.screen_name +
"/settings"))
def login(self, request):
template = self.view.get_template("login.html")
if request.method == "POST":
try:
form = LoginForm(request.post())
result = User.password_auth(form["screen_name"],
form["password"])
sess = request.session()
sess["jwt_token"] = result.get_jwt()
redirect_to = request.query.get("redirect_to", ["/"])[0]
return Response.redirect(redirect_to)
except Exception as err:
return Response.render(template, {"error": err}, status=401)
return Response.render(template, status=401)
def retrieve(self, request):
template = self.view.get_template('merge/retrieve.html')
repo = Repo.retrieve(name=request.params['repo'])
merge = Merge.retrieve(request.params['merge'])
if request.method == 'POST':
post = request.post()
if post['action'] == 'merge':
merge.merge()
merge.delete()
else:
merge.delete()
return Response.redirect(self.app.convert_url('/' + repo.name))
return Response.render(template, {
"repo": repo,
"entity": repo.entity,
"merge": merge
})
def signup(self, request):
sess = request.session()
template = self.view.get_template("signup.html")
invite = UserInvite.retrieve(token=request.query["token"][0])
if request.method == "POST":
try:
form = RegisterForm(request.post())
user = User()
user.email = invite.email
user.set_password(form["password"])
user.screen_name = form["screen_name"]
user.name = form["name"]
user.icon = (resize_icon(form["icon"])
if form["icon"] is not None else user.icon)
user.create()
sess["jwt_token"] = user.get_jwt()
roles = invite.roles
if len(roles) > 0:
for role_id in invite.roles.split(":"):
role = Role.retrieve(role_id)
role.append(user)
invite.delete()
return Response.redirect(self.app.convert_url("/"))
except (ValidationError, ValueError) as err:
icon = form["icon"]
return Response.render(
template,
{
"error": err.messsage,
"name": form["name"] or invite.name,
"screen_name":
(form["screen_name"] or invite.screen_name),
"password": form["password"] or "",
"icon": icon,
},
)
return Response.render(
template,
{
"icon": invite.icon,
"name": invite.name or "",
"screen_name": invite.screen_name or "",
},
)
def update(self, request):
template = self.view.get_template("repo/update.html")
repo = Repo.retrieve(name=request.params['repo'])
if (repo.owner != request.user and not InnerPermission.is_accepted(
'update_repository', repo.owner.object, request.user)):
return Response.redirect(self.app.convert_url('/'))
try:
if request.method == 'POST':
body = request.post()
name = repo.name
repo.name = body['name']
repo.owner = Node(body['owner'])
repo.update()
os.rename(
self.app.project_dir / ('repos/' + name + '.git'),
self.app.project_dir / ('repos/' + repo.name + '.git'))
except Exception as err:
error = str(err)
return Response.render(template, {'repo': repo, 'error': error})
return Response.render(template, {'repo': repo})
def create(self, req):
template = self.view.get_template("group/create.html")
groups = Group.list()
error = ""
if req.method == "POST":
try:
form = GroupCreateForm(req.post())
group = Group()
group.name = form["name"]
group.screen_name = form["screen_name"]
group.icon = resize_icon(form["icon"])
group.create()
if form["parent"] is not None:
Group.retrieve(form["parent"]).append(group)
group.append(req.user)
return Response.redirect(self.app.convert_url("/groups"))
except ValidationError as err:
error = str(err)
return Response.render(template, {
"groups": groups,
"icon": load_noimage_group(),
"error": error
})
def update_password(self, req):
template = self.view.get_template("user/update/password.html")
user = User.retrieve(screen_name=req.params["id"])
if user._id != req.user._id:
return Response.redirect(self.app.convert_url("/"))
error = ""
if req.method == "POST":
try:
form = UserPasswordUpdateForm(req.post())
if form["password"] != form["password_"]:
raise Exception("パスワードが一致しません")
user.set_password(form["password"])
user.update()
error = "パスワードを変更しました"
except Exception as err:
error = str(err)
return Response.render(
template,
{
"user": user,
"error": error
},
)
def append(self, req):
form = req.post()
try:
group = Group.retrieve(screen_name=req.params["id"])
nodes = list()
if "user" in form:
for uid in form.getlist("user"):
try:
nodes.append(User.retrieve(uid))
except Exception:
pass
if "group" in form:
for gid in form.getlist("group"):
try:
nodes.append(Group.retrieve(gid))
except Exception:
pass
group.append_all(nodes)
except Exception:
pass
finally:
return Response.redirect(
self.app.convert_url("/groups/" + group.screen_name +
"/settings"))
def setup(self, request):
template = self.view.get_template("setup.html")
if len(User.list()) > 0:
return Response.redirect(self.app.convert_url("/login"))
if request.method == "POST":
try:
form = SetupForm(request.post())
try:
owner = Role()
owner.name = "Owner"
owner.create()
manager = Role()
manager.name = "Manager"
manager.create()
normal = Role()
normal.name = "Normal"
normal.create()
inner_owner = InnerRole()
inner_owner.name = "Owner"
inner_owner.create()
inner_manager = InnerRole()
inner_manager.name = "Manager"
inner_manager.create()
inner_normal = InnerRole()
inner_normal.name = "Normal"
inner_normal.create()
except Exception:
pass
Permission.accept("admin", owner)
Permission.accept("create_user", owner)
Permission.accept("update_user", owner)
Permission.accept("delete_user", owner)
Permission.accept("create_group", owner)
Permission.accept("update_group", owner)
Permission.accept("delete_group", owner)
Permission.accept("create_user", manager)
Permission.accept("update_user", manager)
Permission.accept("create_group", manager)
Permission.accept("update_group", manager)
InnerPermission.accept("admin", inner_owner)
InnerPermission.accept("add_user", inner_owner)
InnerPermission.accept("remove_user", inner_owner)
InnerPermission.accept("add_group", inner_owner)
InnerPermission.accept("remove_group", inner_owner)
InnerPermission.accept("add_user", inner_manager)
InnerPermission.accept("remove_user", inner_owner)
InnerPermission.accept("add_group", inner_manager)
InnerPermission.accept("remove_group", inner_owner)
user = UserInvite()
user.email = form["email"]
user.roles = owner._id
user.create()
user.mail(
"Mitamaへようこそ", "下記リンクから、Mitamaに参加しましょう\n{}".format(
self.app.convert_fullurl(request, "/signup?token=" +
user.token)))
template = self.view.get_template("confirm.html")
return Response.render(template)
except ValidationError as err:
return Response.render(template, {"error": str(err)})
return Response.render(template)
def logout(self, request):
sess = request.session()
sess["jwt_token"] = None
redirect_to = request.query.get("redirect_to", ["/"])[0]
return Response.redirect(redirect_to)
def cancel(self, req):
invite = UserInvite.retrieve(req.params["id"])
invite.delete()
return Response.redirect(self.app.convert_url("/users/invite"))
def process(self, request, handler):
if User.query.filter(User.password != None).count() == 0:
return Response.redirect(self.app.convert_url("/setup"))
else:
return handler(request)
