more user backend

pandora/clip/managers.py

@@ -20,12 +20,13 @@ def parseCondition(condition, user):
     '''
     k = condition.get('key', 'name')
     k = {
-        'user': 'annotations__user__username',
-        'place': 'annotations__places__id',
         'event': 'annotations__events__id',
+        'id': 'public_id',
         'in': 'start',
         'out': 'end',
-        'id': 'public_id',
+        'place': 'annotations__places__id',
+        'text': 'annotations__value',
+        'user': 'annotations__user__username',
     }.get(k, k)
     if not k:
         k = 'name'

pandora/itemlist/views.py

@@ -36,6 +36,7 @@ def _order_query(qs, sort):
             qs = qs.annotate(subscribers=Sum('subscribed_users'))
     if order_by:
         qs = qs.order_by(*order_by)
+    qs = qs.distinct()
     return qs
 
 def parse_query(data, user):

pandora/urlalias/views.py

@@ -6,16 +6,19 @@ import models
 def padma_video(request, url):
     url = url.split('/')
     hid = url[0]
+    view = None
+    layer = None
     if len(url) > 1:
         view = url[1]
-    else:
-        view = None
+        if len(url) > 2:
+            layer = url[2]
     alias = get_object_or_404(models.IDAlias, old=hid)
     url = '/%s' % alias.new
     if view:
         url += '/' + {
             'editor': 'timeline',
         }.get(view, view)
-    #FIXME: reqire layer urls, reqrite timerange urls
+    #FIXME: reqrite layer urls
+    #FIXME: rewrite timerange urls
     return redirect(url)
 

pandora/user/models.py

@@ -29,6 +29,8 @@ class UserProfile(models.Model):
     useragent = models.CharField(default='', max_length=255)
     windowsize = models.CharField(default='', max_length=255)
     screensize = models.CharField(default='', max_length=255)
+    info = DictField(default={})
+    note = models.TextField(default='')
 
     def get_preferences(self):
         prefs = self.preferences
@@ -90,8 +92,11 @@ class UserProfile(models.Model):
                 del ui['lists'][i]
         return ui
 
+    def set_level(self, level):
+        self.level = settings.CONFIG['userLevels'].index(level)
+
     def get_level(self):
-        return ['guest', 'member', 'staff', 'admin'][self.level]
+        return settings.CONFIG['userLevels'][self.level]
 
 def user_post_save(sender, instance, **kwargs):
     profile, new = UserProfile.objects.get_or_create(user=instance)
@@ -106,6 +111,7 @@ def user_json(user, keys, request_user=None):
         'ip': p.ip,
         'lastseen': user.last_login,
         'level': p.get_level(),
+        'note': p.note,
         'numberoflists': user.lists.count(),
         'screensize': p.screensize,
         'timesseen': p.timesseen,
@@ -123,6 +129,7 @@ def init_user(user, request=None):
     profile = user.get_profile()
     if request:
         data = json.loads(request.POST.get('data', '{}'))
+        profile.info = data
         screen = data.get('screen', {})
         if 'height' in screen and 'width' in screen:
             profile.screensize = '%sx%s' % (screen['width'], screen['height'])

pandora/user/views.py

@@ -14,7 +14,7 @@ from django.core.mail import send_mail, BadHeaderError
 from django.db.models import Sum
 
 from ox.django.shortcuts import render_to_json_response, json_response, get_object_or_404_json
-from ox.django.decorators import login_required_json
+from ox.django.decorators import admin_required_json, login_required_json
 import ox
 
 
@@ -309,6 +309,57 @@ def requestToken(request):
 actions.register(requestToken, cache=False)
 
 
+@admin_required_json
+def editUser(request):
+    '''
+        param data {
+            key: value
+        }
+        required key: username
+        optional keys: newUsername, email, level, note
+
+        return {
+            'status': {'code': int, 'text': string}
+            'data': {
+            }
+        }
+    '''
+    response = json_response()
+    data = json.load(request.POST['data'])
+    user = get_object_or_404_json(models.User, username=data['username'])
+    profile = user.get_profile()
+    if 'email' in data:
+        user.email = data['email']
+    if 'level' in data:
+        profile.set_level(data['level'])
+    if 'note' in data:
+        profile.note = data['note']
+    if 'newUsername' in data:
+        user.username = data['newUsername']
+    user.save()
+    profile.save()
+    return render_to_json_response(response)
+actions.register(editUser, cache=False)
+
+@admin_required_json
+def removeUser(request):
+    '''
+        param data {
+            username: username
+        }
+        return {
+            'status': {'code': int, 'text': string}
+            'data': {
+            }
+        }
+    '''
+    response = json_response()
+    data = json.load(request.POST['data'])
+    user = get_object_or_404_json(models.User, username=data['username'])
+    user.delete()
+    return render_to_json_response(response)
+actions.register(removeUser, cache=False)
+
 def findUser(request):
     '''
         param data {
@@ -324,8 +375,6 @@ def findUser(request):
             }
         }
     '''
-    #admins should be able to find all users, other users only exact matches 
-    #FIXME: support other operators and keys
     data = json.loads(request.POST['data'])
     response = json_response(status=200, text='ok')
     #keys = data.get('keys')
@@ -377,6 +426,7 @@ def order_query(qs, sort):
         qs = qs.order_by(*order_by)
     return qs
 
+@admin_required_json
 def findUsers(request):
     '''
         param data {
@@ -439,10 +489,6 @@ Positions
                    https://wiki.0x2620.org/wiki/pandora/QuerySyntax
             positions:  ids of places for which positions are required
     '''
-    if request.user.is_anonymous() or request.user.get_profile().get_level() != 'admin': 
-        response = json_response(status=403, text='permission denied')
-        return render_to_json_response(response)
-
     response = json_response(status=200, text='ok')
     data = json.loads(request.POST['data'])
     query = parse_query(data, request.user)