def follower_invite_trusted(followed, follower, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) if follower == followed: raise action_error(_('may not follow yourself'), code=400) #if followed in follower.following: if follower.is_following(followed): raise action_error(_('already following'), code=400) if follower.is_follow_trusted_inviter(followed): raise action_error(_('already invited to follow as trusted')) follow = Follow() follow.member = followed follow.follower = follower follow.type = 'trusted_invite' Session.add(follow) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) follower.send_notification( messages.follow_invite_trusted(member=followed, you=follower)) return True
def withdraw_assignemnt(assignment, member, delay_commit=False): member = get_member(member) assignment = get_content(assignment) if not member: raise action_error(_("cant find user"), code=404) if not assignment: raise action_error(_("cant find assignment"), code=404) try: assignment_accepted = Session.query(MemberAssignment).filter_by( member_id=member.id, content_id=assignment.id, status="accepted").one() assignment_accepted.status = "withdrawn" #Session.update(assignment_accepted) Session.commit() #invalidate_accepted_assignment(member) assignment.creator.send_notification( messages.assignment_interest_withdrawn(member=member, assignment=assignment, you=assignment.creator)) return True except: pass return False
def respond_assignment(parent_content, member, delay_commit=False): """ When creating a response, the accepted record should be flagged as responded """ member = get_member(member) parent_content = get_content(parent_content) if not member: raise action_error(_("cant find user"), code=404) if not parent_content: raise action_error(_("cant find parent content"), code=404) if parent_content.__type__ != 'assignment': return # Nothing to do if parent is not assignment try: # upgrade an 'accepted' record to 'responded' member_assignment = Session.query(MemberAssignment).filter_by( member_id=member.id, content_id=parent_content.id).one() member_assignment.status = "responded" except: # otherwise create 'responded' record member_assignment = MemberAssignment() member_assignment.content = parent_content member_assignment.member = member #assignment_accepted.member_id = member.id member_assignment.status = "responded" Session.add(member_assignment) if not delay_commit: Session.commit() #invalidate_accepted_assignment(member) return True
def follower_trust(followed, follower, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) if not follower.is_following(followed): raise action_error(_('not currently following'), code=400) follow = Session.query(Follow).filter( Follow.member_id == followed.id).filter( Follow.follower_id == follower.id).one() if follow.type == 'normal': follow.type = 'trusted' elif follow.type == 'trusted_invite': raise action_error(_('follower still has pending invite'), code=400) elif follow.type == 'trusted': raise action_error(_('follower already trusted'), code=400) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) follower.send_notification( messages.follower_trusted(member=followed, you=follower)) return True
def unfollow(follower, followed, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) #if followed not in follower.following: # GregM: can unfollow to remove trusted invite if not follower.is_following( followed) and not follower.is_follow_trusted_inviter(followed): raise action_error(_('not currently following'), code=400) #follower.following.remove(followed) follow = Session.query(Follow).filter( Follow.member_id == followed.id).filter( Follow.follower_id == follower.id).one() Session.delete(follow) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) followed.send_notification( messages.follow_stop(member=follower, you=followed)) return True
def rate_content(content, member, rating): content = get_content(content) member = get_member(member) rating_value = int(rating) if not content: raise action_error(_('unable to find content'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if rating and rating_value < 0 or rating_value > 5: raise action_error(_("Ratings can only be in the range 0 to 5"), code=400) # remove any existing ratings # we need to commit after removal, otherwise SQLAlchemy # will optimise remove->add as modify-existing, and the # SQL trigger will break try: existing = Session.query(Rating).filter( Rating.content == content).filter(Rating.member == member).one() Session.delete(existing) Session.commit() except NoResultFound: pass # rating = 0 = remove vote # add a new one if rating_value > 0: r = Rating() r.content = content r.member = member r.rating = rating_value Session.add(r) Session.commit()
def accept_assignment(assignment, member, status="accepted", delay_commit=False): member = get_member(member) assignment = get_content(assignment) if not member: raise action_error(_("cant find user"), code=404) if not assignment: raise action_error(_("cant find assignment"), code=404) if not issubclass(assignment.__class__, AssignmentContent): raise action_error(_("only _assignments can be accepted"), code=400) # all permissins hendled by controler action - so this is unneeded here #if not assignment.viewable_by(c.logged_in_persona): # raise action_error(_('_assignment is not visible to your user and therefor cannot be accepted'), code=403) if assignment_previously_accepted_by(assignment, member): raise action_error(_( '_assignment has been previously accepted and cannot be accepted again' ), code=400) #if assignment.creator == member: # raise action_error(_("cannot accept your own _assignment"), code=400) assignment_accepted = MemberAssignment() assignment.assigned_to.append(assignment_accepted) assignment_accepted.member = member assignment_accepted.status = status Session.add(assignment_accepted) if not delay_commit: Session.commit() #invalidate_accepted_assignment(member) if status == "accepted": assignment.creator.send_notification( messages.assignment_accepted(member=member, assignment=assignment, you=assignment.creator)) if status == "pending": member.send_notification( messages.assignment_invite(member=assignment.creator, assignment=assignment, you=member)) return True
def remove_member(group, member, delay_commit=False): group = get_group(group) member = get_member(member) membership = get_membership(group, member) if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if not membership: raise action_error(_('not a member of group'), code=400) # AllanC - permissions moved to controller #if member!=c.logged_in_persona and not group.is_admin(c.logged_in_persona): # raise action_error('current user has no permissions for this group', 403) #AllanC - integrety moved to model #if membership.role=="admin" and num_admins<=1: # raise action_error('cannot remove last admin', 400) # Notifications if membership.status == "active": # member removed from pylons import tmpl_context as c if member != c.logged_in_user: membership.member.send_notification( messages.group_remove_member_to_member(admin=c.logged_in_user, group=group)) group.send_notification( messages.group_remove_member_to_group(admin=c.logged_in_user, group=group, member=member)) elif membership.status == "invite": # invitation declined group.send_notification( messages.group_invitation_declined(member=member, group=group)) elif membership.status == "request": # request declined membership.member.send_notification( messages.group_request_declined(group=group)) Session.delete(membership) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return True
def set_role(group, member, role, delay_commit=False): group = get_group(group) member = get_member(member) membership = get_membership(group, member) role = role or membership.role or group.default_role if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if not membership: raise action_error(_('not a member of group'), code=400) if role not in group_member_roles.enums: raise action_error('not a valid role', code=400) # AllanC - permisions moved to controller #if not group.is_admin(c.logged_in_persona): # raise action_error(_('no permissions for this group'), 403) # AllanC - integrtiy moved to model #if membership.role=="admin" and num_admins<=1: # raise action_error('cannot remove last admin', 400) from pylons import tmpl_context as c membership.role = role if membership.status == "request": membership.status = "active" member.send_notification( messages.group_request_accepted(admin=c.logged_in_user, group=group, you=member)) group.send_notification( messages.group_new_member(member=member, group=group)) else: group.send_notification( messages.group_role_changed(admin=c.logged_in_user, member=member, group=group, role=role)) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return True
def add_to_interests(member, content, delay_commit=False): content = get_content(content) member = get_member(member) if not content: raise action_error(_('unable to find content'), code=404) if not member: raise action_error(_('unable to find member'), code=404) #AllanC - TODO: humm ... if we have a duplicate entry being added it will error ... we want to suppress that error member.interest.append(content) # Could update "recomended" feed with new criteria? if not delay_commit: Session.commit() return True
def unboom_content(content, member, delay_commit=False): boom = has_boomed(content, member) if boom: Session.delete(boom) else: raise action_error(_( "%s has not boomed previously boomed this _content" % member), code=400) if not delay_commit: Session.commit()
def join_group(group, member, delay_commit=False): return_value = True group = get_group(group) member = get_member(member) membership = get_membership(group, member) if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member to add'), code=404) # AllanC - join permissions moved to controller if membership and membership.status == "invite": membership.status = "active" else: membership = GroupMembership() membership.group = group membership.member = member membership.role = group.default_role group.members_roles.append(membership) # If a join request if group.join_mode == "invite_and_request": membership.status = "request" return_value = "request" group.send_notification( messages.group_join_request(member=member, group=group)) # If user has actually become a member (open or reply to invite) then notify group if return_value == True: group.send_notification( messages.group_new_member(member=member, group=group)) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return return_value
def follow(follower, followed, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) if follower == followed: raise action_error(_('may not follow yourself'), code=400) #if followed in follower.following: if follower.is_following(followed): raise action_error(_('already following'), code=400) # AllanC - I wanted to use is_following and remove the following reference - but as this code is run by base test populator before the site is running it cant be # GregM: Change invite to follow if is invited, otherwise follow: if follower.is_follow_trusted_inviter(followed): follow = Session.query(Follow).filter( Follow.member_id == followed.id).filter( Follow.follower_id == follower.id).filter( Follow.type == 'trusted_invite').one() follow.type = 'trusted' else: #follower.following.append(followed) follow = Follow() follow.member = followed follow.follower = follower Session.add(follow) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) followed.send_notification( messages.followed_by(member=follower, you=followed)) return True
def invite(group, member, role, delay_commit=False): group = get_group(group) member = get_member(member) membership = get_membership(group, member) role = role or group.default_role if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if membership: raise action_error(_('already a member of group'), code=400) if role not in group_member_roles.enums: raise action_error('not a valid role', code=400) # AllanC - permissions moved to controller #if not group.is_admin(c.logged_in_persona): # raise action_error(_('no permissions for this group'), 403) membership = GroupMembership() membership.group = group membership.member = member membership.role = role membership.status = "invite" group.members_roles.append(membership) # Notification of invitation from pylons import tmpl_context as c member.send_notification( messages.group_invite(admin=c.logged_in_user, group=group, role=membership.role, you=member)) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return True
def boom_content(content, member, delay_commit=False): # Validation if content.private == True: raise action_error(_("cannot boom private content"), code=400) if has_boomed(content, member): raise action_error(_("You have previously boomed this _content"), code=400) boom = Boom() #boom.content_id = content.id #boom.member_id = member.id boom.content = content boom.member = member Session.add(boom) if not delay_commit: Session.commit() if content.__type__ == 'article': member.send_notification_to_followers( messages.boom_article(member=member, article=content)) elif content.__type__ == 'assignment': member.send_notification_to_followers( messages.boom_assignment(member=member, assignment=content))
def cb_qrcode(cb_url, **kwargs): if c.format == 'jpg': c.format = 'jpeg' kwargs['format'] = c.format if c.format in [ 'png', 'jpeg', 'gif', 'bmp', 'tiff' ] else 'png' kwargs['pixel_size'] = int(kwargs.get('pixel_size', 8)) kwargs['level'] = int(kwargs.get('level', qrencode.QR_ECLEVEL_M)) #kwargs['case_sensitive'] = kwargs.get('case_sensitive', False) try: qr_stream = qrcode_stream(cb_url, **kwargs) response.headers['Content-type'] = "image/%s" % kwargs['format'] return qr_stream except Exception as e: response.headers['Content-type'] = "text/html; charset=utf-8" raise action_error('error generating QRCode: %s' % e)
def set_payment_account(member, value, delay_commit=False): member = get_member(member) #account = None if isinstance(value, PaymentAccount): member.payment_account = value elif value in account_types.enums: if value == 'free': account = None else: account = PaymentAccount() account.type = value Session.add(account) member.payment_account = account else: raise action_error('unknown account type: %s' % value) if not delay_commit: Session.commit() return True
def error_view_permission(): return action_error( #status = 'error' , code = 403 , message = _('The _content you requested is not viewable') , )
def error_age(): return action_error( #status = 'error' , code = 403 , message = _('current user is not a suitable age to perform this operation') , )
def error_role(): return action_error( #status = 'error' , code = 403 , message = _('current persona does not posses the role required to perform this operation') , )
def error_account_level(): return action_error( #status = 'error' , code = 402 , message = _('operation requires account upgrade') , )
def _check_last_admin(self, member=None, membership=None): if not membership: membership = self.get_membership(member) if membership and membership.role == "admin" and self.num_admins <= 1: from civicboom.lib.web import action_error raise action_error('cannot remove last admin', code=400)
def upgrade_user_to_group(member_to_upgrade_to_group, new_admins_username, new_group_username=None): """ Only to be called by admins/power users This handled the migration of users to groups at an SQL level """ to_group = get_member(member_to_upgrade_to_group) admin_user = get_member(new_admins_username) # Validation if not to_group or to_group.__type__ != 'user': raise action_error('member_to_upgrade_to_group not a group', code=404) if get_member(new_group_username): raise action_error('new_group_username already taken', code=404) if admin_user: raise action_error('new_admins_username already taken', code=404) # Create new admin user admin_user = User() admin_user.id = new_admins_username admin_user.name = new_admins_username admin_user.status = 'active' admin_user.email = to_group.email admin_user.email_unverifyed = to_group.email_unverified Session.add(admin_user) Session.commit() # needs to be commited to get id sql_cmds = [] if new_group_username: sql_cmds += [ Member.__table__.update().where( Member.__table__.c.id == to_group.id).values( username=new_group_username), ] sql_cmds += [ # UPDATE member set username='******', __type__='group' WHERE id=533; Member.__table__.update().where(Member.__table__.c.id == to_group.id ).values(__type__='group'), # Reassign the login details from the old member to the new admin user UserLogin.__table__.update().where( UserLogin.__table__.c.member_id == to_group.id ).values(member_id=admin_user.id), # DELETE the matching user record that pairs with the member record User.__table__.delete().where(User.__table__.c.id == to_group.id), # INSERT matching group record to pair group name Group.__table__.insert().values(id=to_group.id, join_mode='invite', member_visibility='private', default_content_visibility='public', default_role='admin', num_members=1), # INSERT admin_user as as admin of the group GroupMembership.__table__.insert().values(group_id=to_group.id, member_id=admin_user.id, role='admin', status='active'), ] for sql_cmd in sql_cmds: Session.execute(sql_cmd) Session.commit()