def channel_item(request, nick, item=None, format='html'): nick = clean.channel(nick) view = api.actor_lookup_nick(request.user, nick) if not view: raise http.Http404() stream_ref = api.stream_get_presence(request.user, view.nick) entry = '%s/%s' % (stream_ref.key().name(), item) entry_ref = api.entry_get(request.user, entry) if not entry_ref: raise http.Http404() handled = common_views.handle_view_action( request, {'entry_add_comment': entry_ref.url(), 'entry_remove': view.url(), 'entry_remove_comment': entry_ref.url(), 'entry_mark_as_spam': entry_ref.url() } ) if handled: return handled admins = api.channel_get_admins(request.user, channel=view.nick) user_is_admin = request.user and request.user.nick in admins comments = api.entry_get_comments(request.user, entry) actor_nicks = [entry_ref.owner, entry_ref.actor] + [c.actor for c in comments] actors = api.actor_get_actors(request.user, actor_nicks) # display munge entry = display.prep_entry(entry_ref, { stream_ref.key().name(): stream_ref }, actors) comments = display.prep_comment_list(comments, actors) # config for template green_top = True sidebar_green_top = True # rendering c = template.RequestContext(request, locals()) if format == 'html': t = loader.get_template('item.html') return http.HttpResponse(t.render(c)) elif format == 'json': t = loader.get_template('/item.json') r = http.HttpResponse(t.render(c)) r['Content-type'] = 'text/javascript' return r
def test_login_user_cleanup(self): log = 'broken' pwd = self.passwords[clean.nick(log)] actor_ref_pre = api.actor_get(api.ROOT, log) self.assert_(not actor_ref_pre.normalized_nick) self.assertRaises(exception.ApiException, api.stream_get_presence, api.ROOT, log) self.assertRaises(exception.ApiException, api.stream_get_comment, api.ROOT, log) r = self.client.post('/login', {'log': log, 'pwd': pwd}) r = self.assertRedirectsPrefix(r, '/user/broken/overview') actor_ref_post = api.actor_get(api.ROOT, log) self.assert_(actor_ref_post.normalized_nick) self.assert_(api.stream_get_presence(api.ROOT, log)) self.assert_(api.stream_get_comment(api.ROOT, log))
def actor_history(request, nick=None, format='html'): nick = clean.nick(nick) view = api.actor_lookup_nick(request.user, nick) if not view: raise exception.UserDoesNotExistError(nick, request.user) called_subscribe, sub_ref = common_views.call_api_from_request( request, 'subscription_request') if called_subscribe: if sub_ref.state == 'subscribed': message = 'Subscribed.' else: message = 'Subscription requested.' return util.RedirectFlash(view.url(), message) handled = common_views.handle_view_action( request, { 'entry_remove': request.path, 'entry_remove_comment': request.path, 'entry_mark_as_spam': request.path, 'subscription_remove': view.url(), 'actor_add_contact': request.path, 'actor_remove_contact': request.path, 'post': request.path, 'presence_set': request.path, } ) if handled: return handled privacy = 'public' if request.user: if view.nick == request.user.nick: privacy = 'private' # ROOT because we care whether or not request.user is a contact of # the view user's, not whether the request.user can see the contacts elif api.actor_has_contact(api.ROOT, view.nick, request.user.nick): privacy = 'contacts' # we're going to hide a bunch of stuff if this user is private and we # aren't allowed to see user_is_private = False if view.privacy < models.PRIVACY_PUBLIC and privacy == 'public': user_is_private = True per_page = ENTRIES_PER_PAGE offset, prev = util.page_offset(request) if privacy == 'public': if user_is_private: inbox = [] else: inbox = api.inbox_get_actor_public(request.user, view.nick, limit=(per_page + 1), offset=offset) elif privacy == 'contacts': inbox = api.inbox_get_actor_contacts(request.user, view.nick, limit=(per_page + 1), offset=offset) elif privacy == 'private': inbox = api.inbox_get_actor_private(request.user, view.nick, limit=(per_page + 1), offset=offset) # START inbox generation chaos # TODO(termie): refacccttttooorrrrr entries = api.entry_get_entries(request.user, inbox) per_page = per_page - (len(inbox) - len(entries)) entries, more = util.page_entries(request, entries, per_page) stream_keys = [e.stream for e in entries] try: actor_streams = api.stream_get_actor(request.user, view.nick) except exception.ApiException: actor_streams = [] stream_keys += [s.key().name() for s in actor_streams] streams = api.stream_get_streams(request.user, stream_keys) try: contact_nicks = api.actor_get_contacts(request.user, view.nick, limit=CONTACTS_PER_PAGE) except exception.ApiException: contact_nicks = [] actor_nicks = (contact_nicks + [view.nick] + [s.owner for s in streams.values()] + [e.owner for e in entries] + [e.actor for e in entries]) actors = api.actor_get_actors(request.user, actor_nicks) # here comes lots of munging data into shape contacts = [actors[x] for x in contact_nicks if actors[x]] streams = display.prep_stream_dict(streams, actors) entries = display.prep_entry_list(entries, streams, actors) # END inbox generation chaos # If not logged in, cannot write is_owner = request.user and view.nick == request.user.nick try: presence = api.presence_get(request.user, view.nick) presence_stream = api.stream_get_presence(request.user, view.nick) last_entry = api.entry_get_last(request.user, presence_stream.keyname()) view.last_entry = last_entry except exception.ApiException: pass # for add/remove contact if request.user: user_is_contact = api.actor_has_contact(request.user, request.user.nick, view.nick) view.my_contact = user_is_contact else: user_is_contact = False # for sidebar streams view_streams = dict([(x.key().name(), streams[x.key().name()]) for x in actor_streams]) if request.user: # un/subscribe buttons are possible only, when logged in # TODO(termie): what if there are quite a lot of streams? for stream in view_streams.values(): stream.subscribed = api.subscription_exists( request.user, stream.key().name(), 'inbox/%s/overview' % request.user.nick ) # for sidebar_contacts contacts_count = view.extra.get('contact_count', 0) contacts_more = contacts_count > CONTACTS_PER_PAGE # Config for the template green_top = True sidebar_green_top = True selectable_icons = display.SELECTABLE_ICONS area = 'user' c = template.RequestContext(request, locals()) if format == 'html': t = loader.get_template('history.html') return http.HttpResponse(t.render(c)) elif format == 'json': t = loader.get_template('history.json') r = util.HttpJsonResponse(t.render(c), request) return r elif format == 'atom': t = loader.get_template('history.atom') r = util.HttpAtomResponse(t.render(c), request) return r elif format == 'rss': t = loader.get_template('history.rss') r = util.HttpRssResponse(t.render(c), request) return r
def actor_item(request, nick=None, item=None, format='html'): # The nick passed in the url looks ugly with the escaped @ in it and is # generally just shorter if we only use the lead part of the nick # however the entire system expects full nicks so we should expand this # as soon as possible nick = clean.nick(nick) # Most pages have the concept of a viewer and an actor being viewed, # in all cases the viewer is `request.user` and the actor being viewed # should be named `view` view = api.actor_lookup_nick(request.user, nick) if not view: raise exception.UserDoesNotExistError(nick, request.user) # With very few exceptions, whenever we are referring to a an # instance that is an entity from the datastore we append `_ref` # to the variable name to distinguish it from the variable that # is simply a string identifier. # In the code below `stream_ref` and `entry_ref` are both entity # references, while `entry` is simply the string key_name of an entry stream_ref = api.stream_get_presence(request.user, view.nick) if not stream_ref: raise http.Http404() if item == 'last': entry_ref = api.entry_get_last(request.user, stream_ref.keyname()) return http.HttpResponseRedirect(entry_ref.url()) else: entry = '%s/%s' % (stream_ref.key().name(), item) entry_ref = api.entry_get_safe(request.user, entry) # Most api calls will return None if the entity being looked up does # not exist so we usually want to verify the return values if not entry_ref: raise http.Http404() # When handling user actions the following pattern more or less applies # if 'parameter_unique_to_action' in request.(POST|GET|REQUEST): # try: # validate.nonce(request, 'nonce_action') # validate.anything_else_that_is_related_to_ui_rather_than_call() # # local_variable = request.(POST|GET|REQUEST).get('request_arg') # # or # params = util.query_dict_to_keywords(request.(POST|GET|REQUEST)) # # # Our goal is to have most of the logic for any action translate # # directly into an api call on behalf of the requesting user # # such that the api call is responsible for validating all input # # and raising any applicable errors # result = api.some_api_method(request.user, # method_variable=local_variable, # ...) # # or # result = api.some_api_method(request.user, **params) # # # All actions should issue a redirect with a success message # return util.RedirectFlash('some_url', 'some success message') # except: # exception.handle_exception(request) # # When an exception occurs we expect the rest of the page to be able # to be processed normally as if no action had been taken, the error # handling section of the template should display the errors caught # by the exception.handle_exception() call handled = common_views.handle_view_action( request, {'entry_add_comment': entry_ref.url(), 'entry_remove': view.url(), 'entry_remove_comment': entry_ref.url(), 'entry_mark_as_spam': entry_ref.url() } ) if handled: return handled comments = api.entry_get_comments(request.user, entry_ref.key().name()) # To minimize the number of lookups to the datastore once we know # all the data we will be displaying on a page we attempt to make # a list of all the actors associated with that data so that we can # fetch them all at once actor_nicks = [entry_ref.owner, entry_ref.actor] + [c.actor for c in comments] actors = api.actor_get_actors(request.user, actor_nicks) # Due to restrictions on Django's templating language most of the time # we will have to take an additional step of preparing all of our data # for display, this usually translates to attaching references to # actor or stream entities. # Functions that handle this preparation should be added to the # common.display module entry = display.prep_entry(entry_ref, {stream_ref.key().name(): stream_ref}, actors) comments = display.prep_comment_list(comments, actors) # Additionally, to minimize more logic in the templates some variables # can be defined to configure the output, these are usually template specific # though some are common variables for anything that inherits from the # base templates green_top = True sidebar_green_top = True # The quickest way to make sure we are getting all of the things we care # about passed to the template without the temptation of making last minute # changes is just to pass `locals()` to the template context c = template.RequestContext(request, locals()) # Ideally this is all that should be necessary to add additional output # formats, in practice it is yet to be seen whether additional data # preparation will be necessary before outputting in JSON or ATOM formats if format == 'html': # We always use the full path to the template to prevent naming conflicts # and difficult searches. t = loader.get_template('item.html') return http.HttpResponse(t.render(c)) elif format == 'json': t = loader.get_template('item.json') r = http.HttpResponse(t.render(c)) r['Content-type'] = 'text/javascript' return r