2021-01-12 18:44:17 +00:00
|
|
|
''' helper functions used in various views '''
|
2021-01-12 22:43:59 +00:00
|
|
|
import re
|
|
|
|
from requests import HTTPError
|
2021-01-12 18:44:17 +00:00
|
|
|
from django.db.models import Q
|
2021-01-12 22:43:59 +00:00
|
|
|
|
|
|
|
from bookwyrm import activitypub, models
|
|
|
|
from bookwyrm.connectors import ConnectorException, get_data
|
2021-01-13 19:45:08 +00:00
|
|
|
from bookwyrm.status import create_generated_note
|
2021-01-12 22:43:59 +00:00
|
|
|
from bookwyrm.utils import regex
|
|
|
|
|
2021-01-12 18:44:17 +00:00
|
|
|
|
2021-01-12 20:05:30 +00:00
|
|
|
def get_user_from_username(username):
|
|
|
|
''' helper function to resolve a localname or a username to a user '''
|
|
|
|
# raises DoesNotExist if user is now found
|
|
|
|
try:
|
|
|
|
return models.User.objects.get(localname=username)
|
|
|
|
except models.User.DoesNotExist:
|
|
|
|
return models.User.objects.get(username=username)
|
|
|
|
|
|
|
|
|
|
|
|
def is_api_request(request):
|
|
|
|
''' check whether a request is asking for html or data '''
|
|
|
|
return 'json' in request.headers.get('Accept') or \
|
|
|
|
request.path[-5:] == '.json'
|
|
|
|
|
|
|
|
|
2021-01-12 21:47:00 +00:00
|
|
|
def is_bookworm_request(request):
|
|
|
|
''' check if the request is coming from another bookworm instance '''
|
|
|
|
user_agent = request.headers.get('User-Agent')
|
|
|
|
if user_agent is None or \
|
|
|
|
re.search(regex.bookwyrm_user_agent, user_agent) is None:
|
|
|
|
return False
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
2021-01-16 20:39:51 +00:00
|
|
|
def object_visible_to_user(viewer, obj):
|
|
|
|
''' is a user authorized to view an object? '''
|
2021-01-18 19:57:20 +00:00
|
|
|
if not obj:
|
|
|
|
return False
|
2021-01-23 19:40:41 +00:00
|
|
|
|
|
|
|
# viewer can't see it if the object's owner blocked them
|
|
|
|
if viewer in obj.user.blocks.all():
|
|
|
|
return False
|
|
|
|
|
|
|
|
# you can see your own posts and any public or unlisted posts
|
2021-01-16 20:39:51 +00:00
|
|
|
if viewer == obj.user or obj.privacy in ['public', 'unlisted']:
|
2021-01-12 21:47:00 +00:00
|
|
|
return True
|
2021-01-23 19:40:41 +00:00
|
|
|
|
|
|
|
# you can see the followers only posts of people you follow
|
2021-01-16 20:39:51 +00:00
|
|
|
if obj.privacy == 'followers' and \
|
|
|
|
obj.user.followers.filter(id=viewer.id).first():
|
2021-01-12 21:47:00 +00:00
|
|
|
return True
|
2021-01-23 19:40:41 +00:00
|
|
|
|
|
|
|
# you can see dms you are tagged in
|
2021-01-16 20:39:51 +00:00
|
|
|
if isinstance(obj, models.Status):
|
|
|
|
if obj.privacy == 'direct' and \
|
|
|
|
obj.mention_users.filter(id=viewer.id).first():
|
|
|
|
return True
|
2021-01-12 21:47:00 +00:00
|
|
|
return False
|
|
|
|
|
2021-01-12 18:44:17 +00:00
|
|
|
|
2021-01-31 16:41:11 +00:00
|
|
|
def privacy_filter(viewer, queryset, privacy_levels, following_only=False):
|
|
|
|
''' filter objects that have "user" and "privacy" fields '''
|
2021-01-25 00:13:26 +00:00
|
|
|
# exclude blocks from both directions
|
2021-01-31 16:41:11 +00:00
|
|
|
if not viewer.is_anonymous:
|
|
|
|
blocked = models.User.objects.filter(id__in=viewer.blocks.all()).all()
|
2021-01-25 22:03:18 +00:00
|
|
|
queryset = queryset.exclude(
|
2021-01-31 16:41:11 +00:00
|
|
|
Q(user__in=blocked) | Q(user__blocks=viewer))
|
2021-01-25 00:13:26 +00:00
|
|
|
|
2021-01-12 18:44:17 +00:00
|
|
|
# you can't see followers only or direct messages if you're not logged in
|
2021-01-31 16:41:11 +00:00
|
|
|
if viewer.is_anonymous:
|
|
|
|
privacy_levels = [p for p in privacy_levels if \
|
|
|
|
not p in ['followers', 'direct']]
|
2021-01-12 18:44:17 +00:00
|
|
|
|
|
|
|
# filter to only privided privacy levels
|
2021-01-31 16:41:11 +00:00
|
|
|
queryset = queryset.filter(privacy__in=privacy_levels)
|
2021-01-12 18:44:17 +00:00
|
|
|
|
|
|
|
# only include statuses the user follows
|
|
|
|
if following_only:
|
|
|
|
queryset = queryset.exclude(
|
|
|
|
~Q(# remove everythign except
|
2021-01-31 16:41:11 +00:00
|
|
|
Q(user__in=viewer.following.all()) | # user following
|
|
|
|
Q(user=viewer) |# is self
|
|
|
|
Q(mention_users=viewer)# mentions user
|
2021-01-12 18:44:17 +00:00
|
|
|
),
|
|
|
|
)
|
|
|
|
# exclude followers-only statuses the user doesn't follow
|
2021-01-31 16:41:11 +00:00
|
|
|
elif 'followers' in privacy_levels:
|
2021-01-12 18:44:17 +00:00
|
|
|
queryset = queryset.exclude(
|
|
|
|
~Q(# user isn't following and it isn't their own status
|
2021-01-31 16:41:11 +00:00
|
|
|
Q(user__in=viewer.following.all()) | Q(user=viewer)
|
2021-01-12 18:44:17 +00:00
|
|
|
),
|
|
|
|
privacy='followers' # and the status is followers only
|
|
|
|
)
|
|
|
|
|
|
|
|
# exclude direct messages not intended for the user
|
2021-01-31 16:41:11 +00:00
|
|
|
if 'direct' in privacy_levels:
|
2021-01-12 18:44:17 +00:00
|
|
|
queryset = queryset.exclude(
|
|
|
|
~Q(
|
2021-01-31 16:41:11 +00:00
|
|
|
Q(user=viewer) | Q(mention_users=viewer)
|
2021-01-12 18:44:17 +00:00
|
|
|
), privacy='direct'
|
|
|
|
)
|
2021-01-31 16:41:11 +00:00
|
|
|
return queryset
|
|
|
|
|
|
|
|
|
|
|
|
def get_activity_feed(
|
|
|
|
user, privacy, local_only=False, following_only=False,
|
|
|
|
queryset=models.Status.objects):
|
|
|
|
''' get a filtered queryset of statuses '''
|
|
|
|
# if we're looking at Status, we need this. We don't if it's Comment
|
|
|
|
if hasattr(queryset, 'select_subclasses'):
|
|
|
|
queryset = queryset.select_subclasses()
|
|
|
|
|
|
|
|
# exclude deleted
|
|
|
|
queryset = queryset.exclude(deleted=True).order_by('-published_date')
|
|
|
|
|
|
|
|
# apply privacy filters
|
|
|
|
privacy = privacy if isinstance(privacy, list) else [privacy]
|
|
|
|
queryset = privacy_filter(
|
|
|
|
user, queryset, privacy, following_only=following_only)
|
2021-01-12 18:44:17 +00:00
|
|
|
|
|
|
|
# filter for only local status
|
|
|
|
if local_only:
|
|
|
|
queryset = queryset.filter(user__local=True)
|
|
|
|
|
|
|
|
# remove statuses that have boosts in the same queryset
|
|
|
|
try:
|
|
|
|
queryset = queryset.filter(~Q(boosters__in=queryset))
|
|
|
|
except ValueError:
|
|
|
|
pass
|
|
|
|
|
|
|
|
return queryset
|
2021-01-12 21:47:00 +00:00
|
|
|
|
|
|
|
|
|
|
|
def handle_remote_webfinger(query):
|
|
|
|
''' webfingerin' other servers '''
|
|
|
|
user = None
|
|
|
|
|
|
|
|
# usernames could be @user@domain or user@domain
|
|
|
|
if not query:
|
|
|
|
return None
|
|
|
|
|
|
|
|
if query[0] == '@':
|
|
|
|
query = query[1:]
|
|
|
|
|
|
|
|
try:
|
|
|
|
domain = query.split('@')[1]
|
|
|
|
except IndexError:
|
|
|
|
return None
|
|
|
|
|
|
|
|
try:
|
|
|
|
user = models.User.objects.get(username=query)
|
|
|
|
except models.User.DoesNotExist:
|
|
|
|
url = 'https://%s/.well-known/webfinger?resource=acct:%s' % \
|
|
|
|
(domain, query)
|
|
|
|
try:
|
|
|
|
data = get_data(url)
|
|
|
|
except (ConnectorException, HTTPError):
|
|
|
|
return None
|
|
|
|
|
|
|
|
for link in data.get('links'):
|
|
|
|
if link.get('rel') == 'self':
|
|
|
|
try:
|
|
|
|
user = activitypub.resolve_remote_id(
|
|
|
|
models.User, link['href']
|
|
|
|
)
|
|
|
|
except KeyError:
|
|
|
|
return None
|
|
|
|
return user
|
2021-01-13 17:42:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
def get_edition(book_id):
|
|
|
|
''' look up a book in the db and return an edition '''
|
|
|
|
book = models.Book.objects.select_subclasses().get(id=book_id)
|
|
|
|
if isinstance(book, models.Work):
|
|
|
|
book = book.get_default_edition()
|
|
|
|
return book
|
|
|
|
|
|
|
|
|
2021-01-13 19:45:08 +00:00
|
|
|
def handle_reading_status(user, shelf, book, privacy):
|
|
|
|
''' post about a user reading a book '''
|
|
|
|
# tell the world about this cool thing that happened
|
|
|
|
try:
|
|
|
|
message = {
|
|
|
|
'to-read': 'wants to read',
|
|
|
|
'reading': 'started reading',
|
|
|
|
'read': 'finished reading'
|
|
|
|
}[shelf.identifier]
|
|
|
|
except KeyError:
|
|
|
|
# it's a non-standard shelf, don't worry about it
|
|
|
|
return
|
|
|
|
|
|
|
|
status = create_generated_note(
|
|
|
|
user,
|
|
|
|
message,
|
|
|
|
mention_books=[book],
|
|
|
|
privacy=privacy
|
|
|
|
)
|
|
|
|
status.save()
|
|
|
|
|
2021-01-26 16:31:55 +00:00
|
|
|
|
|
|
|
def is_blocked(viewer, user):
|
|
|
|
''' is this viewer blocked by the user? '''
|
|
|
|
if viewer.is_authenticated and viewer in user.blocks.all():
|
|
|
|
return True
|
|
|
|
return False
|