]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/actions/user.py
fix breach in award points that allows user to award infinite points / extra fix
[osqa.git] / forum / actions / user.py
index 15ad5ee9e3218e8d603d9ced57fd012e0e1a4f06..ce277c32b9e9195d180a63e905f8bb3eb513e4d4 100644 (file)
@@ -1,11 +1,15 @@
 from django.utils.translation import ungettext, ugettext as _
+from django.core.urlresolvers import reverse
 from django.db.models import F
+from django.contrib import messages
 from forum.models.action import ActionProxy
 from forum.models import Award, Badge, ValidationHash, User
-from forum import settings
+from forum import settings, REQUEST_HOLDER
 from forum.settings import APP_SHORT_NAME
 from forum.utils.mail import send_template_email
 
+from django.contrib import messages
+
 class UserJoinsAction(ActionProxy):
     verb = _("joined")
 
@@ -18,11 +22,20 @@ class UserJoinsAction(ActionProxy):
 
     def describe(self, viewer=None):
         return _("%(user)s %(have_has)s joined the %(app_name)s Q&A community") % {
-        'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+        'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
         'have_has': self.viewer_or_user_verb(viewer, self.user, _('have'), _('has')),
         'app_name': APP_SHORT_NAME,
         }
 
+class UserLoginAction(ActionProxy):
+    verb = _("logged in")
+
+    def describe(self, viewer=None):
+        return _("%(user)s %(have_has)s logged in") % {
+            'user' : self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
+            'have_has': self.viewer_or_user_verb(viewer, self.user, _('have'), _('has')),
+        }
+
 class EmailValidationAction(ActionProxy):
     verb = _("validated e-mail")
 
@@ -35,9 +48,9 @@ class EmailValidationAction(ActionProxy):
 
     def describe(self, viewer=None):
         return _("%(user)s %(have_has)s validated the e-mail %(email)s") % {
-        'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+        'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
         'have_has': self.viewer_or_user_verb(viewer, self.user, _('have'), _('has')),
-        'email' : self.user.email
+        'email' : self.user.email if viewer.is_superuser or viewer.is_staff or viewer == self.user else ""
         }
 
 class EditProfileAction(ActionProxy):
@@ -45,9 +58,9 @@ class EditProfileAction(ActionProxy):
 
     def describe(self, viewer=None):
         return _("%(user)s edited %(hes_or_your)s %(profile_link)s") % {
-        'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+        'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
         'hes_or_your': self.viewer_or_user_verb(viewer, self.user, _('your'), _('his')),
-        'profile_link': self.hyperlink(self.user.get_profile_url(), _('profile')),
+        'profile_link': self.hyperlink(self.user.get_absolute_url(), _('profile')),
         }
 
 class BonusRepAction(ActionProxy):
@@ -66,8 +79,7 @@ class BonusRepAction(ActionProxy):
                     message=_("Congratulations, you have been awarded an extra %s reputation points.") % self._value +
                     '<br />%s' % self.extra.get('message', _('Thank you')))
         else:
-            self._affected.message_set.create(
-                    message=_("You have been penalized in %s reputation points.") % self._value +
+            messages.info(REQUEST_HOLDER.request, _("You have penalized %s in %s reputation points.") % (self._affected, self._value) +
                     '<br />%s' % self.extra.get('message', ''))
 
     def describe(self, viewer=None):
@@ -77,12 +89,12 @@ class BonusRepAction(ActionProxy):
         try:
             if int(value) > 0:
                 return _("%(user)s awarded an extra %(value)s reputation points to %(users)s: %(message)s") % {
-                'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+                'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
                 'value': value, 'users':self.affected_links(viewer), 'message': message
                 }
             else:
                 return _("%(user)s penalised %(users)s in %(value)s reputation points: %(message)s") % {
-                'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+                'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
                 'value': value, 'users':self.affected_links(viewer), 'message': message
                 }
         except Exception, e:
@@ -100,7 +112,6 @@ class AwardPointsAction(ActionProxy):
         self.repute(self._affected, self._value)
         self.repute(self.user, -self._value)
 
-
         self._affected.message_set.create(
                 message=_("Congratulations, you have been awarded an extra %(points)s reputation %(points_label)s on <a href=\"%(answer_url)s\">this</a> answer.") % {
                         'points': self._value,
@@ -114,12 +125,12 @@ class AwardPointsAction(ActionProxy):
         try:
             if int(value) > 0:
                 return _("%(user)s awarded an extra %(value)s reputation points to %(users)s") % {
-                'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+                'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
                 'value': value, 'users':self.affected_links(viewer),
                 }
             else:
                 return _("%(user)s penalised %(users)s in %(value)s reputation points") % {
-                'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+                'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
                 'value': value, 'users':self.affected_links(viewer),
                 }
         except Exception, e:
@@ -154,9 +165,10 @@ class AwardAction(ActionProxy):
         self.user.save()
 
         self.user.message_set.create(message=_(
-                """Congratulations, you have received a badge '%(badge_name)s'. Check out <a href=\"%(profile_url)s\">your profile</a>."""
-                ) %
-        dict(badge_name=award.badge.name, profile_url=self.user.get_profile_url()))
+                """Congratulations, you have received a badge '%(badge_name)s'. <a href="%(badge_url)s">Find out who has it, too</a>."""
+        ) % dict(
+            badge_name=award.badge.name,
+            badge_url=award.badge.get_absolute_url()))
 
     def cancel_action(self):
         award = self.award
@@ -177,11 +189,40 @@ class AwardAction(ActionProxy):
 
     def describe(self, viewer=None):
         return _("%(user)s %(were_was)s awarded the %(badge_name)s badge") % {
-        'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+        'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
         'were_was': self.viewer_or_user_verb(viewer, self.user, _('were'), _('was')),
         'badge_name': self.award.badge.name,
         }
 
+
+class ReportAction(ActionProxy):
+    verb = _("suspended")
+
+    def process_data(self, **kwargs):
+        self.extra = kwargs
+        # message here?
+
+
+    def process_action(self):
+
+        all_superusers = User.objects.filter(is_superuser=True)
+
+
+        send_template_email(all_superusers, "notifications/user_reported.html", {
+            'reported': self.extra['reported'],
+            'user':self.user,
+            'message': self.extra['publicmsg']
+            }
+            )
+
+    def describe(self, viewer=None):
+
+        return _("%(user)s reported %(reported) : %(msg)s") % {
+            'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
+            'reporter': self.extra.get('reported').username,
+            'msg': self.extra.get('publicmsg', _('N/A'))
+        }
+
 class SuspendAction(ActionProxy):
     verb = _("suspended")
 
@@ -210,6 +251,6 @@ class SuspendAction(ActionProxy):
             suspension = _("indefinetely")
 
         return _("%(user)s suspended %(users)s %(suspension)s: %(msg)s") % {
-        'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+        'user': self.hyperlink(self.user.get_absolute_url(), self.friendly_username(viewer, self.user)),
         'users': self.affected_links(viewer), 'suspension': suspension, 'msg': self.extra.get('publicmsg', _('Bad behaviour'))
-        }
\ No newline at end of file
+        }