def flag(username, post_id):
"""Flags a post so that moderators are aware of it.
.. note: This is a requirement to enter the Apple app store.
"""
if not check_post(get_uid(username), post_id):
return abort(404)
_post = get_post(post_id)
# Ensure the default redirect is to the correct location.
reply_id = get_post(post_id).get('reply_to')
if reply_id is None:
redirect_url = handle_next(
request,
url_for('posts.view_post', username=username, post_id=post_id))
else:
reply = get_post(reply_id)
redirect_url = handle_next(
request,
url_for('posts.view_post',
username=reply.get('username'),
post_id=reply_id))
# Ensue user has permission to perform the action
current_user_id = current_user.get('_id')
permission = get_user_permission(_post.get('user_id'), current_user_id)
if permission < _post.get('permission', k.PERM_PUBLIC):
flash('You do not have permission to flag this post', 'error')
return redirect(redirect_url)
try:
flag_post(current_user['_id'], post_id)
except CantFlagOwn:
flash('You can not flag on your own posts', 'error')
except AlreadyFlagged:
flash('You have already flagged this post', 'error')
else:
flash('You flagged the ' + ('comment' if reply_id else 'post'),
'success')
return redirect(redirect_url)
def flag(username, post_id):
"""Flags a post so that moderators are aware of it.
.. note: This is a requirement to enter the Apple app store.
"""
if not check_post(get_uid(username), post_id):
return abort(404)
_post = get_post(post_id)
# Ensure the default redirect is to the correct location.
reply_id = get_post(post_id).get('reply_to')
if reply_id is None:
redirect_url = handle_next(request, url_for('posts.view_post',
username=username, post_id=post_id))
else:
reply = get_post(reply_id)
redirect_url = handle_next(request, url_for('posts.view_post',
username=reply.get('username'),
post_id=reply_id))
# Ensue user has permission to perform the action
current_user_id = current_user.get('_id')
permission = get_user_permission(_post.get('user_id'), current_user_id)
if permission < _post.get('permission', k.PERM_PUBLIC):
flash('You do not have permission to flag this post',
'error')
return redirect(redirect_url)
try:
flag_post(current_user['_id'], post_id)
except CantFlagOwn:
flash('You can not flag on your own posts', 'error')
except AlreadyFlagged:
flash('You have already flagged this post', 'error')
else:
flash('You flagged the ' + ('comment' if reply_id else 'post'),
'success')
return redirect(redirect_url)
def profile(username):
"""It will show the users posts. Referred to as "posts" on the site.
.. note: Viewable to public! (Only public posts)
"""
uid = get_uid_username(username)
if uid is None:
abort(404)
# Data
_profile = get_profile(uid)
# Pagination
page = handle_page(request)
# Get the page sizes taking in to account non-logged in users
if current_user:
page_size = current_user.get('feed_pagination_size',
app.config.get('FEED_ITEMS_PER_PAGE', 25))
else:
page_size = app.config.get('FEED_ITEMS_PER_PAGE', 25)
# Get the posts pagination
if current_user:
current_user_id = current_user.get('_id')
else:
current_user_id = None
permission = get_user_permission(_profile.get('_id'), current_user_id)
_posts = get_posts(uid, page, page_size, perm=permission)
# Post form
post_form = PostForm()
return render_template('posts.html',
profile=_profile,
pagination=_posts,
post_form=post_form)
def profile(username):
"""It will show the users posts. Referred to as "posts" on the site.
.. note: Viewable to public! (Only public posts)
"""
uid = get_uid_username(username)
if uid is None:
abort(404)
# Data
_profile = get_profile(uid)
# Pagination
page = handle_page(request)
# Get the page sizes taking in to account non-logged in users
if current_user:
page_size = current_user.get('feed_pagination_size',
app.config.get('FEED_ITEMS_PER_PAGE', 25))
else:
page_size = app.config.get('FEED_ITEMS_PER_PAGE', 25)
# Get the posts pagination
if current_user:
current_user_id = current_user.get('_id')
else:
current_user_id = None
permission = get_user_permission(_profile.get('_id'), current_user_id)
_posts = get_posts(uid, page, page_size, perm=permission)
# Post form
post_form = PostForm()
return render_template('posts.html', profile=_profile,
pagination=_posts, post_form=post_form)
def vote(username, post_id, reply_id=None):
"""Upvotes a post.
.. note: If the request is an XHR one the whole function will not run.
It will exit out and the first chance and return JSON.
"""
redirect_url = handle_next(request, url_for('posts.view_post',
username=username, post_id=post_id))
if not check_post(get_uid(username), post_id, reply_id):
if request.is_xhr:
return jsonify({'message': 'Post not found'}), 404
return abort(404)
_post = get_post(post_id)
# Ensuer user has permission to perform the action
current_user_id = current_user.get('_id')
permission = get_user_permission(_post.get('user_id'), current_user_id)
# Since the upvote/downvote functions have been merged we need to
# identify which action is going to be performed.
if request.endpoint == 'posts.upvote':
action = 'upvoted'
amount = 1
else:
action = 'downvoted'
amount = -1
if permission < _post.get('permission', k.PERM_PUBLIC):
message = 'You do not have permission to vote on this post'
if request.is_xhr:
return jsonify({'message': message}), 403
xflash(message, 'error')
return redirect(redirect_url)
try:
if reply_id is None:
result = vote_post(current_user['_id'], post_id, amount=amount)
else:
result = vote_post(current_user['_id'], reply_id, amount=amount)
except AlreadyVoted:
message = 'You have already voted on this post'
if request.is_xhr:
return jsonify({'message': message}), 400
xflash(message, 'error')
except CantVoteOnOwn:
message = 'You can not vote on your own posts'
if request.is_xhr:
return jsonify({'message': message}), 400
xflash(message, 'error')
else:
if (amount > 0 < result) or (amount < 0 > result):
message = 'You {} the '.format(action) + ("comment" if reply_id
else "post")
xflash(message, 'success')
else:
message = 'You reversed your vote on the ' + ("comment" if reply_id
else "post")
xflash(message, 'success')
if request.is_xhr:
return jsonify({'message': message}), 200
return redirect(redirect_url)
def post(username=None, post_id=None):
"""Enabled current_user to create a new post on Pjuu :)
This view accepts GET and POST yet only acts on a POST. This is so that the
Werkzeug router does not treat this like a profile lookup.
"""
# Rather than just 404 if someone tries to GET this URL (which is default),
# we will throw a 405.
if request.method == 'GET':
return abort(405)
# Stop un-approved users posting comments if permissions do not let them.
if post_id is not None:
if not check_post(get_uid(username), post_id):
return abort(404)
_post = get_post(post_id)
permission = get_user_permission(current_user, _post.get('_id'))
if permission < _post.get('permission', k.PERM_PUBLIC):
return abort(403)
# Set the default redirect URLs depending on type of post it is
if post_id is None:
redirect_url = handle_next(request, url_for('users.profile',
username=current_user['username']))
else:
redirect_url = handle_next(request, url_for('posts.view_post',
username=username, post_id=post_id))
# Stop muted users from creating posts
if current_user.get('muted', False):
flash('You have been silenced!', 'warning')
return redirect(redirect_url)
form = PostForm()
if form.validate():
# If there is an uploaded File pass it on else pass nothing
if form.upload.data:
# Pass the BytesIO stream to the backend.
upload = form.upload.data.stream
else:
upload = None
try:
permission = int(form.permission.data)
except ValueError: # pragma: no cover
permission = -1
# WTForms should stop this ever, ever firing
if not (k.PERM_PUBLIC <= permission <= # pragma: no cover
k.PERM_APPROVED): # pragma: no cover
flash('Invalid post permission set', 'error')
return redirect(redirect_url)
# Create the post
if create_post(current_user['_id'], current_user['username'],
unicode(escape(form.body.data)), post_id, upload,
permission=permission):
# Inform the user we have created the post
flash('Your post has been added', 'success')
else:
flash('There was an error creating your post',
'error') # pragma: no cover
else:
# Will print out all errors that happen in a post form.
# This is better than "There is an error in your post"
for key, value in form.errors.iteritems():
for error in value:
flash(error, 'error')
return redirect(redirect_url)
def view_post(username, post_id):
"""Displays a post along with its comments paginated. I am not sure if this
should be here or in the 'posts' app.
.. note: Viewable to the public if the post is public!
"""
if not check_post(get_uid(username), post_id):
return abort(404)
# Get post and comments for the current page
_post = get_post(post_id)
# Stop a reply from ever being shown here
if 'reply_to' in _post:
return abort(404)
_user = get_user(get_uid(username))
# Only get the permission if the post is not owned by the current user
if current_user:
current_user_id = current_user.get('_id')
else:
current_user_id = None
permission = get_user_permission(_user.get('_id'), current_user_id)
if permission < _post.get('permission', k.PERM_PUBLIC):
return abort(403)
# Pagination
page = handle_page(request)
# Handle explicit sort order
# Fall back to user default else default
sort = request.args.get('sort', None)
if sort is None:
if current_user:
sort = current_user.get('reply_sort_order', -1)
else:
sort = -1
else:
try:
sort = 1 if int(sort) > 0 else -1
except ValueError:
if current_user:
sort = current_user.get('reply_sort_order', -1)
else:
sort = -1
# Get the page sizes taking in to account non-logged in users
if current_user:
page_size = current_user.get(
'replies_pagination_size',
app.config.get('REPLIES_ITEMS_PER_PAGE', 25)
)
else:
page_size = app.config.get('REPLIES_ITEMS_PER_PAGE', 25)
pagination = get_replies(post_id, page, page_size, sort)
post_form = PostForm()
return render_template('view_post.html', post=_post,
pagination=pagination, post_form=post_form,
sort=sort)
def vote(username, post_id, reply_id=None):
"""Upvotes a post.
.. note: If the request is an XHR one the whole function will not run.
It will exit out and the first chance and return JSON.
"""
redirect_url = handle_next(
request, url_for('posts.view_post', username=username,
post_id=post_id))
if not check_post(get_uid(username), post_id, reply_id):
if request.is_xhr:
return jsonify({'message': 'Post not found'}), 404
return abort(404)
_post = get_post(post_id)
# Ensuer user has permission to perform the action
current_user_id = current_user.get('_id')
permission = get_user_permission(_post.get('user_id'), current_user_id)
# Since the upvote/downvote functions have been merged we need to
# identify which action is going to be performed.
if request.endpoint == 'posts.upvote':
action = 'upvoted'
amount = 1
else:
action = 'downvoted'
amount = -1
if permission < _post.get('permission', k.PERM_PUBLIC):
message = 'You do not have permission to vote on this post'
if request.is_xhr:
return jsonify({'message': message}), 403
xflash(message, 'error')
return redirect(redirect_url)
try:
if reply_id is None:
result = vote_post(current_user['_id'], post_id, amount=amount)
else:
result = vote_post(current_user['_id'], reply_id, amount=amount)
except AlreadyVoted:
message = 'You have already voted on this post'
if request.is_xhr:
return jsonify({'message': message}), 400
xflash(message, 'error')
except CantVoteOnOwn:
message = 'You can not vote on your own posts'
if request.is_xhr:
return jsonify({'message': message}), 400
xflash(message, 'error')
else:
if (amount > 0 < result) or (amount < 0 > result):
message = 'You {} the '.format(action) + ("comment"
if reply_id else "post")
xflash(message, 'success')
else:
message = 'You reversed your vote on the ' + ("comment" if reply_id
else "post")
xflash(message, 'success')
if request.is_xhr:
return jsonify({'message': message}), 200
return redirect(redirect_url)
def post(username=None, post_id=None):
"""Enabled current_user to create a new post on Pjuu :)
This view accepts GET and POST yet only acts on a POST. This is so that the
Werkzeug router does not treat this like a profile lookup.
"""
# Rather than just 404 if someone tries to GET this URL (which is default),
# we will throw a 405.
if request.method == 'GET':
return abort(405)
# Stop un-approved users posting comments if permissions do not let them.
if post_id is not None:
if not check_post(get_uid(username), post_id):
return abort(404)
_post = get_post(post_id)
permission = get_user_permission(current_user, _post.get('_id'))
if permission < _post.get('permission', k.PERM_PUBLIC):
return abort(403)
# Set the default redirect URLs depending on type of post it is
if post_id is None:
redirect_url = handle_next(
request, url_for('users.profile',
username=current_user['username']))
else:
redirect_url = handle_next(
request,
url_for('posts.view_post', username=username, post_id=post_id))
# Stop muted users from creating posts
if current_user.get('muted', False):
flash('You have been silenced!', 'warning')
return redirect(redirect_url)
form = PostForm()
if form.validate():
# If there is an uploaded File pass it on else pass nothing
if form.upload.data:
# Pass the BytesIO stream to the backend.
upload = form.upload.data.stream
else:
upload = None
try:
permission = int(form.permission.data)
except ValueError: # pragma: no cover
permission = -1
# WTForms should stop this ever, ever firing
if not (k.PERM_PUBLIC <= permission <= # pragma: no cover
k.PERM_APPROVED): # pragma: no cover
flash('Invalid post permission set', 'error')
return redirect(redirect_url)
# Create the post
if create_post(current_user['_id'],
current_user['username'],
unicode(escape(form.body.data)),
post_id,
upload,
permission=permission):
# Inform the user we have created the post
flash('Your post has been added', 'success')
else:
flash('There was an error creating your post',
'error') # pragma: no cover
else:
# Will print out all errors that happen in a post form.
# This is better than "There is an error in your post"
for key, value in form.errors.iteritems():
for error in value:
flash(error, 'error')
return redirect(redirect_url)
def view_post(username, post_id):
"""Displays a post along with its comments paginated. I am not sure if this
should be here or in the 'posts' app.
.. note: Viewable to the public if the post is public!
"""
if not check_post(get_uid(username), post_id):
return abort(404)
# Get post and comments for the current page
_post = get_post(post_id)
# Stop a reply from ever being shown here
if 'reply_to' in _post:
return abort(404)
_user = get_user(get_uid(username))
# Only get the permission if the post is not owned by the current user
if current_user:
current_user_id = current_user.get('_id')
else:
current_user_id = None
permission = get_user_permission(_user.get('_id'), current_user_id)
if permission < _post.get('permission', k.PERM_PUBLIC):
return abort(403)
# Pagination
page = handle_page(request)
# Handle explicit sort order
# Fall back to user default else default
sort = request.args.get('sort', None)
if sort is None:
if current_user:
sort = current_user.get('reply_sort_order', -1)
else:
sort = -1
else:
try:
sort = 1 if int(sort) > 0 else -1
except ValueError:
if current_user:
sort = current_user.get('reply_sort_order', -1)
else:
sort = -1
# Get the page sizes taking in to account non-logged in users
if current_user:
page_size = current_user.get(
'replies_pagination_size',
app.config.get('REPLIES_ITEMS_PER_PAGE', 25))
else:
page_size = app.config.get('REPLIES_ITEMS_PER_PAGE', 25)
pagination = get_replies(post_id, page, page_size, sort)
post_form = PostForm()
return render_template('view_post.html',
post=_post,
pagination=pagination,
post_form=post_form,
sort=sort)