def follower_distrust(followed, follower, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) if not follower.is_following(followed): raise action_error(_('not currently following'), code=400) follow = Session.query(Follow).filter( Follow.member_id == followed.id).filter( Follow.follower_id == follower.id).one() if not follow: raise action_error(_('member is not a follower'), code=404) if follow.type == 'trusted': follow.type = 'normal' elif follow.type == 'trusted_invite': raise action_error(_('follower still has pending invite'), code=400) elif follow.type == 'normal': raise action_error(_('follower was not trusted'), code=400) if not delay_commit: Session.commit() # invalidate_member(follower) # GregM: Needed? # invalidate_member(followed) # GregM: Needed? follower.send_notification( messages.follower_distrusted(member=followed, you=follower)) return True
def follower_invite_trusted(followed, follower, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) if follower == followed: raise action_error(_('may not follow yourself'), code=400) #if followed in follower.following: if follower.is_following(followed): raise action_error(_('already following'), code=400) if follower.is_follow_trusted_inviter(followed): raise action_error(_('already invited to follow as trusted')) follow = Follow() follow.member = followed follow.follower = follower follow.type = 'trusted_invite' Session.add(follow) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) follower.send_notification( messages.follow_invite_trusted(member=followed, you=follower)) return True
def unfollow(follower, followed, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) #if followed not in follower.following: # GregM: can unfollow to remove trusted invite if not follower.is_following( followed) and not follower.is_follow_trusted_inviter(followed): raise action_error(_('not currently following'), code=400) #follower.following.remove(followed) follow = Session.query(Follow).filter( Follow.member_id == followed.id).filter( Follow.follower_id == follower.id).one() Session.delete(follow) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) followed.send_notification( messages.follow_stop(member=follower, you=followed)) return True
def set_account_type(self, id, account_type='plus', do_not_bill=True): """ this is tempory measure for upgrading accounts It is used by the automated tests and should never be triggered by an actual user TODO needs to be upgraded to take param of account it is going too """ if get_member(id).set_payment_account(account_type): # If account_type is free then no payment account is set on the member if account_type != 'free': Session.commit() get_member(id).payment_account.do_not_bill = do_not_bill Session.commit() return 'ok'
def withdraw_assignemnt(assignment, member, delay_commit=False): member = get_member(member) assignment = get_content(assignment) if not member: raise action_error(_("cant find user"), code=404) if not assignment: raise action_error(_("cant find assignment"), code=404) try: assignment_accepted = Session.query(MemberAssignment).filter_by( member_id=member.id, content_id=assignment.id, status="accepted").one() assignment_accepted.status = "withdrawn" #Session.update(assignment_accepted) Session.commit() #invalidate_accepted_assignment(member) assignment.creator.send_notification( messages.assignment_interest_withdrawn(member=member, assignment=assignment, you=assignment.creator)) return True except: pass return False
def respond_assignment(parent_content, member, delay_commit=False): """ When creating a response, the accepted record should be flagged as responded """ member = get_member(member) parent_content = get_content(parent_content) if not member: raise action_error(_("cant find user"), code=404) if not parent_content: raise action_error(_("cant find parent content"), code=404) if parent_content.__type__ != 'assignment': return # Nothing to do if parent is not assignment try: # upgrade an 'accepted' record to 'responded' member_assignment = Session.query(MemberAssignment).filter_by( member_id=member.id, content_id=parent_content.id).one() member_assignment.status = "responded" except: # otherwise create 'responded' record member_assignment = MemberAssignment() member_assignment.content = parent_content member_assignment.member = member #assignment_accepted.member_id = member.id member_assignment.status = "responded" Session.add(member_assignment) if not delay_commit: Session.commit() #invalidate_accepted_assignment(member) return True
def rate_content(content, member, rating): content = get_content(content) member = get_member(member) rating_value = int(rating) if not content: raise action_error(_('unable to find content'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if rating and rating_value < 0 or rating_value > 5: raise action_error(_("Ratings can only be in the range 0 to 5"), code=400) # remove any existing ratings # we need to commit after removal, otherwise SQLAlchemy # will optimise remove->add as modify-existing, and the # SQL trigger will break try: existing = Session.query(Rating).filter( Rating.content == content).filter(Rating.member == member).one() Session.delete(existing) Session.commit() except NoResultFound: pass # rating = 0 = remove vote # add a new one if rating_value > 0: r = Rating() r.content = content r.member = member r.rating = rating_value Session.add(r) Session.commit()
def payment_member_remove(payment_account, member): member = get_member(member) if not member.payment_account == payment_account: return False member.payment_account = None Session.commit() return True
def payment_member_add(payment_account, member): member = get_member(member) if member.payment_account: return False member.payment_account = payment_account Session.commit() return True
def create(self): """ POST /media: Create a new item With javascript/flash additional media can be uploaded individually """ #user_log.debug("User is attempting to upload media:" + pprint.pformat(request.POST)) form = request.POST if 'file_data' in form and 'content_id' in form and 'member_id' in form and 'key' in form: form_file = form["file_data"] content = get_content(int(form['content_id'])) member = get_member(form['member_id']) if not member.check_action_key("attach to %d" % content.id, form['key']): return "invalid action key" if not content.editable_by(member): return "can't edit this article" media = Media() media.load_from_file(tmp_file=form_file, original_name=form_file.filename) content.attachments.append(media) Session.commit() user_log.info( "Media #%d appended to Content #%d using a key from Member %s" % (media.id, content.id, member.id)) return "ok" else: return "missing file_data or content_id"
def is_follow_trusted_invitee(a, b): # Was is_follower_invited_trust """ True if 'b' has been invited to follow 'a' as a trusted follower True if 'b' is the invitee to follow 'a' as a trusted follower """ a = get_member(a) b = get_member(b) if not a or not b: return False try: if Session.query(Follow).filter(Follow.member_id == a.id).filter( Follow.follower_id == b.id).filter( Follow.type == 'trusted_invite').one(): return True except: pass return False
def is_follower_trusted(a, b): """ True if 'b' is following 'a' and is trusted by 'a' True if 'b' is a trusted follower of 'a' """ a = get_member(a) b = get_member(b) if not a or not b: return False try: if Session.query(Follow).filter(Follow.member_id == a.id).filter( Follow.follower_id == b.id).filter( Follow.type == 'trusted').one(): return True except: pass return False
def part_check_member_status(self, username, status): """ Check member status against status parameter """ member = get_member(username) self.assertEqual(member.payment_account.billing_status, status) pac_type = 'free' if status == 'failed' else member.payment_account.type self.assertEqual(member.account_type, pac_type)
def _to_python(self, value, state): from civicboom.lib.database.get_cached import get_member member = get_member(value) if not member: raise formencode.Invalid(self.message("not_member", state), value, state) if self.return_object: return member return member.id
def delete_member(self, username=None): """ Not an API call .. this remove the user from the database! - used to stop there being 100's of test users after the tests have run """ if not username: username = self.logged_in_as self.log_out() from civicboom.lib.database.get_cached import get_member member = get_member(username) member.delete()
def has_account_without_password(user): user = get_member(user) or get_member_email(user) password_login = None if user: try: password_login = Session.query(UserLogin).filter(UserLogin.user==user).filter(UserLogin.type == 'password').one() except Exception: pass if not password_login: return True return False
def verify_email_hash(user, hash, commit=False): user = get_member(user) if user and user.hash() == hash: if not config['demo_mode']: # AllanC - Demo mode is ALWAYS offline, there is no way we can validate members emails address's. But the hash is correct so return True if user.email_unverified: user.email = user.email_unverified user.email_unverified = None if commit: Session.commit() return True return False
def has_boomed(content, member): """ Return boom_object or None for - has this member boomed this content """ content = get_content(content) member = get_member(member) try: return Session.query(Boom).filter(Boom.member_id == member.id).filter( Boom.content_id == content.id).one() except: return None
def follow(follower, followed, delay_commit=False): followed = get_member(followed) follower = get_member(follower) if not followed: raise action_error(_('unable to find followed'), code=404) if not follower: raise action_error(_('unable to find follower'), code=404) if follower == followed: raise action_error(_('may not follow yourself'), code=400) #if followed in follower.following: if follower.is_following(followed): raise action_error(_('already following'), code=400) # AllanC - I wanted to use is_following and remove the following reference - but as this code is run by base test populator before the site is running it cant be # GregM: Change invite to follow if is invited, otherwise follow: if follower.is_follow_trusted_inviter(followed): follow = Session.query(Follow).filter( Follow.member_id == followed.id).filter( Follow.follower_id == follower.id).filter( Follow.type == 'trusted_invite').one() follow.type = 'trusted' else: #follower.following.append(followed) follow = Follow() follow.member = followed follow.follower = follower Session.add(follow) if not delay_commit: Session.commit() #invalidate_member(follower) #invalidate_member(followed) followed.send_notification( messages.followed_by(member=follower, you=followed)) return True
def is_follower(a, b): """ True if 'b' is following 'a' True if 'b' is a follower of 'a' """ a = get_member(a) b = get_member(b) #if not a: # raise action_error(_('unable to find followed'), code=404) #if not b: # raise action_error(_('unable to find follower'), code=404) if not a or not b: return False try: if Session.query(Follow).filter(Follow.member_id == a.id).filter( Follow.follower_id == b.id).filter( Follow.type != 'trusted_invite').one(): return True except: pass return False
def test_upgrade(self): """ Create new user Upgrade user to group Login as converted new user check group membership """ # Create new user_to_group user self.sign_up_as('user_to_group') self.log_out() # Call admin upgrade call response = self.app.post( url(controller='test', action='upgrade_user_to_group'), params={ 'member_to_upgrade_to_group': u'user_to_group', 'new_admins_username': u'user_of_group', }, ) # Check login record transfered self.log_in_as('user_of_group') # Check member is admin of group response = self.app.get(url(controller='profile', action='index', format='json'), status=200) response_json = json.loads(response.body) self.assertEquals(response_json['data']['groups']['count'], 1) self.assertEquals( response_json['data']['groups']['items'][0]['username'], 'user_to_group') self.assertEquals(response_json['data']['groups']['items'][0]['role'], 'admin') self.set_persona('user_to_group') # Delete and cleanup group and member response = self.app.post(url('group', id='user_to_group', format='json'), params={ '_method': 'delete', '_authentication_token': self.auth_token }, status=200) member = get_member('user_of_group') member.delete()
def accept_assignment(assignment, member, status="accepted", delay_commit=False): member = get_member(member) assignment = get_content(assignment) if not member: raise action_error(_("cant find user"), code=404) if not assignment: raise action_error(_("cant find assignment"), code=404) if not issubclass(assignment.__class__, AssignmentContent): raise action_error(_("only _assignments can be accepted"), code=400) # all permissins hendled by controler action - so this is unneeded here #if not assignment.viewable_by(c.logged_in_persona): # raise action_error(_('_assignment is not visible to your user and therefor cannot be accepted'), code=403) if assignment_previously_accepted_by(assignment, member): raise action_error(_( '_assignment has been previously accepted and cannot be accepted again' ), code=400) #if assignment.creator == member: # raise action_error(_("cannot accept your own _assignment"), code=400) assignment_accepted = MemberAssignment() assignment.assigned_to.append(assignment_accepted) assignment_accepted.member = member assignment_accepted.status = status Session.add(assignment_accepted) if not delay_commit: Session.commit() #invalidate_accepted_assignment(member) if status == "accepted": assignment.creator.send_notification( messages.assignment_accepted(member=member, assignment=assignment, you=assignment.creator)) if status == "pending": member.send_notification( messages.assignment_invite(member=assignment.creator, assignment=assignment, you=member)) return True
def set_role(group, member, role, delay_commit=False): group = get_group(group) member = get_member(member) membership = get_membership(group, member) role = role or membership.role or group.default_role if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if not membership: raise action_error(_('not a member of group'), code=400) if role not in group_member_roles.enums: raise action_error('not a valid role', code=400) # AllanC - permisions moved to controller #if not group.is_admin(c.logged_in_persona): # raise action_error(_('no permissions for this group'), 403) # AllanC - integrtiy moved to model #if membership.role=="admin" and num_admins<=1: # raise action_error('cannot remove last admin', 400) from pylons import tmpl_context as c membership.role = role if membership.status == "request": membership.status = "active" member.send_notification( messages.group_request_accepted(admin=c.logged_in_user, group=group, you=member)) group.send_notification( messages.group_new_member(member=member, group=group)) else: group.send_notification( messages.group_role_changed(admin=c.logged_in_user, member=member, group=group, role=role)) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return True
def remove_member(group, member, delay_commit=False): group = get_group(group) member = get_member(member) membership = get_membership(group, member) if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if not membership: raise action_error(_('not a member of group'), code=400) # AllanC - permissions moved to controller #if member!=c.logged_in_persona and not group.is_admin(c.logged_in_persona): # raise action_error('current user has no permissions for this group', 403) #AllanC - integrety moved to model #if membership.role=="admin" and num_admins<=1: # raise action_error('cannot remove last admin', 400) # Notifications if membership.status == "active": # member removed from pylons import tmpl_context as c if member != c.logged_in_user: membership.member.send_notification( messages.group_remove_member_to_member(admin=c.logged_in_user, group=group)) group.send_notification( messages.group_remove_member_to_group(admin=c.logged_in_user, group=group, member=member)) elif membership.status == "invite": # invitation declined group.send_notification( messages.group_invitation_declined(member=member, group=group)) elif membership.status == "request": # request declined membership.member.send_notification( messages.group_request_declined(group=group)) Session.delete(membership) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return True
def set_payment_account(member, value, delay_commit=False): member = get_member(member) #account = None if isinstance(value, PaymentAccount): member.payment_account = value elif value in account_types.enums: if value == 'free': account = None else: account = PaymentAccount() account.type = value Session.add(account) member.payment_account = account else: raise action_error('unknown account type: %s' % value) if not delay_commit: Session.commit() return True
def set_persona(persona): assert c.logged_in_user persona = get_member(persona) if persona == c.logged_in_persona: return True elif persona == c.logged_in_user: # If trying to fall back to self login then remove persona selection session_remove('logged_in_persona') session_remove('logged_in_persona_role') session_remove('logged_in_persona_path') c.logged_in_persona = c.logged_in_user c.logged_in_persona_role = 'admin' return True else: membership = get_membership(persona, c.logged_in_persona) if not membership: raise action_error(_('not a member of this group'), code=403) if membership.status != "active": raise action_error(_('not an active member of this group'), code=403) role = lowest_role(membership.role, c.logged_in_persona_role) session_set('logged_in_persona', persona.username) session_set('logged_in_persona_role', role) persona_path = session_get('logged_in_persona_path') or str( c.logged_in_user.id) persona_path = persona_path.split( ',') #if isinstance(persona_path, basestring) else [] if str(persona.id) in persona_path: persona_path = persona_path[0:persona_path.index( str(persona.id ))] #Truncate the list at the occourance of this usename persona_path.append(persona.id) session_set('logged_in_persona_path', ','.join([str(i) for i in persona_path])) # From this point this user is logged in as this persona c.logged_in_persona = persona c.logged_in_persona_role = role return True return False
def add_to_interests(member, content, delay_commit=False): content = get_content(content) member = get_member(member) if not content: raise action_error(_('unable to find content'), code=404) if not member: raise action_error(_('unable to find member'), code=404) #AllanC - TODO: humm ... if we have a duplicate entry being added it will error ... we want to suppress that error member.interest.append(content) # Could update "recomended" feed with new criteria? if not delay_commit: Session.commit() return True
def join_group(group, member, delay_commit=False): return_value = True group = get_group(group) member = get_member(member) membership = get_membership(group, member) if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member to add'), code=404) # AllanC - join permissions moved to controller if membership and membership.status == "invite": membership.status = "active" else: membership = GroupMembership() membership.group = group membership.member = member membership.role = group.default_role group.members_roles.append(membership) # If a join request if group.join_mode == "invite_and_request": membership.status = "request" return_value = "request" group.send_notification( messages.group_join_request(member=member, group=group)) # If user has actually become a member (open or reply to invite) then notify group if return_value == True: group.send_notification( messages.group_new_member(member=member, group=group)) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return return_value
def part_regrade(self, username, type="free"): """ Regrade account to type (default free) """ response = self.app.post(url(controller='payment_actions', action='regrade', id=self.payment_account_ids[username], format="json"), params=dict( _authentication_token=self.auth_token, new_type=type), status=200) response = self.app.post(url(controller='payment_actions', action='regrade', id=self.payment_account_ids[username], format="json"), params=dict( _authentication_token=self.auth_token, new_type=type), status=400) assert get_member(username).payment_account.type == type
def invite(group, member, role, delay_commit=False): group = get_group(group) member = get_member(member) membership = get_membership(group, member) role = role or group.default_role if not group: raise action_error(_('unable to find group'), code=404) if not member: raise action_error(_('unable to find member'), code=404) if membership: raise action_error(_('already a member of group'), code=400) if role not in group_member_roles.enums: raise action_error('not a valid role', code=400) # AllanC - permissions moved to controller #if not group.is_admin(c.logged_in_persona): # raise action_error(_('no permissions for this group'), 403) membership = GroupMembership() membership.group = group membership.member = member membership.role = role membership.status = "invite" group.members_roles.append(membership) # Notification of invitation from pylons import tmpl_context as c member.send_notification( messages.group_invite(admin=c.logged_in_user, group=group, role=membership.role, you=member)) if not delay_commit: Session.commit() #invalidate_member(group) #invalidate_member(member) return True