moviewyrm/bookwyrm/view_actions.py

581 lines
17 KiB
Python
Raw Normal View History

2020-02-22 22:02:03 +00:00
''' views for actions you can take in the application '''
2020-04-02 17:23:34 +00:00
from io import BytesIO, TextIOWrapper
from uuid import uuid4
2020-04-02 17:23:34 +00:00
from PIL import Image
2020-04-01 14:18:45 +00:00
2020-10-30 17:40:05 +00:00
import dateutil.parser
from dateutil.parser import ParserError
2020-03-15 21:15:36 +00:00
from django.contrib.auth import authenticate, login, logout
2020-10-01 19:59:38 +00:00
from django.contrib.auth.decorators import login_required, permission_required
from django.core.exceptions import PermissionDenied
2020-04-02 17:23:34 +00:00
from django.core.files.base import ContentFile
2020-03-28 22:06:16 +00:00
from django.http import HttpResponseBadRequest, HttpResponseNotFound
2020-02-22 22:02:03 +00:00
from django.shortcuts import redirect
from django.template.response import TemplateResponse
from django.utils import timezone
2020-02-22 22:02:03 +00:00
from bookwyrm import books_manager
from bookwyrm import forms, models, outgoing
from bookwyrm import goodreads_import
2020-10-02 20:32:19 +00:00
from bookwyrm.emailing import password_reset_email
from bookwyrm.settings import DOMAIN
from bookwyrm.views import get_user_from_username
2020-02-22 22:02:03 +00:00
2020-03-15 21:15:36 +00:00
def user_login(request):
''' authenticate user login '''
if request.method == 'GET':
return redirect('/login')
login_form = forms.LoginForm(request.POST)
username = login_form.data['username']
2020-03-15 21:15:36 +00:00
username = '%s@%s' % (username, DOMAIN)
password = login_form.data['password']
2020-03-15 21:15:36 +00:00
user = authenticate(request, username=username, password=password)
if user is not None:
# successful login
2020-03-15 21:15:36 +00:00
login(request, user)
user.last_active_date = timezone.now()
2020-03-15 21:15:36 +00:00
return redirect(request.GET.get('next', '/'))
2020-10-04 22:10:34 +00:00
login_form.non_field_errors = 'Username or password are incorrect'
2020-10-26 22:09:51 +00:00
register_form = forms.RegisterForm()
2020-10-04 22:10:34 +00:00
data = {
'site_settings': models.SiteSettings.get(),
'login_form': login_form,
'register_form': register_form
}
return TemplateResponse(request, 'login.html', data)
2020-03-15 21:15:36 +00:00
def register(request):
''' join the server '''
if request.method == 'GET':
return redirect('/login')
if not models.SiteSettings.get().allow_registration:
invite_code = request.POST.get('invite_code')
if not invite_code:
raise PermissionDenied
try:
invite = models.SiteInvite.objects.get(code=invite_code)
except models.SiteInvite.DoesNotExist:
raise PermissionDenied
else:
invite = None
2020-03-15 21:15:36 +00:00
form = forms.RegisterForm(request.POST)
2020-10-04 22:10:34 +00:00
errors = False
2020-03-15 21:15:36 +00:00
if not form.is_valid():
2020-10-04 22:10:34 +00:00
errors = True
2020-03-15 21:15:36 +00:00
username = form.data['username']
email = form.data['email']
password = form.data['password']
2020-10-04 22:10:34 +00:00
# check username and email uniqueness
if models.User.objects.filter(localname=username).first():
form.add_error('username', 'User with this username already exists')
errors = True
if errors:
data = {
'site_settings': models.SiteSettings.get(),
'login_form': forms.LoginForm(),
'register_form': form
}
return TemplateResponse(request, 'login.html', data)
2020-03-15 21:15:36 +00:00
user = models.User.objects.create_user(username, email, password)
if invite:
invite.times_used += 1
invite.save()
2020-03-15 21:15:36 +00:00
login(request, user)
return redirect('/')
@login_required
def user_logout(request):
''' done with this place! outa here! '''
logout(request)
return redirect('/')
2020-10-02 20:32:19 +00:00
def password_reset_request(request):
''' create a password reset token '''
email = request.POST.get('email')
try:
user = models.User.objects.get(email=email)
except models.User.DoesNotExist:
return redirect('/password-reset')
# remove any existing password reset cods for this user
models.PasswordReset.objects.filter(user=user).all().delete()
# create a new reset code
code = models.PasswordReset.objects.create(user=user)
password_reset_email(code)
data = {'message': 'Password reset link sent to %s' % email}
return TemplateResponse(request, 'password_reset_request.html', data)
def password_reset(request):
2020-10-02 21:42:42 +00:00
''' allow a user to change their password through an emailed token '''
2020-10-02 20:32:19 +00:00
try:
reset_code = models.PasswordReset.objects.get(
code=request.POST.get('reset-code')
)
except models.PasswordReset.DoesNotExist:
data = {'errors': ['Invalid password reset link']}
return TemplateResponse(request, 'password_reset.html', data)
user = reset_code.user
new_password = request.POST.get('password')
confirm_password = request.POST.get('confirm-password')
if new_password != confirm_password:
data = {'errors': ['Passwords do not match']}
return TemplateResponse(request, 'password_reset.html', data)
user.set_password(new_password)
user.save()
login(request, user)
reset_code.delete()
return redirect('/')
2020-10-02 21:42:42 +00:00
@login_required
def password_change(request):
''' allow a user to change their password '''
new_password = request.POST.get('password')
confirm_password = request.POST.get('confirm-password')
if new_password != confirm_password:
return redirect('/user-edit')
request.user.set_password(new_password)
request.user.save()
login(request, request.user)
return redirect('/user-edit')
2020-02-22 22:02:03 +00:00
@login_required
def edit_profile(request):
''' les get fancy with images '''
if not request.method == 'POST':
return redirect('/user/%s' % request.user.localname)
form = forms.EditUserForm(request.POST, request.FILES)
if not form.is_valid():
data = {
'form': form,
'user': request.user,
}
return TemplateResponse(request, 'edit_user.html', data)
2020-02-22 22:02:03 +00:00
request.user.name = form.data['name']
request.user.email = form.data['email']
2020-02-22 22:02:03 +00:00
if 'avatar' in form.files:
2020-04-02 17:23:34 +00:00
# crop and resize avatar upload
2020-04-21 01:42:13 +00:00
image = Image.open(form.files['avatar'])
2020-04-02 17:23:34 +00:00
target_size = 120
2020-04-21 01:42:13 +00:00
width, height = image.size
thumbnail_scale = height / (width / target_size) if height > width \
else width / (height / target_size)
image.thumbnail([thumbnail_scale, thumbnail_scale])
width, height = image.size
width_diff = width - target_size
height_diff = height - target_size
cropped = image.crop((
int(width_diff / 2),
int(height_diff / 2),
int(width - (width_diff / 2)),
int(height - (height_diff / 2))
2020-04-02 17:23:34 +00:00
))
output = BytesIO()
2020-04-21 01:42:13 +00:00
cropped.save(output, format=image.format)
2020-04-02 17:23:34 +00:00
ContentFile(output.getvalue())
# set the name to a hash
extension = form.files['avatar'].name.split('.')[-1]
filename = '%s.%s' % (uuid4(), extension)
2020-04-02 17:23:34 +00:00
request.user.avatar.save(
filename,
2020-04-02 17:23:34 +00:00
ContentFile(output.getvalue())
)
2020-02-22 22:02:03 +00:00
request.user.summary = form.data['summary']
2020-03-15 21:15:36 +00:00
request.user.manually_approves_followers = \
form.cleaned_data['manually_approves_followers']
2020-02-22 22:02:03 +00:00
request.user.save()
outgoing.handle_update_user(request.user)
2020-02-22 22:02:03 +00:00
return redirect('/user/%s' % request.user.localname)
2020-05-10 19:56:59 +00:00
def resolve_book(request):
''' figure out the local path to a book from a remote_id '''
remote_id = request.POST.get('remote_id')
book = books_manager.get_or_create_book(remote_id)
2020-05-10 19:56:59 +00:00
return redirect('/book/%d' % book.id)
2020-03-28 22:06:16 +00:00
@login_required
2020-10-01 19:59:38 +00:00
@permission_required('bookwyrm.edit_book', raise_exception=True)
2020-03-28 22:06:16 +00:00
def edit_book(request, book_id):
''' edit a book cool '''
if not request.method == 'POST':
2020-09-30 03:36:43 +00:00
return redirect('/book/%s' % book_id)
2020-03-28 22:06:16 +00:00
try:
2020-04-02 15:44:53 +00:00
book = models.Edition.objects.get(id=book_id)
except models.Edition.DoesNotExist:
2020-03-28 22:06:16 +00:00
return HttpResponseNotFound()
2020-04-02 15:44:53 +00:00
form = forms.EditionForm(request.POST, request.FILES, instance=book)
2020-03-28 22:06:16 +00:00
if not form.is_valid():
return redirect(request.headers.get('Referer', '/'))
form.save()
2020-03-29 02:12:17 +00:00
outgoing.handle_update_book(request.user, book)
2020-05-04 00:53:14 +00:00
return redirect('/book/%s' % book.id)
2020-03-28 22:06:16 +00:00
@login_required
def upload_cover(request, book_id):
''' upload a new cover '''
# TODO: alternate covers?
if not request.method == 'POST':
return redirect('/book/%s' % request.user.localname)
try:
book = models.Edition.objects.get(id=book_id)
except models.Edition.DoesNotExist:
2020-03-28 22:06:16 +00:00
return HttpResponseNotFound()
form = forms.CoverForm(request.POST, request.FILES, instance=book)
if not form.is_valid():
return redirect(request.headers.get('Referer', '/'))
book.cover = form.files['cover']
book.sync_cover = False
book.save()
2020-03-29 02:12:17 +00:00
outgoing.handle_update_book(request.user, book)
2020-05-04 00:53:14 +00:00
return redirect('/book/%s' % book.id)
2020-03-28 22:06:16 +00:00
2020-10-30 17:40:05 +00:00
@login_required
def edit_readthrough(request):
''' can't use the form because the dates are too finnicky '''
try:
readthrough = models.ReadThrough.objects.get(id=request.POST.get('id'))
except models.ReadThrough.DoesNotExist:
return HttpResponseNotFound()
# don't let people edit other people's data
if request.user != readthrough.user:
return HttpResponseBadRequest()
# convert dates into a legible format
start_date = request.POST.get('start_date')
try:
start_date = dateutil.parser.parse(start_date)
except ParserError:
start_date = None
readthrough.start_date = start_date
finish_date = request.POST.get('finish_date')
try:
finish_date = dateutil.parser.parse(finish_date)
except ParserError:
finish_date = None
readthrough.finish_date = finish_date
readthrough.save()
return redirect(request.headers.get('Referer', '/'))
@login_required
def delete_readthrough(request):
''' remove a readthrough '''
try:
readthrough = models.ReadThrough.objects.get(id=request.POST.get('id'))
except models.ReadThrough.DoesNotExist:
return HttpResponseNotFound()
# don't let people edit other people's data
if request.user != readthrough.user:
return HttpResponseBadRequest()
readthrough.delete()
return redirect(request.headers.get('Referer', '/'))
2020-02-22 22:02:03 +00:00
@login_required
def shelve(request):
2020-03-28 22:06:16 +00:00
''' put a on a user's shelf '''
book = books_manager.get_edition(request.POST['book'])
2020-03-30 22:03:21 +00:00
2020-02-22 22:02:03 +00:00
desired_shelf = models.Shelf.objects.filter(
identifier=request.POST['shelf'],
user=request.user
).first()
if request.POST.get('reshelve', True):
try:
current_shelf = models.Shelf.objects.get(
user=request.user,
2020-03-30 22:03:21 +00:00
edition=book
2020-02-22 22:02:03 +00:00
)
outgoing.handle_unshelve(request.user, book, current_shelf)
except models.Shelf.DoesNotExist:
# this just means it isn't currently on the user's shelves
pass
outgoing.handle_shelve(request.user, book, desired_shelf)
return redirect('/')
2020-10-28 23:52:23 +00:00
@login_required
def unshelve(request):
''' put a on a user's shelf '''
book = models.Edition.objects.get(id=request.POST['book'])
current_shelf = models.Shelf.objects.get(id=request.POST['shelf'])
outgoing.handle_unshelve(request.user, book, current_shelf)
return redirect(request.headers.get('Referer', '/'))
2020-04-03 19:43:49 +00:00
@login_required
def rate(request):
''' just a star rating for a book '''
form = forms.RatingForm(request.POST)
2020-10-26 22:00:15 +00:00
return handle_status(request, form)
2020-04-03 19:43:49 +00:00
2020-02-22 22:02:03 +00:00
@login_required
def review(request):
2020-03-21 23:50:49 +00:00
''' create a book review '''
2020-02-22 22:02:03 +00:00
form = forms.ReviewForm(request.POST)
2020-10-26 22:00:15 +00:00
return handle_status(request, form)
2020-02-22 22:02:03 +00:00
2020-04-08 16:40:47 +00:00
@login_required
def quotate(request):
''' create a book quotation '''
form = forms.QuotationForm(request.POST)
2020-10-26 22:00:15 +00:00
return handle_status(request, form)
2020-04-08 16:40:47 +00:00
2020-03-21 23:50:49 +00:00
@login_required
def comment(request):
''' create a book comment '''
form = forms.CommentForm(request.POST)
2020-10-26 22:00:15 +00:00
return handle_status(request, form)
2020-10-27 18:32:15 +00:00
@login_required
def reply(request):
''' respond to a book review '''
form = forms.ReplyForm(request.POST)
return handle_status(request, form)
2020-10-26 22:00:15 +00:00
def handle_status(request, form):
2020-10-27 18:32:15 +00:00
''' all the "create a status" functions are the same '''
2020-03-21 23:50:49 +00:00
if not form.is_valid():
2020-10-27 18:32:15 +00:00
return redirect(request.headers.get('Referer', '/'))
2020-03-21 23:50:49 +00:00
2020-10-26 22:00:15 +00:00
outgoing.handle_status(request.user, form)
2020-10-27 18:32:15 +00:00
return redirect(request.headers.get('Referer', '/'))
2020-03-21 23:50:49 +00:00
2020-02-22 22:02:03 +00:00
@login_required
def tag(request):
''' tag a book '''
# I'm not using a form here because sometimes "name" is sent as a hidden
# field which doesn't validate
name = request.POST.get('name')
book_id = request.POST.get('book')
remote_id = 'https://%s/book/%s' % (DOMAIN, book_id)
2020-02-22 22:02:03 +00:00
outgoing.handle_tag(request.user, remote_id, name)
return redirect('/book/%s' % book_id)
2020-02-22 22:02:03 +00:00
@login_required
def untag(request):
''' untag a book '''
name = request.POST.get('name')
book_id = request.POST.get('book')
2020-02-22 22:02:03 +00:00
outgoing.handle_untag(request.user, book_id, name)
return redirect('/book/%s' % book_id)
2020-02-22 22:02:03 +00:00
@login_required
def favorite(request, status_id):
''' like a status '''
status = models.Status.objects.get(id=status_id)
outgoing.handle_favorite(request.user, status)
2020-03-21 22:21:27 +00:00
return redirect(request.headers.get('Referer', '/'))
@login_required
def unfavorite(request, status_id):
''' like a status '''
status = models.Status.objects.get(id=status_id)
outgoing.handle_unfavorite(request.user, status)
2020-02-22 22:02:03 +00:00
return redirect(request.headers.get('Referer', '/'))
@login_required
def boost(request, status_id):
''' boost a status '''
status = models.Status.objects.get(id=status_id)
outgoing.handle_boost(request.user, status)
return redirect(request.headers.get('Referer', '/'))
2020-02-22 22:02:03 +00:00
2020-10-08 19:32:45 +00:00
@login_required
def delete_status(request):
''' delete and tombstone a status '''
status_id = request.POST.get('status')
if not status_id:
return HttpResponseBadRequest()
try:
status = models.Status.objects.get(id=status_id)
except models.Status.DoesNotExist:
return HttpResponseBadRequest()
# don't let people delete other people's statuses
if status.user != request.user:
return HttpResponseBadRequest()
# perform deletion
outgoing.handle_delete_status(request.user, status)
return redirect(request.headers.get('Referer', '/'))
2020-02-22 22:02:03 +00:00
@login_required
def follow(request):
''' follow another user, here or abroad '''
username = request.POST['user']
try:
to_follow = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseBadRequest()
outgoing.handle_follow(request.user, to_follow)
2020-02-22 22:02:03 +00:00
user_slug = to_follow.localname if to_follow.localname \
else to_follow.username
return redirect('/user/%s' % user_slug)
@login_required
def unfollow(request):
''' unfollow a user '''
username = request.POST['user']
try:
to_unfollow = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseBadRequest()
outgoing.handle_unfollow(request.user, to_unfollow)
2020-02-22 22:02:03 +00:00
user_slug = to_unfollow.localname if to_unfollow.localname \
else to_unfollow.username
return redirect('/user/%s' % user_slug)
2020-03-07 22:50:29 +00:00
@login_required
def clear_notifications(request):
2020-03-15 21:15:36 +00:00
''' permanently delete notification for user '''
2020-03-07 22:50:29 +00:00
request.user.notification_set.filter(read=True).delete()
return redirect('/notifications')
2020-03-15 21:15:36 +00:00
@login_required
def accept_follow_request(request):
2020-03-15 21:15:36 +00:00
''' a user accepts a follow request '''
username = request.POST['user']
try:
requester = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseBadRequest()
try:
2020-03-15 21:15:36 +00:00
follow_request = models.UserFollowRequest.objects.get(
user_subject=requester,
user_object=request.user
)
except models.UserFollowRequest.DoesNotExist:
# Request already dealt with.
pass
else:
2020-10-16 21:14:07 +00:00
outgoing.handle_accept(follow_request)
return redirect('/user/%s' % request.user.localname)
2020-03-15 21:15:36 +00:00
@login_required
def delete_follow_request(request):
2020-03-15 21:15:36 +00:00
''' a user rejects a follow request '''
username = request.POST['user']
try:
requester = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseBadRequest()
try:
2020-03-15 21:15:36 +00:00
follow_request = models.UserFollowRequest.objects.get(
user_subject=requester,
user_object=request.user
)
except models.UserFollowRequest.DoesNotExist:
return HttpResponseBadRequest()
2020-10-16 21:28:25 +00:00
outgoing.handle_reject(follow_request)
return redirect('/user/%s' % request.user.localname)
2020-03-27 16:33:31 +00:00
2020-03-23 16:43:11 +00:00
@login_required
def import_data(request):
2020-03-27 16:33:31 +00:00
''' ingest a goodreads csv '''
2020-03-23 16:43:11 +00:00
form = forms.ImportForm(request.POST, request.FILES)
if form.is_valid():
include_reviews = request.POST.get('include_reviews') == 'on'
privacy = request.POST.get('privacy')
try:
job = goodreads_import.create_job(
request.user,
TextIOWrapper(
request.FILES['csv_file'],
encoding=request.encoding),
include_reviews,
privacy,
)
except (UnicodeDecodeError, ValueError):
return HttpResponseBadRequest('Not a valid csv file')
goodreads_import.start_import(job)
return redirect('/import_status/%d' % (job.id,))
2020-04-01 14:18:45 +00:00
return HttpResponseBadRequest()
2020-06-03 16:38:30 +00:00
2020-10-01 19:59:38 +00:00
2020-06-03 16:38:30 +00:00
@login_required
2020-10-01 19:59:38 +00:00
@permission_required('bookwyrm.create_invites', raise_exception=True)
2020-06-03 16:38:30 +00:00
def create_invite(request):
2020-09-21 17:25:26 +00:00
''' creates a user invite database entry '''
2020-06-03 16:38:30 +00:00
form = forms.CreateInviteForm(request.POST)
if not form.is_valid():
return HttpResponseBadRequest("ERRORS : %s" % (form.errors,))
invite = form.save(commit=False)
invite.user = request.user
invite.save()
2020-09-30 04:45:59 +00:00
return redirect('/invite')