def category_edit(user_id=None): if user_id == None: user_id = current_user.str_id id = request.argget.all('id') ntype = request.argget.all('type') name = request.argget.all('name') s1, v = ver_name(name, "class_name") s2, r2 = arg_verify(reqargs=[ (gettext("name"), name), ], required=True, max_len=int(get_config("category", "CATEGORY_MAX_LEN"))) if not s1: data = {"msg": v, "msg_type": "w", "http_status": 422} elif not s2: data = r2 elif mdb_web.db.category.find_one({ "_id": { "$ne": ObjectId(id) }, "type": ntype, "user_id": user_id, "name": name }): data = { "msg": gettext("Name already exists"), "msg_type": "w", "http_status": 403 } else: r = mdb_web.db.category.update_one( { "_id": ObjectId(id), "user_id": user_id }, {"$set": { "name": name }}) if r.modified_count: update_media_category_name(id, name) data = { "msg": gettext("Modify the success"), "msg_type": "s", "http_status": 201 } else: data = { "msg": gettext("No modification"), "msg_type": "w", "http_status": 400 } return data
def category_add(user_id=None): if user_id == None: user_id = current_user.str_id ntype = request.argget.all('type') name = request.argget.all('name', '') s, r = arg_verify([(gettext("category type"), ntype)], only=get_config("category", "CATEGORY_TYPE").values()) if not s: return r s1, v = ver_name(name, "class_name") s2, r2 = arg_verify(reqargs=[ (gettext("name"), name), ], required=True, max_len=int(get_config("category", "CATEGORY_MAX_LEN"))) if not s1: data = {"msg": v, "msg_type": "w", "http_status": 422} elif not s2: data = r2 elif mdb_web.db.category.find_one({ "type": ntype, "user_id": user_id, "name": name }): data = { "msg": gettext("Name already exists"), "msg_type": "w", "http_status": 403 } else: mdb_web.db.category.insert_one({ "type": ntype, "user_id": user_id, "name": name }) data = { "msg": gettext("Add a success"), "msg_type": "s", "http_status": 201 } return data
def user_basic_edit(): ''' 用户基础设置编辑 :return: ''' username = request.argget.all('username') custom_domain = request.argget.all('custom_domain', '') editor = request.argget.all('editor') # username s, r = arg_verify(reqargs=[(gettext("username"), username)], required=True) if not s: return r r, s = ver_name(username, "username") if not r: data = {'msg': s, 'msg_type': "e", "http_status": 422} return data update_data = {} # custom_domain if mdb_user.db.user.find_one({ "_id": current_user.id, "custom_domain": -1 }) and custom_domain.strip(): r, s = ver_user_domainhacks(custom_domain) if r: update_data["custom_domain"] = custom_domain else: data = {'msg': s, 'msg_type': "e", "http_status": 422} return data update_data["username"] = username # editor if editor and editor in ['rich_text', 'markdown']: update_data["editor"] = editor else: data = { 'msg': gettext("The editor saves failure"), 'msg_type': "e", "http_status": 400 } return data update_data["update_time"] = time.time() # 是否被使用 if mdb_user.db.user.find_one({ "_id": { "$ne": current_user.id }, "username": username }): data = { 'msg': gettext("Name has been used"), 'msg_type': "w", "http_status": 403 } elif "custom_domain" in update_data.keys() \ and mdb_user.db.user.find_one({"_id":{"$ne":current_user.id}, "custom_domain":custom_domain}): data = { 'msg': gettext("Domain has been used"), 'msg_type': "w", "http_status": 403 } elif "custom_domain" in update_data.keys() and mdb_user.db.user.find_one({ "_id": current_user.id, "custom_domain": { "$ne": -1 } }): data = { 'msg': gettext("Personality custom domain cannot be modified"), 'msg_type': "w", "http_status": 400 } else: r = mdb_user.db.user.update_one({"_id": current_user.id}, {"$set": update_data}) if not r.modified_count: data = { 'msg': gettext("No changes"), 'msg_type': "w", "http_status": 201 } else: delete_user_info_cache(user_id=current_user.str_id) data = { 'msg': gettext("Update success"), 'msg_type': "s", "http_status": 201 } return data
def post_issue(): id = request.argget.all('id') title = request.argget.all('title', "").strip() content = request.argget.all('content', "") content_text = request.argget.all('content_text', "") editor = request.argget.all('editor') category = request.argget.all('category') tags = json_to_pyseq(request.argget.all('tags', [])) issue_way = request.argget.all('issue_way', 'issue') cover_url = request.argget.all('cover_url') # 标签处理验证 tag_max_num = get_config("post", "TAG_MAX_NUM") if len(tags) > tag_max_num: data = { "msg": gettext("Up to {} tags are used").format(tag_max_num), "msg_type": "w", "http_status": 403 } return data tags = list(set(tags)) for tag in tags: s, r = arg_verify(reqargs=[(gettext("tag"), tag)], max_len=get_config("post", "TAG_MAX_LEN")) if not s: return r s, v = ver_name(tag, "class_name") if not s: data = {"msg": v, "msg_type": "w", "http_status": 422} return data # 分类验证 try: ObjectId(category) except: category = None # Title 处理 s, r = arg_verify(reqargs=[(gettext("title"), title.strip())], max_len=get_config("post", "TITLE_MAX_LEN"), required=True) if not s: return r # content s, r = arg_verify(reqargs=[(gettext("content"), content.strip()), ("editor", editor)], required=True) if not s: return r text_l = len(content_text) if text_l > get_config("post", "BRIEF_LEN"): brief_content = content_text[0:get_config("post", "BRIEF_LEN")] else: brief_content = content_text s, r = arg_verify(reqargs=[(gettext("content"), content_text)], max_len=int(get_config("post", "MAX_LEN"))) if not s: data = r else: if issue_way == "issue": issue_way = 1 else: issue_way = 0 # 获取已上传的文章图片 old_imgs = [] if id: # 文章更新 post = mdb_web.db.post.find_one({ "_id": ObjectId(id), "user_id": current_user.str_id }) if post["issue_time"]: # 有发布时间,则发布时间不改变 issue_time = post["issue_time"] elif issue_way: # 第一次发布 issue_time = time.time() else: # 不发布 issue_time = 0 old_imgs = post["imgs"] elif issue_way: # 发布时间 issue_time = time.time() else: # 不发布就不需要发布时间 issue_time = 0 # 获取文章中使用的图片 # 如果是markdown if editor == "markdown": srcs = richtext_extract_img(richtext=markdown.markdown(content)) else: srcs = richtext_extract_img(richtext=content) imgs = clean_tempfile(user_id=current_user.str_id, type="image", old_file=old_imgs, keey_file=srcs) if not cover_url and len(imgs) > 0: cover_url = imgs[0] if issue_way: r = content_inspection_text("{} {}".format(title, content)) audit_score = r["score"] audit_label = r["label"] if r["label"] == "detection_off" or ("suggestion" in r and r["suggestion"] == "review"): # 未开启审核或无法自动鉴别, 等待人工审核 audited = 0 audit_way = "artificial" elif r["label"] == "no_plugin": # 没有检查插件 audited = 0 audit_way = "artificial" else: audit_label = r["label"] audited = 1 audit_way = "auto" else: # 草稿 audit_label = None audited = audit_score = 0 audit_way = "auto" post = { "title": title.strip(), "content": content.strip(), "brief_content": brief_content, "category": category, "tags": tags, "issued": issue_way, "issue_time": issue_time, "update_time": time.time(), "audited": audited, "audit_score": audit_score, "audit_user_id": None, "audit_way": audit_way, "audit_label": audit_label, "word_num": text_l, "is_delete": 0, "imgs": imgs, "like_user_id": [], "cover_url": cover_url } if id: mdb_web.db.post.update_one( { "_id": ObjectId(id), "user_id": current_user.str_id }, {"$set": post}, upsert=True) else: post["comment_num"] = 0 post["like"] = 0 post["user_id"] = current_user.str_id post["editor"] = editor r = mdb_web.db.post.insert_one(post) id = r.inserted_id # 如果已审核, 并且分数高于最高检查违规分, 给用户通知 if audited and issue_way and audit_score >= get_config( "content_inspection", "ALLEGED_ILLEGAL_SCORE"): insert_user_msg( user_id=post["user_id"], ctype="notice", label="audit_failure", title=gettext("[Label:{}]Post allegedly violated").format( audit_label), content={"text": post["brief_content"]}, target_id=str(id), target_type="post") if issue_way: data = { "msg": gettext("Issue success"), "msg_type": "s", "http_status": 201 } else: data = { "msg": gettext("Save success"), "msg_type": "s", "http_status": 201 } return data
def p_sign_up(username, password, password2, code, email=None, mobile_phone_number=None): ''' 普通用户注册函数 :return: ''' data = {} if current_user.is_authenticated: data['msg'] = gettext("Is logged in") data["msg_type"] = "s" data["http_status"] = 201 data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # 用户名格式验证 s1, r1 = ver_name(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg':r1, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"username": username}): # 是否存在用户名 data = {'msg': gettext("Name has been used"), 'msg_type': "w", "http_status": 403} elif not s2: data = {'msg': r2, 'msg_type': "e", "http_status": 400} return data elif password2 != password: # 检验两次密码 data = {'msg': gettext("The two passwords don't match"), 'msg_type': "e", "http_status": 400} if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg':r, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"email": email}): # 邮箱是否注册过 data = {'msg': gettext("This email has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, email=email) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "http_status": 422} elif mdb_user.db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = {'msg': gettext("This number has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, tel_number=True) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data if not data: # 用户基本信息 role_id = mdb_user.db.role.find_one({"default":{"$in":[True, 1]}})["_id"] user = user_model(username=username, email=email, mphone_num = mobile_phone_number, password=password, custom_domain=-1, role_id=role_id, active=True) r = mdb_user.db.user.insert_one(user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = "Welcome to register <b>{}</b>.<br><a>{}</a> registered the account successfully.".format( get_config("site_config", "APP_NAME"), email ) data = {"title": subject, "body": body, "other_info": gettext("End"), } html = get_email_html(data) send_email(subject=subject, recipients=[email], html_msg=html) elif mobile_phone_number: # 发送短信 content = "[{}] Successful registration account.".format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = {'msg':gettext('Registered successfully'), 'to_url':'/sign-in', 'msg_type':'s',"http_status":201} else: data = {'msg': gettext('Data saved incorrectly, please try again'), 'msg_type': 'e', "http_status": 201} return data return data
def comment_issue(): if not get_config("comment", "OPEN_COMMENT"): data = {"msg": gettext("Comment feature is not open"), "msg_type": "w", "http_status": 401} return data target_id = request.argget.all('target_id') # 目标ID指的是什么事件的评论 target_type = request.argget.all('target_type', "post") content = request.argget.all('content') reply_id = request.argget.all('reply_id') # 回复哪条评论 reply_user_id = request.argget.all('reply_user_id') # 回复的评论的用户ID reply_username = request.argget.all('reply_username') # 回复的评论的用户名 s, r = arg_verify(reqargs=[(gettext("comment"), content)], min_len=1, max_len=int(get_config("comment", "MAX_LEN"))) if not s: return r s, r = arg_verify(reqargs=[("target_id", target_id), ("target_type", target_type)],required=True) if not s: return r if reply_id: s, r = arg_verify(reqargs=[("reply_user_id", reply_user_id),("reply_username", reply_username)], required=True) if not s: return r if mdb_web.db.comment.find({"user_id": current_user.str_id, "issue_time": {"$gt": time.time() - int(get_config("comment", "INTERVAL"))}}).count( True) >= int(get_config("comment", "NUM_OF_INTERVAL")): data = {"msg": gettext("You comment too often and come back later"), "msg_type": "e", "http_status":400} return data target = None if target_type == "post": target = mdb_web.db.post.find_one({"_id": ObjectId(target_id), "issued": {"$in": [1, True]}}) if not target: data = {"msg": gettext("Articles do not exist or have not been published"), "msg_type": "w", "http_status": 400} return data target_user_id = str(target["user_id"]) target_brief_info = target["title"] if not target: data = {"msg": gettext("Your comment goal does not exist"), "msg_type": "w", "http_status":400} return data if current_user.is_authenticated: user_id = current_user.str_id username = current_user.username email = None elif get_config("comment","TRAVELER_COMMENT"): user_id = None username = request.argget.all('username') email = request.argget.all('email') # 用户名格式验证 r, s = ver_name(username) if not r: data= {'msg': s, 'msg_type': "e", "http_status":422} return data # 邮箱格式验证 r, s = email_format_ver(email) if not r: data= {'msg': s, 'msg_type': "e", "http_status":422} return data else: data = {"msg":gettext("Guest reviews feature is not open, please login account comments"), "msg_type":"w", "http_status":401} return data issue_time = time.time() # 自动审核内容 r = content_inspection_text(content) audit_score = r["score"] audit_label = r["label"] if r["label"] == "detection_off" or ("suggestion" in r and r["suggestion"] == "review"): # 未开启审核或无法自动鉴别, 等待人工审核 audited = 0 audit_way = "artificial" elif r["label"] == "no_plugin": # 没有检查插件 audited = 0 audit_way = "artificial" else: audit_label = r["label"] audited = 1 audit_way = "auto" comment = { "target_id": str(target_id), "target_user_id": target_user_id, "target_brief_info": target_brief_info, "type": target_type, "user_id": user_id, "username": username, "email": email, "content": content, "issued": 1, "audited": audited, "audit_score": audit_score, "audit_label":audit_label, "audit_way":audit_way, "audit_user_id": None, "issue_time": issue_time, "word_num": len(content), "is_delete": 0, "like_user_id": [], "like": 0 } if reply_id: comment["reply_id"] = reply_id comment["reply_user_id"] = reply_user_id comment["reply_username"] = reply_username r = mdb_web.db.comment.insert_one(comment) # 如果已审核, 并且违规分数高于正常 if audited and audit_score >= get_config("content_inspection", "ALLEGED_ILLEGAL_SCORE"): # 通知评论不通过 msg_content = {"text": content} insert_user_msg(user_id=user_id, ctype="notice", label="audit_failure", title=gettext("[Label:{}]Comment on alleged violations").format(audit_label), content=msg_content, target_id=str(r.inserted_id), target_type="comment") elif audit_score < get_config("content_inspection", "ALLEGED_ILLEGAL_SCORE"): # 更新文章中的评论数目 if target_type == "post": mdb_web.db.post.update_one({"_id": ObjectId(target_id)}, {"$inc": {"comment_num": 1}}) # 评论正常才通知被评论用户 user_ids = [target_user_id] if reply_id: user_ids.append(reply_user_id) user_ids = list(set(user_ids)) if user_id in user_ids: user_ids.remove(user_id) msg_content = { "id":str(r.inserted_id), "reply_id":reply_id, "reply_user_id":reply_user_id, "reply_username":reply_username, "user_id": user_id, "username": username, "text": content} insert_user_msg(user_id=user_ids, ctype="notice", label="comment", title=target_brief_info, content=msg_content, target_id=target_id, target_type=target_type) data = {"msg": gettext("Successful reviews"), "msg_type": "s", "http_status":201} return data