def siteadmin_comments_spam(self):
if not (current_auth.user.is_comment_moderator
or current_auth.user.is_user_moderator):
return abort(403)
comment_spam_form = Form()
comment_spam_form.form_nonce.data = comment_spam_form.form_nonce.default(
)
if comment_spam_form.validate_on_submit():
comments = Comment.query.filter(
Comment.uuid_b58.in_(request.form.getlist('comment_id')))
for comment in comments:
CommentModeratorReport.submit(actor=current_auth.user,
comment=comment)
db.session.commit()
flash(_("Comment(s) successfully reported as spam"),
category='info')
else:
flash(
_("There was a problem marking the comments as spam. Please try again"
),
category='error',
)
return redirect(url_for('siteadmin_comments'))
def playlist_delete(channel, playlist):
if request.method == 'GET':
return {'playlist': dict(playlist.current_access())}
form = Form()
if form.validate_on_submit():
db.session.delete(playlist)
db.session.commit()
return {'status': 'ok', 'doc': _("Deleted playlist {title}.".format(title=playlist.title)), 'result': {}}
return {'status': 'error', 'errors': {'error': form.errors}}, 400
def delete(self):
form = Form()
if request.method == 'POST':
if form.validate_on_submit():
previous_membership = self.obj
if previous_membership.user == current_auth.user:
return {
'status':
'error',
'error_description':
_("You can’t revoke your own membership"),
'form_nonce':
form.form_nonce.data,
}
if previous_membership.is_active:
previous_membership.revoke(actor=current_auth.user)
db.session.commit()
dispatch_notification(
OrganizationAdminMembershipRevokedNotification(
document=previous_membership.organization,
fragment=previous_membership,
))
return {
'status':
'ok',
'message':
_("The member has been removed"),
'memberships': [
membership.current_access(datasets=('without_parent',
'related'))
for membership in
self.obj.organization.active_admin_memberships
],
}
else:
return (
{
'status': 'error',
'errors': form.errors,
'form_nonce': form.form_nonce.data,
},
400,
)
form_html = render_form(
form=form,
title=_("Confirm removal"),
message=_("Remove {member} as an admin from {profile}?").format(
member=self.obj.user.fullname,
profile=self.obj.organization.title),
submit=_("Remove"),
ajax=False,
with_chrome=False,
)
return {'form': form_html}
def video_delete(channel, playlist, video):
"""
Delete video
"""
if request.method == 'GET':
return {'video': dict(video.current_access())}
form = Form()
if form.validate_on_submit():
db.session.delete(video)
db.session.commit()
return {'status': 'ok', 'doc': _("Delete video {title}.".format(title=video.title)), 'result': {}}
return {'status': 'error', 'errors': {'error': form.errors}}, 400
def video_playlist_add(channel, playlist, video):
form = Form()
if form.validate_on_submit():
if video not in playlist.videos:
playlist.videos.append(video)
db.session.commit()
cache.delete('data/featured-channels')
message = "Added video to playlist"
else:
message = "This video is already in that playlist"
return {'status': 'ok', 'doc': _(message), 'result': {'url': playlist.url_for()}}
else:
message = _("CSRF validation failed. Please reload this page and try again.")
return {'status': 'error', 'errors': {'error': [message]}}, 400
def reopen(domain, hashid, key):
post = JobPost.query.filter_by(hashid=hashid).first_or_404()
if not post:
abort(404)
if not post.admin_is(g.user):
abort(403)
# Only closed posts can be reopened
if not post.is_closed():
flash("Your job post can't be reopened.", "info")
return redirect(post.url_for(), code=303)
form = Form()
if form.validate_on_submit():
post.confirm()
post.closed_datetime = datetime.utcnow()
db.session.commit()
return redirect(post.url_for(), code=303)
return render_template("reopen.html", post=post, form=form)
def reopen(domain, hashid, key):
post = JobPost.query.filter_by(hashid=hashid).first_or_404()
if not post:
abort(404)
if not post.admin_is(g.user):
abort(403)
# Only closed posts can be reopened
if not post.is_closed():
flash("Your job post can't be reopened.", "info")
return redirect(post.url_for(), code=303)
form = Form()
if form.validate_on_submit():
post.confirm()
post.closed_datetime = datetime.utcnow()
db.session.commit()
return redirect(post.url_for(), code=303)
return render_template("reopen.html", post=post, form=form)
def close(domain, hashid, key):
post = JobPost.get(hashid)
if not post:
abort(404)
if not post.admin_is(g.user):
abort(403)
if request.method == 'GET' and post.is_closed():
return redirect(post.url_for('reopen'), code=303)
if not post.is_public():
flash("Your job post can't be closed.", "info")
return redirect(post.url_for(), code=303)
form = Form()
if form.validate_on_submit():
post.close()
post.closed_datetime = datetime.utcnow()
db.session.commit()
return redirect(post.url_for(), code=303)
return render_template("close.html", post=post, form=form)
def reopen(domain, hashid, key):
post = JobPost.query.filter_by(hashid=hashid).first_or_404()
if not post:
abort(404)
if not post.admin_is(g.user):
abort(403)
# Only closed posts can be reopened
if not post.state.CLOSED:
flash("Your job post can't be reopened.", "info")
return redirect(post.url_for(), code=303)
form = Form()
if form.validate_on_submit():
post.reopen()
db.session.commit()
# cache bust
# dogpile.invalidate_region('hasjob_index')
return redirect(post.url_for(), code=303)
return render_template("reopen.html.jinja2", post=post, form=form)
def close(domain, hashid, key):
post = JobPost.get(hashid)
if not post:
abort(404)
if not post.admin_is(g.user):
abort(403)
if request.method == 'GET' and post.is_closed():
return redirect(post.url_for('reopen'), code=303)
if not post.is_public():
flash("Your job post can't be closed.", "info")
return redirect(post.url_for(), code=303)
form = Form()
if form.validate_on_submit():
post.close()
post.closed_datetime = datetime.utcnow()
db.session.commit()
return redirect(post.url_for(), code=303)
return render_template("close.html", post=post, form=form)
def video_remove(channel, playlist, video):
"""
Remove video from playlist
"""
if request.method == 'GET':
return {'playlist': dict(playlist.current_access()), 'video': dict(video.current_access())}
if playlist not in video.playlists:
return {'status': 'error', 'errors': {'error': ['Video not playlist and cannot be removed']}}, 400
# If this is the primary playlist for this video, refuse to remove it.
if playlist == video.playlist:
return {'status': 'error', 'errors': {'error': ['Videos cannot be removed from their primary playlist']}}, 400
form = Form()
if form.validate_on_submit():
connection = PlaylistVideo.query.filter_by(playlist_id=playlist.id, video_id=video.id).first_or_404()
db.session.delete(connection)
db.session.commit()
return {'status': 'ok', 'doc': _("Remove video {video} from {playlist}.".format(video=video.title, playlist=playlist.title)), 'result': {}}
return {'status': 'error', 'errors': {'error': form.errors}}, 400
def close(domain, hashid, key):
post = JobPost.get(hashid)
if not post:
abort(404)
if not post.admin_is(g.user):
abort(403)
if request.method == 'GET' and post.state.CLOSED:
return redirect(post.url_for('reopen'), code=303)
if not post.state.PUBLIC:
flash("Your job post can't be closed.", "info")
return redirect(post.url_for(), code=303)
form = Form()
if form.validate_on_submit():
post.close()
db.session.commit()
flash(post.close.data['message'], "success")
# cache bust
# dogpile.invalidate_region('hasjob_index')
return redirect(post.url_for(), code=303)
return render_template("close.html.jinja2", post=post, form=form)
def delete(self):
delcommentform = Form()
if delcommentform.validate_on_submit():
commentset = self.obj.commentset
self.obj.delete()
commentset.count = Commentset.count - 1
db.session.commit()
return {
'status': 'ok',
'message': _("Your comment has been deleted"),
'comments': self.obj.commentset.views.json_comments(),
}
delcommentform_html = render_form(
form=delcommentform,
title='Delete this comment?',
submit=_("Delete"),
ajax=False,
with_chrome=False,
)
return {'form': delcommentform_html}
def delete(self):
form = Form()
if request.method == 'POST':
if form.validate_on_submit():
previous_membership = self.obj
if previous_membership.is_active:
previous_membership.revoke(actor=current_auth.user)
signals.project_crew_membership_revoked.send(
self.obj.project,
project=self.obj.project,
membership=previous_membership,
actor=current_auth.user,
user=previous_membership.user,
)
db.session.commit()
return {
'status':
'ok',
'message':
_("The member has been removed"),
'memberships': [
membership.current_access(datasets=('without_parent',
'related')) for
membership in self.obj.project.active_crew_memberships
],
}
else:
return ({'status': 'error', 'errors': form.errors}, 400)
form_html = render_form(
form=form,
title=_("Confirm removal"),
message=_("Remove {member} as a crew member from this project?").
format(member=self.obj.user.fullname),
submit=_("Remove"),
ajax=False,
with_chrome=False,
)
return {'form': form_html}