def save(request):
s = request.session
p = request.session['safe_params']
u = None
op = 'add'
vote_dict = {}
if 'story_id' in p and 'logged_in' in s:
dbsession = DBSession()
u = queries.get_user_by_id(s['users.id'])
to_save = queries.get_story_by_id(p['story_id'])
if 'op' in p:
op = p['op']
if op == 'add':
if to_save not in u.saved:
u.saved.append(to_save)
dbsession.add(u)
s['message'] = 'Successfully saved {0}'.format(to_save.title)
elif op == 'del':
if to_save in u.saved:
u.saved.remove(to_save)
dbsession.add(u)
s['message'] = 'Successfully unsaved {0}'.format(to_save.title)
elif 'logged_in' in s:
u = queries.get_user_by_id(s['users.id'])
if u:
vds = []
for i in u.saved:
vds.append(queries.get_user_votes_on_submission(s['users.id'], i.id))
for vd in vds:
if type(vd) == dict:
vote_dict.update(vd)
return {'saved': u.saved, 'vote_dict': vote_dict, }
def search(request):
r = request
ses = r.session
try:
sc = request.registry.solr_conn
except AttributeError:
r.session['message'] = 'I could not find the search engine.'
return {'code': 'ENOSOLR', 'success': False}
search_term = r.params['term']
q = sc.query()
for term in search_term.split():
q = q.query(term)
res = q.execute()
stories = []
vds = []
vote_dict = {}
for r in res:
stories.append(queries.get_story_by_id(r['id']))
if 'users.id' in ses:
vds.append(queries.get_user_votes_on_submission(ses['users.id'], r['id']))
for vd in vds:
if type(vd) == dict:
vote_dict.update(vd)
#queries.update_story_vote_tally(stories)
return {'res': res, 'stories': stories, 'vote_dict': vote_dict}
def _assign_epistle_parent(e):
#@TODO: REALLY need to put parent_info somewhere smarter, and/or not make this happen so much
if e.parent:
if e.parent_type == 'story':
e.parent_info = queries.get_story_by_id(e.parent)
elif e.parent_type == 'comment':
e.parent_info = queries.get_comment_by_id(e.parent)
elif e.parent_type == 'epistle' or e.parent_type == 'reply':
e.parent_info = queries.get_epistle_by_id(e.parent)
return e
def test_create_submission(self):
#@TODO: another function that should be split out of the view for easy repitition.
# if the view code changes substantially, this test will not keep up
user = queries.create_user(username = '******', password = '******')
url = 'http://google.com'
title = 'test'
description = 'test'
if url != '' and url is not None:
url = queries.strip_all_html(url)
if not re.match(r'http[s]*:\/\/', url):
url = 'http://' + url
else:
# set to None so that NULL goes into the database
url = None
sub = Submission(title, description, url, user.id)
self.dbsession.add(sub)
self.dbsession.flush()
s = queries.get_story_by_id(sub.id)
self.assertEqual(s.id, sub.id)
def full(request):
message = ""
# @TODO: Change this to use slugs instead of literal guids
sub_id = request.matchdict["sub_id"]
sub_id = queries.get_story_id_from_slug(sub_id)
dbsession = DBSession()
p = request.session["safe_post"]
prm = request.session["safe_params"]
s = request.session
logged_in = False
if "logged_in" in s:
# return {'message': 'Sorry, please log in first.', 'story': {}, 'comments': {}, 'success': False, 'code': 'ENOLOGIN'}
logged_in = True
# record the comment
if "op" in prm and prm["op"] == "del" and logged_in:
if "comment_id" in prm:
c = queries.get_comment_by_id(prm["comment_id"])
if queries.is_user_allowed_admin_action(s["users.id"], str(c.id)):
c.body = "[deleted]"
c.deleted = True
dbsession.add(c)
s["message"] = "Comment deleted."
if "op" in prm and prm["op"] == "edit" and logged_in:
if "comment_id" in prm:
c = queries.get_comment_by_id(prm["comment_id"])
if queries.is_user_allowed_admin_action(s["users.id"], str(c.id)):
c.body = prm["body"]
dbsession.add(c)
s["message"] = "Comment updated."
else:
if "description-textarea" in request.session["safe_post"] and logged_in:
sub = queries.get_story_by_id(sub_id)
if queries.is_user_allowed_admin_action(s["users.id"], str(sub.id)):
sub.description = prm["description-textarea"]
dbsession.add(sub)
s["message"] = "Description updated."
if "body" in request.session["safe_post"] and logged_in:
if p["parent_type"] == "story":
in_reply_to = queries.get_story_by_id(p["comment_parent"]).submitter.id
elif p["parent_type"] == "comment":
c = queries.get_comment_by_id(p["comment_parent"])
in_reply_to = c.user_id
c = Comment(sub_id, s["users.id"], p["comment_parent"], prm["body"], in_reply_to=in_reply_to)
dbsession.add(c)
dbsession.flush()
v = Vote(sub_id, s["users.id"], 1, "comment", c.id)
v.direction = 1
dbsession.add(v)
s["message"] = "Comment added."
# @TODO: Stop using SA queries in views, move them to individual models
story = queries.get_story_by_id(sub_id)
story.tally_votes()
story_vote_dict = {}
comment_vote_dict = {}
if logged_in:
# see queries.py; these two should not be separate. #@FIXME
story_vote_dict = queries.get_user_votes_on_submission(s["users.id"], sub_id)
comment_vote_dict = queries.get_user_votes_on_submissions_comments(s["users.id"], sub_id)
page_num = 1
per_page = 30
if "sort.comment_default_order" in request.registry.settings:
sort = request.registry.settings["sort.comment_default_order"]
else:
# do NOT change the hardcoded default, change in the ini as above
sort = "top"
next_page = None
prev_page = None
if "comment_sort" in prm:
sort = prm["comment_sort"]
if "page_num" in prm:
try:
page_num = int(prm["page_num"])
except:
page_num = 1
# comments returns a dict; see queries.py
if "comment_perma" not in prm:
comments = queries.get_comments(
sub_id, organize_parentage=True, page_num=page_num, per_page=per_page, sort=sort
)
else:
comments = queries.get_comments(
sub_id,
organize_parentage=True,
page_num=page_num,
per_page=per_page,
sort=sort,
target="comment",
target_id=prm["comment_perma"],
)
for c in comments["comments"]:
# @TODO: Don't do this on every load on a real deployment
c.tally_votes()
if page_num > 1:
prev_page = page_num - 1
if comments["max_comments"] > (page_num * per_page):
next_page = page_num + 1
return {
"story": story,
"comments": comments,
"success": True,
"code": 0,
"story_vote_dict": story_vote_dict,
"comment_vote_dict": comment_vote_dict,
"next_page": next_page,
"prev_page": prev_page,
}
def post(request):
s = request.session
p = request.session["safe_post"]
r = request
qs = s["safe_get"]
s["message"] = "Post a story."
dbsession = DBSession()
stories = None
new_url_text = ""
new_title_text = ""
# if uses came in with a share button, redirect to existing discussion if there is one
if "from" in qs and qs["from"] == "button":
existing_post = queries.get_story_by_url_oldest(qs["url"])
if existing_post:
return HTTPFound(r.route_url("full", sub_id=existing_post.id))
new_url_text = qs["url"]
if "title" in qs:
new_title_text = qs["title"]
if "new_post" in qs and qs["new_post"] == "y":
if "logged_in" not in s:
s["message"] = 'Sorry, you must <a href="{0}">log in</a> before you can share a link.'.format(
r.route_url("login")
)
return {"stories": [], "success": False, "code": "ENOLOGIN"}
if p and "title" in p:
if "logged_in" not in s:
s["message"] = "Sorry, please log in first"
return {"stories": [], "success": False, "code": "ENOLOGIN"}
if p["url"] != "" and p["url"] is not None:
p["url"] = queries.strip_all_html(p["url"])
if not re.match(r"http[s]*:\/\/", p["url"]):
p["url"] = "http://" + p["url"]
else:
# set to None so that NULL goes into the database
p["url"] = None
sub = Submission(p["title"][:100], p["description"], p["url"], s["users.id"])
dbsession.add(sub)
dbsession.flush()
v = Vote(sub.id, s["users.id"], 1, "submission", None)
v.direction = 1
dbsession.add(v)
sub.slug = u"{title}-{uuid_first_octet}".format(
title=slugify.slugify(unicode(p["title"][:100])), uuid_first_octet=str(sub.id)[:8]
)
dbsession.add(sub)
s["message"] = "Added."
try:
if request.registry.solr_conn:
# we flush here to ensure we have a vaild id object when added to solr
# we use this if statement so that the exception will be raised before
# dbsession is flushed, hence avoiding an unnecessary flush if the site
# is not using solr.
dbsession.flush()
request.registry.solr_conn.add({"id": sub.id, "title": sub.title, "description": sub.description})
request.registry.solr_conn.commit()
except AttributeError:
# solr is not configured for this connection
pass
if r.params and "op" in r.params:
sub_id = r.params["sub_id"]
if r.params["op"] == "del":
try:
story_to_del = queries.get_story_by_id(sub_id)
except sqlalchemy.orm.exc.NoResultFound:
story_to_del = None
if story_to_del:
if queries.is_user_allowed_admin_action(s["users.id"], str(story_to_del.id)):
story_to_del.description = "[deleted]"
story_to_del.url = "#"
story_to_del.title = "[deleted]"
story_to_del.deleted = True
dbsession.add(story_to_del)
dbsession.flush()
else:
print("Illegal deletion attempted on {0}".format(story_to_del.submitter.id))
if "sort.default_order" in r.registry.settings:
sort = r.registry.settings["sort.default_order"]
else:
# default to new sort order if server-specific setting doesn't exist
# this should only be the case on old clones; do NOT remove default_order
# from the ini just because you want new by default.
sort = "new"
page_num = 1
per_page = 30
next_page = None
prev_page = None
# only pass through approved sort options
if "sort" in qs:
if qs["sort"] == "top":
sort = "top"
if qs["sort"] == "hot":
sort = "hot"
if qs["sort"] == "contro":
sort = "contro"
if qs["sort"] == "new":
sort = "new"
if "page_num" in qs:
try:
page_num = int(qs["page_num"])
except:
page_num = 1
# @FIXME: make per_page configurable in a safe location
# it is probably unwise to allow this to be set in the query string
# because then a malicious user could say per_page = 10000000000
# and easily launch a DoS via that mechanism.
# if 'per_page' in qs:
# per_page = qs['per_page']
stories = queries.get_story_list(page_num=page_num, per_page=per_page, sort=sort, request=request)
max_stories = stories["max_stories"]
stories = stories["stories"]
# this should be split into its own def under queries.py
# as it is currently used in at least one other place
if max_stories > (page_num * per_page):
next_page = page_num + 1
if page_num > 1:
prev_page = page_num - 1
vote_dict = {}
if "logged_in" in s:
vote_dict = queries.get_user_votes_on_all_submissions(s["users.id"])
for s in stories:
# @TODO: Remember to not tally on every load once a real site deploys
s.tally_votes()
s.tally_comments()
return {
"stories": stories,
"success": True,
"code": 0,
"vote_dict": vote_dict,
"max_stories": max_stories,
"prev_page": prev_page,
"next_page": next_page,
"new_url_text": new_url_text,
"new_title_text": new_title_text,
}
def load_submission(self):
from raggregate import queries
return queries.get_story_by_id(self.submission_id)
