def move_post_2(request, group, post_id, category_id):
"""
Display threads in category (category_id) where the post
can be moved to
"""
post = Post.objects.get(pk=post_id)
if not post.allow_moving_post():
raise PermissionDenied()
thread = post.get_thread()
category = Category.objects.get(pk=category_id)
thread_list = category.get_thread_list().exclude(
root_post=thread.pk).order_by('-thread_latest_postdate')
res = object_list(request=request,
queryset=thread_list,
allow_empty=True,
template_name="sphene/sphboard/move_post_2.html",
extra_context={
'post': post,
'category': category
},
template_object_name='thread',
paginate_by=get_sph_setting('board_post_paging'))
return res
def showThread(request, thread_id, group=None, slug=None):
thread = get_object_or_404(Post.objects, pk=thread_id)
if not thread.category.has_view_permission(request.user):
raise PermissionDenied()
thread.viewed(request.session, request.user)
sphdata = get_current_sphdata()
if sphdata != None: sphdata['subtitle'] = thread.subject
category_type = thread.category.get_category_type()
template_name = category_type.get_show_thread_template()
res = object_list(
request=request,
#queryset = Post.objects.filter( Q( pk = thread_id ) | Q( thread = thread ) ).order_by('postdate'),
queryset=thread.get_all_posts().order_by('postdate'),
allow_empty=True,
template_name=template_name,
extra_context={
'thread': thread,
'allowPosting': thread.allowPosting(request.user),
'postSubject': 'Re: ' + thread.subject,
'category_type': category_type,
},
template_object_name='post',
paginate_by=get_sph_setting('board_post_paging'),
)
res.sph_lastmodified = thread.get_latest_post().postdate
return res
def admin_permission_rolegroup_edit(request, group, rolegroup_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
rolegroup = RoleGroup.objects.get(
pk=rolegroup_id,
group=group,
)
if request.method == 'POST':
username = request.POST['username']
if username:
user = User.objects.get(username=username)
RoleGroupMember(user=user, rolegroup=rolegroup).save()
return HttpResponseRedirect(rolegroup.get_absolute_editurl())
if 'cmd' in request.GET and 'id' in request.GET:
if request.GET['cmd'] == 'remove':
member = rolegroup.rolegroupmember_set.get(pk=request.GET['id'])
messages.success(request,
message=ugettext(u'Removed user %(username)s from rolegroup.') % \
{'username': member.user.username})
member.delete()
return HttpResponseRedirect(rolegroup.get_absolute_editurl())
return render(request,
'sphene/community/admin/permission/rolegroup_edit.html',
{'rolegroup': rolegroup})
def edit_poll(request, group, poll_id):
poll = get_object_or_404(Poll, pk=poll_id)
if not poll.allow_editing():
raise PermissionDenied()
postdata = None
if request.method == 'POST':
postdata = request.POST
form = PollForm(postdata, instance=poll)
choiceforms = [
PollChoiceForm(
postdata,
prefix='choice_%d' % choice.id,
instance=choice,
) for choice in poll.pollchoice_set.all()
]
if request.method == 'POST' and form.is_valid() \
and not [ True for choiceform in choiceforms if not choiceform.is_valid() ]:
form.save()
for choiceform in choiceforms:
choiceform.save()
return HttpResponseRedirect(
sph_reverse('sphene.sphboard.views.showThread',
kwargs={'thread_id': poll.post.get_thread().id}))
return sph_render_to_response('sphene/sphboard/edit_poll.html', {
'form': form,
'choiceforms': choiceforms,
})
def diff(request, group, snipName, changeId=None):
snip = get_object_or_404(WikiSnip, group=group, name=snipName)
if not snip.has_view_permission():
raise PermissionDenied()
changeEnd = get_object_or_404(
WikiSnipChange,
snip=snip,
pk=changeId,
)
args = {
'snip': snip,
'snipName': snipName,
}
try:
changeStart = snip.wikisnipchange_set.filter(
edited__lt=changeEnd.edited, ).order_by('-edited')[0]
args['prev_change'] = changeStart
except IndexError:
changeStart = None
diffTable = ugettext("This is the first change.")
try:
next_change = snip.wikisnipchange_set.filter(
edited__gt=changeEnd.edited, ).order_by('edited')[0]
args['next_change'] = next_change
except IndexError:
pass
if changeStart:
htmlDiff = HtmlDiff(wrapcolumn=50, )
from sphene.community.templatetags.sph_extras import sph_date, sph_user_displayname
desc = ugettext('%(date)s by %(editor)s')
if snip.has_edit_permission():
desc += ' / <a href="%(editversionlink)s">' + ugettext(
'Edit this version') + '</a>'
fromdesc = desc % {
'date': sph_date(changeStart.edited),
'editor': sph_user_displayname(changeStart.editor),
'editversionlink': changeStart.get_absolute_editurl()
},
todesc = desc % {
'date': sph_date(changeEnd.edited),
'editor': sph_user_displayname(changeEnd.editor),
'editversionlink': changeEnd.get_absolute_editurl()
},
diffTable = htmlDiff.make_table(
changeStart.body.splitlines(1),
changeEnd.body.splitlines(1),
fromdesc=fromdesc,
todesc=todesc,
context=True,
)
args['diffTable'] = mark_safe(diffTable)
args['fromchange'] = changeStart
args['tochange'] = changeEnd
return render_to_response('sphene/sphwiki/diff.html',
args,
context_instance=RequestContext(request))
def admin_user_switch_active(request, user_id, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
usr = get_object_or_404(User, pk=user_id, is_superuser=False)
usr.is_active = not usr.is_active
usr.save()
user_status = _('no')
button_label = _('Enable')
if usr.is_active:
user_status = _('yes')
button_label = _('Disable')
else:
# clear user sessions - only works if sessions are stored in django db
if settings.SESSION_ENGINE == 'django.contrib.sessions.backends.db':
from django.contrib.sessions.models import Session
[
s.delete() for s in Session.objects.all()
if s.get_decoded().get('_auth_user_id') == usr.id
]
if not request.is_ajax():
messages.success(
request, message=ugettext(u'Successfully changed user status.'))
req = request.GET if request.method == 'GET' else request.POST
url = req.get('next', reverse('sph_admin_users'))
return HttpResponseRedirect(url)
else:
return HttpResponse(json.dumps({
"user_status": user_status,
"button_label": button_label
}),
mimetype='application/json')
def move_post_2(request, group, post_id, category_id):
"""
Display threads in category (category_id) where the post
can be moved to
"""
post_obj = Post.objects.get(pk=post_id)
if not post_obj.allow_moving_post():
raise PermissionDenied()
thread = post_obj.get_thread()
category = Category.objects.get(pk=category_id)
thread_list = category.get_thread_list().exclude(
root_post=thread.pk).order_by('-thread_latest_postdate')
paginator = Paginator(thread_list,
get_sph_setting('board_post_paging'),
allow_empty_first_page=True)
page = request.GET.get('page')
page_obj = paginator.get_page(page)
# res = object_list(request=request,
# queryset=thread_list,
# allow_empty=True,
# template_name="sphene/sphboard/move_post_2.html",
# extra_context={'post': post_obj,
# 'category': category},
# template_object_name='thread',
# paginate_by=get_sph_setting('board_post_paging')
# )
return render(request, 'sphene/sphboard/move_post_2.html', {
'post': post_obj,
'category': category,
'thread_list': page_obj,
})
def showSnip(request, group, snipName):
snip_rendered_body = None
try:
snip = WikiSnip.objects.get(group=group, name__exact=snipName)
except WikiSnip.DoesNotExist:
snip = WikiSnip(name=snipName, group=group)
if not snip.has_view_permission():
raise PermissionDenied()
res = None
if 'type' in request.GET:
if request.GET['type'] == 'src':
res = HttpResponse(
snip.body,
mimetype='text/plain',
)
if request.GET['type'] == 'full':
res = HttpResponse(
snip.render(),
mimetype='text/html',
)
if not res:
sphdata = get_current_sphdata()
snip_rendered_body = False
redirects = ()
while not snip_rendered_body or 'sphwiki_redirect_to_snip' in sphdata:
if snip_rendered_body:
if snip in redirects:
if request.user.is_authenticated():
request.user.message_set.create(
message=ugettext("Detected redirect loop."))
break
redirects += (snip, )
snip = sphdata['sphwiki_redirect_to_snip']
del sphdata['sphwiki_redirect_to_snip']
snip_rendered_body = snip.render()
if sphdata != None: sphdata['subtitle'] = snip.title or snip.name
res = render_to_response('sphene/sphwiki/showSnip.html', {
'snip':
snip,
'snipName':
snipName,
'snip_rendered_body':
snip_rendered_body,
'redirects':
redirects,
'commentstemplate':
'sphene.sphcomments' in settings.INSTALLED_APPS
and 'sphene/sphwiki/wikicomments.html'
or 'sphene/sphwiki/wikicomments_unavailable.html',
},
context_instance=RequestContext(request))
res.sph_lastmodified = snip.changed
return res
def admin_post_delete(request, group, user_id, post_id):
post = get_object_or_404(Post, author=user_id, pk=post_id)
if not post.allow_hiding():
raise PermissionDenied()
post.hide()
messages.success(request, message=ugettext(u'Post deleted'))
return HttpResponseRedirect(
sph_reverse('sphboard_admin_user_posts', kwargs={'user_id': user_id}))
def admin_permission_role_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
roles = Role.objects.filter(group=group)
return render_to_response(
'sphene/community/admin/permission/role_list.html', {
'roles': roles,
},
context_instance=RequestContext(request))
def attachmentEdit(request, group, snipName, attachmentId=None):
"""Importing ModelForm"""
from django.forms import ModelForm
""" Class necessary for the Modelform """
class AttachmentFormNew(ModelForm):
class Meta:
model = WikiAttachment
attachment = None
if attachmentId is None:
AttachmentForm = AttachmentFormNew()
else:
attachment = WikiAttachment.objects.get(id=attachmentId)
AttachmentForm = AttachmentFormNew(instance=attachment)
if attachment:
if not attachment.snip.has_edit_permission():
raise PermissionDenied()
if 'delete' in request.GET and request.GET['delete'] == '1':
attachment.delete()
messages.success(request,
message=ugettext("Successfully deleted attachment."))
return HttpResponseRedirect(
attachment.snip.get_absolute_attachmenturl())
AttachmentForm.base_fields['fileupload'].widget = widgets.FileInput()
if request.method == 'POST':
if get_sph_setting('django096compatibility'):
reqdata = request.POST.copy()
reqdata.update(request.FILES)
form = AttachmentForm(reqdata)
else:
form = AttachmentFormNew(request.POST, request.FILES)
if form.is_valid():
attachment = form.save(commit=False)
snip = WikiSnip.objects.get(name__exact=snipName, group=group)
attachment.snip = snip
attachment.uploader = request.user
if get_sph_setting('django096compatibility'):
attachment.save_fileupload_file(
reqdata['fileupload']['filename'],
reqdata['fileupload']['content'])
attachment.save()
return HttpResponseRedirect(snip.get_absolute_attachmenturl())
else:
form = AttachmentFormNew(instance=attachment)
return render_to_response('sphene/sphwiki/editAttachment.html', {
'form': form,
'snipName': snipName,
},
context_instance=RequestContext(request))
def admin_posts_delete(request, group, user_id):
posts = Post.objects.filter(author=user_id)
if posts:
if not posts[0].allow_hiding():
raise PermissionDenied()
for post in posts:
post.hide()
messages.success(request, message=ugettext(u'All posts deleted'))
else:
messages.success(request, message=ugettext(u'No posts to delete'))
return HttpResponseRedirect(
sph_reverse('sphboard_admin_user_posts', kwargs={'user_id': user_id}))
def attachment(request, group, snipName):
snip = WikiSnip.objects.get(name__exact=snipName, group=group)
if not snip.has_view_permission():
raise PermissionDenied()
res = WikiAttachment.objects.filter(snip=snip)
return object_list(request=request,
queryset=WikiAttachment.objects.filter(snip=snip),
template_name='sphene/sphwiki/listAttachments.html',
extra_context={'snipName': snipName,
'snip': snip,
},
allow_empty=True)
def admin_permission_rolegroup_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
if request.method == 'POST':
name = request.POST['name']
if name:
RoleGroup(group=group, name=name).save()
return HttpResponseRedirect(
sph_reverse('community_admin_permission_rolegroup_list'))
rolegroups = RoleGroup.objects.filter(group=group)
return render(request,
'sphene/community/admin/permission/rolegroup_list.html',
{'rolegroups': rolegroups})
def options(request, thread_id, group=None):
thread = Post.objects.get(pk=thread_id)
if request.REQUEST['cmd'] == 'makeSticky':
if not thread.allow_sticking(): raise PermissionDenied()
thread.set_sticky(True)
elif request.REQUEST['cmd'] == 'removeSticky':
if not thread.allow_sticking(): raise PermissionDenied()
thread.set_sticky(False)
elif request.REQUEST['cmd'] == 'toggleClosed':
if not thread.allow_locking(): raise PermissionDenied()
thread.set_closed(not thread.is_closed())
elif request.REQUEST['cmd'] == 'modifytags':
if not request.user.is_superuser: raise PermissionDenied()
from tagging.models import Tag
Tag.objects.update_tags(thread.get_threadinformation(), [
request.POST['tags'],
])
thread.save()
return HttpResponseRedirect(thread.get_absolute_url())
def move_post_1(request, group, post_id):
"""
Display list of categories where the post can be moved to.
"""
post_obj = Post.objects.get(pk=post_id)
if not post_obj.allow_moving_post():
raise PermissionDenied()
categories = get_all_viewable_categories(group, request.user)
categories = Category.objects.filter(pk__in=categories)
return render(request, "sphene/sphboard/move_post_1.html", {
'categories': categories,
'post': post_obj
})
def history(request, group, snipName):
snip = get_object_or_404(WikiSnip, group=group, name=snipName)
if not snip.has_view_permission():
raise PermissionDenied()
return object_list(
request=request,
queryset=snip.wikisnipchange_set.order_by('-edited'),
template_name='sphene/sphwiki/history.html',
allow_empty=True,
extra_context={
'snipName': snipName,
'snip': snip,
},
)
def get(self, request, group=None, thread_id=None, **kwargs):
assert group
self.thread = thread = get_object_or_404(Post.objects, pk=thread_id)
if not thread.category.has_view_permission(request.user):
raise PermissionDenied()
thread.viewed(request.session, request.user)
sphdata = get_current_sphdata()
if sphdata is not None:
sphdata['subtitle'] = thread.subject
category_type = thread.category.get_category_type()
self.template_name = category_type.get_show_thread_template()
return super().get(request, **kwargs)
def generatePDF(request, group, snipName):
if not hasattr(settings, 'SPH_SETTINGS'):
return HttpResponse(ugettext('Not configured.'))
snip = get_object_or_404(WikiSnip, group=group, name=snipName)
if not snip.has_view_permission():
raise PermissionDenied()
try:
contents = open(snip.pdf_get(), 'rb').read()
except Exception, e:
import logging
logging.exception('Error while generating PDF file.')
#return HttpResponse(ugettext('Error while generating PDF file. %(error)s') % \
# { 'error': str(e) })
raise e
def admin_permission_role_edit(request, group, role_id=None):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = None
if role_id:
role = get_object_or_404(Role, pk=role_id)
if request.method == 'POST':
form = EditRoleForm(request.POST)
if form.is_valid():
data = form.cleaned_data
r = role
if not r:
r = Role(group=group)
r.name = data['name']
r.save()
# Delete old flags
r.permission_flags.clear()
# Add all flags
for flag_name in data['permission_flags']:
r.permission_flags.add(
PermissionFlag.objects.get(name=flag_name))
r.save()
messages.success(request,
message=ugettext(u'Successfully saved role.'))
return HttpResponseRedirect(r.get_absolute_memberlisturl())
else:
form = EditRoleForm()
if role:
form.fields['name'].initial = role.name
form.fields['permission_flags'].initial = [
flag.name for flag in role.permission_flags.all()
]
return render_to_response(
'sphene/community/admin/permission/role_edit.html', {
'form': form,
},
context_instance=RequestContext(request))
def delete_moved_info(request, group, pk):
""" Delete information about moved thread
"""
th = get_object_or_404(ThreadInformation, pk=pk)
if not th.allow_deleting_moved(request.user):
raise PermissionDenied()
if request.method == 'POST' and 'delete-th' in request.POST.keys():
back_url = th.category.get_absolute_url()
th.delete()
messages.success(
request,
message=ugettext(
u'Information about moved thread has been deleted'))
return HttpResponseRedirect(back_url)
return render(request, "sphene/sphboard/delete_moved_info.html",
{'th': th})
def annotate(request, group, post_id):
post = Post.objects.get(pk=post_id)
thread = post.get_thread()
if not thread.allow_annotating():
raise PermissionDenied()
annotation = None
if post.is_annotated():
try:
annotation = post.annotation.get()
except PostAnnotation.DoesNotExist:
# Ignore for now ..
pass
if request.method == 'POST':
form = AnnotateForm(request.POST)
if form.is_valid():
data = form.cleaned_data
if annotation is None:
annotation = PostAnnotation(post=post, )
annotation.body = data['body']
annotation.hide_post = data['hide_post']
annotation.markup = data['markup']
annotation.save()
messages.success(request,
message=ugettext(u'Annotated a users post.'))
return HttpResponseRedirect(post.get_absolute_url())
else:
form = AnnotateForm()
if annotation is not None:
form.fields['body'].initial = annotation.body
form.fields['hide_post'].initial = annotation.hide_post
if 'markup' in form.fields:
form.fields['markup'].initial = annotation.markup
return render_to_response("sphene/sphboard/annotate.html", {
'thread': thread,
'post': post,
'form': form,
},
context_instance=RequestContext(request))
def show_active_monitors(context, profile_user):
user = context['user']
request = context['request']
if user==profile_user:
monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0),
user = profile_user,
group = get_current_group()
)
else:
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0),
user = profile_user,
group = get_current_group()
)
return {'monitors':monitors,
'request':request,
'is_current_user':user==profile_user}
def admin_permission_role_member_list(request, group, role_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = get_object_or_404(Role, pk=role_id)
members = role.rolemember_set.all()
if 'cmd' in request.GET and request.GET['cmd'] == 'remove':
memberid = request.GET['id']
role_member = RoleMember.objects.get(pk=memberid)
role_member.delete()
messages.success(
request, message=ugettext(u'Successfully deleted role member.'))
return HttpResponseRedirect(role.get_absolute_memberlisturl())
return render(request,
'sphene/community/admin/permission/role_member_list.html', {
'members': members,
'role': role
})
def admin_users(request, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
orderby = request.GET.get('orderby', 'username')
users = User.objects.filter(is_superuser=False).order_by(orderby)
search_qs = {}
search_form = UsersSearchForm()
if request.GET.has_key('search'):
search_form = UsersSearchForm(request.GET)
if search_form.is_valid():
username = search_form.cleaned_data['username']
if username:
search_params = Q(username__istartswith=username) | Q(
first_name__istartswith=username) | Q(
last_name__istartswith=username) | Q(
email__istartswith=username)
users = users.filter(search_params)
search_qs = urlencode(search_form.cleaned_data)
template_name = 'sphene/community/admin/users_list.html'
context = {
'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS,
'search_qs': search_qs,
'search_form': search_form,
'orderby': orderby
}
res = object_list(
request=request,
queryset=users,
template_name=template_name,
template_object_name='sphuser',
allow_empty=True,
extra_context=context,
paginate_by=10,
)
return res
def hide(request, group, post_id):
""" Delete post by setting is_hidden=True
(annotate method above allows to hide content of the post but leaves it in thread)
"""
post_obj = get_object_or_404(Post, pk=post_id)
thread = post_obj.get_thread()
if not post_obj.allow_hiding():
raise PermissionDenied()
if request.method == 'POST' and 'hide-post' in request.POST.keys():
post_obj.hide()
messages.success(request, message=ugettext(u'Post deleted'))
if post_obj == thread:
return HttpResponseRedirect(post_obj.category.get_absolute_url())
return HttpResponseRedirect(thread.get_absolute_url())
return render(request, "sphene/sphboard/hide.html", {
'thread': thread,
'post': post_obj
})
def admin_permission_role_member_add(request, group, role_id, addgroup=False):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = get_object_or_404(Role, pk=role_id)
if addgroup:
EditForm = EditRoleGroupMemberForm
else:
EditForm = EditRoleMemberForm
if request.method == 'POST':
form = EditForm(group=group, data=request.POST)
if form.is_valid():
data = form.cleaned_data
role_member = RoleMember(
role=role,
user=data.get('user', None),
rolegroup=data.get('rolegroup', None),
has_limitations=data['has_limitations'],
)
role_member.save()
if data['has_limitations']:
limitation = RoleMemberLimitation(
role_member=role_member,
object_type=data['object_type'],
object_id=data['object'],
)
limitation.save()
messages.success(request,
message=ugettext(u'Successfully added member.'))
return HttpResponseRedirect(role.get_absolute_memberlisturl())
else:
form = EditForm(group=group)
return render_to_response(
'sphene/community/admin/permission/role_member_add.html', {
'form': form,
'role': role,
},
context_instance=RequestContext(request))
def admin_user_posts(request, group, user_id):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
user = get_object_or_404(User, pk=user_id)
orderby = request.GET.get('orderby', '-postdate')
post_list = Post.objects.filter(author=user).order_by(orderby)
template_name = 'sphene/sphboard/admin_user_posts.html'
context = {'author': user, 'orderby': orderby}
res = object_list(
request=request,
queryset=post_list,
template_name=template_name,
template_object_name='post',
extra_context=context,
allow_empty=True,
paginate_by=10,
)
return res
def votereply(request, group, reply_id):
reply = Post.objects.get( pk = reply_id )
question = reply.get_thread()
qext = question.sphquestions_ext.get()
if reply.author == request.user and question.author != reply.author:
# Users are not allowed to vote for their own replies.
raise PermissionDenied()
AnswerVoting(user = request.user,
answer = reply,
question = qext,
rating = 5).save()
answered = 1
if request.user == question.author:
answered = 3
if qext.answered < answered:
qext.answered = answered
qext.save()
return HttpResponseRedirect(reply.get_absolute_url())
def toggle_monitor(request,
group,
monitortype,
object_id,
monitor_user_id=None):
if not request.user.is_authenticated():
raise PermissionDenied()
obj = None
if monitortype == 'group':
obj = group
object_id = 0
elif monitortype == 'category':
obj = Category.objects.get(pk=object_id)
elif monitortype == 'thread':
obj = Post.objects.get(pk=object_id)
new_monitor = None
if monitor_user_id:
monitor_user = User.objects.get(pk=monitor_user_id)
new_monitor = obj.toggle_monitor(user=monitor_user)
else:
new_monitor = obj.toggle_monitor()
if new_monitor:
messages.success(
request,
message=ugettext(
u'Successfully created email notification monitor.'))
else:
messages.success(
request, message=ugettext(u'Removed email notification monitor.'))
if 'next' in request.GET:
return HttpResponseRedirect(request.GET['next'])
if monitortype == 'group':
return HttpResponseRedirect(sph_reverse('sphboard-index'))
return HttpResponseRedirect(obj.get_absolute_url())
