def new_password(request):
"""Create a new password for a user."""
try:
token = request.GET["token"]
except KeyError:
return redirect(reverse("zds.pages.views.home"))
token = get_object_or_404(TokenForgotPassword, token=token)
if request.method == "POST":
form = NewPasswordForm(token.user.username, request.POST)
if form.is_valid():
data = form.data
password = data["password"]
# User can't confirm his request if it is too late.
if datetime.now() > token.date_end:
return render_template("member/new_password/failed.html")
token.user.set_password(password)
token.user.save()
token.delete()
return render_template("member/new_password/success.html")
else:
return render_template("member/new_password.html", {"form": form})
form = NewPasswordForm(identifier=token.user.username)
return render_template("member/new_password/index.html", {"form": form})
def new_image(request, gal_pk):
"""Creates a new image."""
gal = get_object_or_404(Gallery, pk=gal_pk)
# check if the user can upload new image in this gallery
try:
gal_mode = UserGallery.objects.get(gallery=gal, user=request.user)
if gal_mode.mode != 'W':
raise PermissionDenied
except:
raise PermissionDenied
if request.method == "POST":
form = ImageForm(request.POST, request.FILES)
if form.is_valid() and request.FILES["physical"].size < settings.IMAGE_MAX_SIZE:
img = Image()
img.physical = request.FILES["physical"]
img.gallery = gal
img.title = request.POST["title"]
img.slug = slugify(request.FILES["physical"])
img.legend = request.POST["legend"]
img.pubdate = datetime.now()
img.save()
# Redirect to the newly uploaded image edit page after POST
return redirect(reverse("zds.gallery.views.edit_image",
args=[gal.pk, img.pk]))
else:
return render_template("gallery/image/new.html", {"form": form,
"gallery": gal})
else:
form = ImageForm(initial={"new_image": True}) # A empty, unbound form
return render_template("gallery/image/new.html", {"form": form,
"gallery": gal})
def new_password(request):
'''Create a new password for a user'''
try:
token = request.GET['token']
except KeyError:
return redirect(reverse('zds.pages.views.home'))
if request.method == 'POST':
form = NewPasswordForm(request.POST)
if form.is_valid():
data = form.data
password = data['password']
token = get_object_or_404(TokenForgotPassword, token = token)
# User can't confirm his request if it is too late.
if datetime.now() > token.date_end:
return render_template('member/new_password_failed.html')
token.user.set_password(password)
token.user.save()
token.delete()
return render_template('member/new_password_success.html')
else:
return render_template('member/new_password.html', {'form': form})
form = NewPasswordForm()
return render_template('member/new_password.html', {
'form': form
})
def new_password(request):
'''Create a new password for a user'''
try:
token = request.GET['token']
except KeyError:
return redirect(reverse('zds.pages.views.home'))
if request.method == 'POST':
form = NewPasswordForm(request.POST)
if form.is_valid():
data = form.data
password = data['password']
token = get_object_or_404(TokenForgotPassword, token=token)
# User can't confirm his request if it is too late.
if datetime.now() > token.date_end:
return render_template('member/new_password_failed.html')
token.user.set_password(password)
token.user.save()
token.delete()
return render_template('member/new_password_success.html')
else:
return render_template('member/new_password.html', {'form': form})
form = NewPasswordForm()
return render_template('member/new_password.html', {'form': form})
def new_gallery(request):
"""Creates a new gallery."""
if request.method == "POST":
form = GalleryForm(request.POST)
if form.is_valid():
data = form.data
# Creating the gallery
gal = Gallery()
gal.title = data["title"]
gal.subtitle = data["subtitle"]
gal.slug = slugify(data["title"])
gal.pubdate = datetime.now()
gal.save()
# Attach user
userg = UserGallery()
userg.gallery = gal
userg.mode = "W"
userg.user = request.user
userg.save()
return redirect(gal.get_absolute_url())
else:
return render_template("gallery/gallery/new.html", {"form": form})
else:
form = GalleryForm()
return render_template("gallery/gallery/new.html", {"form": form})
def new_password(request):
"""Create a new password for a user."""
try:
token = request.GET["token"]
except KeyError:
return redirect(reverse("zds.pages.views.home"))
token = get_object_or_404(TokenForgotPassword, token=token)
if request.method == "POST":
form = NewPasswordForm(token.user.username, request.POST)
if form.is_valid():
data = form.data
password = data["password"]
# User can't confirm his request if it is too late.
if datetime.now() > token.date_end:
return render_template("member/new_password/failed.html")
token.user.set_password(password)
token.user.save()
token.delete()
return render_template("member/new_password/success.html")
else:
return render_template("member/new_password.html", {"form": form})
form = NewPasswordForm(identifier=token.user.username)
return render_template("member/new_password/index.html", {"form": form})
def new_gallery(request):
"""Creates a new gallery."""
if request.method == "POST":
form = GalleryForm(request.POST)
if form.is_valid():
data = form.data
# Creating the gallery
gal = Gallery()
gal.title = data["title"]
gal.subtitle = data["subtitle"]
gal.slug = slugify(data["title"])
gal.pubdate = datetime.now()
gal.save()
# Attach user
userg = UserGallery()
userg.gallery = gal
userg.mode = "W"
userg.user = request.user
userg.save()
return redirect(gal.get_absolute_url())
else:
return render_template("gallery/gallery/new.html", {"form": form})
else:
form = GalleryForm()
return render_template("gallery/gallery/new.html", {"form": form})
def register_view(request):
"""Register a new user."""
if request.method == "POST":
form = RegisterForm(request.POST)
if form.is_valid():
data = form.data
user = User.objects.create_user(data["username"], data["email"],
data["password"])
user.is_active = False
user.save()
profile = Profile(user=user,
show_email=False,
show_sign=True,
hover_or_click=True,
email_for_answer=False)
profile.last_ip_address = get_client_ip(request)
profile.save()
user.backend = "django.contrib.auth.backends.ModelBackend"
# Generate a valid token during one hour.
uuidToken = str(uuid.uuid4())
date_end = datetime.now() + timedelta(
days=0, hours=1, minutes=0, seconds=0)
token = TokenRegister(user=user,
token=uuidToken,
date_end=date_end)
token.save()
# send email
subject = "ZDS - Confirmation d'inscription"
from_email = "Zeste de Savoir <{0}>".format(settings.MAIL_NOREPLY)
message_html = get_template("email/register/confirm.html").render(
Context({
"username": user.username,
"url": settings.SITE_URL + token.get_absolute_url()
}))
message_txt = get_template("email/register/confirm.txt").render(
Context({
"username": user.username,
"url": settings.SITE_URL + token.get_absolute_url()
}))
msg = EmailMultiAlternatives(subject, message_txt, from_email,
[user.email])
msg.attach_alternative(message_html, "text/html")
try:
msg.send()
except:
msg = None
return render_template("member/register/success.html", {})
else:
return render_template("member/register/index.html",
{"form": form})
form = RegisterForm()
return render_template("member/register/index.html", {"form": form})
def assoc_subscribe(request):
if request.method == "POST":
form = AssocSubscribeForm(request.POST)
if form.is_valid():
user = request.user
data = form.data
context = {
'first_name':
data['first_name'],
'surname':
data['surname'],
'email':
data['email'],
'adresse':
data['adresse'],
'adresse_complement':
data['adresse_complement'],
'code_postal':
data['code_postal'],
'ville':
data['ville'],
'pays':
data['pays'],
'justification':
data['justification'],
'username':
user.username,
'profile_url':
settings.SITE_URL +
reverse('zds.member.views.details',
kwargs={'user_name': user.username})
}
# Send email
subject = "Demande d'adhésion de {}".format(user.username)
from_email = "Zeste de Savoir <{0}>".format(settings.MAIL_NOREPLY)
message_html = get_template("email/assoc/subscribe.html").render(
Context(context))
message_txt = get_template("email/assoc/subscribe.txt").render(
Context(context))
msg = EmailMultiAlternatives(subject, message_txt, from_email,
[settings.MAIL_CA_ASSO])
msg.attach_alternative(message_html, "text/html")
try:
msg.send()
messages.success(
request,
"Votre demande d'adhésion a bien été envoyée et va être étudiée."
)
except:
msg = None
messages.error(request, "Une erreur est survenue.")
return render_template("pages/assoc_subscribe.html", {"form": form})
form = AssocSubscribeForm(initial={'email': request.user.email})
return render_template("pages/assoc_subscribe.html", {"form": form})
def forgot_password(request):
"""If the user forgot his password, he can have a new one."""
if request.method == "POST":
form = ForgotPasswordForm(request.POST)
if form.is_valid():
data = form.data
username = data["username"]
usr = get_object_or_404(User, username=username)
# Generate a valid token during one hour.
uuid_token = str(uuid.uuid4())
date_end = datetime.now() + timedelta(
days=0, hours=1, minutes=0, seconds=0)
token = TokenForgotPassword(user=usr,
token=uuid_token,
date_end=date_end)
token.save()
# send email
subject = _(u"{} - Mot de passe oublié").format(
settings.ZDS_APP['site']['abbr'])
from_email = "{} <{}>".format(
settings.ZDS_APP['site']['litteral_name'],
settings.ZDS_APP['site']['email_noreply'])
message_html = get_template(
"email/forgot_password/confirm.html").render(
Context({
"username":
usr.username,
"url":
settings.ZDS_APP['site']['url'] +
token.get_absolute_url()
}))
message_txt = get_template(
"email/forgot_password/confirm.txt").render(
Context({
"username":
usr.username,
"url":
settings.ZDS_APP['site']['url'] +
token.get_absolute_url()
}))
msg = EmailMultiAlternatives(subject, message_txt, from_email,
[usr.email])
msg.attach_alternative(message_html, "text/html")
msg.send()
return render_template("member/forgot_password/success.html")
else:
return render_template("member/forgot_password/index.html",
{"form": form})
form = ForgotPasswordForm()
return render_template("member/forgot_password/index.html", {"form": form})
def assoc_subscribe(request):
if request.method == "POST":
form = AssocSubscribeForm(request.POST)
if form.is_valid():
user = request.user
data = form.data
context = {
'full_name':
data['full_name'],
'email':
data['email'],
'naissance':
data['naissance'],
'adresse':
data['adresse'],
'justification':
data['justification'],
'username':
user.username,
'profile_url':
settings.ZDS_APP['site']['url'] +
reverse('zds.member.views.details',
kwargs={'user_name': user.username})
}
# Send email
subject = "Demande d'adhésion de {}".format(user.username)
from_email = "{} <{}>".format(
settings.ZDS_APP['site']['litteral_name'],
settings.ZDS_APP['site']['email_noreply'])
message_html = get_template("email/assoc/subscribe.html").render(
Context(context))
message_txt = get_template("email/assoc/subscribe.txt").render(
Context(context))
msg = EmailMultiAlternatives(
subject, message_txt, from_email,
[settings.ZDS_APP['site']['association']['email_ca']])
msg.attach_alternative(message_html, "text/html")
try:
msg.send()
messages.success(
request,
_(u"Votre demande d'adhésion a bien été envoyée et va être étudiée."
))
except:
msg = None
messages.error(request, u"Une erreur est survenue.")
# reset the form after successfull validation
form = AssocSubscribeForm()
return render_template("pages/assoc_subscribe.html", {"form": form})
form = AssocSubscribeForm(initial={'email': request.user.email})
return render_template("pages/assoc_subscribe.html", {"form": form})
def register_view(request):
'''Register a new user'''
if request.method == 'POST':
form = RegisterForm(request.POST)
if form.is_valid():
data = form.data
user = User.objects.create_user(
data['username'],
data['email'],
data['password'])
user.is_active=False
user.save()
profile = Profile(user=user, show_email=False, show_sign=True, hover_or_click=True)
profile.last_ip_address = get_client_ip(request)
profile.save()
user.backend = 'django.contrib.auth.backends.ModelBackend'
# Generate a valid token during one hour.
uuidToken = str(uuid.uuid4())
date_end = datetime.now() + timedelta(days=0, hours=1, minutes=0, seconds=0)
token = TokenRegister(user=user, token = uuidToken, date_end = date_end)
token.save()
#send email
subject = "ZDS - Confirmation d'inscription"
from_email = 'ZesteDeSavoir <*****@*****.**>'
message_html = get_template('email/confirm_register.html').render(
Context({
'username': user.username,
'url': token.get_absolute_url(),
})
)
message_txt = get_template('email/confirm_register.txt').render(
Context({
'username': user.username,
'url': token.get_absolute_url(),
})
)
msg = EmailMultiAlternatives(subject, message_txt, from_email, [user.email])
msg.attach_alternative(message_html, "text/html")
msg.send()
return render_template('member/register_success.html', {
'user': user
})
form = RegisterForm()
return render_template('member/register.html', {
'form': form
})
def edit_post(request):
"""Edit the given user's post."""
try:
post_pk = request.GET["message"]
except KeyError:
raise Http404
post = get_object_or_404(PrivatePost, pk=post_pk)
# Only edit last private post
tp = get_object_or_404(PrivateTopic, pk=post.privatetopic.pk)
last = get_object_or_404(PrivatePost, pk=tp.last_message.pk)
if not last.pk == post.pk:
raise PermissionDenied
g_topic = None
if post.position_in_topic >= 1:
g_topic = get_object_or_404(PrivateTopic, pk=post.privatetopic.pk)
# Making sure the user is allowed to do that. Author of the post
# must to be the user logged.
if post.author != request.user:
raise PermissionDenied
if request.method == "POST":
if "text" not in request.POST:
# if preview mode return on
if "preview" in request.POST:
return redirect(reverse("zds.mp.views.edit_post") + "?message=" + str(post_pk))
# disallow send mp
else:
raise PermissionDenied
# Using the preview button
if "preview" in request.POST:
form = PrivatePostForm(g_topic, request.user, initial={"text": request.POST["text"]})
form.helper.form_action = reverse("zds.mp.views.edit_post") + "?message=" + str(post_pk)
return render_template("mp/post/edit.html", {"post": post, "topic": g_topic, "form": form})
# The user just sent data, handle them
post.text = request.POST["text"]
post.text_html = emarkdown(request.POST["text"])
post.update = datetime.now()
post.save()
return redirect(post.get_absolute_url())
else:
form = PrivatePostForm(g_topic, request.user, initial={"text": post.text})
form.helper.form_action = reverse("zds.mp.views.edit_post") + "?message=" + str(post_pk)
return render_template("mp/post/edit.html", {"post": post, "topic": g_topic, "text": post.text, "form": form})
def new(request):
"""Creates a new private topic."""
if request.method == "POST":
# If the client is using the "preview" button
if "preview" in request.POST:
form = PrivateTopicForm(
initial={
"participants": request.POST["participants"],
"title": request.POST["title"],
"subtitle": request.POST["subtitle"],
"text": request.POST["text"],
}
)
return render_template("mp/topic/new.html", {"form": form})
form = PrivateTopicForm(request.POST)
if form.is_valid():
data = form.data
# Retrieve all participants of the MP.
ctrl = []
list_part = data["participants"].replace(",", " ").split()
for part in list_part:
part = part.strip()
if part == "":
continue
p = get_object_or_404(User, username=part)
# We don't the author of the MP.
if request.user == p:
continue
ctrl.append(p)
p_topic = send_mp(request.user, ctrl, data["title"], data["subtitle"], data["text"], True, False)
return redirect(p_topic.get_absolute_url())
else:
return render_template("mp/topic/new.html", {"form": form})
else:
if "username" in request.GET:
try:
# check that username in url is in the database
dest = User.objects.get(username=request.GET["username"]).username
except:
dest = None
else:
dest = None
form = PrivateTopicForm(initial={"participants": dest})
return render_template("mp/topic/new.html", {"form": form})
def register_view(request):
'''Register a new user'''
if request.method == 'POST':
form = RegisterForm(request.POST)
if form.is_valid():
data = form.data
user = User.objects.create_user(data['username'], data['email'],
data['password'])
user.is_active = False
user.save()
profile = Profile(user=user,
show_email=False,
show_sign=True,
hover_or_click=True)
profile.last_ip_address = get_client_ip(request)
profile.save()
user.backend = 'django.contrib.auth.backends.ModelBackend'
# Generate a valid token during one hour.
uuidToken = str(uuid.uuid4())
date_end = datetime.now() + timedelta(
days=0, hours=1, minutes=0, seconds=0)
token = TokenRegister(user=user,
token=uuidToken,
date_end=date_end)
token.save()
#send email
subject = "ZDS - Confirmation d'inscription"
from_email = 'ZesteDeSavoir <*****@*****.**>'
message_html = get_template('email/confirm_register.html').render(
Context({
'username': user.username,
'url': token.get_absolute_url(),
}))
message_txt = get_template('email/confirm_register.txt').render(
Context({
'username': user.username,
'url': token.get_absolute_url(),
}))
msg = EmailMultiAlternatives(subject, message_txt, from_email,
[user.email])
msg.attach_alternative(message_html, "text/html")
msg.send()
return render_template('member/register_success.html',
{'user': user})
form = RegisterForm()
return render_template('member/register.html', {'form': form})
def settings_profile(request):
"""User's settings about his personal information."""
# extra information about the current user
profile = request.user.profile
if request.method == "POST":
form = ProfileForm(request.POST)
c = {"form": form}
if form.is_valid():
profile.biography = form.data["biography"]
profile.site = form.data["site"]
profile.show_email = "show_email" \
in form.cleaned_data.get("options")
profile.show_sign = "show_sign" in form.cleaned_data.get("options")
profile.hover_or_click = "hover_or_click" \
in form.cleaned_data.get("options")
profile.email_for_answer = "email_for_answer" \
in form.cleaned_data.get("options")
profile.avatar_url = form.data["avatar_url"]
profile.sign = form.data["sign"]
# Save the profile and redirect the user to the configuration space
# with message indicate the state of the operation
try:
profile.save()
except:
messages.error(request, "Une erreur est survenue.")
return redirect(reverse("zds.member.views.settings_profile"))
messages.success(request,
"Le profil a correctement été mis à jour.")
return redirect(reverse("zds.member.views.settings_profile"))
else:
return render_template("member/settings/profile.html", c)
else:
form = ProfileForm(
initial={
"biography": profile.biography,
"site": profile.site,
"avatar_url": profile.avatar_url,
"show_email": profile.show_email,
"show_sign": profile.show_sign,
"hover_or_click": profile.hover_or_click,
"email_for_answer": profile.email_for_answer,
"sign": profile.sign,
})
c = {"form": form}
return render_template("member/settings/profile.html", c)
def settings_profile(request):
"""User's settings about his personal information."""
# extra information about the current user
profile = request.user.profile
if request.method == "POST":
form = ProfileForm(request.POST)
c = {"form": form}
if form.is_valid():
profile.biography = form.data["biography"]
profile.site = form.data["site"]
profile.show_email = "show_email" \
in form.cleaned_data.get("options")
profile.show_sign = "show_sign" in form.cleaned_data.get("options")
profile.hover_or_click = "hover_or_click" \
in form.cleaned_data.get("options")
profile.email_for_answer = "email_for_answer" \
in form.cleaned_data.get("options")
profile.avatar_url = form.data["avatar_url"]
profile.sign = form.data["sign"]
# Save the profile and redirect the user to the configuration space
# with message indicate the state of the operation
try:
profile.save()
except:
messages.error(request, "Une erreur est survenue.")
return redirect(reverse("zds.member.views.settings_profile"))
messages.success(request,
"Le profil a correctement été mis à jour.")
return redirect(reverse("zds.member.views.settings_profile"))
else:
return render_template("member/settings/profile.html", c)
else:
form = ProfileForm(initial={
"biography": profile.biography,
"site": profile.site,
"avatar_url": profile.avatar_url,
"show_email": profile.show_email,
"show_sign": profile.show_sign,
"hover_or_click": profile.hover_or_click,
"email_for_answer": profile.email_for_answer,
"sign": profile.sign,
})
c = {"form": form}
return render_template("member/settings/profile.html", c)
def topic(request, topic_pk, topic_slug):
"""Display a thread and its posts using a pager."""
# TODO: Clean that up
g_topic = get_object_or_404(PrivateTopic, pk=topic_pk)
if not g_topic.author == request.user \
and request.user not in list(g_topic.participants.all()):
raise PermissionDenied
# Check link
if not topic_slug == slugify(g_topic.title):
return redirect(g_topic.get_absolute_url())
if request.user.is_authenticated():
if never_privateread(g_topic):
mark_read(g_topic)
posts = PrivatePost.objects.filter(privatetopic__pk=g_topic.pk)\
.order_by('position_in_topic')\
.all()
last_post_pk = g_topic.last_message.pk
# Handle pagination
paginator = Paginator(posts, settings.POSTS_PER_PAGE)
try:
page_nbr = int(request.GET['page'])
except KeyError:
page_nbr = 1
try:
posts = paginator.page(page_nbr)
except PageNotAnInteger:
posts = paginator.page(1)
except EmptyPage:
raise Http404
res = []
if page_nbr != 1:
# Show the last post of the previous page
last_page = paginator.page(page_nbr - 1).object_list
last_post = (last_page)[len(last_page) - 1]
res.append(last_post)
for post in posts:
res.append(post)
# Build form to add an answer for the current topid.
form = PrivatePostForm(g_topic, request.user)
return render_template('mp/topic/index.html', {
'topic': g_topic,
'posts': res,
'pages': paginator_range(page_nbr, paginator.num_pages),
'nb': page_nbr,
'last_post_pk': last_post_pk,
'form': form
})
def new_image(request, gal_pk):
'''
Creates a new image
'''
gal = get_object_or_404(Gallery, pk=gal_pk)
if request.method == 'POST':
form = ImageForm(request.POST, request.FILES)
if form.is_valid() \
and request.FILES['physical'].size < settings.IMAGE_MAX_SIZE:
img = Image()
img.physical = request.FILES['physical']
img.gallery = gal
img.title = request.POST['title']
img.slug = slugify(request.FILES['physical'])
img.legend = request.POST['legend']
img.pubdate = datetime.now()
img.save()
# Redirect to the document list after POST
return redirect(gal.get_absolute_url())
else:
# TODO: add errors to the form and return it
raise Http404
else:
form = ImageForm() # A empty, unbound form
return render_template('gallery/new_image.html', {
'form': form,
'gallery': gal
})
def articles(request):
"""Returns all articles of the authenticated user."""
# The type indicate what the user would like to display. We can display
# public, draft or all user's articles.
try:
state = request.GET['type']
except KeyError:
state = None
# Retrieves all articles of the current user.
profile = request.user.profile
if state == 'draft':
user_articles = profile.get_draft_articles()
elif state == 'validate':
user_articles = profile.get_validate_articles()
elif state == 'public':
user_articles = profile.get_public_articles()
else:
user_articles = profile.get_articles()
return render_template('article/member/index.html', {
'articles': user_articles,
'type': state
})
def index(request):
"""Display all public articles of the website."""
# The tag indicate what the category article the user would
# like to display. We can display all subcategories for articles.
try:
tag = get_object_or_404(SubCategory, title=request.GET['tag'])
except (KeyError, Http404):
tag = None
if tag is None:
articles = Article.objects\
.filter(sha_public__isnull=False).exclude(sha_public="")\
.order_by('-pubdate')\
.all()
else:
# The tag isn't None and exist in the system. We can use it to retrieve
# all articles in the subcategory specified.
articles = Article.objects\
.filter(sha_public__isnull=False, subcategory__in=[tag])\
.exclude(sha_public="").order_by('-pubdate')\
.all()
article_versions = []
for article in articles:
article_version = article.load_json_for_public()
article_version = article.load_dic(article_version)
article_versions.append(article_version)
return render_template('article/index.html', {
'articles': article_versions,
'tag': tag,
})
def history_validation(request, article_pk):
"""History of the validation of an article."""
article = get_object_or_404(Article, pk=article_pk)
# Get subcategory to filter validations.
try:
subcategory = get_object_or_404(Category,
pk=request.GET['subcategory'])
except (KeyError, Http404):
subcategory = None
if subcategory is None:
validations = Validation.objects \
.filter(article__pk=article_pk) \
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(article__pk=article_pk,
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
return render_template(
'article/validation/history.html', {
'validations': validations,
'article': article,
'authors': article.authors,
'tags': article.subcategory,
})
def tutorials(request):
"""Returns all tutorials of the authenticated user."""
# The type indicate what the user would like to display. We can display
# public, draft or all user's tutorials.
try:
type = request.GET["type"]
except KeyError:
type = None
# Retrieves all tutorials of the current user.
profile = request.user.profile
if type == "draft":
user_tutorials = profile.get_draft_tutos()
elif type == "beta":
user_tutorials = profile.get_beta_tutos()
elif type == "validate":
user_tutorials = profile.get_validate_tutos()
elif type == "public":
user_tutorials = profile.get_public_tutos()
else:
user_tutorials = profile.get_tutos()
return render_template("tutorial/member/index.html",
{"tutorials": user_tutorials, "type": type})
def list_validation(request):
"""Display articles list in validation."""
# Retrieve type of the validation. Default value is all validations.
try:
type = request.GET['type']
except KeyError:
type = None
# Get subcategory to filter validations.
try:
subcategory = get_object_or_404(
Category,
pk=request.GET['subcategory'])
except (KeyError, Http404):
subcategory = None
# Orphan validation. There aren't validator attached to the validations.
if type == 'orphan':
if subcategory is None:
validations = Validation.objects \
.filter(validator__isnull=True, status='PENDING') \
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(validator__isnull=True, status='PENDING',
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
# Reserved validation. There are a validator attached to the validations.
elif type == 'reserved':
if subcategory is None:
validations = Validation.objects \
.filter(validator__isnull=False, status='RESERVED') \
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(validator__isnull=False, status='PENDING',
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
# Default, we display all validations.
else:
if subcategory is None:
validations = Validation.objects \
.filter(Q(status='PENDING') | Q(status='RESERVED'))\
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(status='PENDING',
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
return render_template('article/validation/index.html', {
'validations': validations,
})
def details(request, user_name):
'''Displays details about a profile'''
usr = get_object_or_404(User, username=user_name)
try:
profile = usr.get_profile()
bans= Ban.objects.filter(user=usr).order_by('-pubdate')
except SiteProfileNotAvailable:
raise Http404
#refresh moderation chart
dot_chart = pygal.Dot(x_label_rotation=30)
dot_chart.title = u'Messages postés par période'
dot_chart.x_labels = [u'Dimanche', u'Lundi', u'Mardi', u'Mercredi', u'Jeudi', u'Vendredi', u'Samedi']
dot_chart.show_legend = False
dates = date_to_chart(profile.get_posts())
for i in range(0,24):
dot_chart.add(str(i)+' h', dates[(i+1)%24])
img_path = os.path.join(settings.MEDIA_ROOT, 'pygal')
if not os.path.isdir(img_path) :
os.makedirs(img_path, mode=0777)
fchart = os.path.join(img_path, 'mod-{}.svg'.format(str(usr.pk)))
dot_chart.render_to_file(fchart)
return render_template('member/profile.html', {
'usr': usr, 'profile': profile, 'bans': bans
})
def home(request):
"""Display the home page with last topics added."""
tutos = []
for tuto in get_last_tutorials():
data = tuto.load_json_for_public()
data = tuto.load_dic(data)
tutos.append(data)
articles = []
for article in get_last_articles():
data = article.load_json_for_public()
data = article.load_dic(data)
articles.append(data)
try:
with open(os.path.join(SITE_ROOT, 'quotes.txt'), 'r') as fh:
quote = random.choice(fh.readlines())
except:
quote = u'Zeste de Savoir, la connaissance pour tous et sans pépins !'
return render_template('home.html', {
'last_tutorials': tutos,
'last_articles': articles,
'quote': quote,
})
def articles(request):
"""Returns all articles of the authenticated user."""
# The type indicate what the user would like to display. We can display
# public, draft or all user's articles.
try:
type = request.GET["type"]
except KeyError:
type = None
# Retrieves all articles of the current user.
profile = request.user.profile
if type == "draft":
user_articles = profile.get_draft_articles()
if type == "validate":
user_articles = profile.get_validate_articles()
elif type == "public":
user_articles = profile.get_public_articles()
else:
user_articles = profile.get_articles()
return render_template("article/member/index.html",
{"articles": user_articles, "type": type})
def find_post(request, user_pk):
'''Finds all posts of a user'''
u = get_object_or_404(User, pk=user_pk)
posts = Post.objects\
.filter(author=u)\
.order_by('-pubdate')\
.all()
# Paginator
paginator = Paginator(posts, settings.POSTS_PER_PAGE)
page = request.GET.get('page')
try:
shown_posts = paginator.page(page)
page = int(page)
except PageNotAnInteger:
shown_posts = paginator.page(1)
page = 1
except EmptyPage:
shown_posts = paginator.page(paginator.num_pages)
page = paginator.num_pages
return render_template(
'forum/find_post.html', {
'posts': shown_posts,
'usr': u,
'pages': paginator_range(page, paginator.num_pages),
'nb': page
})
def tutorials(request):
"""Returns all tutorials of the authenticated user."""
# The type indicate what the user would like to display. We can display
# public, draft or all user's tutorials.
try:
type = request.GET["type"]
except KeyError:
type = None
# Retrieves all tutorials of the current user.
profile = request.user.profile
if type == "draft":
user_tutorials = profile.get_draft_tutos()
elif type == "beta":
user_tutorials = profile.get_beta_tutos()
elif type == "validate":
user_tutorials = profile.get_validate_tutos()
elif type == "public":
user_tutorials = profile.get_public_tutos()
else:
user_tutorials = profile.get_tutos()
return render_template("tutorial/member/index.html", {
"tutorials": user_tutorials,
"type": type
})
def new_gallery(request):
'''
Creates a new gallery
'''
if request.method == 'POST':
form = GalleryForm(request.POST)
if form.is_valid():
data = form.data
# Creating the gallery
gal = Gallery()
gal.title = data['title']
gal.subtitle = data['subtitle']
gal.slug = slugify(data['title'])
gal.pubdate = datetime.now()
gal.save()
# Attach user
userg = UserGallery()
userg.gallery = gal
userg.mode = 'W'
userg.user = request.user
userg.save()
return redirect(gal.get_absolute_url())
else:
# TODO: add errors to the form and return it
raise Http404
else:
form = GalleryForm()
return render_template('gallery/new_gallery.html', {
'form': form
})
def index(request):
"""Display all public articles of the website."""
# The tag indicate what the category article the user would
# like to display. We can display all subcategories for articles.
try:
tag = get_object_or_404(SubCategory, title=request.GET['tag'])
except (KeyError, Http404):
tag = None
if tag is None:
article = Article.objects\
.filter(sha_public__isnull=False).exclude(sha_public="")\
.order_by('-pubdate')\
.all()
else:
# The tag isn't None and exist in the system. We can use it to retrieve
# all articles in the subcategory specified.
article = Article.objects\
.filter(sha_public__isnull=False, subcategory__in=[tag])\
.exclude(sha_public="").order_by('-pubdate')\
.all()
return render_template('article/index.html', {
'articles': article,
})
def list_validation(request):
"""Display articles list in validation."""
# Retrieve type of the validation. Default value is all validations.
try:
type = request.GET['type']
except KeyError:
type = None
# Get subcategory to filter validations.
try:
subcategory = get_object_or_404(
Category,
pk=request.GET['subcategory'])
except (KeyError, Http404):
subcategory = None
# Orphan validation. There aren't validator attached to the validations.
if type == 'orphan':
if subcategory is None:
validations = Validation.objects \
.filter(validator__isnull=True, status='PENDING') \
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(validator__isnull=True, status='PENDING',
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
# Reserved validation. There are a validator attached to the validations.
elif type == 'reserved':
if subcategory is None:
validations = Validation.objects \
.filter(validator__isnull=False, status='RESERVED') \
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(validator__isnull=False, status='PENDING',
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
# Default, we display all validations.
else:
if subcategory is None:
validations = Validation.objects \
.filter(Q(status='PENDING') | Q(status='RESERVED'))\
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(status='PENDING',
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
return render_template('article/validation/index.html', {
'validations': validations,
})
def history_validation(request, article_pk):
"""History of the validation of an article."""
article = get_object_or_404(Article, pk=article_pk)
# Get subcategory to filter validations.
try:
subcategory = get_object_or_404(
Category,
pk=request.GET['subcategory'])
except (KeyError, Http404):
subcategory = None
if subcategory is None:
validations = Validation.objects \
.filter(article__pk=article_pk) \
.order_by("date_proposition") \
.all()
else:
validations = Validation.objects \
.filter(article__pk=article_pk,
article__subcategory__in=[subcategory]) \
.order_by("date_proposition") \
.all()
return render_template('article/validation/history.html', {
'validations': validations,
'article': article,
'authors': article.authors,
'tags': article.subcategory,
})
def articles(request):
"""Returns all articles of the authenticated user."""
# The type indicate what the user would like to display. We can display
# public, draft or all user's articles.
try:
type = request.GET["type"]
except KeyError:
type = None
# Retrieves all articles of the current user.
profile = request.user.profile
if type == "draft":
user_articles = profile.get_draft_articles()
if type == "validate":
user_articles = profile.get_validate_articles()
elif type == "public":
user_articles = profile.get_public_articles()
else:
user_articles = profile.get_articles()
return render_template("article/member/index.html", {
"articles": user_articles,
"type": type
})
def edit_image(request, gal_pk, img_pk):
'''
Creates a new image
'''
gal = get_object_or_404(Gallery, pk=gal_pk)
img = get_object_or_404(Image, pk=img_pk)
if request.method == 'POST':
form = ImageForm(request.POST)
if form.is_valid():
img.title = request.POST['title']
img.legend = request.POST['legend']
img.update = datetime.now()
img.save()
# Redirect to the document list after POST
return redirect(gal.get_absolute_url())
else:
# TODO: add errors to the form and return it
raise Http404
else:
form = ImageForm() # A empty, unbound form
return render_template('gallery/edit_image.html', {
'form': form,
'gallery': gal,
'image': img
})
def home(request):
"""Display the home page with last topics added."""
tutos = []
for tuto in get_last_tutorials():
data = tuto.load_json_for_public()
tuto.load_dic(data)
tutos.append(data)
articles = []
for article in get_last_articles():
data = article.load_json_for_public()
data = article.load_dic(data)
articles.append(data)
try:
with open(os.path.join(SITE_ROOT, 'quotes.txt'), 'r') as fh:
quote = random.choice(fh.readlines())
except:
quote = settings.ZDS_APP['site']['slogan']
return render_template('home.html', {
'last_tutorials': tutos,
'last_articles': articles,
'quote': quote,
})
def index(request):
"""Display the category list with all their forums."""
categories = top_categories(request.user)
return render_template("forum/index.html", {"categories": categories,
"user": request.user})
def home(request):
"""Display the home page with last topics added."""
tutos = []
for tuto in get_last_tutorials():
data = tuto.load_json_for_public()
data['pk'] = tuto.pk
data['image'] = tuto.image
data['gallery'] = tuto.gallery
data['pubdate'] = tuto.pubdate
data['update'] = tuto.update
data['subcategory'] = tuto.subcategory
data['get_absolute_url_online'] = reverse(
'zds.tutorial.views.view_tutorial_online',
args=[
tuto.pk,
slugify(
data['title'])])
tutos.append(data)
try:
with open(os.path.join(SITE_ROOT, 'quotes.txt'), 'r') as fh:
quote = random.choice(fh.readlines())
except:
quote = u'Zeste de Savoir, la connaissance pour tous et sans pépins !'
return render_template('home.html', {
'last_topics': get_last_topics(request.user),
'last_tutorials': tutos,
'last_articles': get_last_articles(),
'quote': quote,
})
def index(request):
"""Display the category list with all their forums."""
categories = top_categories(request.user)
return render_template("forum/index.html", {"categories": categories,
"user": request.user})
def find_topic(request, user_pk):
"""Finds all topics of a user."""
u = get_object_or_404(User, pk=user_pk)
topics = \
Topic.objects\
.filter(author=u)\
.exclude(Q(forum__group__isnull=False) & ~Q(forum__group__in=u.groups.all()))\
.prefetch_related("author")\
.order_by("-pubdate").all()
# Paginator
paginator = Paginator(topics, settings.TOPICS_PER_PAGE)
page = request.GET.get("page")
try:
shown_topics = paginator.page(page)
page = int(page)
except PageNotAnInteger:
shown_topics = paginator.page(1)
page = 1
except EmptyPage:
shown_topics = paginator.page(paginator.num_pages)
page = paginator.num_pages
return render_template("forum/find/topic.html", {
"topics": shown_topics,
"usr": u,
"pages": paginator_range(page, paginator.num_pages),
"nb": page,
})
def find_topic(request, user_pk):
"""Finds all topics of a user."""
displayed_user = get_object_or_404(User, pk=user_pk)
topics = \
Topic.objects\
.filter(author=displayed_user)\
.exclude(Q(forum__group__isnull=False) & ~Q(forum__group__in=request.user.groups.all()))\
.prefetch_related("author")\
.order_by("-pubdate").all()
# Paginator
paginator = Paginator(topics, settings.TOPICS_PER_PAGE)
page = request.GET.get("page")
try:
shown_topics = paginator.page(page)
page = int(page)
except PageNotAnInteger:
shown_topics = paginator.page(1)
page = 1
except EmptyPage:
shown_topics = paginator.page(paginator.num_pages)
page = paginator.num_pages
return render_template("forum/find/topic.html", {
"topics": shown_topics,
"usr": displayed_user,
"pages": paginator_range(page, paginator.num_pages),
"nb": page,
})
def home(request):
"""Display the home page with last topics added."""
tutos = []
for tuto in get_last_tutorials():
data = tuto.load_json_for_public()
tuto.load_dic(data)
tutos.append(data)
articles = []
for article in get_last_articles():
data = article.load_json_for_public()
data = article.load_dic(data)
articles.append(data)
try:
with open(os.path.join(SITE_ROOT, 'quotes.txt'), 'r') as fh:
quote = random.choice(fh.readlines())
except:
quote = u'Zeste de Savoir, la connaissance pour tous et sans pépins !'
return render_template('home.html', {
'last_tutorials': tutos,
'last_articles': articles,
'quote': quote,
})
def login_view(request):
"""Log in user."""
csrf_tk = {}
csrf_tk.update(csrf(request))
error = False
# Redirecting user once logged in?
if "next" in request.GET:
next_page = request.GET["next"]
else:
next_page = None
if request.method == "POST":
form = LoginForm(request.POST)
username = request.POST["username"]
password = request.POST["password"]
user = authenticate(username=username, password=password)
if user is not None:
profile = get_object_or_404(Profile, user=user)
if user.is_active:
if profile.can_read_now():
login(request, user)
request.session["get_token"] = generate_token()
if "remember" not in request.POST:
request.session.set_expiry(0)
profile.last_ip_address = get_client_ip(request)
profile.save()
# redirect the user if needed
try:
return redirect(next_page)
except:
return redirect(reverse("zds.pages.views.home"))
else:
messages.error(
request, "Vous n'êtes pas autorisé à vous connecter "
"sur le site, vous avez été banni par un "
"modérateur")
else:
messages.error(
request, "Vous n'avez pas encore activé votre compte, "
"vous devez le faire pour pouvoir vous "
"connecter sur le site. Regardez dans vos "
"mails : " + str(user.email))
else:
messages.error(request,
"Les identifiants fournis ne sont pas valides")
form = LoginForm()
form.helper.form_action = reverse("zds.member.views.login_view")
if next_page is not None:
form.helper.form_action += "?next=" + next_page
csrf_tk["error"] = error
csrf_tk["form"] = form
csrf_tk["next_page"] = next_page
return render_template("member/login.html", {
"form": form,
"csrf_tk": csrf_tk,
"next_page": next_page
})
def forgot_password(request):
'''If the user forgot his password, he can have a new one'''
if request.method == 'POST':
form = ForgotPasswordForm(request.POST)
if form.is_valid():
data = form.data
username = data['username']
usr = get_object_or_404(User, username=username)
# Generate a valid token during one hour.
uuidToken = str(uuid.uuid4())
date_end = datetime.now() + timedelta(
days=0, hours=1, minutes=0, seconds=0)
token = TokenForgotPassword(user=usr,
token=uuidToken,
date_end=date_end)
token.save()
#send email
subject = "ZDS - Mot de passe oublié"
from_email = 'ZesteDeSavoir <*****@*****.**>'
message_html = get_template(
'email/confirm_forgot_password.html').render(
Context({
'username': usr.username,
'url': token.get_absolute_url(),
}))
message_txt = get_template(
'email/confirm_forgot_password.txt').render(
Context({
'username': usr.username,
'url': token.get_absolute_url(),
}))
msg = EmailMultiAlternatives(subject, message_txt, from_email,
[usr.email])
msg.attach_alternative(message_html, "text/html")
msg.send()
return render_template('member/forgot_password_success.html')
else:
return render_template('member/forgot_password.html',
{'form': form})
form = ForgotPasswordForm()
return render_template('member/forgot_password.html', {'form': form})
def register_view(request):
"""Register a new user."""
if request.method == "POST":
form = RegisterForm(request.POST)
if form.is_valid():
data = form.data
user = User.objects.create_user(data["username"], data["email"],
data["password"])
user.is_active = False
user.save()
profile = Profile(user=user, show_email=False, show_sign=True,
hover_or_click=True, email_for_answer=False)
profile.last_ip_address = get_client_ip(request)
profile.save()
user.backend = "django.contrib.auth.backends.ModelBackend"
# Generate a valid token during one hour.
uuidToken = str(uuid.uuid4())
date_end = datetime.now() + timedelta(days=0, hours=1, minutes=0,
seconds=0)
token = TokenRegister(user=user, token=uuidToken,
date_end=date_end)
token.save()
# send email
subject = "ZDS - Confirmation d'inscription"
from_email = "Zeste de Savoir <{0}>".format(settings.MAIL_NOREPLY)
message_html = get_template("email/register/confirm.html").render(Context(
{"username": user.username, "url": settings.SITE_URL + token.get_absolute_url()}))
message_txt = get_template("email/register/confirm.txt") .render(Context(
{"username": user.username, "url": settings.SITE_URL + token.get_absolute_url()}))
msg = EmailMultiAlternatives(subject, message_txt, from_email,
[user.email])
msg.attach_alternative(message_html, "text/html")
try:
msg.send()
except:
msg = None
return render_template("member/register/success.html", {})
else:
return render_template("member/register/index.html", {"form": form})
form = RegisterForm()
return render_template("member/register/index.html", {"form": form})
def login_view(request):
"""Log in user."""
csrf_tk = {}
csrf_tk.update(csrf(request))
error = False
# Redirecting user once logged in?
if "next" in request.GET:
next_page = request.GET["next"]
else:
next_page = None
if request.method == "POST":
form = LoginForm(request.POST)
username = request.POST["username"]
password = request.POST["password"]
user = authenticate(username=username, password=password)
if user is not None:
profile = get_object_or_404(Profile, user=user)
if user.is_active:
if profile.can_read_now():
login(request, user)
request.session["get_token"] = generate_token()
if "remember" not in request.POST:
request.session.set_expiry(0)
profile.last_ip_address = get_client_ip(request)
profile.save()
# redirect the user if needed
try:
return redirect(next_page)
except:
return redirect(reverse("zds.pages.views.home"))
else:
messages.error(request,
"Vous n'êtes pas autorisé à vous connecter "
"sur le site, vous avez été banni par un "
"modérateur")
else:
messages.error(request,
"Vous n'avez pas encore activé votre compte, "
"vous devez le faire pour pouvoir vous "
"connecter sur le site. Regardez dans vos "
"mails : " + str(user.email))
else:
messages.error(request,
"Les identifiants fournis ne sont pas valides")
form = LoginForm()
form.helper.form_action = reverse("zds.member.views.login_view")
if next_page is not None:
form.helper.form_action += "?next=" + next_page
csrf_tk["error"] = error
csrf_tk["form"] = form
csrf_tk["next_page"] = next_page
return render_template("member/login.html",
{"form": form,
"csrf_tk": csrf_tk,
"next_page": next_page})
def edit_image(request, gal_pk, img_pk):
"""Edit an existing image."""
gal = get_object_or_404(Gallery, pk=gal_pk)
img = get_object_or_404(Image, pk=img_pk)
# Check if user can edit image
try:
permission = UserGallery.objects.get(user=request.user, gallery=gal)
if permission.mode != 'W':
raise PermissionDenied
except:
raise PermissionDenied
# Check if the image belong to the gallery
if img.gallery != gal:
raise PermissionDenied
if request.method == "POST":
form = UpdateImageForm(request.POST, request.FILES)
if form.is_valid():
if "physical" in request.FILES:
if request.FILES["physical"].size > settings.IMAGE_MAX_SIZE:
messages.error(request, "Votre image est beaucoup trop lourde, réduisez sa taille à moins de {} \
<abbr title=\"kibioctet\">Kio</abbr> avant de l'envoyer".format(str(settings.IMAGE_MAX_SIZE/1024)))
else:
img.title = request.POST["title"]
img.legend = request.POST["legend"]
img.physical = request.FILES["physical"]
img.slug = slugify(request.FILES["physical"])
img.update = datetime.now()
img.save()
# Redirect to the newly uploaded image edit page after POST
return redirect(reverse("zds.gallery.views.edit_image", args=[gal.pk, img.pk]))
else:
img.title = request.POST["title"]
img.legend = request.POST["legend"]
img.update = datetime.now()
img.save()
# Redirect to the newly uploaded image edit page after POST
return redirect(reverse("zds.gallery.views.edit_image", args=[gal.pk, img.pk]))
else:
form = UpdateImageForm(initial={
"title": img.title,
"legend": img.legend,
"physical": img.physical,
"new_image": False,
})
as_avatar_form = ImageAsAvatarForm()
return render_template(
"gallery/image/edit.html", {
"form": form,
"as_avatar_form": as_avatar_form,
"gallery": gal,
"image": img
})
def find_article(request, name):
u = get_object_or_404(User, username=name)
articles=Article.objects.all().filter(author=u)\
.order_by('-pubdate')
# Paginator
return render_template('article/find_article.html', {
'articles': articles, 'usr':u,
})
def articles(request):
'''Returns all articles of the authenticated user'''
profile = Profile.objects.get(user=request.user)
user_articles = profile.get_articles()
return render_template('article/index.html', {
'articles': user_articles,
})
def tutorials(request):
'''Returns all tutorials of the authenticated user'''
profile = Profile.objects.get(user=request.user)
user_tutorials = profile.get_tutos()
return render_template('member/publications.html', {
'user_tutorials': user_tutorials,
})
def tutorials(request):
'''Returns all tutorials of the authenticated user'''
profile = Profile.objects.get(user=request.user)
user_tutorials = profile.get_tutos()
return render_template('member/publications.html', {
'user_tutorials': user_tutorials,
})
def gallery_list(request):
'''
Display the gallery list with all their images
'''
galleries = UserGallery.objects.all().filter(user=request.user)
return render_template('gallery/gallery_list.html', {
'galleries': galleries
})
def articles(request):
'''Returns all articles of the authenticated user'''
profile = Profile.objects.get(user=request.user)
user_articles = profile.get_articles()
return render_template('article/index.html', {
'articles': user_articles,
})
def active_account(request):
'''Active token for a user'''
try:
token = request.GET['token']
except KeyError:
return redirect(reverse('zds.pages.views.home'))
token = get_object_or_404(TokenRegister, token=token)
usr = token.user
# User can't confirm his request if it is too late.
if datetime.now() > token.date_end:
return render_template('member/token_account_failed.html')
usr.is_active = True
usr.save()
token.delete()
return render_template('member/token_account_success.html', {'user': usr})
def alerts(request):
# only staff can see alerts list
if not request.user.has_perm('forum.change_post'):
raise PermissionDenied
alerts = Alert.objects.all().order_by('-pubdate')
return render_template('pages/alerts.html', {
'alerts': alerts,
})
