def preview(request):
"""
The user has typed in a comment and wants to preview it in HTML.
GET request needs `rest_comment` field
"""
if not request.user.is_authenticated():
return HttpResponse(status=401)
if request.method != "GET" and not request.is_ajax():
raise Http404
data = {"success": False}
try:
rest_comment = request.GET["rest_comment"]
except KeyError:
raise Http404
start_time = time.time()
try:
html_comment = compile_rest_to_html(rest_comment).replace("\n", "<br>")
data["html_comment"] = html_comment
data["success"] = True
except SphinxError:
data["success"] = False
logger.warning("Unable to compile comment:: Sphinx compile error")
end_time = time.time()
if (end_time-start_time) > 3:
logger.warning("Comment compile time exceeded 3 seconds; server load too high?")
return HttpResponse(simplejson.dumps(data), mimetype="application/json")
def preview(request):
"""
The user has typed in a comment and wants to preview it in HTML.
GET request needs `rest_comment` field
"""
if not request.user.is_authenticated():
return HttpResponse(status=401)
if request.method != "GET" and not request.is_ajax():
raise Http404
data = {"success": False}
try:
rest_comment = request.GET["rest_comment"]
except KeyError:
raise Http404
start_time = time.time()
try:
html_comment = compile_rest_to_html(rest_comment).replace("\n", "<br>")
data["html_comment"] = html_comment
data["success"] = True
except SphinxError:
data["success"] = False
logger.warning("Unable to compile comment:: Sphinx compile error")
end_time = time.time()
if (end_time - start_time) > 3:
logger.warning(
"Comment compile time exceeded 3 seconds; server load too high?")
return HttpResponse(simplejson.dumps(data), mimetype="application/json")
def save(self, commit=True):
instance = super(BaseSubmissionForm, self).save(commit=False)
user, authenticated = self.request.user, True
if not self.request.user.is_authenticated():
# returns object if account alreay present
user = create_new_account_internal(self.cleaned_data['email'])
authenticated = False
# submission author
instance.created_by = user
# is displayed only if authenticated
instance.is_displayed = authenticated
# validation hash
hash_id = ''
if not authenticated:
hash_id = get_validation_hash(instance.title)
instance.validation_hash = hash_id
# description in HTML
instance.description_html = compile_rest_to_html(instance.description)
if commit:
instance.save()
return instance
def save(self, commit=True):
instance = super(BaseSubmissionForm, self).save(commit=False)
user, authenticated = self.request.user, True
if not self.request.user.is_authenticated():
# returns object if account alreay present
user = create_new_account_internal(self.cleaned_data['email'])
authenticated = False
# submission author
instance.created_by = user
# is displayed only if authenticated
instance.is_displayed = authenticated
# validation hash
hash_id = ''
if not authenticated:
hash_id = get_validation_hash(instance.title)
instance.validation_hash = hash_id
# description in HTML
instance.description_html = compile_rest_to_html(instance.description)
if commit:
instance.save()
return instance
(escape(ctype), escape(object_pk), e.__class__.__name__))
form = SpcCommentEditForm(target, data=request.POST)
if form.security_errors():
return CommentPostBadRequest(
"The comment edit form failed security verification: %s" % \
escape(str(form.security_errors())))
form = form.cleaned_data
comment = get_object_or_404(comments.get_model(),
pk=comment_id,
site__pk=settings.SITE_ID)
if comment.user == request.user:
comment.comment = form['edit_comment']
comment.rest_comment = compile_rest_to_html(form['edit_comment'])
comment.ip_address = request.META.get('REMOTE_ADDR', None)
comment.save()
response['comment'] = comment.comment
response['rest_comment'] = comment.rest_comment
response['success'] = True
else:
raise Exception(
'Invalid authorization: User not permitted to edit comment')
return HttpResponse(simplejson.dumps(response),
mimetype="application/json")
def profile_page_edit(request, slug):
"""
User wants to edit his/her profile page.
"""
# First verify that request.user is the same as slug
if request.user.profile.slug != slug:
return page_404_error(request,
('You are not authorized to edit that '
'profile. Only that user may edit it.'))
if request.POST:
form = forms.ProfileEditForm(request.POST)
if form.is_valid():
# Update profile information
user = request.user
previous_email = ''
if form.cleaned_data['email'] != user.email:
previous_email = user.email
user.email = form.cleaned_data['email']
user.save()
user.profile.affiliation = form.cleaned_data['affiliation']
user.profile.country = form.cleaned_data['country']
user.profile.bio = form.cleaned_data['bio']
user.profile.bio_html = compile_rest_to_html(
form.cleaned_data['bio'])
user.profile.uri = form.cleaned_data['uri']
user.profile.save()
tag_list = get_and_create_tags(form.cleaned_data['interests'])
# First delete all the user's previous interests, so we can update
# them with the new ones
for interest in models.InterestCreation.objects.filter(user=user):
#.profile.interests.all():
interest.delete()
# Add user's interests through the intermediate
# model instance
for tag in tag_list:
tag_intermediate = models.InterestCreation(user=user.profile,
tag=tag)
tag_intermediate.save()
logger.debug('User "%s" added interest "%s" to their profile'%\
(user.profile.slug, str(tag)))
# Resave the user profile to capture their interests in the search
# results.
user.profile.save()
if previous_email:
ctx_dict = {
'new_email': user.email,
'admin_email': settings.DEFAULT_FROM_EMAIL,
'username': user.username
}
message = render_to_string(\
'person/email_about_changed_email_address.txt',
ctx_dict)
send_email((previous_email, ), ("SciPy Central: change of "
"email address"),
message=message)
return redirect(profile_page, user.profile.slug)
else:
user = request.user
interests = ','.join(
list(set([str(intr) for intr in user.profile.interests.all()])))
fields = {
'uri': user.profile.uri,
'email': user.email,
'bio': user.profile.bio,
'interests': interests,
'country': user.profile.country,
'affiliation': user.profile.affiliation,
'pk': user.id,
}
form = forms.ProfileEditForm(fields)
return render_to_response('submission/new-item.html', {},
context_instance=RequestContext(
request, {
'form': form,
'buttontext': 'Update your profile',
'pagetitle': 'Update your profile',
}))
(escape(ctype), escape(object_pk), e.__class__.__name__))
form = SpcCommentEditForm(target, data=request.POST)
if form.security_errors():
return CommentPostBadRequest(
"The comment edit form failed security verification: %s" % \
escape(str(form.security_errors())))
form = form.cleaned_data
comment = get_object_or_404(comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID)
if comment.user == request.user:
comment.comment = form['edit_comment']
comment.rest_comment = compile_rest_to_html(form['edit_comment'])
comment.ip_address = request.META.get('REMOTE_ADDR', None)
comment.save()
response['comment'] = comment.comment
response['rest_comment'] = comment.rest_comment
response['success'] = True
else:
raise Exception('Invalid authorization: User not permitted to edit comment')
return HttpResponse(simplejson.dumps(response), mimetype="application/json")
def preview(request):
"""
def get_comment_create_data(self):
data = super(SpcCommentForm, self).get_comment_create_data()
rest_comment = compile_rest_to_html(data['comment'])
data['rest_comment'] = rest_comment
return data
def create_or_edit_submission_revision(request, item, is_displayed,
user, submission=None, commit=False):
"""
Creates a new ``Submission`` (only if not given) and ``Revision``
instances. Returns these in a tuple.
"""
# NOTE: the ``user`` will always be a valid entry in our database. Code
# posted by users that have not yet validated themselves is not displayed
# until they do so.
new_submission = False
if submission is None:
# A new submission
new_submission = True
submission = models.Submission.objects.create_without_commit(
created_by=user, sub_type=item.cleaned_data['sub_type'])
sub = submission
# Process any tags
tag_list = get_and_create_tags(item.cleaned_data['sub_tags'])
# Create a ``Revision`` instance. Must always have a ``title``,
# ``created_by``, and ``description`` fields; the rest are set according
# to the submission type, ``sub.sub_type``
hash_id = ''
if sub.sub_type == 'link':
sub_license = None
item_url = item.cleaned_data['item_url']
item_code = None
elif sub.sub_type == 'snippet':
sub_license = item.cleaned_data['sub_license']
item_url = None
item_code = item.cleaned_data['snippet_code']
elif sub.sub_type == 'package':
sub_license = item.cleaned_data['sub_license']
item_url = None
item_code = None
# Handle the ZIP file more completely only when the user commits.
# ZIP file has been validated: OK to save it to the server
# However, this might be the second time around, so skip saving it
# (happens after preview, or if user resumes editing submission)
if not hasattr(request.FILES['package_file'], 'skip_validation'):
zip_f = models.ZipFile(raw_zip_file=request.FILES['package_file'],
zip_hash=request.POST.get('package_hash', ''))
zip_f.save()
# Convert the raw ReST description to HTML using Sphinx: could include
# math, paragraphs, <tt>, bold, italics, bullets, hyperlinks, etc.
description_html = compile_rest_to_html(item.cleaned_data['description'])
item_highlighted_code = highlight_code(item.cleaned_data.get(\
'snippet_code', None))
rev = models.Revision.objects.create_without_commit(
entry=sub,
title=item.cleaned_data['title'],
created_by=user,
sub_license=sub_license,
description=item.cleaned_data['description'],
description_html=description_html,
hash_id=hash_id,
item_url=item_url,
item_code=item_code,
item_highlighted_code=item_highlighted_code,
is_displayed=is_displayed,
)
user_url = settings.SPC['short_URL_root'] + 'user/' + str(user.id)
if commit:
# Save the submission, then the revision. If we are editing a
# previous submission, then do not save the submission
# (because the Submission object has fields that will never
# change once it has been first created).
if new_submission:
# Sets the primary key
sub.save()
rev.entry_id = sub.id
if not is_displayed:
rev.validation_hash = create_validation_code(rev)
rev.save()
# Storage location: if we do save files it will be here
datenow = datetime.datetime.now()
year, month = datenow.strftime('%Y'), datenow.strftime('%m')
repo_path = os.path.join(year, month, '%06d'% sub.id)
full_repo_path = os.path.join(settings.SPC['storage_dir'], repo_path)
if sub.sub_type == 'package':
# Save the uploaded file to the server. At this point we are sure
# it's a valid ZIP file, has no malicious filenames, and can be
# unpacked to the hard drive. See validation in ``forms.py``.
if os.path.exists(full_repo_path) and sub.fileset.repo_path == \
repo_path:
# Make a temporary directory and copy the existing package
# repository to that location
temp_dir = tempfile.mkdtemp(prefix='tmp_spc_')
src = os.path.join(full_repo_path, '.' + \
settings.SPC['revisioning_backend'])
shutil.move(src, temp_dir)
shutil.rmtree(full_repo_path, ignore_errors=True)
else:
temp_dir = None
# Create/ensure destination directory exists
ensuredir(full_repo_path)
# Copy ZIP file
zip_file = request.FILES['package_file']
dst = os.path.join(full_repo_path, zip_file.name)
src = os.path.join(settings.SPC['ZIP_staging'], zip_file.name)
shutil.copyfile(src, dst)
# os.remove(src) Keep the original ZIP file, for now
# Remove the entry from the database
zip_hash = request.POST.get('package_hash', '')
zip_objs = models.ZipFile.objects.filter(zip_hash=zip_hash)
if zip_objs:
zip_objs[0].delete()
# Unzip file and commit contents to the repo
zip_f = zipfile.ZipFile(dst, 'r')
zip_f.extractall(full_repo_path)
zip_f.close()
os.remove(dst) # but delete the copy
# Delete common RCS directories that might have been in the ZIP
for path, dirs, files in os.walk(full_repo_path):
if os.path.split(path)[1] in settings.SPC['common_rcs_dirs']:
shutil.rmtree(path, ignore_errors=True)
if temp_dir:
src = os.path.join(temp_dir, '.' + \
settings.SPC['revisioning_backend'])
dst = os.path.join(full_repo_path , '.' + \
settings.SPC['revisioning_backend'])
try:
os.rename(src, dst)
except os.error, e:
# For cases when /tmp is on a different filesystem
# (usually production servers)
import errno
if e.errno == errno.EXDEV:
shutil.copytree(src, dst, symlinks=True)
shutil.rmtree(src)
else:
raise
shutil.rmtree(temp_dir, ignore_errors=True)
repo = sub.fileset.get_repo()
else:
# Create the repo
sub.fileset = FileSet.objects.create(repo_path=repo_path)
repo = sub.fileset.create_empty()
sub.save()
# Then add all files from the ZIP file to the repo. Add directories
# at a time rather than file-by-file.
for path, dirs, files in os.walk(full_repo_path):
if os.path.split(path)[1] == '.' + \
settings.SPC['revisioning_backend']:
for entry in dirs[:]:
dirs.remove(entry)
continue
all_files = []
for name in files:
all_files.append(os.path.join(path, name))
if all_files:
repo.add(patterns=all_files, ignore_errors=True)
# Add "DESCRIPTION.txt"
descrip_name = os.path.join(full_repo_path, 'DESCRIPTION.txt')
descrip_file = file(descrip_name, 'w')
descrip_file.write(rev.description)
descrip_file.close()
sub.fileset.add_file(descrip_name, user=user_url,
commit_msg=('Added/updated files from web-uploaded '
'ZIP file. Added DESCRIPTION.txt also.'))
if sub.sub_type == 'snippet':
fname = rev.slug.replace('-', '_') + '.py'
if new_submission:
# Create a new repository for the files
sub.fileset = FileSet.objects.create(repo_path=repo_path)
sub.save()
commit_msg = ('Add "%s" to the repo '
'based on the web submission by user "%s"') %\
(fname, user_url)
else:
commit_msg = ('Update of file(s) in the repo '
'based on the web submission by user "%s"') %\
(user_url)
sub.fileset.add_file_from_string(fname,
request.POST['snippet_code'],
user=user_url,
commit_msg=commit_msg)
if sub.sub_type in ['snippet', 'package']:
license_file = settings.SPC['license_filename']
license_text = get_license_text(rev)
sub.fileset.add_file_from_string(license_file, license_text,
user="******",
commit_msg="SPC: added/updated license file" )
rev.hash_id = sub.fileset.get_hash()
# Once you have the revision you can add tags through the intermediate
# model instance (which tracks the user that added the tag and when).
for tag in tag_list:
tag_intermediate = models.TagCreation(created_by=user,
revision=rev,
tag=tag)
tag_intermediate.save()
logger.debug('User "%s" added tag "%s" to rev.id=%d' % (
user.profile.slug,
str(tag), rev.id))
# Update the search index so that the tags are included in the search
rev.save()
# log the new submission and revision
logger.info('New %s: %s [id=%d] and revision id=%d' % (
sub.sub_type,
item.cleaned_data['title'],
sub.id,
rev.id))
def profile_page_edit(request, slug):
"""
User wants to edit his/her profile page.
"""
# First verify that request.user is the same as slug
if request.user.profile.slug != slug:
return page_404_error(request, ('You are not authorized to edit that '
'profile. Only that user may edit it.'))
if request.POST:
form = forms.ProfileEditForm(request.POST)
if form.is_valid():
# Update profile information
user = request.user
previous_email = ''
if form.cleaned_data['email'] != user.email:
previous_email = user.email
user.email = form.cleaned_data['email']
user.save()
user.profile.affiliation = form.cleaned_data['affiliation']
user.profile.country = form.cleaned_data['country']
user.profile.bio = form.cleaned_data['bio']
user.profile.bio_html = compile_rest_to_html(form.cleaned_data['bio'])
user.profile.uri = form.cleaned_data['uri']
user.profile.save()
tag_list = get_and_create_tags(form.cleaned_data['interests'])
# First delete all the user's previous interests, so we can update
# them with the new ones
for interest in models.InterestCreation.objects.filter(user=user):
#.profile.interests.all():
interest.delete()
# Add user's interests through the intermediate
# model instance
for tag in tag_list:
tag_intermediate = models.InterestCreation(user=user.profile,
tag=tag)
tag_intermediate.save()
logger.debug('User "%s" added interest "%s" to their profile'%\
(user.profile.slug, str(tag)))
# Resave the user profile to capture their interests in the search
# results.
user.profile.save()
if previous_email:
ctx_dict = {'new_email': user.email,
'admin_email': settings.DEFAULT_FROM_EMAIL,
'username': user.username}
message = render_to_string(\
'person/email_about_changed_email_address.txt',
ctx_dict)
send_email((previous_email,), ("SciPy Central: change of "
"email address"), message=message)
return redirect(profile_page, user.profile.slug)
else:
user = request.user
interests = ','.join(list(set([str(intr) for intr in user.profile.interests.all()])))
fields = {'uri': user.profile.uri,
'email': user.email,
'bio': user.profile.bio,
'interests': interests,
'country': user.profile.country,
'affiliation': user.profile.affiliation,
'pk': user.id,
}
form = forms.ProfileEditForm(fields)
return render_to_response('submission/new-item.html', {},
context_instance=RequestContext(request,
{'form': form,
'buttontext': 'Update your profile',
'pagetitle': 'Update your profile',
}))
def get_comment_create_data(self):
data = super(SpcCommentForm, self).get_comment_create_data()
rest_comment = compile_rest_to_html(data['comment'])
data['rest_comment'] = rest_comment
return data