def create_submission(self, user=None, url=None, title=None, description=None): if not user: user = users.create_user(username='******', password='******') if not url: url = 'http://google.com' if not title: title = 'test' if not description: description = 'test' submission = Submission(title, description, url, user.id) self.dbsession.add(submission) self.dbsession.flush() return submission
def test_domain_parse(self): title = 'test' description = 'test' #@TODO: we should make this accept a fake user id in test mode at least # so that we don't have huge cascading failures if create_user is broken user = queries.create_user(username='******', password='******') sub = Submission(title, description, 'http://google.com', user.id) self.assertEqual('google.com', sub.get_domain_name()) sub = Submission(title, description, 'http://googlewww.com', user.id) self.assertEqual('googlewww.com', sub.get_domain_name()) sub = Submission(title, description, 'https://google.com', user.id) self.assertEqual('google.com', sub.get_domain_name())
def post(request): s = request.session p = request.session["safe_post"] r = request qs = s["safe_get"] s["message"] = "Post a story." dbsession = DBSession() stories = None new_url_text = "" new_title_text = "" # if uses came in with a share button, redirect to existing discussion if there is one if "from" in qs and qs["from"] == "button": existing_post = queries.get_story_by_url_oldest(qs["url"]) if existing_post: return HTTPFound(r.route_url("full", sub_id=existing_post.id)) new_url_text = qs["url"] if "title" in qs: new_title_text = qs["title"] if "new_post" in qs and qs["new_post"] == "y": if "logged_in" not in s: s["message"] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format( r.route_url("login") ) return {"stories": [], "success": False, "code": "ENOLOGIN"} if p and "title" in p: if "logged_in" not in s: s["message"] = "Sorry, please log in first" return {"stories": [], "success": False, "code": "ENOLOGIN"} if p["url"] != "" and p["url"] is not None: p["url"] = queries.strip_all_html(p["url"]) if not re.match(r"http[s]*:\/\/", p["url"]): p["url"] = "http://" + p["url"] else: # set to None so that NULL goes into the database p["url"] = None sub = Submission(p["title"][:100], p["description"], p["url"], s["users.id"]) dbsession.add(sub) dbsession.flush() v = Vote(sub.id, s["users.id"], 1, "submission", None) v.direction = 1 dbsession.add(v) sub.slug = u"{title}-{uuid_first_octet}".format( title=slugify.slugify(unicode(p["title"][:100])), uuid_first_octet=str(sub.id)[:8] ) dbsession.add(sub) s["message"] = "Added." try: if request.registry.solr_conn: # we flush here to ensure we have a vaild id object when added to solr # we use this if statement so that the exception will be raised before # dbsession is flushed, hence avoiding an unnecessary flush if the site # is not using solr. dbsession.flush() request.registry.solr_conn.add({"id": sub.id, "title": sub.title, "description": sub.description}) request.registry.solr_conn.commit() except AttributeError: # solr is not configured for this connection pass if r.params and "op" in r.params: sub_id = r.params["sub_id"] if r.params["op"] == "del": try: story_to_del = queries.get_story_by_id(sub_id) except sqlalchemy.orm.exc.NoResultFound: story_to_del = None if story_to_del: if queries.is_user_allowed_admin_action(s["users.id"], str(story_to_del.id)): story_to_del.description = "[deleted]" story_to_del.url = "#" story_to_del.title = "[deleted]" story_to_del.deleted = True dbsession.add(story_to_del) dbsession.flush() else: print("Illegal deletion attempted on {0}".format(story_to_del.submitter.id)) if "sort.default_order" in r.registry.settings: sort = r.registry.settings["sort.default_order"] else: # default to new sort order if server-specific setting doesn't exist # this should only be the case on old clones; do NOT remove default_order # from the ini just because you want new by default. sort = "new" page_num = 1 per_page = 30 next_page = None prev_page = None # only pass through approved sort options if "sort" in qs: if qs["sort"] == "top": sort = "top" if qs["sort"] == "hot": sort = "hot" if qs["sort"] == "contro": sort = "contro" if qs["sort"] == "new": sort = "new" if "page_num" in qs: try: page_num = int(qs["page_num"]) except: page_num = 1 # @FIXME: make per_page configurable in a safe location # it is probably unwise to allow this to be set in the query string # because then a malicious user could say per_page = 10000000000 # and easily launch a DoS via that mechanism. # if 'per_page' in qs: # per_page = qs['per_page'] stories = queries.get_story_list(page_num=page_num, per_page=per_page, sort=sort, request=request) max_stories = stories["max_stories"] stories = stories["stories"] # this should be split into its own def under queries.py # as it is currently used in at least one other place if max_stories > (page_num * per_page): next_page = page_num + 1 if page_num > 1: prev_page = page_num - 1 vote_dict = {} if "logged_in" in s: vote_dict = queries.get_user_votes_on_all_submissions(s["users.id"]) for s in stories: # @TODO: Remember to not tally on every load once a real site deploys s.tally_votes() s.tally_comments() return { "stories": stories, "success": True, "code": 0, "vote_dict": vote_dict, "max_stories": max_stories, "prev_page": prev_page, "next_page": next_page, "new_url_text": new_url_text, "new_title_text": new_title_text, }
def submit(request): s = request.session p = request.session['safe_post'] r = request qs = s['safe_get'] s['message'] = "Post a story." dbsession = DBSession() stories = None sections = section_queries.get_sections() new_url_text = '' new_title_text = '' route_name = r.matched_route.name if route_name == 'new_page': # require admin to load a new page form if 'logged_in_admin' not in s or s['logged_in_admin'] == False: return HTTPNotFound() #if uses came in with a share button, redirect to existing discussion if there is one if 'from' in qs and qs['from'] == 'button': existing_post = submission.get_story_by_url_oldest(qs['url']) if existing_post: return HTTPFound(r.route_url('full', sub_id=existing_post.id)) new_url_text = qs['url'] if 'title' in qs: new_title_text = qs['title'] if 'logged_in' not in s: s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format( r.route_url('login')) return {'stories': [], 'success': False, 'code': 'ENOLOGIN'} if p and 'title' in p: if 'logged_in' not in s: s['message'] = 'Sorry, please log in first' return {'stories': [], 'success': False, 'code': 'ENOLOGIN'} if 'section_id' not in p or p['section_id'] == '': return {'stories': [], 'success': False, 'code': 'ENOSECTION'} if 'url' in p and p['url'] != '' and p['url'] is not None: p['url'] = general.strip_all_html(p['url']) if not re.match(r'http[s]*:\/\/', p['url']): p['url'] = 'http://' + p['url'] else: # set to None so that NULL goes into the database p['url'] = None if route_name == 'new_page': render_type = p['render_type'] slug = p['slug'] # if we can find this slug already, kill submission here. try: s = dbsession.query(Submission).filter( Submission.slug == slug).one() s['message'] = 'This slug is already taken.' success = False except sqlalchemy.orm.exc.NoResultFound: pass else: slug = '' render_type = 'story_md' if 'section_id' in p: sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'], section=p['section_id']) else: sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id']) sub.render_type = render_type # slug octet no longer derived from story's actual id if slug == '': slug = u"{title}-{uuid_first_octet}".format( title=slugify.slugify(unicode(p['title'][:100])), uuid_first_octet=str(general.gen_uuid())[:8]) sub.slug = slug dbsession.add(sub) dbsession.flush() # add notify if general.check_notify_default(s['users.id'], r): notify_queries.create_notify(s['users.id'], sub.id, s['users.id']) v = Vote(sub.id, s['users.id'], 1, "submission", None) v.direction = 1 dbsession.add(v) s['message'] = "Added." try: if request.registry.solr_conn: # we flush here to ensure we have a vaild id object when added to solr # we use this if statement so that the exception will be raised before # dbsession is flushed, hence avoiding an unnecessary flush if the site # is not using solr. dbsession.flush() request.registry.solr_conn.add({ 'id': sub.id, 'title': sub.title, 'description': sub.description }) request.registry.solr_conn.commit() except AttributeError: #solr is not configured for this connection pass return HTTPFound(r.route_url('home')) return { 'stories': stories, 'success': True, 'code': 0, 'new_url_text': new_url_text, 'new_title_text': new_title_text, 'sections': sections }
def submit(request): s = request.session p = request.session['safe_post'] r = request qs = s['safe_get'] s['message'] = "Post a story." dbsession = DBSession() stories = None sections = section_queries.get_sections() new_url_text = '' new_title_text = '' route_name = r.matched_route.name if route_name == 'new_page': # require admin to load a new page form if 'logged_in_admin' not in s or s['logged_in_admin'] == False: return HTTPNotFound() #if uses came in with a share button, redirect to existing discussion if there is one if 'from' in qs and qs['from'] == 'button': existing_post = submission.get_story_by_url_oldest(qs['url']) if existing_post: return HTTPFound(r.route_url('full', sub_id=existing_post.id)) new_url_text = qs['url'] if 'title' in qs: new_title_text = qs['title'] if 'logged_in' not in s: s['message'] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(r.route_url('login')) return {'stories': [], 'success': False, 'code': 'ENOLOGIN'} if p and 'title' in p: if 'logged_in' not in s: s['message'] = 'Sorry, please log in first' return {'stories': [], 'success': False, 'code': 'ENOLOGIN'} if 'section_id' not in p or p['section_id'] == '': return {'stories': [], 'success': False, 'code': 'ENOSECTION'} if 'url' in p and p['url'] != '' and p['url'] is not None: p['url'] = general.strip_all_html(p['url']) if not re.match(r'http[s]*:\/\/', p['url']): p['url'] = 'http://' + p['url'] else: # set to None so that NULL goes into the database p['url'] = None if route_name == 'new_page': render_type = p['render_type'] slug = p['slug'] # if we can find this slug already, kill submission here. try: s = dbsession.query(Submission).filter(Submission.slug == slug).one() s['message'] = 'This slug is already taken.' success = False except sqlalchemy.orm.exc.NoResultFound: pass else: slug = '' render_type = 'story_md' if 'section_id' in p: sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id'], section = p['section_id']) else: sub = Submission(p['title'][:100], p['description'], p['url'], s['users.id']) sub.render_type = render_type # slug octet no longer derived from story's actual id if slug == '': slug = u"{title}-{uuid_first_octet}".format( title = slugify.slugify(unicode(p['title'][:100])), uuid_first_octet = str(general.gen_uuid())[:8]) sub.slug = slug dbsession.add(sub) dbsession.flush() # add notify if general.check_notify_default(s['users.id'], r): notify_queries.create_notify(s['users.id'], sub.id, s['users.id']) v = Vote(sub.id, s['users.id'], 1, "submission", None) v.direction = 1 dbsession.add(v) s['message'] = "Added." try: if request.registry.solr_conn: # we flush here to ensure we have a vaild id object when added to solr # we use this if statement so that the exception will be raised before # dbsession is flushed, hence avoiding an unnecessary flush if the site # is not using solr. dbsession.flush() request.registry.solr_conn.add({'id': sub.id, 'title': sub.title, 'description': sub.description}) request.registry.solr_conn.commit() except AttributeError: #solr is not configured for this connection pass return HTTPFound(r.route_url('home')) return {'stories': stories, 'success': True, 'code': 0, 'new_url_text': new_url_text, 'new_title_text': new_title_text, 'sections': sections}