def rss(request):
num_posts = 10
num_nexus = 10
session = DBSession()
posts = session.query(Post).join(User).order_by(desc(Post.created_time)).limit(num_posts)
nexus = session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)).limit(num_nexus)
items = []
# add a link to each item
newPosts = []
for post in posts:
link = "http://fluidnexus.net/blog/post/" + str(post.id)
setattr(post, "link", link)
setattr(post, "guid", link)
setattr(post, "categories", ["blog"])
newPosts.append(post)
[items.append(post) for post in newPosts]
newNexus = []
for message in nexus:
link = "http://fluidnexus.net/nexus"
setattr(message, "link", link)
setattr(message, "guid", message.message_hash)
setattr(message, "categories", ["nexus"])
newNexus.append(message)
[items.append(message) for message in newNexus]
items = sorted(items, key=attrgetter("created_time"), reverse = True)
rssItems = []
for item in items:
rssItem = PyRSS2Gen.RSSItem(title = item.title,
description = textile.textile(item.content),
pubDate = datetime.datetime.fromtimestamp(item.created_time),
link = item.link,
guid = PyRSS2Gen.Guid(item.guid),
categories = item.categories,
author = item.user.username)
rssItems.append(rssItem)
rss = PyRSS2Gen.RSS2(
title = "Fluid Nexus RSS Feed",
link = "http://fluidnexus.net/feed/rss",
description = "RSS feed of Nexus and Blog posts from Fluid Nexus",
lastBuildDate = datetime.datetime.utcnow(),
items = rssItems
)
return Response(rss.to_xml(encoding = "utf-8"), content_type="application/rss+xml")
def view_nexus_message(request):
session = DBSession()
matchdict = request.matchdict
message = session.query(NexusMessage).filter(NexusMessage.id == matchdict["message_id"]).one()
user = session.query(User).filter(User.id == message.user_id).one()
message.username = user.username
message.formattedContent = message.getFormattedContent()
message.ISOTime = message.getISOTime()
message.formattedTime = message.getFormattedTime()
# TODO
# Add in comment supports; needs a new, separate NexusComment table
# message_comment_url = route_url("view_nexus_message", request, message_id = message.id)
return dict(title=message.title + _(" || Nexus Message"), message=message)
def view_user(request):
# TODO
# Add in auth tokens (if exists) and access tokens (if exists)
session = DBSession()
matchdict = request.matchdict
if (request.logged_in != int(matchdict["user_id"])):
return HTTPForbidden(_("You are not allowed to view information about a user other than yourself."))
user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id == matchdict["user_id"]).one()
request_key_url = ""
key = ""
secret = ""
token = ""
token_secret = ""
keySecret = ConsumerKeySecret.getByUserID(request.logged_in)
if (keySecret):
key = keySecret.consumer_key
secret = keySecret.consumer_secret
tokenData = Token.getTokenByConsumerID(keySecret.id)
if (tokenData):
token = tokenData.token
token_secret = tokenData.token_secret
else:
request_key_url = route_url("api_request_key", request)
return dict(username = user.username, homepage = user.homepage, title = _("Viewing ") + " " + user.username, key = key, secret = secret, token = token, token_secret = token_secret, request_key_url = request_key_url)
def edit_blog_post(request):
session = DBSession()
matchdict = request.matchdict
post = session.query(Post).filter(Post.id == matchdict["post_id"]).one()
if 'submitted' in request.params:
fs = FieldSet(post, data=request.params)
# TODO
# Not sure why this is necessary...shouldn't I just be able to pass the session to FieldSet and have it sync?
post.title = fs.title.value
post.content = fs.content.value
post.modified_time = time.time()
session.add(post)
return HTTPFound(location = route_url("view_blog_post", request, post_id = post.id))
if 'delete' in request.params:
session.delete(post)
return HTTPFound(location = route_url("edit_blog", request))
edit_blog_post_url = route_url("edit_blog_post", request, post_id = post.id)
fs = FieldSet(post)
fs.configure(options=[fs.content.textarea(size=(45, 10))], exclude = [fs["modified_time"], fs["created_time"], fs["user"]])
form = fs.render()
return dict(form = form, title = post.title, edit_blog_post_url = edit_blog_post_url)
def edit_page(request):
"""Edit a given page."""
session = DBSession()
matchdict = request.matchdict
page = session.query(Page).join(User).filter(Page.id == matchdict["page_id"]).order_by(desc(Page.modified_time)).one()
if 'submitted' in request.params:
fs = FieldSet(page, data=request.params)
# TODO
# add validation
# Not sure why this is necessary...shouldn't I just be able to pass the session to FieldSet and have it sync?
page.title = fs.title.value
page.content = fs.content.value
page.modified_time = time.time()
page.location = fs.location.value
session.add(page)
return HTTPFound(location = route_url("view_page", request, page_location = page.location))
elif 'delete' in request.params:
session.delete(page)
return HTTPFound(location = route_url("edit_pages", request))
edit_blog_post_url = route_url("edit_page", request, page_id = page.id)
fs = FieldSet(page)
fs.configure(options=[fs.content.textarea(size=(45, 10))], exclude = [fs["modified_time"], fs["created_time"], fs["user"]])
form = fs.render()
# TODO
# Figure out how to delete using checkboxes
return dict(title = "Edit '%s'" % page.title, save_name = save_name, delete_name = delete_name, form = form)
def doViewBlog(request = None, page_num = 1, limit = 10):
session = DBSession()
p = Pager(session.query(Post).join(User).order_by(desc(Post.created_time)), page_num, limit)
posts = p.results
# TODO
# horribly inefficient; probably a much better way of doing things, perhaps in the template itself?
modifiedPosts = []
for post in posts:
# TODO
# move these to classmethod
post.username = post.user.username
post.post_url = route_url("view_blog_post", request, post_id = post.id)
post.formattedContent = post.getFormattedContent()
post.ISOTime = post.getISOTime()
post.formattedTime = post.getFormattedTime()
modifiedPosts.append(post)
if (page_num < p.pages):
next_page = page_num + 1
else:
next_page = 0
if (page_num > 1):
previous_page = page_num - 1
else:
previous_page = 0
return dict(title = _("Fluid Nexus Blog"), posts = modifiedPosts, pages = p.pages, page_num = page_num, previous_page = previous_page, next_page = next_page)
def reset_password(request):
session = DBSession()
matchdict = request.matchdict
token = matchdict["token"]
forgotPassword = ForgotPassword.getByToken(token)
if (not forgotPassword):
request.session.flash(_("Reset password token not found in database."))
return HTTPFound(location = route_url("home", request))
if (request.logged_in):
request.session.flash(_("You are already logged in and therefore cannot reset a password."))
return HTTPFound(location = route_url("home", request))
login_url = route_url('login', request)
referrer = request.url
if (referrer == login_url):
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
user = User.getByID(forgotPassword.user.id)
fs = None
if 'submitted' in request.params:
fs = ResetPasswordFieldSet().bind(User, session = session, data = request.params or None)
valid = fs.validate()
if valid:
user = User.getByID(request.params["user_id"])
password = bcrypt.hashpw(fs.password1.value, bcrypt.gensalt())
user.password = password
user.user_type = User.NORMAL
session.add(user)
session.flush()
session.query(ForgotPassword).filter(ForgotPassword.user_id == user.id).delete()
request.session["username"] = user.username
headers = remember(request, user.id)
request.session.flash(_("You have successfully updated your password!"))
return HTTPFound(location = route_url("home", request), headers = headers)
if (fs is None):
fs = ResetPasswordFieldSet().bind(User, session = session)
form = fs.render()
return dict(form = form, user_id = user.id, title = _("Forgot your password?"))
def groupfinder(userid, request):
session = DBSession()
user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id==userid).one()
groupNames = []
if (user is not None):
groups = user.groups
for group in groups:
groupNames.append("group:" + group.group_info.group_name)
return groupNames
def api_nexus_hashes(request):
session = DBSession()
hashes = session.query(NexusMessage.message_hash).join(User).order_by(desc(NexusMessage.created_time)).all()
result = {'hashes': []}
for message_hash in hashes:
result['hashes'].append(message_hash[0])
return result
def edit_users(request):
session = DBSession()
users = session.query(User).order_by(User.id).all()
modifiedUsers = []
for user in users:
user.edit_url = route_url("edit_user", request, user_id = user.id)
modifiedUsers.append(user)
return dict(users = modifiedUsers, title = _("Edit users"))
def view_page(request):
"""View a given page."""
session = DBSession()
matchdict = request.matchdict
page_location = matchdict["page_location"]
try:
page = session.query(Page).filter(Page.location == page_location).one()
except NoResultFound:
return HTTPNotFound(detail = "Requested page not found.")
return dict(title = page.title, content = textile.textile(page.content))
def view_blog_post(request):
session = DBSession()
matchdict = request.matchdict
post = session.query(Post).filter(Post.id == matchdict["post_id"]).one()
user = session.query(User).filter(User.id == post.user_id).one()
post.username = user.username
post_comment_url = route_url("view_blog_post", request, post_id = post.id)
fs = None
# TODO
# * make form validation better and more attractive
# * add in field that asks for user to type word to submit form
if 'submitted' in request.params:
comment = Comment()
fs = CommentFieldSet().bind(Comment, session = session, data = request.POST or None)
valid = fs.validate()
if valid:
comment.name = fs.name.value
comment.email = fs.email.value
comment.homepage = fs.homepage.value
comment.content = fs.content.value
now = time.time()
comment.created_time = now
comment.post_id = post.id
session.add(comment)
request.session.flash(_("Your comment was successfully posted."))
fs = None
comments = session.query(Comment).filter(Comment.post_id == post.id).order_by(desc(Comment.created_time))
if (fs is None):
fs = CommentFieldSet().bind(Comment, session = session)
comment_form = fs.render()
return dict(title = post.title + _(" || Fluid Nexus Blog Post"), post = post, comments = comments, comment_form = comment_form, post_comment_url = post_comment_url)
def edit_pages(request):
"""List pages to edit."""
session = DBSession()
pages = session.query(Page).join(User).order_by(desc(Page.modified_time)).all()
modifiedPages = []
for page in pages:
page.formatted_time = time.ctime(page.modified_time)
page.username = page.user.username
page.page_url = route_url("edit_page", request, page_id = page.id)
modifiedPages.append(page)
# TODO
# Figure out how to delete using checkboxes
new_page_url = route_url("new_page", request)
return dict(title = "Edit pages", new_page_url = new_page_url, pages = modifiedPages)
def doNexusMessages(request=None, page_num=1, limit=10):
session = DBSession()
# messages = session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)).all()
p = Pager(session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)), page_num, limit)
messages = p.results
# TODO
# horribly inefficient; probably a much better way of doing things, perhaps in the template itself?
modifiedMessages = []
for message in messages:
# TODO
# move these to classmethod
message.username = message.user.username
message.message_url = route_url("view_nexus_message", request, message_id=message.id)
message.formattedContent = message.getFormattedContent()
message.ISOTime = message.getISOTime()
message.formattedTime = message.getFormattedTime()
if message.attachment_path != "":
fullPath, extension = os.path.splitext(message.attachment_original_filename)
message.massaged_attachment_path = (
"/static/attachments/" + os.path.basename(message.attachment_path) + extension
)
message.massaged_attachment_path_tn = (
"/static/attachments/" + os.path.basename(message.attachment_path) + "_tn" + extension
)
modifiedMessages.append(message)
if page_num < p.pages:
next_page = page_num + 1
else:
next_page = 0
if page_num > 1:
previous_page = page_num - 1
else:
previous_page = 0
return dict(
title=_("Nexus Messages"),
messages=modifiedMessages,
pages=p.pages,
page_num=page_num,
previous_page=previous_page,
next_page=next_page,
)
def api_nexus_messages(request):
session = DBSession()
messages = session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)).all()
result = {'messages': []}
for message in messages:
jsonMessage = {}
jsonMessage['title'] = message.title
jsonMessage['content'] = message.content
jsonMessage['message_hash'] = message.message_hash
jsonMessage['created_time'] = message.created_time
jsonMessage['attachment_path'] = message.attachment_path
jsonMessage['attachment_original_filename'] = message.attachment_original_filename
jsonMessage["username"] = message.user.username
result['messages'].append(jsonMessage)
return result
def edit_blog(request):
session = DBSession()
posts = session.query(Post).join(User).order_by(desc(Post.modified_time)).all()
new_blog_post_url = route_url("new_blog_post", request)
modifiedPosts = []
for post in posts:
post.formatted_time = time.ctime(post.modified_time)
post.username = post.user.username
post.post_url = route_url("edit_blog_post", request, post_id = post.id)
modifiedPosts.append(post)
# TODO
# Figure out how to delete using checkboxes
#g = Grid(Post, posts)
#g.configure(options = [g["title"].readonly()], exclude = [g["modified_time"], g["user"], g["created_time"], g["content"]])
#form = g.render()
return dict(title = _("Edit blog posts"), posts = modifiedPosts, new_blog_post_url = new_blog_post_url)
def edit_user(request):
session = DBSession()
matchdict = request.matchdict
if (request.logged_in != int(matchdict["user_id"])):
return HTTPForbidden(_("You are not allowed to view information about a user other than yourself."))
user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id == matchdict["user_id"]).one()
if (user.user_type == User.OPENID):
fs = UserNoPasswordFieldSet().bind(user, session = session, data = request.POST or None)
else:
fs = UserFieldSet().bind(user, session = session, data = request.POST or None)
if 'submitted' in request.params:
valid = fs.validate()
if valid:
if user.user_type == User.NORMAL:
user.password = bcrypt.hashpw(fs.password1.value, bcrypt.gensalt())
fs.sync()
return HTTPFound(location = route_url("view_user", request, user_id = request.logged_in))
form = fs.render()
return dict(form = form, title = _("Edit") + " " + user.username)