pandora/pandora/user/views.py

677 lines
20 KiB
Python
Raw Normal View History

2010-12-24 12:54:35 +00:00
# -*- coding: utf-8 -*-
2010-01-25 09:20:21 +00:00
# vi:si:et:sw=4:sts=4:ts=4
2010-12-24 12:54:35 +00:00
import random
random.seed()
2011-09-26 18:38:29 +00:00
import re
2010-01-25 09:20:21 +00:00
from django.contrib.auth.models import User
from django.contrib.auth import authenticate, login, logout
2011-01-01 11:44:42 +00:00
from django.template import RequestContext, loader
2010-01-25 09:20:21 +00:00
from django.utils import simplejson as json
2010-02-06 08:24:39 +00:00
from django.conf import settings
2010-02-16 10:10:53 +00:00
from django.core.mail import send_mail, BadHeaderError
2011-10-03 11:52:16 +00:00
from django.db.models import Sum
2011-10-21 18:36:21 +00:00
from django.shortcuts import redirect
2010-01-25 09:20:21 +00:00
from ox.django.shortcuts import render_to_json_response, json_response, get_object_or_404_json
2011-10-03 16:09:11 +00:00
from ox.django.decorators import admin_required_json, login_required_json
2010-12-24 12:54:35 +00:00
import ox
2010-01-25 09:20:21 +00:00
from api.actions import actions
2011-01-25 14:45:07 +00:00
from item.models import Access, Item
from item import utils
import models
import managers
2010-02-27 10:37:00 +00:00
2011-01-03 12:31:50 +00:00
def signin(request):
2010-01-25 09:20:21 +00:00
'''
param data {
username: 'username',
password: 'password'
}
2011-01-01 11:44:42 +00:00
return {
2010-12-25 04:19:37 +00:00
status: {'code': 200, 'text': 'ok'}
data: {
errors: {
2010-12-24 10:14:13 +00:00
username: 'Unknown Username',
password: 'Incorrect Password'
}
user: {
...
}
}
}
2010-01-25 09:20:21 +00:00
'''
data = json.loads(request.POST['data'])
2011-10-22 12:27:00 +00:00
if 'username' in data and 'password' in data:
data['username'] = data['username'].strip()
data['password'] = data['password'].strip()
if models.User.objects.filter(username=data['username']).count() == 0:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'username': 'Unknown Username'
}
})
2010-01-25 09:20:21 +00:00
else:
user = authenticate(username=data['username'], password=data['password'])
if user is not None:
if user.is_active:
2011-10-09 13:39:31 +00:00
request.session['ui'] = '{}'
login(request, user)
2011-10-03 11:52:16 +00:00
user_json = models.init_user(user, request)
response = json_response({
'user': user_json
})
else:
response = json_response({
'errors': {
'username': 'User Disabled'
}
})
else:
response = json_response({
'errors': {
'password': 'Incorrect Password'
}
})
2010-01-25 09:20:21 +00:00
else:
2010-02-10 13:10:28 +00:00
response = json_response(status=400, text='invalid data')
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(signin, cache=False)
2010-01-25 09:20:21 +00:00
2011-01-01 11:44:42 +00:00
2011-01-03 12:31:50 +00:00
def signout(request):
2010-01-25 09:20:21 +00:00
'''
param data {
}
2011-01-01 11:44:42 +00:00
return {
status: {'code': int, 'text': string}
2010-12-25 04:19:37 +00:00
data: {
user: {
default user
}
}
}
2010-01-25 09:20:21 +00:00
'''
2010-12-24 10:14:13 +00:00
response = json_response(text='ok')
2010-01-25 09:20:21 +00:00
if request.user.is_authenticated():
2010-12-24 10:14:13 +00:00
response = json_response(text='logged out')
logout(request)
2011-01-03 14:25:51 +00:00
2011-09-06 12:06:59 +00:00
response['data']['user'] = settings.CONFIG['user']
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(signout, cache=False)
2010-01-25 09:20:21 +00:00
2011-01-01 11:44:42 +00:00
2011-01-03 12:31:50 +00:00
def signup(request):
2010-01-25 09:20:21 +00:00
'''
param data {
username: 'username',
password: 'password',
email: 'emailaddress'
}
2011-01-01 11:44:42 +00:00
return {
status: {'code': int, 'text': string}
data: {
errors: {
2010-12-24 10:14:13 +00:00
username: 'Unknown Username',
password: 'Incorrect Password'
}
user: {
...
}
}
}
2010-01-25 09:20:21 +00:00
'''
data = json.loads(request.POST['data'])
2011-10-22 12:27:00 +00:00
if 'username' in data and 'password' in data:
data['username'] = data['username'].strip()
data['password'] = data['password'].strip()
if models.User.objects.filter(username=data['username']).count() > 0:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'username': 'Username already exists'
}
})
2011-10-22 12:27:00 +00:00
elif models.User.objects.filter(email=data['email']).count() > 0:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'email': 'Email address already exits'
}
})
2011-10-22 12:27:00 +00:00
elif not data['password']:
2010-12-24 12:54:35 +00:00
response = json_response({
'errors': {
'password': 'Password can not be empty'
}
})
else:
first_user = models.User.objects.count() == 0
2011-10-22 12:27:00 +00:00
user = models.User(username=data['username'], email=data['email'])
user.set_password(data['password'])
#make first user admin
user.is_superuser = first_user
user.is_staff = first_user
2010-01-26 13:24:50 +00:00
user.save()
2011-01-11 10:18:18 +00:00
#create default user lists:
for l in settings.CONFIG['personalLists']:
2011-01-11 10:18:18 +00:00
list = models.List(name=l['name'], user=user)
for key in ('query', 'public', 'featured'):
if key in l:
setattr(list, key, l[key])
list.save()
2011-10-22 12:27:00 +00:00
user = authenticate(username=data['username'],
password=data['password'])
login(request, user)
2011-10-05 21:16:55 +00:00
user_json = models.init_user(user)
response = json_response({
'user': user_json
}, text='account created')
else:
response = json_response(status=400, text='invalid data')
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(signup, cache=False)
2010-01-25 09:20:21 +00:00
2011-01-01 11:44:42 +00:00
2010-12-24 12:54:35 +00:00
def resetPassword(request):
'''
param data {
2011-10-07 17:56:39 +00:00
username: username,
2010-12-24 12:54:35 +00:00
password: new password
2011-10-07 17:56:39 +00:00
code: reset code
2010-12-24 12:54:35 +00:00
}
2011-01-01 11:44:42 +00:00
2010-12-24 12:54:35 +00:00
return {
status: {'code': int, 'text': string}
data: {
errors: {
2011-10-07 17:56:39 +00:00
code: 'Invalid Code'
2010-12-24 12:54:35 +00:00
}
user {
}
}
}
'''
data = json.loads(request.POST['data'])
2011-10-07 17:56:39 +00:00
if 'code' in data and 'password' in data:
2010-12-24 12:54:35 +00:00
if not data['password']:
response = json_response({
'errors': {
'password': 'Password can not be empty'
}
})
else:
2011-10-07 17:56:39 +00:00
qs = models.UserProfile.objects.filter(reset_code=data['code'])
2010-12-24 12:54:35 +00:00
if qs.count() == 1:
user = qs[0].user
user.set_password(data['password'])
user.save()
user_profile = user.get_profile()
2011-10-07 17:56:39 +00:00
user_profile.reset_code = None
2010-12-24 12:54:35 +00:00
user_profile.save()
user = authenticate(username=user.username, password=data['password'])
login(request, user)
2011-10-05 21:16:55 +00:00
user_json = models.init_user(user)
2010-12-24 12:54:35 +00:00
response = json_response({
'user': user_json
}, text='password reset')
else:
response = json_response({
'errors': {
2011-10-07 17:56:39 +00:00
'code': 'Invalid code'
2010-12-24 12:54:35 +00:00
}
})
else:
response = json_response(status=400, text='invalid data')
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(resetPassword, cache=False)
2010-12-24 12:54:35 +00:00
2011-01-01 11:44:42 +00:00
2010-12-24 12:54:35 +00:00
def requestToken(request):
'''
param data {
username: username,
email: email
}
2011-01-01 11:44:42 +00:00
return {
status: {'code': int, 'text': string}
data: {
errors: {
username: 'Unknown Username'
email: 'Unknown Email'
}
2010-12-24 12:54:35 +00:00
username: user
}
}
'''
2010-01-25 09:20:21 +00:00
data = json.loads(request.POST['data'])
user = None
if 'username' in data:
try:
user = models.User.objects.get(username=data['username'])
except models.User.DoesNotExist:
user = None
elif 'email' in data:
try:
user = models.User.objects.get(email=data['email'])
except models.User.DoesNotExist:
user = None
if user:
while True:
code = ox.to26(random.randint(ox.from26('BAAAAAAAAAAAAAAA'),
ox.from26('BAAAAAAAAAAAAAAAA')))
2011-10-07 17:56:39 +00:00
if models.UserProfile.objects.filter(reset_code=code).count() == 0:
break
user_profile = user.get_profile()
2011-10-07 17:56:39 +00:00
user_profile.reset_code = code
user_profile.save()
2010-02-03 11:59:11 +00:00
template = loader.get_template('password_reset_email.txt')
context = RequestContext(request, {
'url': request.build_absolute_uri("/"),
2011-10-07 17:56:39 +00:00
'code': code,
'sitename': settings.SITENAME,
})
message = template.render(context)
2010-12-25 10:12:51 +00:00
subject = '%s - Reset Password' % settings.SITENAME
user.email_user(subject, message)
response = json_response({
'username': user.username
}, text='password reset email sent')
2010-01-25 09:20:21 +00:00
else:
response = json_response({
'errors': {
}
})
if 'username' in data:
response['data']['errors']['username'] = 'Unknown Username'
elif 'email' in data:
response['data']['errors']['email'] = 'Unknown Email'
else:
response = json_response(status=400, text='invalid data')
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(requestToken, cache=False)
2010-07-22 13:03:16 +00:00
2011-01-01 11:44:42 +00:00
2011-10-03 16:09:11 +00:00
@admin_required_json
def editUser(request):
'''
param data {
key: value
}
2011-10-03 19:19:35 +00:00
required key: id
2011-10-03 18:10:53 +00:00
optional keys: username, email, level, notes
2011-10-03 16:09:11 +00:00
return {
'status': {'code': int, 'text': string}
'data': {
}
}
'''
response = json_response()
2011-10-03 19:22:13 +00:00
data = json.loads(request.POST['data'])
2011-10-03 18:10:53 +00:00
user = get_object_or_404_json(models.User, pk=ox.from26(data['id']))
2011-10-03 16:09:11 +00:00
profile = user.get_profile()
2011-10-03 18:10:53 +00:00
if 'disabled' in data:
user.is_active = not data['disabled']
2011-10-03 16:09:11 +00:00
if 'email' in data:
2011-10-03 19:30:43 +00:00
if models.User.objects.filter(email=data['email']).exclude(id=user.id).count()>0:
response = json_response(status=403, text='email already in use')
return render_to_json_response(response)
2011-10-03 16:09:11 +00:00
user.email = data['email']
if 'level' in data:
profile.set_level(data['level'])
2011-10-03 18:10:53 +00:00
if 'notes' in data:
profile.notes = data['notes']
2011-10-03 19:19:35 +00:00
if 'username' in data:
2011-10-03 19:30:43 +00:00
if models.User.objects.filter(username=data['username']).exclude(id=user.id).count()>0:
response = json_response(status=403, text='username already in use')
return render_to_json_response(response)
2011-10-03 19:19:35 +00:00
user.username = data['username']
2011-10-03 16:09:11 +00:00
user.save()
profile.save()
2011-10-03 18:10:53 +00:00
response['data'] = models.user_json(user)
2011-10-03 16:09:11 +00:00
return render_to_json_response(response)
actions.register(editUser, cache=False)
@admin_required_json
def removeUser(request):
'''
param data {
username: username
}
return {
'status': {'code': int, 'text': string}
'data': {
}
}
'''
response = json_response()
data = json.load(request.POST['data'])
user = get_object_or_404_json(models.User, username=data['username'])
user.delete()
return render_to_json_response(response)
actions.register(removeUser, cache=False)
def findUser(request):
2010-07-22 13:03:16 +00:00
'''
param data {
key: "username",
2011-10-22 12:58:21 +00:00
value: "foo",
operator: "=="
2011-08-23 17:39:34 +00:00
keys: []
}
2011-01-01 11:44:42 +00:00
2010-07-22 13:03:16 +00:00
return {
'status': {'code': int, 'text': string}
'data': {
2011-08-23 17:39:34 +00:00
users = [{username: 'user1', level: ...}, {username: 'user2', ..}]
2010-07-22 13:03:16 +00:00
}
}
'''
data = json.loads(request.POST['data'])
response = json_response(status=200, text='ok')
2011-10-03 11:52:16 +00:00
#keys = data.get('keys')
#if not keys:
# keys = ['username', 'level']
keys = ['username', 'level']
2011-08-23 17:39:34 +00:00
2010-12-25 04:19:37 +00:00
if data['key'] == 'email':
response['data']['users'] = [models.user_json(u, keys)
2011-08-23 17:39:34 +00:00
for u in User.objects.filter(email__iexact=data['value'])]
2010-12-25 04:19:37 +00:00
else:
response['data']['users'] = [models.user_json(u, keys)
2011-08-23 17:39:34 +00:00
for u in User.objects.filter(username__iexact=data['value'])]
2010-07-22 13:03:16 +00:00
return render_to_json_response(response)
actions.register(findUser)
2010-01-25 09:20:21 +00:00
2011-01-01 11:44:42 +00:00
def parse_query(data, user):
query = {}
query['range'] = [0, 100]
query['sort'] = [{'key':'name', 'operator':'+'}]
for key in ('keys', 'range', 'sort', 'query'):
if key in data:
query[key] = data[key]
query['qs'] = managers.find_user(query, user)
return query
def order_query(qs, sort):
order_by = []
for e in sort:
operator = e['operator']
if operator != '-':
operator = ''
key = {
2011-10-03 11:52:16 +00:00
'email': 'email',
'firstseen': 'date_joined',
'lastseen': 'last_login',
'username': 'username',
}.get(e['key'], 'profile__%s'%e['key'])
if key == 'profile__numberoflists':
qs = qs.annotate(numberoflists=Sum('lists'))
2011-10-03 10:58:47 +00:00
key = 'numberoflists'
order = '%s%s' % (operator, key)
order_by.append(order)
if order_by:
2011-10-03 11:52:16 +00:00
print order_by
#user table does not support this
#qs = qs.order_by(*order_by, nulls_last=True)
qs = qs.order_by(*order_by)
return qs
2011-10-03 16:09:11 +00:00
@admin_required_json
def findUsers(request):
'''
param data {
query: {
conditions: [
{
key: 'user',
value: 'something',
operator: '='
}
]
operator: ","
},
sort: [{key: 'username', operator: '+'}],
range: [0, 100]
keys: []
}
possible query keys:
username, email, lastLogin, browser
return {
status: {
code: int,
text: string
},
data: {
items: [
{name:, user:, featured:, public...}
]
}
}
param data
{'query': query, 'sort': array, 'range': array}
query: query object, more on query syntax at
https://wiki.0x2620.org/wiki/pandora/QuerySyntax
sort: array of key, operator dics
[
{
key: "year",
operator: "-"
},
{
key: "director",
operator: ""
}
]
range: result range, array [from, to]
with keys, items is list of dicts with requested properties:
return {'status': {'code': int, 'text': string},
'data': {items: array}}
Positions
param data
{'query': query, 'positions': []}
query: query object, more on query syntax at
https://wiki.0x2620.org/wiki/pandora/QuerySyntax
positions: ids of places for which positions are required
'''
2011-10-03 11:52:16 +00:00
response = json_response(status=200, text='ok')
data = json.loads(request.POST['data'])
query = parse_query(data, request.user)
2011-10-03 11:52:16 +00:00
qs = order_query(query['qs'], query['sort'])
if 'keys' in data:
qs = qs[query['range'][0]:query['range'][1]]
response['data']['items'] = [models.user_json(p, data['keys'], request.user) for p in qs]
elif 'position' in query:
ids = [i.get_id() for i in qs]
data['conditions'] = data['conditions'] + {
'value': data['position'],
'key': query['sort'][0]['key'],
'operator': '^'
}
query = parse_query(data, request.user)
qs = order_query(query['qs'], query['sort'])
if qs.count() > 0:
response['data']['position'] = utils.get_positions(ids, [qs[0].itemId])[0]
elif 'positions' in data:
2011-10-03 18:10:53 +00:00
ids = [ox.to26(i.id) for i in qs]
response['data']['positions'] = utils.get_positions(ids, data['positions'])
else:
response['data']['items'] = qs.count()
return render_to_json_response(response)
actions.register(findUsers)
def contact(request):
2010-02-16 10:10:53 +00:00
'''
param data {
'email': string,
2011-10-06 15:39:28 +00:00
'subject': string,
'message': string
}
2011-01-01 11:44:42 +00:00
return {
'status': {'code': int, 'text': string}
}
2010-02-16 10:10:53 +00:00
'''
data = json.loads(request.POST['data'])
2011-10-22 12:27:00 +00:00
if 'email' in data and 'message' in data:
2010-02-16 10:10:53 +00:00
email = data['email']
template = loader.get_template('contact_email.txt')
context = RequestContext(request, {
'sitename': settings.SITENAME,
'email': email,
'message': data['message'],
})
message = template.render(context)
subject = '%s contact: %s' % (settings.SITENAME, data['subject'])
response = json_response(text='message sent')
try:
send_mail(subject, message, email, [settings.DEFAULT_FROM_EMAIL, ])
except BadHeaderError:
response = json_response(status=400, text='invalid data')
else:
response = json_response(status=400, text='invalid data')
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(contact, cache=False)
2010-02-16 10:10:53 +00:00
2011-01-01 11:44:42 +00:00
2011-01-11 11:51:09 +00:00
def getPositionById(list, key):
for i in range(0, len(list)):
if list[i]['id'] == key:
return i
return -1
2010-01-25 09:20:21 +00:00
@login_required_json
2011-10-18 21:41:54 +00:00
def editPreferences(request):
2010-01-25 09:20:21 +00:00
'''
2011-01-11 11:51:09 +00:00
param data {
2011-10-18 21:41:54 +00:00
key: value
2011-01-11 11:51:09 +00:00
}
2011-10-18 21:41:54 +00:00
keys: email, password
return
2010-01-25 09:20:21 +00:00
'''
2011-01-11 11:51:09 +00:00
data = json.loads(request.POST['data'])
2011-10-18 21:41:54 +00:00
errors = {}
change = False
2010-02-10 13:10:28 +00:00
response = json_response()
2011-10-18 21:41:54 +00:00
if 'email' in data:
if models.User.objects.filter(
email=data['email']).exclude(username=request.user.username).count()>0:
errors['email'] = 'Email address already in use'
else:
change = True
request.user.email = data['email']
if 'password' in data:
change = True
request.user.password = data['password']
if change:
request.user.save()
if errors:
response = json_response({ 'errors': errors})
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2011-10-18 21:41:54 +00:00
actions.register(editPreferences, cache=False)
2011-01-11 10:18:18 +00:00
2011-10-21 18:36:21 +00:00
def reset_ui(request):
response = json_response()
if request.user.is_authenticated():
profile = request.user.get_profile()
profile.ui = {}
profile.save()
else:
request.session['ui'] = '{}'
return redirect('/')
2011-01-15 23:26:39 +00:00
def resetUI(request):
'''
reset user ui settings to defaults
param data {
}
return {
'status': {'code': int, 'text': string}
}
'''
response = json_response()
2011-10-09 13:39:31 +00:00
if request.user.is_authenticated():
profile = request.user.get_profile()
profile.ui = {}
profile.save()
else:
request.session['ui'] = '{}'
2011-01-15 23:26:39 +00:00
return render_to_json_response(response)
actions.register(resetUI, cache=False)
2011-01-11 10:18:18 +00:00
def setUI(request):
'''
2011-01-11 11:51:09 +00:00
param data {
key.subkey: value
}
2011-01-11 14:56:08 +00:00
you can set nested keys
2011-01-15 14:22:29 +00:00
api.setUI({"lists|my|ListView": "icons"})
2011-01-11 14:56:08 +00:00
return {
'status': {'code': int, 'text': string}
}
2011-01-11 10:18:18 +00:00
'''
data = json.loads(request.POST['data'])
2011-01-25 14:45:07 +00:00
if request.user.is_authenticated():
2011-02-22 10:44:17 +00:00
profile = request.user.get_profile()
2011-10-09 13:39:31 +00:00
ui = profile.ui
else:
ui = json.loads(request.session.get('ui', '{}'))
for key in data:
keys = re.sub('([^\\\\])\.', '\\1\n', key).split('\n')
value = data[key]
p = ui
while len(keys)>1:
key = keys.pop(0)
if isinstance(p, list):
p = p[getPositionById(p, key)]
2011-08-25 16:12:36 +00:00
else:
2011-10-09 13:39:31 +00:00
if key not in p:
p[key] = {}
p = p[key]
if value == None and keys[0] in p:
del p[keys[0]]
else:
p[keys[0]] = value
if request.user.is_authenticated():
2011-01-25 14:45:07 +00:00
profile.save()
2011-10-09 13:39:31 +00:00
else:
request.session['ui'] = json.dumps(ui)
2011-01-25 14:45:07 +00:00
if data.get('item', False):
item = get_object_or_404_json(Item, itemId=data['item'])
2011-01-25 14:45:07 +00:00
if request.user.is_authenticated():
access, created = Access.objects.get_or_create(item=item, user=request.user)
2011-01-11 11:51:09 +00:00
else:
2011-01-25 14:45:07 +00:00
access, created = Access.objects.get_or_create(item=item, user=None)
access.save()
2011-01-11 10:18:18 +00:00
response = json_response()
return render_to_json_response(response)
2011-01-13 08:33:14 +00:00
actions.register(setUI, cache=False)
2011-01-11 10:18:18 +00:00