def sximporter(request):
if (not User.objects.exists()) or (request.user.is_authenticated()
and request.user.is_superuser):
list = []
if request.method == "POST" and "dump" in request.FILES:
dump = ZipFile(request.FILES['dump'])
members = [f for f in dump.namelist() if f.endswith('.xml')]
extract_to = os.path.join(os.path.dirname(__file__), 'tmp')
if not os.path.exists(extract_to):
os.makedirs(extract_to)
for m in members:
f = open(os.path.join(extract_to, m), 'w')
f.write(dump.read(m))
f.close()
#dump.extractall(extract_to, members)
dump.close()
options = dict([(k, v) for k, v in request.POST.items()])
options['authenticated_user'] = (request.user.is_authenticated()
and (request.user, )
or (None, ))[0]
importer.sximport(extract_to, options)
return render_to_response('modules/sximporter/page.html',
{'names': list},
context_instance=RequestContext(request))
else:
return HttpResponseUnauthorized(request)
def user_questions(request, mode, user, slug):
user = get_object_or_404(User, id=user)
if mode == _('asked-by'):
questions = Question.objects.filter(author=user)
description = _("Questions asked by %s")
elif mode == _('answered-by'):
questions = Question.objects.filter(children__author=user, children__node_type='answer').distinct()
description = _("Questions answered by %s")
elif mode == _('subscribed-by'):
if not (request.user.is_superuser or request.user == user):
return HttpResponseUnauthorized(request)
questions = user.subscriptions
if request.user == user:
description = _("Questions you subscribed %s")
else:
description = _("Questions subscribed by %s")
else:
raise Http404
return question_list(request, questions,
mark_safe(description % hyperlink(user.get_profile_url(), user.username)),
page_title=description % user.username)
def send_validation_email(request):
if not request.user.is_authenticated():
return HttpResponseUnauthorized(request)
else:
# We check if there are some old validation hashes. If there are -- we delete them.
try:
hash = ValidationHash.objects.get(user=request.user, type='email')
hash.delete()
except:
pass
# We don't care if there are previous cashes in the database... In every case we have to create a new one
hash = ValidationHash.objects.create_new(request.user, 'email',
[request.user.email])
additional_get_params = urllib.urlencode(
dict([k, v.encode('utf-8')] for k, v in request.GET.items()))
send_template_email(
[request.user], "auth/mail_validation.html", {
'validation_code': hash,
'additional_get_params': additional_get_params
})
request.user.message_set.create(message=_(
"A message with an email validation link was just sent to your address."
))
return HttpResponseRedirect(
request.META.get('HTTP_REFERER', reverse('index')))
def remove_external_provider(request, id):
association = get_object_or_404(AuthKeyUserAssociation, id=id)
if not (request.user.is_superuser or request.user == association.user):
return HttpResponseUnauthorized(request)
request.user.message_set.create(message=_("You removed the association with %s") % association.provider)
association.delete()
return HttpResponseRedirect(reverse('user_authsettings', kwargs={'id': association.user.id}))
def auth_settings(request, id):
user_ = get_object_or_404(User, id=id)
if not (request.user.is_superuser or request.user == user_):
return HttpResponseUnauthorized(request)
auth_keys = user_.auth_keys.all()
if request.user.is_superuser or (not user_.has_usable_password()):
FormClass = SetPasswordForm
else:
FormClass = ChangePasswordForm
if request.POST:
form = FormClass(request.POST, user=user_)
if form.is_valid():
is_new_pass = not user_.has_usable_password()
user_.set_password(form.cleaned_data['password1'])
user_.save()
if is_new_pass:
request.user.message_set.create(message=_("New password set"))
if not request.user.is_superuser:
form = ChangePasswordForm(user=user_)
else:
request.user.message_set.create(
message=_("Your password was changed"))
return HttpResponseRedirect(
reverse('user_authsettings', kwargs={'id': user_.id}))
else:
form = FormClass(user=user_)
auth_keys_list = []
for k in auth_keys:
provider = AUTH_PROVIDERS.get(k.provider, None)
if provider is not None:
name = "%s: %s" % (provider.context.human_name,
provider.context.readable_key(k))
else:
from forum.authentication.base import ConsumerTemplateContext
"unknown: %s" % ConsumerTemplateContext.readable_key(k)
auth_keys_list.append({'name': name, 'id': k.id})
return render_to_response(
'auth/auth_settings.html', {
'view_user': user_,
"can_view_private":
(user_ == request.user) or request.user.is_superuser,
'form': form,
'has_password': user_.has_usable_password(),
'auth_keys': auth_keys_list,
'allow_local_auth': AUTH_PROVIDERS.get('local', None),
},
context_instance=RequestContext(request))
def params(request, id, slug=None):
user = get_object_or_404(User, id=id)
if private and not (user == request.user or request.user.is_superuser):
raise ReturnImediatelyException(HttpResponseUnauthorized(request))
if render_to and (not render_to(user)):
raise ReturnImediatelyException(HttpResponseRedirect(user.get_profile_url()))
return [request, user], {}
def convert_to_question(request, id):
user = request.user
answer = get_object_or_404(Answer, id=id)
if not user.can_convert_to_question(answer):
return HttpResponseUnauthorized(request)
return _edit_question(
request,
answer,
template='node/convert_to_question.html',
summary=_("Converted to question"),
action_class=AnswerToQuestionAction,
allow_rollback=False,
url_getter=lambda a: Question.objects.get(id=a.id).get_absolute_url())
def convert_to_question(request, id):
user = request.user
node_type = request.GET.get('node_type', 'answer')
if node_type == 'comment':
node = get_object_or_404(Comment, id=id)
action_class = CommentToQuestionAction
else:
node = get_object_or_404(Answer, id=id)
action_class = AnswerToQuestionAction
if not user.can_convert_to_question(node):
return HttpResponseUnauthorized(request)
return _edit_question(request, node, template='node/convert_to_question.html', summary=_("Converted to question"),
action_class =action_class, allow_rollback=False, url_getter=lambda a: Question.objects.get(id=a.id).get_absolute_url())
def params(request, id=None, slug=None):
# Get the user object by id if the id parameter has been passed
if id is not None:
user = get_object_or_404(User, id=id)
# ...or by slug if the slug has been given
elif slug is not None:
try:
user = User.objects.get(username__iexact=slug)
except User.DoesNotExist:
raise Http404
if private and not (user == request.user or request.user.is_superuser):
raise ReturnImediatelyException(HttpResponseUnauthorized(request))
if render_to and (not render_to(user)):
raise ReturnImediatelyException(HttpResponseRedirect(user.get_profile_url()))
return [request, user], { 'slug' : slug, }
def edit_user(request, id, slug):
user = get_object_or_404(User, id=id)
if not (request.user.is_superuser or request.user == user):
return HttpResponseUnauthorized(request)
if request.method == "POST":
form = EditUserForm(user, request.POST)
if form.is_valid():
new_email = sanitize_html(form.cleaned_data['email'])
if new_email != user.email:
user.email = new_email
user.email_isvalid = False
try:
hash = ValidationHash.objects.get(user=request.user,
type='email')
hash.delete()
except:
pass
if settings.EDITABLE_SCREEN_NAME:
user.username = sanitize_html(form.cleaned_data['username'])
user.real_name = sanitize_html(form.cleaned_data['realname'])
user.website = sanitize_html(form.cleaned_data['website'])
user.location = sanitize_html(form.cleaned_data['city'])
user.date_of_birth = form.cleaned_data['birthday']
if user.date_of_birth == "None":
user.date_of_birth = datetime(1900, 1, 1, 0, 0)
user.about = sanitize_html(form.cleaned_data['about'])
user.save()
EditProfileAction(user=user, ip=request.META['REMOTE_ADDR']).save()
messages.info(request, _("Profile updated."))
return HttpResponseRedirect(user.get_profile_url())
else:
form = EditUserForm(user)
return render_to_response('users/edit.html', {
'user': user,
'form': form,
'gravatar_faq_url': reverse('faq') + '#gravatar',
},
context_instance=RequestContext(request))
def send_validation_email(request):
if not request.user.is_authenticated():
return HttpResponseUnauthorized(request)
else:
try:
hash = ValidationHash.objects.get(user=request.user, type='email')
hash.delete()
# If we were able to get a previous validation hash we should raise an
# Exception immediately. Otherwise new validation hash will not be created
# and users will not receive the desired e-mail vaidation link.
raise Exception("Validation has already been sent")
except:
hash = ValidationHash.objects.create_new(request.user, 'email',
[request.user.email])
send_template_email([request.user], "auth/mail_validation.html",
{'validation_code': hash})
request.user.message_set.create(message=_(
"A message with an email validation link was just sent to your address."
))
return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/'))
def wrapper(request, *args, **kwargs):
if request.user.is_authenticated() and request.user.is_superuser:
return fn(request, *args, **kwargs)
else:
return HttpResponseUnauthorized(request)