moviewyrm/bookwyrm/views.py
2020-11-11 10:35:34 -08:00

664 lines
20 KiB
Python

''' views for pages you can go to in the application '''
import re
from django.contrib.auth.decorators import login_required, permission_required
from django.contrib.postgres.search import TrigramSimilarity
from django.core.paginator import Paginator
from django.db.models import Avg, Q
from django.http import HttpResponseBadRequest, HttpResponseNotFound,\
JsonResponse
from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404, redirect
from django.template.response import TemplateResponse
from django.views.decorators.csrf import csrf_exempt
from bookwyrm import outgoing
from bookwyrm.activitypub import ActivityEncoder
from bookwyrm import forms, models, books_manager
from bookwyrm import goodreads_import
from bookwyrm.settings import PAGE_LENGTH
from bookwyrm.tasks import app
from bookwyrm.utils import regex
def get_user_from_username(username):
''' helper function to resolve a localname or a username to a user '''
try:
user = models.User.objects.get(localname=username)
except models.User.DoesNotExist:
user = models.User.objects.get(username=username)
return user
def is_api_request(request):
''' check whether a request is asking for html or data '''
return 'json' in request.headers.get('Accept') or \
request.path[-5:] == '.json'
def server_error_page(request):
''' 500 errors '''
return TemplateResponse(request, 'error.html', {'title': 'Oops!'})
def not_found_page(request, _):
''' 404s '''
return TemplateResponse(request, 'notfound.html', {'title': 'Not found'})
@login_required
def home(request):
''' this is the same as the feed on the home tab '''
return home_tab(request, 'home')
@login_required
def home_tab(request, tab):
''' user's homepage with activity feed '''
try:
page = int(request.GET.get('page', 1))
except ValueError:
page = 1
suggested_books = get_suggested_books(request.user)
activities = get_activity_feed(request.user, tab)
paginated = Paginator(activities, PAGE_LENGTH)
activity_page = paginated.page(page)
prev_page = next_page = None
if activity_page.has_next():
next_page = '/%s/?page=%d#feed' % \
(tab, activity_page.next_page_number())
if activity_page.has_previous():
prev_page = '/%s/?page=%d#feed' % \
(tab, activity_page.previous_page_number())
data = {
'title': 'Updates Feed',
'user': request.user,
'suggested_books': suggested_books,
'activities': activity_page.object_list,
'tab': tab,
'next': next_page,
'prev': prev_page,
}
return TemplateResponse(request, 'feed.html', data)
def get_suggested_books(user, max_books=5):
''' helper to get a user's recent books '''
book_count = 0
preset_shelves = [
('reading', max_books), ('read', 2), ('to-read', max_books)
]
suggested_books = []
for (preset, shelf_max) in preset_shelves:
limit = shelf_max if shelf_max < (max_books - book_count) \
else max_books - book_count
shelf = user.shelf_set.get(identifier=preset)
shelf_books = shelf.shelfbook_set.order_by(
'-updated_date'
).all()[:limit]
if not shelf_books:
continue
shelf_preview = {
'name': shelf.name,
'books': [s.book for s in shelf_books]
}
suggested_books.append(shelf_preview)
book_count += len(shelf_preview['books'])
return suggested_books
def get_activity_feed(user, filter_level, model=models.Status):
''' get a filtered queryset of statuses '''
# status updates for your follow network
if user.is_anonymous:
user = None
if user:
following = models.User.objects.filter(
Q(followers=user) | Q(id=user.id)
)
else:
following = []
activities = model
if hasattr(model, 'objects'):
activities = model.objects
activities = activities.filter(
deleted=False
).order_by(
'-published_date'
)
if hasattr(activities, 'select_subclasses'):
activities = activities.select_subclasses()
if filter_level in ['friends', 'home']:
# people you follow and direct mentions
activities = activities.filter(
Q(user__in=following, privacy__in=[
'public', 'unlisted', 'followers'
]) | Q(mention_users=user) | Q(user=user)
)
elif filter_level == 'self':
activities = activities.filter(user=user, privacy='public')
elif filter_level == 'local':
# everyone on this instance except unlisted
activities = activities.filter(
Q(user__in=following, privacy='followers') | Q(privacy='public'),
user__local=True
)
else:
# all activities from everyone you federate with
activities = activities.filter(
Q(user__in=following, privacy='followers') | Q(privacy='public')
)
return activities
def search(request):
''' that search bar up top '''
query = request.GET.get('q')
if is_api_request(request):
# only return local book results via json so we don't cause a cascade
book_results = books_manager.local_search(query)
return JsonResponse([r.__dict__ for r in book_results], safe=False)
# use webfinger for mastodon style account@domain.com username
if re.match(regex.full_username, query):
outgoing.handle_remote_webfinger(query)
# do a local user search
user_results = models.User.objects.annotate(
similarity=TrigramSimilarity('username', query),
).filter(
similarity__gt=0.5,
).order_by('-similarity')[:10]
book_results = books_manager.search(query)
data = {
'title': 'Search Results',
'book_results': book_results,
'user_results': user_results,
'query': query,
}
return TemplateResponse(request, 'search_results.html', data)
@login_required
def import_page(request):
''' import history from goodreads '''
return TemplateResponse(request, 'import.html', {
'title': 'Import Books',
'import_form': forms.ImportForm(),
'jobs': models.ImportJob.
objects.filter(user=request.user).order_by('-created_date'),
'limit': goodreads_import.MAX_ENTRIES,
})
@login_required
def import_status(request, job_id):
''' status of an import job '''
job = models.ImportJob.objects.get(id=job_id)
if job.user != request.user:
raise PermissionDenied
task = app.AsyncResult(job.task_id)
return TemplateResponse(request, 'import_status.html', {
'title': 'Import Status',
'job': job,
'items': job.items.order_by('index').all(),
'task': task
})
def login_page(request):
''' authentication '''
if request.user.is_authenticated:
return redirect('/')
# send user to the login page
data = {
'title': 'Login',
'site_settings': models.SiteSettings.get(),
'login_form': forms.LoginForm(),
'register_form': forms.RegisterForm(),
}
return TemplateResponse(request, 'login.html', data)
def about_page(request):
''' more information about the instance '''
data = {
'title': 'About',
'site_settings': models.SiteSettings.get(),
}
return TemplateResponse(request, 'about.html', data)
def password_reset_request(request):
''' invite management page '''
return TemplateResponse(
request,
'password_reset_request.html',
{'title': 'Reset Password'}
)
def password_reset(request, code):
''' endpoint for sending invites '''
if request.user.is_authenticated:
return redirect('/')
try:
reset_code = models.PasswordReset.objects.get(code=code)
if not reset_code.valid():
raise PermissionDenied
except models.PasswordReset.DoesNotExist:
raise PermissionDenied
return TemplateResponse(
request,
'password_reset.html',
{'title': 'Reset Password', 'code': reset_code.code}
)
def invite_page(request, code):
''' endpoint for sending invites '''
if request.user.is_authenticated:
return redirect('/')
try:
invite = models.SiteInvite.objects.get(code=code)
if not invite.valid():
raise PermissionDenied
except models.SiteInvite.DoesNotExist:
raise PermissionDenied
data = {
'title': 'Join',
'site_settings': models.SiteSettings.get(),
'register_form': forms.RegisterForm(),
'invite': invite,
}
return TemplateResponse(request, 'invite.html', data)
@login_required
@permission_required('bookwyrm.create_invites', raise_exception=True)
def manage_invites(request):
''' invite management page '''
data = {
'title': 'Invitations',
'invites': models.SiteInvite.objects.filter(user=request.user),
'form': forms.CreateInviteForm(),
}
return TemplateResponse(request, 'manage_invites.html', data)
@login_required
def notifications_page(request):
''' list notitications '''
notifications = request.user.notification_set.all() \
.order_by('-created_date')
unread = [n.id for n in notifications.filter(read=False)]
data = {
'title': 'Notifications',
'notifications': notifications,
'unread': unread,
}
notifications.update(read=True)
return TemplateResponse(request, 'notifications.html', data)
@csrf_exempt
def user_page(request, username):
''' profile page for a user '''
try:
user = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseNotFound()
if is_api_request(request):
# we have a json request
return JsonResponse(user.to_activity(), encoder=ActivityEncoder)
# otherwise we're at a UI view
shelf_preview = []
# only show other shelves that should be visible
shelves = user.shelf_set
is_self = request.user.id == user.id
if not is_self:
follower = user.followers.filter(id=request.user.id).exists()
if follower:
shelves = shelves.filter(privacy__in=['public', 'followers'])
else:
shelves = shelves.filter(privacy='public')
for user_shelf in shelves.all():
if not user_shelf.books.count():
continue
shelf_preview.append({
'name': user_shelf.name,
'remote_id': user_shelf.remote_id,
'books': user_shelf.books.all()[:3],
'size': user_shelf.books.count(),
})
if len(shelf_preview) > 2:
break
data = {
'title': user.name,
'user': user,
'is_self': is_self,
'shelves': shelf_preview,
'shelf_count': shelves.count(),
'activities': get_activity_feed(user, 'self')[:15],
}
return TemplateResponse(request, 'user.html', data)
@csrf_exempt
def followers_page(request, username):
''' list of followers '''
if request.method != 'GET':
return HttpResponseBadRequest()
try:
user = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseNotFound()
if is_api_request(request):
return JsonResponse(user.to_followers_activity(**request.GET))
data = {
'title': '%s: followers' % user.name,
'user': user,
'is_self': request.user.id == user.id,
'followers': user.followers.all(),
}
return TemplateResponse(request, 'followers.html', data)
@csrf_exempt
def following_page(request, username):
''' list of followers '''
if request.method != 'GET':
return HttpResponseBadRequest()
try:
user = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseNotFound()
if is_api_request(request):
return JsonResponse(user.to_following_activity(**request.GET))
data = {
'title': '%s: following' % user.name,
'user': user,
'is_self': request.user.id == user.id,
'following': user.following.all(),
}
return TemplateResponse(request, 'following.html', data)
@csrf_exempt
def status_page(request, username, status_id):
''' display a particular status (and replies, etc) '''
if request.method != 'GET':
return HttpResponseBadRequest()
try:
user = get_user_from_username(username)
status = models.Status.objects.select_subclasses().get(id=status_id)
except ValueError:
return HttpResponseNotFound()
# the url should have the poster's username in it
if user != status.user:
return HttpResponseNotFound()
# make sure the user is authorized to see the status
if not status_visible_to_user(request.user, status):
return HttpResponseNotFound()
if is_api_request(request):
return JsonResponse(status.to_activity(), encoder=ActivityEncoder)
data = {
'title': 'Status by %s' % user.username,
'status': status,
}
return TemplateResponse(request, 'status.html', data)
def status_visible_to_user(viewer, status):
''' is a user authorized to view a status? '''
if viewer == status.user or status.privacy in ['public', 'unlisted']:
return True
if status.privacy == 'followers' and \
status.user.followers.filter(id=viewer.id).first():
return True
if status.privacy == 'direct' and \
status.mention_users.filter(id=viewer.id).first():
return True
return False
@csrf_exempt
def replies_page(request, username, status_id):
''' ordered collection of replies to a status '''
if request.method != 'GET':
return HttpResponseBadRequest()
if not is_api_request(request):
return status_page(request, username, status_id)
status = models.Status.objects.get(id=status_id)
if status.user.localname != username:
return HttpResponseNotFound()
return JsonResponse(
status.to_replies(**request.GET),
encoder=ActivityEncoder
)
@login_required
def edit_profile_page(request):
''' profile page for a user '''
user = request.user
form = forms.EditUserForm(instance=request.user)
data = {
'title': 'Edit profile',
'form': form,
'user': user,
}
return TemplateResponse(request, 'edit_user.html', data)
def book_page(request, book_id):
''' info about a book '''
book = models.Book.objects.select_subclasses().get(id=book_id)
if is_api_request(request):
return JsonResponse(book.to_activity(), encoder=ActivityEncoder)
if isinstance(book, models.Work):
book = book.default_edition
if not book:
return HttpResponseNotFound()
work = book.parent_work
if not work:
return HttpResponseNotFound()
reviews = models.Review.objects.filter(
book__in=work.edition_set.all(),
)
reviews = get_activity_feed(request.user, 'federated', model=reviews)
user_tags = []
readthroughs = []
if request.user.is_authenticated:
user_tags = models.Tag.objects.filter(
book=book, user=request.user
).values_list('identifier', flat=True)
readthroughs = models.ReadThrough.objects.filter(
user=request.user,
book=book,
).order_by('start_date')
rating = reviews.aggregate(Avg('rating'))
tags = models.Tag.objects.filter(
book=book
).values(
'book', 'name', 'identifier'
).distinct().all()
data = {
'title': book.title,
'book': book,
'reviews': reviews.filter(content__isnull=False),
'ratings': reviews.filter(content__isnull=True),
'rating': rating['rating__avg'],
'tags': tags,
'user_tags': user_tags,
'readthroughs': readthroughs,
'path': '/book/%s' % book_id,
'info_fields': [
{'name': 'ISBN', 'value': book.isbn_13},
{'name': 'OCLC number', 'value': book.oclc_number},
{'name': 'OpenLibrary ID', 'value': book.openlibrary_key},
{'name': 'Goodreads ID', 'value': book.goodreads_key},
{'name': 'Format', 'value': book.physical_format},
{'name': 'Pages', 'value': book.pages},
],
}
return TemplateResponse(request, 'book.html', data)
@login_required
@permission_required('bookwyrm.edit_book', raise_exception=True)
def edit_book_page(request, book_id):
''' info about a book '''
book = books_manager.get_edition(book_id)
if not book.description:
book.description = book.parent_work.description
data = {
'title': 'Edit Book',
'book': book,
'form': forms.EditionForm(instance=book)
}
return TemplateResponse(request, 'edit_book.html', data)
def editions_page(request, book_id):
''' list of editions of a book '''
work = get_object_or_404(models.Work, id=book_id)
if is_api_request(request):
return JsonResponse(
work.to_edition_list(**request.GET),
encoder=ActivityEncoder
)
editions = models.Edition.objects.filter(parent_work=work).all()
data = {
'title': 'Editions of %s' % work.title,
'editions': editions,
'work': work,
}
return TemplateResponse(request, 'editions.html', data)
def author_page(request, author_id):
''' landing page for an author '''
author = get_object_or_404(models.Author, id=author_id)
if is_api_request(request):
return JsonResponse(author.to_activity(), encoder=ActivityEncoder)
books = models.Work.objects.filter(authors=author)
data = {
'title': author.name,
'author': author,
'books': [b.default_edition for b in books],
}
return TemplateResponse(request, 'author.html', data)
def tag_page(request, tag_id):
''' books related to a tag '''
tag_obj = models.Tag.objects.filter(identifier=tag_id).first()
if not tag_obj:
return HttpResponseNotFound()
if is_api_request(request):
return JsonResponse(
tag_obj.to_activity(**request.GET), encoder=ActivityEncoder)
books = models.Edition.objects.filter(tag__identifier=tag_id).distinct()
data = {
'title': tag_obj.name,
'books': books,
'tag': tag_obj,
}
return TemplateResponse(request, 'tag.html', data)
@csrf_exempt
def user_shelves_page(request, username):
''' list of followers '''
return shelf_page(request, username, None)
def shelf_page(request, username, shelf_identifier):
''' display a shelf '''
try:
user = get_user_from_username(username)
except models.User.DoesNotExist:
return HttpResponseNotFound()
if shelf_identifier:
shelf = user.shelf_set.get(identifier=shelf_identifier)
else:
shelf = user.shelf_set.first()
is_self = request.user == user
shelves = user.shelf_set
if not is_self:
follower = user.followers.filter(id=request.user.id).exists()
# make sure the user has permission to view the shelf
if shelf.privacy == 'direct' or \
(shelf.privacy == 'followers' and not follower):
return HttpResponseNotFound()
# only show other shelves that should be visible
if follower:
shelves = shelves.filter(privacy__in=['public', 'followers'])
else:
shelves = shelves.filter(privacy='public')
if is_api_request(request):
return JsonResponse(shelf.to_activity(**request.GET))
data = {
'title': user.name,
'user': user,
'is_self': is_self,
'shelves': shelves.all(),
'shelf': shelf,
}
return TemplateResponse(request, 'shelf.html', data)