moviewyrm/bookwyrm/views/helpers.py

""" helper functions used in various views """
import re
from requests import HTTPError
from django.core.exceptions import FieldError
from django.db.models import Q

from bookwyrm import activitypub, models
from bookwyrm.connectors import ConnectorException, get_data
from bookwyrm.status import create_generated_note
from bookwyrm.utils import regex


def get_user_from_username(viewer, username):
    """ helper function to resolve a localname or a username to a user """
    # raises DoesNotExist if user is now found
    try:
        return models.User.viewer_aware_objects(viewer).get(localname=username)
    except models.User.DoesNotExist:
        return models.User.viewer_aware_objects(viewer).get(username=username)


def is_api_request(request):
    """ check whether a request is asking for html or data """
    return "json" in request.headers.get("Accept") or request.path[-5:] == ".json"


def is_bookwyrm_request(request):
    """ check if the request is coming from another bookwyrm instance """
    user_agent = request.headers.get("User-Agent")
    if user_agent is None or re.search(regex.bookwyrm_user_agent, user_agent) is None:
        return False
    return True


def object_visible_to_user(viewer, obj):
    """ is a user authorized to view an object? """
    if not obj:
        return False

    # viewer can't see it if the object's owner blocked them
    if viewer in obj.user.blocks.all():
        return False

    # you can see your own posts and any public or unlisted posts
    if viewer == obj.user or obj.privacy in ["public", "unlisted"]:
        return True

    # you can see the followers only posts of people you follow
    if obj.privacy == "followers" and obj.user.followers.filter(id=viewer.id).first():
        return True

    # you can see dms you are tagged in
    if isinstance(obj, models.Status):
        if obj.privacy == "direct" and obj.mention_users.filter(id=viewer.id).first():
            return True
    return False


def privacy_filter(viewer, queryset, privacy_levels=None, following_only=False):
    """ filter objects that have "user" and "privacy" fields """
    privacy_levels = privacy_levels or ["public", "unlisted", "followers", "direct"]

    # exclude blocks from both directions
    if not viewer.is_anonymous:
        blocked = models.User.objects.filter(id__in=viewer.blocks.all()).all()
        queryset = queryset.exclude(Q(user__in=blocked) | Q(user__blocks=viewer))

    # you can't see followers only or direct messages if you're not logged in
    if viewer.is_anonymous:
        privacy_levels = [p for p in privacy_levels if not p in ["followers", "direct"]]

    # filter to only privided privacy levels
    queryset = queryset.filter(privacy__in=privacy_levels)

    # only include statuses the user follows
    if following_only:
        queryset = queryset.exclude(
            ~Q(  # remove everythign except
                Q(user__in=viewer.following.all())
                | Q(user=viewer)  # user following
                | Q(mention_users=viewer)  # is self  # mentions user
            ),
        )
    # exclude followers-only statuses the user doesn't follow
    elif "followers" in privacy_levels:
        queryset = queryset.exclude(
            ~Q(  # user isn't following and it isn't their own status
                Q(user__in=viewer.following.all()) | Q(user=viewer)
            ),
            privacy="followers",  # and the status is followers only
        )

    # exclude direct messages not intended for the user
    if "direct" in privacy_levels:
        try:
            queryset = queryset.exclude(
                ~Q(Q(user=viewer) | Q(mention_users=viewer)), privacy="direct"
            )
        except FieldError:
            queryset = queryset.exclude(~Q(user=viewer), privacy="direct")

    return queryset


def get_activity_feed(
    user, privacy=None, local_only=False, following_only=False, queryset=None
):
    """ get a filtered queryset of statuses """
    if queryset is None:
        queryset = models.Status.objects.select_subclasses()

    # exclude deleted
    queryset = queryset.exclude(deleted=True).order_by("-published_date")

    # apply privacy filters
    queryset = privacy_filter(user, queryset, privacy, following_only=following_only)

    # only show dms if we only want dms
    if privacy == ["direct"]:
        # dms are direct statuses not related to books
        queryset = queryset.filter(
            review__isnull=True,
            comment__isnull=True,
            quotation__isnull=True,
            generatednote__isnull=True,
        )
    else:
        try:
            queryset = queryset.exclude(
                review__isnull=True,
                comment__isnull=True,
                quotation__isnull=True,
                generatednote__isnull=True,
                privacy="direct",
            )
        except FieldError:
            # if we're looking at a subtype of Status (like Review)
            pass

    # filter for only local status
    if local_only:
        queryset = queryset.filter(user__local=True)

    # remove statuses that have boosts in the same queryset
    try:
        queryset = queryset.filter(~Q(boosters__in=queryset))
    except ValueError:
        pass

    return queryset


def handle_remote_webfinger(query):
    """ webfingerin' other servers """
    user = None

    # usernames could be @user@domain or user@domain
    if not query:
        return None

    if query[0] == "@":
        query = query[1:]

    try:
        domain = query.split("@")[1]
    except IndexError:
        return None

    try:
        user = models.User.objects.get(username=query)
    except models.User.DoesNotExist:
        url = "https://%s/.well-known/webfinger?resource=acct:%s" % (domain, query)
        try:
            data = get_data(url)
        except (ConnectorException, HTTPError):
            return None

        for link in data.get("links"):
            if link.get("rel") == "self":
                try:
                    user = activitypub.resolve_remote_id(
                        link["href"], model=models.User
                    )
                except KeyError:
                    return None
    return user


def get_edition(book_id):
    """ look up a book in the db and return an edition """
    book = models.Book.objects.select_subclasses().get(id=book_id)
    if isinstance(book, models.Work):
        book = book.get_default_edition()
    return book


def handle_reading_status(user, shelf, book, privacy):
    """ post about a user reading a book """
    # tell the world about this cool thing that happened
    try:
        message = {
            "to-read": "wants to read",
            "reading": "started reading",
            "read": "finished reading",
        }[shelf.identifier]
    except KeyError:
        # it's a non-standard shelf, don't worry about it
        return

    status = create_generated_note(user, message, mention_books=[book], privacy=privacy)
    status.save()


def is_blocked(viewer, user):
    """ is this viewer blocked by the user? """
    if viewer.is_authenticated and viewer in user.blocks.all():
        return True
    return False
Runs black 2021-03-08 16:49:10 +00:00			`""" helper functions used in various views """`
tests status class view 2021-01-12 22:43:59 +00:00			`import re`
			`from requests import HTTPError`
Show dms in the right places 2021-02-24 19:59:21 +00:00			`from django.core.exceptions import FieldError`
Creates landing page views 2021-01-12 18:44:17 +00:00			`from django.db.models import Q`
tests status class view 2021-01-12 22:43:59 +00:00
			`from bookwyrm import activitypub, models`
			`from bookwyrm.connectors import ConnectorException, get_data`
Adds shelf views 2021-01-13 19:45:08 +00:00			`from bookwyrm.status import create_generated_note`
tests status class view 2021-01-12 22:43:59 +00:00			`from bookwyrm.utils import regex`

Creates landing page views 2021-01-12 18:44:17 +00:00
Better user block privacy 2021-02-23 20:41:37 +00:00			`def get_user_from_username(viewer, username):`
Runs black 2021-03-08 16:49:10 +00:00			`""" helper function to resolve a localname or a username to a user """`
Moves user views to class view 2021-01-12 20:05:30 +00:00			`# raises DoesNotExist if user is now found`
			`try:`
Typo fix 2021-02-23 21:05:43 +00:00			`return models.User.viewer_aware_objects(viewer).get(localname=username)`
Moves user views to class view 2021-01-12 20:05:30 +00:00			`except models.User.DoesNotExist:`
Better user block privacy 2021-02-23 20:41:37 +00:00			`return models.User.viewer_aware_objects(viewer).get(username=username)`
Moves user views to class view 2021-01-12 20:05:30 +00:00

			`def is_api_request(request):`
Runs black 2021-03-08 16:49:10 +00:00			`""" check whether a request is asking for html or data """`
			`return "json" in request.headers.get("Accept") or request.path[-5:] == ".json"`
Moves user views to class view 2021-01-12 20:05:30 +00:00

Outbox sensitive to user agent strings 2021-02-23 19:34:15 +00:00			`def is_bookwyrm_request(request):`
Runs black 2021-03-08 16:49:10 +00:00			`""" check if the request is coming from another bookwyrm instance """`
			`user_agent = request.headers.get("User-Agent")`
			`if user_agent is None or re.search(regex.bookwyrm_user_agent, user_agent) is None:`
Adds status views 2021-01-12 21:47:00 +00:00			`return False`
			`return True`


Edit goal 2021-01-16 20:39:51 +00:00			`def object_visible_to_user(viewer, obj):`
Runs black 2021-03-08 16:49:10 +00:00			`""" is a user authorized to view an object? """`
Fixes email migration 2021-01-18 19:57:20 +00:00			`if not obj:`
			`return False`
Hide content from blocked users 2021-01-23 19:40:41 +00:00
			`# viewer can't see it if the object's owner blocked them`
			`if viewer in obj.user.blocks.all():`
			`return False`

			`# you can see your own posts and any public or unlisted posts`
Runs black 2021-03-08 16:49:10 +00:00			`if viewer == obj.user or obj.privacy in ["public", "unlisted"]:`
Adds status views 2021-01-12 21:47:00 +00:00			`return True`
Hide content from blocked users 2021-01-23 19:40:41 +00:00
			`# you can see the followers only posts of people you follow`
Runs black 2021-03-08 16:49:10 +00:00			`if obj.privacy == "followers" and obj.user.followers.filter(id=viewer.id).first():`
Adds status views 2021-01-12 21:47:00 +00:00			`return True`
Hide content from blocked users 2021-01-23 19:40:41 +00:00
			`# you can see dms you are tagged in`
Edit goal 2021-01-16 20:39:51 +00:00			`if isinstance(obj, models.Status):`
Runs black 2021-03-08 16:49:10 +00:00			`if obj.privacy == "direct" and obj.mention_users.filter(id=viewer.id).first():`
Edit goal 2021-01-16 20:39:51 +00:00			`return True`
Adds status views 2021-01-12 21:47:00 +00:00			`return False`

Creates landing page views 2021-01-12 18:44:17 +00:00
Improves privacy-related display 2021-02-24 19:35:19 +00:00			`def privacy_filter(viewer, queryset, privacy_levels=None, following_only=False):`
Runs black 2021-03-08 16:49:10 +00:00			`""" filter objects that have "user" and "privacy" fields """`
			`privacy_levels = privacy_levels or ["public", "unlisted", "followers", "direct"]`
Improves privacy-related display 2021-02-24 19:35:19 +00:00
hide blocked content from feed 2021-01-25 00:13:26 +00:00			`# exclude blocks from both directions`
handles list privacy in display 2021-01-31 16:41:11 +00:00			`if not viewer.is_anonymous:`
			`blocked = models.User.objects.filter(id__in=viewer.blocks.all()).all()`
Runs black 2021-03-08 16:49:10 +00:00			`queryset = queryset.exclude(Q(user__in=blocked) \| Q(user__blocks=viewer))`
hide blocked content from feed 2021-01-25 00:13:26 +00:00
Creates landing page views 2021-01-12 18:44:17 +00:00			`# you can't see followers only or direct messages if you're not logged in`
handles list privacy in display 2021-01-31 16:41:11 +00:00			`if viewer.is_anonymous:`
Runs black 2021-03-08 16:49:10 +00:00			`privacy_levels = [p for p in privacy_levels if not p in ["followers", "direct"]]`
Creates landing page views 2021-01-12 18:44:17 +00:00
			`# filter to only privided privacy levels`
handles list privacy in display 2021-01-31 16:41:11 +00:00			`queryset = queryset.filter(privacy__in=privacy_levels)`
Creates landing page views 2021-01-12 18:44:17 +00:00
			`# only include statuses the user follows`
			`if following_only:`
			`queryset = queryset.exclude(`
Runs black 2021-03-08 16:49:10 +00:00			`~Q( # remove everythign except`
			`Q(user__in=viewer.following.all())`
			`\| Q(user=viewer) # user following`
			`\| Q(mention_users=viewer) # is self # mentions user`
Creates landing page views 2021-01-12 18:44:17 +00:00			`),`
			`)`
			`# exclude followers-only statuses the user doesn't follow`
Runs black 2021-03-08 16:49:10 +00:00			`elif "followers" in privacy_levels:`
Creates landing page views 2021-01-12 18:44:17 +00:00			`queryset = queryset.exclude(`
Runs black 2021-03-08 16:49:10 +00:00			`~Q( # user isn't following and it isn't their own status`
handles list privacy in display 2021-01-31 16:41:11 +00:00			`Q(user__in=viewer.following.all()) \| Q(user=viewer)`
Creates landing page views 2021-01-12 18:44:17 +00:00			`),`
Runs black 2021-03-08 16:49:10 +00:00			`privacy="followers", # and the status is followers only`
Creates landing page views 2021-01-12 18:44:17 +00:00			`)`

			`# exclude direct messages not intended for the user`
Runs black 2021-03-08 16:49:10 +00:00			`if "direct" in privacy_levels:`
Show dms in the right places 2021-02-24 19:59:21 +00:00			`try:`
			`queryset = queryset.exclude(`
Runs black 2021-03-08 16:49:10 +00:00			`~Q(Q(user=viewer) \| Q(mention_users=viewer)), privacy="direct"`
Show dms in the right places 2021-02-24 19:59:21 +00:00			`)`
			`except FieldError:`
Runs black 2021-03-08 16:49:10 +00:00			`queryset = queryset.exclude(~Q(user=viewer), privacy="direct")`
Show dms in the right places 2021-02-24 19:59:21 +00:00
handles list privacy in display 2021-01-31 16:41:11 +00:00			`return queryset`


			`def get_activity_feed(`
Runs black 2021-03-08 16:49:10 +00:00			`user, privacy=None, local_only=False, following_only=False, queryset=None`
			`):`
			`""" get a filtered queryset of statuses """`
fixes book reviews queryset aggregators 2021-02-24 20:24:19 +00:00			`if queryset is None:`
Improves privacy-related display 2021-02-24 19:35:19 +00:00			`queryset = models.Status.objects.select_subclasses()`
handles list privacy in display 2021-01-31 16:41:11 +00:00
			`# exclude deleted`
Runs black 2021-03-08 16:49:10 +00:00			`queryset = queryset.exclude(deleted=True).order_by("-published_date")`
handles list privacy in display 2021-01-31 16:41:11 +00:00
			`# apply privacy filters`
Runs black 2021-03-08 16:49:10 +00:00			`queryset = privacy_filter(user, queryset, privacy, following_only=following_only)`
Creates landing page views 2021-01-12 18:44:17 +00:00
Only show dms in dm page 2021-02-24 20:06:00 +00:00			`# only show dms if we only want dms`
Runs black 2021-03-08 16:49:10 +00:00			`if privacy == ["direct"]:`
Show dms in the right places 2021-02-24 19:59:21 +00:00			`# dms are direct statuses not related to books`
Only show dms in dm page 2021-02-24 20:06:00 +00:00			`queryset = queryset.filter(`
			`review__isnull=True,`
			`comment__isnull=True,`
			`quotation__isnull=True,`
			`generatednote__isnull=True,`
			`)`
			`else:`
fixes book reviews queryset aggregators 2021-02-24 20:24:19 +00:00			`try:`
			`queryset = queryset.exclude(`
			`review__isnull=True,`
			`comment__isnull=True,`
			`quotation__isnull=True,`
			`generatednote__isnull=True,`
Runs black 2021-03-08 16:49:10 +00:00			`privacy="direct",`
fixes book reviews queryset aggregators 2021-02-24 20:24:19 +00:00			`)`
			`except FieldError:`
			`# if we're looking at a subtype of Status (like Review)`
			`pass`
Show dms in the right places 2021-02-24 19:59:21 +00:00
Creates landing page views 2021-01-12 18:44:17 +00:00			`# filter for only local status`
			`if local_only:`
			`queryset = queryset.filter(user__local=True)`

			`# remove statuses that have boosts in the same queryset`
			`try:`
			`queryset = queryset.filter(~Q(boosters__in=queryset))`
			`except ValueError:`
			`pass`

			`return queryset`
Adds status views 2021-01-12 21:47:00 +00:00

			`def handle_remote_webfinger(query):`
Runs black 2021-03-08 16:49:10 +00:00			`""" webfingerin' other servers """`
Adds status views 2021-01-12 21:47:00 +00:00			`user = None`

			`# usernames could be @user@domain or user@domain`
			`if not query:`
			`return None`

Runs black 2021-03-08 16:49:10 +00:00			`if query[0] == "@":`
Adds status views 2021-01-12 21:47:00 +00:00			`query = query[1:]`

			`try:`
Runs black 2021-03-08 16:49:10 +00:00			`domain = query.split("@")[1]`
Adds status views 2021-01-12 21:47:00 +00:00			`except IndexError:`
			`return None`

			`try:`
			`user = models.User.objects.get(username=query)`
			`except models.User.DoesNotExist:`
Runs black 2021-03-08 16:49:10 +00:00			`url = "https://%s/.well-known/webfinger?resource=acct:%s" % (domain, query)`
Adds status views 2021-01-12 21:47:00 +00:00			`try:`
			`data = get_data(url)`
			`except (ConnectorException, HTTPError):`
			`return None`

Runs black 2021-03-08 16:49:10 +00:00			`for link in data.get("links"):`
			`if link.get("rel") == "self":`
Adds status views 2021-01-12 21:47:00 +00:00			`try:`
			`user = activitypub.resolve_remote_id(`
Runs black 2021-03-08 16:49:10 +00:00			`link["href"], model=models.User`
Adds status views 2021-01-12 21:47:00 +00:00			`)`
			`except KeyError:`
			`return None`
			`return user`
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00

			`def get_edition(book_id):`
Runs black 2021-03-08 16:49:10 +00:00			`""" look up a book in the db and return an edition """`
Adds book class view and re-works pagination 2021-01-13 17:42:54 +00:00			`book = models.Book.objects.select_subclasses().get(id=book_id)`
			`if isinstance(book, models.Work):`
			`book = book.get_default_edition()`
			`return book`


Adds shelf views 2021-01-13 19:45:08 +00:00			`def handle_reading_status(user, shelf, book, privacy):`
Runs black 2021-03-08 16:49:10 +00:00			`""" post about a user reading a book """`
Adds shelf views 2021-01-13 19:45:08 +00:00			`# tell the world about this cool thing that happened`
			`try:`
			`message = {`
Runs black 2021-03-08 16:49:10 +00:00			`"to-read": "wants to read",`
			`"reading": "started reading",`
			`"read": "finished reading",`
Adds shelf views 2021-01-13 19:45:08 +00:00			`}[shelf.identifier]`
			`except KeyError:`
			`# it's a non-standard shelf, don't worry about it`
			`return`

Runs black 2021-03-08 16:49:10 +00:00			`status = create_generated_note(user, message, mention_books=[book], privacy=privacy)`
Adds shelf views 2021-01-13 19:45:08 +00:00			`status.save()`

Hide user pages to blocked users 2021-01-26 16:31:55 +00:00
			`def is_blocked(viewer, user):`
Runs black 2021-03-08 16:49:10 +00:00			`""" is this viewer blocked by the user? """`
Hide user pages to blocked users 2021-01-26 16:31:55 +00:00			`if viewer.is_authenticated and viewer in user.blocks.all():`
			`return True`
			`return False`