API tools faq
paste
Guest User

Untitled

a guest
Jul 20th, 2018
67
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.01 KB | None | 0 0
raw download clone embed print report
  1. cat aur/views.py
  2. from re import sub
  3. import os
  4. import sys
  5. import tarfile
  6. import hashlib
  7. import datetime
  8.  
  9. from django.shortcuts import render_to_response, get_object_or_404
  10. from django.http import HttpResponse, HttpResponseRedirect
  11. from django import forms
  12. from django.core.paginator import Paginator, EmptyPage, InvalidPage
  13. from django.contrib.auth.decorators import login_required
  14. from django.core.urlresolvers import reverse
  15. from django.core import serializers
  16. from django.utils.translation import ugettext
  17. from django.db import IntegrityError
  18. from django.views.generic.list_detail import object_list
  19.  
  20. from aur.models import *
  21. from aur.forms import PackageSearchForm, PackageSubmitForm
  22.  
  23. # Helper functions for permissions
  24. # This should perhaps be elsewhere. In the future Django may support
  25. # permissions per object instance.
  26. def _user_can_modify_package(user, package):
  27. """Returns whether a user has permissions to modify a specific package
  28. *user* should be a :class:`User`
  29. *package* should be a :class:`Package` object or a package name
  30. """
  31. if not isinstance(package, Package):
  32. package = Package.objects.get(name=package)
  33. return _user_is_maintainer(user, package) or user.has_perm('package.can_change_package')
  34.  
  35. def _user_can_delete_package(user, package):
  36. """Returns whether a user has permissions to delete a specific package
  37. *user* should be a :class:`User`
  38. *package* should be a :class:`Package` object or a package name
  39. """
  40. return user.has_perm('package.can_delete_package')
  41.  
  42. def _user_is_maintainer(user, package):
  43. """Returns whether a user is a maintainer of a specific package
  44. *user* should be a :class:`User`
  45. *package* should be a :class:`Package` object or a package name
  46. """
  47. if not isinstance(package, Package):
  48. package = Package.objects.get(name=package)
  49. return package.maintainers.filter(username=user.username).count() > 0
  50.  
  51. def _user_is_moderator(user):
  52. """Returns whether a user is a package moderator
  53. *user* should be a :class:`User`
  54. """
  55. return user.has_perms((
  56. 'package.can_add_package',
  57. 'package.can_delete_package',
  58. 'package.can_change_package',
  59. ))
  60.  
  61. def search(request, query = ''):
  62. if request.method == 'GET' and request.GET.has_key('query'):
  63. form = PackageSearchForm(request.GET)
  64. # If there are any errors in the forum, render the template and exit
  65. if not form.is_valid():
  66. return render_to_response('aur/search.html', {
  67. 'form': form,
  68. 'user': request.user,
  69. 'is_moderator': _user_is_moderator(request.user),
  70. })
  71. else:
  72. form = PackageSearchForm()
  73. # Execute the search
  74. results = form.search()
  75. # Get sorting variables from query string or fallback on defaults
  76. if request.GET.has_key('sortby'):
  77. sortby = request.GET['sortby']
  78. if sortby == 'maintainer':
  79. sortby = 'name'
  80. else:
  81. sortby = 'name'
  82. if request.GET.has_key('order') and request.GET['order'] == 'desc':
  83. sortby = "".join(('-', sortby))
  84. # Sort the results
  85. results = results.order_by(sortby, 'repository', 'name')
  86. # If we only got one hit, just go to the package's detail page
  87. if form.is_bound and results.count() == 1:
  88. return HttpResponseRedirect(reverse('aur-package_detail',
  89. args=[results[0].name,]))
  90. # Initialise the pagination
  91. paginator = Paginator(results, int(form.get_or_default('limit')))
  92. # Use last page if page number is out of range
  93. try:
  94. page = paginator.page(int(request.GET.get('page', '1')))
  95. except (EmptyPage, InvalidPage):
  96. page = paginator.page(paginator.num_pages)
  97.  
  98. return render_to_response('aur/search.html', {
  99. 'form': form,
  100. 'packages': page.object_list,
  101. 'page': page,
  102. 'user': request.user,
  103. 'request': request,
  104. 'is_moderator': _user_is_moderator(request.user),
  105. })
  106.  
  107. @login_required
  108. def submit(request):
  109. if request.method == 'POST':
  110. form = PackageSubmitForm(request.POST, request.FILES)
  111. if form.is_valid():
  112. form.save(request.user)
  113. return HttpResponseRedirect(reverse('aur-package_detail',
  114. args=[form.cleaned_data['package']['name'],]))
  115. else:
  116. form = PackageSubmitForm()
  117. return render_to_response('aur/submit.html', {
  118. 'user': request.user,
  119. 'form': form,
  120. })
  121.  
  122. def comment(request, object_id):
  123. if request.POST and 'message' in request.POST:
  124. package = get_object_or_404(Package, name=object_id)
  125. comment = Comment(package=package, user=request.user,
  126. message=request.POST['message'],
  127. ip=request.META['REMOTE_ADDR'])
  128. if 'reply_to' in request.POST:
  129. comment.parent=request.POST['reply_to']
  130. comment.save()
  131. return HttpResponseRedirect(package.get_absolute_url())
  132. elif 'reply_to' in request.POST:
  133. return render_to_response('aur/comment_form.html', {
  134. 'user': request.user,
  135. 'package_id': object_id,
  136. 'reply_to': request.POST['reply_to'],
  137. })
  138. else:
  139. return HttpResponseRedirect(
  140. reverse('aur-package_detail', args=[object_id,]))
  141.  
  142. def flag_out_of_date(request, object_id):
  143. package = get_object_or_404(Package, name=object_id)
  144. package.outdated = True
  145. package.save()
  146. return HttpResponseRedirect(package.get_absolute_url())
  147.  
  148. def unflag_out_of_date(request, object_id):
  149. package = get_object_or_404(Package, name=object_id)
  150. package.outdated = False
  151. package.save()
  152. return HttpResponseRedirect(package.get_absolute_url())
  153.  
  154. @login_required
  155. def notify_of_updates(request, object_id):
  156. """Subscribe a user to package updates"""
  157. package = get_object_or_404(Package, name=object_id)
  158. PackageNotification(package=package, user=request.user).save()
  159. return HttpResponseRedirect(package.get_absolute_url())
  160.  
  161. @login_required
  162. def denotify_of_updates(request, object_id):
  163. """Unsubscribe a user from package updates"""
  164. PackageNotification.objects.get(package__name=object_id, user=request.user).delete()
  165. return HttpResponseRedirect(reverse('aur-package_detail',
  166. args=[object_id,]))
  167.  
  168. @login_required
  169. def vote(request, object_id):
  170. """Record a user's vote for a package"""
  171. package = get_object_or_404(Package, name=object_id)
  172. try:
  173. Vote(package=package, user=request.user).save()
  174. except IntegrityError: # Ignore the duplicate. Voter fraud not allowed!
  175. pass # Should we complain?
  176. return HttpResponseRedirect(reverse('aur-package_detail',
  177. args=[object_id,]))
  178.  
  179. @login_required
  180. def unvote(request, object_id):
  181. """Remove a user's vote for a package"""
  182. package = get_object_or_404(Package, name=object_id)
  183. try:
  184. Vote.objects.get(package=package, user=request.user).delete()
  185. except Vote.DoesNotExist:
  186. pass
  187. return HttpResponseRedirect(reverse('aur-package_detail',
  188. args=[object_id,]))
  189.  
  190. def api_search(request, query, format):
  191. results = Package.objects.filter(name__icontains=query)
  192. data = serializers.serialize(format, results,
  193. fields=(
  194. 'name',
  195. 'version',
  196. 'respository__name',
  197. 'description'
  198. )
  199. )
  200. return HttpResponse(data, mimetype="application/%s" % format)
  201.  
  202. @login_required
  203. def manage_packages(request):
  204. if request.method != 'POST':
  205. return HttpResponseRedirect(reverse('aur-search'))
  206. packages = request.POST.getlist('packages')
  207. if request.POST['action'] == 'unflag-ood':
  208. for package_name in packages:
  209. package = Package.objects.get(name=package_name)
  210. if _user_can_modify_package(request.user, package):
  211. package.outdated = False
  212. package.save()
  213. else:
  214. return render_to_response('aur/error.html', dict(
  215. heading = ugettext("Permission denied"),
  216. error = "You are not allowed to edit %s" % package_name,
  217. ))
  218. elif request.POST['action'] == 'flag-ood':
  219. for package_name in packages:
  220. package = Package.objects.get(name=package_name)
  221. if _user_can_modify_package(request.user, package):
  222. package.outdated = True
  223. package.save()
  224. else:
  225. return render_to_response('aur/error.html', dict(
  226. heading = ugettext("Permission denied"),
  227. error = "You are not allowed to edit %s" % package_name,
  228. ))
  229. elif request.POST['action'] == 'disown':
  230. for package_name in packages:
  231. package = Package.objects.get(name=package_name)
  232. if _user_can_modify_package(request.user, package):
  233. package.maintainers.clear()
  234. else:
  235. return render_to_response('aur/error.html', dict(
  236. heading = ugettext("Permission denied"),
  237. error = "You cannot disown %s" % package_name,
  238. ))
  239. elif request.POST['action'] == 'adopt':
  240. for package_name in packages:
  241. package = Package.objects.get(name=package_name)
  242. if package.maintainers.count() == 0:
  243. package.maintainers.add(request.user)
  244. elif _user_is_moderator(request.user):
  245. package.maintainers.add(request.user)
  246. else:
  247. return render_to_response('aur/error.html', dict(
  248. heading = ugettext("Permission denied"),
  249. error = "You cannot adopt %s" % package_name,
  250. ))
  251. elif request.POST['action'] == 'delete':
  252. for package_name in packages:
  253. package = Package.objects.get(name=package_name)
  254. if _user_can_delete_package(request.user, package):
  255. package.delete()
  256. else:
  257. return render_to_response('aur/error.html', dict(
  258. heading = ugettext("Permission denied"),
  259. error = "You are not allowed to delete %s" % package_name,
  260. ))
  261. return HttpResponseRedirect(request.META['HTTP_REFERER'])
  262.  
  263. def api_package_info(request, object_id, format):
  264. package = get_object_or_404(Package, name=object_id)
  265. data = serializers.serialize(format, [package,])
  266. return HttpResponse(data, mimetype="application/%s" % format)
  267.  
  268. def api_package_comments(request, object_id):
  269. comments = Comment.objects.filter(package=object_id)
  270. data = serializers.serialize('json', comments)
  271. return HttpResponse(data, mimetype="application/%s" % format)
  272.  
  273. def delete_account(request):
  274. user = request.user
  275. user.delete()
  276. return HttpResponse('Account deleted')
  277.  
  278. def user_packages(request, user):
  279. user = get_object_or_404(User, username=user)
  280. return object_list(request, user.package_set.all())
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!