def put(self):
"""Handles PUT requests."""
if user_services.has_fully_registered(self.user_id):
site_language_code = self.payload.get('site_language_code')
user_services.update_preferred_site_language_code(
self.user_id, site_language_code)
self.render_json({})
def get(self):
"""Handles GET requests."""
self.values.update({
'nav_mode':
feconf.NAV_MODE_GALLERY,
'allow_yaml_file_upload':
ALLOW_YAML_FILE_UPLOAD.value,
'gallery_login_redirect_url':
(current_user_services.create_login_url(
feconf.GALLERY_CREATE_MODE_URL)),
'has_fully_registered':
bool(
self.user_id
and user_services.has_fully_registered(self.user_id)),
'SPLASH_PAGE_YOUTUBE_VIDEO_ID':
SPLASH_PAGE_YOUTUBE_VIDEO_ID.value,
'CAROUSEL_SLIDES_CONFIG':
CAROUSEL_SLIDES_CONFIG.value,
'LANGUAGE_CODES_AND_NAMES': [{
'code':
lc['code'],
'name':
utils.get_short_language_description(lc['description']),
} for lc in feconf.ALL_LANGUAGE_CODES],
})
self.render_template('galleries/gallery.html')
def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user()
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
self.username = None
self.has_seen_editor_tutorial = False
self.partially_logged_in = False
self.values['profile_picture_data_url'] = None
self.preferred_site_language_code = None
if self.user_id:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.get_or_create_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if (self.REDIRECT_UNFINISHED_SIGNUPS and not
user_services.has_fully_registered(self.user_id)):
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.preferred_site_language_code = (
user_settings.preferred_site_language_code)
self.values['username'] = self.username
self.values['profile_picture_data_url'] = (
user_settings.profile_picture_data_url)
if user_settings.last_started_state_editor_tutorial:
self.has_seen_editor_tutorial = True
# In order to avoid too many datastore writes, we do not bother
# recording a log-in if the current time is sufficiently close
# to the last log-in time.
if (user_settings.last_logged_in is None or
not utils.are_datetimes_close(
datetime.datetime.utcnow(),
user_settings.last_logged_in)):
user_services.record_user_logged_in(self.user_id)
self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
self.is_admin = rights_manager.Actor(self.user_id).is_admin()
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def post(self):
"""Handles POST requests."""
username = self.payload.get("username")
agreed_to_terms = self.payload.get("agreed_to_terms")
can_receive_email_updates = self.payload.get("can_receive_email_updates")
has_ever_registered = user_services.has_ever_registered(self.user_id)
has_fully_registered = user_services.has_fully_registered(self.user_id)
if has_fully_registered:
self.render_json({})
return
if not isinstance(agreed_to_terms, bool) or not agreed_to_terms:
raise self.InvalidInputException(
"In order to edit explorations on this site, you will " "need to accept the license terms."
)
else:
user_services.record_agreement_to_terms(self.user_id)
if not user_services.get_username(self.user_id):
try:
user_services.set_username(self.user_id, username)
except utils.ValidationError as e:
raise self.InvalidInputException(e)
if can_receive_email_updates is not None:
user_services.update_email_preferences(self.user_id, can_receive_email_updates)
# Note that an email is only sent when the user registers for the first
# time.
if feconf.CAN_SEND_EMAILS_TO_USERS and not has_ever_registered:
email_manager.send_post_signup_email(self.user_id)
self.render_json({})
def test_registered_as_editor(self, **kwargs):
"""Check that the user has registered as an editor."""
if (not self.user_id
or self.username in config_domain.BANNED_USERNAMES.value
or not user_services.has_fully_registered(self.user_id)):
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
return handler(self, **kwargs)
def test_registered_as_editor(self, **kwargs):
"""Check that the user has registered as an editor."""
if (not self.user_id
or self.username in config_domain.BANNED_USERNAMES.value
or not user_services.has_fully_registered(self.user_id)):
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
return handler(self, **kwargs)
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
user_settings = user_services.get_user_settings(self.user_id)
default_dashboard = user_settings.default_dashboard
if default_dashboard == constants.DASHBOARD_TYPE_CREATOR:
self.redirect(feconf.CREATOR_DASHBOARD_URL)
else:
self.redirect(feconf.LEARNER_DASHBOARD_URL)
else:
self.redirect(feconf.SPLASH_URL)
def get(self):
"""Handles GET requests."""
self.values.update({
'meta_description': (feconf.LIBRARY_GROUP_PAGE_DESCRIPTION),
'has_fully_registered':
bool(self.user_id
and user_services.has_fully_registered(self.user_id)),
})
self.render_template('library-page.mainpage.html')
def get(self):
"""Handles GET requests."""
return_url = self.request.get('return_url', self.request.uri)
# Validating return_url for no external redirections.
if re.match('^/[^//]', return_url) is None:
return_url = '/'
if user_services.has_fully_registered(self.user_id):
self.redirect(return_url)
return
self.render_template('signup-page.mainpage.html')
def get(self):
"""Handles GET requests."""
search_mode = 'search' in self.request.url
self.values.update({
'meta_description': (feconf.SEARCH_PAGE_DESCRIPTION if search_mode
else feconf.LIBRARY_PAGE_DESCRIPTION),
'has_fully_registered':
bool(self.user_id
and user_services.has_fully_registered(self.user_id)),
})
self.render_template('pages/library/library.html')
def get(self):
"""Handles GET requests."""
self.values.update({
'nav_mode': feconf.NAV_MODE_LIBRARY,
'has_fully_registered': bool(
self.user_id and
user_services.has_fully_registered(self.user_id)),
'LANGUAGE_CODES_AND_NAMES': (
utils.get_all_language_codes_and_names()),
'SEARCH_DROPDOWN_CATEGORIES': feconf.SEARCH_DROPDOWN_CATEGORIES,
})
self.render_template('library/library.html')
def get(self):
"""Handles GET requests."""
return_url = str(self.request.get("return_url", self.request.uri))
if user_services.has_fully_registered(self.user_id):
self.redirect(return_url)
return
self.values.update(
{"nav_mode": feconf.NAV_MODE_SIGNUP, "CAN_SEND_EMAILS_TO_USERS": feconf.CAN_SEND_EMAILS_TO_USERS}
)
self.render_template("profile/signup.html")
def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user()
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
self.username = None
self.has_seen_editor_tutorial = False
self.partially_logged_in = False
self.values['profile_picture_data_url'] = None
self.preferred_site_language_code = None
if self.user_id:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.get_or_create_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if (self.REDIRECT_UNFINISHED_SIGNUPS
and not user_services.has_fully_registered(self.user_id)):
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.preferred_site_language_code = (
user_settings.preferred_site_language_code)
self.values['username'] = self.username
self.values['profile_picture_data_url'] = (
user_settings.profile_picture_data_url)
if user_settings.last_started_state_editor_tutorial:
self.has_seen_editor_tutorial = True
self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
self.is_admin = rights_manager.Actor(self.user_id).is_admin()
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def get(self):
"""Handles GET requests."""
return_url = str(self.request.get('return_url', self.request.uri))
if user_services.has_fully_registered(self.user_id):
self.redirect(return_url)
return
self.values.update({
'meta_description': feconf.SIGNUP_PAGE_DESCRIPTION,
'CAN_SEND_EMAILS': feconf.CAN_SEND_EMAILS,
})
self.render_template('pages/signup/signup.html')
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'nav_mode': feconf.NAV_MODE_HOME,
})
self.render_template(
'dashboard/my_explorations.html', redirect_url_on_logout='/')
else:
self.redirect(utils.set_url_query_parameter(
feconf.SIGNUP_URL, 'return_url', '/my_explorations'))
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'nav_mode': feconf.NAV_MODE_HOME,
})
self.render_template(
'dashboard/my_explorations.html', redirect_url_on_logout='/')
else:
self.redirect(utils.set_url_query_parameter(
feconf.SIGNUP_URL, 'return_url', '/my_explorations'))
def get(self):
"""Handles GET requests."""
return_url = str(self.request.get('return_url', self.request.uri))
if user_services.has_fully_registered(self.user_id):
self.redirect(return_url)
return
self.values.update({
'nav_mode': feconf.NAV_MODE_SIGNUP,
'CAN_SEND_EMAILS_TO_USERS': feconf.CAN_SEND_EMAILS_TO_USERS,
})
self.render_template('profile/signup.html')
def get(self):
"""Handles GET requests."""
self.values.update({
'nav_mode':
feconf.NAV_MODE_LIBRARY,
'has_fully_registered':
bool(self.user_id
and user_services.has_fully_registered(self.user_id)),
'LANGUAGE_CODES_AND_NAMES':
(utils.get_all_language_codes_and_names()),
'SEARCH_DROPDOWN_CATEGORIES':
feconf.SEARCH_DROPDOWN_CATEGORIES,
})
self.render_template('library/library.html')
def get(self):
"""Handles GET requests."""
return_url = str(self.request.get('return_url', self.request.uri))
if user_services.has_fully_registered(self.user_id):
self.redirect(return_url)
return
self.values.update({
'meta_description': feconf.SIGNUP_PAGE_DESCRIPTION,
'nav_mode': feconf.NAV_MODE_SIGNUP,
'CAN_SEND_EMAILS': feconf.CAN_SEND_EMAILS,
})
self.render_template('pages/signup/signup.html')
def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user()
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
self.username = None
self.has_seen_editor_tutorial = False
self.partially_logged_in = False
self.values['profile_picture_data_url'] = None
if self.user_id:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.get_or_create_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if (self.REDIRECT_UNFINISHED_SIGNUPS and not
user_services.has_fully_registered(self.user_id)):
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.values['username'] = self.username
self.values['profile_picture_data_url'] = (
user_settings.profile_picture_data_url)
if user_settings.last_started_state_editor_tutorial:
self.has_seen_editor_tutorial = True
self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
self.is_admin = rights_manager.Actor(self.user_id).is_admin()
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'meta_description': feconf.DASHBOARD_PAGE_DESCRIPTION,
'nav_mode': feconf.NAV_MODE_DASHBOARD,
})
self.render_template('dashboard/notifications_dashboard.html',
redirect_url_on_logout='/')
else:
self.redirect(
utils.set_url_query_parameter(feconf.SIGNUP_URL, 'return_url',
'/notifications_dashboard'))
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'meta_description': feconf.DASHBOARD_PAGE_DESCRIPTION,
'nav_mode': feconf.NAV_MODE_DASHBOARD,
})
self.render_template(
'pages/notifications_dashboard/notifications_dashboard.html',
redirect_url_on_logout='/')
else:
self.redirect(utils.set_url_query_parameter(
feconf.SIGNUP_URL, 'return_url', '/notifications_dashboard'))
def get(self):
"""Handles GET requests."""
return_url = str(self.request.get('return_url', self.request.uri))
# Validating return_url for no external redirections.
if re.match('^/[^//]', return_url) is None:
return_url = '/'
if user_services.has_fully_registered(self.user_id):
self.redirect(return_url)
return
self.values.update({
'meta_description': feconf.SIGNUP_PAGE_DESCRIPTION,
'CAN_SEND_EMAILS': feconf.CAN_SEND_EMAILS,
})
self.render_template('pages/signup/signup.html')
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
user_contributions = user_services.get_user_contributions(
self.user_id)
# 'Creator' is a user who has created or edited an exploration.
user_is_creator = (
len(user_contributions.created_exploration_ids) > 0 or
len(user_contributions.edited_exploration_ids) > 0)
if user_is_creator:
self.redirect(feconf.DASHBOARD_URL)
else:
self.redirect(feconf.LIBRARY_INDEX_URL)
else:
self.redirect(feconf.SPLASH_URL)
def post(self):
"""Handles POST requests."""
username = self.payload.get('username')
agreed_to_terms = self.payload.get('agreed_to_terms')
default_dashboard = self.payload.get('default_dashboard')
can_receive_email_updates = self.payload.get(
'can_receive_email_updates')
has_ever_registered = user_services.has_ever_registered(self.user_id)
has_fully_registered = user_services.has_fully_registered(self.user_id)
if has_fully_registered:
self.render_json({})
return
if not isinstance(agreed_to_terms, bool) or not agreed_to_terms:
raise self.InvalidInputException(
'In order to edit explorations on this site, you will '
'need to accept the license terms.')
else:
user_services.record_agreement_to_terms(self.user_id)
if not user_services.get_username(self.user_id):
try:
user_services.set_username(self.user_id, username)
except utils.ValidationError as e:
raise self.InvalidInputException(e)
if can_receive_email_updates is not None:
user_services.update_email_preferences(
self.user_id, can_receive_email_updates,
feconf.DEFAULT_EDITOR_ROLE_EMAIL_PREFERENCE,
feconf.DEFAULT_FEEDBACK_MESSAGE_EMAIL_PREFERENCE,
feconf.DEFAULT_SUBSCRIPTION_EMAIL_PREFERENCE)
# Note that an email is only sent when the user registers for the first
# time.
if feconf.CAN_SEND_EMAILS and not has_ever_registered:
email_manager.send_post_signup_email(self.user_id)
user_services.generate_initial_profile_picture(self.user_id)
if not has_ever_registered:
# Set the default dashboard for new users.
user_services.update_user_default_dashboard(
self.user_id, default_dashboard)
self.render_json({})
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
user_contributions = user_services.get_user_contributions(
self.user_id)
# 'Creator' is a user who has created or edited an exploration.
user_is_creator = (
user_contributions is not None and
(len(user_contributions.created_exploration_ids) > 0 or
len(user_contributions.edited_exploration_ids) > 0))
if user_is_creator:
self.redirect(feconf.DASHBOARD_URL)
else:
self.redirect(feconf.LIBRARY_INDEX_URL)
else:
self.redirect(feconf.SPLASH_URL)
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'nav_mode': feconf.NAV_MODE_DASHBOARD,
'allow_yaml_file_upload': feconf.ALLOW_YAML_FILE_UPLOAD,
'DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD': (
DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD.value)
})
self.render_template(
'pages/dashboard/dashboard.html', redirect_url_on_logout='/')
else:
self.redirect(utils.set_url_query_parameter(
feconf.SIGNUP_URL, 'return_url', feconf.DASHBOARD_URL))
def get(self):
"""Handles GET requests."""
self.values.update({
'meta_description': (feconf.LIBRARY_GROUP_PAGE_DESCRIPTION),
'has_fully_registered':
bool(self.user_id
and user_services.has_fully_registered(self.user_id)),
'LANGUAGE_CODES_AND_NAMES':
(utils.get_all_language_codes_and_names()),
'page_mode':
feconf.LIBRARY_PAGE_MODE_GROUP,
'SEARCH_DROPDOWN_CATEGORIES':
feconf.SEARCH_DROPDOWN_CATEGORIES,
})
self.render_template('pages/library/library.html')
def get(self):
"""Handles GET requests."""
self.values.update({
'nav_mode':
feconf.NAV_MODE_GALLERY,
'allow_yaml_file_upload':
ALLOW_YAML_FILE_UPLOAD.value,
'has_fully_registered':
bool(self.user_id
and user_services.has_fully_registered(self.user_id)),
'SPLASH_PAGE_YOUTUBE_VIDEO_ID':
SPLASH_PAGE_YOUTUBE_VIDEO_ID.value,
'CAROUSEL_SLIDES_CONFIG':
CAROUSEL_SLIDES_CONFIG.value,
'LANGUAGE_CODES_AND_NAMES':
(utils.get_all_language_codes_and_names()),
})
self.render_template('galleries/gallery.html')
def get(self):
"""Handles GET requests."""
search_mode = 'search' in self.request.url
self.values.update({
'meta_description': (
feconf.SEARCH_PAGE_DESCRIPTION if search_mode
else feconf.LIBRARY_PAGE_DESCRIPTION),
'nav_mode': feconf.NAV_MODE_LIBRARY,
'has_fully_registered': bool(
self.user_id and
user_services.has_fully_registered(self.user_id)),
'LANGUAGE_CODES_AND_NAMES': (
utils.get_all_language_codes_and_names()),
'search_mode': search_mode,
'SEARCH_DROPDOWN_CATEGORIES': feconf.SEARCH_DROPDOWN_CATEGORIES,
})
self.render_template('library/library.html')
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'nav_mode': feconf.NAV_MODE_HOME,
'can_create_collections': (
self.username in
config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value
),
'allow_yaml_file_upload': ALLOW_YAML_FILE_UPLOAD.value,
})
self.render_template(
'dashboard/my_explorations.html', redirect_url_on_logout='/')
else:
self.redirect(utils.set_url_query_parameter(
feconf.SIGNUP_URL, 'return_url', '/my_explorations'))
def get(self):
if self.username in config_domain.BANNED_USERNAMES.value:
raise self.UnauthorizedUserException(
'You do not have the credentials to access this page.')
elif user_services.has_fully_registered(self.user_id):
self.values.update({
'nav_mode':
feconf.NAV_MODE_DASHBOARD,
'allow_yaml_file_upload':
feconf.ALLOW_YAML_FILE_UPLOAD,
'DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD':
(DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD.value)
})
self.render_template('pages/dashboard/dashboard.html',
redirect_url_on_logout='/')
else:
self.redirect(
utils.set_url_query_parameter(feconf.SIGNUP_URL, 'return_url',
feconf.DASHBOARD_URL))
def post(self):
"""Handles POST requests."""
username = self.payload.get('username')
agreed_to_terms = self.payload.get('agreed_to_terms')
can_receive_email_updates = self.payload.get(
'can_receive_email_updates')
has_ever_registered = user_services.has_ever_registered(self.user_id)
has_fully_registered = user_services.has_fully_registered(self.user_id)
if has_fully_registered:
self.render_json({})
return
if not isinstance(agreed_to_terms, bool) or not agreed_to_terms:
raise self.InvalidInputException(
'In order to edit explorations on this site, you will '
'need to accept the license terms.')
else:
user_services.record_agreement_to_terms(self.user_id)
if not user_services.get_username(self.user_id):
try:
user_services.set_username(self.user_id, username)
except utils.ValidationError as e:
raise self.InvalidInputException(e)
if can_receive_email_updates is not None:
user_services.update_email_preferences(
self.user_id, can_receive_email_updates,
feconf.DEFAULT_EDITOR_ROLE_EMAIL_PREFERENCE,
feconf.DEFAULT_FEEDBACK_MESSAGE_EMAIL_PREFERENCE,
feconf.DEFAULT_SUBSCRIPTION_EMAIL_PREFERENCE)
# Note that an email is only sent when the user registers for the first
# time.
if feconf.CAN_SEND_EMAILS and not has_ever_registered:
email_manager.send_post_signup_email(self.user_id)
user_services.generate_initial_profile_picture(self.user_id)
self.render_json({})
def get(self):
"""Handles GET requests."""
self.values.update({
'nav_mode': feconf.NAV_MODE_GALLERY,
'allow_yaml_file_upload': ALLOW_YAML_FILE_UPLOAD.value,
'gallery_login_redirect_url': (
current_user_services.create_login_url(
feconf.GALLERY_CREATE_MODE_URL)),
'has_fully_registered': bool(
self.user_id and
user_services.has_fully_registered(self.user_id)),
'SPLASH_PAGE_YOUTUBE_VIDEO_ID': SPLASH_PAGE_YOUTUBE_VIDEO_ID.value,
'CAROUSEL_SLIDES_CONFIG': CAROUSEL_SLIDES_CONFIG.value,
'LANGUAGE_CODES_AND_NAMES': [{
'code': lc['code'],
'name': utils.get_short_language_description(
lc['description']),
} for lc in feconf.ALL_LANGUAGE_CODES],
})
self.render_template('galleries/gallery.html')
def get(self):
"""Handles GET requests."""
search_mode = 'search' in self.request.url
if search_mode:
page_mode = feconf.LIBRARY_PAGE_MODE_SEARCH
else:
page_mode = feconf.LIBRARY_PAGE_MODE_INDEX
self.values.update({
'meta_description': (
feconf.SEARCH_PAGE_DESCRIPTION if search_mode
else feconf.LIBRARY_PAGE_DESCRIPTION),
'nav_mode': feconf.NAV_MODE_LIBRARY,
'has_fully_registered': bool(
self.user_id and
user_services.has_fully_registered(self.user_id)),
'LANGUAGE_CODES_AND_NAMES': (
utils.get_all_language_codes_and_names()),
'page_mode': page_mode,
'SEARCH_DROPDOWN_CATEGORIES': feconf.SEARCH_DROPDOWN_CATEGORIES,
})
self.render_template('pages/library/library.html')
def post(self):
"""Handles POST requests."""
username = self.payload.get('username')
agreed_to_terms = self.payload.get('agreed_to_terms')
can_receive_email_updates = self.payload.get(
'can_receive_email_updates')
has_ever_registered = user_services.has_ever_registered(self.user_id)
has_fully_registered = user_services.has_fully_registered(self.user_id)
if has_fully_registered:
self.render_json({})
return
if not isinstance(agreed_to_terms, bool) or not agreed_to_terms:
raise self.InvalidInputException(
'In order to edit explorations on this site, you will '
'need to accept the license terms.')
else:
user_services.record_agreement_to_terms(self.user_id)
if not user_services.get_username(self.user_id):
try:
user_services.set_username(self.user_id, username)
except utils.ValidationError as e:
raise self.InvalidInputException(e)
if can_receive_email_updates is not None:
user_services.update_email_preferences(self.user_id,
can_receive_email_updates)
# Note that an email is only sent when the user registers for the first
# time.
if feconf.CAN_SEND_EMAILS_TO_USERS and not has_ever_registered:
email_manager.send_post_signup_email(self.user_id)
self.render_json({})
def render_template(
self, filename, iframe_restriction='DENY',
redirect_url_on_logout=None):
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'ALL_CATEGORIES': feconf.ALL_CATEGORIES,
'ALL_LANGUAGE_CODES': feconf.ALL_LANGUAGE_CODES,
'ASSET_DIR_PREFIX': utils.get_asset_dir_prefix(),
'BEFORE_END_HEAD_TAG_HOOK': jinja2.utils.Markup(
BEFORE_END_HEAD_TAG_HOOK.value),
'CAN_SEND_ANALYTICS_EVENTS': feconf.CAN_SEND_ANALYTICS_EVENTS,
'CATEGORIES_TO_COLORS': feconf.CATEGORIES_TO_COLORS,
'DEFAULT_LANGUAGE_CODE': feconf.ALL_LANGUAGE_CODES[0]['code'],
'DEFAULT_CATEGORY_ICON': feconf.DEFAULT_THUMBNAIL_ICON,
'DEFAULT_COLOR': feconf.DEFAULT_COLOR,
'DEV_MODE': feconf.DEV_MODE,
'MINIFICATION': feconf.IS_MINIFIED,
'DOMAIN_URL': '%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE': (
rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (
rights_manager.ACTIVITY_STATUS_PUBLIC),
'ACTIVITY_STATUS_PUBLICIZED': (
rights_manager.ACTIVITY_STATUS_PUBLICIZED),
# The 'path' variable starts with a forward slash.
'FULL_URL': '%s://%s%s' % (scheme, netloc, path),
'INVALID_NAME_CHARS': feconf.INVALID_NAME_CHARS,
'RTE_COMPONENT_SPECS': (
rte_component_registry.Registry.get_all_specs()),
'SITE_FEEDBACK_FORM_URL': feconf.SITE_FEEDBACK_FORM_URL,
'SITE_NAME': feconf.SITE_NAME,
'SUPPORTED_SITE_LANGUAGES': feconf.SUPPORTED_SITE_LANGUAGES,
'SYSTEM_USERNAMES': feconf.SYSTEM_USERNAMES,
'TEMPLATE_DIR_PREFIX': utils.get_template_dir_prefix(),
'can_create_collections': (
self.username and self.username in
config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value
),
'username': self.username,
'user_is_logged_in': user_services.has_fully_registered(
self.user_id),
'preferred_site_language_code': self.preferred_site_language_code
})
if feconf.ENABLE_PROMO_BAR:
promo_bar_enabled = config_domain.PROMO_BAR_ENABLED.value
promo_bar_message = config_domain.PROMO_BAR_MESSAGE.value
else:
promo_bar_enabled = False
promo_bar_message = ''
values.update({
'promo_bar_enabled': promo_bar_enabled,
'promo_bar_message': promo_bar_message,
})
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
# nav_mode is used as part of the GLOBALS object in the frontend, but
# not every backend handler declares a nav_mode. Thus, the following
# code is a failsafe to ensure that the nav_mode key is added to all
# page requests.
if 'nav_mode' not in values:
values['nav_mode'] = ''
if redirect_url_on_logout is None:
redirect_url_on_logout = self.request.uri
if self.user_id:
values['login_url'] = None
values['logout_url'] = (
current_user_services.create_logout_url(
redirect_url_on_logout))
else:
target_url = (
'/' if self.request.uri.endswith(feconf.SPLASH_URL)
else self.request.uri)
values['login_url'] = (
current_user_services.create_login_url(target_url))
values['logout_url'] = None
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception(
'Invalid X-Frame-Options: %s' % iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(
self.jinja2_env.get_template(filename).render(**values))
def render_template(
self, filename, values=None, iframe_restriction='DENY',
redirect_url_on_logout=None):
if values is None:
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'ALL_LANGUAGE_CODES': feconf.ALL_LANGUAGE_CODES,
'BEFORE_END_HEAD_TAG_HOOK': jinja2.utils.Markup(
BEFORE_END_HEAD_TAG_HOOK.value),
'BEFORE_END_BODY_TAG_HOOK': jinja2.utils.Markup(
BEFORE_END_BODY_TAG_HOOK.value),
'CAN_SEND_ANALYTICS_EVENTS': feconf.CAN_SEND_ANALYTICS_EVENTS,
'DEFAULT_LANGUAGE_CODE': feconf.ALL_LANGUAGE_CODES[0]['code'],
'DEV_MODE': feconf.DEV_MODE,
'DOMAIN_URL': '%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE': (
rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (
rights_manager.ACTIVITY_STATUS_PUBLIC),
'ACTIVITY_STATUS_PUBLICIZED': (
rights_manager.ACTIVITY_STATUS_PUBLICIZED),
'FULL_URL': '%s://%s/%s' % (scheme, netloc, path),
'INVALID_NAME_CHARS': feconf.INVALID_NAME_CHARS,
# TODO(sll): Consider including the obj_editor html directly as
# part of the base HTML template?
'OBJECT_EDITORS_JS': jinja2.utils.Markup(
obj_services.get_all_object_editor_js_templates()),
'RTE_COMPONENT_SPECS': (
rte_component_registry.Registry.get_all_specs()),
'SHOW_CUSTOM_PAGES': feconf.SHOW_CUSTOM_PAGES,
'SIDEBAR_MENU_ADDITIONAL_LINKS': (
SIDEBAR_MENU_ADDITIONAL_LINKS.value),
'SITE_FEEDBACK_FORM_URL': SITE_FEEDBACK_FORM_URL.value,
'SITE_NAME': SITE_NAME.value,
'SOCIAL_MEDIA_BUTTONS': SOCIAL_MEDIA_BUTTONS.value,
'SYSTEM_USERNAMES': feconf.SYSTEM_USERNAMES,
'user_is_logged_in': user_services.has_fully_registered(
self.user_id),
})
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
if redirect_url_on_logout is None:
redirect_url_on_logout = self.request.uri
if self.user_id:
values['logout_url'] = (
current_user_services.create_logout_url(
redirect_url_on_logout))
else:
values['login_url'] = (
current_user_services.create_login_url(self.request.uri))
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK and self.PAGE_NAME_FOR_CSRF:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id, self.PAGE_NAME_FOR_CSRF)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception(
'Invalid X-Frame-Options: %s' % iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(self.jinja2_env.get_template(
filename).render(**values))
# Calculate the processing time of this request.
duration = datetime.datetime.utcnow() - self.start_time
processing_time = duration.seconds + duration.microseconds / 1E6
counters.HTML_RESPONSE_TIME_SECS.inc(increment=processing_time)
counters.HTML_RESPONSE_COUNT.inc()
def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user()
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
self.username = None
self.has_seen_editor_tutorial = False
self.partially_logged_in = False
self.values['profile_picture_data_url'] = None
self.preferred_site_language_code = None
if self.user_id:
user_settings = user_services.get_user_settings(
self.user_id, strict=False)
if user_settings is None:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.create_new_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if (self.REDIRECT_UNFINISHED_SIGNUPS and not
user_services.has_fully_registered(self.user_id)):
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.preferred_site_language_code = (
user_settings.preferred_site_language_code)
self.values['username'] = self.username
self.values['profile_picture_data_url'] = (
user_settings.profile_picture_data_url)
if user_settings.last_started_state_editor_tutorial:
self.has_seen_editor_tutorial = True
# In order to avoid too many datastore writes, we do not bother
# recording a log-in if the current time is sufficiently close
# to the last log-in time.
if (user_settings.last_logged_in is None or
not utils.are_datetimes_close(
datetime.datetime.utcnow(),
user_settings.last_logged_in)):
user_services.record_user_logged_in(self.user_id)
rights_mgr_user = rights_manager.Actor(self.user_id)
self.is_moderator = rights_mgr_user.is_moderator()
self.is_admin = rights_mgr_user.is_admin()
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
self.redirect(feconf.MY_EXPLORATIONS_URL)
else:
self.redirect(feconf.GALLERY_URL)
def render_template(
self, filename, values=None, iframe_restriction='DENY',
redirect_url_on_logout=None):
if values is None:
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'ALL_CATEGORIES': feconf.ALL_CATEGORIES,
'ALL_LANGUAGE_CODES': feconf.ALL_LANGUAGE_CODES,
'ASSET_DIR_PREFIX': utils.get_asset_dir_prefix(),
'BEFORE_END_HEAD_TAG_HOOK': jinja2.utils.Markup(
BEFORE_END_HEAD_TAG_HOOK.value),
'CAN_SEND_ANALYTICS_EVENTS': feconf.CAN_SEND_ANALYTICS_EVENTS,
'DEFAULT_LANGUAGE_CODE': feconf.ALL_LANGUAGE_CODES[0]['code'],
'DEV_MODE': feconf.DEV_MODE,
'MINIFICATION': feconf.IS_MINIFIED,
'DOMAIN_URL': '%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE': (
rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (
rights_manager.ACTIVITY_STATUS_PUBLIC),
'ACTIVITY_STATUS_PUBLICIZED': (
rights_manager.ACTIVITY_STATUS_PUBLICIZED),
# The 'path' variable starts with a forward slash.
'FULL_URL': '%s://%s%s' % (scheme, netloc, path),
'INVALID_NAME_CHARS': feconf.INVALID_NAME_CHARS,
'RTE_COMPONENT_SPECS': (
rte_component_registry.Registry.get_all_specs()),
'SITE_FEEDBACK_FORM_URL': SITE_FEEDBACK_FORM_URL.value,
'SITE_NAME': SITE_NAME.value,
'SUPPORTED_SITE_LANGUAGES': feconf.SUPPORTED_SITE_LANGUAGES,
'SYSTEM_USERNAMES': feconf.SYSTEM_USERNAMES,
'TEMPLATE_DIR_PREFIX': utils.get_template_dir_prefix(),
'can_create_collections': (
self.username and self.username in
config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value
),
'user_is_logged_in': user_services.has_fully_registered(
self.user_id),
'preferred_site_language_code': self.preferred_site_language_code
})
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
if redirect_url_on_logout is None:
redirect_url_on_logout = self.request.uri
if self.user_id:
values['logout_url'] = (
current_user_services.create_logout_url(
redirect_url_on_logout))
else:
target_url = (
'/' if self.request.uri.endswith(feconf.SPLASH_URL)
else self.request.uri)
values['login_url'] = (
current_user_services.create_login_url(target_url))
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception(
'Invalid X-Frame-Options: %s' % iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(self.jinja2_env.get_template(
filename).render(**values))
# Calculate the processing time of this request.
duration = datetime.datetime.utcnow() - self.start_time
processing_time = duration.seconds + duration.microseconds / 1E6
counters.HTML_RESPONSE_TIME_SECS.inc(increment=processing_time)
counters.HTML_RESPONSE_COUNT.inc()
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
self.redirect(feconf.DASHBOARD_URL)
else:
self.redirect(feconf.SPLASH_URL)
def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
self.iframed = False
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
if feconf.ENABLE_MAINTENANCE_MODE and not self.is_super_admin:
return
self.gae_id = current_user_services.get_current_gae_id()
self.user_id = None
self.username = None
self.partially_logged_in = False
self.user_is_scheduled_for_deletion = False
if self.gae_id:
user_settings = user_services.get_user_settings_by_gae_id(
self.gae_id, strict=False)
if user_settings is None:
email = current_user_services.get_current_user_email()
user_settings = user_services.create_new_user(
self.gae_id, email)
self.values['user_email'] = user_settings.email
self.user_id = user_settings.user_id
if user_settings.deleted:
self.user_is_scheduled_for_deletion = user_settings.deleted
elif (self.REDIRECT_UNFINISHED_SIGNUPS and not
user_services.has_fully_registered(user_settings.user_id)):
self.partially_logged_in = True
else:
self.username = user_settings.username
self.values['username'] = self.username
# In order to avoid too many datastore writes, we do not bother
# recording a log-in if the current time is sufficiently close
# to the last log-in time.
if (user_settings.last_logged_in is None or
not utils.are_datetimes_close(
datetime.datetime.utcnow(),
user_settings.last_logged_in)):
user_services.record_user_logged_in(self.user_id)
self.role = (
feconf.ROLE_ID_GUEST
if self.user_id is None else user_settings.role)
self.user = user_services.UserActionsInfo(self.user_id)
self.values['is_moderator'] = user_services.is_at_least_moderator(
self.user_id)
self.values['is_admin'] = user_services.is_admin(self.user_id)
self.values['is_topic_manager'] = (
user_services.is_topic_manager(self.user_id))
self.values['is_super_admin'] = self.is_super_admin
def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user_id = current_user_services.get_current_user_id()
self.username = None
self.has_seen_editor_tutorial = False
self.has_seen_translation_tutorial = False
self.partially_logged_in = False
if self.user_id:
user_settings = user_services.get_user_settings(self.user_id,
strict=False)
if user_settings is None:
email = current_user_services.get_current_user_email()
user_settings = user_services.create_new_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if (self.REDIRECT_UNFINISHED_SIGNUPS
and not user_services.has_fully_registered(self.user_id)):
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.values['username'] = self.username
if user_settings.last_started_state_editor_tutorial:
self.has_seen_editor_tutorial = True
if user_settings.last_started_state_translation_tutorial:
self.has_seen_translation_tutorial = True
# In order to avoid too many datastore writes, we do not bother
# recording a log-in if the current time is sufficiently close
# to the last log-in time.
if (user_settings.last_logged_in is None
or not utils.are_datetimes_close(
datetime.datetime.utcnow(),
user_settings.last_logged_in)):
user_services.record_user_logged_in(self.user_id)
self.role = (feconf.ROLE_ID_GUEST
if self.user_id is None else user_settings.role)
self.user = user_services.UserActionsInfo(self.user_id)
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
self.values['additional_angular_modules'] = []
self.values['iframed'] = False
self.values['is_moderator'] = user_services.is_at_least_moderator(
self.user_id)
self.values['is_admin'] = user_services.is_admin(self.user_id)
self.values['is_topic_manager'] = (user_services.is_topic_manager(
self.user_id))
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def render_template(self, filepath, iframe_restriction='DENY'):
"""Prepares an HTML response to be sent to the client.
Args:
filepath: str. The template filepath.
iframe_restriction: str or None. Possible values are
'DENY' and 'SAMEORIGIN':
DENY: Strictly prevents the template to load in an iframe.
SAMEORIGIN: The template can only be displayed in a frame
on the same origin as the page itself.
"""
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'BEFORE_END_HEAD_TAG_HOOK':
jinja2.utils.Markup(BEFORE_END_HEAD_TAG_HOOK.value),
'DEV_MODE':
constants.DEV_MODE,
'DOMAIN_URL':
'%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE':
(rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (rights_manager.ACTIVITY_STATUS_PUBLIC),
'GCS_RESOURCE_BUCKET_NAME':
(app_identity_services.get_gcs_resource_bucket_name()),
# The 'path' variable starts with a forward slash.
'FULL_URL':
'%s://%s%s' % (scheme, netloc, path),
'user_is_logged_in':
user_services.has_fully_registered(self.user_id)
})
if 'status_code' not in values:
values['status_code'] = 200
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
self.response.headers['X-Xss-Protection'] = '1; mode=block'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception('Invalid X-Frame-Options: %s' %
iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(
self.jinja2_env.get_template(filepath).render(**values))
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
self.redirect(feconf.MY_EXPLORATIONS_URL)
else:
self.redirect(feconf.GALLERY_URL)
def render_template(self,
filepath,
iframe_restriction='DENY',
redirect_url_on_logout=None):
"""Prepares an HTML response to be sent to the client.
Args:
filepath: str. The template filepath.
iframe_restriction: str or None. Possible values are
'DENY' and 'SAMEORIGIN':
DENY: Strictly prevents the template to load in an iframe.
SAMEORIGIN: The template can only be displayed in a frame
on the same origin as the page itself.
redirect_url_on_logout: str or None. URL to redirect to on logout.
"""
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'BEFORE_END_HEAD_TAG_HOOK':
jinja2.utils.Markup(BEFORE_END_HEAD_TAG_HOOK.value),
'DEV_MODE':
constants.DEV_MODE,
'DOMAIN_URL':
'%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE':
(rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (rights_manager.ACTIVITY_STATUS_PUBLIC),
'GCS_RESOURCE_BUCKET_NAME':
(app_identity_services.get_gcs_resource_bucket_name()),
# The 'path' variable starts with a forward slash.
'FULL_URL':
'%s://%s%s' % (scheme, netloc, path),
'SITE_FEEDBACK_FORM_URL':
feconf.SITE_FEEDBACK_FORM_URL,
'can_create_collections':
bool(role_services.ACTION_CREATE_COLLECTION in self.user.actions),
'username':
self.username,
'user_is_logged_in':
user_services.has_fully_registered(self.user_id),
'preferred_site_language_code':
self.preferred_site_language_code,
'allow_yaml_file_upload':
feconf.ALLOW_YAML_FILE_UPLOAD
})
if feconf.ENABLE_PROMO_BAR:
promo_bar_enabled = config_domain.PROMO_BAR_ENABLED.value
promo_bar_message = config_domain.PROMO_BAR_MESSAGE.value
else:
promo_bar_enabled = False
promo_bar_message = ''
values.update({
'promo_bar_enabled': promo_bar_enabled,
'promo_bar_message': promo_bar_message,
})
if 'status_code' not in values:
values['status_code'] = 200
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
# nav_mode is used as part of the GLOBALS object in the frontend, but
# not every backend handler declares a nav_mode. Thus, the following
# code is a failsafe to ensure that the nav_mode key is added to all
# page requests.
if 'nav_mode' not in values:
values['nav_mode'] = ''
if redirect_url_on_logout is None:
redirect_url_on_logout = self.request.uri
if self.user_id:
values['login_url'] = None
values['logout_url'] = self._get_logout_url(redirect_url_on_logout)
else:
target_url = ('/' if self.request.uri.endswith(feconf.SPLASH_URL)
else self.request.uri)
values['login_url'] = (
current_user_services.create_login_url(target_url))
values['logout_url'] = None
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
self.response.headers['X-Xss-Protection'] = '1; mode=block'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception('Invalid X-Frame-Options: %s' %
iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(
self.jinja2_env.get_template(filepath).render(**values))
def render_template(self,
filename,
values=None,
iframe_restriction='DENY',
redirect_url_on_logout=None):
if values is None:
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'ALL_CATEGORIES':
feconf.ALL_CATEGORIES,
'ALL_LANGUAGE_CODES':
feconf.ALL_LANGUAGE_CODES,
'BEFORE_END_HEAD_TAG_HOOK':
jinja2.utils.Markup(BEFORE_END_HEAD_TAG_HOOK.value),
'BEFORE_END_BODY_TAG_HOOK':
jinja2.utils.Markup(BEFORE_END_BODY_TAG_HOOK.value),
'CAN_SEND_ANALYTICS_EVENTS':
feconf.CAN_SEND_ANALYTICS_EVENTS,
'DEFAULT_LANGUAGE_CODE':
feconf.ALL_LANGUAGE_CODES[0]['code'],
'DEV_MODE':
feconf.DEV_MODE,
'DOMAIN_URL':
'%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE':
(rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (rights_manager.ACTIVITY_STATUS_PUBLIC),
'ACTIVITY_STATUS_PUBLICIZED':
(rights_manager.ACTIVITY_STATUS_PUBLICIZED),
'FULL_URL':
'%s://%s/%s' % (scheme, netloc, path),
'INVALID_NAME_CHARS':
feconf.INVALID_NAME_CHARS,
# TODO(sll): Consider including the obj_editor html directly as
# part of the base HTML template?
'OBJECT_EDITORS_JS':
jinja2.utils.Markup(
obj_services.get_all_object_editor_js_templates()),
'RTE_COMPONENT_SPECS':
(rte_component_registry.Registry.get_all_specs()),
'SHOW_CUSTOM_PAGES':
feconf.SHOW_CUSTOM_PAGES,
'SIDEBAR_MENU_ADDITIONAL_LINKS':
(SIDEBAR_MENU_ADDITIONAL_LINKS.value),
'SITE_FEEDBACK_FORM_URL':
SITE_FEEDBACK_FORM_URL.value,
'SITE_NAME':
SITE_NAME.value,
'SOCIAL_MEDIA_BUTTONS':
SOCIAL_MEDIA_BUTTONS.value,
'SYSTEM_USERNAMES':
feconf.SYSTEM_USERNAMES,
'user_is_logged_in':
user_services.has_fully_registered(self.user_id),
})
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
if redirect_url_on_logout is None:
redirect_url_on_logout = self.request.uri
if self.user_id:
values['logout_url'] = (current_user_services.create_logout_url(
redirect_url_on_logout))
else:
values['login_url'] = (current_user_services.create_login_url(
self.request.uri))
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK and self.PAGE_NAME_FOR_CSRF:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id, self.PAGE_NAME_FOR_CSRF)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception('Invalid X-Frame-Options: %s' %
iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(
self.jinja2_env.get_template(filename).render(**values))
# Calculate the processing time of this request.
duration = datetime.datetime.utcnow() - self.start_time
processing_time = duration.seconds + duration.microseconds / 1E6
counters.HTML_RESPONSE_TIME_SECS.inc(increment=processing_time)
counters.HTML_RESPONSE_COUNT.inc()
def get(self):
if self.user_id and user_services.has_fully_registered(self.user_id):
self.redirect(feconf.DASHBOARD_URL)
else:
self.redirect(feconf.SPLASH_URL)
def render_template(self,
filename,
iframe_restriction='DENY',
redirect_url_on_logout=None):
values = self.values
scheme, netloc, path, _, _ = urlparse.urlsplit(self.request.uri)
values.update({
'ALL_CATEGORIES':
feconf.ALL_CATEGORIES,
'ALL_LANGUAGE_CODES':
feconf.ALL_LANGUAGE_CODES,
'ASSET_DIR_PREFIX':
utils.get_asset_dir_prefix(),
'BEFORE_END_HEAD_TAG_HOOK':
jinja2.utils.Markup(BEFORE_END_HEAD_TAG_HOOK.value),
'CAN_SEND_ANALYTICS_EVENTS':
feconf.CAN_SEND_ANALYTICS_EVENTS,
'DEFAULT_LANGUAGE_CODE':
feconf.ALL_LANGUAGE_CODES[0]['code'],
'DEV_MODE':
feconf.DEV_MODE,
'MINIFICATION':
feconf.IS_MINIFIED,
'DOMAIN_URL':
'%s://%s' % (scheme, netloc),
'ACTIVITY_STATUS_PRIVATE':
(rights_manager.ACTIVITY_STATUS_PRIVATE),
'ACTIVITY_STATUS_PUBLIC': (rights_manager.ACTIVITY_STATUS_PUBLIC),
'ACTIVITY_STATUS_PUBLICIZED':
(rights_manager.ACTIVITY_STATUS_PUBLICIZED),
# The 'path' variable starts with a forward slash.
'FULL_URL':
'%s://%s%s' % (scheme, netloc, path),
'INVALID_NAME_CHARS':
feconf.INVALID_NAME_CHARS,
'RTE_COMPONENT_SPECS':
(rte_component_registry.Registry.get_all_specs()),
'SITE_FEEDBACK_FORM_URL':
SITE_FEEDBACK_FORM_URL.value,
'SITE_NAME':
SITE_NAME.value,
'SUPPORTED_SITE_LANGUAGES':
feconf.SUPPORTED_SITE_LANGUAGES,
'SYSTEM_USERNAMES':
feconf.SYSTEM_USERNAMES,
'TEMPLATE_DIR_PREFIX':
utils.get_template_dir_prefix(),
'can_create_collections':
(self.username and self.username
in config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value),
'user_is_logged_in':
user_services.has_fully_registered(self.user_id),
'preferred_site_language_code':
self.preferred_site_language_code
})
if 'meta_name' not in values:
values['meta_name'] = 'Personalized Online Learning from Oppia'
if 'meta_description' not in values:
values['meta_description'] = (
'Oppia is a free, open-source learning platform. Join the '
'community to create or try an exploration today!')
# nav_mode is used as part of the GLOBALS object in the frontend, but
# not every backend handler declares a nav_mode. Thus, the following
# code is a failsafe to ensure that the nav_mode key is added to all
# page requests.
if 'nav_mode' not in values:
values['nav_mode'] = ''
if redirect_url_on_logout is None:
redirect_url_on_logout = self.request.uri
if self.user_id:
values['logout_url'] = (current_user_services.create_logout_url(
redirect_url_on_logout))
else:
target_url = ('/' if self.request.uri.endswith(feconf.SPLASH_URL)
else self.request.uri)
values['login_url'] = (
current_user_services.create_login_url(target_url))
# Create a new csrf token for inclusion in HTML responses. This assumes
# that tokens generated in one handler will be sent back to a handler
# with the same page name.
values['csrf_token'] = ''
if self.REQUIRE_PAYLOAD_CSRF_CHECK:
values['csrf_token'] = CsrfTokenManager.create_csrf_token(
self.user_id)
self.response.cache_control.no_cache = True
self.response.cache_control.must_revalidate = True
self.response.headers['Strict-Transport-Security'] = (
'max-age=31536000; includeSubDomains')
self.response.headers['X-Content-Type-Options'] = 'nosniff'
if iframe_restriction is not None:
if iframe_restriction in ['SAMEORIGIN', 'DENY']:
self.response.headers['X-Frame-Options'] = iframe_restriction
else:
raise Exception('Invalid X-Frame-Options: %s' %
iframe_restriction)
self.response.expires = 'Mon, 01 Jan 1990 00:00:00 GMT'
self.response.pragma = 'no-cache'
self.response.write(
self.jinja2_env.get_template(filename).render(**values))
