def index():
from pyaspora.user.session import logged_in_user
from pyaspora.utils.rendering import redirect
if logged_in_user(fetch=False):
return redirect(url_for('feed.view'))
else:
return redirect(url_for('users.login'))
def index():
from pyaspora.user.session import logged_in_user
from pyaspora.utils.rendering import redirect
if logged_in_user(fetch=False):
return redirect(url_for('feed.view'))
else:
return redirect(url_for('users.login'))
def profile(contact_id):
"""
Display the profile (possibly with feed) for the contact.
"""
data, contact = _profile_base(contact_id,
request.args.get('public', False))
if not contact.user and not logged_in_user():
abort(404, 'No such contact', force_status=True)
if contact.user and not contact.user.activated:
abort(404, 'No such contact', force_status=True)
return render_response('contacts_profile.tpl', data)
def profile(contact_id):
"""
Display the profile (possibly with feed) for the contact.
"""
data, contact = _profile_base(
contact_id,
request.args.get('public', False)
)
if not contact.user and not logged_in_user():
abort(404, 'No such contact', force_status=True)
if contact.user and not contact.user.activated:
abort(404, 'No such contact', force_status=True)
return render_response('contacts_profile.tpl', data)
def login():
"""
Display the user login form.
"""
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_login_form.tpl', data)
def raw(part_id):
"""
Return the part's body as a raw byte-stream for eg. serving images.
"""
part = MimePart.get(part_id)
logged_in = logged_in_user()
if not part:
abort(404, 'No such content item', force_status=True)
# If anyone has shared this part with us (or the public), we get to view
# it.
for link in part.posts:
if link.post.has_permission_to_view(logged_in):
return raw_response(part.body, part.type)
abort(403, 'Forbidden')
def _profile_base(contact_id, public=False):
"""
Standard data for profile-alike pages, including the profile page and feed
pages.
"""
from pyaspora.post.models import Post, Share
from pyaspora.post.views import json_posts
contact = Contact.get(contact_id)
if not contact:
abort(404, 'No such contact', force_status=True)
viewing_as = None if public else logged_in_user()
data = json_contact(contact, viewing_as)
limit = int(request.args.get('limit', 25))
if viewing_as and request.args.get('refresh', False) and contact.diasp:
try:
contact.diasp.import_public_posts()
db.session.commit()
except:
current_app.logger.debug(format_exc())
# If not local, we don't have a proper feed
if viewing_as or contact.user:
# user put it on their public wall
feed_query = Post.Queries.public_wall_for_contact(contact)
if viewing_as:
# Also include things this user has shared with us
shared_query = Post.Queries.author_shared_with(
contact, viewing_as)
feed_query = or_(feed_query, shared_query)
feed = db.session.query(Share). \
join(Post). \
filter(feed_query). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
options(contains_eager(Share.post)). \
limit(limit)
data['feed'] = json_posts([(s.post, s) for s in feed], viewing_as)
add_logged_in_user_to_data(data, viewing_as)
return data, contact
def _profile_base(contact_id, public=False):
"""
Standard data for profile-alike pages, including the profile page and feed
pages.
"""
from pyaspora.post.models import Post, Share
from pyaspora.post.views import json_posts
contact = Contact.get(contact_id)
if not contact:
abort(404, 'No such contact', force_status=True)
viewing_as = None if public else logged_in_user()
data = json_contact(contact, viewing_as)
limit = int(request.args.get('limit', 25))
if viewing_as and request.args.get('refresh', False) and contact.diasp:
try:
contact.diasp.import_public_posts()
db.session.commit()
except:
current_app.logger.debug(format_exc())
# If not local, we don't have a proper feed
if viewing_as or contact.user:
# user put it on their public wall
feed_query = Post.Queries.public_wall_for_contact(contact)
if viewing_as:
# Also include things this user has shared with us
shared_query = Post.Queries.author_shared_with(contact, viewing_as)
feed_query = or_(feed_query, shared_query)
feed = db.session.query(Share). \
join(Post). \
filter(feed_query). \
order_by(desc(Post.thread_modified_at)). \
group_by(Post.id). \
options(contains_eager(Share.post)). \
limit(limit)
data['feed'] = json_posts([(s.post, s) for s in feed], viewing_as)
add_logged_in_user_to_data(data, viewing_as)
return data, contact
def login():
"""
Display the user login form.
"""
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
data = {}
add_logged_in_user_to_data(data, None)
if _can_create_account():
data['logged_in']['actions']['sign_up'] = url_for('users.create',
_external=True)
return render_response('users_login_form.tpl', data)
def avatar(contact_id):
"""
Display the photo (or other media item) that represents a Contact.
If the user is logged in they can view the avatar for any contact, but
if not logged in then only locally-mastered contacts have their avatar
displayed.
"""
contact = Contact.get(contact_id)
if not contact:
abort(404, 'No such contact', force_status=True)
if not contact.user and not logged_in_user():
abort(404, 'No such contact', force_status=True)
part = contact.avatar
if not part:
abort(404, 'Contact has no avatar', force_status=True)
return raw_response(part.body, part.type)
def add_logged_in_user_to_data(data, user=False):
from pyaspora.user.session import logged_in_user
from pyaspora.user.views import json_user
if user is False:
user = logged_in_user()
if user:
base = json_user(user)
if "actions" not in base:
base["actions"] = {}
base["actions"].update(
{"logout": url_for("users.logout"), "feed": url_for("feed.view"), "new_post": url_for("posts.create")}
)
else:
base = {"actions": {"login": url_for("users.login")}}
data["logged_in"] = base
def avatar(contact_id):
"""
Display the photo (or other media item) that represents a Contact.
If the user is logged in they can view the avatar for any contact, but
if not logged in then only locally-mastered contacts have their avatar
displayed.
"""
contact = Contact.get(contact_id)
if not contact:
abort(404, 'No such contact', force_status=True)
if not contact.user and not logged_in_user():
abort(404, 'No such contact', force_status=True)
part = contact.avatar
if not part:
abort(404, 'Contact has no avatar', force_status=True)
return raw_response(part.body, part.type)
def login():
"""
Display the user login form.
"""
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
data = {}
add_logged_in_user_to_data(data, None)
if _can_create_account():
data['logged_in']['actions']['sign_up'] = url_for(
'users.create',
_external=True
)
return render_response('users_login_form.tpl', data)
def add_logged_in_user_to_data(data, user=False):
from pyaspora.user.session import logged_in_user
from pyaspora.user.views import json_user
if user is False:
user = logged_in_user()
if user:
base = json_user(user)
if 'actions' not in base:
base['actions'] = {}
base['actions'].update({
'logout': url_for('users.logout'),
'feed': url_for('feed.view'),
'new_post': url_for('posts.create'),
})
else:
base = {'actions': {'login': url_for('users.login')}}
data['logged_in'] = base
def create():
"""
Create a new User (sign-up).
"""
if not _can_create_account():
abort(403, 'Disabled by site administrator')
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
name = post_param('name', template='users_create_form.tpl')
password = post_param('password', template='users_create_form.tpl')
email = post_param('email', template='users_create_form.tpl')
my_user = models.User()
my_user.email = email
my_user.contact.realname = name
my_user.generate_keypair(password)
db.session.commit()
send_template(my_user.email, 'user_activate_email.tpl', {
'link': url_for(
'.activate',
user_id=my_user.id,
key_hash=_hash_for_pk(my_user),
_external=True
)
})
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_created.tpl', data)
def add_logged_in_user_to_data(data, user=False):
from pyaspora.user.session import logged_in_user
from pyaspora.user.views import json_user
if user is False:
user = logged_in_user()
if user:
base = json_user(user)
if 'actions' not in base:
base['actions'] = {}
base['actions'].update({
'logout': url_for('users.logout', _external=True),
'feed': url_for('feed.view', _external=True),
'new_post': url_for('posts.create', _external=True),
})
else:
base = {
'actions': {
'login': url_for('users.login', _external=True)
}
}
data['logged_in'] = base
def create():
"""
Create a new User (sign-up).
"""
if not current_app.config.get('ALLOW_CREATION', False):
abort(403, 'Disabled by site administrator')
user = logged_in_user()
if user:
data = {}
add_logged_in_user_to_data(data, user)
abort(400, 'Already logged in', data)
name = post_param('name', template='users_create_form.tpl')
password = post_param('password', template='users_create_form.tpl')
email = post_param('email', template='users_create_form.tpl')
my_user = models.User()
my_user.email = email
my_user.contact.realname = name
my_user.generate_keypair(password)
db.session.commit()
send_template(my_user.email, 'user_activate_email.tpl', {
'link': url_for(
'.activate',
user_id=my_user.id,
key_hash=_hash_for_pk(my_user),
_external=True
)
})
data = {}
add_logged_in_user_to_data(data, None)
return render_response('users_created.tpl', data)