def common_design_update(request, nick): view = api.actor_get(api.ROOT, nick) if request.POST: try: validate.nonce(request, 'update_design') color = request.POST.get('bg_color') repeat = request.POST.get('bg_repeat', 'no-repeat') if not repeat: repeat = '' img = request.FILES.get('bg_image') img_url = None if img: img_url = api.background_upload(request.user, nick, img.read()) api.background_set_actor(request.user, nick, img_url, color, repeat) return util.RedirectFlash(view.url() + '/settings/design', 'design updated') except: exception.handle_exception(request) if request.GET and 'restore' in request.GET: api.background_clear_actor(request.user, nick) return util.RedirectFlash(view.url() + '/settings/design', 'design updated') return None
def join_welcome_mobile(request): redirect_to = request.REQUEST.get('redirect_to', '/') next = '/welcome/3' try: if not settings.SMS_ENABLED: raise exception.FeatureDisabledError('Mobile activation is currently disabled') except: exception.handle_exception(request) mobile = api.mobile_get_actor(request.user, request.user.nick) # set the progress welcome_photo = True view = request.user page = 'mobile' area = 'welcome' c = template.RequestContext(request, locals()) t = loader.get_template('join/templates/welcome_%s.html' % page) return http.HttpResponse(t.render(c))
def common_design_update(request, success="/", nick=None): if not nick: nick = request.user.nick view = api.actor_get(api.ROOT, nick) if request.POST: try: validate.nonce(request, 'update_design') color = request.POST.get('bg_color') repeat = request.POST.get('bg_repeat', 'no-repeat') if not repeat: repeat = '' img = request.FILES.get('bg_image') img_url = None if img: img_url = api.background_upload(request.user, nick, img.read()) api.background_set_actor(request.user, nick, img_url, color, repeat) return util.RedirectFlash(success, 'Thiết lập về màu nền/ảnh nền đã được cập nhật lại.') except: exception.handle_exception(request) if request.GET and 'restore' in request.GET: api.background_clear_actor(request.user, nick) return util.RedirectFlash(success, 'Thiết lập ảnh nền/màu nền đã được khôi phục về trạng thái mặc định.') return None
def install_rootuser(request): # requires an admin user = users.get_current_user() if not user: return http.HttpResponseRedirect(users.create_login_url('/install')) else: if not users.is_current_user_admin(): return http.HttpResponseRedirect('/') try: root_user = api.actor_get(api.ROOT, settings.ROOT_NICK) except: root_user = None if request.POST: try: logging.warning('Making root user: %s', settings.ROOT_NICK) #validate.nonce(request, 'create_root') root_user = api.user_create_root(api.ROOT) return util.RedirectFlash('/install', 'Root user created') except: exception.handle_exception(request) redirect_to = '/' c = template.RequestContext(request, locals()) t = loader.get_template('rootuser.html') return http.HttpResponse(t.render(c))
def join_welcome_mobile(request): redirect_to = get_clean_redirect(request) next = '/welcome/3' try: if not settings.SMS_ENABLED: raise exception.FeatureDisabledError( 'Mobile activation is currently disabled') except: exception.handle_exception(request) mobile = api.mobile_get_actor(request.user, request.user.nick) # set the progress welcome_photo = True view = request.user page = 'mobile' area = 'welcome' c = template.RequestContext(request, locals()) t = loader.get_template('join/templates/welcome_%s.html' % page) return http.HttpResponse(t.render(c))
def call_api_from_request(request, api_call): """Call an API function 'api_call' if it's present in the request parameters. The first parameter to the API call is always the logged-in user. The rest of the parameters may come in two forms: api_call_name=first_param& ... rest of params or api_call_name=& ... rest of params rest_of_params is always turned into Python keyword arguments. If the api_call_name has a value, that is turned into Python positional params. RETURNS: (False, None) if it isn't or the call throws an exception, (True, return value from call) otherwise. """ # TODO(termie): make this only accept POST once we update javascript # to turn the links into POSTs for request_dict in (request.POST, request.GET): if api_call in request_dict: # debug logging.info(">>> CALL: %s", str(api_call)) # end debug call = getattr(api, api_call) try: validate.nonce(request, api_call) confirm_msg = messages.confirmation(api_call) # debug # logging.info(">>> MESSAGE : %s", str(confirm_msg)) # end debug if not confirm_msg is None: validate.confirm_dangerous( request, messages.confirmation(api_call)) kwparams = util.query_dict_to_keywords(request_dict) # debug logging.info(">>> KWPARAMS: %s", str(kwparams)) # end debug if '' in kwparams: del kwparams[''] first_param = kwparams.pop(api_call, '') params = list() if len(first_param): params = (first_param,) validate.nonce(request, api_call) kwparams.pop('_nonce') kwparams.pop('confirm', None) kwparams.pop('redirect_to', None) # debug logging.info("##### CALL: %s", str((params, kwparams))) # end debug return (True, call(request.user, *params, **kwparams)) except: exception.handle_exception(request) return (False, None)
def confirm_email(request, code): try: rel_ref = api.activation_activate_email(request.user, request.user.nick, code) return util.RedirectFlash(request.user.url() + "/overview", "Email address '%s' confirmed." % rel_ref.target) except: exception.handle_exception(request)
def common_error(request): message = request.REQUEST['error'] try: validate.error_nonce(request, message) except: exception.handle_exception(request) message = "An error has occurred" c = template.RequestContext(request, locals()) t = loader.get_template('common/templates/error_generic.html') return http.HttpResponse(t.render(c))
def login_login(request): redirect_to = request.REQUEST.get('redirect_to', '/') redirect_to = clean.redirect_to(redirect_to) if request.POST: try: login = request.POST.get('log', None) password = request.POST.get('pwd', None) rememberme = request.POST.get('rememberme', None) # TODO validate current_user = user.lookup_user_by_login(login, password) if current_user: if redirect_to == '/': redirect_to = current_user.url('/overview') # Attempt to do some cleanup on the user if necessary api.user_cleanup(api.ROOT, current_user.nick) # if we aren't hosted or aren't ssl just set the cookie and go home if (not settings.HOSTED_DOMAIN_ENABLED or not settings.SSL_LOGIN_ENABLED): response = http.HttpResponseRedirect(redirect_to) response = user.set_user_cookie(response, current_user, rememberme) return response # otherwise, we're going to have to redirect to set the cookie on # the proper domain sso_token = util.generate_uuid() cache.set('sso/%s' % sso_token, (current_user.nick, rememberme), timeout=10) sso_url = 'http://%s/login/noreally' % (settings.DOMAIN) sso_url = util.qsa( sso_url, {'redirect_to': redirect_to, 'sso_token': sso_token}) return http.HttpResponseRedirect(sso_url) else: raise exception.ValidationError("Invalid username or password") except: exception.handle_exception(request) view =user.get_user_from_cookie_or_legacy_auth(request) area="login" if view: if redirect_to == '/': redirect_to = request.user.url('/overview') return http.HttpResponseRedirect(redirect_to) c = template.RequestContext(request, locals()) t = loader.get_template('login/templates/login.html') return http.HttpResponse(t.render(c))
def install(request): try: root_user = api.actor_get(api.ROOT, settings.ROOT_NICK) if root_user: return util.RedirectFlash('/', 'Already Installed') except: root_user = None post_name = util.get_metadata('POST_NAME') default_channel = util.get_metadata('DEFAULT_CHANNEL') if request.POST: site_name = request.POST.get('site_name', None) tagline = request.POST.get('tagline', None) post_name = request.POST.get('post_name', None) root_mail = request.POST.get('root_mail', None) password = request.POST.get('password', None) confirm = request.POST.get('confirm', None) default_channel = request.POST.get('default_channel', None) try: logging.info('saving values') validate.nonce(request, 'install') validate.email(root_mail) validate.password(password) validate.password_and_confirm(password, confirm) channel = clean.channel(default_channel) admin_helper.validate_and_save_sitesettings(site_name, tagline, post_name) root_user = api.user_create_root(api.ROOT, password=password) api.email_associate(api.ROOT, root_user.nick, root_mail) channel_ref = api.channel_create(api.ROOT, nick=api.ROOT.nick, channel=channel, tags=[], type='', description='Support Channel') util.set_metadata('DEFAULT_CHANNEL', default_channel) logging.info('Installed and Redirecting to front') return util.RedirectFlash('/', 'Installed Successfully') except: exception.handle_exception(request) redirect_to = '/' c = template.RequestContext(request, locals()) return render_to_response('administration/templates/install.html', c)
def common_confirm(request): message = request.REQUEST['message'] redirect_to = request.REQUEST['redirect_to'] try: validate.nonce(request, message + redirect_to) parts = urlparse.urlparse(redirect_to) action_url = parts[2] query_dict = cgi.parse_qs(parts[4], keep_blank_values=True) query_dict = dict([(k, v[0]) for k, v in query_dict.iteritems()]) except: message = None exception.handle_exception(request) c = template.RequestContext(request, locals()) t = loader.get_template('common/templates/confirm.html') return http.HttpResponse(t.render(c))
def admin_site(request): page = 'site' title = 'Site Settings' site_name = util.get_metadata('SITE_NAME') tagline = util.get_metadata('TAGLINE') post_name = util.get_metadata('POST_NAME') if request.POST: site_name = request.POST.get('site_name', None) tagline = request.POST.get('tagline', None) post_name = request.POST.get('post_name', None) site_description = request.POST.get('site_description', None) try: validate.nonce(request, 'site') admin_helper.validate_and_save_sitesettings(site_name, tagline, post_name, site_description) except exception.ValidationError: exception.handle_exception(request) c = template.RequestContext(request, locals()) return render_to_response('administration/templates/site.html', c)
def admin_channel(request): page = 'channel' title = 'Channels Settings' enable_channels = util.get_metadata('ENABLE_CHANNELS') enable_channel_types = util.get_metadata('ENABLE_CHANNEL_TYPES') if request.POST: enable_channels = request.POST.get('enable_channels', False) enable_channel_types = request.POST.get('enable_channel_types', False) try: validate.nonce(request, 'admin_channel') validate.bool_checkbox(enable_channels) validate.bool_checkbox(enable_channel_types) util.set_metadata('ENABLE_CHANNELS', str(enable_channels), 0, {'type':'bool'}) util.set_metadata('ENABLE_CHANNEL_TYPES', str(enable_channel_types), 0, {'type':'bool'}) except exception.ValidationError: exception.handle_exception(request) c = template.RequestContext(request, locals()) return render_to_response('administration/templates/channel.html', c)
def common_photo_upload(request, success="/", nick=None): if not nick: nick = request.user.nick if request.FILES: try: # we're going to handle a file upload, wee validate.nonce(request, 'change_photo') img = request.FILES.get('imgfile') if not img: raise exception.ValidationError('imgfile must be set') validate.avatar_photo_size(img) img_url = api.avatar_upload(request.user, nick, img.read()) api.avatar_set_actor(request.user, nick, img_url) return util.RedirectFlash(success, "Avatar uploaded") except: exception.handle_exception(request) elif 'avatar' in request.POST: try: validate.nonce(request, 'change_photo') avatar_path = request.POST.get('avatar') if not avatar_path: raise exception.ValidationError('avatar must be set') rv = api.avatar_set_actor(request.user, nick, avatar_path) if not rv: raise exception.ValidationError('failed to set avatar') return util.RedirectFlash(success, "Avatar changed") except: exception.handle_exception(request) if 'delete' in request.REQUEST: try: validate.nonce(request, 'delete_photo') validate.confirm_dangerous(request, 'Delete your photo?') rv = api.avatar_clear_actor(request.user, nick) return util.RedirectFlash(success, "Avatar deleted") except: exception.handle_exception(request)
def actor_settings(request, nick, page='index'): """ just a static page that links to the rest""" nick = clean.nick(nick) view = api.actor_lookup_nick(api.ROOT, nick) if not api.actor_owns_actor(request.user, view): raise exception.ApiOwnerRequired( 'Operation not allowed: %s does not own %s' % (request.user and request.user.nick or '(nobody)', view.nick)) handled = common_views.handle_view_action( request, { 'activation_activate_mobile': view.url('/settings/mobile'), 'activation_request_email': view.url('/settings/email'), 'activation_request_mobile': view.url('/settings/mobile'), 'settings_change_notify': view.url('/settings/notifications'), 'settings_change_privacy': request.path, 'settings_update_account': view.url('/settings/profile'), 'actor_remove': '/logout', #'oauth_remove_consumer': request.path, #'oauth_remove_access_token': request.path } ) if handled: return handled # TODO(tyler/termie): This conflicts with the global settings import. # Also, this seems fishy. Do none of the settings.* items work in templates? import settings # TODO(tyler): Merge this into handle_view_action, if possible if 'password' in request.POST: try: validate.nonce(request, 'change_password') password = request.POST.get('password', '') confirm = request.POST.get('confirm', '') validate.password_and_confirm(password, confirm, field = 'password') api.settings_change_password(request.user, view.nick, password) response = util.RedirectFlash(view.url() + '/settings/password', 'Password updated') request.user.password = util.hash_password(request.user.nick, password) # TODO(mikie): change when cookie-auth is changed user.set_user_cookie(response, request.user) return response except: exception.handle_exception(request) if page == 'feeds': try: if not settings.FEEDS_ENABLED: raise exception.DisabledFeatureError('Feeds are currently disabled') except: exception.handle_exception(request) if page == 'photo': redirect_to = view.url() + '/settings/photo' handled = common_views.common_photo_upload(request, redirect_to) if handled: return handled area = 'settings' full_page = page.capitalize() if page == 'mobile': full_page = 'Mobile Number' mobile = api.mobile_get_actor(request.user, view.nick) sms_notify = view.extra.get('sms_notify', False) elif page == 'im': full_page = 'IM Address' im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) elif page == 'index': email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get('email_notify', False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) elif page == 'feeds': full_page = 'Web Feeds' elif page == 'email': full_page = 'Email Address' email_notify = view.extra.get('email_notify', False) # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == 'design': handled = common_views.common_design_update(request, view.nick) if handled: return handled full_page = 'Look and Feel' elif page == 'notifications': email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get('email_notify', False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) mobile = api.mobile_get_actor(request.user, request.user.nick) sms_notify = view.extra.get('sms_notify', False) sms_confirm = sms_notify and not view.extra.get('sms_confirmed', False) # TODO(termie): remove this once we can actually receive sms sms_confirm = False elif page == 'profile': # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == 'photo': avatars = display.DEFAULT_AVATARS small_photos = api.image_get_all_keys(request.user, view.nick, size='f') # TODO(tyler): Fix this avatar nonsense! own_photos = [{ 'path' : small_photo.key().name(), 'name' : small_photo.key().name()[len('image/'):-len('_f.jpg')], } for small_photo in small_photos ] elif page == 'privacy': PRIVACY_PUBLIC = api.PRIVACY_PUBLIC PRIVACY_CONTACTS = api.PRIVACY_CONTACTS elif page == 'jsbadge': full_page = 'Javascript Badges' elif page == 'badge': badges = [{'id': 'badge-stream', 'width': '200', 'height': '300', 'src': '/themes/%s/badge.swf' % settings.DEFAULT_THEME, 'title': 'Stream', }, {'id': 'badge-map', 'width': '200', 'height': '255', 'src': '/themes/%s/badge-map.swf' % settings.DEFAULT_THEME, 'title': 'Map', }, {'id': 'badge-simple', 'width': '200', 'height': '200', 'src': '/themes/%s/badge-simple.swf' % settings.DEFAULT_THEME, 'title': 'Simple', }, ] elif page in ['password', 'delete']: # Catch for remaining pages before we generate a 404. pass else: return common_views.common_404(request) # rendering c = template.RequestContext(request, locals()) t = loader.get_template('actor/templates/settings_%s.html' % page) return http.HttpResponse(t.render(c))
def common_listings(request, nick, listings, template_name): view = api.actor_get(api.ROOT, nick) if request.POST: logging.info("Post Request: %s" % request.POST) try: # Add Listing Action logging.info("Action: %s" % request.POST.get("action")) if request.POST.get("action") == "add_listing": author = view.nick logging.info("Calling Create Listing - Params: %s, Author: %s" % (request.POST, author)) address = request.POST.get("address") price = request.POST.get("price") baths = request.POST.get("baths") beds = request.POST.get("beds") size = request.POST.get("size") description = request.POST.get("description") property_type = request.POST.get("property_type") amenities = request.POST.get("amenities") tag = request.POST.get("tag") galleryUrl = request.POST.get("galleryUrl") handled = api.add_listing(address, price, baths, beds, size, description, property_type, amenities, author, tag, galleryUrl) # Edit Listings Page if request.POST.get("action") == "edit_listing": author = view.nick logging.info("Calling Edit Listing - Params: %s, Author: %s, Key: %s" % (request.POST, author, request.POST.get("id"))) id = request.POST.get("id") address = request.POST.get("address") price = request.POST.get("price") baths = request.POST.get("baths") beds = request.POST.get("beds") size = request.POST.get("size") description = request.POST.get("description") property_type = request.POST.get("property_type") amenities = request.POST.get("amenities") tag = request.POST.get("tag") galleryUrl = request.POST.get("galleryUrl") handled = api.edit_listing(id, address, price, baths, beds, size, description, property_type, amenities, author, tag, galleryUrl) return util.RedirectFlash(view.url() + '/settings/listings', 'listings updated') except: exception.handle_exception(request) if request.GET and 'restore' in request.GET: api.background_clear_actor(request.user, nick) return util.RedirectFlash(view.url() + '/settings/listings', 'listings updated') model = {} if request.GET.get("action") == "edit" and request.GET.get("id"): editListingId = request.GET.get("id") if editListingId: key = Key(editListingId) logging.info("ID: %s" % key) obj = db.get(key) model['edit'] = obj model['listings'] = listings logging.info("Model: %s" % model) t = loader.get_template(template_name) return http.HttpResponse(t.render(template.RequestContext(request, model)))
def actor_settings(request, nick, page="index"): """ just a static page that links to the rest""" nick = clean.nick(nick) view = api.actor_lookup_nick(api.ROOT, nick) if not api.actor_owns_actor(request.user, view): raise exception.ApiOwnerRequired( "Operation not allowed: %s does not own %s" % (request.user and request.user.nick or "(nobody)", view.nick) ) handled = common_views.handle_view_action( request, { "activation_activate_mobile": view.url("/settings/mobile"), "activation_request_email": view.url("/settings/email"), "activation_request_mobile": view.url("/settings/mobile"), "settings_change_notify": view.url("/settings/notifications"), "settings_change_privacy": request.path, "settings_update_account": view.url("/settings/profile"), "actor_remove": "/logout", #'oauth_remove_consumer': request.path, #'oauth_remove_access_token': request.path }, ) if handled: return handled # TODO(tyler/termie): This conflicts with the global settings import. # Also, this seems fishy. Do none of the settings.* items work in templates? import settings # TODO(tyler): Merge this into handle_view_action, if possible if "password" in request.POST: try: validate.nonce(request, "change_password") password = request.POST.get("password", "") confirm = request.POST.get("confirm", "") validate.password_and_confirm(password, confirm, field="password") api.settings_change_password(request.user, view.nick, password) response = util.RedirectFlash(view.url() + "/settings/password", "Password updated") request.user.password = util.hash_password(request.user.nick, password) # TODO(mikie): change when cookie-auth is changed user.set_user_cookie(response, request.user) return response except: exception.handle_exception(request) if page == "feeds": try: if not settings.FEEDS_ENABLED: raise exception.DisabledFeatureError("Feeds are currently disabled") except: exception.handle_exception(request) if page == "photo": redirect_to = view.url() + "/settings/photo" handled = common_views.common_photo_upload(request, redirect_to) if handled: return handled area = "settings" full_page = page.capitalize() if page == "mobile": full_page = "Mobile Number" mobile = api.mobile_get_actor(request.user, view.nick) sms_notify = view.extra.get("sms_notify", False) elif page == "im": full_page = "IM Address" im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get("im_notify", False) elif page == "index": email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get("email_notify", False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get("im_notify", False) elif page == "feeds": full_page = "Web Feeds" elif page == "email": full_page = "Email Address" email_notify = view.extra.get("email_notify", False) # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == "design": redirect_to = view.url() + "/settings/design" handled = common_views.common_design_update(request, redirect_to, view.nick) if handled: return handled full_page = "Look and Feel" elif page == "notifications": email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get("email_notify", False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get("im_notify", False) mobile = api.mobile_get_actor(request.user, request.user.nick) sms_notify = view.extra.get("sms_notify", False) sms_confirm = sms_notify and not view.extra.get("sms_confirmed", False) # TODO(termie): remove this once we can actually receive sms sms_confirm = False elif page == "profile": # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == "photo": avatars = display.DEFAULT_AVATARS small_photos = api.image_get_all_keys(request.user, view.nick, size="f") # TODO(tyler): Fix this avatar nonsense! own_photos = [ {"path": small_photo.key().name(), "name": small_photo.key().name()[len("images/") : -len("_f.jpg")]} for small_photo in small_photos ] elif page == "privacy": PRIVACY_PUBLIC = api.PRIVACY_PUBLIC PRIVACY_CONTACTS = api.PRIVACY_CONTACTS elif page == "jsbadge": full_page = "Javascript Badges" elif page == "badge": badges = [ { "id": "badge-stream", "width": "200", "height": "300", "src": "/themes/%s/badge.swf" % settings.DEFAULT_THEME, "title": "Stream", }, { "id": "badge-map", "width": "200", "height": "255", "src": "/themes/%s/badge-map.swf" % settings.DEFAULT_THEME, "title": "Map", }, { "id": "badge-simple", "width": "200", "height": "200", "src": "/themes/%s/badge-simple.swf" % settings.DEFAULT_THEME, "title": "Simple", }, ] elif page in ["password", "delete"]: # Catch for remaining pages before we generate a 404. pass else: return common_views.common_404(request) # rendering c = template.RequestContext(request, locals()) t = loader.get_template("actor/templates/settings_%s.html" % page) return http.HttpResponse(t.render(c))
def join_welcome_contacts(request): """ if we have an access token for this user attempt to fetch the contacts else if we have a request token attempt to get an access token if we have neither if we are trying to authorize, grab a request token and redirect to authorize page else show the page """ redirect_to = get_clean_redirect(request) next = '/welcome/done' # these are for the find more contacts bits start_index = int(request.REQUEST.get('index', 1)) max = 100 token = request.REQUEST.get('token') contacts_more = int(request.REQUEST.get('contacts_more', 0)) # this won't be seen unless contacts_more is positive, # so no worries about the possible negative value contacts_so_far = contacts_more - 1 try: if not settings.GOOGLE_CONTACTS_IMPORT_ENABLED: raise exception.FeatureDisabledError( 'Google Contacts import is currently disabled') if 'lookup_remote_contacts' in request.POST: validate.nonce(request, 'lookup_remote_contacts') next_url = util.qsa( util.here(request), { 'redirect_to': redirect_to, 'upgrade_auth_token': '', '_nonce': util.create_nonce(request.user, 'upgrade_auth_token'), }) auth_url = google_contacts.auth_sub_url(next_url) return http.HttpResponseRedirect(auth_url) elif 'actor_add_contacts' in request.POST: validate.nonce(request, 'actor_add_contacts') targets = request.POST.getlist('targets') owner = request.POST.get('owner', '') rv = api.actor_add_contacts(request.user, owner, targets) next_url = util.qsa( util.here(request), { 'redirect_to': redirect_to, 'contacts_more': contacts_more, 'index': start_index, 'token': token, }) return util.RedirectFlash(next_url, 'Contacts added.') elif 'upgrade_auth_token' in request.GET: validate.nonce(request, 'upgrade_auth_token') auth_token = google_contacts.auth_sub_token_from_request(request) session_token = google_contacts.upgrade_to_session_token( auth_token) next_url = util.qsa( util.here(request), { 'redirect_to': redirect_to, 'fetch_contacts': '', 'token': session_token.get_token_string(), '_nonce': util.create_nonce(request.user, 'fetch_contacts'), }) return http.HttpResponseRedirect(next_url) elif 'fetch_contacts' in request.REQUEST: validate.nonce(request, 'fetch_contacts') # start_index and max are gathered above session_token = google_contacts.auth_sub_token_from_request( request) # check for the "My Contacts" group, otherwise, fetch it my_contacts = memcache.client.get('%s/my_contacts' % token) if not my_contacts: my_contacts = google_contacts.get_system_group( session_token, 'Contacts') memcache.client.set('%s/my_contacts' % token, my_contacts) rv, more = google_contacts.get_contacts_emails(session_token, group=my_contacts, index=start_index, max=max) contacts = [] for name, email in rv: logging.info('looking up "%s" %s', name, email) contacts.append(api.actor_lookup_email(request.user, email)) contacts = [x for x in contacts if x] # for the template contacts_found = True contacts_more = more contacts_so_far = contacts_more - 1 token = session_token.get_token_string() contacts_emails = rv # if no contacts were found and more are available, try some more if not contacts and contacts_more: next_url = util.qsa( util.here(request), { 'fetch_contacts': '', 'contacts_more': contacts_more, 'index': contacts_more, 'token': token, '_nonce': util.create_nonce(request.user, 'fetch_contacts'), 'redirect_to': redirect_to, }) # TODO(termie): this can take a really long time, probably not really # viable until we can do it with javascript #return util.MetaRefresh(next_url, message='Still working...', second=1) #return http.HttpResponseRedirect(next_url) except: exception.handle_exception(request) # set the progress welcome_photo = True welcome_mobile = True view = request.user page = 'contacts' area = 'welcome' c = template.RequestContext(request, locals()) t = loader.get_template('join/templates/welcome_%s.html' % page) return http.HttpResponse(t.render(c))
def join_join(request): if request.user: raise exception.AlreadyLoggedInException() redirect_to = request.REQUEST.get('redirect_to', '/') # get the submitted vars nick = request.REQUEST.get('nick', '') first_name = request.REQUEST.get('first_name', '') last_name = request.REQUEST.get('last_name', '') email = request.REQUEST.get('email', '') password = request.REQUEST.get('password', '') confirm = request.REQUEST.get('confirm', '') homepage = request.REQUEST.get('homepage', '') hide = request.REQUEST.get('hide', '') if request.POST: try: # TODO validate params = util.query_dict_to_keywords(request.POST) if hide: params['privacy'] = 2 validate.email(email) if not mail.is_allowed_to_send_email_to(email): raise exception.ValidationError("Cannot send email to that address") # TODO start transaction if api.actor_lookup_email(api.ROOT, email): raise exception.ValidationError( 'That email address is already associated with a member.') actor_ref = api.user_create(api.ROOT, **params) actor_ref.access_level = "delete" api.post(actor_ref, nick=actor_ref.nick, message='Joined %s!' % (settings.SITE_NAME), icon='jaiku-new-user') # send off email confirmation api.activation_request_email(actor_ref, actor_ref.nick, email) # TODO end transaction welcome_url = util.qsa('/welcome', {'redirect_to': redirect_to}) # NOTE: does not provide a flash message response = http.HttpResponseRedirect(welcome_url) user.set_user_cookie(response, actor_ref) return response except: exception.handle_exception(request) # for legal section legal_component = component.include('legal', 'dummy_legal') legal_html = legal_component.embed_join() # for sidebar sidebar_green_top = True area = "join" c = template.RequestContext(request, locals()) t = loader.get_template('join/templates/join.html') return http.HttpResponse(t.render(c))
def join_welcome_contacts(request): """ if we have an access token for this user attempt to fetch the contacts else if we have a request token attempt to get an access token if we have neither if we are trying to authorize, grab a request token and redirect to authorize page else show the page """ redirect_to = request.REQUEST.get('redirect_to', '/') next = '/welcome/done' # these are for the find more contacts bits start_index = int(request.REQUEST.get('index', 1)) max = 100 token = request.REQUEST.get('token') contacts_more = int(request.REQUEST.get('contacts_more', 0)) # this won't be seen unless contacts_more is positive, # so no worries about the possible negative value contacts_so_far = contacts_more - 1 try: if not settings.GOOGLE_CONTACTS_IMPORT_ENABLED: raise exception.FeatureDisabledError('Google Contacts import is currently disabled') if 'lookup_remote_contacts' in request.POST: validate.nonce(request, 'lookup_remote_contacts') next_url = util.qsa(util.here(request), {'redirect_to': redirect_to, 'upgrade_auth_token': '', '_nonce': util.create_nonce(request.user, 'upgrade_auth_token'), } ) auth_url = google_contacts.auth_sub_url(next_url) return http.HttpResponseRedirect(auth_url) elif 'actor_add_contacts' in request.POST: validate.nonce(request, 'actor_add_contacts') targets = request.POST.getlist('targets') owner = request.POST.get('owner', '') rv = api.actor_add_contacts(request.user, owner, targets) next_url = util.qsa(util.here(request), {'redirect_to': redirect_to, 'contacts_more': contacts_more, 'index': start_index, 'token': token, } ) return util.RedirectFlash(next_url, 'Contacts added.') elif 'upgrade_auth_token' in request.GET: validate.nonce(request, 'upgrade_auth_token') auth_token = google_contacts.auth_sub_token_from_request(request) session_token = google_contacts.upgrade_to_session_token(auth_token) next_url = util.qsa(util.here(request), {'redirect_to': redirect_to, 'fetch_contacts': '', 'token': session_token.get_token_string(), '_nonce': util.create_nonce(request.user, 'fetch_contacts'), } ) return http.HttpResponseRedirect(next_url) elif 'fetch_contacts' in request.REQUEST: validate.nonce(request, 'fetch_contacts') # start_index and max are gathered above session_token = google_contacts.auth_sub_token_from_request(request) # check for the "My Contacts" group, otherwise, fetch it my_contacts = memcache.client.get('%s/my_contacts' % token) if not my_contacts: my_contacts = google_contacts.get_system_group(session_token, 'Contacts') memcache.client.set('%s/my_contacts' % token, my_contacts) rv, more = google_contacts.get_contacts_emails(session_token, group=my_contacts, index=start_index, max=max) contacts = [] for name, email in rv: logging.info('looking up "%s" %s', name, email) contacts.append(api.actor_lookup_email(request.user, email)) contacts = [x for x in contacts if x] # for the template contacts_found = True contacts_more = more contacts_so_far = contacts_more - 1 token = session_token.get_token_string() contacts_emails = rv # if no contacts were found and more are available, try some more if not contacts and contacts_more: next_url = util.qsa(util.here(request), {'fetch_contacts': '', 'contacts_more': contacts_more, 'index': contacts_more, 'token': token, '_nonce': util.create_nonce(request.user, 'fetch_contacts'), 'redirect_to': redirect_to, } ) # TODO(termie): this can take a really long time, probably not really # viable until we can do it with javascript #return util.MetaRefresh(next_url, message='Still working...', second=1) #return http.HttpResponseRedirect(next_url) except: exception.handle_exception(request) # set the progress welcome_photo = True welcome_mobile = True view = request.user page = 'contacts' area = 'welcome' c = template.RequestContext(request, locals()) t = loader.get_template('join/templates/welcome_%s.html' % page) return http.HttpResponse(t.render(c))
def join_join(request): if request.user: raise exception.AlreadyLoggedInException() redirect_to = request.REQUEST.get('redirect_to', '/') account_types = api.get_config_values(api.ROOT, 'account_type') # get the submitted vars nick = request.REQUEST.get('nick', ''); first_name = request.REQUEST.get('first_name', ''); last_name = request.REQUEST.get('last_name', ''); email = request.REQUEST.get('email', ''); password = request.REQUEST.get('password', ''); confirm = request.REQUEST.get('confirm', ''); hide = request.REQUEST.get('hide', ''); country_tag = request.REQUEST.get('country_tag', '') if request.POST: try: # TODO validate params = util.query_dict_to_keywords(request.POST) if hide: params['privacy'] = 2 # XXX: Check if the data come from a openid account # @author: [email protected] fromopenid = request.POST.get('fromopenid', False) and True if fromopenid: try: person = openidgae.get_current_person(request, http.HttpResponse()) except: raise exception.ServiceError email = person.get_email() if email == params['email']: params['password'] = util.generate_password() else: raise exception.ServiceError # ENDXXX validate.email(email) if not mail.is_allowed_to_send_email_to(email): raise exception.ValidationError("Cannot send email to that address") # TODO start transaction if api.actor_lookup_email(api.ROOT, email): raise exception.ValidationError( 'That email address is already associated with a member.') actor_ref = api.user_create(api.ROOT, **params) actor_ref.access_level = "delete" api.post(actor_ref, nick=actor_ref.nick, message='Joined %s!' % (util.get_metadata('SITE_NAME'))) if fromopenid: api.email_associate(api.ROOT, actor_ref.nick, email) else: # send off email confirmation api.activation_request_email(actor_ref, actor_ref.nick, email) logging.info('setting firsttime_%s from register page' % actor_ref.nick) memcache.client.set('firsttime_%s' % nick, True) # TODO end transaction welcome_url = util.qsa('/', {'redirect_to': redirect_to}) # NOTE: does not provide a flash message response = http.HttpResponseRedirect(welcome_url) user.set_user_cookie(response, actor_ref) return response except: exception.handle_exception(request) # for legal section legal_component = component.include('legal', 'dummy_legal') legal_html = legal_component.embed_join() # for sidebar sidebar_green_top = True area = "join" c = template.RequestContext(request, locals()) t = loader.get_template('join/templates/join.html') return http.HttpResponse(t.render(c))
kwargs['nick'] = api_user.nick rv = method_ref(api_user, **kwargs) if rv is None: raise exception.ApiException(0x00, 'method %s returned None'%(method)) return render_api_response(rv, format, servertime=servertime) except oauth_util.OAuthError, e: exc = exception.ApiException(exception.OAUTH_ERROR, e.message) return render_api_response(exc, format) except exception.ApiException, e: return render_api_response(e, format) except TypeError, e: exc = exception.ApiException(exception.INVALID_ARGUMENTS, str(e)) return render_api_response(exc, format) except: exception.handle_exception(request) return render_api_response(request.errors[0], format) # some error happened return render_api_response(request.errors[0], format) def api_xmlrpc(request): return _XML_RPC_DISPATCHER.dispatch(request) @decorator.debug_only def api_loaddata(request): """ this is a debug and testing api used to fill a test site with initial data from fixtures, it should not be accessible on a non-debug instance """