Esempio n. 1
0
def story(request):
    s = request.session
    r = request
    p = s['safe_post']
    dbsession = DBSession()

    #@TODO: unify admin-only page handling so that we can easily change this
    # some day if we want.
    if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
        return HTTPNotFound()

    if 'name' in p and p['name'] != '':
        name = p['name'].strip()
        new_sect = Section(name = name, added_by = s['users.id'])
        dbsession.add(new_sect)
        s['message'] = "Section {0} successfully added.".format(p['name'])

    if 'add_pic_button' in p:
        section = None
        if 'section_id' in p and p['section_id'] != '':
            section = section_queries.get_section_by_id(p['section_id'])
        if section:
            if r.POST['picture'] != '':
                orig_filename = r.POST['picture'].filename
                sp_dir = r.registry.settings['section.picture_upload_directory']

                section.picture = section_queries.add_section_picture(orig_filename,
                        str(section.id)[:7], sp_dir, r.POST['picture'].file)
                dbsession.add(section)

    sections = section_queries.get_sections()
    return {'sections': sections}
Esempio n. 2
0
def submit(request):
    s = request.session
    p = request.session['safe_post']
    r = request
    qs = s['safe_get']
    s['message'] = "Post a story."
    dbsession = DBSession()
    stories = None
    sections = section_queries.get_sections()

    new_url_text = ''
    new_title_text = ''

    route_name = r.matched_route.name

    if route_name == 'new_page':
        # require admin to load a new page form
        if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
            return HTTPNotFound()

    #if uses came in with a share button, redirect to existing discussion if there is one
    if 'from' in qs and qs['from'] == 'button':
        existing_post = submission.get_story_by_url_oldest(qs['url'])
        if existing_post:
            return HTTPFound(r.route_url('full', sub_id=existing_post.id))
        new_url_text = qs['url']
        if 'title' in qs:
            new_title_text = qs['title']

    if 'logged_in' not in s:
        s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(
            r.route_url('login'))
        return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}

    if p and 'title' in p:
        if 'logged_in' not in s:
            s['message'] = 'Sorry, please log in first'
            return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
        if 'section_id' not in p or p['section_id'] == '':
            return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
        if 'url' in p and p['url'] != '' and p['url'] is not None:
            p['url'] = general.strip_all_html(p['url'])
            if not re.match(r'http[s]*:\/\/', p['url']):
                p['url'] = 'http://' + p['url']
        else:
            # set to None so that NULL goes into the database
            p['url'] = None

        if route_name == 'new_page':
            render_type = p['render_type']
            slug = p['slug']

            # if we can find this slug already, kill submission here.
            try:
                s = dbsession.query(Submission).filter(
                    Submission.slug == slug).one()
                s['message'] = 'This slug is already taken.'
                success = False
            except sqlalchemy.orm.exc.NoResultFound:
                pass
        else:
            slug = ''
            render_type = 'story_md'

        if 'section_id' in p:
            sub = Submission(p['title'][:100],
                             p['description'],
                             p['url'],
                             s['users.id'],
                             section=p['section_id'])
        else:
            sub = Submission(p['title'][:100], p['description'], p['url'],
                             s['users.id'])

        sub.render_type = render_type

        # slug octet no longer derived from story's actual id
        if slug == '':
            slug = u"{title}-{uuid_first_octet}".format(
                title=slugify.slugify(unicode(p['title'][:100])),
                uuid_first_octet=str(general.gen_uuid())[:8])
        sub.slug = slug

        dbsession.add(sub)
        dbsession.flush()

        # add notify
        if general.check_notify_default(s['users.id'], r):
            notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])

        v = Vote(sub.id, s['users.id'], 1, "submission", None)
        v.direction = 1
        dbsession.add(v)
        s['message'] = "Added."

        try:
            if request.registry.solr_conn:
                # we flush here to ensure we have a vaild id object when added to solr
                # we use this if statement so that the exception will be raised before
                # dbsession is flushed, hence avoiding an unnecessary flush if the site
                # is not using solr.
                dbsession.flush()
                request.registry.solr_conn.add({
                    'id': sub.id,
                    'title': sub.title,
                    'description': sub.description
                })
                request.registry.solr_conn.commit()
        except AttributeError:
            #solr is not configured for this connection
            pass

        return HTTPFound(r.route_url('home'))
    return {
        'stories': stories,
        'success': True,
        'code': 0,
        'new_url_text': new_url_text,
        'new_title_text': new_title_text,
        'sections': sections
    }
Esempio n. 3
0
def list(request):
    from raggregate.queries import user_preference as up
    s = request.session
    p = request.session['safe_post']
    r = request
    qs = s['safe_get']
    s['message'] = "Post a story."
    dbsession = DBSession()
    stories = None

    filtered_section = None
    section_found = False
    sections = section_queries.get_sections()
    direct_link = False

    if s.get('users.id', None):
        direct_link = True if up.get_user_prefs(s['users.id']).get(
            'link_to_story', 'off') == 'on' else False

    if r.params and 'op' in r.params:
        sub_id = r.params['sub_id']
        if r.params['op'] == 'del' or r.params['op'] == 'hide':
            try:
                story_to_del = submission.get_story_by_id(sub_id)
            except sqlalchemy.orm.exc.NoResultFound:
                story_to_del = None
            if story_to_del:
                if users.is_user_allowed_admin_action(
                        s['users.id'],
                        str(story_to_del.id),
                ):
                    if r.params['op'] == 'del':
                        story_to_del.description = "[deleted]"
                        story_to_del.url = "#"
                        story_to_del.title = "[deleted]"

                    story_to_del.deleted = True
                    dbsession.add(story_to_del)
                    dbsession.flush()
                else:
                    print("Illegal deletion attempted on {0}".format(
                        story_to_del.submitter.id))

    if 'sort.default_order' in r.registry.settings:
        sort = r.registry.settings['sort.default_order']
    else:
        # default to new sort order if server-specific setting doesn't exist
        # this should only be the case on old clones; do NOT remove default_order
        # from the ini just because you want new by default.
        sort = 'new'
    page_num = 1
    per_page = 30
    next_page = None
    prev_page = None

    # only pass through approved sort options
    if 'sort' in qs:
        if qs['sort'] == 'top':
            sort = 'top'
        if qs['sort'] == 'hot':
            sort = 'hot'
        if qs['sort'] == 'contro':
            sort = 'contro'
        if qs['sort'] == 'new':
            sort = 'new'

    if 'page_num' in qs:
        try:
            page_num = int(qs['page_num'])
        except:
            page_num = 1

    if 'section' in qs and qs['section'] == 'all':
        section = 'all'
    else:
        section = None

    if 'section' in qs and qs['section'] != 'all' and qs['section'] != '':
        section = qs['section']
        try:
            section = section_queries.get_section_by_name(section)
            section_found = True
        except sqlalchemy.orm.exc.NoResultFound:
            try:
                section = section_queries.get_section_by_id(section)
                section_found = True
            except:
                from pyramid_tm import transaction
                transaction.abort()
                pass

        # reset section variable to None if we couldn't the named section
        if section_found == False:
            section = None
        else:
            #if we did find something, set filtered_section so that we can
            #reference the filtered section in the template.
            filtered_section = section

    if 'subscribe' in qs and isinstance(section, Section) and 'logged_in' in s:
        if qs['subscribe'] == 'y':
            sub_way = True
        elif qs['subscribe'] == 'n':
            sub_way = False

        sub = sub_queries.create_subscription(s['users.id'], section.id,
                                              sub_way)
        s['message'] = 'Subscription to section {0} updated'.format(
            section.name)


#   @FIXME: make per_page configurable in a safe location
#   it is probably unwise to allow this to be set in the query string
#   because then a malicious user could say per_page = 10000000000
#   and easily launch a DoS via that mechanism.
#   if 'per_page' in qs:
#       per_page = qs['per_page']

    stories = submission.get_story_list(page_num=page_num,
                                        per_page=per_page,
                                        sort=sort,
                                        request=request,
                                        section=section)
    max_stories = stories['max_stories']
    stories = stories['stories']

    # this should be split into its own def under queries.py
    # as it is currently used in at least one other place
    if max_stories > (page_num * per_page):
        next_page = page_num + 1

    if page_num > 1:
        prev_page = page_num - 1

    vote_dict = {}
    subscribed_to_list = []
    if 'logged_in' in s:
        vote_dict = users.get_user_votes(s['users.id'], "on_all_submissions")
        subscribed_to_list = sub_queries.get_subscribed_by_user_id(
            s['users.id'])
    for story in stories:
        #@TODO: Remember to not tally on every load once a real site deploys
        story.tally_votes()
        story.tally_comments()

    print "\n\nsubscribed list: {0}\n\n".format(subscribed_to_list)

    # Get message of the day
    motd = motd_queries.get_random_message()

    return {
        'stories': stories,
        'success': True,
        'code': 0,
        'vote_dict': vote_dict,
        'max_stories': max_stories,
        'prev_page': prev_page,
        'next_page': next_page,
        'sections': sections,
        'filtered_section': section,
        'motd': motd,
        'subscribed_to_list': subscribed_to_list,
        'direct_link': direct_link
    }
Esempio n. 4
0
def submit(request):
    s = request.session
    p = request.session['safe_post']
    r = request
    qs = s['safe_get']
    s['message'] = "Post a story."
    dbsession = DBSession()
    stories = None
    sections = section_queries.get_sections()

    new_url_text = ''
    new_title_text = ''

    route_name = r.matched_route.name

    if route_name == 'new_page':
        # require admin to load a new page form
        if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
            return HTTPNotFound()

    #if uses came in with a share button, redirect to existing discussion if there is one
    if 'from' in qs and qs['from'] == 'button':
        existing_post = submission.get_story_by_url_oldest(qs['url'])
        if existing_post:
            return HTTPFound(r.route_url('full', sub_id=existing_post.id))
        new_url_text = qs['url']
        if 'title' in qs:
            new_title_text = qs['title']

    if 'logged_in' not in s:
        s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(r.route_url('login'))
        return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}

    if p and 'title' in p:
        if 'logged_in' not in s:
            s['message'] = 'Sorry, please log in first'
            return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
        if 'section_id' not in p or p['section_id'] == '':
            return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
        if 'url' in p and p['url'] != '' and p['url'] is not None:
            p['url'] = general.strip_all_html(p['url'])
            if not re.match(r'http[s]*:\/\/', p['url']):
                p['url'] = 'http://' + p['url']
        else:
            # set to None so that NULL goes into the database
            p['url'] = None

        if route_name == 'new_page':
            render_type = p['render_type']
            slug = p['slug']

            # if we can find this slug already, kill submission here.
            try:
                s = dbsession.query(Submission).filter(Submission.slug == slug).one()
                s['message'] = 'This slug is already taken.'
                success = False
            except sqlalchemy.orm.exc.NoResultFound:
                pass
        else:
            slug = ''
            render_type = 'story_md'

        if 'section_id' in p:
            sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'], section = p['section_id'])
        else:
            sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'])

        sub.render_type = render_type

        # slug octet no longer derived from story's actual id
        if slug == '':
            slug = u"{title}-{uuid_first_octet}".format(
                    title = slugify.slugify(unicode(p['title'][:100])),
                    uuid_first_octet = str(general.gen_uuid())[:8])
        sub.slug = slug

        dbsession.add(sub)
        dbsession.flush()

        # add notify
        if general.check_notify_default(s['users.id'], r):
            notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])

        v = Vote(sub.id, s['users.id'], 1, "submission", None)
        v.direction = 1
        dbsession.add(v)
        s['message'] = "Added."

        try:
            if request.registry.solr_conn:
                # we flush here to ensure we have a vaild id object when added to solr
                # we use this if statement so that the exception will be raised before
                # dbsession is flushed, hence avoiding an unnecessary flush if the site
                # is not using solr.
                dbsession.flush()
                request.registry.solr_conn.add({'id': sub.id, 'title': sub.title, 'description': sub.description})
                request.registry.solr_conn.commit()
        except AttributeError:
            #solr is not configured for this connection
            pass

        return HTTPFound(r.route_url('home'))
    return {'stories': stories, 'success': True, 'code': 0,
            'new_url_text': new_url_text, 'new_title_text': new_title_text,
            'sections': sections}
Esempio n. 5
0
def list(request):
    from raggregate.queries import user_preference as up
    s = request.session
    p = request.session['safe_post']
    r = request
    qs = s['safe_get']
    s['message'] = "Post a story."
    dbsession = DBSession()
    stories = None

    filtered_section = None
    section_found = False
    sections = section_queries.get_sections()
    direct_link = False

    if s.get('users.id', None):
        direct_link = True if up.get_user_prefs(s['users.id']).get('link_to_story', 'off') == 'on' else False

    if r.params and 'op' in r.params:
        sub_id = r.params['sub_id']
        if r.params['op'] == 'del' or r.params['op'] == 'hide':
            try:
                story_to_del = submission.get_story_by_id(sub_id)
            except sqlalchemy.orm.exc.NoResultFound:
                story_to_del = None
            if story_to_del:
                if users.is_user_allowed_admin_action(s['users.id'], str(story_to_del.id), ):
                    if r.params['op'] == 'del':
                        story_to_del.description = "[deleted]"
                        story_to_del.url = "#"
                        story_to_del.title = "[deleted]"

                    story_to_del.deleted = True
                    dbsession.add(story_to_del)
                    dbsession.flush()
                else:
                    print("Illegal deletion attempted on {0}".format(story_to_del.submitter.id))

    if 'sort.default_order' in r.registry.settings:
        sort = r.registry.settings['sort.default_order']
    else:
        # default to new sort order if server-specific setting doesn't exist
        # this should only be the case on old clones; do NOT remove default_order
        # from the ini just because you want new by default.
        sort = 'new'
    page_num = 1
    per_page = 30
    next_page = None
    prev_page = None

    # only pass through approved sort options
    if 'sort' in qs:
        if qs['sort'] == 'top':
            sort = 'top'
        if qs['sort'] == 'hot':
            sort = 'hot'
        if qs['sort'] == 'contro':
            sort = 'contro'
        if qs['sort'] == 'new':
            sort = 'new'

    if 'page_num' in qs:
        try:
            page_num = int(qs['page_num'])
        except:
            page_num = 1

    if 'section' in qs and qs['section'] == 'all':
        section = 'all'
    else:
        section = None

    if 'section' in qs and qs['section'] != 'all' and qs['section'] != '':
        section = qs['section']
        try:
            section = section_queries.get_section_by_name(section)
            section_found = True
        except sqlalchemy.orm.exc.NoResultFound:
            try:
                section = section_queries.get_section_by_id(section)
                section_found = True
            except:
                from pyramid_tm import transaction
                transaction.abort()
                pass

        # reset section variable to None if we couldn't the named section
        if section_found == False:
            section = None
        else:
            #if we did find something, set filtered_section so that we can
            #reference the filtered section in the template.
            filtered_section = section

    if 'subscribe' in qs and isinstance(section, Section) and 'logged_in' in s:
        if qs['subscribe'] == 'y':
            sub_way = True
        elif qs['subscribe'] == 'n':
            sub_way = False

        sub = sub_queries.create_subscription(s['users.id'], section.id, sub_way)
        s['message'] = 'Subscription to section {0} updated'.format(section.name)

#   @FIXME: make per_page configurable in a safe location
#   it is probably unwise to allow this to be set in the query string
#   because then a malicious user could say per_page = 10000000000
#   and easily launch a DoS via that mechanism.
#   if 'per_page' in qs:
#       per_page = qs['per_page']

    stories = submission.get_story_list(page_num = page_num, per_page = per_page, sort = sort, request = request, section = section)
    max_stories = stories['max_stories']
    stories = stories['stories']

    # this should be split into its own def under queries.py
    # as it is currently used in at least one other place
    if max_stories > (page_num * per_page):
        next_page = page_num + 1

    if page_num > 1:
        prev_page = page_num - 1

    vote_dict = {}
    subscribed_to_list = []
    if 'logged_in' in s:
        vote_dict = users.get_user_votes(s['users.id'], "on_all_submissions")
        subscribed_to_list = sub_queries.get_subscribed_by_user_id(s['users.id'])
    for story in stories:
        #@TODO: Remember to not tally on every load once a real site deploys
        story.tally_votes()
        story.tally_comments()

    print "\n\nsubscribed list: {0}\n\n".format(subscribed_to_list)

    # Get message of the day
    motd = motd_queries.get_random_message()

    return {'stories': stories, 'success': True, 'code': 0, 'vote_dict': vote_dict,
            'max_stories': max_stories, 'prev_page': prev_page, 'next_page': next_page,
            'sections': sections,
            'filtered_section': section, 'motd': motd,
            'subscribed_to_list': subscribed_to_list,
            'direct_link': direct_link}