aboutsummaryrefslogtreecommitdiff
path: root/pyaggr3g470r
diff options
context:
space:
mode:
Diffstat (limited to 'pyaggr3g470r')
-rw-r--r--pyaggr3g470r/views/admin.py166
-rw-r--r--pyaggr3g470r/views/user.py152
2 files changed, 318 insertions, 0 deletions
diff --git a/pyaggr3g470r/views/admin.py b/pyaggr3g470r/views/admin.py
new file mode 100644
index 00000000..744f3523
--- /dev/null
+++ b/pyaggr3g470r/views/admin.py
@@ -0,0 +1,166 @@
+from flask import (Blueprint, g, render_template, redirect,
+ flash, url_for, request)
+from flask.ext.babel import gettext
+from flask.ext.login import login_required
+
+from flask.ext.principal import Permission, RoleNeed
+
+from pyaggr3g470r.lib.utils import redirect_url
+from pyaggr3g470r.models import Role
+from pyaggr3g470r.controllers import UserController, ArticleController
+
+from pyaggr3g470r.forms import InformationMessageForm, UserForm
+from pyaggr3g470r import notifications
+
+admin_bp = Blueprint('admin', __name__, url_prefix='/admin')
+admin_permission = Permission(RoleNeed('admin'))
+
+
+@admin_bp.route('/dashboard', methods=['GET', 'POST'])
+@login_required
+@admin_permission.require(http_exception=403)
+def dashboard():
+ """
+ Adminstrator's dashboard.
+ """
+ form = InformationMessageForm()
+
+ if request.method == 'POST':
+ if form.validate():
+ try:
+ notifications.information_message(form.subject.data,
+ form.message.data)
+ except Exception as error:
+ flash(gettext(
+ 'Problem while sending email: %(error)s', error=error),
+ 'danger')
+
+ users = UserController().read()
+ return render_template('admin/dashboard.html',
+ users=users, current_user=g.user, form=form)
+
+
+@admin_bp.route('/user/create', methods=['GET'])
+@admin_bp.route('/user/edit/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require(http_exception=403)
+def user_form(user_id=None):
+ if user_id is not None:
+ user = UserController().get(id=user_id)
+ form = UserForm(obj=user)
+ message = gettext('Edit the user <i>%(nick)s</i>', nick=user.nickname)
+ else:
+ form = UserForm()
+ message = gettext('Add a new user')
+ return render_template('/admin/create_user.html',
+ form=form, message=message)
+
+
+@admin_bp.route('/user/create', methods=['POST'])
+@admin_bp.route('/user/edit/<int:user_id>', methods=['POST'])
+@login_required
+@admin_permission.require(http_exception=403)
+def process_user_form(user_id=None):
+ """
+ Create or edit a user.
+ """
+ form = UserForm()
+ user_contr = UserController()
+
+ if not form.validate():
+ return render_template('/admin/create_user.html', form=form,
+ message=gettext('Some errors were found'))
+
+ role_user = Role.query.filter(Role.name == "user").first()
+ if user_id is not None:
+ # Edit a user
+ user_contr.update({'id': user_id},
+ {'nickname': form.nickname.data,
+ 'email': form.email.data,
+ 'password': form.password.data,
+ 'refresh_rate': form.refresh_rate.data})
+ user = user_contr.get(id=user_id)
+ flash(gettext('User %(nick)s successfully updated',
+ nick=user.nickname), 'success')
+ else:
+ # Create a new user
+ user = user_contr.create(nickname=form.nickname.data,
+ email=form.email.data,
+ password=form.password.data,
+ roles=[role_user],
+ refresh_rate=form.refresh_rate.data,
+ activation_key="")
+ flash(gettext('User %(nick)s successfully created',
+ nick=user.nickname), 'success')
+ return redirect(url_for('admin.user_form', user_id=user.id))
+
+
+@admin_bp.route('/user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require(http_exception=403)
+def user(user_id=None):
+ """
+ See information about a user (stations, etc.).
+ """
+ user = UserController().get(id=user_id)
+ if user is not None:
+ article_contr = ArticleController(user_id)
+ return render_template('/admin/user.html', user=user, feeds=user.feeds,
+ article_count=article_contr.count_by_feed(),
+ unread_article_count=article_contr.count_by_feed(readed=False))
+
+ else:
+ flash(gettext('This user does not exist.'), 'danger')
+ return redirect(redirect_url())
+
+
+@admin_bp.route('/delete_user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require(http_exception=403)
+def delete_user(user_id=None):
+ """
+ Delete a user (with all its data).
+ """
+ try:
+ user = UserController().delete(user_id)
+ flash(gettext('User %(nick)s successfully deleted',
+ nick=user.nickname), 'success')
+ except Exception as error:
+ flash(gettext('An error occured while trying to delete a user: '
+ '%(error)', error=error), 'danger')
+ return redirect(redirect_url())
+
+
+@admin_bp.route('/toggle_user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require()
+def toggle_user(user_id=None):
+ """
+ Enable or disable the account of a user.
+ """
+ user_contr = UserController()
+ user = user_contr.get(id=user_id)
+
+ if user is None:
+ flash(gettext('This user does not exist.'), 'danger')
+ return redirect(url_for('admin.dashboard'))
+
+ if user.activation_key != "":
+
+ # Send the confirmation email
+ try:
+ notifications.new_account_activation(user)
+ user_contr.unset_activation_key(user.id)
+ message = gettext('Account of the user %(nick)s successfully '
+ 'activated.', nick=user.nickname)
+ except Exception as error:
+ flash(gettext('Problem while sending activation email %(error)s:',
+ error=error), 'danger')
+ return redirect(url_for('admin.dashboard'))
+
+ else:
+ user_contr.set_activation_key(user.id)
+ message = gettext('Account of the user %(nick)s successfully disabled',
+ nick=user.nickname)
+ flash(message, 'success')
+ return redirect(url_for('admin.dashboard'))
diff --git a/pyaggr3g470r/views/user.py b/pyaggr3g470r/views/user.py
new file mode 100644
index 00000000..cb416b5d
--- /dev/null
+++ b/pyaggr3g470r/views/user.py
@@ -0,0 +1,152 @@
+import string
+import random
+from flask import (Blueprint, g, render_template, redirect,
+ flash, url_for, request)
+from flask.ext.babel import gettext
+from flask.ext.login import login_required
+
+import conf
+from pyaggr3g470r import utils, notifications
+from pyaggr3g470r.controllers import (UserController, FeedController,
+ ArticleController)
+
+from pyaggr3g470r.forms import ProfileForm, RecoverPasswordForm
+
+users_bp = Blueprint('users', __name__, url_prefix='/users')
+user_bp = Blueprint('user', __name__, url_prefix='/user')
+
+
+@user_bp.route('/management', methods=['GET', 'POST'])
+@login_required
+def management():
+ """
+ Display the management page.
+ """
+ if request.method == 'POST':
+ if None != request.files.get('opmlfile', None):
+ # Import an OPML file
+ data = request.files.get('opmlfile', None)
+ if not utils.allowed_file(data.filename):
+ flash(gettext('File not allowed.'), 'danger')
+ else:
+ try:
+ nb = utils.import_opml(g.user.email, data.read())
+ if conf.CRAWLING_METHOD == "classic":
+ utils.fetch(g.user.email, None)
+ flash(str(nb) + ' ' + gettext('feeds imported.'),
+ "success")
+ flash(gettext("Downloading articles..."), 'info')
+ except:
+ flash(gettext("Impossible to import the new feeds."),
+ "danger")
+ elif None != request.files.get('jsonfile', None):
+ # Import an account
+ data = request.files.get('jsonfile', None)
+ if not utils.allowed_file(data.filename):
+ flash(gettext('File not allowed.'), 'danger')
+ else:
+ try:
+ nb = utils.import_json(g.user.email, data.read())
+ flash(gettext('Account imported.'), "success")
+ except:
+ flash(gettext("Impossible to import the account."),
+ "danger")
+ else:
+ flash(gettext('File not allowed.'), 'danger')
+
+ nb_feeds = FeedController(g.user.id).read().count()
+ art_contr = ArticleController(g.user.id)
+ nb_articles = art_contr.read().count()
+ nb_unread_articles = art_contr.read(readed=False).count()
+ return render_template('management.html', user=g.user,
+ nb_feeds=nb_feeds, nb_articles=nb_articles,
+ nb_unread_articles=nb_unread_articles)
+
+
+@user_bp.route('/profile', methods=['GET', 'POST'])
+@login_required
+def profile():
+ """
+ Edit the profile of the currently logged user.
+ """
+ user_contr = UserController(g.user.id)
+ user = user_contr.get(id=g.user.id)
+ form = ProfileForm()
+
+ if request.method == 'POST':
+ if form.validate():
+ user_contr.update({'id': g.user.id},
+ {'nickname': form.nickname.data,
+ 'email': form.email.data,
+ 'password': form.password.data,
+ 'refresh_rate': form.refresh_rate.data})
+
+ flash(gettext('User %(nick)s successfully updated',
+ nick=user.nickname), 'success')
+ return redirect(url_for('user.profile'))
+ else:
+ return render_template('profile.html', user=user, form=form)
+
+ if request.method == 'GET':
+ form = ProfileForm(obj=user)
+ return render_template('profile.html', user=user, form=form)
+
+
+@user_bp.route('/delete_account', methods=['GET'])
+@login_required
+def delete_account():
+ """
+ Delete the account of the user (with all its data).
+ """
+ UserController(g.user.id).delete(g.user.id)
+ flash(gettext('Your account has been deleted.'), 'success')
+ return redirect(url_for('login'))
+
+
+@user_bp.route('/confirm_account/<string:activation_key>', methods=['GET'])
+def confirm_account(activation_key=None):
+ """
+ Confirm the account of a user.
+ """
+ user_contr = UserController()
+ if activation_key != "":
+ user = user_contr.read(activation_key=activation_key).first()
+ if user is not None:
+ user_contr.update({'id': user.id}, {'activation_key': ''})
+ flash(gettext('Your account has been confirmed.'), 'success')
+ else:
+ flash(gettext('Impossible to confirm this account.'), 'danger')
+ return redirect(url_for('login'))
+
+
+@user_bp.route('/recover', methods=['GET', 'POST'])
+def recover():
+ """
+ Enables the user to recover its account when he has forgotten
+ its password.
+ """
+ form = RecoverPasswordForm()
+ user_contr = UserController()
+
+ if request.method == 'POST':
+ if form.validate():
+ user = user_contr.get(email=form.email.data)
+ characters = string.ascii_letters + string.digits
+ password = "".join(random.choice(characters)
+ for x in range(random.randint(8, 16)))
+ user.set_password(password)
+ user_contr.update({'id': user.id}, {'password': password})
+
+ # Send the confirmation email
+ try:
+ notifications.new_password_notification(user, password)
+ flash(gettext('New password sent to your address.'), 'success')
+ except Exception as error:
+ flash(gettext('Problem while sending your new password: '
+ '%(error)s', error=error), 'danger')
+
+ return redirect(url_for('login'))
+ return render_template('recover.html', form=form)
+
+ if request.method == 'GET':
+ return render_template('recover.html', form=form)
bgstack15