aboutsummaryrefslogtreecommitdiff
path: root/pyaggr3g470r/views
diff options
context:
space:
mode:
Diffstat (limited to 'pyaggr3g470r/views')
-rw-r--r--pyaggr3g470r/views/__init__.py5
-rw-r--r--pyaggr3g470r/views/api/__init__.py31
-rw-r--r--pyaggr3g470r/views/api/article.py58
-rw-r--r--pyaggr3g470r/views/api/common.py217
-rw-r--r--pyaggr3g470r/views/api/feed.py57
-rw-r--r--pyaggr3g470r/views/article.py53
-rw-r--r--pyaggr3g470r/views/feed.py50
-rw-r--r--pyaggr3g470r/views/views.py843
8 files changed, 1314 insertions, 0 deletions
diff --git a/pyaggr3g470r/views/__init__.py b/pyaggr3g470r/views/__init__.py
new file mode 100644
index 00000000..029dcb7d
--- /dev/null
+++ b/pyaggr3g470r/views/__init__.py
@@ -0,0 +1,5 @@
+from .views import *
+from .api import *
+
+from .article import article_bp, articles_bp
+from .feed import feed_bp, feeds_bp
diff --git a/pyaggr3g470r/views/api/__init__.py b/pyaggr3g470r/views/api/__init__.py
new file mode 100644
index 00000000..e11cdd95
--- /dev/null
+++ b/pyaggr3g470r/views/api/__init__.py
@@ -0,0 +1,31 @@
+#! /usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# pyAggr3g470r - A Web based news aggregator.
+# Copyright (C) 2010-2015 Cédric Bonhomme - http://cedricbonhomme.org/
+#
+# For more information : https://bitbucket.org/cedricbonhomme/pyaggr3g470r/
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+__author__ = "Cedric Bonhomme"
+__version__ = "$Revision: 0.2 $"
+__date__ = "$Date: 2014/06/18 $"
+__revision__ = "$Date: 2014/07/05 $"
+__copyright__ = "Copyright (c) Cedric Bonhomme"
+__license__ = "AGPLv3"
+
+from pyaggr3g470r.views.api import article, feed
+
+__all__ = ['article', 'feed']
diff --git a/pyaggr3g470r/views/api/article.py b/pyaggr3g470r/views/api/article.py
new file mode 100644
index 00000000..17881412
--- /dev/null
+++ b/pyaggr3g470r/views/api/article.py
@@ -0,0 +1,58 @@
+from flask import g
+import dateutil.parser
+
+from pyaggr3g470r.controllers import ArticleController
+from pyaggr3g470r.views.api.common import PyAggAbstractResource,\
+ PyAggResourceNew, \
+ PyAggResourceExisting, \
+ PyAggResourceMulti
+
+
+ARTICLE_ATTRS = {'feed_id': {'type': str},
+ 'entry_id': {'type': str},
+ 'link': {'type': str},
+ 'title': {'type': str},
+ 'readed': {'type': bool}, 'like': {'type': bool},
+ 'content': {'type': str},
+ 'date': {'type': str}, 'retrieved_date': {'type': str}}
+
+
+class ArticleNewAPI(PyAggResourceNew):
+ controller_cls = ArticleController
+ attrs = ARTICLE_ATTRS
+ to_date = ['date', 'retrieved_date']
+
+
+class ArticleAPI(PyAggResourceExisting):
+ controller_cls = ArticleController
+ attrs = ARTICLE_ATTRS
+ to_date = ['date', 'retrieved_date']
+
+
+class ArticlesAPI(PyAggResourceMulti):
+ controller_cls = ArticleController
+ attrs = ARTICLE_ATTRS
+ to_date = ['date', 'retrieved_date']
+
+
+class ArticlesChallenge(PyAggAbstractResource):
+ controller_cls = ArticleController
+ attrs = {'ids': {'type': list, 'default': []}}
+ to_date = ['date', 'retrieved_date']
+
+ def get(self):
+ parsed_args = self.reqparse_args()
+ for id_dict in parsed_args['ids']:
+ for key in self.to_date:
+ if key in id_dict:
+ id_dict[key] = dateutil.parser.parse(id_dict[key])
+
+ return self.controller.challenge(parsed_args['ids'])
+
+
+g.api.add_resource(ArticleNewAPI, '/article', endpoint='article_new.json')
+g.api.add_resource(ArticleAPI, '/article/<int:obj_id>',
+ endpoint='article.json')
+g.api.add_resource(ArticlesAPI, '/articles', endpoint='articles.json')
+g.api.add_resource(ArticlesChallenge, '/articles/challenge',
+ endpoint='articles_challenge.json')
diff --git a/pyaggr3g470r/views/api/common.py b/pyaggr3g470r/views/api/common.py
new file mode 100644
index 00000000..4f703712
--- /dev/null
+++ b/pyaggr3g470r/views/api/common.py
@@ -0,0 +1,217 @@
+"""For a given resources, classes in the module intend to create the following
+routes :
+ GET resource/<id>
+ -> to retreive one
+ POST resource
+ -> to create one
+ PUT resource/<id>
+ -> to update one
+ DELETE resource/<id>
+ -> to delete one
+
+ GET resources
+ -> to retreive several
+ POST resources
+ -> to create several
+ PUT resources
+ -> to update several
+ DELETE resources
+ -> to delete several
+"""
+import json
+import logging
+import dateutil.parser
+from copy import deepcopy
+from functools import wraps
+from werkzeug.exceptions import Unauthorized, BadRequest
+from flask import request, g, session, Response
+from flask.ext.restful import Resource, reqparse
+
+from pyaggr3g470r.lib.utils import default_handler
+from pyaggr3g470r.models import User
+
+logger = logging.getLogger(__name__)
+
+
+def authenticate(func):
+ """
+ Decorator for the authentication to the web services.
+ """
+ @wraps(func)
+ def wrapper(*args, **kwargs):
+ logged_in = False
+ if not getattr(func, 'authenticated', True):
+ logged_in = True
+ # authentication based on the session (already logged on the site)
+ elif 'email' in session or g.user.is_authenticated():
+ logged_in = True
+ else:
+ # authentication via HTTP only
+ auth = request.authorization
+ user = User.query.filter(User.nickname == auth.username).first()
+ if user and user.check_password(auth.password) \
+ and user.activation_key == "":
+ g.user = user
+ logged_in = True
+
+ if logged_in:
+ return func(*args, **kwargs)
+ raise Unauthorized({'WWWAuthenticate': 'Basic realm="Login Required"'})
+ return wrapper
+
+
+def to_response(func):
+ """Will cast results of func as a result, and try to extract
+ a status_code for the Response object"""
+ def wrapper(*args, **kwargs):
+ status_code = 200
+ result = func(*args, **kwargs)
+ if isinstance(result, Response):
+ return result
+ elif isinstance(result, tuple):
+ result, status_code = result
+ return Response(json.dumps(result, default=default_handler),
+ status=status_code)
+ return wrapper
+
+
+class PyAggAbstractResource(Resource):
+ method_decorators = [authenticate, to_response]
+ attrs = {}
+ to_date = [] # list of fields to cast to datetime
+
+ def __init__(self, *args, **kwargs):
+ super(PyAggAbstractResource, self).__init__(*args, **kwargs)
+
+ @property
+ def controller(self):
+ return self.controller_cls(getattr(g.user, 'id', None))
+
+ def reqparse_args(self, req=None, strict=False, default=True, args=None):
+ """
+ strict: bool
+ if True will throw 400 error if args are defined and not in request
+ default: bool
+ if True, won't return defaults
+ args: dict
+ the args to parse, if None, self.attrs will be used
+ """
+ parser = reqparse.RequestParser()
+ for attr_name, attrs in (args or self.attrs).items():
+ if attrs.pop('force_default', False):
+ parser.add_argument(attr_name, location='json', **attrs)
+ elif not default and (not request.json
+ or request.json and attr_name not in request.json):
+ continue
+ else:
+ parser.add_argument(attr_name, location='json', **attrs)
+ parsed = parser.parse_args(strict=strict) if req is None \
+ else parser.parse_args(req, strict=strict)
+ for field in self.to_date:
+ if parsed.get(field):
+ try:
+ parsed[field] = dateutil.parser.parse(parsed[field])
+ except Exception:
+ logger.exception('failed to parse %r', parsed[field])
+ return parsed
+
+
+class PyAggResourceNew(PyAggAbstractResource):
+
+ def post(self):
+ """Create a single new object"""
+ return self.controller.create(**self.reqparse_args()), 201
+
+
+class PyAggResourceExisting(PyAggAbstractResource):
+
+ def get(self, obj_id=None):
+ """Retreive a single object"""
+ return self.controller.get(id=obj_id)
+
+ def put(self, obj_id=None):
+ """update an object, new attrs should be passed in the payload"""
+ args = self.reqparse_args(default=False)
+ new_values = {key: args[key] for key in
+ set(args).intersection(self.attrs)}
+ self.controller.update({'id': obj_id}, new_values)
+
+ def delete(self, obj_id=None):
+ """delete a object"""
+ self.controller.delete(obj_id)
+ return None, 204
+
+
+class PyAggResourceMulti(PyAggAbstractResource):
+
+ def get(self):
+ """retreive several objects. filters can be set in the payload on the
+ different fields of the object, and a limit can be set in there as well
+ """
+ if 'application/json' != request.headers.get('Content-Type'):
+ raise BadRequest("Content-Type must be application/json")
+ limit = request.json.pop('limit', 10)
+ if not limit:
+ return [res for res in self.controller.read(**request.json).all()]
+ return [res for res in self.controller.read(**request.json).limit(limit)]
+
+ def post(self):
+ """creating several objects. payload should be a list of dict.
+ """
+ if 'application/json' != request.headers.get('Content-Type'):
+ raise BadRequest("Content-Type must be application/json")
+ status = 201
+ results = []
+ for attrs in request.json:
+ try:
+ results.append(self.controller.create(**attrs).id)
+ except Exception as error:
+ status = 206
+ results.append(str(error))
+ # if no operation succeded, it's not partial anymore, returning err 500
+ if status == 206 and results.count('ok') == 0:
+ status = 500
+ return results, status
+
+ def put(self):
+ """creating several objects. payload should be:
+ >>> payload
+ [[obj_id1, {attr1: val1, attr2: val2}]
+ [obj_id2, {attr1: val1, attr2: val2}]]
+ """
+ if 'application/json' != request.headers.get('Content-Type'):
+ raise BadRequest("Content-Type must be application/json")
+ status = 200
+ results = []
+ for obj_id, attrs in request.json:
+ try:
+ new_values = {key: attrs[key] for key in
+ set(attrs).intersection(self.attrs)}
+ self.controller.update({'id': obj_id}, new_values)
+ results.append('ok')
+ except Exception as error:
+ status = 206
+ results.append(str(error))
+ # if no operation succeded, it's not partial anymore, returning err 500
+ if status == 206 and results.count('ok') == 0:
+ status = 500
+ return results, status
+
+ def delete(self):
+ """will delete several objects,
+ a list of their ids should be in the payload"""
+ if 'application/json' != request.headers.get('Content-Type'):
+ raise BadRequest("Content-Type must be application/json")
+ status = 204
+ results = []
+ for obj_id in request.json:
+ try:
+ self.controller.delete(obj_id)
+ results.append('ok')
+ except Exception as error:
+ status = 206
+ results.append(error)
+ # if no operation succeded, it's not partial anymore, returning err 500
+ if status == 206 and results.count('ok') == 0:
+ status = 500
+ return results, status
diff --git a/pyaggr3g470r/views/api/feed.py b/pyaggr3g470r/views/api/feed.py
new file mode 100644
index 00000000..898e30b0
--- /dev/null
+++ b/pyaggr3g470r/views/api/feed.py
@@ -0,0 +1,57 @@
+from flask import g
+
+from pyaggr3g470r.controllers.feed import FeedController, \
+ DEFAULT_MAX_ERROR, DEFAULT_LIMIT
+
+from pyaggr3g470r.views.api.common import PyAggAbstractResource, \
+ PyAggResourceNew, \
+ PyAggResourceExisting, \
+ PyAggResourceMulti
+
+
+FEED_ATTRS = {'title': {'type': str},
+ 'description': {'type': str},
+ 'link': {'type': str},
+ 'site_link': {'type': str},
+ 'enabled': {'type': bool, 'default': True},
+ 'etag': {'type': str, 'default': ''},
+ 'last_modified': {'type': str},
+ 'last_retreived': {'type': str},
+ 'last_error': {'type': str},
+ 'error_count': {'type': int, 'default': 0}}
+
+
+class FeedNewAPI(PyAggResourceNew):
+ controller_cls = FeedController
+ attrs = FEED_ATTRS
+ to_date = ['date', 'last_retreived']
+
+
+class FeedAPI(PyAggResourceExisting):
+ controller_cls = FeedController
+ attrs = FEED_ATTRS
+ to_date = ['date', 'last_retreived']
+
+
+class FeedsAPI(PyAggResourceMulti):
+ controller_cls = FeedController
+ attrs = FEED_ATTRS
+ to_date = ['date', 'last_retreived']
+
+
+class FetchableFeedAPI(PyAggAbstractResource):
+ controller_cls = FeedController
+ to_date = ['date', 'last_retreived']
+ attrs = {'max_error': {'type': int, 'default': DEFAULT_MAX_ERROR},
+ 'limit': {'type': int, 'default': DEFAULT_LIMIT}}
+
+ def get(self):
+ return [feed for feed in self.controller.list_fetchable(
+ **self.reqparse_args())]
+
+
+g.api.add_resource(FeedNewAPI, '/feed', endpoint='feed_new.json')
+g.api.add_resource(FeedAPI, '/feed/<int:obj_id>', endpoint='feed.json')
+g.api.add_resource(FeedsAPI, '/feeds', endpoint='feeds.json')
+g.api.add_resource(FetchableFeedAPI, '/feeds/fetchable',
+ endpoint='fetchable_feed.json')
diff --git a/pyaggr3g470r/views/article.py b/pyaggr3g470r/views/article.py
new file mode 100644
index 00000000..66cc0f37
--- /dev/null
+++ b/pyaggr3g470r/views/article.py
@@ -0,0 +1,53 @@
+from flask import Blueprint, g, render_template, redirect
+from sqlalchemy import desc
+
+from pyaggr3g470r import controllers, utils
+from pyaggr3g470r.decorators import pyagg_default_decorator
+
+articles_bp = Blueprint('articles', __name__, url_prefix='/articles')
+article_bp = Blueprint('article', __name__, url_prefix='/article')
+
+
+@articles_bp.route('/<feed_id>', methods=['GET'])
+@articles_bp.route('/<feed_id>/<int:nb_articles>', methods=['GET'])
+@pyagg_default_decorator
+def articles(feed_id=None, nb_articles=-1):
+ """List articles of a feed. The administrator of the platform is able to
+ access to this view for every users."""
+ feed = controllers.FeedController(g.user.id).get(id=feed_id)
+ feed.articles = controllers.ArticleController(g.user.id)\
+ .read(feed_id=feed.id)\
+ .order_by(desc("Article.date"))
+ if len(feed.articles.all()) <= nb_articles:
+ nb_articles = -1
+ if nb_articles == -1:
+ feed.articles = feed.articles.limit(nb_articles)
+ return render_template('articles.html', feed=feed, nb_articles=nb_articles)
+
+
+@article_bp.route('/redirect/<int:article_id>', methods=['GET'])
+@pyagg_default_decorator
+def redirect_to_article(article_id):
+ article = controllers.ArticleController(g.user.id).get(id=article_id)
+ return redirect(article.link)
+
+
+@article_bp.route('/<int:article_id>', methods=['GET'])
+@pyagg_default_decorator
+def article(article_id=None):
+ """
+ Presents the content of an article.
+ """
+ article = controllers.ArticleController(g.user.id).get(id=article_id)
+ previous_article = article.previous_article()
+ if previous_article is None:
+ previous_article = article.source.articles[0]
+ next_article = article.next_article()
+ if next_article is None:
+ next_article = article.source.articles[-1]
+
+ return render_template('article.html',
+ head_title=utils.clear_string(article.title),
+ article=article,
+ previous_article=previous_article,
+ next_article=next_article)
diff --git a/pyaggr3g470r/views/feed.py b/pyaggr3g470r/views/feed.py
new file mode 100644
index 00000000..2af502a7
--- /dev/null
+++ b/pyaggr3g470r/views/feed.py
@@ -0,0 +1,50 @@
+from datetime import datetime
+from flask import Blueprint, g, render_template
+
+from pyaggr3g470r import controllers, utils
+from pyaggr3g470r.decorators import pyagg_default_decorator, \
+ feed_access_required
+
+feeds_bp = Blueprint('feeds', __name__, url_prefix='/feeds')
+feed_bp = Blueprint('feed', __name__, url_prefix='/feed')
+
+@feeds_bp.route('/', methods=['GET'])
+def feeds():
+ "Lists the subscribed feeds in a table."
+ return render_template('feeds.html',
+ feeds=controllers.FeedController(g.user.id).read())
+
+
+@feed_bp.route('/<int:feed_id>', methods=['GET'])
+@pyagg_default_decorator
+@feed_access_required
+def feed(feed_id=None):
+ "Presents detailed information about a feed."
+ feed = controllers.FeedController(g.user.id).get(id=feed_id)
+ word_size = 6
+ articles = controllers.ArticleController(g.user.id)\
+ .read(feed_id=feed_id).all()
+ nb_articles = controllers.ArticleController(g.user.id).read().count()
+ top_words = utils.top_words(articles, n=50, size=int(word_size))
+ tag_cloud = utils.tag_cloud(top_words)
+
+ today = datetime.now()
+ try:
+ last_article = articles[0].date
+ first_article = articles[-1].date
+ delta = last_article - first_article
+ average = round(float(len(articles)) / abs(delta.days), 2)
+ except:
+ last_article = datetime.fromtimestamp(0)
+ first_article = datetime.fromtimestamp(0)
+ delta = last_article - first_article
+ average = 0
+ elapsed = today - last_article
+
+ return render_template('feed.html',
+ head_title=utils.clear_string(feed.title),
+ feed=feed, tag_cloud=tag_cloud,
+ first_post_date=first_article,
+ end_post_date=last_article,
+ nb_articles=nb_articles,
+ average=average, delta=delta, elapsed=elapsed)
diff --git a/pyaggr3g470r/views/views.py b/pyaggr3g470r/views/views.py
new file mode 100644
index 00000000..5279d7fe
--- /dev/null
+++ b/pyaggr3g470r/views/views.py
@@ -0,0 +1,843 @@
+#! /usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# pyAggr3g470r - A Web based news aggregator.
+# Copyright (C) 2010-2015 Cédric Bonhomme - https://www.cedricbonhomme.org
+#
+# For more information : https://bitbucket.org/cedricbonhomme/pyaggr3g470r
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+__author__ = "Cedric Bonhomme"
+__version__ = "$Revision: 5.3 $"
+__date__ = "$Date: 2010/01/29 $"
+__revision__ = "$Date: 2014/08/27 $"
+__copyright__ = "Copyright (c) Cedric Bonhomme"
+__license__ = "AGPLv3"
+
+import os
+import json
+import string
+import random
+import hashlib
+import datetime
+from collections import namedtuple
+from bootstrap import application as app, db
+from flask import render_template, request, flash, session, Response, \
+ url_for, redirect, g, current_app, make_response, jsonify
+from flask.ext.login import LoginManager, login_user, logout_user, \
+ login_required, current_user, AnonymousUserMixin
+from flask.ext.principal import Principal, Identity, AnonymousIdentity, \
+ identity_changed, identity_loaded, Permission,\
+ RoleNeed, UserNeed
+from flask.ext.babel import gettext
+from sqlalchemy import func, or_
+from sqlalchemy.exc import IntegrityError
+from werkzeug import generate_password_hash
+
+import conf
+from pyaggr3g470r import utils, notifications, export, duplicate
+from pyaggr3g470r.models import User, Feed, Article, Role
+from pyaggr3g470r.decorators import feed_access_required
+from pyaggr3g470r.forms import SignupForm, SigninForm, AddFeedForm, \
+ ProfileForm, InformationMessageForm, RecoverPasswordForm
+from pyaggr3g470r.controllers import FeedController
+if not conf.ON_HEROKU:
+ import pyaggr3g470r.search as fastsearch
+
+
+Principal(app)
+# Create a permission with a single Need, in this case a RoleNeed.
+admin_permission = Permission(RoleNeed('admin'))
+
+login_manager = LoginManager()
+login_manager.init_app(app)
+
+#
+# Management of the user's session.
+#
+@identity_loaded.connect_via(app)
+def on_identity_loaded(sender, identity):
+ # Set the identity user object
+ identity.user = current_user
+
+ # Add the UserNeed to the identity
+ if hasattr(current_user, 'id'):
+ identity.provides.add(UserNeed(current_user.id))
+
+ # Assuming the User model has a list of roles, update the
+ # identity with the roles that the user provides
+ if hasattr(current_user, 'roles'):
+ for role in current_user.roles:
+ identity.provides.add(RoleNeed(role.name))
+
+@app.before_request
+def before_request():
+ g.user = current_user
+ if g.user.is_authenticated():
+ g.user.last_seen = datetime.datetime.utcnow()
+ db.session.add(g.user)
+ db.session.commit()
+
+@login_manager.user_loader
+def load_user(email):
+ # Return an instance of the User model
+ return User.query.filter(User.email == email).first()
+
+
+#
+# Custom error pages.
+#
+@app.errorhandler(401)
+def authentication_required(e):
+ flash(gettext('Authentication required.'), 'info')
+ return redirect(url_for('login'))
+
+@app.errorhandler(403)
+def authentication_failed(e):
+ flash(gettext('Forbidden.'), 'danger')
+ return redirect(url_for('home'))
+
+@app.errorhandler(404)
+def page_not_found(e):
+ return render_template('errors/404.html'), 404
+
+@app.errorhandler(500)
+def internal_server_error(e):
+ return render_template('errors/500.html'), 500
+
+
+def redirect_url(default='home'):
+ return request.args.get('next') or \
+ request.referrer or \
+ url_for(default)
+
+@g.babel.localeselector
+def get_locale():
+ """
+ Called before each request to give us a chance to choose
+ the language to use when producing its response.
+ """
+ return request.accept_languages.best_match(conf.LANGUAGES.keys())
+
+@g.babel.timezoneselector
+def get_timezone():
+ try:
+ return conf.TIME_ZONE[get_locale()]
+ except:
+ return conf.TIME_ZONE["en"]
+
+#
+# Views.
+#
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+ """
+ Log in view.
+ """
+ if g.user is not None and g.user.is_authenticated():
+ return redirect(url_for('home'))
+
+ g.user = AnonymousUserMixin()
+ form = SigninForm()
+
+ if form.validate_on_submit():
+ user = User.query.filter(User.email == form.email.data).first()
+ login_user(user)
+ g.user = user
+ session['email'] = form.email.data
+ identity_changed.send(current_app._get_current_object(),
+ identity=Identity(user.id))
+ flash(gettext("Logged in successfully."), 'success')
+ return redirect(url_for('home'))
+ return render_template('login.html', form=form)
+
+
+@app.route('/logout')
+@login_required
+def logout():
+ """
+ Log out view. Removes the user information from the session.
+ """
+ session.pop('email', None)
+
+ # Remove the user information from the session
+ logout_user()
+
+ # Remove session keys set by Flask-Principal
+ for key in ('identity.name', 'identity.auth_type'):
+ session.pop(key, None)
+
+ # Tell Flask-Principal the user is anonymous
+ identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
+
+ flash(gettext("Logged out successfully."), 'success')
+ return redirect(url_for('login'))
+
+@app.route('/signup', methods=['GET', 'POST'])
+def signup():
+ """
+ Signup page.
+ """
+ if int(os.environ.get("SELF_REGISTRATION", 0)) != 1:
+ flash(gettext("Self-registration is disabled."), 'warning')
+ return redirect(url_for('home'))
+ if g.user is not None and g.user.is_authenticated():
+ return redirect(url_for('home'))
+
+ form = SignupForm()
+
+ if form.validate_on_submit():
+ role_user = Role.query.filter(Role.name == "user").first()
+ user = User(nickname=form.nickname.data,
+ email=form.email.data,
+ pwdhash=generate_password_hash(form.password.data))
+ user.roles = [role_user]
+ db.session.add(user)
+ try:
+ db.session.commit()
+ except IntegrityError:
+ flash(gettext('Email already used.'), 'warning')
+ return render_template('signup.html', form=form)
+
+ # Send the confirmation email
+ try:
+ notifications.new_account_notification(user)
+ except Exception as e:
+ flash(gettext('Problem while sending activation email') + ': ' + str(e), 'danger')
+ return redirect(url_for('home'))
+
+ flash(gettext('Your account has been created. Check your mail to confirm it.'), 'success')
+ return redirect(url_for('home'))
+
+ return render_template('signup.html', form=form)
+
+@app.route('/')
+@login_required
+def home():
+ """
+ Home page for connected users. Displays by default unread articles.
+ """
+ feeds = {feed.id: feed.title for feed in g.user.feeds if feed.enabled}
+ articles = Article.query.filter(Article.feed_id.in_(feeds.keys()),
+ Article.user_id == g.user.id)
+ filter_ = request.args.get('filter_', 'unread')
+ feed_id = int(request.args.get('feed', 0))
+ limit = request.args.get('limit', 1000)
+ if filter_ != 'all':
+ articles = articles.filter(Article.readed == (filter_ == 'read'))
+ if feed_id:
+ articles = articles.filter(Article.feed_id == feed_id)
+
+ articles = articles.order_by(Article.date.desc())
+ if limit != 'all':
+ limit = int(limit)
+ articles = articles.limit(limit)
+ unread = db.session.query(Article.feed_id, func.count(Article.id))\
+ .filter(Article.readed == False, Article.user_id == g.user.id)\
+ .group_by(Article.feed_id).all()
+ in_error = {feed.id: feed.error_count for feed in
+ FeedController(g.user.id).read(error_count__gt=0).all()}
+ def gen_url(filter_=filter_, limit=limit, feed=feed_id):
+ return '?filter_=%s&limit=%s&feed=%d' % (filter_, limit, feed)
+ return render_template('home.html', gen_url=gen_url, feed_id=feed_id,
+ filter_=filter_, limit=limit, feeds=feeds,
+ unread=dict(unread), articles=articles.all(),
+ in_error=in_error)
+
+
+@app.route('/fetch', methods=['GET'])
+@app.route('/fetch/<int:feed_id>', methods=['GET'])
+@login_required
+def fetch(feed_id=None):
+ """
+ Triggers the download of news.
+ News are downloaded in a separated process, mandatory for Heroku.
+ """
+ utils.fetch(g.user.id, feed_id)
+ flash(gettext("Downloading articles..."), 'info')
+ return redirect(redirect_url())
+
+@app.route('/about', methods=['GET'])
+def about():
+ """
+ 'About' page.
+ """
+ return render_template('about.html')
+
+
+@app.route('/mark_as/<string:new_value>', methods=['GET'])
+@app.route('/mark_as/<string:new_value>/feed/<int:feed_id>', methods=['GET'])
+@app.route('/mark_as/<string:new_value>/article/<int:article_id>', methods=['GET'])
+@login_required
+@feed_access_required
+def mark_as(new_value='read', feed_id=None, article_id=None):
+ """
+ Mark all unreaded articles as read.
+ """
+ readed = new_value == 'read'
+ articles = Article.query.filter(Article.user_id == g.user.id)
+ if feed_id is not None:
+ articles = articles.filter(Article.feed_id == feed_id)
+ message = 'Feed marked as %s.'
+ elif article_id is not None:
+ articles = articles.filter(Article.id == article_id)
+ message = 'Article marked as %s.'
+ else:
+ message = 'All article marked as %s.'
+ articles.filter(Article.readed == (not readed)).update({"readed": readed})
+ flash(gettext(message % new_value), 'info')
+ db.session.commit()
+ if readed:
+ return redirect(redirect_url())
+ return redirect(url_for('home'))
+
+@app.route('/like/<int:article_id>', methods=['GET'])
+@login_required
+def like(article_id=None):
+ """
+ Mark or unmark an article as favorites.
+ """
+ Article.query.filter(Article.user_id == g.user.id, Article.id == article_id). \
+ update({
+ "like": not Article.query.filter(Article.id == article_id).first().like
+ })
+ db.session.commit()
+ return redirect(redirect_url())
+
+@app.route('/delete/<int:article_id>', methods=['GET'])
+@login_required
+def delete(article_id=None):
+ """
+ Delete an article from the database.
+ """
+ article = Article.query.filter(Article.id == article_id).first()
+ if article is not None and article.source.subscriber.id == g.user.id:
+ db.session.delete(article)
+ db.session.commit()
+ try:
+ fastsearch.delete_article(g.user.id, article.feed_id, article.id)
+ except:
+ pass
+ flash(gettext('Article') + ' ' + article.title + ' ' + gettext('deleted.'), 'success')
+ return redirect(redirect_url())
+ else:
+ flash(gettext('This article do not exist.'), 'danger')
+ return redirect(url_for('home'))
+
+
+@app.route('/favorites', methods=['GET'])
+@login_required
+def favorites():
+ """
+ List favorites articles.
+ """
+ feeds_with_like = Feed.query.filter(Feed.user_id == g.user.id, Feed.articles.any(like=True))
+ result, nb_favorites = [], 0
+ light_feed = namedtuple('Feed', ['id', 'title', 'articles'], verbose=False, rename=False)
+ for feed in feeds_with_like:
+ articles = Article.query.filter(Article.user_id == g.user.id, Article.feed_id == feed.id, Article.like == True).all()
+ result.append(light_feed(feed.id, feed.title, articles))
+ nb_favorites += len(articles)
+ return render_template('favorites.html', feeds=result, nb_favorites=nb_favorites)
+
+@app.route('/unread/<int:feed_id>', methods=['GET'])
+@app.route('/unread', methods=['GET'])
+@login_required
+def unread(feed_id=None):
+ """
+ List unread articles.
+ """
+ if feed_id is not None:
+ feeds_with_unread = Feed.query.filter(Feed.user_id == g.user.id, Feed.id == feed_id)
+ else:
+ feeds_with_unread = Feed.query.filter(Feed.user_id == g.user.id, Feed.articles.any(readed=False))
+ result, nb_unread = [], 0
+ light_feed = namedtuple('Feed', ['id', 'title', 'articles'], verbose=False, rename=False)
+ for feed in feeds_with_unread:
+ articles = Article.query.filter(Article.user_id == g.user.id, Article.feed_id == feed.id, Article.readed == False).all()
+ result.append(light_feed(feed.id, feed.title, articles))
+ nb_unread += len(articles)
+ return render_template('unread.html', feeds=result, nb_unread=nb_unread)
+
+@app.route('/inactives', methods=['GET'])
+@login_required
+def inactives():
+ """
+ List of inactive feeds.
+ """
+ nb_days = int(request.args.get('nb_days', 365))
+ user = User.query.filter(User.id == g.user.id).first()
+ today = datetime.datetime.now()
+ inactives = []
+ for feed in user.feeds:
+ try:
+ last_post = feed.articles[0].date
+ except IndexError:
+ continue
+ elapsed = today - last_post
+ if elapsed > datetime.timedelta(days=nb_days):
+ inactives.append((feed, elapsed))
+ return render_template('inactives.html', inactives=inactives, nb_days=nb_days)
+
+@app.route('/duplicates/<int:feed_id>', methods=['GET'])
+@login_required
+def duplicates(feed_id=None):
+ """
+ Return duplicates article for a feed.
+ """
+ feed = Feed.query.filter(Feed.user_id == g.user.id, Feed.id == feed_id).first()
+ duplicates = []
+ duplicates = duplicate.compare_documents(feed)
+ return render_template('duplicates.html', duplicates=duplicates, feed=feed)
+
+@app.route('/index_database', methods=['GET'])
+@login_required
+def index_database():
+ """
+ Index all the database.
+ """
+ if not conf.ON_HEROKU:
+ try:
+ fastsearch.create_index(g.user.id)
+ flash(gettext('Indexing database...'), 'success')
+ except Exception as e:
+ flash(gettext('An error occured') + ' (%s).' % e, 'danger')
+ return redirect(url_for('home'))
+ else:
+ flash(gettext('Option not available on Heroku.'), 'success')
+ return redirect(url_for('home'))
+
+@app.route('/export', methods=['GET'])
+@login_required
+def export_articles():
+ """
+ Export all articles to HTML or JSON.
+ """
+ user = User.query.filter(User.id == g.user.id).first()
+ if request.args.get('format') == "HTML":
+ # Export to HTML
+ try:
+ archive_file, archive_file_name = export.export_html(user)
+ except:
+ flash(gettext("Error when exporting articles."), 'danger')
+ return redirect(redirect_url())
+ response = make_response(archive_file)
+ response.headers['Content-Type'] = 'application/x-compressed'
+ response.headers['Content-Disposition'] = 'attachment; filename='+archive_file_name
+ elif request.args.get('format') == "JSON":
+ # Export to JSON
+ try:
+ json_result = export.export_json(user)
+ except:
+ flash(gettext("Error when exporting articles."), 'danger')
+ return redirect(redirect_url())
+ response = make_response(json_result)
+ response.mimetype = 'application/json'
+ response.headers["Content-Disposition"] = 'attachment; filename=account.json'
+ else:
+ flash(gettext('Export format not supported.'), 'warning')
+ return redirect(redirect_url())
+ return response
+
+@app.route('/export_opml', methods=['GET'])
+@login_required
+def export_opml():
+ """
+ Export all feeds to OPML.
+ """
+ user = User.query.filter(User.id == g.user.id).first()
+ response = make_response(render_template('opml.xml', user=user, now=datetime.datetime.now()))
+ response.headers['Content-Type'] = 'application/xml'
+ response.headers['Content-Disposition'] = 'attachment; filename=feeds.opml'
+ return response
+
+@app.route('/search', methods=['GET'])
+@login_required
+def search():
+ """
+ Search articles corresponding to the query.
+ """
+ if conf.ON_HEROKU:
+ flash(gettext("Full text search is not yet implemented for Heroku."), "warning")
+ return redirect(url_for('home'))
+ user = User.query.filter(User.id == g.user.id).first()
+
+ search_result, result = [], []
+ nb_articles = 0
+
+ query = request.args.get('query', None)
+ if query is not None:
+ try:
+ search_result, nb_articles = fastsearch.search(user.id, query)
+ except Exception as e:
+ flash(gettext('An error occured') + ' (%s).' % e, 'danger')
+ light_feed = namedtuple('Feed', ['id', 'title', 'articles'], verbose=False, rename=False)
+ for feed_id in search_result:
+ for feed in user.feeds:
+ if feed.id == feed_id:
+ articles = []
+ for article_id in search_result[feed_id]:
+ current_article = Article.query.filter(Article.user_id == g.user.id, Article.id == article_id).first()
+ articles.append(current_article)
+ articles = sorted(articles, key=lambda t: t.date, reverse=True)
+ result.append(light_feed(feed.id, feed.title, articles))
+ break
+ return render_template('search.html', feeds=result, nb_articles=nb_articles, query=query)
+
+@app.route('/management', methods=['GET', 'POST'])
+@login_required
+def management():
+ """
+ Display the management page.
+ """
+ if request.method == 'POST':
+ if None != request.files.get('opmlfile', None):
+ # Import an OPML file
+ data = request.files.get('opmlfile', None)
+ if not g.allowed_file(data.filename):
+ flash(gettext('File not allowed.'), 'danger')
+ else:
+ try:
+ nb = utils.import_opml(g.user.email, data.read())
+ utils.fetch(g.user.email, None)
+ flash(str(nb) + ' ' + gettext('feeds imported.'), "success")
+ flash(gettext("Downloading articles..."), 'info')
+ except:
+ flash(gettext("Impossible to import the new feeds."), "danger")
+ elif None != request.files.get('jsonfile', None):
+ # Import an account
+ data = request.files.get('jsonfile', None)
+ if not g.allowed_file(data.filename):
+ flash(gettext('File not allowed.'), 'danger')
+ else:
+ try:
+ nb = utils.import_json(g.user.email, data.read())
+ flash(gettext('Account imported.'), "success")
+ except:
+ flash(gettext("Impossible to import the account."), "danger")
+ else:
+ flash(gettext('File not allowed.'), 'danger')
+
+ form = AddFeedForm()
+ nb_feeds = len(g.user.feeds.all())
+ articles = Article.query.filter(Article.user_id == g.user.id)
+ nb_articles = articles.count()
+ nb_unread_articles = articles.filter(Article.readed == False).count()
+ return render_template('management.html', user=g.user, form=form,
+ nb_feeds=nb_feeds, nb_articles=nb_articles, nb_unread_articles=nb_unread_articles,
+ not_on_heroku = not conf.ON_HEROKU)
+
+@app.route('/history', methods=['GET'])
+@login_required
+def history():
+ #user = User.query.filter(User.id == g.user.id).first()
+ return render_template('history.html')
+
+@app.route('/bookmarklet', methods=['GET'])
+@app.route('/create_feed', methods=['GET', 'POST'])
+@app.route('/edit_feed/<int:feed_id>', methods=['GET', 'POST'])
+@login_required
+@feed_access_required
+def edit_feed(feed_id=None):
+ """
+ Add or edit a feed.
+ """
+ feed = FeedController(g.user.id).get(id=feed_id)
+ form = AddFeedForm()
+
+ if request.method == 'POST':
+ if form.validate() == False:
+ return render_template('edit_feed.html', form=form)
+ if feed_id is not None:
+ # Edit an existing feed
+ form.populate_obj(feed)
+ db.session.commit()
+ flash(gettext('Feed successfully updated.'), 'success')
+ return redirect('/edit_feed/' + str(feed_id))
+ else:
+ # Create a new feed
+ existing_feed = [f for f in g.user.feeds if feed.link == form.link.data]
+ if len(existing_feed) == 0:
+ new_feed = Feed(title=form.title.data, description="", link=form.link.data, \
+ site_link=form.site_link.data, enabled=form.enabled.data)
+ g.user.feeds.append(new_feed)
+ #user.feeds = sorted(user.feeds, key=lambda t: t.title.lower())
+ db.session.commit()
+ flash(gettext('Feed successfully created.'), 'success')
+
+ utils.fetch(g.user.id, Feed.query.filter(Feed.link == form.link.data).first().id)
+ flash(gettext("Downloading articles for the new feed..."), 'info')
+
+ return redirect('/edit_feed/' + str(new_feed.id))
+ else:
+ flash(gettext('Feed already in the database.'), 'warning')
+ return redirect('/edit_feed/' + str(existing_feed[0].id))
+
+ if request.method == 'GET':
+ if feed_id is not None:
+ form = AddFeedForm(obj=feed)
+ return render_template('edit_feed.html', action=gettext("Edit the feed"), form=form, feed=feed, \
+ not_on_heroku = not conf.ON_HEROKU)
+
+ # Enable the user to add a feed with a bookmarklet
+ if None is not request.args.get('url', None):
+ existing_feed = [f for f in g.user.feeds if feed.link == request.args.get('url', None)]
+ if len(existing_feed) == 0:
+ g.user.feeds.append(Feed(link=request.args.get('url', None)))
+ db.session.commit()
+ return jsonify({"message":"ok"})
+ return jsonify({"message":"Feed already in the database."})
+
+ # Return an empty form in order to create a new feed
+ return render_template('edit_feed.html', action=gettext("Add a feed"), form=form, \
+ not_on_heroku = not conf.ON_HEROKU)
+
+@app.route('/delete_feed/<feed_id>', methods=['GET'])
+@login_required
+@feed_access_required
+def delete_feed(feed_id=None):
+ """
+ Delete a feed with all associated articles.
+ """
+ feed = Feed.query.filter(Feed.id == feed_id).first()
+ db.session.delete(feed)
+ db.session.commit()
+ flash(gettext('Feed') + ' ' + feed.title + ' ' + gettext('successfully deleted.'), 'success')
+ return redirect(redirect_url())
+
+@app.route('/profile', methods=['GET', 'POST'])
+@login_required
+def profile():
+ """
+ Edit the profile of the currently logged user.
+ """
+ user = User.query.filter(User.email == g.user.email).first()
+ form = ProfileForm()
+
+ if request.method == 'POST':
+ if form.validate():
+ form.populate_obj(user)
+ if form.password.data != "":
+ user.set_password(form.password.data)
+ db.session.commit()
+ flash("%s %s %s" % (gettext('User'), user.nickname,
+ gettext('successfully updated.')),
+ 'success')
+ return redirect(url_for('profile'))
+ else:
+ return render_template('profile.html', form=form)
+
+ if request.method == 'GET':
+ form = ProfileForm(obj=user)
+ return render_template('profile.html', user=user, form=form)
+
+@app.route('/delete_account', methods=['GET'])
+@login_required
+def delete_account():
+ """
+ Delete the account of the user (with all its data).
+ """
+ user = User.query.filter(User.email == g.user.email).first()
+ if user is not None:
+ db.session.delete(user)
+ db.session.commit()
+ flash(gettext('Your account has been deleted.'), 'success')
+ else:
+ flash(gettext('This user does not exist.'), 'danger')
+ return redirect(url_for('login'))
+
+@app.route('/expire_articles', methods=['GET'])
+@login_required
+def expire_articles():
+ """
+ Delete articles older than the given number of weeks.
+ """
+ current_time = datetime.datetime.utcnow()
+ weeks_ago = current_time - datetime.timedelta(weeks=int(request.args.get('weeks', 10)))
+ articles_to_delete = Article.query.filter(User.email == g.user.email, or_(Article.date < weeks_ago, Article.retrieved_date < weeks_ago))
+ for article in articles_to_delete:
+ db.session.delete(article)
+ flash(gettext('Articles deleted.'), 'info')
+ db.session.commit()
+ return redirect(redirect_url())
+
+@app.route('/confirm_account/<string:activation_key>', methods=['GET'])
+def confirm_account(activation_key=None):
+ """
+ Confirm the account of a user.
+ """
+ if activation_key != "":
+ user = User.query.filter(User.activation_key == activation_key).first()
+ if user is not None:
+ user.activation_key = ""
+ db.session.commit()
+ flash(gettext('Your account has been confirmed.'), 'success')
+ else:
+ flash(gettext('Impossible to confirm this account.'), 'danger')
+ return redirect(url_for('login'))
+
+@app.route('/recover', methods=['GET', 'POST'])
+def recover():
+ """
+ Enables the user to recover its account when he has forgotten
+ its password.
+ """
+ form = RecoverPasswordForm()
+
+ if request.method == 'POST':
+ if form.validate():
+ user = User.query.filter(User.email == form.email.data).first()
+ characters = string.ascii_letters + string.digits
+ password = "".join(random.choice(characters) for x in range(random.randint(8, 16)))
+ user.set_password(password)
+ db.session.commit()
+
+ # Send the confirmation email
+ try:
+ notifications.new_password_notification(user, password)
+ flash(gettext('New password sent to your address.'), 'success')
+ except Exception as e:
+ flash(gettext('Problem while sending your new password.') + ': ' + str(e), 'danger')
+
+ return redirect(url_for('login'))
+ return render_template('recover.html', form=form)
+
+ if request.method == 'GET':
+ return render_template('recover.html', form=form)
+
+#
+# Views dedicated to administration tasks.
+#
+@app.route('/admin/dashboard', methods=['GET', 'POST'])
+@login_required
+@admin_permission.require(http_exception=403)
+def dashboard():
+ """
+ Adminstrator's dashboard.
+ """
+ form = InformationMessageForm()
+
+ if request.method == 'POST':
+ if form.validate():
+ try:
+ notifications.information_message(form.subject.data, form.message.data)
+ except Exception as e:
+ flash(gettext('Problem while sending email') + ': ' + str(e), 'danger')
+
+ users = User.query.all()
+ return render_template('admin/dashboard.html', users=users, current_user=g.user, form=form)
+
+@app.route('/admin/create_user', methods=['GET', 'POST'])
+@app.route('/admin/edit_user/<int:user_id>', methods=['GET', 'POST'])
+@login_required
+@admin_permission.require(http_exception=403)
+def create_user(user_id=None):
+ """
+ Create or edit a user.
+ """
+ form = ProfileForm()
+
+ if request.method == 'POST':
+ if form.validate():
+ role_user = Role.query.filter(Role.name == "user").first()
+ if user_id is not None:
+ # Edit a user
+ user = User.query.filter(User.id == user_id).first()
+ form.populate_obj(user)
+ if form.password.data != "":
+ user.set_password(form.password.data)
+ db.session.commit()
+ flash(gettext('User') + ' ' + user.nickname + ' ' + gettext('successfully updated.'), 'success')
+ else:
+ # Create a new user
+ user = User(nickname=form.nickname.data,
+ email=form.email.data,
+ pwdhash=generate_password_hash(form.password.data))
+ user.roles.extend([role_user])
+ user.activation_key = ""
+ db.session.add(user)
+ db.session.commit()
+ flash(gettext('User') + ' ' + user.nickname + ' ' + gettext('successfully created.'), 'success')
+ return redirect("/admin/edit_user/"+str(user.id))
+ else:
+ return redirect(url_for('create_user'))
+
+ if request.method == 'GET':
+ if user_id is not None:
+ user = User.query.filter(User.id == user_id).first()
+ form = ProfileForm(obj=user)
+ message = gettext('Edit the user') + ' <i>' + user.nickname + '</i>'
+ else:
+ form = ProfileForm()
+ message = gettext('Add a new user')
+ return render_template('/admin/create_user.html', form=form, message=message)
+
+@app.route('/admin/user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require(http_exception=403)
+def user(user_id=None):
+ """
+ See information about a user (stations, etc.).
+ """
+ user = User.query.filter(User.id == user_id).first()
+ if user is not None:
+ return render_template('/admin/user.html', user=user)
+ else:
+ flash(gettext('This user does not exist.'), 'danger')
+ return redirect(redirect_url())
+
+@app.route('/admin/delete_user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require(http_exception=403)
+def delete_user(user_id=None):
+ """
+ Delete a user (with all its data).
+ """
+ user = User.query.filter(User.id == user_id).first()
+ if user is not None:
+ db.session.delete(user)
+ db.session.commit()
+ flash(gettext('User') + ' ' + user.nickname + ' ' + gettext('successfully deleted.'), 'success')
+ else:
+ flash(gettext('This user does not exist.'), 'danger')
+ return redirect(redirect_url())
+
+@app.route('/admin/enable_user/<int:user_id>', methods=['GET'])
+@app.route('/admin/disable_user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require()
+def disable_user(user_id=None):
+ """
+ Enable or disable the account of a user.
+ """
+ user = User.query.filter(User.id == user_id).first()
+ if user is not None:
+ if user.activation_key != "":
+
+ # Send the confirmation email
+ try:
+ notifications.new_account_activation(user)
+ user.activation_key = ""
+ flash(gettext('Account of the user') + ' ' + user.nickname + ' ' + gettext('successfully activated.'), 'success')
+ except Exception as e:
+ flash(gettext('Problem while sending activation email') + ': ' + str(e), 'danger')
+
+ else:
+ user.activation_key = hashlib.sha512(str(random.getrandbits(256)).encode("utf-8")).hexdigest()[:86]
+ flash(gettext('Account of the user') + ' ' + user.nickname + ' ' + gettext('successfully disabled.'), 'success')
+ db.session.commit()
+ else:
+ flash(gettext('This user does not exist.'), 'danger')
+ return redirect(redirect_url())
bgstack15