def rss(request): num_posts = 10 num_nexus = 10 session = DBSession() posts = session.query(Post).join(User).order_by(desc(Post.created_time)).limit(num_posts) nexus = session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)).limit(num_nexus) items = [] # add a link to each item newPosts = [] for post in posts: link = "http://fluidnexus.net/blog/post/" + str(post.id) setattr(post, "link", link) setattr(post, "guid", link) setattr(post, "categories", ["blog"]) newPosts.append(post) [items.append(post) for post in newPosts] newNexus = [] for message in nexus: link = "http://fluidnexus.net/nexus" setattr(message, "link", link) setattr(message, "guid", message.message_hash) setattr(message, "categories", ["nexus"]) newNexus.append(message) [items.append(message) for message in newNexus] items = sorted(items, key=attrgetter("created_time"), reverse = True) rssItems = [] for item in items: rssItem = PyRSS2Gen.RSSItem(title = item.title, description = textile.textile(item.content), pubDate = datetime.datetime.fromtimestamp(item.created_time), link = item.link, guid = PyRSS2Gen.Guid(item.guid), categories = item.categories, author = item.user.username) rssItems.append(rssItem) rss = PyRSS2Gen.RSS2( title = "Fluid Nexus RSS Feed", link = "http://fluidnexus.net/feed/rss", description = "RSS feed of Nexus and Blog posts from Fluid Nexus", lastBuildDate = datetime.datetime.utcnow(), items = rssItems ) return Response(rss.to_xml(encoding = "utf-8"), content_type="application/rss+xml")
def view_nexus_message(request): session = DBSession() matchdict = request.matchdict message = session.query(NexusMessage).filter(NexusMessage.id == matchdict["message_id"]).one() user = session.query(User).filter(User.id == message.user_id).one() message.username = user.username message.formattedContent = message.getFormattedContent() message.ISOTime = message.getISOTime() message.formattedTime = message.getFormattedTime() # TODO # Add in comment supports; needs a new, separate NexusComment table # message_comment_url = route_url("view_nexus_message", request, message_id = message.id) return dict(title=message.title + _(" || Nexus Message"), message=message)
def view_user(request): # TODO # Add in auth tokens (if exists) and access tokens (if exists) session = DBSession() matchdict = request.matchdict if (request.logged_in != int(matchdict["user_id"])): return HTTPForbidden(_("You are not allowed to view information about a user other than yourself.")) user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id == matchdict["user_id"]).one() request_key_url = "" key = "" secret = "" token = "" token_secret = "" keySecret = ConsumerKeySecret.getByUserID(request.logged_in) if (keySecret): key = keySecret.consumer_key secret = keySecret.consumer_secret tokenData = Token.getTokenByConsumerID(keySecret.id) if (tokenData): token = tokenData.token token_secret = tokenData.token_secret else: request_key_url = route_url("api_request_key", request) return dict(username = user.username, homepage = user.homepage, title = _("Viewing ") + " " + user.username, key = key, secret = secret, token = token, token_secret = token_secret, request_key_url = request_key_url)
def edit_blog_post(request): session = DBSession() matchdict = request.matchdict post = session.query(Post).filter(Post.id == matchdict["post_id"]).one() if 'submitted' in request.params: fs = FieldSet(post, data=request.params) # TODO # Not sure why this is necessary...shouldn't I just be able to pass the session to FieldSet and have it sync? post.title = fs.title.value post.content = fs.content.value post.modified_time = time.time() session.add(post) return HTTPFound(location = route_url("view_blog_post", request, post_id = post.id)) if 'delete' in request.params: session.delete(post) return HTTPFound(location = route_url("edit_blog", request)) edit_blog_post_url = route_url("edit_blog_post", request, post_id = post.id) fs = FieldSet(post) fs.configure(options=[fs.content.textarea(size=(45, 10))], exclude = [fs["modified_time"], fs["created_time"], fs["user"]]) form = fs.render() return dict(form = form, title = post.title, edit_blog_post_url = edit_blog_post_url)
def edit_page(request): """Edit a given page.""" session = DBSession() matchdict = request.matchdict page = session.query(Page).join(User).filter(Page.id == matchdict["page_id"]).order_by(desc(Page.modified_time)).one() if 'submitted' in request.params: fs = FieldSet(page, data=request.params) # TODO # add validation # Not sure why this is necessary...shouldn't I just be able to pass the session to FieldSet and have it sync? page.title = fs.title.value page.content = fs.content.value page.modified_time = time.time() page.location = fs.location.value session.add(page) return HTTPFound(location = route_url("view_page", request, page_location = page.location)) elif 'delete' in request.params: session.delete(page) return HTTPFound(location = route_url("edit_pages", request)) edit_blog_post_url = route_url("edit_page", request, page_id = page.id) fs = FieldSet(page) fs.configure(options=[fs.content.textarea(size=(45, 10))], exclude = [fs["modified_time"], fs["created_time"], fs["user"]]) form = fs.render() # TODO # Figure out how to delete using checkboxes return dict(title = "Edit '%s'" % page.title, save_name = save_name, delete_name = delete_name, form = form)
def doViewBlog(request = None, page_num = 1, limit = 10): session = DBSession() p = Pager(session.query(Post).join(User).order_by(desc(Post.created_time)), page_num, limit) posts = p.results # TODO # horribly inefficient; probably a much better way of doing things, perhaps in the template itself? modifiedPosts = [] for post in posts: # TODO # move these to classmethod post.username = post.user.username post.post_url = route_url("view_blog_post", request, post_id = post.id) post.formattedContent = post.getFormattedContent() post.ISOTime = post.getISOTime() post.formattedTime = post.getFormattedTime() modifiedPosts.append(post) if (page_num < p.pages): next_page = page_num + 1 else: next_page = 0 if (page_num > 1): previous_page = page_num - 1 else: previous_page = 0 return dict(title = _("Fluid Nexus Blog"), posts = modifiedPosts, pages = p.pages, page_num = page_num, previous_page = previous_page, next_page = next_page)
def reset_password(request): session = DBSession() matchdict = request.matchdict token = matchdict["token"] forgotPassword = ForgotPassword.getByToken(token) if (not forgotPassword): request.session.flash(_("Reset password token not found in database.")) return HTTPFound(location = route_url("home", request)) if (request.logged_in): request.session.flash(_("You are already logged in and therefore cannot reset a password.")) return HTTPFound(location = route_url("home", request)) login_url = route_url('login', request) referrer = request.url if (referrer == login_url): referrer = '/' # never use the login form itself as came_from came_from = request.params.get('came_from', referrer) user = User.getByID(forgotPassword.user.id) fs = None if 'submitted' in request.params: fs = ResetPasswordFieldSet().bind(User, session = session, data = request.params or None) valid = fs.validate() if valid: user = User.getByID(request.params["user_id"]) password = bcrypt.hashpw(fs.password1.value, bcrypt.gensalt()) user.password = password user.user_type = User.NORMAL session.add(user) session.flush() session.query(ForgotPassword).filter(ForgotPassword.user_id == user.id).delete() request.session["username"] = user.username headers = remember(request, user.id) request.session.flash(_("You have successfully updated your password!")) return HTTPFound(location = route_url("home", request), headers = headers) if (fs is None): fs = ResetPasswordFieldSet().bind(User, session = session) form = fs.render() return dict(form = form, user_id = user.id, title = _("Forgot your password?"))
def groupfinder(userid, request): session = DBSession() user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id==userid).one() groupNames = [] if (user is not None): groups = user.groups for group in groups: groupNames.append("group:" + group.group_info.group_name) return groupNames
def api_nexus_hashes(request): session = DBSession() hashes = session.query(NexusMessage.message_hash).join(User).order_by(desc(NexusMessage.created_time)).all() result = {'hashes': []} for message_hash in hashes: result['hashes'].append(message_hash[0]) return result
def edit_users(request): session = DBSession() users = session.query(User).order_by(User.id).all() modifiedUsers = [] for user in users: user.edit_url = route_url("edit_user", request, user_id = user.id) modifiedUsers.append(user) return dict(users = modifiedUsers, title = _("Edit users"))
def view_page(request): """View a given page.""" session = DBSession() matchdict = request.matchdict page_location = matchdict["page_location"] try: page = session.query(Page).filter(Page.location == page_location).one() except NoResultFound: return HTTPNotFound(detail = "Requested page not found.") return dict(title = page.title, content = textile.textile(page.content))
def view_blog_post(request): session = DBSession() matchdict = request.matchdict post = session.query(Post).filter(Post.id == matchdict["post_id"]).one() user = session.query(User).filter(User.id == post.user_id).one() post.username = user.username post_comment_url = route_url("view_blog_post", request, post_id = post.id) fs = None # TODO # * make form validation better and more attractive # * add in field that asks for user to type word to submit form if 'submitted' in request.params: comment = Comment() fs = CommentFieldSet().bind(Comment, session = session, data = request.POST or None) valid = fs.validate() if valid: comment.name = fs.name.value comment.email = fs.email.value comment.homepage = fs.homepage.value comment.content = fs.content.value now = time.time() comment.created_time = now comment.post_id = post.id session.add(comment) request.session.flash(_("Your comment was successfully posted.")) fs = None comments = session.query(Comment).filter(Comment.post_id == post.id).order_by(desc(Comment.created_time)) if (fs is None): fs = CommentFieldSet().bind(Comment, session = session) comment_form = fs.render() return dict(title = post.title + _(" || Fluid Nexus Blog Post"), post = post, comments = comments, comment_form = comment_form, post_comment_url = post_comment_url)
def edit_pages(request): """List pages to edit.""" session = DBSession() pages = session.query(Page).join(User).order_by(desc(Page.modified_time)).all() modifiedPages = [] for page in pages: page.formatted_time = time.ctime(page.modified_time) page.username = page.user.username page.page_url = route_url("edit_page", request, page_id = page.id) modifiedPages.append(page) # TODO # Figure out how to delete using checkboxes new_page_url = route_url("new_page", request) return dict(title = "Edit pages", new_page_url = new_page_url, pages = modifiedPages)
def doNexusMessages(request=None, page_num=1, limit=10): session = DBSession() # messages = session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)).all() p = Pager(session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)), page_num, limit) messages = p.results # TODO # horribly inefficient; probably a much better way of doing things, perhaps in the template itself? modifiedMessages = [] for message in messages: # TODO # move these to classmethod message.username = message.user.username message.message_url = route_url("view_nexus_message", request, message_id=message.id) message.formattedContent = message.getFormattedContent() message.ISOTime = message.getISOTime() message.formattedTime = message.getFormattedTime() if message.attachment_path != "": fullPath, extension = os.path.splitext(message.attachment_original_filename) message.massaged_attachment_path = ( "/static/attachments/" + os.path.basename(message.attachment_path) + extension ) message.massaged_attachment_path_tn = ( "/static/attachments/" + os.path.basename(message.attachment_path) + "_tn" + extension ) modifiedMessages.append(message) if page_num < p.pages: next_page = page_num + 1 else: next_page = 0 if page_num > 1: previous_page = page_num - 1 else: previous_page = 0 return dict( title=_("Nexus Messages"), messages=modifiedMessages, pages=p.pages, page_num=page_num, previous_page=previous_page, next_page=next_page, )
def api_nexus_messages(request): session = DBSession() messages = session.query(NexusMessage).join(User).order_by(desc(NexusMessage.created_time)).all() result = {'messages': []} for message in messages: jsonMessage = {} jsonMessage['title'] = message.title jsonMessage['content'] = message.content jsonMessage['message_hash'] = message.message_hash jsonMessage['created_time'] = message.created_time jsonMessage['attachment_path'] = message.attachment_path jsonMessage['attachment_original_filename'] = message.attachment_original_filename jsonMessage["username"] = message.user.username result['messages'].append(jsonMessage) return result
def edit_blog(request): session = DBSession() posts = session.query(Post).join(User).order_by(desc(Post.modified_time)).all() new_blog_post_url = route_url("new_blog_post", request) modifiedPosts = [] for post in posts: post.formatted_time = time.ctime(post.modified_time) post.username = post.user.username post.post_url = route_url("edit_blog_post", request, post_id = post.id) modifiedPosts.append(post) # TODO # Figure out how to delete using checkboxes #g = Grid(Post, posts) #g.configure(options = [g["title"].readonly()], exclude = [g["modified_time"], g["user"], g["created_time"], g["content"]]) #form = g.render() return dict(title = _("Edit blog posts"), posts = modifiedPosts, new_blog_post_url = new_blog_post_url)
def edit_user(request): session = DBSession() matchdict = request.matchdict if (request.logged_in != int(matchdict["user_id"])): return HTTPForbidden(_("You are not allowed to view information about a user other than yourself.")) user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id == matchdict["user_id"]).one() if (user.user_type == User.OPENID): fs = UserNoPasswordFieldSet().bind(user, session = session, data = request.POST or None) else: fs = UserFieldSet().bind(user, session = session, data = request.POST or None) if 'submitted' in request.params: valid = fs.validate() if valid: if user.user_type == User.NORMAL: user.password = bcrypt.hashpw(fs.password1.value, bcrypt.gensalt()) fs.sync() return HTTPFound(location = route_url("view_user", request, user_id = request.logged_in)) form = fs.render() return dict(form = form, title = _("Edit") + " " + user.username)