def new_signature(login_name): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) if user != current_user: abort(404) form = NewSignature(csrf_enabled=False) if form.validate_on_submit(): signature = sqlm.Signature() signature.name = form.name.data cleaner = ForumHTMLCleaner() signature.html = cleaner.clean(form.signature.data) signature.active = form.active.data signature.owner = user signature.owner_name = user.login_name signature.created = arrow.utcnow().datetime.replace(tzinfo=None) sqla.session.add(signature) sqla.session.commit() return redirect("/member/" + str(user.my_url) + "/signatures") return render_template("profile/new_signature.jade", form=form, profile=user, page_title="New Signature - %s" % (app.get_site_config("core.site-name"), ))
def edit_blog(slug): try: blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0] except IndexError: sqla.session.rollback() return abort(404) if current_user != blog.author: if not current_user.is_admin and not current_user.is_mod: if current_user not in blog.editors: return abort(404) form = BlogSettingsForm(csrf_enabled=False) if form.validate_on_submit(): blog.name = form.title.data cleaner = ForumHTMLCleaner() try: blog.description = cleaner.clean(form.description.data) except: return abort(500) blog.privacy_setting = form.privacy_setting.data sqla.session.add(blog) sqla.session.commit() return redirect("/blog/" + str(blog.slug)) else: form.description.data = blog.description form.privacy_setting.data = blog.privacy_setting form.title.data = blog.name return render_template("blogs/edit_blog.jade", form=form, blog=blog, page_title="Edit Blog - %s" % (app.get_site_config("core.site-name"), ))
def edit_signature(login_name, id): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) if user != current_user and not current_user.is_admin: abort(404) try: signature = sqla.session.query(sqlm.Signature).filter_by(id=id)[0] except IndexError: abort(404) form = NewSignature(csrf_enabled=False) if form.validate_on_submit(): signature.name = form.name.data cleaner = ForumHTMLCleaner() signature.html = cleaner.clean(form.signature.data) signature.active = form.active.data sqla.session.add(signature) sqla.session.commit() return redirect("/member/" + str(user.my_url) + "/signatures") else: form.active.data = signature.active form.signature.data = signature.html form.name.data = signature.name return render_template("profile/edit_signature.jade", form=form, profile=user, signature=signature, page_title="Edit Signature - %s" % (app.get_site_config("core.site-name"), ))
def search_display(): start_date = session.get("start_date", "") end_date = session.get("end_date", "") categories = [{ "id": str(c["id"]), "text": c["name"] } for c in session.get("categories", [])] topics = [{ "id": str(t["id"]), "text": t["title"] } for t in session.get("topics", [])] if session.get("search_authors"): authors = [{ "id": str(a["id"]), "text": a["display_name"] } for a in session.get("search_authors", [])] else: authors = [] query = session.get("query", "") content_type = session.get("content_type", "posts") return render_template("core/search.jade", query=query, content_type=content_type, start_date=start_date, end_date=end_date, categories=json.dumps(categories), topics=json.dumps(topics), authors=json.dumps(authors), page_title="Search - %s" % (app.get_site_config("core.site-name"), ))
def display_status_update(status): try: status = sqla.session.query(sqlm.StatusUpdate).filter_by(id=status)[0] except: return abort(404) if status.hidden == True and (current_user.is_admin != True or current_user.is_mod != True): return abort(404) if current_user.is_admin == True: mod = True else: mod = False status.last_viewed = arrow.utcnow().datetime.replace(tzinfo=None) try: status_user = sqla.session.query(sqlm.StatusUpdateUser).filter_by( status=status, author=current_user)[0] except: status_user = None sqla.session.add(status) sqla.session.commit() return render_template( "status_update.jade", page_title="%s - %s's Status Update - %s" % (get_preview(status.message, 50), str(status.author.display_name), app.get_site_config("core.site-name")), meta_description=get_preview(status.message, 140), status=status, status_user=status_user, mod=mod)
def view_dashboard(): if current_user.is_admin: _followed_topics = sqla.session.query(sqlm.Topic) \ .join(sqlm.topic_watchers_table) \ .join(sqlm.Topic.recent_post) \ .filter(sqlm.topic_watchers_table.c.user_id == current_user.id) \ .order_by(sqlm.Post.created.desc())[:5] else: _followed_topics = sqla.session.query(sqlm.Topic) \ .join(sqlm.topic_watchers_table) \ .join(sqlm.Topic.recent_post) \ .filter(sqlm.topic_watchers_table.c.user_id == current_user.id) \ .filter(sqlm.Topic.category.has(sqlm.Category.restricted==False)) \ .order_by(sqlm.Post.created.desc())[:5] _followed_blogs = sqla.session.query(sqlm.Blog) \ .join(sqlm.blog_subscriber_table) \ .join(sqlm.Blog.recent_entry) \ .filter(sqlm.blog_subscriber_table.c.user_id == current_user.id) \ .filter(sqlm.Blog.disabled.isnot(True)) \ .filter(sqlm.BlogEntry.draft.isnot(True)) \ .filter(sqlm.BlogEntry.published.isnot(None)) \ .filter(sqla.or_( sqlm.Blog.privacy_setting == "all", sqlm.Blog.privacy_setting == "members" )) \ .order_by(sqla.desc(sqlm.BlogEntry.published))[:5] return render_template("dashboard.jade", followed_topics = _followed_topics, followed_blogs = _followed_blogs, page_title="Your Dashboard - %s" % (app.get_site_config("core.site-name"),) )
def send_announcement_emails(): for announcement in sqla.session.query( sqlm.Announcement).filter_by(draft=False).all(): for user in sqla.session.query(sqlm.User).filter_by( banned=False, validated=True).all(): _template = get_template_lookup().get_template("announcement") _rendered = _template.render(message=announcement.body, _user=user, _base=_base_url) response = 200 if not user.emails_muted: if not app.settings_file.get("lockout_on", False): result = requests.post( _mgurl + "/messages", auth=("api", _api), data={ "from": "%s <%s>" % (app.get_site_config("core.site-email-name"), app.get_site_config("core.site-email")), "to": user.email_address, "subject": announcement.subject, "text": _rendered }) else: result = "LOCKDOWN ON" new_email_log = sqlm.EmailLog() new_email_log.to = user new_email_log.sent = arrow.utcnow().datetime.replace( tzinfo=None) new_email_log.subject = announcement.subject new_email_log.body = _rendered new_email_log.result = str(result) sqla.session.add(new_email_log) sqla.session.commit() announcement.sent = arrow.utcnow().datetime.replace(tzinfo=None) sqla.session.add(announcement) sqla.session.commit()
def change_avatar_or_title(login_name): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) if current_user != user and not current_user.is_admin: abort(404) form = AvatarTitleForm(csrf_enabled=False) if form.validate_on_submit(): if form.avatar.data: timestamp = str(arrow.utcnow().timestamp) + "_" # if user.avatar_extension: # try: # os.remove(os.path.join(app.config["AVATAR_UPLOAD_DIR"],user.avatar_timestamp + str(user.pk) + user.avatar_extension)) # os.remove(os.path.join(app.config["AVATAR_UPLOAD_DIR"],user.avatar_timestamp + str(user.pk) + "_40" + user.avatar_extension)) # os.remove(os.path.join(app.config["AVATAR_UPLOAD_DIR"],user.avatar_timestamp + str(user.pk) + "_60" + user.avatar_extension)) # except OSError: # pass extension = "." + form.avatar.data.filename.split(".")[-1].lower() form.avatar_image.save(filename=os.path.join( app.config["AVATAR_UPLOAD_DIR"], timestamp + str(user.id) + extension)) form.fourty_image.save(filename=os.path.join( app.config["AVATAR_UPLOAD_DIR"], timestamp + str(user.id) + "_40" + extension)) form.sixty_image.save(filename=os.path.join( app.config["AVATAR_UPLOAD_DIR"], timestamp + str(user.id) + "_60" + extension)) user.avatar_extension = extension user.avatar_timestamp = timestamp user.avatar_full_x, user.avatar_full_y = form.avatar_image.size user.avatar_40_x, user.avatar_40_y = form.fourty_image.size user.avatar_60_x, user.avatar_60_y = form.sixty_image.size user.title = form.title.data sqla.session.add(user) sqla.session.commit() return redirect("/member/" + user.my_url) else: filename = None form.title.data = user.title return render_template("profile/change_avatar.jade", profile=user, form=form, page_title="Change Avatar and Title - %s" % (app.get_site_config("core.site-name"), ))
def send_mail_w_template(send_to, subject, template, variables): _to_email_addresses = [] for user in send_to: if _debug: if not user.is_admin: continue else: _to_email_addresses.append(user.email_address) else: _to_email_addresses.append(user.email_address) _template = get_template_lookup().get_template(template) _rendered = _template.render(**variables) if not app.settings_file.get("lockout_on", False): response = requests.post( _mgurl + "/messages", auth=("api", _api), data={ "from": "%s <%s>" % (app.get_site_config("core.site-email-name"), app.get_site_config("core.site-email")), "to": _to_email_addresses, "subject": subject, "text": _template.render(**variables) }) else: response = "LOCKDOWN ON" new_email_log = sqlm.EmailLog() new_email_log.to = send_to[0] new_email_log.sent = arrow.utcnow().datetime.replace(tzinfo=None) new_email_log.subject = subject new_email_log.body = _rendered new_email_log.result = str(response) sqla.session.add(new_email_log) sqla.session.commit() return response
def create_message_index(target): target_user = None if target: try: target_user = sqla.session.query( sqlm.User).filter_by(my_url=target)[0] except IndexError: pass if target_user: return render_template("core/new_message.jade", target_user=target_user, page_title="New Private Message - %s" % (app.get_site_config("core.site-name"), )) else: return render_template("core/new_message.jade", target_user=False, page_title="New Private Message - %s" % (app.get_site_config("core.site-name"), ))
def validate_user(login_name): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) if current_user.is_admin != True: return abort(404) user.validated = True user.new_user_token = "" user.new_user_token_date = None broadcast( to=sqla.session.query(sqlm.User).filter_by( banned=False, ).filter(sqlm.User.login_name != user.login_name) \ .filter(sqlm.User.hidden_last_seen > arrow.utcnow().replace(hours=-24).datetime.replace(tzinfo=None)) \ .all(), category="new_member", url="/member/"+str(user.my_url), title="joined the forum! Greet them!", description="", content=user, author=user ) broadcast(to=[ user, ], category="new_member", url="/category/welcome", title="Welcome! Click here to introduce yourself!", description="", content=user, author=user) sqla.session.add(user) sqla.session.commit() send_mail_w_template(send_to=[ user, ], template="manual_validation_welcome", subject="Welcome to %s!" % (app.get_site_config("core.site-name"), ), variables={ "_user": user, "address": app.config['BASE'] + "/sign-in" }) return app.jsonify(url="/member/" + str(user.my_url))
def show_friends(login_name): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) my_friend_requests = sqlm.Friendship.query.filter_by(blocked=False, pending=True) \ .filter(sqlm.Friendship.user == user).all() incoming_friend_requests = sqlm.Friendship.query.filter_by(blocked=False, pending=True) \ .filter(sqlm.Friendship.friend == user).all() friend_status_updates = sqlm.StatusUpdate.query \ .filter(sqlm.StatusUpdate.author_id.in_([u.id for u in user.friends()])) \ .filter_by(hidden=False) \ .order_by(sqla.desc(sqlm.StatusUpdate.created))[0:5] if current_user.is_authenticated: friend_blog_entries = sqla.session.query(sqlm.Blog) \ .join(sqlm.Blog.recent_entry) \ .filter(sqlm.Blog.disabled.isnot(True)) \ .filter(sqlm.BlogEntry.draft.isnot(True)) \ .filter(sqlm.BlogEntry.published.isnot(None)) \ .filter(sqlm.BlogEntry.author_id.in_([u.id for u in user.friends()])) \ .filter(sqla.or_( sqlm.Blog.privacy_setting == "all", sqlm.Blog.privacy_setting == "members" )) \ .order_by(sqla.desc(sqlm.BlogEntry.published))[0:5] else: friend_blog_entries = sqla.session.query(sqlm.Blog) \ .join(sqlm.Blog.recent_entry) \ .filter(sqlm.Blog.disabled.isnot(True)) \ .filter(sqlm.BlogEntry.draft.isnot(True)) \ .filter(sqlm.BlogEntry.published.isnot(None)) \ .filter(sqlm.BlogEntry.author_id.in_([u.id for u in user.friends()])) \ .filter(sqla.or_( sqlm.Blog.privacy_setting == "all" )) \ .order_by(sqla.desc(sqlm.BlogEntry.published))[0:5] return render_template( "profile/friends.jade", profile=user, my_friend_requests=my_friend_requests, incoming_friend_requests=incoming_friend_requests, friend_status_updates=friend_status_updates, friend_blog_entries=friend_blog_entries, page_title="%s's Friends - %s" % (str(user.display_name), app.get_site_config("core.site-name")), )
def change_display_name_password(login_name): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) if current_user != user and not current_user.is_admin: abort(404) form = DisplayNamePasswordForm(csrf_enabled=False) form.user_object = user form.current_user = current_user if form.validate_on_submit(): if form.new_password.data != "": user.set_password(form.new_password.data.strip()) invalidate_sessions(user.login_name) if form.display_name.data.strip() != user.display_name: dnh = { "name": user.display_name, "date": time.mktime( arrow.utcnow().datetime.replace(tzinfo=None).timetuple()) } if user.display_name_history == None: user.display_name_history = [] user.display_name_history.append(dnh) user.display_name = form.display_name.data.strip() if form.email.data.strip() != user.email_address: user.email_address = form.email.data sqla.session.add(user) sqla.session.commit() return redirect("/member/" + user.my_url) else: form.display_name.data = user.display_name form.email.data = user.email_address return render_template("profile/change_account.jade", profile=user, form=form, page_title="Change Account Details - %s" % (app.get_site_config("core.site-name"), ))
def unsubscribe_from_all_emails(id, email): try: user = sqla.session.query(sqlm.User).filter_by(id=id, email_address=email)[0] except IndexError: abort(404) if request.method == 'POST': user.emails_muted = True sqla.session.add(user) sqla.session.commit() return app.jsonify(url="/unsubscribe-confirm") else: return render_template("unsubscribe.jade", profile=user, page_title="Unsubscribe - %s" % (app.get_site_config("core.site-name"), ))
def edit_blog_comment(slug, entry_slug, comment_id): try: blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0] except IndexError: sqla.session.rollback() return abort(404) try: entry = sqla.session.query(sqlm.BlogEntry).filter_by( blog=blog, slug=entry_slug)[0] except IndexError: sqla.session.rollback() return abort(404) try: comment = sqla.session.query(sqlm.BlogComment).filter_by( blog=blog, id=comment_id, blog_entry=entry)[0] except IndexError: sqla.session.rollback() return abort(404) if current_user != comment.author: return abort(404) form = BlogCommentForm(csrf_enabled=False) if form.validate_on_submit(): cleaner = ForumHTMLCleaner() try: comment.html = cleaner.clean(form.comment.data) except: return abort(500) sqla.session.add(comment) sqla.session.commit() return redirect("/blog/" + str(blog.slug) + "/e/" + str(entry_slug)) else: form.comment.data = comment.html return render_template("blogs/edit_blog_entry_comment.jade", form=form, blog=blog, entry=entry, comment=comment, page_title="Edit Blog Comment - %s" % (app.get_site_config("core.site-name"), ))
def new_blog(): form = BlogSettingsForm(csrf_enabled=False) if form.validate_on_submit(): b = sqlm.Blog() b.name = form.title.data cleaner = ForumHTMLCleaner() try: b.description = cleaner.clean(form.description.data) except: return abort(500) b.privacy_setting = form.privacy_setting.data b.slug = sqlm.find_blog_slug(b.name) b.author = current_user sqla.session.add(b) sqla.session.commit() return redirect("/blog/" + str(b.slug)) return render_template("blogs/create_new_blog.jade", form=form, page_title="New Blog - %s" % (app.get_site_config("core.site-name"), ))
def show_signatures(login_name): try: user = sqla.session.query( sqlm.User).filter_by(my_url=login_name.strip().lower())[0] except IndexError: abort(404) signatures = sqla.session.query(sqlm.Signature).filter_by(owner=user) \ .order_by(sqla.desc(sqlm.Signature.created)).all() parser = ForumPostParser() for s in signatures: try: s.parsed = parser.parse(s.html, _object=s) except: s.parsed = "" return render_template( "profile/view_signatures.jade", signatures=signatures, profile=user, page_title="%s's Signatures - %s" % (str(user.display_name), app.get_site_config("core.site-name")))
def character_edit_profile(slug): try: character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0] except IndexError: return abort(404) if current_user != character.author and not current_user.is_admin: return abort(404) form = CharacterForm(csrf_enabled=False) if form.validate_on_submit(): cleaner = ForumHTMLCleaner() try: name = form.name.data except: return abort(500) try: species = form.species.data except: return abort(500) try: motto = form.motto.data except: return abort(500) try: age = form.age.data except: return abort(500) c = { "author": current_user.id, "created": str(arrow.utcnow().datetime), "data": { "age": character.age+"", "species": character.species+"", "name": character.name+"", "motto": character.motto+"", "appearance": character.appearance+"", "personality": character.personality+"", "backstory": character.backstory+"", "other": character.other+"" } } if character.character_history == None: character.character_history = [] character.character_history.append(c) character.age = form.age.data character.species =form.species.data character.name = form.name.data character.motto = form.motto.data character.appearance = form.appearance.data character.personality = form.personality.data character.backstory = form.backstory.data character.other = form.other.data sqla.session.add(character) sqla.session.commit() return redirect("/characters/"+str(character.slug)) else: form.name.data = character.name if character.age != None: form.age.data = character.age if character.species != None: form.species.data = character.species if character.motto != None: form.motto.data = character.motto if character.appearance != None: form.appearance.data = character.appearance if character.personality != None: form.personality.data = character.personality if character.backstory != None: form.backstory.data = character.backstory if character.other != None: form.other.data = character.other return render_template("roleplay/edit_character_profile.jade", character=character, form=form, page_title="Editing %s - Character Database - %s" % (str(character.name),app.get_site_config("core.site-name")))
def message_index(pk, page, post): try: topic = sqla.session.query(sqlm.PrivateMessage).filter_by(id=pk)[0] except IndexError: return abort(404) try: pm_user = sqla.session.query(sqlm.PrivateMessageUser).filter_by( pm=topic, author=current_user)[0] pm_user.last_viewed = arrow.utcnow().datetime.replace(tzinfo=None) sqla.session.add(pm_user) sqla.session.commit() if pm_user.exited or pm_user.blocked: return abort(404) except IndexError: sqla.session.rollback() if current_user.login_name in ["scarlet", "zoop"]: pass else: return abort(404) try: page = int(page) except: page = 1 if topic.last_seen_by is None: topic.last_seen_by = {} try: flag_modified(topic, "last_seen_by") except: pass if post == "latest_post": try: post = sqla.session.query(sqlm.PrivateMessageReply).filter_by(pm=topic) \ .order_by(sqla.desc(sqlm.PrivateMessageReply.created))[0] except: return abort(404) elif post == "last_seen": try: last_seen = arrow.get( topic.last_seen_by.get(str(current_user.id), arrow.utcnow().timestamp)).datetime except: last_seen = arrow.get(arrow.utcnow().timestamp).datetime try: post = sqla.session.query(sqlm.PrivateMessageReply).filter_by(pm=topic) \ .filter(sqlm.PrivateMessageReply.created < last_seen) \ .order_by(sqlm.PrivateMessageReply.created.desc())[0] except IndexError: try: post = int(post) post = sqla.session.query(sqlm.PrivateMessageReply).filter_by( pm=topic, id=post)[0] except: return abort(404) else: if post != "": try: post = int(post) post = sqla.session.query(sqlm.PrivateMessageReply).filter_by( pm=topic, id=post)[0] except: return abort(404) else: post = "" pagination = 20 if post != "": try: topic.last_seen_by[str(current_user.id)] = arrow.utcnow().timestamp sqla.session.add(topic) sqla.session.commit() except: pass target_date = post.created posts_before_target = sqla.session.query(sqlm.PrivateMessageReply).filter_by(pm=topic) \ .filter(sqlm.PrivateMessageReply.created < post.created) \ .count() page = int(math.floor( float(posts_before_target) / float(pagination))) + 1 return render_template( "core/messages_topic.jade", page_title="%s - %s" % (str(topic.title), app.get_site_config("core.site-name")), topic=topic, initial_page=page, initial_post=str(post.id)) try: topic.last_seen_by[str(current_user.id)] = arrow.utcnow().timestamp sqla.session.add(topic) sqla.session.commit() except: pass return render_template( "core/messages_topic.jade", page_title="%s - %s" % (str(topic.title), app.get_site_config("core.site-name")), topic=topic, initial_page=page, )
def create_character(): form = CharacterForm(csrf_enabled=False) if form.validate_on_submit(): cleaner = ForumHTMLCleaner() try: name = cleaner.basic_escape(form.name.data) except: return abort(500) try: species = cleaner.basic_escape(form.species.data) except: return abort(500) try: motto = cleaner.basic_escape(form.motto.data) except: return abort(500) try: age = cleaner.basic_escape(form.age.data) except: return abort(500) character = sqlm.Character() character.age = form.age.data character.species =form.species.data character.name = form.name.data character.motto = form.motto.data character.appearance = form.appearance.data character.personality = form.personality.data character.backstory = form.backstory.data character.other = form.other.data character.created = arrow.utcnow().datetime.replace(tzinfo=None) character.post_count = 0 character.slug = sqlm.get_character_slug(character.name) character.author = current_user sqla.session.add(character) sqla.session.commit() return redirect("/characters/"+str(character.slug)) else: pass return render_template("roleplay/new_character.jade", form=form, page_title="Create a Character - %s" % (app.get_site_config("core.site-name"),))
def manage_gallery(slug): try: character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0] except IndexError: abort(404) if current_user != character.author and not current_user.is_admin: return abort(404) images = sqla.session.query(sqlm.Attachment).filter_by( character = character ).order_by("Attachment.character_gallery_weight").all() return render_template("roleplay/manage_gallery.jade", character=character, images=images, page_title="Edit %s's Gallery - Character Database - %s" % (str(character.name), app.get_site_config("core.site-name")))
def character_basic_profile(slug): try: character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0] except IndexError: abort(404) parser = ForumPostParser() if character.appearance: character.parsed_appearance = parser.parse(character.appearance, _object=character) if character.personality: character.parsed_personality = parser.parse(character.personality, _object=character) if character.backstory: character.parsed_backstory = parser.parse(character.backstory, _object=character) if character.other: character.parsed_other = parser.parse(character.other, _object=character) return render_template("roleplay/character_profile.jade", character=character, page_title="%s - Character Database - %s" % (str(character.name), app.get_site_config("core.site-name")))
def character_recent_activity(slug): try: character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0] except IndexError: abort(404) return render_template("roleplay/character_posts.jade", character=character, page_title="%s - Character Database - %s" % (str(character.name), app.get_site_config("core.site-name")))
def messages_index(): return render_template("core/messages.jade", page_title="Your Private Messages - %s" % (app.get_site_config("core.site-name"), ))
def blog_index(slug, page): try: blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0] except IndexError: sqla.session.rollback() return abort(404) try: page = int(page) except: page = 1 request.canonical = app.config['BASE'] + "/blog/%s/page/%s" % ( slug, page, ) if blog.privacy_setting == "you" and current_user != blog.author: return abort(404) elif blog.privacy_setting == "editors" and ( current_user != blog.author and current_user not in blog.editors): return abort(404) elif blog.privacy_setting == "members" and not current_user.is_authenticated: return abort(404) if current_user == blog.author or current_user.is_admin: entries = sqla.session.query(sqlm.BlogEntry) \ .filter_by(hidden=False, blog=blog) \ .order_by(sqla.desc(sqlm.BlogEntry.published))[(page-1)*10:page*10] entry_count = sqla.session.query(sqlm.BlogEntry) \ .filter_by(hidden=False, blog=blog).count() drafts = sqla.session.query(sqlm.BlogEntry) \ .filter_by(hidden=False, blog=blog, draft=True) \ .order_by(sqla.desc(sqlm.BlogEntry.created)).all() else: entries = sqla.session.query(sqlm.BlogEntry) \ .filter_by(hidden=False, blog=blog) \ .filter(sqlm.BlogEntry.published.isnot(None)) \ .filter(sqlm.BlogEntry.draft.isnot(True)) \ .order_by(sqla.desc(sqlm.BlogEntry.published))[(page-1)*10:page*10] entry_count = sqla.session.query(sqlm.BlogEntry) \ .filter_by(hidden=False, blog=blog) \ .filter(sqlm.BlogEntry.published.isnot(None)) \ .filter(sqlm.BlogEntry.draft.isnot(True)).count() drafts = [] clean_html_parser = ForumPostParser() for entry in entries: entry.parsed = clean_html_parser.parse(entry.html, _object=entry) entry.parsed_truncated = str(BeautifulSoup(entry.parsed[:1000], "lxml")) + "..." description = clean_html_parser.parse(blog.description, _object=blog) comments = sqla.session.query(sqlm.BlogComment) \ .filter_by(hidden=False, blog=blog) \ .order_by(sqla.desc(sqlm.BlogComment.created))[0:10] pages = int(math.ceil(float(entry_count) / 10.0)) if pages > 10: pages = 10 pages = [p + 1 for p in range(pages)] return render_template("blogs/blog_entry_listing.jade", blog=blog, drafts=drafts, entries=entries, description=description, comments=comments, page=page, pages=pages, entry_count=entry_count, page_title=blog.name + " - %s" % (app.get_site_config("core.site-name"), ))
def edit_blog_entry(slug, entry_slug): try: blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0] except IndexError: sqla.session.rollback() return abort(404) if current_user != blog.author: if current_user not in blog.editors: return abort(404) try: e = sqla.session.query(sqlm.BlogEntry).filter_by(blog=blog, slug=entry_slug)[0] except IndexError: sqla.session.rollback() return abort(404) already_published = not e.draft form = BlogEntryForm(csrf_enabled=False) if form.validate_on_submit(): e.title = form.title.data if current_user != e.author: e.editor = current_user e.draft = form.draft.data cleaner = ForumHTMLCleaner() try: e.html = cleaner.clean(form.entry.data) except: return abort(500) if e.draft == False and already_published == False: e.published = arrow.utcnow().datetime.replace(tzinfo=None) recent_entry = True for subscriber in blog.subscribers: e.subscribers.append(subscriber) sqla.session.add(e) sqla.session.commit() else: recent_entry = False e.b_title = blog.name sqla.session.add(e) sqla.session.commit() if recent_entry: blog.recent_entry = e sqla.session.add(blog) sqla.session.commit() return redirect("/blog/" + str(blog.slug)) else: form.draft.data = e.draft form.title.data = e.title form.entry.data = e.html return render_template("blogs/edit_blog_entry.jade", form=form, blog=blog, entry=e, page_title="Edit Blog Entry - %s" % (app.get_site_config("core.site-name"), ))
def status_update_index(): count = session.get("count", 15) authors = session.get("authors", []) search = session.get("search", "") if request.method == 'POST': request_json = request.get_json(force=True) count = int(request_json.get("count", 15)) if count > 1000: count = 1000 session["count"] = count search = request_json.get("search", "")[0:100] session["search"] = search if request_json.get("authors"): author_objects = list( sqla.session.query(sqlm.User) \ .filter(sqlm.User.id.in_(request_json.get("authors"))) \ .all() ) session["authors"] = [{ "id": a.id, "text": a.display_name } for a in author_objects] authors = [{ "id": a.id, "text": a.display_name } for a in author_objects] query_ = sqla.session.query(sqlm.StatusUpdate).filter_by(hidden=False) if authors: query_ = query_.filter( sqlm.StatusUpdate.author_id.in_([a["id"] for a in authors])) status_updates = parse_search_string(search, sqlm.StatusUpdate, query_, [ "message", ]).order_by(sqla.desc(sqlm.StatusUpdate.created))[:count] cleaner = ForumHTMLCleaner() if request.method == 'POST': parsed_statuses = [] for status in status_updates: parsed_status = {} parsed_status["_id"] = status.id parsed_status["profile_address"] = url_for( 'view_profile', login_name=status.author.my_url) parsed_status["user_name"] = status.author.display_name parsed_status["message"] = cleaner.escape(status.message) parsed_status["user_avatar"] = status.author.get_avatar_url("60") if status.attached_to_user != None: parsed_status[ "attached_to_user"] = status.attached_to_user.display_name parsed_status["attached_to_user_url"] = url_for( 'view_profile', login_name=status.attached_to_user.my_url) else: parsed_status["attached_to_user"] = False parsed_status["user_avatar_x"] = status.author.avatar_60_x parsed_status["user_avatar_y"] = status.author.avatar_60_y parsed_status["created"] = humanize_time(status.created) parsed_status["comment_count"] = status.get_comment_count() parsed_statuses.append(parsed_status) return app.jsonify(status_updates=parsed_statuses) else: return render_template("core/status_index.jade", page_title="Status Updates - %s" % (app.get_site_config("core.site-name"), ), status_updates=status_updates, count=count, search=search, authors=json.dumps(authors))
def character_database(): return render_template("roleplay/characters.jade", page_title="Characters - %s" % (app.get_site_config("core.site-name"),))
def blog_entry_index(slug, entry_slug, page): try: blog = sqla.session.query(sqlm.Blog).filter_by(slug=slug)[0] except IndexError: sqla.session.rollback() return abort(404) try: page = int(page) except: page = 1 request.canonical = app.config['BASE'] + "/blog/%s/e/%s/page/%s" % ( slug, entry_slug, page) if not current_user.is_admin: if blog.privacy_setting == "you" and current_user != blog.author: return abort(404) elif blog.privacy_setting == "editors" and (current_user != blog.author and current_user not in blog.editors): return abort(404) elif blog.privacy_setting == "members" and not current_user.is_authenticated: return abort(404) try: entry = sqla.session.query(sqlm.BlogEntry).filter_by( blog=blog, slug=entry_slug)[0] except IndexError: sqla.session.rollback() return abort(404) if entry.draft == True and (current_user != blog.author and current_user not in blog.editors and not current_user.is_admin): return abort(404) clean_html_parser = ForumPostParser() entry.parsed = clean_html_parser.parse(entry.html, _object=entry) page = int(page) minimum = (int(page) - 1) * int(10) maximum = int(page) * int(10) comments = sqla.session.query(sqlm.BlogComment).filter_by( blog_entry=entry, hidden=False).order_by(sqlm.BlogComment.created)[minimum:maximum] count = sqla.session.query(sqlm.BlogComment).filter_by( blog_entry=entry, hidden=False).count() for comment in comments: comment.parsed = clean_html_parser.parse(comment.html, _object=comment) pages = int(math.ceil(float(count) / 10.0)) if pages > 10: pages = 10 pages = [p + 1 for p in range(pages)] return render_template("blogs/blog_entry_view.jade", blog=blog, meta_description=get_preview(entry.html, 140), entry=entry, comments=comments, page=page, pages=pages, page_title=entry.title + " - %s" % (app.get_site_config("core.site-name"), ))
def character_gallery(slug): try: character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0] except IndexError: abort(404) images = sqla.session.query(sqlm.Attachment).filter_by( character = character, character_avatar = False ).order_by("Attachment.character_gallery_weight").all() emotes = sqla.session.query(sqlm.Attachment).filter_by( character = character, character_avatar = True ).order_by("Attachment.character_gallery_weight").all() return render_template("roleplay/character_gallery.jade", character=character, images=images, emotes=emotes, page_title="%s's Gallery - Character Database - %s" % (str(character.name),app.get_site_config("core.site-name")))