bookwyrm/bookwyrm/views/helpers.py

""" helper functions used in various views """

import re
from datetime import datetime, timedelta
import dateutil.parser
import dateutil.tz
from dateutil.parser import ParserError

from requests import HTTPError
from django.db.models import Q
from django.conf import settings as django_settings
from django.shortcuts import redirect, _get_queryset
from django.http import Http404
from django.utils import translation

from bookwyrm import activitypub, models, settings
from bookwyrm.connectors import ConnectorException, get_data
from bookwyrm.status import create_generated_note
from bookwyrm.utils import regex
from bookwyrm.utils.validate import validate_url_domain


# pylint: disable=unnecessary-pass
class WebFingerError(Exception):
    """empty error class for problems finding user information with webfinger"""

    pass


def get_user_from_username(viewer, username):
    """helper function to resolve a localname or a username to a user"""
    if viewer.is_authenticated and viewer.localname == username:
        # that's yourself, fool
        return viewer

    # raises 404 if the user isn't found
    try:
        return models.User.viewer_aware_objects(viewer).get(localname=username)
    except models.User.DoesNotExist:
        pass

    # if the localname didn't match, try the username
    try:
        return models.User.viewer_aware_objects(viewer).get(username=username)
    except models.User.DoesNotExist:
        raise Http404()


def is_api_request(request):
    """check whether a request is asking for html or data"""
    return "json" in request.headers.get("Accept", "") or re.match(
        r".*\.json/?$", request.path
    )


def is_bookwyrm_request(request):
    """check if the request is coming from another bookwyrm instance"""
    user_agent = request.headers.get("User-Agent")
    if user_agent is None or re.search(regex.BOOKWYRM_USER_AGENT, user_agent) is None:
        return False
    return True


def handle_remote_webfinger(query, unknown_only=False):
    """webfingerin' other servers"""
    user = None

    # usernames could be @user@domain or user@domain
    if not query:
        return None
    if query[0] == "@":
        query = query[1:]
    try:
        domain = query.split("@")[1]
    except IndexError:
        return None

    try:
        user = models.User.objects.get(username__iexact=query)

        if unknown_only:
            # In this case, we only want to know about previously undiscovered users
            # So the fact that we found a match in the database means no results
            return None
    except models.User.DoesNotExist:
        url = f"https://{domain}/.well-known/webfinger?resource=acct:{query}"
        try:
            data = get_data(url)
        except (ConnectorException, HTTPError):
            return None

        for link in data.get("links"):
            if link.get("rel") == "self":
                try:
                    user = activitypub.resolve_remote_id(
                        link["href"], model=models.User
                    )
                except (KeyError, activitypub.ActivitySerializerError):
                    return None
    return user


def subscribe_remote_webfinger(query):
    """get subscribe template from other servers"""
    template = None
    # usernames could be @user@domain or user@domain
    if not query:
        return WebFingerError("invalid_username")

    if query[0] == "@":
        query = query[1:]

    try:
        domain = query.split("@")[1]
    except IndexError:
        return WebFingerError("invalid_username")

    url = f"https://{domain}/.well-known/webfinger?resource=acct:{query}"

    try:
        data = get_data(url)
    except (ConnectorException, HTTPError):
        return WebFingerError("user_not_found")

    for link in data.get("links"):
        if link.get("rel") == "http://ostatus.org/schema/1.0/subscribe":
            template = link["template"]

    return template


def get_edition(book_id):
    """look up a book in the db and return an edition"""
    book = models.Book.objects.select_subclasses().get(id=book_id)
    if isinstance(book, models.Work):
        book = book.default_edition
    return book


def handle_reading_status(user, shelf, book, privacy):
    """post about a user reading a book"""
    # tell the world about this cool thing that happened
    try:
        message = {
            "to-read": "wants to read",
            "reading": "started reading",
            "read": "finished reading",
            "stopped-reading": "stopped reading",
        }[shelf.identifier]
    except KeyError:
        # it's a non-standard shelf, don't worry about it
        return

    status = create_generated_note(user, message, mention_books=[book], privacy=privacy)
    status.save()


def load_date_in_user_tz_as_utc(date_str: str, user: models.User) -> datetime:
    """ensures that data is stored consistently in the UTC timezone"""
    if not date_str:
        return None
    user_tz = dateutil.tz.gettz(user.preferred_timezone)
    date = dateutil.parser.parse(date_str, ignoretz=True)
    try:
        return date.replace(tzinfo=user_tz).astimezone(dateutil.tz.UTC)
    except ParserError:
        return None


def set_language(user, response):
    """Updates a user's language"""
    if user.preferred_language:
        translation.activate(user.preferred_language)
    response.set_cookie(
        settings.LANGUAGE_COOKIE_NAME,
        user.preferred_language,
        expires=datetime.now() + timedelta(seconds=django_settings.SESSION_COOKIE_AGE),
    )
    return response


def filter_stream_by_status_type(activities, allowed_types=None):
    """filter out activities based on types"""
    if not allowed_types:
        allowed_types = []

    if "review" not in allowed_types:
        activities = activities.filter(
            Q(review__isnull=True), Q(boost__boosted_status__review__isnull=True)
        )
    if "comment" not in allowed_types:
        activities = activities.filter(
            Q(comment__isnull=True), Q(boost__boosted_status__comment__isnull=True)
        )
    if "quotation" not in allowed_types:
        activities = activities.filter(
            Q(quotation__isnull=True), Q(boost__boosted_status__quotation__isnull=True)
        )
    if "everything" not in allowed_types:
        activities = activities.filter(
            Q(generatednote__isnull=True),
            Q(boost__boosted_status__generatednote__isnull=True),
        )

    return activities


def maybe_redirect_local_path(request, model):
    """
    if the request had an invalid path, return a permanent redirect response to the
    correct one, including a slug if any.
    if path is valid, returns False.
    """

    # don't redirect empty path for unit tests which currently have this
    if request.path in ("/", model.local_path):
        return False

    new_path = model.local_path
    if len(request.GET) > 0:
        new_path = f"{model.local_path}?{request.GET.urlencode()}"

    return redirect(new_path, permanent=True)


def redirect_to_referer(request, *args, **kwargs):
    """Redirect to the referrer, if it's in our domain, with get params"""
    # make sure the refer is part of this instance
    validated = validate_url_domain(request.META.get("HTTP_REFERER"))

    if validated:
        return redirect(validated)

    # if not, use the args passed you'd normally pass to redirect()
    return redirect(*args or "/", **kwargs)


# pylint: disable=redefined-builtin,invalid-name
def get_mergeable_object_or_404(klass, id):
    """variant of get_object_or_404 that also redirects if id has been merged
    into another object"""
    queryset = _get_queryset(klass)
    try:
        return queryset.get(pk=id)
    except queryset.model.DoesNotExist:
        try:
            return queryset.get(absorbed__deleted_id=id)
        except queryset.model.DoesNotExist:
            pass

        raise Http404(f"No {queryset.model} with ID {id} exists")
Runs black 2021-03-08 16:49:10 +00:00			`""" helper functions used in various views """`
Redirect to new URL when a merged object is requested 2024-03-01 13:37:52 +00:00
tests status class view 2021-01-12 22:43:59 +00:00			`import re`
save language preferences with cookies that last (as long as login ones do) 2022-01-08 18:56:57 +00:00			`from datetime import datetime, timedelta`
Post-processes statuses composed in modals 2021-09-30 17:00:05 +00:00			`import dateutil.parser`
			`import dateutil.tz`
			`from dateutil.parser import ParserError`

tests status class view 2021-01-12 22:43:59 +00:00			`from requests import HTTPError`
Move stream filter to helpers 2021-11-24 12:37:09 +00:00			`from django.db.models import Q`
save language preferences with cookies that last (as long as login ones do) 2022-01-08 18:56:57 +00:00			`from django.conf import settings as django_settings`
Redirect to new URL when a merged object is requested 2024-03-01 13:37:52 +00:00			`from django.shortcuts import redirect, _get_queryset`
Refactor get_user_from_username to raise 404 directly 2021-04-30 16:33:36 +00:00			`from django.http import Http404`
Update language on login and edit preference 2021-10-06 20:01:29 +00:00			`from django.utils import translation`
tests status class view 2021-01-12 22:43:59 +00:00
Update language on login and edit preference 2021-10-06 20:01:29 +00:00			`from bookwyrm import activitypub, models, settings`
tests status class view 2021-01-12 22:43:59 +00:00			`from bookwyrm.connectors import ConnectorException, get_data`
Adds shelf views 2021-01-13 19:45:08 +00:00			`from bookwyrm.status import create_generated_note`
tests status class view 2021-01-12 22:43:59 +00:00			`from bookwyrm.utils import regex`
Add helper to refer views back to http referers safely In most cases, we want to return back to where we came from after performing an action. It's not safe to return to an arbitrary referer, so this streamlines using the util validator to verify the redirect and fall back on regular redirect params if the referer is outside our domain. 2023-03-20 17:25:38 +00:00			`from bookwyrm.utils.validate import validate_url_domain`
tests status class view 2021-01-12 22:43:59 +00:00
Creates landing page views 2021-01-12 18:44:17 +00:00
lint 2021-12-06 06:02:47 +00:00			`# pylint: disable=unnecessary-pass`
more descriptive remote follow errors - distinguish between invalid username, user not found, and remote follow not supported - make helpers DRYer 2021-12-05 22:29:51 +00:00			`class WebFingerError(Exception):`
pylint called my code useless how rude 2021-12-06 05:47:04 +00:00			`"""empty error class for problems finding user information with webfinger"""`
more descriptive remote follow errors - distinguish between invalid username, user not found, and remote follow not supported - make helpers DRYer 2021-12-05 22:29:51 +00:00
stop pylint contradicting itself 2021-12-06 05:59:51 +00:00			`pass`
more descriptive remote follow errors - distinguish between invalid username, user not found, and remote follow not supported - make helpers DRYer 2021-12-05 22:29:51 +00:00
lint 2021-12-06 06:02:47 +00:00
Better user block privacy 2021-02-23 20:41:37 +00:00			`def get_user_from_username(viewer, username):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""helper function to resolve a localname or a username to a user"""`
Fixes username helper 2021-05-23 04:33:56 +00:00			`if viewer.is_authenticated and viewer.localname == username:`
Improves shelf page query efficiency a little 2021-05-23 02:54:50 +00:00			`# that's yourself, fool`
			`return viewer`

Refactor get_user_from_username to raise 404 directly 2021-04-30 16:33:36 +00:00			`# raises 404 if the user isn't found`
Moves user views to class view 2021-01-12 20:05:30 +00:00			`try:`
Typo fix 2021-02-23 21:05:43 +00:00			`return models.User.viewer_aware_objects(viewer).get(localname=username)`
Moves user views to class view 2021-01-12 20:05:30 +00:00			`except models.User.DoesNotExist:`
Refactor get_user_from_username to raise 404 directly 2021-04-30 16:33:36 +00:00			`pass`

			`# if the localname didn't match, try the username`
			`try:`
Better user block privacy 2021-02-23 20:41:37 +00:00			`return models.User.viewer_aware_objects(viewer).get(username=username)`
Refactor get_user_from_username to raise 404 directly 2021-04-30 16:33:36 +00:00			`except models.User.DoesNotExist:`
			`raise Http404()`
Moves user views to class view 2021-01-12 20:05:30 +00:00

			`def is_api_request(request):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""check whether a request is asking for html or data"""`
Display search results in api mode and regular 2021-09-16 17:44:33 +00:00			`return "json" in request.headers.get("Accept", "") or re.match(`
			`r".*\.json/?$", request.path`
			`)`
Moves user views to class view 2021-01-12 20:05:30 +00:00

Outbox sensitive to user agent strings 2021-02-23 19:34:15 +00:00			`def is_bookwyrm_request(request):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""check if the request is coming from another bookwyrm instance"""`
Runs black 2021-03-08 16:49:10 +00:00			`user_agent = request.headers.get("User-Agent")`
Updates code for linter 2021-06-18 21:12:56 +00:00			`if user_agent is None or re.search(regex.BOOKWYRM_USER_AGENT, user_agent) is None:`
Adds status views 2021-01-12 21:47:00 +00:00			`return False`
			`return True`


Refactors how mentions are collected This should be quicker, because it queries the users in one go instead of jumping straight to iterating over them, and it checks if a user blocks the poster before allowing them to be tagged. 2022-08-05 21:04:16 +00:00			`def handle_remote_webfinger(query, unknown_only=False):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""webfingerin' other servers"""`
Adds status views 2021-01-12 21:47:00 +00:00			`user = None`

			`# usernames could be @user@domain or user@domain`
			`if not query:`
			`return None`
Runs black 2021-03-08 16:49:10 +00:00			`if query[0] == "@":`
Adds status views 2021-01-12 21:47:00 +00:00			`query = query[1:]`
			`try:`
Runs black 2021-03-08 16:49:10 +00:00			`domain = query.split("@")[1]`
Adds status views 2021-01-12 21:47:00 +00:00			`except IndexError:`
			`return None`

			`try:`
Case insensitive remote user search 2021-04-08 16:59:21 +00:00			`user = models.User.objects.get(username__iexact=query)`
Refactors how mentions are collected This should be quicker, because it queries the users in one go instead of jumping straight to iterating over them, and it checks if a user blocks the poster before allowing them to be tagged. 2022-08-05 21:04:16 +00:00
			`if unknown_only:`
			`# In this case, we only want to know about previously undiscovered users`
			`# So the fact that we found a match in the database means no results`
			`return None`
Adds status views 2021-01-12 21:47:00 +00:00			`except models.User.DoesNotExist:`
Updating string format synatx part 2 2021-09-18 18:32:00 +00:00			`url = f"https://{domain}/.well-known/webfinger?resource=acct:{query}"`
Adds status views 2021-01-12 21:47:00 +00:00			`try:`
			`data = get_data(url)`
			`except (ConnectorException, HTTPError):`
			`return None`

Runs black 2021-03-08 16:49:10 +00:00			`for link in data.get("links"):`
			`if link.get("rel") == "self":`
Adds status views 2021-01-12 21:47:00 +00:00			`try:`
			`user = activitypub.resolve_remote_id(`
Runs black 2021-03-08 16:49:10 +00:00			`link["href"], model=models.User`
Adds status views 2021-01-12 21:47:00 +00:00			`)`
Gracefully handle errors in webfinger during search 2021-04-07 16:17:04 +00:00			`except (KeyError, activitypub.ActivitySerializerError):`
Adds status views 2021-01-12 21:47:00 +00:00			`return None`
			`return user`
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00

add remote follow button 2021-11-28 09:09:29 +00:00			`def subscribe_remote_webfinger(query):`
			`"""get subscribe template from other servers"""`
			`template = None`
make code WET again moving url discovery borked general webfinger tests for some reason IDK why. 2021-12-05 23:45:39 +00:00			`# usernames could be @user@domain or user@domain`
			`if not query:`
			`return WebFingerError("invalid_username")`

			`if query[0] == "@":`
			`query = query[1:]`
add remote follow button 2021-11-28 09:09:29 +00:00
make code WET again moving url discovery borked general webfinger tests for some reason IDK why. 2021-12-05 23:45:39 +00:00			`try:`
			`domain = query.split("@")[1]`
			`except IndexError:`
more descriptive remote follow errors - distinguish between invalid username, user not found, and remote follow not supported - make helpers DRYer 2021-12-05 22:29:51 +00:00			`return WebFingerError("invalid_username")`
add remote follow button 2021-11-28 09:09:29 +00:00
			`url = f"https://{domain}/.well-known/webfinger?resource=acct:{query}"`
more descriptive remote follow errors - distinguish between invalid username, user not found, and remote follow not supported - make helpers DRYer 2021-12-05 22:29:51 +00:00
add remote follow button 2021-11-28 09:09:29 +00:00			`try:`
			`data = get_data(url)`
			`except (ConnectorException, HTTPError):`
more descriptive remote follow errors - distinguish between invalid username, user not found, and remote follow not supported - make helpers DRYer 2021-12-05 22:29:51 +00:00			`return WebFingerError("user_not_found")`
add remote follow button 2021-11-28 09:09:29 +00:00
			`for link in data.get("links"):`
			`if link.get("rel") == "http://ostatus.org/schema/1.0/subscribe":`
			`template = link["template"]`

			`return template`
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00
code cleanup 2021-11-28 10:38:28 +00:00
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00			`def get_edition(book_id):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""look up a book in the db and return an edition"""`
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00			`book = models.Book.objects.select_subclasses().get(id=book_id)`
			`if isinstance(book, models.Work):`
Don't store default edition in the dataase 2021-04-28 22:19:24 +00:00			`book = book.default_edition`
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00			`return book`


Adds shelf views 2021-01-13 19:45:08 +00:00			`def handle_reading_status(user, shelf, book, privacy):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""post about a user reading a book"""`
Adds shelf views 2021-01-13 19:45:08 +00:00			`# tell the world about this cool thing that happened`
			`try:`
			`message = {`
Runs black 2021-03-08 16:49:10 +00:00			`"to-read": "wants to read",`
			`"reading": "started reading",`
			`"read": "finished reading",`
Produce a proper status 2022-02-28 19:56:59 +00:00			`"stopped-reading": "stopped reading",`
Adds shelf views 2021-01-13 19:45:08 +00:00			`}[shelf.identifier]`
			`except KeyError:`
			`# it's a non-standard shelf, don't worry about it`
			`return`

Runs black 2021-03-08 16:49:10 +00:00			`status = create_generated_note(user, message, mention_books=[book], privacy=privacy)`
Adds shelf views 2021-01-13 19:45:08 +00:00			`status.save()`

Hide user pages to blocked users 2021-01-26 16:31:55 +00:00
Post-processes statuses composed in modals 2021-09-30 17:00:05 +00:00			`def load_date_in_user_tz_as_utc(date_str: str, user: models.User) -> datetime:`
			`"""ensures that data is stored consistently in the UTC timezone"""`
			`if not date_str:`
			`return None`
			`user_tz = dateutil.tz.gettz(user.preferred_timezone)`
			`date = dateutil.parser.parse(date_str, ignoretz=True)`
			`try:`
			`return date.replace(tzinfo=user_tz).astimezone(dateutil.tz.UTC)`
			`except ParserError:`
			`return None`
Update language on login and edit preference 2021-10-06 20:01:29 +00:00

			`def set_language(user, response):`
			`"""Updates a user's language"""`
			`if user.preferred_language:`
			`translation.activate(user.preferred_language)`
save language preferences with cookies that last (as long as login ones do) 2022-01-08 18:56:57 +00:00			`response.set_cookie(`
			`settings.LANGUAGE_COOKIE_NAME,`
			`user.preferred_language,`
			`expires=datetime.now() + timedelta(seconds=django_settings.SESSION_COOKIE_AGE),`
			`)`
Update language on login and edit preference 2021-10-06 20:01:29 +00:00			`return response`
Move stream filter to helpers 2021-11-24 12:37:09 +00:00

			`def filter_stream_by_status_type(activities, allowed_types=None):`
			`"""filter out activities based on types"""`
			`if not allowed_types:`
			`allowed_types = []`

			`if "review" not in allowed_types:`
			`activities = activities.filter(`
			`Q(review__isnull=True), Q(boost__boosted_status__review__isnull=True)`
			`)`
			`if "comment" not in allowed_types:`
			`activities = activities.filter(`
			`Q(comment__isnull=True), Q(boost__boosted_status__comment__isnull=True)`
			`)`
			`if "quotation" not in allowed_types:`
			`activities = activities.filter(`
			`Q(quotation__isnull=True), Q(boost__boosted_status__quotation__isnull=True)`
			`)`
			`if "everything" not in allowed_types:`
			`activities = activities.filter(`
			`Q(generatednote__isnull=True),`
			`Q(boost__boosted_status__generatednote__isnull=True),`
			`)`

			`return activities`
Redirect to correct url with slug 2022-03-02 09:12:32 +00:00
black 2022-03-02 09:47:08 +00:00
Redirect to correct url with slug 2022-03-02 09:12:32 +00:00			`def maybe_redirect_local_path(request, model):`
			`"""`
in progress fixes for pylint 2022-03-12 04:14:45 +00:00			`if the request had an invalid path, return a permanent redirect response to the`
			`correct one, including a slug if any.`
Redirect to correct url with slug 2022-03-02 09:12:32 +00:00			`if path is valid, returns False.`
			`"""`
Hopefully knocking out many of the unit test fails 2022-03-02 11:11:02 +00:00
			`# don't redirect empty path for unit tests which currently have this`
in progress fixes for pylint 2022-03-12 04:14:45 +00:00			`if request.path in ("/", model.local_path):`
Redirect to correct url with slug 2022-03-02 09:12:32 +00:00			`return False`

black 2022-03-02 09:47:08 +00:00			`new_path = model.local_path`
Redirect to correct url with slug 2022-03-02 09:12:32 +00:00			`if len(request.GET) > 0:`
			`new_path = f"{model.local_path}?{request.GET.urlencode()}"`

			`return redirect(new_path, permanent=True)`
Add helper to refer views back to http referers safely In most cases, we want to return back to where we came from after performing an action. It's not safe to return to an arbitrary referer, so this streamlines using the util validator to verify the redirect and fall back on regular redirect params if the referer is outside our domain. 2023-03-20 17:25:38 +00:00

Converts report "comments" into broader "actions" table This table will now track all actions taken on a report, like resolving it, re-opening it, suspending the reported user, et cetera, in addition to comments. When there are multiple admins, this change will make it easier to understand what actions have been taken by whom on a report. 2023-05-16 16:43:00 +00:00			`def redirect_to_referer(request, args, *kwargs):`
Add helper to refer views back to http referers safely In most cases, we want to return back to where we came from after performing an action. It's not safe to return to an arbitrary referer, so this streamlines using the util validator to verify the redirect and fall back on regular redirect params if the referer is outside our domain. 2023-03-20 17:25:38 +00:00			`"""Redirect to the referrer, if it's in our domain, with get params"""`
			`# make sure the refer is part of this instance`
			`validated = validate_url_domain(request.META.get("HTTP_REFERER"))`

			`if validated:`
			`return redirect(validated)`

			`# if not, use the args passed you'd normally pass to redirect()`
Converts report "comments" into broader "actions" table This table will now track all actions taken on a report, like resolving it, re-opening it, suspending the reported user, et cetera, in addition to comments. When there are multiple admins, this change will make it easier to understand what actions have been taken by whom on a report. 2023-05-16 16:43:00 +00:00			`return redirect(args or "/", *kwargs)`
Redirect to new URL when a merged object is requested 2024-03-01 13:37:52 +00:00

			`# pylint: disable=redefined-builtin,invalid-name`
			`def get_mergeable_object_or_404(klass, id):`
			`"""variant of get_object_or_404 that also redirects if id has been merged`
			`into another object"""`
			`queryset = _get_queryset(klass)`
			`try:`
			`return queryset.get(pk=id)`
			`except queryset.model.DoesNotExist:`
			`try:`
			`return queryset.get(absorbed__deleted_id=id)`
			`except queryset.model.DoesNotExist:`
			`pass`

			`raise Http404(f"No {queryset.model} with ID {id} exists")`