def category_edit(user_id=None):
if user_id is None:
user_id = current_user.str_id
tid = request.argget.all('id')
ntype = request.argget.all('type')
name = request.argget.all('name')
# theme_name = get_config("theme", "CURRENT_THEME_NAME")
theme_name = g.get_config("theme", "CURRENT_THEME_NAME")
s1, v = short_str_verifi(name, "class_name")
s2, r2 = arg_verify(reqargs=[
(gettext("name"), name),
],
required=True,
max_len=int(get_config("category",
"CATEGORY_MAX_LEN")))
if not s1:
data = {"msg": v, "msg_type": "w", "custom_status": 422}
elif not s2:
data = r2
elif mdbs["web"].db.theme_category.find_one({
"_id": {
"$ne": ObjectId(tid)
},
"type": ntype,
"user_id": user_id,
"theme_name": theme_name,
"name": name
}):
data = {
"msg": gettext("Name already exists"),
"msg_type": "w",
"custom_status": 403
}
else:
r = mdbs["web"].db.theme_category.update_one(
{
"_id": ObjectId(tid),
"user_id": user_id
}, {"$set": {
"name": name
}})
if r.modified_count:
update_media_category_name.apply_async(kwargs={
"category_id": tid,
"new_name": name
})
data = {
"msg": gettext("Modify the success"),
"msg_type": "s",
"custom_status": 201
}
else:
data = {
"msg": gettext("No modification"),
"msg_type": "w",
"custom_status": 400
}
data["theme_name"] = theme_name
return data
def category_add(user_id=None):
if user_id is None:
user_id = current_user.str_id
ntype = request.argget.all('type')
name = request.argget.all('name', '')
s, r = arg_verify([(gettext("category type"), ntype)],
only=get_config("category", "CATEGORY_TYPE").values())
if not s:
return r
s1, v = short_str_verifi(name, "class_name")
s2, r2 = arg_verify(
reqargs=[
(gettext("name"), name), ], required=True, max_len=int(
get_config(
"category", "CATEGORY_MAX_LEN")))
if not s1:
data = {"msg": v, "msg_type": "w", "http_status": 422}
elif not s2:
data = r2
elif mdb_web.db.category.find_one({"type": ntype, "user_id": user_id, "name": name}):
data = {
"msg": gettext("Name already exists"),
"msg_type": "w",
"http_status": 403}
else:
mdb_web.db.category.insert_one(
{"type": ntype, "user_id": user_id, "name": name})
data = {
"msg": gettext("Add a success"),
"msg_type": "s",
"http_status": 201}
return data
def category_edit(user_id=None):
if user_id == None:
user_id = current_user.str_id
id = request.argget.all('id')
ntype = request.argget.all('type')
name = request.argget.all('name')
s1, v = short_str_verifi(name, "class_name")
s2, r2 = arg_verify(reqargs=[
(gettext("name"), name),
],
required=True,
max_len=int(get_config("category",
"CATEGORY_MAX_LEN")))
if not s1:
data = {"msg": v, "msg_type": "w", "http_status": 422}
elif not s2:
data = r2
elif mdb_web.db.category.find_one({
"_id": {
"$ne": ObjectId(id)
},
"type": ntype,
"user_id": user_id,
"name": name
}):
data = {
"msg": gettext("Name already exists"),
"msg_type": "w",
"http_status": 403
}
else:
r = mdb_web.db.category.update_one(
{
"_id": ObjectId(id),
"user_id": user_id
}, {"$set": {
"name": name
}})
if r.modified_count:
update_media_category_name(id, name)
data = {
"msg": gettext("Modify the success"),
"msg_type": "s",
"http_status": 201
}
else:
data = {
"msg": gettext("No modification"),
"msg_type": "w",
"http_status": 400
}
return data
def user_basic_edit():
"""
用户基础设置编辑
:return:
"""
username = request.argget.all('username')
custom_domain = request.argget.all('custom_domain', '')
editor = request.argget.all('editor')
# username
s, r = arg_verify(reqargs=[(gettext("username"), username)], required=True)
if not s:
return r
r, s = short_str_verifi(username, "username")
if not r:
data = {'msg': s, 'msg_type': "e", "custom_status": 422}
return data
update_data = {}
# custom_domain
if mdbs["user"].db.user.find_one({
"_id": current_user.id,
"custom_domain": -1
}) and custom_domain.strip():
r, s = ver_user_domainhacks(custom_domain)
if r:
update_data["custom_domain"] = custom_domain
else:
data = {'msg': s, 'msg_type': "e", "custom_status": 422}
return data
update_data["username"] = username
# editor
if editor and editor in ['rich_text', 'markdown']:
update_data["editor"] = editor
else:
data = {
'msg': gettext("The editor saves failure"),
'msg_type': "e",
"custom_status": 400
}
return data
update_data["update_time"] = time.time()
# 是否被使用
if mdbs["user"].db.user.find_one({
"_id": {
"$ne": current_user.id
},
"username": username
}):
data = {
'msg': gettext("Name has been used"),
'msg_type': "w",
"custom_status": 403
}
elif "custom_domain" in update_data.keys() \
and mdbs["user"].db.user.find_one({"_id": {"$ne": current_user.id}, "custom_domain": custom_domain}):
data = {
'msg': gettext("Domain has been used"),
'msg_type': "w",
"custom_status": 403
}
elif "custom_domain" in update_data.keys(
) and mdbs["user"].db.user.find_one({
"_id": current_user.id,
"custom_domain": {
"$ne": -1
}
}):
data = {
'msg': gettext("Personality custom domain cannot be modified"),
'msg_type': "w",
"custom_status": 400
}
else:
r = update_one_user(user_id=current_user.str_id,
updata={"$set": update_data})
if not r.modified_count:
data = {
'msg': gettext("No changes"),
'msg_type': "w",
"custom_status": 201
}
else:
delete_user_info_cache(user_id=current_user.str_id)
data = {
'msg': gettext("Update success"),
'msg_type': "s",
"custom_status": 201
}
return data
def comment_issue():
if not get_config("comment", "OPEN_COMMENT"):
data = {
"msg": gettext("Comment feature is not open"),
"msg_type": "w",
"custom_status": 401
}
return data
target_id = request.argget.all('target_id') # 目标ID指的是什么事件的评论
target_type = request.argget.all('target_type', "post")
content = request.argget.all('content')
reply_id = request.argget.all('reply_id') # 回复哪条评论
reply_user_id = request.argget.all('reply_user_id') # 回复的评论的用户ID
reply_username = request.argget.all('reply_username') # 回复的评论的用户名
s, r = arg_verify(reqargs=[(gettext("comment"), content)],
min_len=1,
max_len=int(get_config("comment", "MAX_LEN")))
if not s:
return r
s, r = arg_verify(reqargs=[("target_id", target_id),
("target_type", target_type)],
required=True)
if not s:
return r
if reply_id:
s, r = arg_verify(reqargs=[("reply_user_id", reply_user_id),
("reply_username", reply_username)],
required=True)
if not s:
return r
"""
查看最后一次评论时间
"""
tquery = {
"issue_time": {
"$gt": time.time() - int(get_config("comment", "INTERVAL"))
}
}
if current_user.is_authenticated:
user_id = current_user.str_id
username = current_user.username
email = None
tquery["user_id"] = user_id
elif get_config("comment", "TRAVELER_COMMENT"):
user_id = None
username = request.argget.all('username')
email = request.argget.all('email')
# 用户名格式验证
r, s = short_str_verifi(username)
if not r:
data = {'msg': s, 'msg_type': "e", "custom_status": 422}
return data
# 邮箱格式验证
r, s = email_format_ver(email)
if not r:
data = {'msg': s, 'msg_type': "e", "custom_status": 422}
return data
tquery["email"] = email
else:
data = {
"msg":
gettext(
"Guest reviews feature is not open, please login account comments"
),
"msg_type":
"w",
"custom_status":
401
}
return data
if mdbs["web"].db.comment.find(tquery).count(True) >= int(
get_config("comment", "NUM_OF_INTERVAL")):
# 频繁评论
data = {
"msg": gettext("You comment too often and come back later"),
"msg_type": "e",
"custom_status": 400
}
return data
target = None
if target_type == "post":
target = mdbs["web"].db.post.find_one({
"_id": ObjectId(target_id),
"issued": {
"$in": [1, True]
}
})
if not target:
data = {
"msg":
gettext("Articles do not exist or have not been published"),
"msg_type": "w",
"custom_status": 400
}
return data
target_user_id = str(target["user_id"])
target_brief_info = target["title"]
if not target:
data = {
"msg": gettext("Your comment goal does not exist"),
"msg_type": "w",
"custom_status": 400
}
return data
issue_time = time.time()
# 自动审核内容
r = content_inspection_text(content)
audit_score = r["score"]
audit_label = r["label"]
if r["label"] == "detection_off" or ("suggestion" in r
and r["suggestion"] == "review"):
# 未开启审核或无法自动鉴别, 等待人工审核
audited = 0
audit_way = "artificial"
elif r["label"] == "no_plugin":
# 没有检查插件
audited = 0
audit_way = "artificial"
else:
audit_label = r["label"]
audited = 1
audit_way = "auto"
comment = {
"target_id": str(target_id),
"target_user_id": target_user_id,
"target_brief_info": target_brief_info,
"type": target_type,
"user_id": user_id,
"username": username,
"email": email,
"content": content,
"issued": 1,
"audited": audited,
"audit_score": audit_score,
"audit_label": audit_label,
"audit_way": audit_way,
"audit_user_id": None,
"issue_time": issue_time,
"word_num": len(content),
"is_delete": 0,
"like_user_id": [],
"like": 0
}
if reply_id:
comment["reply_id"] = reply_id
comment["reply_user_id"] = reply_user_id
comment["reply_username"] = reply_username
r = mdbs["web"].db.comment.insert_one(comment)
# 如果已审核, 并且违规分数高于正常
if audited and audit_score >= get_config("content_inspection",
"ALLEGED_ILLEGAL_SCORE"):
# 通知评论不通过
msg_content = {"text": content}
insert_user_msg(
user_id=user_id,
ctype="notice",
label="audit_failure",
title=gettext("[Label:{}]Comment on alleged violations").format(
audit_label),
content=msg_content,
target_id=str(r.inserted_id),
target_type="comment")
elif audit_score < get_config("content_inspection",
"ALLEGED_ILLEGAL_SCORE"):
# 更新文章中的评论数目
if target_type == "post":
mdbs["web"].db.post.update_one({"_id": ObjectId(target_id)},
{"$inc": {
"comment_num": 1
}})
if current_user.is_authenticated:
# 评论正常才通知被评论用户
user_ids = [target_user_id]
if reply_id:
user_ids.append(reply_user_id)
user_ids = list(set(user_ids))
if user_id in user_ids:
user_ids.remove(user_id)
msg_content = {
"id": str(r.inserted_id),
"reply_id": reply_id,
"reply_user_id": reply_user_id,
"reply_username": reply_username,
"user_id": user_id,
"username": username,
"text": content
}
insert_user_msg(user_id=user_ids,
ctype="notice",
label="comment",
title=target_brief_info,
content=msg_content,
target_id=target_id,
target_type=target_type)
if current_user.is_authenticated:
data = {
"msg": gettext("Successful reviews"),
"msg_type": "s",
"custom_status": 201
}
else:
data = {
"msg": gettext("Success back, waiting for the system audit."),
"msg_type": "s",
"custom_status": 201
}
return data
def p_sign_up(username, password, password2, code, email=None, mobile_phone_number=None):
'''
普通用户注册函数
:return:
'''
data = {}
if current_user.is_authenticated:
data['msg'] = gettext("Is logged in")
data["msg_type"] = "s"
data["http_status"] = 201
data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO")
return data
# 用户名格式验证
s1, r1 = short_str_verifi(username, project="username")
# 密码格式验证
s2, r2 = password_format_ver(password)
if not s1:
data = {'msg':r1, 'msg_type':"e", "http_status":422}
elif mdb_user.db.user.find_one({"username": username}):
# 是否存在用户名
data = {'msg': gettext("Name has been used"), 'msg_type': "w", "http_status": 403}
elif not s2:
data = {'msg': r2, 'msg_type': "e", "http_status": 400}
return data
elif password2 != password:
# 检验两次密码
data = {'msg': gettext("The two passwords don't match"), 'msg_type': "e", "http_status": 400}
if data:
return data
if email:
# 邮件注册
# 邮箱格式验证
s, r = email_format_ver(email)
if not s:
data = {'msg':r, 'msg_type':"e", "http_status":422}
elif mdb_user.db.user.find_one({"email": email}):
# 邮箱是否注册过
data = {'msg': gettext("This email has been registered in the site oh, please login directly."),
'msg_type': "w", "http_status": 403}
if data:
return data
# 检验验证码
r = verify_code(code=code, email=email)
if not r:
data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401}
return data
elif mobile_phone_number:
# 手机注册
s, r = mobile_phone_format_ver(mobile_phone_number)
if not s:
data = {'msg': r, 'msg_type': "e", "http_status": 422}
elif mdb_user.db.user.find_one({"mphone_num": mobile_phone_number}):
# 手机是否注册过
data = {'msg': gettext("This number has been registered in the site oh, please login directly."),
'msg_type': "w", "http_status": 403}
if data:
return data
# 检验验证码
r = verify_code(code=code, tel_number=True)
if not r:
data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401}
return data
if not data:
# 用户基本信息
role_id = mdb_user.db.role.find_one({"default":{"$in":[True, 1]}})["_id"]
user = user_model(username=username,
email=email,
mphone_num = mobile_phone_number,
password=password,
custom_domain=-1,
role_id=str(role_id),
active=True)
r = mdb_user.db.user.insert_one(user)
if r.inserted_id:
if email:
# 发送邮件
subject = gettext("Registration success notification")
body = "Welcome to register <b>{}</b>.<br><a>{}</a> registered the account successfully.".format(
get_config("site_config", "APP_NAME"),
email
)
data = {"title": subject,
"body": body,
"other_info": gettext("End"),
}
html = get_email_html(data)
send_email(subject=subject,
recipients=[email],
html_msg=html)
elif mobile_phone_number:
# 发送短信
content = "[{}] Successful registration account.".format(
get_config("site_config", "APP_NAME"))
send_mobile_msg(mobile_phone_number, content)
data = {'msg':gettext('Registered successfully'),
'to_url':'/sign-in',
'msg_type':'s',"http_status":201}
else:
data = {'msg': gettext('Data saved incorrectly, please try again'),
'msg_type': 'e', "http_status": 201}
return data
return data
def add_user():
email = request.argget.all('email')
mobile_phone_number = str_to_num(
request.argget.all('mobile_phone_number', 0))
username = request.argget.all('username', '').strip()
password = request.argget.all('password', '').strip()
password2 = request.argget.all('password2', '').strip()
data = {}
# 用户名格式验证
s1, r1 = short_str_verifi(username, project="username")
# 密码格式验证
s2, r2 = password_format_ver(password)
if not s1:
data = {'msg': r1, 'msg_type': "e", "custom_status": 422}
elif mdbs["user"].db.user.find_one({"username": username}):
# 是否存在用户名
data = {
'msg': gettext("Name has been used"),
'msg_type': "w",
"custom_status": 403
}
elif not s2:
data = {'msg': r2, 'msg_type': "e", "custom_status": 400}
return data
elif password2 != password:
# 检验两次密码
data = {
'msg': gettext("The two passwords don't match"),
'msg_type': "e",
"custom_status": 400
}
if data:
return data
if email:
# 邮件注册
# 邮箱格式验证
s, r = email_format_ver(email)
if not s:
data = {'msg': r, 'msg_type': "e", "custom_status": 422}
elif mdbs["user"].db.user.find_one({"email": email}):
# 邮箱是否注册过
data = {
'msg':
gettext(
"This email has been registered in the site oh, please login directly."
),
'msg_type':
"w",
"custom_status":
403
}
if data:
return data
elif mobile_phone_number:
# 手机注册
s, r = mobile_phone_format_ver(mobile_phone_number)
if not s:
data = {'msg': r, 'msg_type': "e", "custom_status": 422}
elif mdbs["user"].db.user.find_one({"mphone_num":
mobile_phone_number}):
# 手机是否注册过
data = {
'msg':
gettext(
"This number has been registered in the site oh, please login directly."
),
'msg_type':
"w",
"custom_status":
403
}
if data:
return data
if not data:
# 用户基本信息
role_id = mdbs["user"].db.role.find_one(
{"default": {
"$in": [True, 1]
}})["_id"]
if not email:
email = None
if not mobile_phone_number:
mobile_phone_number = None
user = user_model(username=username,
email=email,
mphone_num=mobile_phone_number,
password=password,
custom_domain=-1,
role_id=str(role_id),
active=True,
is_adm_add_user=True)
r = insert_one_user(updata=user)
if r.inserted_id:
if email:
# 发送邮件
subject = gettext("Registration success notification")
body = [
gettext("Welcome to register {}.").format(
get_config("site_config", "APP_NAME")),
gettext("{} registered the account successfully.").format(
email)
]
data = {
"title": subject,
"body": body,
"username": username,
"site_url": get_config("site_config", "SITE_URL")
}
html = get_email_html(data)
msg = {
"subject": subject,
"recipients": [email],
"html_msg": html
}
send_email(msg=msg, ctype="nt")
elif mobile_phone_number:
# 发送短信
content = gettext(
"[{}] Successful registration account.").format(
get_config("site_config", "APP_NAME"))
send_mobile_msg(mobile_phone_number, content)
data = {
'msg': gettext('Added successfully'),
'msg_type': 's',
"custom_status": 201
}
return data
def profile_update():
'''
用户信息更新
:return:
'''
gender = request.argget.all('gender', 'secret')
birthday = request.argget.all('birthday')
homepage = request.argget.all('homepage')
address = json_to_pyseq(request.argget.all('address', {}))
info = request.argget.all('info')
if len(birthday) != 8:
data = {
'msg':
gettext("The date of birth requires an 8-digit date,Such as '{}'").
format(time_to_utcdate(tformat="%Y%m%d")),
'msg_type':
"e",
"http_status":
400
}
return data
birthday = int(birthday)
s, r = arg_verify(reqargs=[(gettext(gettext("gender")), gender)],
only=["secret", "m", "f"])
if not s:
return r
addr_keys = ['countries', 'provinces', 'city', 'district', 'detailed']
for k, v in address.items():
if not (k in addr_keys) or not isinstance(v, str):
data = {
'msg':
gettext(
"Address format is not in conformity with the requirements"
),
'msg_type':
"e",
"http_status":
400
}
return data
if homepage:
s, r = url_format_ver(homepage)
if not s:
return {"msg": r, "msg_type": "w", "http_status": 403}
s, r = short_str_verifi(short_str=info, allow_special_chart=True)
if not s:
data = {'msg': r, 'msg_type': "w", "http_status": 400}
return data
update_data = {
'gender': gender,
'homepage': homepage,
'introduction': info,
'birthday': birthday,
'address': address
}
r = mdb_user.db.user.update_one({"_id": current_user.id},
{"$set": update_data})
if r.modified_count:
# 清理user信息数据缓存
delete_user_info_cache(user_id=current_user.str_id)
data = {
'msg': gettext("Update succeed"),
'msg_type': "s",
"http_status": 201
}
else:
data = {
'msg': gettext("No changes"),
'msg_type': "w",
"http_status": 201
}
return data
