Fixes OSQA-406, Validation hash is not reset when email address is changed (enabling...

[osqa.git] / forum / views / users.py

from django.contrib.auth.decorators import login_required\r
from forum.models import User\r
from django.db.models import Q, Count\r
from django.core.paginator import Paginator, EmptyPage, InvalidPage\r
from django.template.defaultfilters import slugify\r
from django.contrib.contenttypes.models import ContentType\r
from django.core.urlresolvers import reverse\r
from django.shortcuts import render_to_response, get_object_or_404\r
from django.template import RequestContext\r
from django.http import HttpResponse, HttpResponseRedirect, Http404\r
from forum.http_responses import HttpResponseUnauthorized\r
from django.utils.translation import ugettext as _\r
from django.utils.http import urlquote_plus\r
from django.utils.html import strip_tags\r
from django.utils import simplejson\r
from django.core.urlresolvers import reverse, NoReverseMatch\r
from forum.forms import *\r
from forum.utils.html import sanitize_html\r
from forum.modules import decorate\r
from datetime import datetime, date\r
import decorators\r
from forum.actions import EditProfileAction, FavoriteAction, BonusRepAction, SuspendAction\r
from forum.modules import ui\r
from forum.utils import pagination\r
from forum.views.readers import QuestionListPaginatorContext, AnswerPaginatorContext\r
\r
import time\r
import decorators\r
\r
class UserReputationSort(pagination.SimpleSort):\r
    def apply(self, objects):\r
        return objects.order_by('-is_active', self.order_by)\r
\r
class UserListPaginatorContext(pagination.PaginatorContext):\r
    def __init__(self):\r
        super (UserListPaginatorContext, self).__init__('USERS_LIST', sort_methods=(\r
            (_('reputation'), UserReputationSort(_('reputation'), '-reputation', _("sorted by reputation"))),\r
            (_('newest'), pagination.SimpleSort(_('recent'), '-date_joined', _("newest members"))),\r
            (_('last'), pagination.SimpleSort(_('oldest'), 'date_joined', _("oldest members"))),\r
            (_('name'), pagination.SimpleSort(_('by username'), 'username', _("sorted by username"))),\r
        ), pagesizes=(20, 35, 60))\r
\r
class UserAnswersPaginatorContext(pagination.PaginatorContext):\r
    def __init__(self):\r
        super (UserAnswersPaginatorContext, self).__init__('USER_ANSWER_LIST', sort_methods=(\r
            (_('oldest'), pagination.SimpleSort(_('oldest answers'), 'added_at', _("oldest answers will be shown first"))),\r
            (_('newest'), pagination.SimpleSort(_('newest answers'), '-added_at', _("newest answers will be shown first"))),\r
            (_('votes'), pagination.SimpleSort(_('popular answers'), '-score', _("most voted answers will be shown first"))),\r
        ), default_sort=_('votes'), pagesizes=(5, 10, 20), default_pagesize=20, prefix=_('answers'))\r
\r
USERS_PAGE_SIZE = 35# refactor - move to some constants file\r
\r
@decorators.render('users/users.html', 'users', _('users'), weight=200)\r
def users(request):\r
    suser = request.REQUEST.get('q', "")\r
    users = User.objects.all()\r
\r
    if suser != "":\r
        users = users.filter(username__icontains=suser)\r
\r
    return pagination.paginated(request, ('users', UserListPaginatorContext()), {\r
        "users" : users,\r
        "suser" : suser,\r
    })\r
\r
\r
@login_required\r
def edit_user(request, id):\r
    user = get_object_or_404(User, id=id)\r
    if not (request.user.is_superuser or request.user == user):\r
        return HttpResponseUnauthorized(request)\r
    if request.method == "POST":\r
        form = EditUserForm(user, request.POST)\r
        if form.is_valid():\r
            new_email = sanitize_html(form.cleaned_data['email'])\r
\r
            if new_email != user.email:\r
                user.email = new_email\r
                user.email_isvalid = False\r
\r
                try:\r
                    hash = ValidationHash.objects.get(user=request.user, type='email')\r
                    hash.delete()\r
                except:\r
                    pass\r
\r
            if settings.EDITABLE_SCREEN_NAME:\r
                user.username = sanitize_html(form.cleaned_data['username'])\r
            user.real_name = sanitize_html(form.cleaned_data['realname'])\r
            user.website = sanitize_html(form.cleaned_data['website'])\r
            user.location = sanitize_html(form.cleaned_data['city'])\r
            user.date_of_birth = form.cleaned_data['birthday']\r
            if user.date_of_birth == "None":\r
                user.date_of_birth = datetime(1900, 1, 1, 0, 0)\r
            user.about = sanitize_html(form.cleaned_data['about'])\r
\r
            user.save()\r
            EditProfileAction(user=user, ip=request.META['REMOTE_ADDR']).save()\r
\r
            request.user.message_set.create(message=_("Profile updated."))\r
            return HttpResponseRedirect(user.get_profile_url())\r
    else:\r
        form = EditUserForm(user)\r
    return render_to_response('users/edit.html', {\r
    'user': user,\r
    'form' : form,\r
    'gravatar_faq_url' : reverse('faq') + '#gravatar',\r
    }, context_instance=RequestContext(request))\r
\r
\r
@decorate.withfn(decorators.command)\r
def user_powers(request, id, action, status):\r
    if not request.user.is_superuser:\r
        raise decorators.CommandException(_("Only superusers are allowed to alter other users permissions."))\r
\r
    if (action == 'remove' and 'status' == 'super') and not request.user.is_siteowner():\r
        raise decorators.CommandException(_("Only the site owner can remove the super user status from other user."))\r
\r
    user = get_object_or_404(User, id=id)\r
    new_state = action == 'grant'\r
\r
    if status == 'super':\r
        user.is_superuser = new_state\r
    elif status == 'staff':\r
        user.is_staff = new_state\r
    else:\r
        raise Http404()\r
\r
    user.save()\r
    return decorators.RefreshPageCommand()\r
\r
\r
@decorate.withfn(decorators.command)\r
def award_points(request, id):\r
    if not request.POST:\r
        return render_to_response('users/karma_bonus.html')\r
\r
    if not request.user.is_superuser:\r
        raise decorators.CommandException(_("Only superusers are allowed to award reputation points"))\r
\r
    try:\r
        points = int(request.POST['points'])\r
    except:\r
        raise decorators.CommandException(_("Invalid number of points to award."))\r
\r
    user = get_object_or_404(User, id=id)\r
\r
    extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points)\r
\r
    BonusRepAction(user=request.user, extra=extra).save(data=dict(value=points, affected=user))\r
\r
    return {'commands': {\r
            'update_profile_karma': [user.reputation]\r
        }}\r
    \r
\r
@decorate.withfn(decorators.command)\r
def suspend(request, id):\r
    user = get_object_or_404(User, id=id)\r
\r
    if not request.user.is_superuser:\r
        raise decorators.CommandException(_("Only superusers can suspend other users"))\r
\r
    if not request.POST.get('bantype', None):\r
        if user.is_suspended():\r
            suspension = user.suspension\r
            suspension.cancel(user=request.user, ip=request.META['REMOTE_ADDR'])\r
            return decorators.RefreshPageCommand()\r
        else:\r
            return render_to_response('users/suspend_user.html')\r
\r
    data = {\r
    'bantype': request.POST.get('bantype', 'indefinetly').strip(),\r
    'publicmsg': request.POST.get('publicmsg', _('Bad behaviour')),\r
    'privatemsg': request.POST.get('privatemsg', None) or request.POST.get('publicmsg', ''),\r
    'suspended': user\r
    }\r
\r
    if data['bantype'] == 'forxdays':\r
        try:\r
            data['forxdays'] = int(request.POST['forxdays'])\r
        except:\r
            raise decorators.CommandException(_('Invalid numeric argument for the number of days.'))\r
\r
    SuspendAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=data)\r
\r
    return decorators.RefreshPageCommand()\r
\r
\r
def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, render_to=None, weight=500):\r
    def decorator(fn):\r
        def params(request, id, slug=None):\r
            user = get_object_or_404(User, id=id)\r
            if private and not (user == request.user or request.user.is_superuser):\r
                return HttpResponseUnauthorized(request)\r
\r
            if render_to and (not render_to(user)):\r
                return HttpResponseRedirect(user.get_profile_url())\r
\r
            return [request, user], {}\r
\r
        decorated = decorate.params.withfn(params)(fn)\r
\r
        def result(context, request, user):\r
            rev_page_title = user.username + " - " + tab_description\r
\r
            context.update({\r
                "tab": "users",\r
                "active_tab" : tab_name,\r
                "tab_description" : tab_description,\r
                "page_title" : rev_page_title,\r
                "can_view_private": (user == request.user) or request.user.is_superuser\r
            })\r
            return render_to_response(template, context, context_instance=RequestContext(request))\r
\r
        decorated = decorate.result.withfn(result, needs_params=True)(decorated)\r
\r
        if tabbed:\r
            def url_getter(vu):\r
                try:\r
                    return reverse(fn.__name__, kwargs={'id': vu.id, 'slug': slugify(vu.username)})\r
                except NoReverseMatch:\r
                    return reverse(fn.__name__, kwargs={'id': vu.id})\r
\r
            ui.register(ui.PROFILE_TABS, ui.ProfileTab(\r
                tab_name, tab_title, tab_description,url_getter, private, render_to, weight\r
            ))\r
\r
        return decorated\r
    return decorator\r
\r
\r
@user_view('users/stats.html', 'stats', _('overview'), _('user overview'))\r
def user_profile(request, user):\r
    questions = Question.objects.filter_state(deleted=False).filter(author=user).order_by('-added_at')\r
    answers = Answer.objects.filter_state(deleted=False).filter(author=user).order_by('-added_at')\r
\r
    up_votes = user.vote_up_count\r
    down_votes = user.vote_down_count\r
    votes_today = user.get_vote_count_today()\r
    votes_total = int(settings.MAX_VOTES_PER_DAY)\r
\r
    user_tags = Tag.objects.filter(Q(nodes__author=user) | Q(nodes__children__author=user)) \\r
        .annotate(user_tag_usage_count=Count('name')).order_by('-user_tag_usage_count')\r
\r
    awards = [(Badge.objects.get(id=b['id']), b['count']) for b in\r
              Badge.objects.filter(awards__user=user).values('id').annotate(count=Count('cls')).order_by('-count')]\r
\r
    return pagination.paginated(request, (\r
    ('questions', QuestionListPaginatorContext('USER_QUESTION_LIST', _('questions'), 15)),\r
    ('answers', UserAnswersPaginatorContext())), {\r
    "view_user" : user,\r
    "questions" : questions,\r
    "answers" : answers,\r
    "up_votes" : up_votes,\r
    "down_votes" : down_votes,\r
    "total_votes": up_votes + down_votes,\r
    "votes_today_left": votes_total-votes_today,\r
    "votes_total_per_day": votes_total,\r
    "user_tags" : user_tags[:50],\r
    "awards": awards,\r
    "total_awards" : len(awards),\r
    })\r
    \r
@user_view('users/recent.html', 'recent', _('recent activity'), _('recent user activity'))\r
def user_recent(request, user):\r
    activities = user.actions.exclude(\r
            action_type__in=("voteup", "votedown", "voteupcomment", "flag", "newpage", "editpage")).order_by(\r
            '-action_date')[:USERS_PAGE_SIZE]\r
\r
    return {"view_user" : user, "activities" : activities}\r
\r
\r
@user_view('users/reputation.html', 'reputation', _('karma history'), _('graph of user karma'))\r
def user_reputation(request, user):\r
    rep = list(user.reputes.order_by('date'))\r
    values = [r.value for r in rep]\r
    redux = lambda x, y: x+y\r
\r
    graph_data = simplejson.dumps([\r
    (time.mktime(rep[i].date.timetuple()) * 1000, reduce(redux, values[:i], 0))\r
    for i in range(len(values))\r
    ])\r
\r
    rep = user.reputes.filter(action__canceled=False).order_by('-date')[0:20]\r
\r
    return {"view_user": user, "reputation": rep, "graph_data": graph_data}\r
\r
@user_view('users/votes.html', 'votes', _('votes'), _('user vote record'), True)\r
def user_votes(request, user):\r
    votes = user.votes.exclude(node__state_string__contains="(deleted").filter(\r
            node__node_type__in=("question", "answer")).order_by('-voted_at')[:USERS_PAGE_SIZE]\r
\r
    return {"view_user" : user, "votes" : votes}\r
\r
@user_view('users/questions.html', 'favorites', _('favorites'), _('questions that user selected as his/her favorite'))\r
def user_favorites(request, user):\r
    favorites = FavoriteAction.objects.filter(canceled=False, user=user)\r
\r
    return {"favorites" : favorites, "view_user" : user}\r
\r
@user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('subscriptions'), True, tabbed=False)\r
def user_subscriptions(request, user):\r
    enabled = user.subscription_settings.enable_notifications\r
\r
    if request.method == 'POST':        \r
        form = SubscriptionSettingsForm(data=request.POST, instance=user.subscription_settings)\r
\r
        if form.is_valid():\r
            form.save()\r
            message = _('New subscription settings are now saved')\r
\r
            if 'notswitch' in request.POST:\r
                enabled = not enabled\r
\r
                if enabled:\r
                    message = _('Notifications are now enabled')\r
                else:\r
                    message = _('Notifications are now disabled')\r
\r
            user.subscription_settings.enable_notifications = enabled\r
            user.subscription_settings.save()\r
\r
            request.user.message_set.create(message=message)\r
    else:\r
        form = SubscriptionSettingsForm(instance=user.subscription_settings)\r
\r
    return {'view_user':user, 'notificatons_on': enabled, 'form':form}\r
\r
@user_view('users/preferences.html', 'preferences', _('preferences'), _('preferences'), True, tabbed=False)\r
def user_preferences(request, user):\r
    if request.POST:\r
        form = UserPreferencesForm(request.POST)\r
\r
        if form.is_valid():\r
            user.prop.preferences = form.cleaned_data\r
            request.user.message_set.create(message=_('New preferences saved'))\r
\r
    else:\r
        preferences = user.prop.preferences\r
\r
        if preferences:\r
            form = UserPreferencesForm(initial=preferences)\r
        else:\r
            form = UserPreferencesForm()\r
            \r
    return {'view_user': user, 'form': form}\r
\r
@login_required\r
def account_settings(request):\r
    logging.debug('')\r
    msg = request.GET.get('msg', '')\r
    is_openid = False\r
\r
    return render_to_response('account_settings.html', {\r
    'msg': msg,\r
    'is_openid': is_openid\r
    }, context_instance=RequestContext(request))\r
\r