def story(request):
s = request.session
r = request
p = s['safe_post']
dbsession = DBSession()
#@TODO: unify admin-only page handling so that we can easily change this
# some day if we want.
if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
return HTTPNotFound()
if 'name' in p and p['name'] != '':
name = p['name'].strip()
new_sect = Section(name = name, added_by = s['users.id'])
dbsession.add(new_sect)
s['message'] = "Section {0} successfully added.".format(p['name'])
if 'add_pic_button' in p:
section = None
if 'section_id' in p and p['section_id'] != '':
section = section_queries.get_section_by_id(p['section_id'])
if section:
if r.POST['picture'] != '':
orig_filename = r.POST['picture'].filename
sp_dir = r.registry.settings['section.picture_upload_directory']
section.picture = section_queries.add_section_picture(orig_filename,
str(section.id)[:7], sp_dir, r.POST['picture'].file)
dbsession.add(section)
sections = section_queries.get_sections()
return {'sections': sections}
def submit(request):
s = request.session
p = request.session['safe_post']
r = request
qs = s['safe_get']
s['message'] = "Post a story."
dbsession = DBSession()
stories = None
sections = section_queries.get_sections()
new_url_text = ''
new_title_text = ''
route_name = r.matched_route.name
if route_name == 'new_page':
# require admin to load a new page form
if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
return HTTPNotFound()
#if uses came in with a share button, redirect to existing discussion if there is one
if 'from' in qs and qs['from'] == 'button':
existing_post = submission.get_story_by_url_oldest(qs['url'])
if existing_post:
return HTTPFound(r.route_url('full', sub_id=existing_post.id))
new_url_text = qs['url']
if 'title' in qs:
new_title_text = qs['title']
if 'logged_in' not in s:
s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(
r.route_url('login'))
return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
if p and 'title' in p:
if 'logged_in' not in s:
s['message'] = 'Sorry, please log in first'
return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
if 'section_id' not in p or p['section_id'] == '':
return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
if 'url' in p and p['url'] != '' and p['url'] is not None:
p['url'] = general.strip_all_html(p['url'])
if not re.match(r'http[s]*:\/\/', p['url']):
p['url'] = 'http://' + p['url']
else:
# set to None so that NULL goes into the database
p['url'] = None
if route_name == 'new_page':
render_type = p['render_type']
slug = p['slug']
# if we can find this slug already, kill submission here.
try:
s = dbsession.query(Submission).filter(
Submission.slug == slug).one()
s['message'] = 'This slug is already taken.'
success = False
except sqlalchemy.orm.exc.NoResultFound:
pass
else:
slug = ''
render_type = 'story_md'
if 'section_id' in p:
sub = Submission(p['title'][:100],
p['description'],
p['url'],
s['users.id'],
section=p['section_id'])
else:
sub = Submission(p['title'][:100], p['description'], p['url'],
s['users.id'])
sub.render_type = render_type
# slug octet no longer derived from story's actual id
if slug == '':
slug = u"{title}-{uuid_first_octet}".format(
title=slugify.slugify(unicode(p['title'][:100])),
uuid_first_octet=str(general.gen_uuid())[:8])
sub.slug = slug
dbsession.add(sub)
dbsession.flush()
# add notify
if general.check_notify_default(s['users.id'], r):
notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])
v = Vote(sub.id, s['users.id'], 1, "submission", None)
v.direction = 1
dbsession.add(v)
s['message'] = "Added."
try:
if request.registry.solr_conn:
# we flush here to ensure we have a vaild id object when added to solr
# we use this if statement so that the exception will be raised before
# dbsession is flushed, hence avoiding an unnecessary flush if the site
# is not using solr.
dbsession.flush()
request.registry.solr_conn.add({
'id': sub.id,
'title': sub.title,
'description': sub.description
})
request.registry.solr_conn.commit()
except AttributeError:
#solr is not configured for this connection
pass
return HTTPFound(r.route_url('home'))
return {
'stories': stories,
'success': True,
'code': 0,
'new_url_text': new_url_text,
'new_title_text': new_title_text,
'sections': sections
}
def list(request):
from raggregate.queries import user_preference as up
s = request.session
p = request.session['safe_post']
r = request
qs = s['safe_get']
s['message'] = "Post a story."
dbsession = DBSession()
stories = None
filtered_section = None
section_found = False
sections = section_queries.get_sections()
direct_link = False
if s.get('users.id', None):
direct_link = True if up.get_user_prefs(s['users.id']).get(
'link_to_story', 'off') == 'on' else False
if r.params and 'op' in r.params:
sub_id = r.params['sub_id']
if r.params['op'] == 'del' or r.params['op'] == 'hide':
try:
story_to_del = submission.get_story_by_id(sub_id)
except sqlalchemy.orm.exc.NoResultFound:
story_to_del = None
if story_to_del:
if users.is_user_allowed_admin_action(
s['users.id'],
str(story_to_del.id),
):
if r.params['op'] == 'del':
story_to_del.description = "[deleted]"
story_to_del.url = "#"
story_to_del.title = "[deleted]"
story_to_del.deleted = True
dbsession.add(story_to_del)
dbsession.flush()
else:
print("Illegal deletion attempted on {0}".format(
story_to_del.submitter.id))
if 'sort.default_order' in r.registry.settings:
sort = r.registry.settings['sort.default_order']
else:
# default to new sort order if server-specific setting doesn't exist
# this should only be the case on old clones; do NOT remove default_order
# from the ini just because you want new by default.
sort = 'new'
page_num = 1
per_page = 30
next_page = None
prev_page = None
# only pass through approved sort options
if 'sort' in qs:
if qs['sort'] == 'top':
sort = 'top'
if qs['sort'] == 'hot':
sort = 'hot'
if qs['sort'] == 'contro':
sort = 'contro'
if qs['sort'] == 'new':
sort = 'new'
if 'page_num' in qs:
try:
page_num = int(qs['page_num'])
except:
page_num = 1
if 'section' in qs and qs['section'] == 'all':
section = 'all'
else:
section = None
if 'section' in qs and qs['section'] != 'all' and qs['section'] != '':
section = qs['section']
try:
section = section_queries.get_section_by_name(section)
section_found = True
except sqlalchemy.orm.exc.NoResultFound:
try:
section = section_queries.get_section_by_id(section)
section_found = True
except:
from pyramid_tm import transaction
transaction.abort()
pass
# reset section variable to None if we couldn't the named section
if section_found == False:
section = None
else:
#if we did find something, set filtered_section so that we can
#reference the filtered section in the template.
filtered_section = section
if 'subscribe' in qs and isinstance(section, Section) and 'logged_in' in s:
if qs['subscribe'] == 'y':
sub_way = True
elif qs['subscribe'] == 'n':
sub_way = False
sub = sub_queries.create_subscription(s['users.id'], section.id,
sub_way)
s['message'] = 'Subscription to section {0} updated'.format(
section.name)
# @FIXME: make per_page configurable in a safe location
# it is probably unwise to allow this to be set in the query string
# because then a malicious user could say per_page = 10000000000
# and easily launch a DoS via that mechanism.
# if 'per_page' in qs:
# per_page = qs['per_page']
stories = submission.get_story_list(page_num=page_num,
per_page=per_page,
sort=sort,
request=request,
section=section)
max_stories = stories['max_stories']
stories = stories['stories']
# this should be split into its own def under queries.py
# as it is currently used in at least one other place
if max_stories > (page_num * per_page):
next_page = page_num + 1
if page_num > 1:
prev_page = page_num - 1
vote_dict = {}
subscribed_to_list = []
if 'logged_in' in s:
vote_dict = users.get_user_votes(s['users.id'], "on_all_submissions")
subscribed_to_list = sub_queries.get_subscribed_by_user_id(
s['users.id'])
for story in stories:
#@TODO: Remember to not tally on every load once a real site deploys
story.tally_votes()
story.tally_comments()
print "\n\nsubscribed list: {0}\n\n".format(subscribed_to_list)
# Get message of the day
motd = motd_queries.get_random_message()
return {
'stories': stories,
'success': True,
'code': 0,
'vote_dict': vote_dict,
'max_stories': max_stories,
'prev_page': prev_page,
'next_page': next_page,
'sections': sections,
'filtered_section': section,
'motd': motd,
'subscribed_to_list': subscribed_to_list,
'direct_link': direct_link
}
def submit(request):
s = request.session
p = request.session['safe_post']
r = request
qs = s['safe_get']
s['message'] = "Post a story."
dbsession = DBSession()
stories = None
sections = section_queries.get_sections()
new_url_text = ''
new_title_text = ''
route_name = r.matched_route.name
if route_name == 'new_page':
# require admin to load a new page form
if 'logged_in_admin' not in s or s['logged_in_admin'] == False:
return HTTPNotFound()
#if uses came in with a share button, redirect to existing discussion if there is one
if 'from' in qs and qs['from'] == 'button':
existing_post = submission.get_story_by_url_oldest(qs['url'])
if existing_post:
return HTTPFound(r.route_url('full', sub_id=existing_post.id))
new_url_text = qs['url']
if 'title' in qs:
new_title_text = qs['title']
if 'logged_in' not in s:
s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(r.route_url('login'))
return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
if p and 'title' in p:
if 'logged_in' not in s:
s['message'] = 'Sorry, please log in first'
return {'stories': [], 'success': False, 'code': 'ENOLOGIN'}
if 'section_id' not in p or p['section_id'] == '':
return {'stories': [], 'success': False, 'code': 'ENOSECTION'}
if 'url' in p and p['url'] != '' and p['url'] is not None:
p['url'] = general.strip_all_html(p['url'])
if not re.match(r'http[s]*:\/\/', p['url']):
p['url'] = 'http://' + p['url']
else:
# set to None so that NULL goes into the database
p['url'] = None
if route_name == 'new_page':
render_type = p['render_type']
slug = p['slug']
# if we can find this slug already, kill submission here.
try:
s = dbsession.query(Submission).filter(Submission.slug == slug).one()
s['message'] = 'This slug is already taken.'
success = False
except sqlalchemy.orm.exc.NoResultFound:
pass
else:
slug = ''
render_type = 'story_md'
if 'section_id' in p:
sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'], section = p['section_id'])
else:
sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'])
sub.render_type = render_type
# slug octet no longer derived from story's actual id
if slug == '':
slug = u"{title}-{uuid_first_octet}".format(
title = slugify.slugify(unicode(p['title'][:100])),
uuid_first_octet = str(general.gen_uuid())[:8])
sub.slug = slug
dbsession.add(sub)
dbsession.flush()
# add notify
if general.check_notify_default(s['users.id'], r):
notify_queries.create_notify(s['users.id'], sub.id, s['users.id'])
v = Vote(sub.id, s['users.id'], 1, "submission", None)
v.direction = 1
dbsession.add(v)
s['message'] = "Added."
try:
if request.registry.solr_conn:
# we flush here to ensure we have a vaild id object when added to solr
# we use this if statement so that the exception will be raised before
# dbsession is flushed, hence avoiding an unnecessary flush if the site
# is not using solr.
dbsession.flush()
request.registry.solr_conn.add({'id': sub.id, 'title': sub.title, 'description': sub.description})
request.registry.solr_conn.commit()
except AttributeError:
#solr is not configured for this connection
pass
return HTTPFound(r.route_url('home'))
return {'stories': stories, 'success': True, 'code': 0,
'new_url_text': new_url_text, 'new_title_text': new_title_text,
'sections': sections}
def list(request):
from raggregate.queries import user_preference as up
s = request.session
p = request.session['safe_post']
r = request
qs = s['safe_get']
s['message'] = "Post a story."
dbsession = DBSession()
stories = None
filtered_section = None
section_found = False
sections = section_queries.get_sections()
direct_link = False
if s.get('users.id', None):
direct_link = True if up.get_user_prefs(s['users.id']).get('link_to_story', 'off') == 'on' else False
if r.params and 'op' in r.params:
sub_id = r.params['sub_id']
if r.params['op'] == 'del' or r.params['op'] == 'hide':
try:
story_to_del = submission.get_story_by_id(sub_id)
except sqlalchemy.orm.exc.NoResultFound:
story_to_del = None
if story_to_del:
if users.is_user_allowed_admin_action(s['users.id'], str(story_to_del.id), ):
if r.params['op'] == 'del':
story_to_del.description = "[deleted]"
story_to_del.url = "#"
story_to_del.title = "[deleted]"
story_to_del.deleted = True
dbsession.add(story_to_del)
dbsession.flush()
else:
print("Illegal deletion attempted on {0}".format(story_to_del.submitter.id))
if 'sort.default_order' in r.registry.settings:
sort = r.registry.settings['sort.default_order']
else:
# default to new sort order if server-specific setting doesn't exist
# this should only be the case on old clones; do NOT remove default_order
# from the ini just because you want new by default.
sort = 'new'
page_num = 1
per_page = 30
next_page = None
prev_page = None
# only pass through approved sort options
if 'sort' in qs:
if qs['sort'] == 'top':
sort = 'top'
if qs['sort'] == 'hot':
sort = 'hot'
if qs['sort'] == 'contro':
sort = 'contro'
if qs['sort'] == 'new':
sort = 'new'
if 'page_num' in qs:
try:
page_num = int(qs['page_num'])
except:
page_num = 1
if 'section' in qs and qs['section'] == 'all':
section = 'all'
else:
section = None
if 'section' in qs and qs['section'] != 'all' and qs['section'] != '':
section = qs['section']
try:
section = section_queries.get_section_by_name(section)
section_found = True
except sqlalchemy.orm.exc.NoResultFound:
try:
section = section_queries.get_section_by_id(section)
section_found = True
except:
from pyramid_tm import transaction
transaction.abort()
pass
# reset section variable to None if we couldn't the named section
if section_found == False:
section = None
else:
#if we did find something, set filtered_section so that we can
#reference the filtered section in the template.
filtered_section = section
if 'subscribe' in qs and isinstance(section, Section) and 'logged_in' in s:
if qs['subscribe'] == 'y':
sub_way = True
elif qs['subscribe'] == 'n':
sub_way = False
sub = sub_queries.create_subscription(s['users.id'], section.id, sub_way)
s['message'] = 'Subscription to section {0} updated'.format(section.name)
# @FIXME: make per_page configurable in a safe location
# it is probably unwise to allow this to be set in the query string
# because then a malicious user could say per_page = 10000000000
# and easily launch a DoS via that mechanism.
# if 'per_page' in qs:
# per_page = qs['per_page']
stories = submission.get_story_list(page_num = page_num, per_page = per_page, sort = sort, request = request, section = section)
max_stories = stories['max_stories']
stories = stories['stories']
# this should be split into its own def under queries.py
# as it is currently used in at least one other place
if max_stories > (page_num * per_page):
next_page = page_num + 1
if page_num > 1:
prev_page = page_num - 1
vote_dict = {}
subscribed_to_list = []
if 'logged_in' in s:
vote_dict = users.get_user_votes(s['users.id'], "on_all_submissions")
subscribed_to_list = sub_queries.get_subscribed_by_user_id(s['users.id'])
for story in stories:
#@TODO: Remember to not tally on every load once a real site deploys
story.tally_votes()
story.tally_comments()
print "\n\nsubscribed list: {0}\n\n".format(subscribed_to_list)
# Get message of the day
motd = motd_queries.get_random_message()
return {'stories': stories, 'success': True, 'code': 0, 'vote_dict': vote_dict,
'max_stories': max_stories, 'prev_page': prev_page, 'next_page': next_page,
'sections': sections,
'filtered_section': section, 'motd': motd,
'subscribed_to_list': subscribed_to_list,
'direct_link': direct_link}