def modify_post(self, board_name, board_id, current_uid = -1):
board_info = board.get_board_info(board_id)
if not acl.is_allowed('board', board_id, current_uid, 'modify'):
return util.render().error(error_message=_('NO_PERMISSION'), help_context='error')
data = web.input()
comment = 1 if data.has_key('commentable') else 0
write_by_other = 1 if data.has_key('writable') else 0
indexable = 1 if data.has_key('indexable') else 0
show_avatar = 1 if data.has_key('show_avatar') else 0
owner_uid = user._get_uid_from_username(web.input().owner)
if owner_uid < 0:
return util.render().error(error_message=_('NO_SUCH_USER_FOR_BOARD_ADMIN'), help_context='error')
board_info = dict(path = data.path, name = data.name,
owner = owner_uid, board_type = int(data.type),
can_comment = comment, can_write_by_other = write_by_other,
indexable = indexable, show_avatar = show_avatar,
stylesheet = data.stylesheet,
description = data.description,
cover = data.information)
result = board.board_edit(current_uid, board_id, board_info)
if result[0] == False:
return util.render().error(error_message = result[1], help_context='error')
else:
raise web.seeother(util.link('%s') % result[1])
def join_post(self):
data = web.input()
recaptcha_url = 'http://www.google.com/recaptcha/api/verify'
recaptcha_data = dict(challenge = data.recaptcha_challenge_field,
response = data.recaptcha_response_field,
remoteip = web.ctx.ip,
privatekey = config.recaptcha_private_key)
req = urllib2.Request(recaptcha_url, urllib.urlencode(recaptcha_data))
response = urllib2.urlopen(req)
page = response.read().split('\n')
if page[0] == 'false':
if page[1].strip() == 'incorrect-captcha-sol':
return util.render().error(error_message = _('INCORRECT_CAPTCHA'), help_context='error')
else:
return util.render().error(error_message = _('CAPTCHA_ERROR'), help_context='error')
username = data.id.strip()
if username == '':
return util.render().error(error_message = _('NO_USERNAME_SPECIFIED'), help_context='error')
if user._get_uid_from_username(username) > 0:
return util.render().error(error_message = _('ID_ALREADY_EXISTS'), help_context='error')
if data.password1 != data.password2:
return util.render().error(error_message = _('PASSWORD_DO_NOT_MATCH'), help_context='error')
if len(data.password1) < 6:
return util.render().error(error_message = _('PASSWORD_TOO_SHORT'), help_context='error')
nick = data.nick
email = data.email
password = data.password1
ret = user.join(locals())
if not ret[0]:
return util.render().error(error_message = ret[1], help_context='error')
self.session_set(username)
user.update_last_login(web.ctx.session.uid, web.ctx.ip)
raise web.seeother(util.link('/'))
def recover_password_get(self):
if web.ctx.query == '':
qs = dict()
else:
# XXX: http://bugs.python.org/issue8136
qs = parse_qs(urllib.unquote(web.ctx.query[1:]).encode('latin-1').decode('utf-8'))
if not (qs.has_key('id') and qs.has_key('key')):
return util.render().error(error_message = _('INVALID_LINK'),
help_context = 'error')
user_id = qs['id'][0]
key = qs['key'][0]
uid = user._get_uid_from_username(user_id)
if uid < 0:
return util.render().error(error_message = _('INVALID_USERNAME'),
help_context = 'error')
if user.get_password_salt(uid) != key:
return util.render().error(error_message = _('INVALID_PASSWORD_KEY'),
help_context = 'error')
self.session_set(user_id)
web.ctx.session.persistent = False
user.update_last_login(uid, web.ctx.ip)
new_pw = user.generate_random_password()
user.update_password(uid, new_pw)
return util.render().error(error_message = _('Your temporary password is "%s"(case-sensitive). Change password now.') % new_pw,
error_class = _('Information'))
def create_board_post(self, board_name, board_id, current_uid = -1):
board_info = board.get_board_info(board_id)
if not acl.is_allowed('board', board_id, current_uid, 'create'):
return util.render().error(error_message = _('NO_PERMISSION'), help_context='error')
user_data = web.input()
comment = 1 if user_data.has_key('commentable') else 0
write_by_other = 1 if user_data.has_key('writable') else 0
indexable = 1 if user_data.has_key('indexable') else 0
show_avatar = 1 if user_data.has_key('show_avatar') else 0
owner_uid = user._get_uid_from_username(user_data.owner)
if owner_uid < 0:
return util.render().error(error_message=_('NO_SUCH_USER_FOR_BOARD_ADMIN'), help_context='error')
if user_data.name.strip() == '':
return util.render().error(error_message = _('NO_NAME_SPECIFIED'), help_context='error')
if board_name == '^root':
new_path = posixpath.join('/', user_data.name)
else:
new_path = posixpath.join('/', board_name, user_data.name)
if board._get_board_id_from_path(new_path) > 0:
return util.render().error(error_message = _('BOARD_EXISTS'), help_context='error')
settings = dict(path=new_path, board_owner = owner_uid,
cover = user_data.information,
description = user_data.description,
type = int(user_data.type),
guest_write = write_by_other,
can_comment = comment,
indexable = indexable, show_avatar = show_avatar,
current_uid = current_uid)
ret = board.create_board(board_id, settings)
if ret[0] == False:
return util.render().error(error_message = ret[1] ,help_context = 'error')
raise web.seeother(util.link('%s') % (new_path))
def GET(self, username, current_uid = -1):
user_id = user._get_uid_from_username(username)
if user_id < 0:
raise web.notfound(util.render().error(error_message = _('NO_SUCH_USER'), help_context='error'))
return util.render().myinfo(user = user.get_user(user_id)[1],
user_id = user_id,
title = _('User Information'), board_desc = _('User Information'),
help_context='myinfo')
def session_set(self, username):
u = user.get_user(user._get_uid_from_username(username))
if u[0]:
web.ctx.session.uid = u[1].uSerial
web.ctx.session.username = u[1].uId
web.ctx.session.usernick = u[1].uNick
web.ctx.session.lang = u[1].language
return u[1]
else:
return None
def write_message_post(self, current_uid = -1):
user_id = current_uid
usr = user.get_user(user_id)[1]
data = web.input()
title = data.title
body = data.body
receiver_id = data.id
receiver_uid = user._get_uid_from_username(receiver_id)
if receiver_uid < 0:
raise web.notfound(util.render().error(error_message=_('INVALID_RECEIVER'), help_context='error'))
result = pm.send_mail(current_uid, receiver_uid, title, body)
if not result[0]:
raise web.internalerror(util.render().error(error_message=result[1], help_context='error'))
else:
raise web.seeother('/+u/+inbox')
def GET(self, username, action):
user_id = user._get_uid_from_username(username)
try:
return eval('self.%s' % (action))(username, user_id)
except AttributeError:
raise web.notfound(util.render().error(error_message = _('INVALID_ACTION'), help_context='error'))
def check_duplicate_user(self, qs):
username = qs['username'][0]
if user._get_uid_from_username(username) > 0:
return json.dumps([True])
else:
return json.dumps([False])