def follower_invite_trusted(followed, follower, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
if follower == followed:
raise action_error(_('may not follow yourself'), code=400)
#if followed in follower.following:
if follower.is_following(followed):
raise action_error(_('already following'), code=400)
if follower.is_follow_trusted_inviter(followed):
raise action_error(_('already invited to follow as trusted'))
follow = Follow()
follow.member = followed
follow.follower = follower
follow.type = 'trusted_invite'
Session.add(follow)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
follower.send_notification(
messages.follow_invite_trusted(member=followed, you=follower))
return True
def withdraw_assignemnt(assignment, member, delay_commit=False):
member = get_member(member)
assignment = get_content(assignment)
if not member:
raise action_error(_("cant find user"), code=404)
if not assignment:
raise action_error(_("cant find assignment"), code=404)
try:
assignment_accepted = Session.query(MemberAssignment).filter_by(
member_id=member.id, content_id=assignment.id,
status="accepted").one()
assignment_accepted.status = "withdrawn"
#Session.update(assignment_accepted)
Session.commit()
#invalidate_accepted_assignment(member)
assignment.creator.send_notification(
messages.assignment_interest_withdrawn(member=member,
assignment=assignment,
you=assignment.creator))
return True
except:
pass
return False
def respond_assignment(parent_content, member, delay_commit=False):
"""
When creating a response, the accepted record should be flagged as responded
"""
member = get_member(member)
parent_content = get_content(parent_content)
if not member:
raise action_error(_("cant find user"), code=404)
if not parent_content:
raise action_error(_("cant find parent content"), code=404)
if parent_content.__type__ != 'assignment':
return # Nothing to do if parent is not assignment
try:
# upgrade an 'accepted' record to 'responded'
member_assignment = Session.query(MemberAssignment).filter_by(
member_id=member.id, content_id=parent_content.id).one()
member_assignment.status = "responded"
except:
# otherwise create 'responded' record
member_assignment = MemberAssignment()
member_assignment.content = parent_content
member_assignment.member = member
#assignment_accepted.member_id = member.id
member_assignment.status = "responded"
Session.add(member_assignment)
if not delay_commit:
Session.commit()
#invalidate_accepted_assignment(member)
return True
def follower_trust(followed, follower, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
if not follower.is_following(followed):
raise action_error(_('not currently following'), code=400)
follow = Session.query(Follow).filter(
Follow.member_id == followed.id).filter(
Follow.follower_id == follower.id).one()
if follow.type == 'normal':
follow.type = 'trusted'
elif follow.type == 'trusted_invite':
raise action_error(_('follower still has pending invite'), code=400)
elif follow.type == 'trusted':
raise action_error(_('follower already trusted'), code=400)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
follower.send_notification(
messages.follower_trusted(member=followed, you=follower))
return True
def unfollow(follower, followed, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
#if followed not in follower.following:
# GregM: can unfollow to remove trusted invite
if not follower.is_following(
followed) and not follower.is_follow_trusted_inviter(followed):
raise action_error(_('not currently following'), code=400)
#follower.following.remove(followed)
follow = Session.query(Follow).filter(
Follow.member_id == followed.id).filter(
Follow.follower_id == follower.id).one()
Session.delete(follow)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
followed.send_notification(
messages.follow_stop(member=follower, you=followed))
return True
def rate_content(content, member, rating):
content = get_content(content)
member = get_member(member)
rating_value = int(rating)
if not content:
raise action_error(_('unable to find content'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if rating and rating_value < 0 or rating_value > 5:
raise action_error(_("Ratings can only be in the range 0 to 5"),
code=400)
# remove any existing ratings
# we need to commit after removal, otherwise SQLAlchemy
# will optimise remove->add as modify-existing, and the
# SQL trigger will break
try:
existing = Session.query(Rating).filter(
Rating.content == content).filter(Rating.member == member).one()
Session.delete(existing)
Session.commit()
except NoResultFound:
pass
# rating = 0 = remove vote
# add a new one
if rating_value > 0:
r = Rating()
r.content = content
r.member = member
r.rating = rating_value
Session.add(r)
Session.commit()
def accept_assignment(assignment,
member,
status="accepted",
delay_commit=False):
member = get_member(member)
assignment = get_content(assignment)
if not member:
raise action_error(_("cant find user"), code=404)
if not assignment:
raise action_error(_("cant find assignment"), code=404)
if not issubclass(assignment.__class__, AssignmentContent):
raise action_error(_("only _assignments can be accepted"), code=400)
# all permissins hendled by controler action - so this is unneeded here
#if not assignment.viewable_by(c.logged_in_persona):
# raise action_error(_('_assignment is not visible to your user and therefor cannot be accepted'), code=403)
if assignment_previously_accepted_by(assignment, member):
raise action_error(_(
'_assignment has been previously accepted and cannot be accepted again'
),
code=400)
#if assignment.creator == member:
# raise action_error(_("cannot accept your own _assignment"), code=400)
assignment_accepted = MemberAssignment()
assignment.assigned_to.append(assignment_accepted)
assignment_accepted.member = member
assignment_accepted.status = status
Session.add(assignment_accepted)
if not delay_commit:
Session.commit()
#invalidate_accepted_assignment(member)
if status == "accepted":
assignment.creator.send_notification(
messages.assignment_accepted(member=member,
assignment=assignment,
you=assignment.creator))
if status == "pending":
member.send_notification(
messages.assignment_invite(member=assignment.creator,
assignment=assignment,
you=member))
return True
def remove_member(group, member, delay_commit=False):
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if not membership:
raise action_error(_('not a member of group'), code=400)
# AllanC - permissions moved to controller
#if member!=c.logged_in_persona and not group.is_admin(c.logged_in_persona):
# raise action_error('current user has no permissions for this group', 403)
#AllanC - integrety moved to model
#if membership.role=="admin" and num_admins<=1:
# raise action_error('cannot remove last admin', 400)
# Notifications
if membership.status == "active": # member removed
from pylons import tmpl_context as c
if member != c.logged_in_user:
membership.member.send_notification(
messages.group_remove_member_to_member(admin=c.logged_in_user,
group=group))
group.send_notification(
messages.group_remove_member_to_group(admin=c.logged_in_user,
group=group,
member=member))
elif membership.status == "invite": # invitation declined
group.send_notification(
messages.group_invitation_declined(member=member, group=group))
elif membership.status == "request": # request declined
membership.member.send_notification(
messages.group_request_declined(group=group))
Session.delete(membership)
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return True
def set_role(group, member, role, delay_commit=False):
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
role = role or membership.role or group.default_role
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if not membership:
raise action_error(_('not a member of group'), code=400)
if role not in group_member_roles.enums:
raise action_error('not a valid role', code=400)
# AllanC - permisions moved to controller
#if not group.is_admin(c.logged_in_persona):
# raise action_error(_('no permissions for this group'), 403)
# AllanC - integrtiy moved to model
#if membership.role=="admin" and num_admins<=1:
# raise action_error('cannot remove last admin', 400)
from pylons import tmpl_context as c
membership.role = role
if membership.status == "request":
membership.status = "active"
member.send_notification(
messages.group_request_accepted(admin=c.logged_in_user,
group=group,
you=member))
group.send_notification(
messages.group_new_member(member=member, group=group))
else:
group.send_notification(
messages.group_role_changed(admin=c.logged_in_user,
member=member,
group=group,
role=role))
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return True
def add_to_interests(member, content, delay_commit=False):
content = get_content(content)
member = get_member(member)
if not content:
raise action_error(_('unable to find content'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
#AllanC - TODO: humm ... if we have a duplicate entry being added it will error ... we want to suppress that error
member.interest.append(content)
# Could update "recomended" feed with new criteria?
if not delay_commit:
Session.commit()
return True
def unboom_content(content, member, delay_commit=False):
boom = has_boomed(content, member)
if boom:
Session.delete(boom)
else:
raise action_error(_(
"%s has not boomed previously boomed this _content" % member),
code=400)
if not delay_commit:
Session.commit()
def join_group(group, member, delay_commit=False):
return_value = True
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member to add'), code=404)
# AllanC - join permissions moved to controller
if membership and membership.status == "invite":
membership.status = "active"
else:
membership = GroupMembership()
membership.group = group
membership.member = member
membership.role = group.default_role
group.members_roles.append(membership)
# If a join request
if group.join_mode == "invite_and_request":
membership.status = "request"
return_value = "request"
group.send_notification(
messages.group_join_request(member=member, group=group))
# If user has actually become a member (open or reply to invite) then notify group
if return_value == True:
group.send_notification(
messages.group_new_member(member=member, group=group))
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return return_value
def follow(follower, followed, delay_commit=False):
followed = get_member(followed)
follower = get_member(follower)
if not followed:
raise action_error(_('unable to find followed'), code=404)
if not follower:
raise action_error(_('unable to find follower'), code=404)
if follower == followed:
raise action_error(_('may not follow yourself'), code=400)
#if followed in follower.following:
if follower.is_following(followed):
raise action_error(_('already following'), code=400)
# AllanC - I wanted to use is_following and remove the following reference - but as this code is run by base test populator before the site is running it cant be
# GregM: Change invite to follow if is invited, otherwise follow:
if follower.is_follow_trusted_inviter(followed):
follow = Session.query(Follow).filter(
Follow.member_id == followed.id).filter(
Follow.follower_id == follower.id).filter(
Follow.type == 'trusted_invite').one()
follow.type = 'trusted'
else:
#follower.following.append(followed)
follow = Follow()
follow.member = followed
follow.follower = follower
Session.add(follow)
if not delay_commit:
Session.commit()
#invalidate_member(follower)
#invalidate_member(followed)
followed.send_notification(
messages.followed_by(member=follower, you=followed))
return True
def invite(group, member, role, delay_commit=False):
group = get_group(group)
member = get_member(member)
membership = get_membership(group, member)
role = role or group.default_role
if not group:
raise action_error(_('unable to find group'), code=404)
if not member:
raise action_error(_('unable to find member'), code=404)
if membership:
raise action_error(_('already a member of group'), code=400)
if role not in group_member_roles.enums:
raise action_error('not a valid role', code=400)
# AllanC - permissions moved to controller
#if not group.is_admin(c.logged_in_persona):
# raise action_error(_('no permissions for this group'), 403)
membership = GroupMembership()
membership.group = group
membership.member = member
membership.role = role
membership.status = "invite"
group.members_roles.append(membership)
# Notification of invitation
from pylons import tmpl_context as c
member.send_notification(
messages.group_invite(admin=c.logged_in_user,
group=group,
role=membership.role,
you=member))
if not delay_commit:
Session.commit()
#invalidate_member(group)
#invalidate_member(member)
return True
def boom_content(content, member, delay_commit=False):
# Validation
if content.private == True:
raise action_error(_("cannot boom private content"), code=400)
if has_boomed(content, member):
raise action_error(_("You have previously boomed this _content"),
code=400)
boom = Boom()
#boom.content_id = content.id
#boom.member_id = member.id
boom.content = content
boom.member = member
Session.add(boom)
if not delay_commit:
Session.commit()
if content.__type__ == 'article':
member.send_notification_to_followers(
messages.boom_article(member=member, article=content))
elif content.__type__ == 'assignment':
member.send_notification_to_followers(
messages.boom_assignment(member=member, assignment=content))
def cb_qrcode(cb_url, **kwargs):
if c.format == 'jpg':
c.format = 'jpeg'
kwargs['format'] = c.format if c.format in [
'png', 'jpeg', 'gif', 'bmp', 'tiff'
] else 'png'
kwargs['pixel_size'] = int(kwargs.get('pixel_size', 8))
kwargs['level'] = int(kwargs.get('level', qrencode.QR_ECLEVEL_M))
#kwargs['case_sensitive'] = kwargs.get('case_sensitive', False)
try:
qr_stream = qrcode_stream(cb_url, **kwargs)
response.headers['Content-type'] = "image/%s" % kwargs['format']
return qr_stream
except Exception as e:
response.headers['Content-type'] = "text/html; charset=utf-8"
raise action_error('error generating QRCode: %s' % e)
def set_payment_account(member, value, delay_commit=False):
member = get_member(member)
#account = None
if isinstance(value, PaymentAccount):
member.payment_account = value
elif value in account_types.enums:
if value == 'free':
account = None
else:
account = PaymentAccount()
account.type = value
Session.add(account)
member.payment_account = account
else:
raise action_error('unknown account type: %s' % value)
if not delay_commit:
Session.commit()
return True
def error_view_permission():
return action_error(
#status = 'error' ,
code = 403 ,
message = _('The _content you requested is not viewable') ,
)
def error_age():
return action_error(
#status = 'error' ,
code = 403 ,
message = _('current user is not a suitable age to perform this operation') ,
)
def error_role():
return action_error(
#status = 'error' ,
code = 403 ,
message = _('current persona does not posses the role required to perform this operation') ,
)
def error_account_level():
return action_error(
#status = 'error' ,
code = 402 ,
message = _('operation requires account upgrade') ,
)
def _check_last_admin(self, member=None, membership=None):
if not membership:
membership = self.get_membership(member)
if membership and membership.role == "admin" and self.num_admins <= 1:
from civicboom.lib.web import action_error
raise action_error('cannot remove last admin', code=400)
def upgrade_user_to_group(member_to_upgrade_to_group,
new_admins_username,
new_group_username=None):
"""
Only to be called by admins/power users
This handled the migration of users to groups at an SQL level
"""
to_group = get_member(member_to_upgrade_to_group)
admin_user = get_member(new_admins_username)
# Validation
if not to_group or to_group.__type__ != 'user':
raise action_error('member_to_upgrade_to_group not a group', code=404)
if get_member(new_group_username):
raise action_error('new_group_username already taken', code=404)
if admin_user:
raise action_error('new_admins_username already taken', code=404)
# Create new admin user
admin_user = User()
admin_user.id = new_admins_username
admin_user.name = new_admins_username
admin_user.status = 'active'
admin_user.email = to_group.email
admin_user.email_unverifyed = to_group.email_unverified
Session.add(admin_user)
Session.commit() # needs to be commited to get id
sql_cmds = []
if new_group_username:
sql_cmds += [
Member.__table__.update().where(
Member.__table__.c.id == to_group.id).values(
username=new_group_username),
]
sql_cmds += [
# UPDATE member set username='******', __type__='group' WHERE id=533;
Member.__table__.update().where(Member.__table__.c.id == to_group.id
).values(__type__='group'),
# Reassign the login details from the old member to the new admin user
UserLogin.__table__.update().where(
UserLogin.__table__.c.member_id == to_group.id
).values(member_id=admin_user.id),
# DELETE the matching user record that pairs with the member record
User.__table__.delete().where(User.__table__.c.id == to_group.id),
# INSERT matching group record to pair group name
Group.__table__.insert().values(id=to_group.id,
join_mode='invite',
member_visibility='private',
default_content_visibility='public',
default_role='admin',
num_members=1),
# INSERT admin_user as as admin of the group
GroupMembership.__table__.insert().values(group_id=to_group.id,
member_id=admin_user.id,
role='admin',
status='active'),
]
for sql_cmd in sql_cmds:
Session.execute(sql_cmd)
Session.commit()