def read(self, request, userid, targetid=None): subscriber = get_people(userid) if targetid is None: return PeopleSubscription.objects.filter(subscriber=subscriber) else: target = get_people(targetid) try: return PeopleSubscription.objects.get( subscriber=subscriber, target_people=target) except PeopleSubscription.DoesNotExist: return rc.NOT_FOUND except People.DoesNotExist: return rc.NOT_FOUND
def create(self, request, userid): subscriber = get_people(userid) if subscriber.user != request.user: return rc.FORBIDDEN subs = request.form.save(commit=False) subs.subscriber = subscriber subs.save() return rc.CREATED
def to_python(self, value): from wididitserver.models import Entry, get_people if isinstance(value, Entry): return value splitted = value.split('/') userid, entryid = splitted try: return Entry.objects.get(author=get_people(userid), id2=entryid) except Entry.DoesNotExist: raise forms.ValidationError('This entry does not exist.')
def read(self, request, userid=None): """Returns either a list of all people registered, or the user matching the username (wildcard not allowed).""" if userid is None: return People.objects.all() else: try: return get_people(userid) except People.DoesNotExist: return rc.NOT_FOUND except Server.DoesNotExist: return rc.NOT_FOUND
def delete(self, request, userid, entryid=None): if id is None: return rc.BAD_REQUEST people = get_people(userid) if not people.is_local(): return rc.NOT_IMPLEMENTED if not people.can_edit(request.user): return rc.FORBIDDEN try: entry = Entry.objects.get(author=people, id2=entryid) except Entry.DoesNotExist: return rc.NOT_FOUND entry.delete() return rc.DELETED
def update(self, request, userid, entryid=None): if id is None: return rc.BAD_REQUEST people = get_people(userid) if not people.is_local(): return rc.NOT_IMPLEMENTED try: entry = Entry.objects.get(author=people, id2=entryid) except Entry.DoesNotExist: return rc.NOT_FOUND if not entry.can_edit(people): return rc.FORBIDDEN form = EntryForm(request.PUT, instance=entry) form.save() return rc.ALL_OK
def update(self, request, userid): people = get_people(userid) userid = people.userid() if not people.is_local(): return rc.BAD_REQUEST if not people.can_edit(request.user): return rc.FORBIDDEN form = PeopleForm(request.PUT, instance=people) if not form.is_valid(): return rc.BAD_REQUEST if userid != people.userid(): # people.userid() got a new value because of PeopleForm(instance=). # We shouldn't allow that! return rc.FORBIDDEN people = form.save() people.save() return rc.ALL_OK
def create(self, request, userid=None, entryid=None): if (userid is None and entryid is not None) or \ (userid is not None and entryid is None): return rc.BAD_REQUEST people = People.objects.get(user=request.user) if not people.is_local(): return rc.NOT_IMPLEMENTED if not people.can_edit(request.user): return rc.FORBIDDEN data = request.form.cleaned_data entry = request.form.save(commit=False) entry.author = people if userid is not None: assert entryid is not None try: entry.in_reply_to = Entry.objects.get(author=get_people(userid), id2=entryid) except Entry.DoesNotExist: return rc.NOT_FOUND entry.save() response = rc.CREATED response.content = str(entry.id) return response
def to_python(self, value): from wididitserver.models import get_people return get_people(value)
def read(self, request, mode=None, userid=None, entryid=None): """Returns either a list of notices (either from everybody if `userid` is not given, either from the `userid`) or an entry if `userid` AND `id` are given.""" # Display a single entry if entryid is not None: assert userid is not None assert mode is None if userid is not None: try: user = get_people(userid) except People.DoesNotExist: return rc.NOT_FOUND try: return Entry.objects.get(author=user, id2=entryid) except Entry.DoesNotExist: return rc.NOT_FOUND # Display multiple entries fields = dict(request.GET) enable_shared = False if 'shared' in fields: enable_shared = True enable_native = True if 'nonative' in fields: enable_native = False if (enable_shared, enable_native) == (False, False): # Why should we query the database for that? return [] if mode == 'timeline': # Display (shared?) entries from people the user subscribed to. if request.user is None or request.user.id is None: # We need to know who you are. return rc.FORBIDDEN try: people = People.objects.get(user=request.user.id) except People.DoesNotExist: # Authenticated, but not a people. return rc.FORBIDDEN query_native = query_shared = Entry.objects.none() # The list of people we subscribed to. authors = PeopleSubscription.objects.filter(subscriber=people) authors = [x.target_people for x in authors] if enable_native: query_native = Entry.objects.filter(author__in=authors) if enable_shared: shares = Share.objects.filter(people__in=authors) entryids = [x.entry.id for x in shares] query_shared = Entry.objects.filter(id__in=entryids) # Merge results. query = query_native or query_shared else: if enable_native: # Obviously, all shared entries also exist as native query = Entry.objects.all() else: assert enable_shared, 'Run memcheck! enable_native and ' +\ 'enable_shared weren\'t both False before.' entryids = [x.entry.id for x in Share.objects.all()] query = Entry.objects.filter(id__in=entryids) if 'author' in fields: query_native = query_shared = Entry.objects.none() authors = [] for author in fields['author']: try: authors.append(get_people(author)) except People.DoesNotExist: continue if enable_native: query_native = query.filter(author__in=authors) if enable_shared: shares = Share.objects.filter(people__in=authors) entryids = [x.entry.id for x in shares] query_shared = Entry.objects.filter(id__in=entryids) query = query_native or query_shared if 'tag' in fields: for tag in fields['tag'].split(): tag_obj = Tag.objects.path_get(tag) query = query.filter(tags__in=tag_obj) if 'content' in fields: # Convert `?content=foo%20bar&content=baz` to # `"foo bar" "baz"` content = ' '.join(['"%s"' % x for x in fields['content']]) query = serverutils.auto_query(query, content) if 'in_reply_to' in fields: if len(fields['in_reply_to']) != 1: return rc.BAD_REQUEST try: userid, entryid = fields['in_reply_to'][0].split('/') people = get_people(userid) entry = Entry.objects.get(author=people, id2=entryid) except Entry.DoesNotExist: return rc.NOT_FOUND except People.DoesNotExist: return rc.NOT_FOUND query = query.filter(in_reply_to__exact=entry) query = query.exclude(in_reply_to=None) query = query.order_by('updated') return query