]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/views/users.py
Fixes OSQA 275, Password changing is not reliable.
[osqa.git] / forum / views / users.py
index 543d5c79b47589330b7474113729372e1ac53aed..6bc3477d35c4461d6618e88527572a41c53ee083 100644 (file)
@@ -15,9 +15,9 @@ from django.utils import simplejson
 from django.core.urlresolvers import reverse\r
 from forum.forms import *\r
 from forum.utils.html import sanitize_html\r
-from forum.authentication import user_updated\r
-from datetime import date\r
+from datetime import datetime, date\r
 import decorators\r
+from forum.actions import EditProfileAction, FavoriteAction, BonusRepAction\r
 \r
 import time\r
 \r
@@ -71,26 +71,6 @@ def users(request):
 \r
                                 }, context_instance=RequestContext(request))\r
 \r
-@login_required\r
-def moderate_user(request, id):\r
-    """ajax handler of user moderation\r
-    """\r
-    if not request.user.is_superuser or request.method != 'POST':\r
-        raise Http404\r
-    if not request.is_ajax():\r
-        return HttpResponseForbidden(mimetype="application/json")\r
-\r
-    user = get_object_or_404(User, id=id)\r
-    form = ModerateUserForm(request.POST, instance=user)\r
-\r
-    if form.is_valid():\r
-        form.save()\r
-        logging.debug('data saved')\r
-        response = HttpResponse(simplejson.dumps(''), mimetype="application/json")\r
-    else:\r
-        response = HttpResponseForbidden(mimetype="application/json")\r
-    return response\r
-\r
 def set_new_email(user, new_email, nomessage=False):\r
     if new_email != user.email:\r
         user.email = new_email\r
@@ -102,8 +82,8 @@ def set_new_email(user, new_email, nomessage=False):
 @login_required\r
 def edit_user(request, id):\r
     user = get_object_or_404(User, id=id)\r
-    if request.user != user:\r
-        raise Http404\r
+    if not (request.user.is_superuser or request.user == user):\r
+        return HttpResponseForbidden()\r
     if request.method == "POST":\r
         form = EditUserForm(user, request.POST)\r
         if form.is_valid():\r
@@ -111,68 +91,104 @@ def edit_user(request, id):
 \r
             set_new_email(user, new_email)\r
 \r
-            #user.username = sanitize_html(form.cleaned_data['username'])\r
+            if settings.EDITABLE_SCREEN_NAME:\r
+                user.username = sanitize_html(form.cleaned_data['username'])\r
             user.real_name = sanitize_html(form.cleaned_data['realname'])\r
             user.website = sanitize_html(form.cleaned_data['website'])\r
             user.location = sanitize_html(form.cleaned_data['city'])\r
-            user.date_of_birth = sanitize_html(form.cleaned_data['birthday'])\r
+            user.date_of_birth = form.cleaned_data['birthday']\r
             if user.date_of_birth == "None":\r
-                user.date_of_birth = '1900-01-01'\r
+                user.date_of_birth = datetime(1900, 1, 1, 0, 0)\r
             user.about = sanitize_html(form.cleaned_data['about'])\r
 \r
             user.save()\r
-            # send user updated signal if full fields have been updated\r
-            if user.email and user.real_name and user.website and user.location and \\r
-                user.date_of_birth and user.about:\r
-                user_updated.send(sender=user.__class__, instance=user, updated_by=user)\r
+            EditProfileAction(user=user, ip=request.META['REMOTE_ADDR']).save()\r
+\r
             return HttpResponseRedirect(user.get_profile_url())\r
     else:\r
         form = EditUserForm(user)\r
     return render_to_response('users/edit.html', {\r
+                                                'user': user,\r
                                                 'form' : form,\r
                                                 'gravatar_faq_url' : reverse('faq') + '#gravatar',\r
                                     }, context_instance=RequestContext(request))\r
 \r
 \r
+@login_required\r
+def user_powers(request, id, action, status):\r
+    if not request.user.is_superuser:\r
+        return HttpResponseForbidden()\r
+\r
+    user = get_object_or_404(User, id=id)\r
+    new_state = action == 'grant'\r
+\r
+    if status == 'super':\r
+        user.is_superuser = new_state\r
+    elif status == 'staff':\r
+        user.is_staff = new_state\r
+    else:\r
+        raise Http404()\r
+\r
+    user.save()    \r
+    return HttpResponseRedirect(user.get_profile_url())\r
+\r
+\r
+@decorators.command\r
+def award_points(request, id):\r
+    if (not request.POST) and request.POST.get('points', None):\r
+        raise decorators.CommandException(_("Invalid request type"))\r
+\r
+    if not request.user.is_superuser:\r
+        raise decorators.CommandException(_("Only superusers are allowed to award reputation points"))\r
+\r
+    user = get_object_or_404(User, id=id)\r
+    points = int(request.POST['points'])\r
+\r
+    extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points)\r
+\r
+    BonusRepAction(user=user, extra=extra).save(data=dict(value=points))\r
+\r
+    return dict(reputation=user.reputation)\r
+\r
 \r
 def user_view(template, tab_name, tab_description, page_title, private=False):\r
     def decorator(fn):\r
         def decorated(request, id, slug=None):\r
             user = get_object_or_404(User, id=id)\r
-            if private and not user == request.user:\r
+            if private and not (user == request.user or request.user.is_superuser):\r
                 return HttpResponseForbidden()\r
             context = fn(request, user)\r
+\r
+            rev_page_title = user.username + " - " + page_title\r
+\r
             context.update({\r
                 "tab_name" : tab_name,\r
                 "tab_description" : tab_description,\r
-                "page_title" : page_title,\r
+                "page_title" : rev_page_title,\r
+                "can_view_private": (user == request.user) or request.user.is_superuser\r
             })\r
             return render_to_response(template, context, context_instance=RequestContext(request))\r
         return decorated\r
     return decorator\r
 \r
 \r
-@user_view('users/stats.html', 'stats', _('user profile'), _('user profile overview'))\r
+@user_view('users/stats.html', 'stats', _('user profile'), _('user overview'))\r
 def user_stats(request, user):\r
-    questions = Question.objects.filter(author=user, deleted=False).order_by('-added_at')\r
-    answers = Answer.objects.filter(author=user, deleted=False).order_by('-added_at')\r
+    questions = Question.objects.filter_state(deleted=False).filter(author=user).order_by('-added_at')\r
+    answers = Answer.objects.filter_state(deleted=False).filter(author=user).order_by('-added_at')\r
 \r
-    up_votes = user.get_up_vote_count()\r
-    down_votes = user.get_down_vote_count()\r
+    up_votes = user.vote_up_count\r
+    down_votes = user.vote_down_count\r
     votes_today = user.get_vote_count_today()\r
     votes_total = int(settings.MAX_VOTES_PER_DAY)\r
 \r
     user_tags = Tag.objects.filter(Q(nodes__author=user) | Q(nodes__children__author=user)) \\r
         .annotate(user_tag_usage_count=Count('name')).order_by('-user_tag_usage_count')\r
 \r
-    awards = Badge.objects.filter(award_badge__user=user).annotate(count=Count('name')).order_by('-count')\r
-\r
-    if request.user.is_superuser:\r
-        moderate_user_form = ModerateUserForm(instance=user)\r
-    else:\r
-        moderate_user_form = None\r
+    awards = [(Badge.objects.get(id=b['id']), b['count']) for b in\r
+            Badge.objects.filter(awards__user=user).values('id').annotate(count=Count('cls')).order_by('-count')]\r
 \r
-    return {'moderate_user_form': moderate_user_form,\r
+    return {\r
             "view_user" : user,\r
             "questions" : questions,\r
             "answers" : answers,\r
@@ -183,44 +199,45 @@ def user_stats(request, user):
             "votes_total_per_day": votes_total,\r
             "user_tags" : user_tags[:50],\r
             "awards": awards,\r
-            "total_awards" : awards.count(),\r
+            "total_awards" : len(awards),\r
         }\r
 \r
-@user_view('users/recent.html', 'recent', _('recent user activity'), _('profile - recent activity'))\r
+@user_view('users/recent.html', 'recent', _('recent user activity'), _('recent activity'))\r
 def user_recent(request, user):\r
-    activities = Activity.objects.filter(activity_type__in=(TYPE_ACTIVITY_PRIZE,\r
-            TYPE_ACTIVITY_ASK_QUESTION, TYPE_ACTIVITY_ANSWER,\r
-            TYPE_ACTIVITY_COMMENT_QUESTION, TYPE_ACTIVITY_COMMENT_ANSWER,\r
-            TYPE_ACTIVITY_MARK_ANSWER), user=user).order_by('-active_at')[:USERS_PAGE_SIZE]\r
+    activities = user.actions.exclude(action_type__in=("voteup", "votedown", "voteupcomment", "flag")).order_by('-action_date')[:USERS_PAGE_SIZE]\r
 \r
     return {"view_user" : user, "activities" : activities}\r
 \r
 \r
-@user_view('users/votes.html', 'votes', _('user vote record'), _('profile - votes'), True)\r
+@user_view('users/votes.html', 'votes', _('user vote record'), _('votes'), True)\r
 def user_votes(request, user):\r
-    votes = user.votes.exclude(node__deleted=True).order_by('-voted_at')[:USERS_PAGE_SIZE]\r
+    votes = user.votes.exclude(node__state_string__contains="(deleted").filter(node__node_type__in=("question", "answer")).order_by('-voted_at')[:USERS_PAGE_SIZE]\r
 \r
     return {"view_user" : user, "votes" : votes}\r
 \r
 \r
-@user_view('users/reputation.html', 'reputation', _('user reputation in the community'), _('profile - user reputation'))\r
+@user_view('users/reputation.html', 'reputation', _('user reputation in the community'), _('user reputation'))\r
 def user_reputation(request, user):\r
-    reputation = user.reputes.order_by('-reputed_at')\r
+    rep = list(user.reputes.order_by('date'))\r
+    values = [r.value for r in rep]\r
+    redux = lambda x, y: x+y     \r
 \r
     graph_data = simplejson.dumps([\r
-            (time.mktime(rep.reputed_at.timetuple()) * 1000, rep.reputation)\r
-            for rep in reputation\r
+            (time.mktime(rep[i].date.timetuple()) * 1000, reduce(redux, values[:i], 0))\r
+            for i in range(len(values))\r
     ])\r
 \r
-    return {"view_user": user, "reputation": reputation, "graph_data": graph_data}\r
+    rep = user.reputes.filter(action__canceled=False).order_by('-date')[0:20]\r
+    \r
+    return {"view_user": user, "reputation": rep, "graph_data": graph_data}\r
 \r
-@user_view('users/questions.html', 'favorites', _('favorite questions'),  _('profile - favorite questions'), True)\r
+@user_view('users/questions.html', 'favorites', _('favorite questions'),  _('favorite questions'))\r
 def user_favorites(request, user):\r
-    questions = user.favorite_questions.filter(deleted=False)\r
+    favorites = FavoriteAction.objects.filter(canceled=False, user=user)\r
 \r
-    return {"questions" : questions, "view_user" : user}\r
+    return {"favorites" : favorites, "view_user" : user}\r
 \r
-@user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('profile - subscriptions'), True)\r
+@user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('subscriptions'), True)\r
 def user_subscriptions(request, user):\r
     if request.method == 'POST':\r
         form = SubscriptionSettingsForm(request.POST)\r
@@ -233,13 +250,13 @@ def user_subscriptions(request, user):
                 request.user.message_set.create(message=_('Notifications are now enabled'))\r
             else:\r
                 request.user.message_set.create(message=_('Notifications are now disabled'))\r
-        else:\r
-            form.is_valid()\r
-            for k,v in form.cleaned_data.items():\r
-                setattr(user.subscription_settings, k, v)\r
 \r
-            user.subscription_settings.save()\r
-            request.user.message_set.create(message=_('New subscription settings are now saved'))\r
+        form.is_valid()\r
+        for k,v in form.cleaned_data.items():\r
+            setattr(user.subscription_settings, k, v)\r
+\r
+        user.subscription_settings.save()\r
+        request.user.message_set.create(message=_('New subscription settings are now saved'))\r
     else:\r
         form = SubscriptionSettingsForm(user.subscription_settings.__dict__)\r
 \r