Example #1
0
 def create_submission(self,
                       user=None,
                       url=None,
                       title=None,
                       description=None):
     if not user:
         user = users.create_user(username='******', password='******')
     if not url:
         url = 'http://google.com'
     if not title:
         title = 'test'
     if not description:
         description = 'test'
     submission = Submission(title, description, url, user.id)
     self.dbsession.add(submission)
     self.dbsession.flush()
     return submission
Example #2
0
    def test_domain_parse(self):
        title = 'test'
        description = 'test'
        #@TODO: we should make this accept a fake user id in test mode at least
        # so that we don't have huge cascading failures if create_user is broken
        user = queries.create_user(username='******', password='******')

        sub = Submission(title, description, 'http://google.com', user.id)
        self.assertEqual('google.com', sub.get_domain_name())

        sub = Submission(title, description, 'http://googlewww.com', user.id)
        self.assertEqual('googlewww.com', sub.get_domain_name())

        sub = Submission(title, description, 'https://google.com', user.id)
        self.assertEqual('google.com', sub.get_domain_name())
Example #3
0
def post(request):
    s = request.session
    p = request.session["safe_post"]
    r = request
    qs = s["safe_get"]
    s["message"] = "Post a story."
    dbsession = DBSession()
    stories = None

    new_url_text = ""
    new_title_text = ""

    # if uses came in with a share button, redirect to existing discussion if there is one
    if "from" in qs and qs["from"] == "button":
        existing_post = queries.get_story_by_url_oldest(qs["url"])
        if existing_post:
            return HTTPFound(r.route_url("full", sub_id=existing_post.id))
        new_url_text = qs["url"]
        if "title" in qs:
            new_title_text = qs["title"]

    if "new_post" in qs and qs["new_post"] == "y":
        if "logged_in" not in s:
            s["message"] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(
                r.route_url("login")
            )
            return {"stories": [], "success": False, "code": "ENOLOGIN"}

    if p and "title" in p:
        if "logged_in" not in s:
            s["message"] = "Sorry, please log in first"
            return {"stories": [], "success": False, "code": "ENOLOGIN"}
        if p["url"] != "" and p["url"] is not None:
            p["url"] = queries.strip_all_html(p["url"])
            if not re.match(r"http[s]*:\/\/", p["url"]):
                p["url"] = "http://" + p["url"]
        else:
            # set to None so that NULL goes into the database
            p["url"] = None

        sub = Submission(p["title"][:100], p["description"], p["url"], s["users.id"])
        dbsession.add(sub)
        dbsession.flush()
        v = Vote(sub.id, s["users.id"], 1, "submission", None)
        v.direction = 1
        dbsession.add(v)
        sub.slug = u"{title}-{uuid_first_octet}".format(
            title=slugify.slugify(unicode(p["title"][:100])), uuid_first_octet=str(sub.id)[:8]
        )
        dbsession.add(sub)
        s["message"] = "Added."

        try:
            if request.registry.solr_conn:
                # we flush here to ensure we have a vaild id object when added to solr
                # we use this if statement so that the exception will be raised before
                # dbsession is flushed, hence avoiding an unnecessary flush if the site
                # is not using solr.
                dbsession.flush()
                request.registry.solr_conn.add({"id": sub.id, "title": sub.title, "description": sub.description})
                request.registry.solr_conn.commit()
        except AttributeError:
            # solr is not configured for this connection
            pass

    if r.params and "op" in r.params:
        sub_id = r.params["sub_id"]
        if r.params["op"] == "del":
            try:
                story_to_del = queries.get_story_by_id(sub_id)
            except sqlalchemy.orm.exc.NoResultFound:
                story_to_del = None
            if story_to_del:
                if queries.is_user_allowed_admin_action(s["users.id"], str(story_to_del.id)):
                    story_to_del.description = "[deleted]"
                    story_to_del.url = "#"
                    story_to_del.title = "[deleted]"
                    story_to_del.deleted = True
                    dbsession.add(story_to_del)
                    dbsession.flush()
                else:
                    print("Illegal deletion attempted on {0}".format(story_to_del.submitter.id))

    if "sort.default_order" in r.registry.settings:
        sort = r.registry.settings["sort.default_order"]
    else:
        # default to new sort order if server-specific setting doesn't exist
        # this should only be the case on old clones; do NOT remove default_order
        # from the ini just because you want new by default.
        sort = "new"
    page_num = 1
    per_page = 30
    next_page = None
    prev_page = None

    # only pass through approved sort options
    if "sort" in qs:
        if qs["sort"] == "top":
            sort = "top"
        if qs["sort"] == "hot":
            sort = "hot"
        if qs["sort"] == "contro":
            sort = "contro"
        if qs["sort"] == "new":
            sort = "new"

    if "page_num" in qs:
        try:
            page_num = int(qs["page_num"])
        except:
            page_num = 1

    #   @FIXME: make per_page configurable in a safe location
    #   it is probably unwise to allow this to be set in the query string
    #   because then a malicious user could say per_page = 10000000000
    #   and easily launch a DoS via that mechanism.
    #   if 'per_page' in qs:
    #       per_page = qs['per_page']

    stories = queries.get_story_list(page_num=page_num, per_page=per_page, sort=sort, request=request)
    max_stories = stories["max_stories"]
    stories = stories["stories"]

    # this should be split into its own def under queries.py
    # as it is currently used in at least one other place
    if max_stories > (page_num * per_page):
        next_page = page_num + 1

    if page_num > 1:
        prev_page = page_num - 1

    vote_dict = {}
    if "logged_in" in s:
        vote_dict = queries.get_user_votes_on_all_submissions(s["users.id"])
    for s in stories:
        # @TODO: Remember to not tally on every load once a real site deploys
        s.tally_votes()
        s.tally_comments()

    return {
        "stories": stories,
        "success": True,
        "code": 0,
        "vote_dict": vote_dict,
        "max_stories": max_stories,
        "prev_page": prev_page,
        "next_page": next_page,
        "new_url_text": new_url_text,
        "new_title_text": new_title_text,
    }
Example #4
0
def submit(request):
    s = request.session
    p = request.session['safe_post']
    r = request
    qs = s['safe_get']
    s['message'] = "Post a story."
    dbsession = DBSession()
    stories = None
    sections = section_queries.get_sections()

    new_url_text = ''
    new_title_text = ''

    route_name = r.matched_route.name

    if route_name == 'new_page':
        # require admin to load a new page form
        if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
            return HTTPNotFound()

    #if uses came in with a share button, redirect to existing discussion if there is one
    if 'from' in qs and qs['from'] == 'button':
        existing_post = submission.get_story_by_url_oldest(qs['url'])
        if existing_post:
            return HTTPFound(r.route_url('full', sub_id=existing_post.id))
        new_url_text = qs['url']
        if 'title' in qs:
            new_title_text = qs['title']

    if 'logged_in' not in s:
        s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(
            r.route_url('login'))
        return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}

    if p and 'title' in p:
        if 'logged_in' not in s:
            s['message'] = 'Sorry, please log in first'
            return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
        if 'section_id' not in p or p['section_id'] == '':
            return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
        if 'url' in p and p['url'] != '' and p['url'] is not None:
            p['url'] = general.strip_all_html(p['url'])
            if not re.match(r'http[s]*:\/\/', p['url']):
                p['url'] = 'http://' + p['url']
        else:
            # set to None so that NULL goes into the database
            p['url'] = None

        if route_name == 'new_page':
            render_type = p['render_type']
            slug = p['slug']

            # if we can find this slug already, kill submission here.
            try:
                s = dbsession.query(Submission).filter(
                    Submission.slug == slug).one()
                s['message'] = 'This slug is already taken.'
                success = False
            except sqlalchemy.orm.exc.NoResultFound:
                pass
        else:
            slug = ''
            render_type = 'story_md'

        if 'section_id' in p:
            sub = Submission(p['title'][:100],
                             p['description'],
                             p['url'],
                             s['users.id'],
                             section=p['section_id'])
        else:
            sub = Submission(p['title'][:100], p['description'], p['url'],
                             s['users.id'])

        sub.render_type = render_type

        # slug octet no longer derived from story's actual id
        if slug == '':
            slug = u"{title}-{uuid_first_octet}".format(
                title=slugify.slugify(unicode(p['title'][:100])),
                uuid_first_octet=str(general.gen_uuid())[:8])
        sub.slug = slug

        dbsession.add(sub)
        dbsession.flush()

        # add notify
        if general.check_notify_default(s['users.id'], r):
            notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])

        v = Vote(sub.id, s['users.id'], 1, "submission", None)
        v.direction = 1
        dbsession.add(v)
        s['message'] = "Added."

        try:
            if request.registry.solr_conn:
                # we flush here to ensure we have a vaild id object when added to solr
                # we use this if statement so that the exception will be raised before
                # dbsession is flushed, hence avoiding an unnecessary flush if the site
                # is not using solr.
                dbsession.flush()
                request.registry.solr_conn.add({
                    'id': sub.id,
                    'title': sub.title,
                    'description': sub.description
                })
                request.registry.solr_conn.commit()
        except AttributeError:
            #solr is not configured for this connection
            pass

        return HTTPFound(r.route_url('home'))
    return {
        'stories': stories,
        'success': True,
        'code': 0,
        'new_url_text': new_url_text,
        'new_title_text': new_title_text,
        'sections': sections
    }
Example #5
0
def submit(request):
    s = request.session
    p = request.session['safe_post']
    r = request
    qs = s['safe_get']
    s['message'] = "Post a story."
    dbsession = DBSession()
    stories = None
    sections = section_queries.get_sections()

    new_url_text = ''
    new_title_text = ''

    route_name = r.matched_route.name

    if route_name == 'new_page':
        # require admin to load a new page form
        if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
            return HTTPNotFound()

    #if uses came in with a share button, redirect to existing discussion if there is one
    if 'from' in qs and qs['from'] == 'button':
        existing_post = submission.get_story_by_url_oldest(qs['url'])
        if existing_post:
            return HTTPFound(r.route_url('full', sub_id=existing_post.id))
        new_url_text = qs['url']
        if 'title' in qs:
            new_title_text = qs['title']

    if 'logged_in' not in s:
        s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(r.route_url('login'))
        return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}

    if p and 'title' in p:
        if 'logged_in' not in s:
            s['message'] = 'Sorry, please log in first'
            return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
        if 'section_id' not in p or p['section_id'] == '':
            return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
        if 'url' in p and p['url'] != '' and p['url'] is not None:
            p['url'] = general.strip_all_html(p['url'])
            if not re.match(r'http[s]*:\/\/', p['url']):
                p['url'] = 'http://' + p['url']
        else:
            # set to None so that NULL goes into the database
            p['url'] = None

        if route_name == 'new_page':
            render_type = p['render_type']
            slug = p['slug']

            # if we can find this slug already, kill submission here.
            try:
                s = dbsession.query(Submission).filter(Submission.slug == slug).one()
                s['message'] = 'This slug is already taken.'
                success = False
            except sqlalchemy.orm.exc.NoResultFound:
                pass
        else:
            slug = ''
            render_type = 'story_md'

        if 'section_id' in p:
            sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'], section = p['section_id'])
        else:
            sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'])

        sub.render_type = render_type

        # slug octet no longer derived from story's actual id
        if slug == '':
            slug = u"{title}-{uuid_first_octet}".format(
                    title = slugify.slugify(unicode(p['title'][:100])),
                    uuid_first_octet = str(general.gen_uuid())[:8])
        sub.slug = slug

        dbsession.add(sub)
        dbsession.flush()

        # add notify
        if general.check_notify_default(s['users.id'], r):
            notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])

        v = Vote(sub.id, s['users.id'], 1, "submission", None)
        v.direction = 1
        dbsession.add(v)
        s['message'] = "Added."

        try:
            if request.registry.solr_conn:
                # we flush here to ensure we have a vaild id object when added to solr
                # we use this if statement so that the exception will be raised before
                # dbsession is flushed, hence avoiding an unnecessary flush if the site
                # is not using solr.
                dbsession.flush()
                request.registry.solr_conn.add({'id': sub.id, 'title': sub.title, 'description': sub.description})
                request.registry.solr_conn.commit()
        except AttributeError:
            #solr is not configured for this connection
            pass

        return HTTPFound(r.route_url('home'))
    return {'stories': stories, 'success': True, 'code': 0,
            'new_url_text': new_url_text, 'new_title_text': new_title_text,
            'sections': sections}