Dynastie/views.py

# -*- coding: utf-8 -*-
import os
from datetime import datetime, date, time
from django.shortcuts import render
from django.contrib.auth import authenticate, login, logout
from django.http import HttpResponseRedirect, HttpResponse, Http404
from django.contrib.auth.decorators import login_required
from django.views.decorators.csrf import csrf_exempt
from django.forms.models import inlineformset_factory
from django.core import mail
from django.core.mail import EmailMultiAlternatives

from dynastie.models import *
from dynastie.forms import *

from django.template.defaultfilters import register
from django.template import Variable, VariableDoesNotExist

@register.filter
def hash(object, attr):

    pseudo_context = { 'object' : object }
    try:
        value = Variable('object.%s' % attr).resolve(pseudo_context)
    except VariableDoesNotExist:
        value = None
    return value

def have_I_right(request, blog_id=None, post_id=None, must_be_superuser=False):
    b = None
    p = None

    if must_be_superuser and not request.user.is_superuser:
        raise Http404

    if not post_id is None:
        p = Post.objects.get(pk=post_id)
        
        if p is None:
            raise Http404

        blog_id = p.blog.id

    if not blog_id is None:
        if not request.user.is_superuser:
            b = Blog.objects.filter(pk=blog_id).filter(writers=request.user.id)
            if len(b) == 0:
                raise Http404
            b = b[0]
        else:
            b = Blog.objects.get(pk=post.blog.id)
    
        if b is None:
            raise Http404

    return (b, p)

def index(request):
    if request.user.is_authenticated():
            return HttpResponseRedirect('/blog')

    login_failed = False
    if 'login' in request.POST:
        user = authenticate(username=request.POST['login'], password=request.POST['password'])
        if user is None:
            login_failed = True
        else:
            login(request, user)
            if 'next' in request.GET:
                return HttpResponseRedirect(request.GET['next'])
            else:
                return HttpResponseRedirect('/blog')

    c = {'auth_key': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',\
             'login_failed' : login_failed}

    return render(request, 'templates/login.html', c)

def disconnect(request):
    logout(request)
    c = {'auth_key': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',\
             'login_failed' : False}
    return HttpResponseRedirect('/')

@login_required
def user(request):
    users = User.objects.all()

    c = {'users' : users}

    return render(request, 'templates/user.html', c)

@login_required
def add_user(request):
    if not request.user.is_superuser:
        return HttpResponseRedirect('/user')
 
    if request.method == 'POST': # If the form has been submitted...
        if 'add' in request.POST:
            form = UserForm(request.POST) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                form = form.save()
                user = User.objects.get(pk=form.id)
                user.set_password(request.POST['password'])
                user.save()
            # Process the data in form.cleaned_data
            # ...
                return HttpResponseRedirect('/user') # Redirect after POST
        else:
            return HttpResponseRedirect('/user') # Redirect after POST
    else:
        form = UserForm() # An unbound form

    return render(request, 'add_user.html', {
        'form': form,
    })

@login_required
def edit_user(request, user_id):
    user = User.objects.get(pk=user_id)

    if user is None:
        raise Http404

    edited = False

    if request.method == 'POST': # If the form has been submitted...
        if int(user_id) != int(request.user.id) and (not request.user.is_superuser):
            return HttpResponseRedirect('/user/' + str(user_id))
        if 'edit' in request.POST:
            form = UserForm(request.POST, instance=user, initial={'password':''}) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                form.save()
                if request.POST['password'] != '':
                    user.set_password(request.POST['password'])
                user.save()
                edited = True
        else:
            if 'delete' in request.POST and request.user.is_superuser:
                User.objects.get(pk=user_id).delete()
                return HttpResponseRedirect('/user')
            if 'cancel' in request.POST:
                return HttpResponseRedirect('/user')
    else:
        form = UserForm(instance=user, initial={'password':''}) # An unbound form
        
    c = {'user_to_edit' : user, 'form' : form, 'edited' : edited}

    return render(request, 'templates/edit_user.html', c)

@login_required
def category(request, blog_id):
    b = have_I_right(request, blog_id)

    categories = Category.objects.filter(blog_id=blog_id)

    c = {'categories' : categories}

    return render(request, 'templates/category.html', c)

@login_required
def add_category(request, blog_id):
    b = have_I_right(request, blog_id)[0]
 
    if request.method == 'POST': # If the form has been submitted...
        if 'add' in request.POST:
            form = CategoryForm(request.POST) # A form bound to the POST data
            form.blog = b
            if form.is_valid(): # All validation rules pass
                form = form.save()
            # Process the data in form.cleaned_data
            # ...
                return HttpResponseRedirect('/category/' + str(b.id))
        else:
            return HttpResponseRedirect('/category/' + str(b.id))
    else:
        form = CategoryForm() # An unbound form

    return render(request, 'add_category.html', {
        'form': form,
    })

@login_required
def edit_category(request, category_id):
    category = Category.objects.get(pk=category_id)

    if category is None:
        raise Http404

    b = have_I_right(request, category.blog.id)[0]
    
    if request.method == 'POST': # If the form has been submitted...
        if 'cancel' in request.POST:
            return HttpResponseRedirect('/category' + str(b.id))
        if 'edit' in request.POST:
            name = category.name
            form = CategoryForm(request.POST, instance=category) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                if request.POST['name'] != name:
                    category.remove()
                form.save()
            return HttpResponseRedirect('/category/' + str(b.id))
    else:
        form = CategoryForm(instance=category) # An unbound form

    c = {'category' : category, 'form' : form}

    return render(request, 'templates/edit_category.html', c)

@login_required
def delete_category(request, category_id):
    category = Category.objects.get(pk=category_id)

    if category is None:
        raise Http404

    b = have_I_right(request, category.blog.id)[0]

    category.remove()
    category.delete()

    return HttpResponseRedirect('/category/' + str(b.id))

@login_required
def blog(request):
    if request.user.is_superuser:
        b = Blog.objects.all()
    else:
        b = Blog.objects.filter(writers=request.user.id)

    c = {'blogs' : b}

    return render(request, 'templates/blog.html', c)

@login_required
def add_blog(request):
    if not request.user.is_superuser:
        return HttpResponseRedirect('/blog')
 
    if request.method == 'POST': # If the form has been submitted...
        if 'add' in request.POST:
            form = BlogForm(request.POST) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                form = form.save()
                form.create()
                return HttpResponseRedirect('/blog') # Redirect after POST
        else:
            return HttpResponseRedirect('/blog') # Redirect after POST
    else:
        form = BlogForm() # An unbound form

    return render(request, 'add_blog.html', {
        'form': form,
    })

@login_required
def view_blog(request, blog_id):
    if not request.user.is_superuser:
        b = Blog.objects.filter(id=blog_id).filter(writers=request.user.id)
    else:
        b = Blog.objects.get(pk=blog_id)

    if b is None:
        raise Http404

    posts = Post.objects.filter(blog=b).order_by('-creation_date')
    b = Blog.objects.get(pk=blog_id)
    form = BlogForm(instance=b)
    
    comments = Comment.objects.all()
    dict_comments = {}
    for comment in comments:
        key = comment.post.id
        if not key in dict_comments:
            dict_comments[key] = 1
        else:
            dict_comments[key] = dict_comments[key] + 1

    c = {'blog' : b, 'posts' : posts, 'form' : form, 'comments' : dict_comments}

    return render(request, 'templates/view_blog.html', c)

@login_required
def edit_blog(request, blog_id):
    if not request.user.is_superuser:
        return HttpResponseRedirect('/blog/' + str(blog_id))

    b = Blog.objects.get(pk=blog_id)

    if b is None:
        raise Http404

    if request.method == 'POST': # If the form has been submitted...
        if 'edit' in request.POST:
            form = BlogForm(request.POST, instance=b) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                form.save()
        else:
            if 'delete' in request.POST:
                b = Blog.objects.get(pk=blog_id)
                b.delete()
                return HttpResponseRedirect('/blog')
    else:
        form = BlogForm(instance=b) # An unbound form

    posts = Post.objects.filter(blog=b).order_by('-creation_date')

    c = {'blog' : b, 'posts' : posts, 'form' : form}

    return render(request, 'templates/view_blog.html', c)

@login_required
def add_post(request, blog_id):
    (b,) = have_I_right(request, blog_id)

    if request.method == 'POST': # If the form has been submitted...
        if 'add' in request.POST:
            post = Post(blog=Blog.objects.get(pk=blog_id), author=User.objects.get(pk=request.user.id), creation_date=datetime.now(), modification_date=datetime.now())
            content = request.POST['content']
            # del request.POST['content']
            form = PostForm(request.POST, instance=post) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                form = form.save()
                form.createPost(content)
            # Process the data in form.cleaned_data
            # ...
                return HttpResponseRedirect('/blog/' + blog_id) # Redirect after POST
        else:
            return HttpResponseRedirect('/blog/' + blog_id) # Redirect after POST
    else:
        form = PostForm() # An unbound form

    return render(request, 'add_post.html', {
        'form': form, 'blog_id' : blog_id
    })

@login_required
def edit_post(request, post_id):
    (b, post) = have_I_right(request, None, post_id)
    post = Post.objects.get(pk=post_id)

    title = post.title
    blog_id = b.id

    if request.method == 'POST': # If the form has been submitted...
        if 'edit' in request.POST:
            post.modification_date = datetime.now()
            form = PostForm(request.POST, instance=post) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                if title != request.POST['title']:
                    post.remove()
                form.save()
                post.createPost(request.POST['content'])
            # Process the data in form.cleaned_data
            # ...
                return HttpResponseRedirect('/blog/' + str(blog_id)) # Redirect after POST
        else:
            if 'cancel' in request.POST:
                return HttpResponseRedirect('/blog/' + str(blog_id)) # Redirect after POST
    else:
        form = PostForm(instance=post) # An unbound form

    b.create_paths()
    filename = b.src_path + '/_post/' + str(post.pk)
    if os.path.exists(filename):
        f = open(filename, 'rb')
        content = f.read()
        f.close()
    else:
        content = 'Empty post'

    comments = Comment.objects.filter(post=post).order_by('date')
    comment_list = []
    for comment in comments:
        comment_list.append(comment)

    return render(request, 'edit_post.html', {
        'form': form, 'post_id' : post_id, 'content' : content,
        'blog_id' : blog_id, 'comments' : comment_list
    })

@login_required
def delete_post(request, post_id):
    (b, post) = have_I_right(request, None, post_id)

    blog_id = b.id

    post.delete()

    return HttpResponseRedirect('/blog/' + str(blog_id))

@login_required
def generate(request, blog_id):
    (b, post) = have_I_right(request, blog_id)

    b.create_paths()
    report = b.generate()

    posts = Post.objects.filter(blog=b).order_by('-creation_date')
    b = Blog.objects.get(pk=blog_id)
    form = BlogForm(instance=b)
    
    comments = Comment.objects.all()
    dict_comments = {}
    for comment in comments:
        key = comment.post.id
        if not key in dict_comments:
            dict_comments[key] = 1
        else:
            dict_comments[key] = dict_comments[key] + 1

    c = {'blog' : b, 'posts' : posts, 'form' : form, 'report': report, 'comments' : dict_comments}
    
    return render(request, 'templates/generate.html', c)

@login_required
def preview(request, blog_id):
    from dynastie.generators import post

    values = {'title' : request.POST['title'], \
              'author' : request.user.first_name + ' ' + request.user.last_name, \
              'content' : request.POST['content']
              }

    (b, ) = have_I_right(request, blog_id)

    b.create_paths()

    engine = globals()['post']

    for name, obj in inspect.getmembers(engine):
        if inspect.isclass(obj) and obj.__module__.startswith("dynastie.generators") \
                and obj.__module__.endswith("post"):
            e = obj()
            content = e.preview(b.src_path, values)
            break

    output = b.output_path
    path = output + '/preview.html'
    if os.path.exists(path):
        os.unlink(path)

    f = open(path, 'wb')
    f.write(content)
    f.close()

    c = {'content' : content}

    return HttpResponseRedirect('http://' + b.name + '/preview.html')
    # return HttpResponseRedirect('http://' + 'localhost:8080' + '/preview.html')

def _tinymcelist(request, b, year, month):
    ret = 'var tinyMCEImageList = new Array('

    b.create_paths()
     
    if month < 10:
        suffix = '/images/' + str(year) + '/0' + str(month)
    else:
        suffix = '/images/' + str(year) + '/' + str(month)

    path = b.src_path + '/' + suffix
    # url = 'http://' + 'localhost:8080' + '/' + suffix + '/'
    url = 'http://' + b.name + '/' + suffix + '/'

    if os.path.exists(path):
        files = ''
        for p in os.listdir(path):
            files += '["' + p + '", "' + url + p + '"],'
        # Remove last comma
        if len(files) != 0:
            ret += files[:-1]

    ret += ');'

    return ret

@login_required
def tinymcelist_add(request, blog_id):
    now = datetime.now()
    year = now.year
    month = now.month

    try:
        (b, ) = have_I_right(request, blog_id)
    except Http404:
        return HttpResponse('', content_type='application/x-javascript')

    ret = _tinymcelist(request, b, year, month)

    return HttpResponse(ret, content_type='application/x-javascript')

@login_required
def tinymcelist_edit(request, post_id):
    try:
        (b, post) = have_I_right(request, None, post_id)
    except Http404:
        return HttpResponse('', content_type='application/x-javascript')

    year = post.creation_date.year()
    month = post.creation_date.month()

    ret = _tinymcelist(request, b, year, month)

    return HttpResponse(ret, content_type='application/x-javascript')

@csrf_exempt
def add_comment(request, post_id, parent_id):
    from dynastie.generators import post

    ref = request.META['HTTP_REFERER']

    post = Post.objects.get(pk=post_id)
    if post is None:
        print 'no post'
        return HttpResponseRedirect(ref)

    blog = Blog.objects.get(pk=post.blog_id)

    if blog is None:
        print 'no blog ' + str(post.blog.id)
        return HttpResponseRedirect(ref)

    parent_id = int(parent_id)
    if parent_id != 0:
        parentComment = Comment.objects.get(pk=parent_id)
        if parentComment is None:
            return HttpResponseRedirect(ref)
    else:
        parentComment = None

    if request.POST['author'] == '' or request.POST['the_comment'] == '':
        print 'Error on author or the_comment'
        return HttpResponseRedirect(ref)

    # Behind a proxy
    if 'X-Real-IP' in request.META:
        ip = request.META['X-Real-IP']
    else:
        ip = request.META['REMOTE_ADDR']

    comment = Comment(post=post, parent=parentComment, date=datetime.now(), author=request.POST['author'],\
                          email=request.POST['email'], the_comment=request.POST['the_comment'], ip=ip)
    comment.save()

    engine = globals()['post']
    blog.create_paths()

    post_list = [post]
    for name, obj in inspect.getmembers(engine):
        if inspect.isclass(obj) and obj.__module__.startswith("dynastie.generators") \
                and obj.__module__.endswith("post"):
            e = obj()
            content = e._generate(blog, blog.src_path, blog.output_path, post_list)
            break

    # Send emails
    emails = {}
    comments = Comment.objects.filter(post=post).order_by('date')
    comment_index = str(len(comments))
    for comment in comments:
        email = comment.email
        if email != '' and email != request.POST['email'] and not email in emails:
            emails[email] = comment.author


    if post.author.email not in email:
        emails[post.author.email] = post.author.first_name

    if len(emails) > 0:
        connection = mail.get_connection(fail_silently=True)
        connection.open()
        
        messages = []
        subject = '[%s] Nouveau commentaire pour l\'article "%s"' % (blog.name, post.title)

        for email,author in emails.items():
            text_body = u'Bonjour %s,\n\nUn nouveau commentaire a été posté pour l\'article "%s".\n\n' % (author, post.title)
            text_body += u'Pour le consulter, rendez vous sur http://%s%s/#comment_%s\n\n----------------\n\n'  % (blog.name, post.getPath(), comment_index)
            text_body += comment.the_comment
            text_body += '\n'

            html_body = u'<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8" /></head><body>'
            html_body += u'Bonjour %s,<br/><br/>Un nouveau commentaire a été posté pour l\'article "%s".<br/><br/>' % (author, post.title)
            html_body = html_body + u'Pour le consulter, rendez vous sur <a href="http://%s%s#comment_%s">http://%s%s#comment_%s</a><br/><br/>----------------<br/><pre>'  % (blog.name, post.getPath(), comment_index, blog.name, post.getPath(), comment_index)
            c = comment.the_comment
            # Avoid script injection
            c = c.replace('<pre>', '&lt;pre&gt;')
            c = c.replace('</pre>', '&lt;/pre&gt;')
            html_body += c + '</pre>'
            html_body += '</body></html>'

            msg = EmailMultiAlternatives(subject, text_body, 'no-reply@%s' % blog.name , [email])
            msg.attach_alternative(html_body, "text/html")
            messages.append(msg)

        connection.send_messages(messages)
        connection.close()
        
    response = HttpResponseRedirect(ref)
    response['Cache-Control'] = 'no-cache'

    response.set_cookie('author', request.POST['author'], domain=blog.name, secure=True, httponly=False);
    if request.POST['email'] != '':
        response.set_cookie('email', request.POST['email'], domain=blog.name, secure=True, httponly=False);

    return response
    
    

@login_required
def edit_comment(request, comment_id):
    comment = Comment.objects.get(pk=comment_id)

    if comment is None:
        return Http404

    (b, post) = have_I_right(request, None, comment.post_id)
    post_id = comment.post_id

    if request.method == 'POST': # If the form has been submitted...
        if 'edit' in request.POST:
            form = CommentForm(request.POST, instance=comment) # A form bound to the POST data
            if form.is_valid(): # All validation rules pass
                form = form.save()
            # Process the data in form.cleaned_data
            # ...
                return HttpResponseRedirect('/post/edit/' + str(post_id))
        else:
            return HttpResponseRedirect('/post/edit/' + str(post_id))
        
    else:
        form = CommentForm(instance=comment) # An unbound form

    return render(request, 'edit_comment.html', {
        'form': form, 'comment':comment
    })

@login_required
def delete_comment(request, comment_id):
    comment = Comment.objects.get(pk=comment_id)
    if comment is None:
        return Http404

    (b, post) = have_I_right(request, None, comment.post_id)
    post_id = comment.post_id
    
    childs = Comment.objects.filter(parent=comment.id)

    try:
        parent = comment.parent
    except:
        parent = None

    for child in childs:
        child.parent = parent
        child.save()

    comment.delete()

    return HttpResponseRedirect('/post/edit/' + str(post_id))