def routeIgnorePost(id=None):
if g.redis.sismember("meta.user.%s.post_follows" % g.user.username, id):
g.redis.srem("meta.user.%s.post_follows" % g.user.username, id)
p = ForumPost.select().where(ForumPost.id == int(id))
g.redis.srem("meta.forum.post.%s.follows" % p[0].id, g.user.id)
return flashy("Unfollowed post!", "success", p[0].getUrl()) #@DEV fall through
return flashy("You dont follow that post!", "success", "/forum")
def routeRegister():
if g.user:
return flashy("You cannot confirm an email when you are logged in!", "error", "/")
if not request.values.get('email') or not request.values.get("id"):
return flashy("Invalid register request!", "error", "/")
if g.redis.exists("meta.register.%s" % request.values.get('email')):
v = g.redis.get("meta.register.%s" % request.values.get("email"))
try:
v = json.loads(v)
except:
print "Error w/ conf: %s" % v
return flashy("Error with confirmation request!", "error", "/")
if v['key'] == request.values.get("id"):
if not request.values.get("pw"):
return render_template("register.html", id=request.values.get("id"), email=request.values.get("email"))
u = User()
u.username = v['user']
u.email = v['email']
u.password = hashPassword(request.values.get("pw"))
u.registered = True
u.registered_date = datetime.now()
u.level = 0
u.altlevel = 0
u.save()
g.user = u
session['u'] = u.username
g.redis.delete("meta.register.%s" % u.email)
return flashy("You are now registered! Enjoy!", "success", "/")
return flashy("Invalid confirmation request!", "error", "/")
def routeDeletePost(id=None):
if not id: return flashy("Invalid delete request!", "error", "/forum")
p = ForumPost.select().where(ForumPost.id == int(id))
if not p.count(): return flashy("Invalid post!", "error", "/forum")
p = p[0]
if not p.author == g.user and not g.user.level >= 60:
return flashy("You dont have permission to do that!", "error", "/forum")
p.delete_instance()
return flashy("Deleted post!", "success", "/forum")
def routeLockPost(id=None):
if not id: return flashy("Invalid lock request!", "error", "/forum")
if not g.user.level >= 60: return flashy("You dont have permission to do that!", "error", "/forum")
p = ForumPost.select().where(ForumPost.id == int(id))
if not p.count(): return flashy("Invalid post!", "error", "/forum")
p = p[0]
p.locked = True
p.save()
return flashy("Locked post!", "success", "/forum")
def routeBoard(bid=None, page=1):
if not g.user: level = 0
else: level = g.user.level
if not bid: return flashy("No such board!", "error", "/forum")
cats = Forum.select().where((Forum.perm_view <= level) & (Forum.cat == True)).order_by(Forum.order)
board = Forum.select().where((Forum.perm_view <= level) & (Forum.cat == False) & (Forum.id == int(bid)))
if not board.count(): return flashy("Invalid board!", "error", "/forum")
sticks = ForumPost.select().where((ForumPost.forum == board), (ForumPost.first == True), (ForumPost.sticky==True)).order_by(ForumPost.last_update.desc()).paginate(int(page), 25)
posts = ForumPost.select().where((ForumPost.forum == board), (ForumPost.first == True), (ForumPost.sticky==False)).order_by(ForumPost.last_update.desc()).paginate(int(page), 25)
return render_template("forum.html", cats=cats, posts=[i for i in sticks]+[i for i in posts], board=board[0])
def auth_route_logout():
if 'redirect' in request.values or "realm" in request.values:
url = build_url(request.values.get("realm", ""), request.values.get("redirect", ""))
else:
url = build_url("", "")
if g.user:
del session['id']
return flashy(u"You have been logged out!", "success", u=url)
return flashy(u"You are not currently logged in!", u=url)
def create_or_login(resp):
match = steam.steam_id_re.search(resp.identity_url)
try:
g.user = User.steamGetOrCreate(match.group(1))
g.uid = g.user.id
except Exception as e:
return flashy("Error: %s" % e)
if g.user.getActiveBans().count():
return flashy("You are banned!", "error")
resp = flashy("Welcome back %s!" % g.user.username, "success")
resp.set_cookie("sid", g.user.login(), expires=time.time() + Session.LIFETIME)
return resp
def routeLogin():
if session.get('u'):
return flashy("You are already logged in!", "warning", "/")
if 'user' in request.values and 'pw' in request.values:
u = User.select().where(User.username == request.values['user'])
if u.count():
u = u.get()
if u.checkPassword(request.values['pw']):
#@TODO check if banned
session['u'] = u.username
return flashy("Welcome back %s!" % u.username, "success", "/")
return flashy("Invalid username/password!", "error", "/")
else:
return flashy("Invalid login request!", "error", "/")
def routePost(bid=None, pid=None, page=1):
follows = False
if not g.user: level = 0
else: level = g.user.level
if not pid or not bid:
return flashy("Invalid request!", "error", "/forum")
p = ForumPost.select().where(ForumPost.id == int(pid))
if not p.count():
return flashy("No such post!", "error", "/forum")
#p[0].views += 1 #@DEV redis this?
#p[0].save()
follows = followsPost(p[0])
cats = Forum.select().where((Forum.perm_view <= level) & (Forum.cat == True)).order_by(Forum.order)
return render_template("post.html", post=p[0], cats=cats, page=int(page), follows=follows)
def routeEditPostPage(id=None):
if not id: id = request.form.get("post")
p = ForumPost.select().where(ForumPost.id == int(id))
if not p.count(): return flashy("Invalid Post!", "error", "/forum")
p = p[0]
if p.isLocked(): return flashy("Post is locked!", "error", p.getUrl())
if p.author != g.user and g.user.level < 60: return flashy("You dont have permission to do that!", "error", "/forum")
if not request.form.get("post") or not request.form.get("content"):
return render_template("forum.html", epost=p, cats=Forum.select().where((Forum.perm_view <= g.user.level) & (Forum.cat == True)).order_by(Forum.order))
p.content = request.form.get("content")
p.save()
return flashy("Post edited!", "success", p.getUrl())
def routeDisputeInfraction():
if not request.form.get("inf") or not request.form.get("content") or not request.form.get("inf").isdigit():
return flashy("Invalid dispute request!", "error", "/acct")
id = int(request.form.get("inf"))
if id >= g.ruser.getInfractionCount():
return flashy("Invalid Infraction ID!", "error", "/acct")
i = g.ruser.getInfraction(id)
if i:
i['status'] = 1
i['dispute'] = request.form.get("content")
g.ruser.updateInfraction(id, i)
return flashy("Dispute sent! Please allow up too 3-5 days for an admin response.", "success", "/acct")
return flashy("Error!", "error", "/acct")
def login():
"""
Login URL for steam openid, limited to 20 requests a minute
"""
if g.user is not None:
return flashy("You are already logged in!")
return oid.try_login('http://steamcommunity.com/openid')
def routeFriends(user=None, action=None):
if not user or not action: return "Invalid Request", 400
q = User.select().where(User.username ** user)
if q.count() == 1: user = q[0]
else: return flashy("That user doesnt seem to exist!", "error", "/")
if g.user == user:
return flashy("You can't add yourself as a friend silly!", "error", "/")
if action == "add":
if not g.user.canFriend(user):
return flashy("You can't friend that user!", "error", "/")
f = Friendship(a=g.user, b=user, confirmed=False, ignored=False, date=datetime.now(), note=n)
f.save()
n = Notification(user=user, title="%s wants to be your friend!" % g.user.username, content=friend_msg.format(user=g.user.username), reference=f.id)
n.save()
return flashy("Your friend request has been sent too '%s'!" % user.username, "success", "/")
elif action == "rmv":
if not g.user.isFriendsWith(user):
return flashy("Your not friends with that user!", "error", "/")
f = g.user.getFriendship(user)
f[0].delete_instance()
return flashy("You are no longer friends with '%s' :(" % user.username, "success", "/")
elif action == "conf":
f = Friendship.select().where(Friendship.a == user, Friendship.b == g.user, Friendship.confirmed == False, Friendship.ignored == False)
if not f.count():
return flashy("Invalid link!", "error", "/")
f = f[0]
f.confirmed = True
f.respdate = datetime.now()
f.save()
f.note.read = True
f.note.save()
n = Notification(user=user, title="%s accepted your friend request!" % g.user.username, content=friend_accpt_msg.format(user=g.user.username))
return flashy("You are now friends with %s" % user.username, "success", "/acct")
elif action == "deny":
f = Friendship.select().where(Friendship.a == user, Friendship.b == g.user, Friendship.confirmed == False, Friendship.ignored == False)
if not f.count():
return flashy("You've already responded to this request!", "error", "/")
f = f[0]
f.ignored = True
f.respdate = datetime.now()
f.note.read = True
f.note.save()
f.save()
return flashy("The friend request from %s has been denied!" % user.username, "warning", "/acct")
def routeReplyPost():
if not request.form.get("content") or not request.form.get("post"):
return flashy("Invalid reply-post request!", "error", "/forum")
p = ForumPost.select().where(ForumPost.id == int(request.form.get("post")))
if not p.count(): return flashy("Invalid post!", "error", "/forum")
p = p[0]
if p.forum.perm_post > g.user.level: return flashy("You dont have permission to do that!", "error", "/forum")
q = ForumPost.select().where(ForumPost.content == request.form.get("content"), ForumPost.author == g.user)
if q.count(): return flashy("You've already posted that!", "error", "/forum")
if p.locked: return flashy("That post is locked!", "error", "/forum")
if time.time()-g.ruser.getLastPost() < 15:
return flashy("Your doing that too quickly! Please wait a bit before posting again!", "warning", "/forum")
r = ForumPost(
author=g.user,
forum=p.forum,
original=p,
date=datetime.now(),
content=request.form.get("content"),
title=None)
r.save()
g.ruser.setLastPost()
p.last_update = datetime.now()
p.save()
if g.redis.scard("meta.forum.post.%s.follows" % p.id): #@DEV thread?
for user in g.redis.smembers("meta.forum.post.%s.follows" % p.id):
u = User.select().where(User.id == int(user))
if not u.count(): continue
if u[0] == g.user: continue
prev = Notification.select().where(Notification.user==u[0], Notification.reference==p.id)
if prev.count(): prev[0].delete_instance()
n = Notification(user=u[0], title='%s replied to %s' % (g.user.username, p.title), content=forum_note_content % (g.user.username, r.getUrl()), reference=p.id)
n.save()
return flashy("Added reply!", "success", r.getUrl())
def graphPoc(user=None):
u = User.select().where(User.username ** user)
if not u.count(): return flashy("Unknown user!", "error", "/")
u = u[0]
ru = RUser(u.username, u.id, g.redis)
graph1 = {"key": "Kills", "values": plugins[2].getField("kills").getWeekly(user=u.username)}
graph2 = {"key": "Deaths (PvE)", "values": plugins[2].getField("deaths_pve").getWeekly(user=u.username)}
graph3 = {"key": "Deaths (PvP)", "values": plugins[2].getField("deaths_pvp").getWeekly(user=u.username)}
end = json.dumps([graph1, graph2, graph3], default=dthandler)
return render_template("graph_poc.html", u=u, ru=ru, plugins=plugins, v=end)
def routeEditProfile():
fields = ["tag_line", "gender", "location", "youtube", "twitch", "twitter", "skype", "description"]
for k, v in request.form.items():
if k in fields:
if k == "gender" and not v in ['Male', 'Female', 'Unlabelable']: continue
setattr(g.user, k, v)
g.user.save()
return flashy("Edited profile!", "success", "/acct")
def before_request():
g.user = None
if request.path.startswith("/static"):
return
if 'id' in session:
try:
g.user = User.get(User.id == session['id'])
except User.DoesNotExist:
return flashy(u"Your session is invalid!", "error", u=build_url("", ""))
def routeInfraction(id):
if id >= g.ruser.getInfractionCount():
return flashy("Invalid infraction ID!", "error", "/acct")
i = g.ruser.getInfraction(id)
i['id'] = id
if not i['seen']:
i['seen'] = True
g.ruser.updateInfraction(id, i)
return render_template("infraction.html", inf=i)
def routeNotes(id=None, action=None):
if not id or not action: return "Invalid Request", 400
q = Notification.select().where(Notification.id == int(id))
if q.count(): note = q[0]
else: return flashy("That note does not exist!", "error", "/acct")
if action == "markread":
note.read = True
note.save()
return "success"
if action == "delete":
note.delete_instance()
return "success"
def routeAddPost():
if not request.form.get('title') or not request.form.get("content") or not request.form.get("board"):
return flashy("Invalid add-post request!", "error", "/forum")
b = Forum.select().where(Forum.id == int(request.form.get('board')))
if not b.count(): return flashy("Invalid board!", "error", "/forum")
b = b[0]
if b.perm_post > g.user.level: return flashy("You dont have permission to do that!", "error", "/forum")
if request.form.get('sticky') and g.user.level >= 60: stick = True
else: stick = False
if time.time()-g.ruser.getLastPost() < 15:
return flashy("Your doing that too quickly! Please wait a bit before posting again!", "warning", "/forum")
p = ForumPost(
author=g.user,
forum=b,
first=True,
date=datetime.now(),
content=request.form.get("content"),
title=request.form.get("title"),
sticky=stick)
p.save()
g.ruser.setLastPost()
if 'thread' in request.form.keys(): pass
return flashy("Added post!", "success", "/forum/b/%s/%s" % (b.id, p.id))
def beforeRequest():
g.user = None
g.uid = -1
g.state = STATE
if request.path.startswith("/static"):
return
# Normal session
if request.cookies.get("sid"):
s = Session.find(request.cookies.get("sid"))
if s:
# Eventually we should be lazily loading this in, or cacheing it at redis
try:
g.user = User.select().where(User.id == s['user']).get()
g.uid = g.user.id
except User.DoesNotExist:
resp = flashy("Wow! Something really went wrong. Contact support!")
resp.set_cookie('sid', '', expires=0)
return resp
def create_or_login(resp):
match = steam.steam_id_re.search(resp.identity_url)
sid = match.group(1)
# Attempt to get a current user, otherwise create them
try:
g.user = User.select(User.id, User.steamid).where(User.steamid == sid).get()
except User.DoesNotExist:
g.user = User(steamid=sid)
# HARDCOODE PARKOURRR
if sid == "76561198037632722":
g.user.level = User.Level.ADMIN
g.user.save()
# Set the sessionid and welcome the user back
session['id'] = g.user.id
return flashy(u"Welcome back %s!" % g.user.get_nickname(), "success", u=openid.get_next_url())
def logout():
if g.user:
resp = flashy("You have been logged out!", "success")
resp.set_cookie('sid', '', expires=0)
return resp
return flashy("You are not logged in!")
def route_logout():
g.user = None
return flashy("You have been logged out!")
def to_response(self):
return flashy(self.response, self.mtype, self.redirect)
def routeFollowPost(id=None):
p = ForumPost.select().where(ForumPost.id == int(id))
if not p.count(): return flashy("Invalid Post!", "error", "/forum")
g.redis.sadd("meta.user.%s.post_follows" % g.user.username, p[0].id)
g.redis.sadd("meta.forum.post.%s.follows" % p[0].id, g.user.id)
return flashy("Followed post!", "success", p[0].getUrl())
def routePage(id=None):
if id.isdigit(): p = Page().select().where(Page.id==id)
else: p = Page().select().where(Page.title**id)
if not p.count() == 1: return flashy("Error finding page!", "error", "/")
return render_template("page.html", page=p[0])
def routeProfile(user=None):
if not user: return flashy("You must specify a user!", "error", "/")
u = User.select().where(User.username ** user)
if u.count():
return render_template("profile.html", user=u[0], ruser=RUser(u[0].username, u[0].id, g.redis))
return flashy("No such user '%s'" % user, "error", "/")
def routeLogout():
if session.get('u'):
session['u'] = None
return flashy("You've have been logged out. See ya soon!", "success", "/")
return redirect('/')
def test(id):
g.user = User.select().where(User.id == id).get()
g.uid = g.user.id
resp = flashy("Welcome back %s!" % g.user.username, "success")
resp.set_cookie("sid", g.user.login(), expires=time.time() + Session.LIFETIME)
return resp
