def submit(request):
s = request.session
p = request.session['safe_post']
r = request
qs = s['safe_get']
s['message'] = "Post a story."
dbsession = DBSession()
stories = None
sections = section_queries.get_sections()
new_url_text = ''
new_title_text = ''
route_name = r.matched_route.name
if route_name == 'new_page':
# require admin to load a new page form
if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
return HTTPNotFound()
#if uses came in with a share button, redirect to existing discussion if there is one
if 'from' in qs and qs['from'] == 'button':
existing_post = submission.get_story_by_url_oldest(qs['url'])
if existing_post:
return HTTPFound(r.route_url('full', sub_id=existing_post.id))
new_url_text = qs['url']
if 'title' in qs:
new_title_text = qs['title']
if 'logged_in' not in s:
s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(
r.route_url('login'))
return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
if p and 'title' in p:
if 'logged_in' not in s:
s['message'] = 'Sorry, please log in first'
return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
if 'section_id' not in p or p['section_id'] == '':
return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
if 'url' in p and p['url'] != '' and p['url'] is not None:
p['url'] = general.strip_all_html(p['url'])
if not re.match(r'http[s]*:\/\/', p['url']):
p['url'] = 'http://' + p['url']
else:
# set to None so that NULL goes into the database
p['url'] = None
if route_name == 'new_page':
render_type = p['render_type']
slug = p['slug']
# if we can find this slug already, kill submission here.
try:
s = dbsession.query(Submission).filter(
Submission.slug == slug).one()
s['message'] = 'This slug is already taken.'
success = False
except sqlalchemy.orm.exc.NoResultFound:
pass
else:
slug = ''
render_type = 'story_md'
if 'section_id' in p:
sub = Submission(p['title'][:100],
p['description'],
p['url'],
s['users.id'],
section=p['section_id'])
else:
sub = Submission(p['title'][:100], p['description'], p['url'],
s['users.id'])
sub.render_type = render_type
# slug octet no longer derived from story's actual id
if slug == '':
slug = u"{title}-{uuid_first_octet}".format(
title=slugify.slugify(unicode(p['title'][:100])),
uuid_first_octet=str(general.gen_uuid())[:8])
sub.slug = slug
dbsession.add(sub)
dbsession.flush()
# add notify
if general.check_notify_default(s['users.id'], r):
notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])
v = Vote(sub.id, s['users.id'], 1, "submission", None)
v.direction = 1
dbsession.add(v)
s['message'] = "Added."
try:
if request.registry.solr_conn:
# we flush here to ensure we have a vaild id object when added to solr
# we use this if statement so that the exception will be raised before
# dbsession is flushed, hence avoiding an unnecessary flush if the site
# is not using solr.
dbsession.flush()
request.registry.solr_conn.add({
'id': sub.id,
'title': sub.title,
'description': sub.description
})
request.registry.solr_conn.commit()
except AttributeError:
#solr is not configured for this connection
pass
return HTTPFound(r.route_url('home'))
return {
'stories': stories,
'success': True,
'code': 0,
'new_url_text': new_url_text,
'new_title_text': new_title_text,
'sections': sections
}
def full(request):
message = ''
#@TODO: Change this to use slugs instead of literal guids
sub_id = request.matchdict['sub_id']
sub_id = submission.get_story_id_from_slug(sub_id)
dbsession = DBSession()
p = request.session['safe_post']
prm = request.session['safe_params']
s = request.session
logged_in = False
if 'logged_in' in s:
#return {'message': 'Sorry, please log in first.', 'story': {}, 'comments': {}, 'success': False, 'code': 'ENOLOGIN'}
logged_in = True
# record the comment
if 'op' in prm and prm['op'] == 'del' and logged_in:
if 'comment_id' in prm:
c = submission.get_comment_by_id(prm['comment_id'])
if users.is_user_allowed_admin_action(
s['users.id'],
str(c.id),
):
c.deleted = True
dbsession.add(c)
s['message'] = 'Comment deleted.'
if 'op' in prm and prm['op'] == 'edit' and logged_in:
if 'comment_id' in prm:
c = submission.get_comment_by_id(prm['comment_id'])
if users.is_user_allowed_admin_action(
s['users.id'],
str(c.id),
):
c.body = prm['body']
dbsession.add(c)
s['message'] = 'Comment updated.'
else:
if 'description-textarea' in request.session['safe_post'] and logged_in:
sub = submission.get_story_by_id(sub_id)
if users.is_user_allowed_admin_action(s['users.id'], str(sub.id)):
sub.description = prm['description-textarea']
dbsession.add(sub)
s['message'] = 'Description updated.'
if 'body' in request.session['safe_post'] and logged_in:
if p['parent_type'] == 'story':
in_reply_to = submission.get_story_by_id(
p['comment_parent']).submitter.id
elif p['parent_type'] == 'comment':
c = submission.get_comment_by_id(p['comment_parent'])
in_reply_to = c.user_id
c = Comment(sub_id,
s['users.id'],
p['comment_parent'],
prm['body'],
in_reply_to=in_reply_to)
dbsession.add(c)
dbsession.flush()
# if enabled default, subscribe user to own comment.
# @TODO: make a preference for users to toggle this
if general.check_notify_default(s['users.id'], request):
notify_queries.create_notify(s['users.id'], c.id,
s['users.id'])
v = Vote(sub_id, s['users.id'], 1, "comment", c.id)
v.direction = 1
dbsession.add(v)
notify_queries.fire_to_listeners(p['comment_parent'],
s['users.id'], c.id, request)
s['message'] = 'Comment added.'
#@TODO: Stop using SA queries in views, move them to individual models
story = submission.get_story_by_id(sub_id)
story.tally_votes()
story_vote_dict = {}
comment_vote_dict = {}
if logged_in:
# see queries.py; these two should not be separate. #@FIXME
story_vote_dict = users.get_user_votes(s['users.id'], "on_submission",
sub_id)
comment_vote_dict = users.get_user_votes(s['users.id'],
"on_submissions_comments",
sub_id)
page_num = 1
per_page = 30
if 'sort.comment_default_order' in request.registry.settings:
sort = request.registry.settings['sort.comment_default_order']
else:
# do NOT change the hardcoded default, change in the ini as above
sort = 'top'
next_page = None
prev_page = None
if 'comment_sort' in prm:
sort = prm['comment_sort']
if 'page_num' in prm:
try:
page_num = int(prm['page_num'])
except:
page_num = 1
# comments returns a dict; see queries.py
if 'comment_perma' not in prm:
comments = submission.get_comments(sub_id,
organize_parentage=True,
page_num=page_num,
per_page=per_page,
sort=sort)
else:
comments = submission.get_comments(sub_id,
organize_parentage=True,
page_num=page_num,
per_page=per_page,
sort=sort,
target='comment',
target_id=prm['comment_perma'])
for c in comments['comments']:
#@TODO: Don't do this on every load on a real deployment
c.tally_votes()
if c.deleted:
c.body = '[deleted]'
if page_num > 1:
prev_page = page_num - 1
if comments['max_comments'] > (page_num * per_page):
next_page = page_num + 1
return {
'story': story,
'comments': comments,
'success': True,
'code': 0,
'story_vote_dict': story_vote_dict,
'comment_vote_dict': comment_vote_dict,
'next_page': next_page,
'prev_page': prev_page,
'render_type': story.render_type,
}
def list(request):
from raggregate.queries import user_preference as up
s = request.session
p = request.session['safe_post']
r = request
qs = s['safe_get']
s['message'] = "Post a story."
dbsession = DBSession()
stories = None
filtered_section = None
section_found = False
sections = section_queries.get_sections()
direct_link = False
if s.get('users.id', None):
direct_link = True if up.get_user_prefs(s['users.id']).get(
'link_to_story', 'off') == 'on' else False
if r.params and 'op' in r.params:
sub_id = r.params['sub_id']
if r.params['op'] == 'del' or r.params['op'] == 'hide':
try:
story_to_del = submission.get_story_by_id(sub_id)
except sqlalchemy.orm.exc.NoResultFound:
story_to_del = None
if story_to_del:
if users.is_user_allowed_admin_action(
s['users.id'],
str(story_to_del.id),
):
if r.params['op'] == 'del':
story_to_del.description = "[deleted]"
story_to_del.url = "#"
story_to_del.title = "[deleted]"
story_to_del.deleted = True
dbsession.add(story_to_del)
dbsession.flush()
else:
print("Illegal deletion attempted on {0}".format(
story_to_del.submitter.id))
if 'sort.default_order' in r.registry.settings:
sort = r.registry.settings['sort.default_order']
else:
# default to new sort order if server-specific setting doesn't exist
# this should only be the case on old clones; do NOT remove default_order
# from the ini just because you want new by default.
sort = 'new'
page_num = 1
per_page = 30
next_page = None
prev_page = None
# only pass through approved sort options
if 'sort' in qs:
if qs['sort'] == 'top':
sort = 'top'
if qs['sort'] == 'hot':
sort = 'hot'
if qs['sort'] == 'contro':
sort = 'contro'
if qs['sort'] == 'new':
sort = 'new'
if 'page_num' in qs:
try:
page_num = int(qs['page_num'])
except:
page_num = 1
if 'section' in qs and qs['section'] == 'all':
section = 'all'
else:
section = None
if 'section' in qs and qs['section'] != 'all' and qs['section'] != '':
section = qs['section']
try:
section = section_queries.get_section_by_name(section)
section_found = True
except sqlalchemy.orm.exc.NoResultFound:
try:
section = section_queries.get_section_by_id(section)
section_found = True
except:
from pyramid_tm import transaction
transaction.abort()
pass
# reset section variable to None if we couldn't the named section
if section_found == False:
section = None
else:
#if we did find something, set filtered_section so that we can
#reference the filtered section in the template.
filtered_section = section
if 'subscribe' in qs and isinstance(section, Section) and 'logged_in' in s:
if qs['subscribe'] == 'y':
sub_way = True
elif qs['subscribe'] == 'n':
sub_way = False
sub = sub_queries.create_subscription(s['users.id'], section.id,
sub_way)
s['message'] = 'Subscription to section {0} updated'.format(
section.name)
# @FIXME: make per_page configurable in a safe location
# it is probably unwise to allow this to be set in the query string
# because then a malicious user could say per_page = 10000000000
# and easily launch a DoS via that mechanism.
# if 'per_page' in qs:
# per_page = qs['per_page']
stories = submission.get_story_list(page_num=page_num,
per_page=per_page,
sort=sort,
request=request,
section=section)
max_stories = stories['max_stories']
stories = stories['stories']
# this should be split into its own def under queries.py
# as it is currently used in at least one other place
if max_stories > (page_num * per_page):
next_page = page_num + 1
if page_num > 1:
prev_page = page_num - 1
vote_dict = {}
subscribed_to_list = []
if 'logged_in' in s:
vote_dict = users.get_user_votes(s['users.id'], "on_all_submissions")
subscribed_to_list = sub_queries.get_subscribed_by_user_id(
s['users.id'])
for story in stories:
#@TODO: Remember to not tally on every load once a real site deploys
story.tally_votes()
story.tally_comments()
print "\n\nsubscribed list: {0}\n\n".format(subscribed_to_list)
# Get message of the day
motd = motd_queries.get_random_message()
return {
'stories': stories,
'success': True,
'code': 0,
'vote_dict': vote_dict,
'max_stories': max_stories,
'prev_page': prev_page,
'next_page': next_page,
'sections': sections,
'filtered_section': section,
'motd': motd,
'subscribed_to_list': subscribed_to_list,
'direct_link': direct_link
}
