def home():
""" Displays information about the current user """
user = current_user._get_current_object()
# generate count of meetings with each meeting member
friends = dict()
for meeting in user.meetings:
for member in meeting.members:
if member == current_user._get_current_object():
pass
elif member.name in friends:
friends[member.name] = friends[member.name] + 1
else:
friends[member.name] = 1
# determine best friends
winners = sorted(friends, key=friends.get, reverse=True)
best_friends = dict()
for i in range(0, 3):
best_friends[i] = winners[i], friends[winners[i]]
return jsonify({'Best Friends': best_friends, 'Meeting Count': user.meeting_count})
def connect_handler(cv, provider):
"""Shared method to handle the connection process
:param connection_values: A dictionary containing the connection values
:param provider_id: The provider ID the connection shoudl be made to
"""
cv.setdefault('user_id', current_user.get_id())
connection = _datastore.find_connection(
provider_id=cv['provider_id'], provider_user_id=cv['provider_user_id'])
if connection is None:
after_this_request(_commit)
connection = _datastore.create_connection(**cv)
msg = ('Connection established to %s' % provider.name, 'success')
connection_created.send(current_app._get_current_object(),
user=current_user._get_current_object(),
connection=connection)
else:
msg = ('A connection is already established with %s '
'to your account' % provider.name, 'notice')
connection_failed.send(current_app._get_current_object(),
user=current_user._get_current_object())
next_url = request.form.get('next', get_post_login_redirect())
redirect_url = (next_url or
session.pop(
config_value('POST_OAUTH_CONNECT_SESSION_KEY'),
get_url(config_value('CONNECT_ALLOW_VIEW'))))
do_flash(*msg)
return redirect(redirect_url)
def connect_handler(cv, provider):
"""Shared method to handle the connection process
:param connection_values: A dictionary containing the connection values
:param provider_id: The provider ID the connection shoudl be made to
"""
cv.setdefault('user_id', current_user.get_id())
connection = _datastore.find_connection(
provider_id=cv['provider_id'], provider_user_id=cv['provider_user_id'])
if connection is None:
after_this_request(_commit)
connection = _datastore.create_connection(**cv)
msg = ('Connection established to %s' % provider.name, 'success')
connection_created.send(current_app._get_current_object(),
user=current_user._get_current_object(),
connection=connection)
else:
msg = ('A connection is already established with %s '
'to your account' % provider.name, 'notice')
connection_failed.send(current_app._get_current_object(),
user=current_user._get_current_object())
redirect_url = session.pop(config_value('POST_OAUTH_CONNECT_SESSION_KEY'),
get_url(config_value('CONNECT_ALLOW_VIEW')))
do_flash(*msg)
return redirect(redirect_url)
def write_activity_on_discuss(discussion, **kwargs):
if current_user.is_authenticated:
if isinstance(discussion.subject, Dataset):
write_activity.delay(
UserDiscussedDataset, current_user._get_current_object(),
discussion.subject)
elif isinstance(discussion.subject, Reuse):
write_activity.delay(
UserDiscussedReuse, current_user._get_current_object(),
discussion.subject)
def write_activity_on_discuss(discussion, **kwargs):
if current_user.is_authenticated:
if isinstance(discussion.subject, Dataset):
write_activity.delay(
UserDiscussedDataset, current_user._get_current_object(),
discussion.subject)
elif isinstance(discussion.subject, Reuse):
write_activity.delay(
UserDiscussedReuse, current_user._get_current_object(),
discussion.subject)
def persionalInfo():
form = ChangeImage()
username, src = isCurrentUser()
print(src)
if form.validate_on_submit():
#获取文件名
index = src.rfind('/')
old_filename = src[index + 1:]
#当我们不知道当前路径真正的位置我们可以打印
# print(os.getcwd())
#如果不是初次上传头像先删掉又来头像,find 找不到返回-1,并不是0
print(src.find('avatar'))
if not src.find('avatar'):
os.remove(r'static/img/avatar/' + old_filename)
email = current_user._get_current_object().email
file = form.browse.data
#头像缩放
# im = Image.open(file)
# size = (60, 60)
# im.thumbnail(size)
#头像名字
filenameTemp = secure_filename(file.filename)
#.从右侧出现的第一次位置,没有返回-1。这样做是为了获取头像格式
index = filenameTemp.rfind('.')
imgStyle = filenameTemp[index:]
#去掉邮箱名的.,并加上时间戳,并变成秒,保证头像名字的唯一性
filename = email.replace('.', '') + str(int(
time.time() * 1000)) + imgStyle
icon.save(file, name=filename)
# im.save(os.path.join(community_blue.static_folder, filename))
# 这是为模板文件提供的路径
src = r'../../../static/img/avatar/' + filename
current_user._get_current_object().path = src
db.session.query(User).filter(User.email == email).update(
{User.path: src})
db.session.commit()
return render_template('personalInfo.html',
form=form,
username=username,
src=src)
return render_template('personalInfo.html',
form=form,
username=username,
src=src)
def test_expired_token(self, client, registrations, confirmations, outbox,
templates):
import time
user = self.register()
assert len(registrations) == 1
# Sleep for 1 sec to get the expired token
time.sleep(1)
confirm_token = registrations[0]['confirm_token']
r = client.get(url_for('security.confirm_email', token=confirm_token))
assert r.status_code == 302
# TODO: frontend path is not exists yet
assert r.path == url_for('frontend.resend_confirmation_email')
#assert len(confirmations) == 0
assert len(outbox) == len(templates) == 2
assert templates[0].template.name == 'security/email/welcome.html'
assert templates[
1].template.name == 'security/email/confirmation_instructions.html'
assert templates[1].context.get('confirmation_link')
assert not user.active
assert not user.confirmed_at
assert isinstance(current_user._get_current_object(), AnonymousUser)
def generate_event_selection_form(*args, **kwargs):
# restrict choices to events they have permission to access
if current_user.is_anonymous:
choices = []
else:
user = current_user._get_current_object()
if user.is_admin():
query = Event.query.filter_by(deployment_id=user.deployment_id)
else:
perm_cache = services.users.get_permissions_cache(user)
allowed_event_ids = [
n.value for n in perm_cache
if n.method == 'access_resource' and n.type == 'event'
]
query = Event.query.filter(
Event.resource_id.in_(allowed_event_ids),
Event.deployment_id == user.deployment_id)
choices = [(e.id, e.name) for e in query.with_entities(
Event.id, Event.name).order_by(Event.start.desc())]
class EventSelectionForm(FlaskForm):
event = SelectField(_('Choose Event'),
choices=choices,
coerce=int,
default=g.event.id,
validators=[validators.input_required()])
return EventSelectionForm(*args, **kwargs)
def get_group_by_id(group_id, form=None):
if request.method == 'POST':
return group_filter_form(request.form)
# validate the given id
if len(group_id) != 24 or not all(c in string.hexdigits for c in group_id):
flash('error Invalid Group ID')
return redirect(request.args.get('next') or url_for('groups.home'))
try:
user = current_user._get_current_object()
group = Group.objects.get(id=group_id)
if user not in group.members:
flash('error You Are Not A Member Of This Group.')
return redirect(request.args.get('next') or url_for('groups.home'))
emails = []
for u in group.members:
if u.email != user.email:
emails.append(u.email)
emails = " ".join(emails)
form = MeetingCreateForm()
return render_template('group/group.html', group=group, stats=group_stats(group_id), emails=emails, form=form)
except Exception as e:
flash('error An Error Occured. {}'.format(str(e)))
return redirect(request.args.get('next') or url_for('groups.home'))
def search_groups(query):
""" Displays the Groups that match the query on the Group Dashboard """
if request.method == 'POST':
return filter_form(request.form)
groups = current_user._get_current_object().groups
search = query.split(" ")
# search is too expensive
if len(search) > 20:
flash('error Could not Fulfill Search Request.')
return redirect(request.args.get('next') or url_for('groups.home'))
# get the list of users to search for
users = list(filter(lambda x: "@" in x, search))
# get the other search criteria
search = list(filter(lambda x: "@" not in x, search))
# filter the groups by user
for u in users:
try:
user = User.objects.get(email=u[1:])
groups = list(filter(lambda x: user in x.members, groups))
except Exception as e:
return render_template('group/dashboard.html', groups=[])
# filter the meetings by name
for c in search:
groups = list(filter(lambda x: c.lower() in x.name.lower(), groups))
# reset the page and only show the matched groups
return render_template('group/dashboard.html', groups=groups)
def delete_group(form=None):
""" Deletes an Existing Group """
if form is None:
flash('error Invalid Request to Delete Group.')
return redirect(request.args.get('next') or url_for('groups.home'))
delete_form = GroupDeleteForm(form)
if not delete_form.validate():
flash('error Could not Delete Group, Please Try Again.')
return redirect(request.args.get('next') or url_for('groups.home'))
try:
user = current_user._get_current_object()
group = Group.objects.get(id=delete_form.group_id.data)
members = group.members
admins = group.admins
meetings = group.meetings
# validate that the user is an admin for the group
if user not in admins:
flash('error You do not have permission to delete this group.')
return redirect(request.args.get('next') or
url_for('groups.home'))
# remove the group from each member's list of groups
for member in members:
if group in member.groups:
member.groups.remove(group)
member.save()
# remove the group from each admin's list of groups
for admin in admins:
if group in admin.groups:
admin.groups.remove(group)
admin.save()
# delete all meetings associated with group
for meeting in meetings:
# remove meeting from all member's list of meetings
for member in members:
member.meetings.remove(meeting)
member.save()
# remove meeting from each admin's list of meetings
for admin in admins:
admin.meetings.remove(meeting)
admin.save()
# now delete the entire meeting from the database
meeting.delete()
group.delete()
flash('success Group Successfully Deleted')
except Exception as e:
flash('error An Error has Occured, Please Try Again.'
'{}'.format(str(e)))
return redirect(request.args.get('next') or url_for('groups.home'))
def post_detail(category_slug, post_slug):
category = Category.query.filter(
Category.category_slug == category_slug).first_or_404()
post = Post.query.filter(Post.post_slug == post_slug).first_or_404()
tags = post.tags
images = PostImage.query.filter(PostImage.post_id == post.id)
categories = Category.query.all()
form = CommentForm()
if request.method == "POST":
body = request.form["body"]
author = current_user._get_current_object()
post_id = post.id
comment = Comment(body=body, author=author, post_id=post_id)
db.session.add(comment)
db.session.commit()
flash("Your comment has been published.")
return redirect(
url_for("post_detail",
category_slug=category.category_slug,
post_slug=post.post_slug))
return render_template("post_detail.html",
category=category,
post=post,
tags=tags,
images=images,
categories=categories)
def create_shop():
user = current_user._get_current_object()
if current_user.has_role('Shop'):
return url_for('api.get_shop')
if user.shop_status == u"审核中":
return jsonify({"code": 202, "message": u"审核中,请稍等"})
shop_name = request.json.get("shop_name")
shop_type = request.json.get("shop_type")
link_man = request.json.get("link_man")
phone_number = request.json.get("phone_number")
country = request.json.get("country")
state = request.json.get("state")
city = request.json.get("city")
address = request.json.get("address")
# if phone_number.isdigit() is not True:
# return jsonify(
# {
# "code": 406,
# "message":u"请输入正确手机号"
# }
# )
user.shop_status = u"审核中"
shop = Shop_Info(user, shop_name, shop_type, link_man, phone_number,
country, state, city, address)
user.save()
shop.save()
dict = shop.to_dict(depth=1)
return jsonify({"code": 202, "message": u"等待审核", "data": dict})
def gitlab_token_identity(token):
# TODO: having to do another GET to grab the user info
# is subpar, but the returned JWT lacks the user's email
#
# It seems like validating the JWT token is not
# currently working as the GitLab JWKs endpoint is unstable
# See https://gitlab.com/gitlab-com/support-forum/issues/3666
client = gitlab.Gitlab("http://gitlab.com", oauth_token=token["access_token"])
client.auth()
if client.user.state != "active":
raise OAuthError("This account is not active.")
token_user_email = users.get_user(client.user.email)
token_user_username = users.get_user(client.user.username)
if (
token_user_email
and token_user_username
and token_user_email != token_user_username
):
raise OAuthError(
"This identity is already claimed by another user, please login."
)
else:
token_user = token_user_email or token_user_username
identity = None
try:
identity = (
db.session.query(OAuth)
.options(joinedload(OAuth.user))
.filter_by(provider_id="gitlab", provider_user_id=client.user.id)
.one()
)
except NoResultFound:
identity = OAuth.from_token("gitlab", client.user.id, token)
if current_user.is_authenticated and not isinstance(
current_user._get_current_object(), FreeUser
):
# map the identity to the current_user
identity.user = current_user
db.session.add(identity)
elif not token_user:
# no user has claimed this email yet
# reserve it
token_user = users.create_user(
username=client.user.username, email=client.user.email
)
identity.user = token_user
db.session.add(identity)
elif identity.user == token_user:
# we have a match, a user with this email and identity
# TODO: update the identity if need be
pass
else:
raise OAuthError("This identity is already claimed by another user.")
return identity
def on_user_updated_organization(organization):
if current_user and current_user.is_authenticated:
user = current_user._get_current_object()
write_activity.delay(UserUpdatedOrganization,
user,
organization,
organization=organization)
def communityKouqiang(page=1):
username,src = isCurrentUser()
opera_class_name = '口腔科'
notes, wai_notes = getNotes(page, opera_class_name)
note_form = PostNote()
note_form.opera_class.choices = queryClass()
# 发帖
if note_form.validate_on_submit():
# 说明已经登陆
if username:
title = note_form.title.data
note_class = note_form.opera_class.data # 得到的是OperationClass中的id
note_text = note_form.text_area.data
note_time = datetime.datetime.now()
note = Note(title=title, text=note_text, time=note_time)
note.user_id = current_user._get_current_object().id
note.class_id = note_class
db.session.add(note)
db.session.commit()
return redirect(url_for('communityBlueName.communityKouqiang'))
else:
return redirect(url_for('userBlue.login'))
return render_template('communityOption.html',
username=username,
src=src,
notes=notes,
pagination=wai_notes,
endpoint="communityBlueName.communityKouqiang",
note_form=note_form)
def post(self, dataset):
'''Upload a new community resource'''
infos = self.handle_upload(dataset)
infos['owner'] = current_user._get_current_object()
infos['dataset'] = dataset
community_resource = CommunityResource.objects.create(**infos)
return community_resource, 201
def post(self, dataset):
'''Upload a new community resource'''
args = upload_parser.parse_args()
infos = self.extract_infos_from_args(args, dataset)
infos['owner'] = current_user._get_current_object()
community_resource = CommunityResource.objects.create(**infos)
return community_resource, 201
def participant_list_import(participant_set_id=0):
if participant_set_id:
participant_set = ParticipantSet.query.get_or_404(participant_set_id)
else:
participant_set = g.event.participant_set or abort(404)
form = forms.ParticipantFileUploadForm(request.form)
if not form.validate():
return abort(400)
else:
# get the actual object from the proxy
user = current_user._get_current_object()
upload_file = utils.strip_bom_header(request.files['spreadsheet'])
filename = uploads.save(upload_file)
upload = services.user_uploads.create(deployment_id=g.deployment.id,
upload_filename=filename,
user_id=user.id)
if participant_set_id:
return redirect(
url_for('participantset.participants_headers',
participant_set_id=participant_set.id,
upload_id=upload.id))
else:
return redirect(
url_for('participants.participant_headers', upload_id=upload.id))
def survey_init():
flash_message = ''
flash_category = ''
form = make_survey_init_form(g.event)
if form.validate_on_submit():
flash_category = 'info'
flash_message = _('Surveys are being created for the Event, Form '
'and Participants you selected')
user = current_user._get_current_object()
upload_file = strip_bom_header(request.files['import_file'])
filename = uploads.save(upload_file)
upload = UserUpload(deployment_id=g.deployment.id,
upload_filename=filename,
user_id=user.id)
upload.save()
task_kwargs = {
'event_id': form.data['event'],
'form_id': form.data['form'],
'upload_id': upload.id
}
init_survey_submissions.apply_async(kwargs=task_kwargs)
else:
flash_category = 'danger'
flash_message = _('Surveys were not created')
flash(str(flash_message), flash_category)
return redirect(url_for('formsview.index'))
def remove_connection(provider_id, provider_user_id):
"""Remove a specific connection for the authenticated user to the
specified provider
"""
provider = get_provider_or_404(provider_id)
ctx = dict(provider=provider.name,
user=current_user,
provider_user_id=provider_user_id)
deleted = _datastore.delete_connection(user_id=current_user.get_id(),
provider_id=provider_id,
provider_user_id=provider_user_id)
if deleted:
after_this_request(_commit)
msg = ('Connection to %(provider)s removed' % ctx, 'info')
connection_removed.send(current_app._get_current_object(),
user=current_user._get_current_object(),
provider_id=provider_id)
else:
msg = ('Unabled to remove connection to %(provider)s' % ctx, 'error')
do_flash(*msg)
return redirect(request.referrer or get_post_login_redirect())
def get_user():
usr = current_user._get_current_object()
return json.dumps({
'name': usr.name,
'email': usr.email,
'id': str(usr.id)
})
def on_identity_loaded(sender, identity):
if current_user.is_authenticated:
user = current_user._get_current_object()
needs = services.users.get_permissions_cache(user)
for need in needs:
identity.provides.add(need)
def me(self):
"""
Return current user object.
:return: user
"""
return current_user._get_current_object()
def me(self):
"""
Return current user object.
:return: user
"""
return current_user._get_current_object()
def home():
""" Displays All of the Current User's Groups on the Group Dashboard """
if request.method == 'POST':
return filter_form(request.form)
user = current_user._get_current_object()
return render_template('group/dashboard.html', groups=user.groups)
def test_valid_submit(self, user, api_client, password_resets, outbox,
templates):
send_reset_password_instructions(user)
token = password_resets[0]['token']
r = api_client.post(url_for('security.reset_password', token=token),
data=dict(newPassword='******',
confirmNewPassword='******'))
assert r.status_code == 200
# user should be logged in
assert 'user' in r.json
assert 'token' in r.json
assert current_user == user
assert len(outbox) == len(templates) == 2
# first email is for the valid reset request
assert templates[
0].template.name == 'security/email/reset_instructions.html'
assert templates[0].context.get('reset_link')
# second email is to notify of the changed password
assert templates[1].template.name == 'security/email/reset_notice.html'
# make sure the password got updated in the database
api_client.logout()
assert isinstance(current_user._get_current_object(), AnonymousUser)
api_client.login_with_creds(user.email, 'new password')
assert current_user == user
def get(self):
'''List all issues related to my organizations.'''
q = filter_parser.parse_args().get('q')
issues = issues_for(current_user._get_current_object())
issues = issues.order_by('-created')
if q:
issues = issues.filter(title__icontains=q)
return list(issues)
def get(self):
'''List all issues related to my organizations.'''
q = filter_parser.parse_args().get('q')
issues = issues_for(current_user._get_current_object())
issues = issues.order_by('-created')
if q:
issues = issues.filter(title__icontains=q)
return list(issues)
def write_activity_on_follow(follow, **kwargs):
if current_user.is_authenticated:
if isinstance(follow.following, Dataset):
write_activity.delay(
UserFollowedDataset, current_user._get_current_object(),
follow.following)
elif isinstance(follow.following, Reuse):
write_activity.delay(
UserFollowedReuse, current_user._get_current_object(),
follow.following)
elif isinstance(follow.following, Organization):
write_activity.delay(
UserFollowedOrganization, current_user._get_current_object(),
follow.following)
elif isinstance(follow.following, User):
write_activity.delay(
UserFollowedUser, current_user._get_current_object(),
follow.following)
def get(self):
'''List all discussions related to my organizations.'''
q = filter_parser.parse_args().get('q')
discussions = discussions_for(current_user._get_current_object())
discussions = discussions.order_by('-created')
if q:
decoded = q
discussions = discussions.filter(title__icontains=decoded)
return list(discussions)
def write_activity_on_follow(follow, **kwargs):
if current_user.is_authenticated:
if isinstance(follow.following, Dataset):
write_activity.delay(
UserFollowedDataset, current_user._get_current_object(),
follow.following)
elif isinstance(follow.following, Reuse):
write_activity.delay(
UserFollowedReuse, current_user._get_current_object(),
follow.following)
elif isinstance(follow.following, Organization):
write_activity.delay(
UserFollowedOrganization, current_user._get_current_object(),
follow.following)
elif isinstance(follow.following, User):
write_activity.delay(
UserFollowedUser, current_user._get_current_object(),
follow.following)
def locations_headers(view, location_set_id, upload_id):
user = current_user._get_current_object()
location_set = LocationSet.query.filter(
LocationSet.id == location_set_id).first_or_404()
# disallow processing other users' files
upload = UserUpload.query.filter(
UserUpload.id == upload_id, UserUpload.user == user).first_or_404()
filepath = uploads.path(upload.upload_filename)
try:
with open(filepath, 'rb') as source_file:
mapping_form_class = forms.make_import_mapping_form(
source_file, location_set)
except Exception:
# log exception (if Sentry is enabled)
sentry.captureException()
# delete loaded file
os.remove(filepath)
upload.delete()
return abort(400)
template_name = 'admin/location_headers.html'
if request.method == 'GET':
form = mapping_form_class()
return view.render(template_name, form=form)
else:
form = mapping_form_class()
if not form.validate():
error_msgs = []
for key in form.errors:
for msg in form.errors[key]:
error_msgs.append(msg)
return view.render(
'admin/location_headers_errors.html',
error_msgs=error_msgs), 400
else:
if 'X-Validate' not in request.headers:
# get header mappings
data = {
field.data: field.label.text
for field in form if field.data
}
# invoke task asynchronously
kwargs = {
'upload_id': upload.id,
'mappings': data,
'location_set_id': location_set_id,
'channel': session.get('_id')
}
tasks.import_locations.apply_async(kwargs=kwargs)
return redirect(url_for('locationset.locations_list',
location_set_id=location_set_id))
def delete(self, user):
'''Delete a user given its identifier'''
if user.deleted:
api.abort(410, 'User has already been deleted')
if user == current_user._get_current_object():
api.abort(403, 'You cannot delete yourself with this API. ' +
'Use the "me" API instead.')
user.mark_as_deleted()
return '', 204
def delete(self, user):
'''Delete a user given its identifier'''
if user.deleted:
api.abort(410, 'User has already been deleted')
if user == current_user._get_current_object():
api.abort(403, 'You cannot delete yourself with this API. ' +
'Use the "me" API instead.')
user.mark_as_deleted()
return '', 204
def test_create_confirmable(self, api_client, outbox, templates):
r = api_client.post(url_for('api.users_resource'), data=NEW_USER_DATA)
assert r.status_code == 201, r.json
assert 'user' in r.json
assert 'token' not in r.json
assert isinstance(current_user._get_current_object(), AnonymousUser)
assert len(outbox) == 1
assert templates[0].template.name == 'security/email/welcome.html'
assert templates[0].context.get('confirmation_link')
def post_read():
usr = current_user._get_current_object()
add_fields = list()
if isinstance(usr, AnonymousUser):
c = post.get()
else:
c = post.get(filter_inactive=False)
add_fields.extend(['draft'])
return json_response([i.serialize(add_fields=add_fields) for i in c], 200)
def get(self):
'''List all discussions related to my organizations.'''
q = filter_parser.parse_args().get('q')
discussions = discussions_for(current_user._get_current_object())
discussions = discussions.order_by('-created')
if q:
decoded = q
discussions = discussions.filter(title__icontains=decoded)
return list(discussions)
def put(self, community):
'''Update a given community resource'''
ResourceEditPermission(community).test()
form = api.validate(CommunityResourceForm, community)
form.populate_obj(community)
if not community.organization and not community.owner:
community.owner = current_user._get_current_object()
community.modified = datetime.now()
community.save()
return community
def post_read_instance_by_id(post_id):
usr = current_user._get_current_object()
add_fields = list()
if not isinstance(usr, AnonymousUser):
add_fields.extend(['draft'])
p = post.get_by_id(post_id)
if not p:
return abort(404)
return json_response(p.serialize(add_fields=add_fields), 200)
def post_update_by_id(post_id):
usr = current_user._get_current_object()
data = request.json
pid = data.get('id', None)
if pid is None or pid != post_id:
return abort(400)
p = post.get_by_id(pid)
if not p:
msg = 'Unknown post id: %s' % pid
raise ObjectNotFoundError(msg)
return update(usr, p, data)
def post(self):
'''Create a new community resource'''
form = api.validate(CommunityResourceForm)
resource = CommunityResource()
form.populate_obj(resource)
if not resource.dataset:
api.abort(400, errors={
'dataset': 'A dataset identifier is required'
})
if not resource.organization:
resource.owner = current_user._get_current_object()
resource.modified = datetime.now()
resource.save()
return resource, 201
def post_update_by_slug(post_slug):
usr = current_user._get_current_object()
data = request.json
slug = data.get('id', None)
if slug != post_slug:
abort(400)
p = post.get_by_slug(post_slug)
if not p:
msg = 'Unknown post slug: %s' % slug
raise ObjectNotFoundError(msg)
pid = data.get('id', None)
if pid and p.id != pid:
return abort(400)
return update(usr, p, data)
def post_create():
usr = current_user._get_current_object()
data = request.json
subtitle = data.get('subtitle', None)
format = data.get('format', 'txt')
domain = data.get('domain', app.config.get('DEFAULT_CONTENT_DOMAIN'))
tags = data.get('tags', None)
tags = [t.strip() for t in tags.split(',')] if tags else None
p = post.create(usr,
data.get('slug'),
data.get('title'),
data.get('content'),
format,
subtitle=subtitle,
domain=domain,
tags=tags)
return json_response(p.serialize(), 201)
def post(self, id):
'''Add comment and optionally close a discussion given its ID'''
discussion = Discussion.objects.get_or_404(id=id)
form = api.validate(DiscussionCommentForm)
message = Message(
content=form.comment.data,
posted_by=current_user.id
)
discussion.discussion.append(message)
close = form.close.data
if close:
CloseDiscussionPermission(discussion).test()
discussion.closed_by = current_user._get_current_object()
discussion.closed = datetime.now()
discussion.save()
if close:
on_discussion_closed.send(discussion, message=message)
else:
on_new_discussion_comment.send(discussion, message=message)
return discussion
def post(self, id):
'''Add comment and optionally close an issue given its ID'''
issue = Issue.objects.get_or_404(id=id)
form = api.validate(IssueCommentForm)
message = Message(
content=form.comment.data,
posted_by=current_user.id
)
issue.discussion.append(message)
close = form.close.data
if close:
CloseIssuePermission(issue).test()
issue.closed_by = current_user._get_current_object()
issue.closed = datetime.now()
issue.save()
if close:
on_issue_closed.send(issue, message=message)
else:
on_new_issue_comment.send(issue, message=message)
return issue
def remove_all_connections(provider_id):
"""Remove all connections for the authenticated user to the
specified provider
"""
provider = get_provider_or_404(provider_id)
ctx = dict(provider=provider.name, user=current_user)
deleted = _datastore.delete_connections(user_id=current_user.get_id(),
provider_id=provider_id)
if deleted:
after_this_request(_commit)
msg = ('All connections to %s removed' % provider.name, 'info')
connection_removed.send(current_app._get_current_object(),
user=current_user._get_current_object(),
provider_id=provider_id)
else:
msg = ('Unable to remove connection to %(provider)s' % ctx, 'error')
do_flash(*msg)
return redirect(request.referrer)
def delete(self, **kwargs):
'''Delete my profile'''
user = current_user._get_current_object()
user.mark_as_deleted()
logout_user()
return '', 204
def on_user_updated_organization(organization):
if current_user and current_user.is_authenticated:
user = current_user._get_current_object()
write_activity.delay(
UserUpdatedOrganization, user, organization,
organization=organization)
def is_own(self):
if current_user.is_authenticated():
return self.user == current_user._get_current_object()
return False
#updated_at = db.Column(db.DateTime, onupdate=datetime.datetime.now)
def get(self):
'''Fetch the current user (me) identity'''
return current_user._get_current_object()
def get(self):
'''Fetch the current user (me) metrics'''
return current_user._get_current_object()
def post(self, dataset):
'''Upload a new community resource'''
infos = self.handle_upload(dataset)
infos['owner'] = current_user._get_current_object()
community_resource = CommunityResource.objects.create(**infos)
return community_resource, 201
def put(self, **kwargs):
'''Update my profile'''
user = current_user._get_current_object()
form = api.validate(UserProfileForm, user)
return form.save()
