Exemple #1
0
def activate(request, username="", user="******", token=""):
    user = int(user)

    try:
        user = User.objects.get(pk=user)
        current_activation = user.activation

        # Run checks
        user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
        if user_ban:
            return error_banned(request, user, user_ban)

        if user.activation == User.ACTIVATION_NONE:
            return redirect_message(request, Message(_("%(username)s, your account is already active.") % {'username': user.username}), 'info')

        if user.activation == User.ACTIVATION_ADMIN:
            return redirect_message(request, Message(_("%(username)s, only board administrator can activate your account.") % {'username': user.username}), 'info')

        if not token or not user.token or user.token != token:
            return redirect_message(request, Message(_("%(username)s, your activation link is invalid. Try again or request new activation e-mail.") % {'username': user.username}), 'error')

        # Activate and sign in our member
        user.activation = User.ACTIVATION_NONE
        sign_user_in(request, user)

        # Update monitor
        User.objects.resync_monitor(request.monitor)

        if current_activation == User.ACTIVATION_CREDENTIALS:
            return redirect_message(request, Message(_("%(username)s, your account has been successfully reactivated after change of sign-in credentials.") % {'username': user.username}), 'success')
        else:
            return redirect_message(request, Message(_("%(username)s, your account has been successfully activated. Welcome aboard!") % {'username': user.username}), 'success')
    except User.DoesNotExist:
        return error404(request)
Exemple #2
0
    def __call__(self, request, target=None, slug=None):
        # Default message
        message = request.messages.get_message(self.admin.id)

        # Fetch target?
        model = None
        if target:
            model = self.get_and_validate_target(request, target)
            self.original_name = self.get_target_name(model)
            if not model:
                return redirect(self.get_fallback_url(request))
        original_model = model
        
        # Get form type to instantiate
        FormType = self.get_form(request, target)
        
        #Submit form
        if request.method == 'POST':
            form = self.get_form_instance(FormType, request, model, self.get_initial_data(request, model), True)
            if form.is_valid():
                model, message = self.submit_form(request, form, model)
                if message.type != 'error':
                    request.messages.set_flash(message, message.type, self.admin.id)
                    # Redirect back to right page
                    try:
                        if 'save_new' in request.POST and self.get_new_url:
                            return redirect(self.get_new_url(request, model))
                    except AttributeError:
                        pass
                    try:
                        if 'save_edit' in request.POST and self.get_edit_url:
                            return redirect(self.get_edit_url(request, model))
                    except AttributeError:
                        pass
                    try:
                        if self.get_submit_url:
                            return redirect(self.get_submit_url(request, model))
                    except AttributeError:
                        pass
                    return redirect(self.get_fallback_url(request))
            else:
                message = Message(request, form.non_field_errors()[0])
                message.type = 'error'
        else:
            form = self.get_form_instance(FormType, request, model, self.get_initial_data(request, model))
            
        # Render form
        return request.theme.render_to_response(self.get_templates(self.template),
                                                {
                                                 'admin': self.admin,
                                                 'action': self,
                                                 'request': request,
                                                 'url': self.get_url(request, model),
                                                 'fallback': self.get_fallback_url(request),
                                                 'message': message,
                                                 'target': self.get_target_name(original_model),
                                                 'target_model': original_model,
                                                 'form': FormLayout(form, self.get_layout(request, form, target)),
                                                },
                                                context_instance=RequestContext(request));
Exemple #3
0
def activate(request, token):
    new_credentials = request.session.get('new_credentials')
    if not new_credentials or new_credentials['token'] != token:
        return error404(request)

    if new_credentials['new_email']:
        request.user.set_email(new_credentials['new_email'])
    if new_credentials['new_password']:
        request.user.set_password(new_credentials['new_password'])

    try:
        request.user.full_clean()
        request.user.save(force_update=True)
        request.user.sessions.exclude(id=request.session.id).delete()
        request.user.signin_tokens.all().delete()
        request.messages.set_flash(
            Message(
                _("%(username)s, your Sign-In credentials have been changed.")
                % {'username': request.user.username}), 'success', 'security')
        request.session.sign_out(request)
        del request.session['new_credentials']
        return redirect(reverse('sign_in'))
    except ValidationError:
        request.messages.set_flash(
            Message(
                _("Your new credentials have been invalidated. Please try again."
                  )), 'error', 'usercp_credentials')
        return redirect(reverse('usercp_credentials'))
Exemple #4
0
def form(request):
    message = None
    if request.method == 'POST':
        form = UserSendActivationMailForm(request.POST, request=request)
        if form.is_valid():
            user = form.found_user
            user_ban = Ban.objects.check_ban(username=user.username, email=user.email)

            if user_ban:
                return error_banned(request, user, user_ban)

            if user.activation == User.ACTIVATION_NONE:
                return redirect_message(request, Message(_("%(username)s, your account is already active.") % {'username': user.username}), 'info')

            if user.activation == User.ACTIVATION_ADMIN:
                return redirect_message(request, Message(_("%(username)s, only board administrator can activate your account.") % {'username': user.username}), 'info')

            user.email_user(
                            request,
                            'users/activation/resend',
                            _("Account Activation"),
                            )
            return redirect_message(request, Message(_("%(username)s, e-mail containing new activation link has been sent to %(email)s.") % {'username': user.username, 'email': user.email}), 'success')
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = UserSendActivationMailForm(request=request)
    return request.theme.render_to_response('resend_activation.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form),
                                            },
                                            context_instance=RequestContext(request));
Exemple #5
0
 def handle_posts_form(self):
     if self.request.method == 'POST' and self.request.POST.get('origin') == 'posts_form':
         self.posts_form = self.posts_form(self.request.POST, request=self.request)
         if self.posts_form.is_valid():
             checked_items = []
             for post in self.posts:
                 if str(post.pk) in self.posts_form.cleaned_data['list_items']:
                     checked_items.append(post.pk)
             if checked_items:
                 form_action = getattr(self, 'post_action_' + self.posts_form.cleaned_data['list_action'])
                 try:
                     response = form_action(checked_items)
                     if response:
                         return response
                     return redirect(self.request.path)
                 except forms.ValidationError as e:
                     self.message = Message(e.messages[0], messages.ERROR)
             else:
                 self.message = Message(_("You have to select at least one post."), messages.ERROR)
         else:
             if 'list_action' in self.posts_form.errors:
                 self.message = Message(_("Requested action is incorrect."), messages.ERROR)
             else:
                 self.message = Message(posts_form.non_field_errors()[0], messages.ERROR)
     else:
         self.posts_form = self.posts_form(request=self.request)
Exemple #6
0
def crop(request, upload=False):
    if upload and (not request.user.avatar_temp or not 'upload' in settings.avatars_types):
        return error404(request)

    if not upload and request.user.avatar_type != 'upload':
        messages.error(request, _("Crop Avatar option is avaiable only when you use uploaded image as your avatar."), 'usercp_avatar')
        return redirect(reverse('usercp_avatar'))

    message = request.messages.get_message('usercp_avatar')
    if request.method == 'POST':
        if request.csrf.request_secure(request):
            try:
                image_path = settings.MEDIA_ROOT + 'avatars/'
                if upload:
                    source = Image.open(image_path + request.user.avatar_temp)
                else:
                    source = Image.open(image_path + request.user.avatar_original)
                width, height = source.size

                aspect = float(width) / float(request.POST['crop_b'])
                crop_x = int(aspect * float(request.POST['crop_x']))
                crop_y = int(aspect * float(request.POST['crop_y']))
                crop_w = int(aspect * float(request.POST['crop_w']))
                crop = source.crop((crop_x, crop_y, crop_x + crop_w, crop_y + crop_w))

                if upload:
                    image_name, image_extension = path(request.user.avatar_temp).splitext()
                else:
                    image_name, image_extension = path(request.user.avatar_original).splitext()
                image_name = '%s_%s%s' % (request.user.pk, random_string(8), image_extension)
                resizeimage(crop, settings.AVATAR_SIZES[0], image_path + image_name, info=source.info, format=source.format)
                for size in settings.AVATAR_SIZES[1:]:
                    resizeimage(crop, size, image_path + str(size) + '_' + image_name, info=source.info, format=source.format)

                request.user.delete_avatar_image()
                if upload:
                    request.user.delete_avatar_original()
                    request.user.avatar_type = 'upload'
                    request.user.avatar_original = '%s_org_%s%s' % (request.user.pk, random_string(8), image_extension)
                    source.save(image_path + request.user.avatar_original)
                request.user.delete_avatar_temp()
                request.user.avatar_image = image_name
                request.user.avatar_crop = [str(float(request.POST[x])) for x in ('crop_x', 'crop_y', 'crop_w')]
                request.user.save(force_update=True)
                messages.success(request, _("Your avatar has been cropped."), 'usercp_avatar')
                return redirect(reverse('usercp_avatar'))
            except Exception:
                message = Message(_("Form contains errors."), messages.ERROR)
        else:
            message = Message(_("Request authorisation is invalid."), messages.ERROR)


    return render_to_response('usercp/avatar_crop.html',
                              context_instance=RequestContext(request, {
                                  'message': message,
                                  'after_upload': upload,
                                  'avatar_size': settings.AVATAR_SIZES[0],
                                  'avatar_crop': request.user.avatar_crop if not upload else None,
                                  'source': 'avatars/%s' % (request.user.avatar_temp if upload else request.user.avatar_original),
                                  'tab': 'avatar'}));
Exemple #7
0
def reset(request, username="", user="******", token=""):
    user = int(user)
    try:
        user = User.objects.get(pk=user)
        user_ban = check_ban(username=user.username, email=user.email)
        if user_ban:
            return error_banned(request, user, user_ban)
        if user.activation != User.ACTIVATION_NONE:
            return error403(
                request,
                Message(request, 'users/activation/required', {'user': user}))
        if not token or not user.token or user.token != token:
            return error403(
                request,
                Message(request, 'users/invalid_confirmation_link',
                        {'user': user}))
        new_password = get_random_string(6)
        user.token = None
        user.set_password(new_password)
        user.save(force_update=True)
        # Logout signed in and kill remember me tokens
        Session.objects.filter(user=user).update(user=None)
        Token.objects.filter(user=user).delete()
        # Set flash and mail new password
        request.messages.set_flash(
            Message(request, 'users/password/reset_done',
                    extra={'user': user}), 'success')
        user.email_user(request, 'users/password/new', _("Your New Password"),
                        {'password': new_password})
        return redirect(reverse('sign_in'))
    except User.DoesNotExist:
        return error404(request)
Exemple #8
0
def form(request):
    message = None
    if request.method == 'POST':
        form = UserSendSpecialMailForm(request.POST, request=request)
        if form.is_valid():
            user = form.found_user
            user_ban = check_ban(username=user.username, email=user.email)
            if user_ban:
                return error_banned(request, user, user_ban)
            elif user.activation != User.ACTIVATION_NONE:
                return error403(
                    request,
                    Message(request, 'users/activation/required',
                            {'user': user}))
            user.token = get_random_string(12)
            user.save(force_update=True)
            request.messages.set_flash(
                Message(request,
                        'users/password/reset_confirm',
                        extra={'user': user}), 'success')
            user.email_user(request, 'users/password/confirm',
                            _("Confirm New Password Request"))
            return redirect(reverse('index'))
        else:
            message = Message(request, form.non_field_errors()[0])
    else:
        form = UserSendSpecialMailForm(request=request)
    return request.theme.render_to_response(
        'users/forgot_password.html', {
            'message': message,
            'form': FormLayout(form),
        },
        context_instance=RequestContext(request))
Exemple #9
0
def signature(request):
    # Intercept all requests if we can't use signature
    if not request.acl.usercp.can_use_signature():
        return error403(request)
    if request.user.signature_ban:
        return request.theme.render_to_response('usercp/signature_banned.html',
                                                context_instance=RequestContext(request, {
                                                 'tab': 'signature',
                                                 }));

    siggy_text = ''
    message = request.messages.get_message('usercp_signature')
    if request.method == 'POST':
        form = SignatureForm(request.POST, request=request, initial={'signature': request.user.signature})
        if form.is_valid():
            request.user.signature = form.cleaned_data['signature']
            if request.user.signature:
                request.user.signature_preparsed = signature_markdown(request.acl,
                                                                      request.user.signature)
            else:
                request.user.signature_preparsed = None
            request.user.save(force_update=True)
            request.messages.set_flash(Message(_("Your signature has been changed.")), 'success', 'usercp_signature')
            return redirect(reverse('usercp_signature'))
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = SignatureForm(request=request, initial={'signature': request.user.signature})

    return request.theme.render_to_response('usercp/signature.html',
                                            context_instance=RequestContext(request, {
                                             'message': message,
                                             'tab': 'signature',
                                             'form': FormLayout(form),
                                             }));
Exemple #10
0
 def thread_action_move(self):
     message = None
     if self.request.POST.get('do') == 'move':
         form = MoveThreadsForm(self.request.POST,
                                request=self.request,
                                forum=self.forum)
         if form.is_valid():
             new_forum = form.cleaned_data['new_forum']
             self.thread.move_to(new_forum)
             self.thread.save(force_update=True)
             self.thread.set_checkpoint(self.request,
                                        'moved',
                                        forum=self.forum)
             self.forum.sync()
             self.forum.save(force_update=True)
             new_forum.sync()
             new_forum.save(force_update=True)
             self.request.messages.set_flash(
                 Message(
                     _('Thread has been moved to "%(forum)s".') %
                     {'forum': new_forum.name}), 'success', 'threads')
             return None
         message = Message(form.non_field_errors()[0], 'error')
     else:
         form = MoveThreadsForm(request=self.request, forum=self.forum)
     return self.request.theme.render_to_response(
         '%ss/move_thread.html' % self.type_prefix, {
             'type_prefix': self.type_prefix,
             'message': message,
             'forum': self.forum,
             'parents': self.parents,
             'thread': self.thread,
             'form': FormLayout(form),
         },
         context_instance=RequestContext(self.request))
Exemple #11
0
def settings(request, group_id=None, group_slug=None):
    # Load groups and find selected group
    settings_groups = Group.objects.all().order_by('key')
    if not group_id:
        active_group = settings_groups[0]
        group_id = active_group.pk
    else:
        group_id = int(group_id)
        for group in settings_groups:
            if group.pk == group_id:
                active_group = group
                break
        else:
            return error404(request, BasicMessage(_('The requested settings group could not be found.')))
            
    # Load selected group settings and turn them into form
    group_settings = Setting.objects.filter(group=active_group).order_by('position')
    last_fieldset = (None, [])
    group_form = {'layout': []}
    for setting in group_settings:
        # New field subgroup?
        if setting.separator and last_fieldset[0] != setting.separator:
            if last_fieldset[0]:
                group_form['layout'].append(last_fieldset)
            last_fieldset = (_(setting.separator), [])
        last_fieldset[1].append(setting.pk)
        group_form[setting.pk] = setting.get_field()
    group_form['layout'].append(last_fieldset)
    SettingsGroupForm = type('SettingsGroupForm', (Form,), group_form)
    
    #Submit form
    message = request.messages.get_message('admin_settings')
    if request.method == 'POST':
        form = SettingsGroupForm(request.POST, request=request)
        if form.is_valid():
            for setting in form.cleaned_data.keys():
                request.settings[setting] = form.cleaned_data[setting]
            request.messages.set_flash(BasicMessage(_('Configuration has been saved.')), 'success', 'admin_settings')
            return redirect(reverse('admin_settings', kwargs={
                                                       'group_id': active_group.pk,
                                                       'group_slug': active_group.key,
                                                       }))
        else:
            message = Message(request, form.non_field_errors()[0])
            message.type = 'error'
    else:
        form = SettingsGroupForm(request=request)
    
    # Display settings group form      
    return request.theme.render_to_response('settings/settings.html',
                                            {
                                            'message': message,
                                            'groups': settings_groups,
                                            'active_group': active_group,
                                            'search_form': FormFields(SearchForm(request=request)),
                                            'form': FormLayout(form),
                                            'raw_form': form,
                                            },
                                            context_instance=RequestContext(request));
Exemple #12
0
def settings(request, group_id=None, group_slug=None):
    # Load groups and find selected group
    settings_groups = SettingsGroup.objects.all().order_by('key')
    if not group_id:
        active_group = settings_groups[0]
        group_id = active_group.pk
    else:
        group_id = int(group_id)
        for group in settings_groups:
            if group.pk == group_id:
                active_group = group
                break
        else:
            return error404(request, _('Requested settings group could not be found.'))

    # Load selected group settings and turn them into form
    group_settings = Setting.objects.filter(group=active_group).order_by('position')
    last_fieldset = (None, [])
    group_form = {'layout': []}
    for setting in group_settings:
        # New field subgroup?
        if setting.separator and last_fieldset[0] != setting.separator:
            if last_fieldset[0]:
                group_form['layout'].append(last_fieldset)
            last_fieldset = (_(setting.separator), [])
        last_fieldset[1].append(setting.pk)
        group_form[setting.pk] = setting.get_field()
    group_form['layout'].append(last_fieldset)
    SettingsGroupForm = type('SettingsGroupForm', (Form,), group_form)

    #Submit form
    message = request.messages.get_message('admin_settings')
    if request.method == 'POST':
        form = SettingsGroupForm(request.POST, request=request)
        if form.is_valid():
            for setting in form.cleaned_data.keys():
                request.settings[setting] = form.cleaned_data[setting]
            cache.delete('settings')
            request.messages.set_flash(Message(_('Configuration has been changed.')), 'success', 'admin_settings')
            return redirect(reverse('admin_settings', kwargs={
                                                       'group_id': active_group.pk,
                                                       'group_slug': active_group.key,
                                                       }))
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = SettingsGroupForm(request=request)

    # Display settings group form      
    return request.theme.render_to_response('settings/settings.html',
                                            {
                                            'message': message,
                                            'groups': settings_groups,
                                            'active_group': active_group,
                                            'search_form': FormFields(SearchForm(request=request)),
                                            'form': FormLayout(form),
                                            'raw_form': form,
                                            },
                                            context_instance=RequestContext(request));
Exemple #13
0
 def action_undelete(self, ids):
     if self._action_undelete(ids):
         self.request.messages.set_flash(
             Message(_('Selected reports have been restored.')), 'success',
             'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No reports were restored.')), 'info', 'threads')
Exemple #14
0
 def action_soft(self, ids):
     if self._action_soft(ids):
         self.request.messages.set_flash(
             Message(_('Selected threads have been hidden.')), 'success',
             'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No threads were hidden.')), 'info', 'threads')
Exemple #15
0
 def action_hard(self, ids):
     if self._action_hard(ids):
         self.request.messages.set_flash(
             Message(_('Selected threads have been deleted.')), 'success',
             'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No threads were deleted.')), 'info', 'threads')
Exemple #16
0
 def action_normal(self, ids):
     if self._action_normal(ids):
         self.mass_resolve(ids)
         self.request.messages.set_flash(
             Message(_('Selected reports were set as bogus.')), 'success',
             'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No reports were set as bogus.')), 'info', 'threads')
Exemple #17
0
 def action_normal(self, ids):
     if self._action_normal(ids):
         self.request.messages.set_flash(
             Message(_('Selected threads weight has been removed.')),
             'success', 'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No threads have had their weight removed.')),
             'info', 'threads')
Exemple #18
0
    def handle_form(self):
        if self.request.method == 'POST':
            self.form = self.form(self.request.POST, request=self.request)
            if self.form.is_valid():
                checked_items = []
                posts = []
                for thread in self.threads:
                    if str(thread.pk) in self.form.cleaned_data[
                            'list_items'] and thread.forum_id == self.forum.pk:
                        posts.append(thread.start_post_id)
                        if thread.start_post_id != thread.last_post_id:
                            posts.append(thread.last_post_id)
                        checked_items.append(thread.pk)
                if checked_items:
                    if posts:
                        for post in Post.objects.filter(
                                id__in=posts).prefetch_related('user'):
                            for thread in self.threads:
                                if thread.start_post_id == post.pk:
                                    thread.start_post = post
                                if thread.last_post_id == post.pk:
                                    thread.last_post = post
                                if thread.start_post_id == post.pk or thread.last_post_id == post.pk:
                                    break

                    action_call = 'action_' + self.form.cleaned_data[
                        'list_action']
                    action_extra_args = []
                    if ':' in action_call:
                        action_extra_args = action_call[action_call.index(':'
                                                                          ) +
                                                        1:].split(',')
                        action_call = action_call[:action_call.index(':')]

                    form_action = getattr(self, action_call)
                    try:
                        response = form_action(checked_items,
                                               *action_extra_args)
                        if response:
                            return response
                        return redirect(self.request.path)
                    except forms.ValidationError as e:
                        self.message = Message(e.messages[0], messages.ERROR)
                else:
                    self.message = Message(
                        _("You have to select at least one thread."),
                        messages.ERROR)
            else:
                if 'list_action' in self.form.errors:
                    self.message = Message(_("Requested action is incorrect."),
                                           messages.ERROR)
                else:
                    self.message = Message(self.form.non_field_errors()[0],
                                           messages.ERROR)
        else:
            self.form = self.form(request=self.request)
Exemple #19
0
 def action_sticky(self, ids):
     if self._action_sticky(ids):
         self.request.messages.set_flash(
             Message(
                 _('Selected threads have been sticked to the top of list.')
             ), 'success', 'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No threads were turned into stickies.')), 'info',
             'threads')
Exemple #20
0
 def action_accept(self, ids):
     if self._action_accept(ids):
         self.request.messages.set_flash(
             Message(
                 _('Selected threads have been marked as reviewed and made visible to other members.'
                   )), 'success', 'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No threads were marked as reviewed.')), 'info',
             'threads')
Exemple #21
0
 def action_annouce(self, ids):
     if self._action_annouce(ids):
         self.request.messages.set_flash(
             Message(
                 _('Selected threads have been turned into announcements.')
             ), 'success', 'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No threads were turned into announcements.')),
             'info', 'threads')
Exemple #22
0
def username(request):
    if not request.acl.usercp.show_username_change():
        return error404(request)

    changes_left = request.acl.usercp.changes_left(request.user)
    next_change = None
    if request.acl.usercp.changes_expire() and not changes_left:
        next_change = request.user.namechanges.filter(
                                                      date__gte=timezone.now() - timedelta(days=request.acl.usercp.acl['changes_expire']),
                                                      ).order_by('-date')[0]
        next_change = next_change.date + timedelta(days=request.acl.usercp.acl['changes_expire'])

    message = request.messages.get_message('usercp_username')
    if request.method == 'POST':
        if not changes_left:
            message = Message(_("You have exceeded the maximum number of name changes."), messages.ERROR)
            form = UsernameChangeForm(request=request)
        else:
            org_username = request.user.username
            form = UsernameChangeForm(request.POST, request=request)
            if form.is_valid():
                request.user.set_username(form.cleaned_data['username'])
                request.user.save(force_update=True)
                request.user.sync_username()
                request.user.namechanges.create(date=timezone.now(), old_username=org_username)
                messages.success(request, _("Your username has been changed."), 'usercp_username')
                # Alert followers of namechange
                alert_time = timezone.now()
                bulk_alerts = []
                alerted_users = []
                for follower in request.user.follows_set.iterator():
                    alerted_users.append(follower.pk)
                    alert = Alert(user=follower, message=ugettext_lazy("User that you are following, %(username)s, has changed his name to %(newname)s").message, date=alert_time)
                    alert.strong('username', org_username)
                    alert.profile('newname', request.user)
                    alert.hydrate()
                    bulk_alerts.append(alert)
                if bulk_alerts:
                    Alert.objects.bulk_create(bulk_alerts)
                    User.objects.filter(id__in=alerted_users).update(alerts=F('alerts') + 1)
                # Hop back
                return redirect(reverse('usercp_username'))
            message = Message(form.non_field_errors()[0], messages.ERROR)
    else:
        form = UsernameChangeForm(request=request)

    return render_to_response('usercp/username.html',
                              context_instance=RequestContext(request, {
                                  'message': message,
                                  'changes_left': changes_left,
                                  'form': form,
                                  'next_change': next_change,
                                  'changes_history': request.user.namechanges.order_by('-date')[:10],
                                  'tab': 'username'}));
Exemple #23
0
 def response(self):
     if self.post.moderated:
         self.request.messages.set_flash(
             Message(
                 _("Your reply has been posted. It will be hidden from other members until moderator reviews it."
                   )), 'success', 'threads_%s' % self.post.pk)
     else:
         self.request.messages.set_flash(
             Message(_("Your reply has been posted.")), 'success',
             'threads_%s' % self.post.pk)
     return self.redirect_to_post(self.post)
Exemple #24
0
 def get_and_validate_target(self, target):
     try:
         model = self.admin.model.objects.select_related().get(pk=target)
         self.get_target(model)
         return model
     except self.admin.model.DoesNotExist:
         self.request.messages.set_flash(Message(self.notfound_message),
                                         'error', self.admin.id)
     except ValueError as e:
         self.request.messages.set_flash(Message(e.args[0]), 'error',
                                         self.admin.id)
     return None
Exemple #25
0
 def action(self, target):
     target.delete()
     with UpdatingMonitor() as cm:
         monitor.increase('bans_version')
     if target.test == 0:
         return Message(_('E-mail and username Ban "%(ban)s" has been lifted.') % {'ban': target.ban}, messages.SUCCESS), False
     if target.test == 1:
         return Message(_('Username Ban "%(ban)s" has been lifted.') % {'ban': target.ban}, messages.SUCCESS), False
     if target.test == 2:
         return Message(_('E-mail Ban "%(ban)s" has been lifted.') % {'ban': target.ban}, messages.SUCCESS), False
     if target.test == 3:
         return Message(_('IP Ban "%(ban)s" has been lifted.') % {'ban': target.ban}, messages.SUCCESS), False
Exemple #26
0
def gravatar(request):
    if not 'gravatar' in request.settings.avatars_types:
        return error404(request)
    if request.user.avatar_type != 'gravatar':
        if request.csrf.request_secure(request):
            request.user.delete_avatar()
            request.user.avatar_type = 'gravatar'
            request.user.save(force_update=True)
            request.messages.set_flash(Message(_("Your avatar has been changed to Gravatar.")), 'success', 'usercp_avatar')
        else:
            request.messages.set_flash(Message(_("Request authorisation is invalid.")), 'error', 'usercp_avatar')
    return redirect(reverse('usercp_avatar'))
Exemple #27
0
 def update_watcher(self, request, watcher):
     watcher.email = True
     if watcher.pk:
         request.messages.set_flash(
             Message(
                 _('You will now receive e-mail with notification when somebody replies to this thread.'
                   )), 'success', 'threads')
     else:
         request.messages.set_flash(
             Message(
                 _('This thread has been added to your watched threads list. You will also receive e-mail with notification when somebody replies to it.'
                   )), 'success', 'threads')
Exemple #28
0
def gallery(request):
    if not 'gallery' in settings.avatars_types:
        return error404(request)

    allowed_avatars = []
    galleries = []
    for directory in path(
            settings.STATICFILES_DIRS[0]).joinpath('avatars').dirs():
        if directory[-7:] != '_locked' and directory[-8:] != '_default':
            gallery = {'name': directory[-7:], 'avatars': []}
            avatars = directory.files('*.gif')
            avatars += directory.files('*.jpg')
            avatars += directory.files('*.jpeg')
            avatars += directory.files('*.png')
            for item in avatars:
                gallery['avatars'].append('/'.join(path(item).splitall()[-2:]))
            galleries.append(gallery)
            allowed_avatars += gallery['avatars']

    if not allowed_avatars:
        messages.info(request,
                      _("No avatar galleries are available at the moment."),
                      'usercp_avatar')
        return redirect(reverse('usercp_avatar'))

    message = request.messages.get_message('usercp_avatar')
    if request.method == 'POST':
        if request.csrf.request_secure(request):
            new_avatar = request.POST.get('avatar_image')
            if new_avatar in allowed_avatars:
                request.user.delete_avatar()
                request.user.avatar_type = 'gallery'
                request.user.avatar_image = new_avatar
                request.user.save(force_update=True)
                messages.success(
                    request,
                    _("Your avatar has been changed to one from gallery."),
                    'usercp_avatar')
                return redirect(reverse('usercp_avatar'))
            message = Message(_("Selected Avatar is incorrect."),
                              messages.ERROR)
        else:
            message = Message(_("Request authorisation is invalid."),
                              messages.ERROR)

    return render_to_response('usercp/avatar_gallery.html',
                              context_instance=RequestContext(
                                  request, {
                                      'message': message,
                                      'galleries': galleries,
                                      'tab': 'avatar'
                                  }))
Exemple #29
0
 def update_watcher(self, request, watcher):
     watcher.deleted = True
     watcher.delete()
     if watcher.email:
         request.messages.set_flash(
             Message(
                 _('This thread has been removed from your watched threads list. You will no longer receive e-mails with notifications when somebody replies to it.'
                   )), 'success', 'threads')
     else:
         request.messages.set_flash(
             Message(
                 _('This thread has been removed from your watched threads list.'
                   )), 'success', 'threads')
Exemple #30
0
 def post_action_protect(self, ids):
     protected = 0
     for post in self.posts:
         if post.pk in ids and not post.protected:
             protected += 1
     if protected:
         self.thread.post_set.filter(id__in=ids).update(protected=True)
         self.request.messages.set_flash(
             Message(_('Selected posts have been protected from edition.')),
             'success', 'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No posts were protected.')), 'info', 'threads')
Exemple #31
0
 def post_action_unprotect(self, ids):
     unprotected = 0
     for post in self.posts:
         if post.pk in ids and post.protected:
             unprotected += 1
     if unprotected:
         self.thread.post_set.filter(id__in=ids).update(protected=False)
         self.request.messages.set_flash(
             Message(
                 _('Protection from editions has been removed from selected posts.'
                   )), 'success', 'threads')
     else:
         self.request.messages.set_flash(
             Message(_('No posts were unprotected.')), 'info', 'threads')
Exemple #32
0
    def __call__(self, request, page=0):
        """
        Use widget as view
        """
        self.request = request

        # Get basic list items
        items_total = self.get_items()

        # Set extra filters?
        try:
            items_total = self.select_items(items_total).count()
        except AttributeError:
            items_total = items_total.count()

        # Set sorting and paginating
        sorting_method = self.get_sorting()
        paginating_method = self.get_pagination(items_total, page)

        # List items
        items = self.get_items()
        if not request.session.get(self.get_token('filter')):
            items = items.all()

        # Set extra filters?
        try:
            items = self.select_items(items)
        except AttributeError:
            pass

        # Sort them
        items = self.sort_items(items, sorting_method);

        # Set pagination
        if self.pagination:
            items = items[paginating_method['start']:paginating_method['stop']]

        # Prefetch related?
        try:
            items = self.prefetch_related(items)
        except AttributeError:
            pass

        # Default message
        message = None

        # See if we should make and handle search form
        search_form = None
        SearchForm = self.get_search_form()
        if SearchForm:
            if request.method == 'POST':
                # New search
                if request.POST.get('origin') == 'search':
                    search_form = SearchForm(request.POST, request=request)
                    if search_form.is_valid():
                        search_criteria = {}
                        for field, criteria in search_form.cleaned_data.items():
                            if len(criteria) > 0:
                                search_criteria[field] = criteria
                        if not search_criteria:
                            message = Message(_("No search criteria have been defined."))
                        else:
                            request.session[self.get_token('filter')] = search_criteria
                            return redirect(self.get_url())
                    else:
                        message = Message(_("Search form contains errors."))
                    message.type = 'error'
                else:
                    search_form = SearchForm(request=request)

                # Kill search
                if request.POST.get('origin') == 'clear' and self.is_filtering and request.csrf.request_secure(request):
                    request.session[self.get_token('filter')] = None
                    request.messages.set_flash(Message(_("Search criteria have been cleared.")), 'info', self.admin.id)
                    return redirect(self.get_url())
            else:
                if self.is_filtering:
                    search_form = SearchForm(request=request, initial=request.session.get(self.get_token('filter')))
                else:
                    search_form = SearchForm(request=request)

        # See if we sould make and handle tab form
        table_form = None
        TableForm = self.get_table_form(items)
        if TableForm:
            if request.method == 'POST' and request.POST.get('origin') == 'table':
                table_form = TableForm(request.POST, request=request)
                if table_form.is_valid():
                    message, redirect_url = self.table_action(items, table_form.cleaned_data)
                    if redirect_url:
                        request.messages.set_flash(message, message.type, self.admin.id)
                        return redirect(redirect_url)
                else:
                    message = Message(table_form.non_field_errors()[0], 'error')
            else:
                table_form = TableForm(request=request)

        # See if we should make and handle list form
        list_form = None
        ListForm = self.get_actions_form(items)
        if ListForm:
            if request.method == 'POST' and request.POST.get('origin') == 'list':
                list_form = ListForm(request.POST, request=request)
                if list_form.is_valid():
                    try:
                        form_action = getattr(self, 'action_' + list_form.cleaned_data['list_action'])
                        message, redirect_url = form_action(items, list_form.cleaned_data['list_items'])
                        if redirect_url:
                            request.messages.set_flash(message, message.type, self.admin.id)
                            return redirect(redirect_url)
                    except AttributeError:
                        message = Message(_("Action requested is incorrect."))
                else:
                    if 'list_items' in list_form.errors:
                        message = Message(self.nothing_checked_message)
                    elif 'list_action' in list_form.errors:
                        message = Message(_("Action requested is incorrect."))
                    else:
                        message = Message(list_form.non_field_errors()[0])
                message.type = 'error'
            else:
                list_form = ListForm(request=request)

        # Little hax to keep counters correct 
        items_shown = len(items)
        if items_total < items_shown:
            items_total = items_shown

        # Render list
        return request.theme.render_to_response(self.get_template(),
                                                self.add_template_variables({
                                                 'admin': self.admin,
                                                 'action': self,
                                                 'request': request,
                                                 'url': self.get_url(),
                                                 'messages_log': request.messages.get_messages(self.admin.id),
                                                 'message': message,
                                                 'sorting': self.sortables,
                                                 'sorting_method': sorting_method,
                                                 'pagination': paginating_method,
                                                 'list_form': FormLayout(list_form) if list_form else None,
                                                 'search_form': FormLayout(search_form) if search_form else None,
                                                 'table_form': FormFields(table_form).fields if table_form else None,
                                                 'items': items,
                                                 'items_total': items_total,
                                                 'items_shown': items_shown,
                                                }),
                                                context_instance=RequestContext(request));
Exemple #33
0
    def __call__(self, request, page=0):
        """
        Use widget as view
        """
        self.request = request

        # Get basic list items
        items_total = self.get_items()

        # Set extra filters?
        try:
            items_total = self.select_items(items_total).count()
        except AttributeError:
            items_total = items_total.count()

        # Set sorting and paginating
        sorting_method = self.get_sorting()
        try:
            paginating_method = self.get_pagination(items_total, page)
        except Http404:
            return redirect(self.get_url())

        # List items
        items = self.get_items()
        if not request.session.get(self.get_token("filter")):
            items = items.all()

        # Set extra filters?
        try:
            items = self.select_items(items)
        except AttributeError:
            pass

        # Sort them
        items = self.sort_items(items, sorting_method)

        # Set pagination
        if self.pagination:
            items = items[paginating_method["start"] : paginating_method["stop"]]

        # Prefetch related?
        try:
            items = self.prefetch_related(items)
        except AttributeError:
            pass

        # Default message
        message = None

        # See if we should make and handle search form
        search_form = None
        SearchForm = self.get_search_form()
        if SearchForm:
            if request.method == "POST":
                # New search
                if request.POST.get("origin") == "search":
                    search_form = SearchForm(request.POST, request=request)
                    if search_form.is_valid():
                        search_criteria = {}
                        for field, criteria in search_form.cleaned_data.items():
                            if len(criteria) > 0:
                                search_criteria[field] = criteria
                        if not search_criteria:
                            message = Message(_("No search criteria have been defined."))
                        else:
                            request.session[self.get_token("filter")] = search_criteria
                            return redirect(self.get_url())
                    else:
                        message = Message(_("Search form contains errors."))
                    message.type = "error"
                else:
                    search_form = SearchForm(request=request)

                # Kill search
                if request.POST.get("origin") == "clear" and self.is_filtering and request.csrf.request_secure(request):
                    request.session[self.get_token("filter")] = None
                    request.messages.set_flash(Message(_("Search criteria have been cleared.")), "info", self.admin.id)
                    return redirect(self.get_url())
            else:
                if self.is_filtering:
                    search_form = SearchForm(request=request, initial=request.session.get(self.get_token("filter")))
                else:
                    search_form = SearchForm(request=request)

        # See if we sould make and handle tab form
        table_form = None
        TableForm = self.get_table_form(items)
        if TableForm:
            if request.method == "POST" and request.POST.get("origin") == "table":
                table_form = TableForm(request.POST, request=request)
                if table_form.is_valid():
                    message, redirect_url = self.table_action(items, table_form.cleaned_data)
                    if redirect_url:
                        request.messages.set_flash(message, message.type, self.admin.id)
                        return redirect(redirect_url)
                else:
                    message = Message(table_form.non_field_errors()[0], "error")
            else:
                table_form = TableForm(request=request)

        # See if we should make and handle list form
        list_form = None
        ListForm = self.get_actions_form(items)
        if ListForm:
            if request.method == "POST" and request.POST.get("origin") == "list":
                list_form = ListForm(request.POST, request=request)
                if list_form.is_valid():
                    try:
                        form_action = getattr(self, "action_" + list_form.cleaned_data["list_action"])
                        message, redirect_url = form_action(
                            items, [int(x) for x in list_form.cleaned_data["list_items"]]
                        )
                        if redirect_url:
                            request.messages.set_flash(message, message.type, self.admin.id)
                            return redirect(redirect_url)
                    except AttributeError:
                        message = Message(_("Action requested is incorrect."))
                else:
                    if "list_items" in list_form.errors:
                        message = Message(self.nothing_checked_message)
                    elif "list_action" in list_form.errors:
                        message = Message(_("Action requested is incorrect."))
                    else:
                        message = Message(list_form.non_field_errors()[0])
                message.type = "error"
            else:
                list_form = ListForm(request=request)

        # Little hax to keep counters correct
        items_shown = len(items)
        if items_total < items_shown:
            items_total = items_shown

        # Render list
        return request.theme.render_to_response(
            self.get_template(),
            self.add_template_variables(
                {
                    "admin": self.admin,
                    "action": self,
                    "request": request,
                    "url": self.get_url(),
                    "messages_log": request.messages.get_messages(self.admin.id),
                    "message": message,
                    "sorting": self.sortables,
                    "sorting_method": sorting_method,
                    "pagination": paginating_method,
                    "list_form": FormLayout(list_form) if list_form else None,
                    "search_form": FormLayout(search_form) if search_form else None,
                    "table_form": FormFields(table_form).fields if table_form else None,
                    "items": items,
                    "items_total": items_total,
                    "items_shown": items_shown,
                }
            ),
            context_instance=RequestContext(request),
        )
Exemple #34
0
def signin(request):
    message = request.messages.get_message('security')
    if request.method == 'POST':
        form = SignInForm(
                          request.POST,
                          show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
                          show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
                          request=request
                          )
        if form.is_valid():
            try:
                # Configure correct auth and redirect links
                if request.firewall.admin:
                    auth_method = auth_admin
                    success_redirect = reverse(site.get_admin_index())
                else:
                    auth_method = auth_forum
                    success_redirect = reverse('index')
                
                # Authenticate user
                user = auth_method(
                                  request,
                                  form.cleaned_data['user_email'],
                                  form.cleaned_data['user_password'],
                                  )
                
                if not request.firewall.admin and request.settings['sessions_hidden'] and form.cleaned_data['user_stay_hidden']:
                    request.session.hidden = True                    
                
                sign_user_in(request, user, request.session.hidden)     
                           
                remember_me_token = False
                if not request.firewall.admin and request.settings['remember_me_allow'] and form.cleaned_data['user_remember_me']:
                    remember_me_token = get_random_string(42)
                    remember_me = Token(
                                        id=remember_me_token,
                                        user=user,
                                        created=timezone.now(),
                                        accessed=timezone.now(),
                                        hidden=request.session.hidden
                                        )
                    remember_me.save()
                if remember_me_token:
                    request.cookie_jar.set('TOKEN', remember_me_token, True)
                request.messages.set_flash(Message(request, 'security/signed_in', extra={'user': user}), 'success', 'security')
                return redirect(success_redirect)
            except AuthException as e:
                message = Message(request, e.type, extra={'user':e.user, 'ban':e.ban})
                message.type = 'error'
                # If not in Admin, register failed attempt
                if not request.firewall.admin and e.type == auth.CREDENTIALS:
                    SignInAttempt.objects.register_attempt(request.session.get_ip(request))
                    # Have we jammed our account?
                    if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
                        request.jam.expires = timezone.now()
                        return redirect(reverse('sign_in'))
        else:
            message = Message(request, form.non_field_errors()[0])
            message.type = 'error'
    else:
        form = SignInForm(
                          show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
                          show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
                          request=request
                          )
    return request.theme.render_to_response('signin.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form, [
                                                 (
                                                     None,
                                                     [('user_email', {'attrs': {'placeholder': _("Enter your e-mail")}}), ('user_password', {'has_value': False, 'placeholder': _("Enter your password")})]
                                                 ),
                                                 (
                                                     None,
                                                     ['user_remember_me', 'user_stay_hidden'],
                                                 ),
                                             ]),
                                             'hide_signin': True, 
                                            },
                                            context_instance=RequestContext(request));