def preview(request): """ The user has typed in a comment and wants to preview it in HTML. GET request needs `rest_comment` field """ if not request.user.is_authenticated(): return HttpResponse(status=401) if request.method != "GET" and not request.is_ajax(): raise Http404 data = {"success": False} try: rest_comment = request.GET["rest_comment"] except KeyError: raise Http404 start_time = time.time() try: html_comment = compile_rest_to_html(rest_comment).replace("\n", "<br>") data["html_comment"] = html_comment data["success"] = True except SphinxError: data["success"] = False logger.warning("Unable to compile comment:: Sphinx compile error") end_time = time.time() if (end_time-start_time) > 3: logger.warning("Comment compile time exceeded 3 seconds; server load too high?") return HttpResponse(simplejson.dumps(data), mimetype="application/json")
def preview(request): """ The user has typed in a comment and wants to preview it in HTML. GET request needs `rest_comment` field """ if not request.user.is_authenticated(): return HttpResponse(status=401) if request.method != "GET" and not request.is_ajax(): raise Http404 data = {"success": False} try: rest_comment = request.GET["rest_comment"] except KeyError: raise Http404 start_time = time.time() try: html_comment = compile_rest_to_html(rest_comment).replace("\n", "<br>") data["html_comment"] = html_comment data["success"] = True except SphinxError: data["success"] = False logger.warning("Unable to compile comment:: Sphinx compile error") end_time = time.time() if (end_time - start_time) > 3: logger.warning( "Comment compile time exceeded 3 seconds; server load too high?") return HttpResponse(simplejson.dumps(data), mimetype="application/json")
def save(self, commit=True): instance = super(BaseSubmissionForm, self).save(commit=False) user, authenticated = self.request.user, True if not self.request.user.is_authenticated(): # returns object if account alreay present user = create_new_account_internal(self.cleaned_data['email']) authenticated = False # submission author instance.created_by = user # is displayed only if authenticated instance.is_displayed = authenticated # validation hash hash_id = '' if not authenticated: hash_id = get_validation_hash(instance.title) instance.validation_hash = hash_id # description in HTML instance.description_html = compile_rest_to_html(instance.description) if commit: instance.save() return instance
(escape(ctype), escape(object_pk), e.__class__.__name__)) form = SpcCommentEditForm(target, data=request.POST) if form.security_errors(): return CommentPostBadRequest( "The comment edit form failed security verification: %s" % \ escape(str(form.security_errors()))) form = form.cleaned_data comment = get_object_or_404(comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID) if comment.user == request.user: comment.comment = form['edit_comment'] comment.rest_comment = compile_rest_to_html(form['edit_comment']) comment.ip_address = request.META.get('REMOTE_ADDR', None) comment.save() response['comment'] = comment.comment response['rest_comment'] = comment.rest_comment response['success'] = True else: raise Exception( 'Invalid authorization: User not permitted to edit comment') return HttpResponse(simplejson.dumps(response), mimetype="application/json")
def profile_page_edit(request, slug): """ User wants to edit his/her profile page. """ # First verify that request.user is the same as slug if request.user.profile.slug != slug: return page_404_error(request, ('You are not authorized to edit that ' 'profile. Only that user may edit it.')) if request.POST: form = forms.ProfileEditForm(request.POST) if form.is_valid(): # Update profile information user = request.user previous_email = '' if form.cleaned_data['email'] != user.email: previous_email = user.email user.email = form.cleaned_data['email'] user.save() user.profile.affiliation = form.cleaned_data['affiliation'] user.profile.country = form.cleaned_data['country'] user.profile.bio = form.cleaned_data['bio'] user.profile.bio_html = compile_rest_to_html( form.cleaned_data['bio']) user.profile.uri = form.cleaned_data['uri'] user.profile.save() tag_list = get_and_create_tags(form.cleaned_data['interests']) # First delete all the user's previous interests, so we can update # them with the new ones for interest in models.InterestCreation.objects.filter(user=user): #.profile.interests.all(): interest.delete() # Add user's interests through the intermediate # model instance for tag in tag_list: tag_intermediate = models.InterestCreation(user=user.profile, tag=tag) tag_intermediate.save() logger.debug('User "%s" added interest "%s" to their profile'%\ (user.profile.slug, str(tag))) # Resave the user profile to capture their interests in the search # results. user.profile.save() if previous_email: ctx_dict = { 'new_email': user.email, 'admin_email': settings.DEFAULT_FROM_EMAIL, 'username': user.username } message = render_to_string(\ 'person/email_about_changed_email_address.txt', ctx_dict) send_email((previous_email, ), ("SciPy Central: change of " "email address"), message=message) return redirect(profile_page, user.profile.slug) else: user = request.user interests = ','.join( list(set([str(intr) for intr in user.profile.interests.all()]))) fields = { 'uri': user.profile.uri, 'email': user.email, 'bio': user.profile.bio, 'interests': interests, 'country': user.profile.country, 'affiliation': user.profile.affiliation, 'pk': user.id, } form = forms.ProfileEditForm(fields) return render_to_response('submission/new-item.html', {}, context_instance=RequestContext( request, { 'form': form, 'buttontext': 'Update your profile', 'pagetitle': 'Update your profile', }))
(escape(ctype), escape(object_pk), e.__class__.__name__)) form = SpcCommentEditForm(target, data=request.POST) if form.security_errors(): return CommentPostBadRequest( "The comment edit form failed security verification: %s" % \ escape(str(form.security_errors()))) form = form.cleaned_data comment = get_object_or_404(comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID) if comment.user == request.user: comment.comment = form['edit_comment'] comment.rest_comment = compile_rest_to_html(form['edit_comment']) comment.ip_address = request.META.get('REMOTE_ADDR', None) comment.save() response['comment'] = comment.comment response['rest_comment'] = comment.rest_comment response['success'] = True else: raise Exception('Invalid authorization: User not permitted to edit comment') return HttpResponse(simplejson.dumps(response), mimetype="application/json") def preview(request): """
def get_comment_create_data(self): data = super(SpcCommentForm, self).get_comment_create_data() rest_comment = compile_rest_to_html(data['comment']) data['rest_comment'] = rest_comment return data
def create_or_edit_submission_revision(request, item, is_displayed, user, submission=None, commit=False): """ Creates a new ``Submission`` (only if not given) and ``Revision`` instances. Returns these in a tuple. """ # NOTE: the ``user`` will always be a valid entry in our database. Code # posted by users that have not yet validated themselves is not displayed # until they do so. new_submission = False if submission is None: # A new submission new_submission = True submission = models.Submission.objects.create_without_commit( created_by=user, sub_type=item.cleaned_data['sub_type']) sub = submission # Process any tags tag_list = get_and_create_tags(item.cleaned_data['sub_tags']) # Create a ``Revision`` instance. Must always have a ``title``, # ``created_by``, and ``description`` fields; the rest are set according # to the submission type, ``sub.sub_type`` hash_id = '' if sub.sub_type == 'link': sub_license = None item_url = item.cleaned_data['item_url'] item_code = None elif sub.sub_type == 'snippet': sub_license = item.cleaned_data['sub_license'] item_url = None item_code = item.cleaned_data['snippet_code'] elif sub.sub_type == 'package': sub_license = item.cleaned_data['sub_license'] item_url = None item_code = None # Handle the ZIP file more completely only when the user commits. # ZIP file has been validated: OK to save it to the server # However, this might be the second time around, so skip saving it # (happens after preview, or if user resumes editing submission) if not hasattr(request.FILES['package_file'], 'skip_validation'): zip_f = models.ZipFile(raw_zip_file=request.FILES['package_file'], zip_hash=request.POST.get('package_hash', '')) zip_f.save() # Convert the raw ReST description to HTML using Sphinx: could include # math, paragraphs, <tt>, bold, italics, bullets, hyperlinks, etc. description_html = compile_rest_to_html(item.cleaned_data['description']) item_highlighted_code = highlight_code(item.cleaned_data.get(\ 'snippet_code', None)) rev = models.Revision.objects.create_without_commit( entry=sub, title=item.cleaned_data['title'], created_by=user, sub_license=sub_license, description=item.cleaned_data['description'], description_html=description_html, hash_id=hash_id, item_url=item_url, item_code=item_code, item_highlighted_code=item_highlighted_code, is_displayed=is_displayed, ) user_url = settings.SPC['short_URL_root'] + 'user/' + str(user.id) if commit: # Save the submission, then the revision. If we are editing a # previous submission, then do not save the submission # (because the Submission object has fields that will never # change once it has been first created). if new_submission: # Sets the primary key sub.save() rev.entry_id = sub.id if not is_displayed: rev.validation_hash = create_validation_code(rev) rev.save() # Storage location: if we do save files it will be here datenow = datetime.datetime.now() year, month = datenow.strftime('%Y'), datenow.strftime('%m') repo_path = os.path.join(year, month, '%06d'% sub.id) full_repo_path = os.path.join(settings.SPC['storage_dir'], repo_path) if sub.sub_type == 'package': # Save the uploaded file to the server. At this point we are sure # it's a valid ZIP file, has no malicious filenames, and can be # unpacked to the hard drive. See validation in ``forms.py``. if os.path.exists(full_repo_path) and sub.fileset.repo_path == \ repo_path: # Make a temporary directory and copy the existing package # repository to that location temp_dir = tempfile.mkdtemp(prefix='tmp_spc_') src = os.path.join(full_repo_path, '.' + \ settings.SPC['revisioning_backend']) shutil.move(src, temp_dir) shutil.rmtree(full_repo_path, ignore_errors=True) else: temp_dir = None # Create/ensure destination directory exists ensuredir(full_repo_path) # Copy ZIP file zip_file = request.FILES['package_file'] dst = os.path.join(full_repo_path, zip_file.name) src = os.path.join(settings.SPC['ZIP_staging'], zip_file.name) shutil.copyfile(src, dst) # os.remove(src) Keep the original ZIP file, for now # Remove the entry from the database zip_hash = request.POST.get('package_hash', '') zip_objs = models.ZipFile.objects.filter(zip_hash=zip_hash) if zip_objs: zip_objs[0].delete() # Unzip file and commit contents to the repo zip_f = zipfile.ZipFile(dst, 'r') zip_f.extractall(full_repo_path) zip_f.close() os.remove(dst) # but delete the copy # Delete common RCS directories that might have been in the ZIP for path, dirs, files in os.walk(full_repo_path): if os.path.split(path)[1] in settings.SPC['common_rcs_dirs']: shutil.rmtree(path, ignore_errors=True) if temp_dir: src = os.path.join(temp_dir, '.' + \ settings.SPC['revisioning_backend']) dst = os.path.join(full_repo_path , '.' + \ settings.SPC['revisioning_backend']) try: os.rename(src, dst) except os.error, e: # For cases when /tmp is on a different filesystem # (usually production servers) import errno if e.errno == errno.EXDEV: shutil.copytree(src, dst, symlinks=True) shutil.rmtree(src) else: raise shutil.rmtree(temp_dir, ignore_errors=True) repo = sub.fileset.get_repo() else: # Create the repo sub.fileset = FileSet.objects.create(repo_path=repo_path) repo = sub.fileset.create_empty() sub.save() # Then add all files from the ZIP file to the repo. Add directories # at a time rather than file-by-file. for path, dirs, files in os.walk(full_repo_path): if os.path.split(path)[1] == '.' + \ settings.SPC['revisioning_backend']: for entry in dirs[:]: dirs.remove(entry) continue all_files = [] for name in files: all_files.append(os.path.join(path, name)) if all_files: repo.add(patterns=all_files, ignore_errors=True) # Add "DESCRIPTION.txt" descrip_name = os.path.join(full_repo_path, 'DESCRIPTION.txt') descrip_file = file(descrip_name, 'w') descrip_file.write(rev.description) descrip_file.close() sub.fileset.add_file(descrip_name, user=user_url, commit_msg=('Added/updated files from web-uploaded ' 'ZIP file. Added DESCRIPTION.txt also.')) if sub.sub_type == 'snippet': fname = rev.slug.replace('-', '_') + '.py' if new_submission: # Create a new repository for the files sub.fileset = FileSet.objects.create(repo_path=repo_path) sub.save() commit_msg = ('Add "%s" to the repo ' 'based on the web submission by user "%s"') %\ (fname, user_url) else: commit_msg = ('Update of file(s) in the repo ' 'based on the web submission by user "%s"') %\ (user_url) sub.fileset.add_file_from_string(fname, request.POST['snippet_code'], user=user_url, commit_msg=commit_msg) if sub.sub_type in ['snippet', 'package']: license_file = settings.SPC['license_filename'] license_text = get_license_text(rev) sub.fileset.add_file_from_string(license_file, license_text, user="******", commit_msg="SPC: added/updated license file" ) rev.hash_id = sub.fileset.get_hash() # Once you have the revision you can add tags through the intermediate # model instance (which tracks the user that added the tag and when). for tag in tag_list: tag_intermediate = models.TagCreation(created_by=user, revision=rev, tag=tag) tag_intermediate.save() logger.debug('User "%s" added tag "%s" to rev.id=%d' % ( user.profile.slug, str(tag), rev.id)) # Update the search index so that the tags are included in the search rev.save() # log the new submission and revision logger.info('New %s: %s [id=%d] and revision id=%d' % ( sub.sub_type, item.cleaned_data['title'], sub.id, rev.id))
def profile_page_edit(request, slug): """ User wants to edit his/her profile page. """ # First verify that request.user is the same as slug if request.user.profile.slug != slug: return page_404_error(request, ('You are not authorized to edit that ' 'profile. Only that user may edit it.')) if request.POST: form = forms.ProfileEditForm(request.POST) if form.is_valid(): # Update profile information user = request.user previous_email = '' if form.cleaned_data['email'] != user.email: previous_email = user.email user.email = form.cleaned_data['email'] user.save() user.profile.affiliation = form.cleaned_data['affiliation'] user.profile.country = form.cleaned_data['country'] user.profile.bio = form.cleaned_data['bio'] user.profile.bio_html = compile_rest_to_html(form.cleaned_data['bio']) user.profile.uri = form.cleaned_data['uri'] user.profile.save() tag_list = get_and_create_tags(form.cleaned_data['interests']) # First delete all the user's previous interests, so we can update # them with the new ones for interest in models.InterestCreation.objects.filter(user=user): #.profile.interests.all(): interest.delete() # Add user's interests through the intermediate # model instance for tag in tag_list: tag_intermediate = models.InterestCreation(user=user.profile, tag=tag) tag_intermediate.save() logger.debug('User "%s" added interest "%s" to their profile'%\ (user.profile.slug, str(tag))) # Resave the user profile to capture their interests in the search # results. user.profile.save() if previous_email: ctx_dict = {'new_email': user.email, 'admin_email': settings.DEFAULT_FROM_EMAIL, 'username': user.username} message = render_to_string(\ 'person/email_about_changed_email_address.txt', ctx_dict) send_email((previous_email,), ("SciPy Central: change of " "email address"), message=message) return redirect(profile_page, user.profile.slug) else: user = request.user interests = ','.join(list(set([str(intr) for intr in user.profile.interests.all()]))) fields = {'uri': user.profile.uri, 'email': user.email, 'bio': user.profile.bio, 'interests': interests, 'country': user.profile.country, 'affiliation': user.profile.affiliation, 'pk': user.id, } form = forms.ProfileEditForm(fields) return render_to_response('submission/new-item.html', {}, context_instance=RequestContext(request, {'form': form, 'buttontext': 'Update your profile', 'pagetitle': 'Update your profile', }))