upload_file() - Code Metrics - Inspection of "Added ability to add video" - Deathangel908/pychat - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( cd5ef7...1da252 )

by Andrew

created 2018-05-01 08:03 UTC

upload_file() A

↳ Parent: Project

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	2
dl	0
loc	14
rs	9.4285
c	1
b	0
f	1

# -*- encoding: utf-8 -*-
import datetime
import json
import logging
import os

from django.contrib.auth import authenticate
from django.contrib.auth import login as djangologin
from django.contrib.auth import logout as djangologout
from django.contrib.auth.hashers import make_password
from django.core.mail import mail_admins

from chat.templatetags.md5url import md5url
from chat.tornado.message_creator import MessagesCreator

try:
	from django.template.context_processors import csrf
except ImportError:
	from django.core.context_processors import csrf
from django.core.exceptions import ObjectDoesNotExist, ValidationError, PermissionDenied
from django.db import transaction
from django.db.models import Count, Q
from django.http import Http404
from django.http import HttpResponse
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.views.decorators.http import require_http_methods
from django.views.generic import View
from chat import utils
from chat.decorators import login_required_no_redirect, validation
from chat.forms import UserProfileForm, UserProfileReadOnlyForm
from chat.models import Issue, IssueDetails, IpAddress, UserProfile, Verification, Message, Subscription, \
	SubscriptionMessages, RoomUsers, Room, UserJoinedInfo, UploadedFile
from django.conf import settings
from chat.utils import hide_fields, check_user, check_password, check_email, extract_photo, send_sign_up_email, \
	create_user_model, check_captcha, send_reset_password_email, get_client_ip, get_or_create_ip, \
	send_password_changed, send_email_change, send_new_email_ver, get_message_images_videos

logger = logging.getLogger(__name__)
RECAPTCHA_SITE_KEY = getattr(settings, "RECAPTCHA_SITE_KEY", None)
RECAPTHCA_SITE_URL = getattr(settings, "RECAPTHCA_SITE_URL", None)
GOOGLE_OAUTH_2_CLIENT_ID = getattr(settings, "GOOGLE_OAUTH_2_CLIENT_ID", None)
GOOGLE_OAUTH_2_JS_URL = getattr(settings, "GOOGLE_OAUTH_2_JS_URL", None)
FACEBOOK_APP_ID = getattr(settings, "FACEBOOK_APP_ID", None)
FACEBOOK_JS_URL = getattr(settings, "FACEBOOK_JS_URL", None)

# TODO doesn't work
def handler404(request):
	return HttpResponse("Page not found", content_type='text/plain')


@require_http_methods(['POST'])
@validation
def validate_email(request):
	"""
	POST only, validates email during registration
	"""
	utils.check_email(request.POST.get('email'))
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


@require_http_methods(['POST'])
@login_required_no_redirect(False)
@transaction.atomic
def upload_file(request):
	"""
	POST only, validates email during registration
	"""
	logger.debug('Uploading file %s', request.POST)
	res = []
	for file in request.FILES:
		uf = UploadedFile(symbol=file[1], user=request.user, file=request.FILES[file], type_enum=UploadedFile.UploadedFileChoices(file[0]))
		uf.save()
		res.append(uf.id)
	return HttpResponse(json.dumps(res), content_type='application/json')


@require_http_methods(['POST'])
@login_required_no_redirect(False)
@transaction.atomic
def save_room_settings(request):
	"""
	POST only, validates email during registration
	"""
	logger.debug('save_room_settings request,  %s', request.POST)
	room_id = request.POST['roomId']
	room_name = request.POST.get('roomName')
	updated = RoomUsers.objects.filter(room_id=room_id, user_id=request.user.id).update(
		volume=request.POST['volume'],
		notifications=request.POST['notifications'] == 'true',
	)
	if updated != 1:
		raise PermissionDenied
	if room_name is not None:
		room_name = room_name.strip()
		if room_name and int(room_id) != settings.ALL_ROOM_ID:
			Room.objects.filter(id=room_id).update(name = room_name)
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


@require_http_methods('GET')
@transaction.atomic
def get_firebase_playback(request):
	registration_id = request.META['HTTP_AUTH']
	logger.debug('Firebase playback, id %s', registration_id)
	query_sub_message = SubscriptionMessages.objects.filter(subscription__registration_id=registration_id, received=False).order_by('-message__time')[:1]
	sub_message = query_sub_message[0]
	SubscriptionMessages.objects.filter(id=sub_message.id).update(received=True)
	message = Message.objects.select_related("sender__username", "room__name").get(id=sub_message.message_id)
	data = {
		'title': message.sender.username,
		'options': {
			'body': message.content,
			'icon': md5url('images/favicon.ico'),
			'data': {
				'id': sub_message.message_id,
				'sender': message.sender.username,
				'room': message.room.name,
				'roomId': message.room_id
			},
			'requireInteraction': True
		},
	}
	return HttpResponse(json.dumps(data), content_type='application/json')


def test(request):
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


@require_http_methods('POST')
@login_required_no_redirect(False)
@validation
def search_messages(request):
	data = request.POST['data']
	room_id = request.POST['room']
	if not RoomUsers.objects.filter(room_id=room_id, user_id=request.user.id).exists():
		raise ValidationError("You can't access this room")
	messages = Message.objects.filter(content__icontains=data, room_id=room_id)[:10]
	imv = get_message_images_videos(messages)
	result = []
	for message in messages:
		files = MessagesCreator.prepare_img_video(imv, message.id)
		prep_m = MessagesCreator.create_message(message, files)
		result.append(prep_m)
	response = json.dumps(result)
	return HttpResponse(response, content_type='application/json')


@require_http_methods('POST')
def register_subscription(request):
	logger.debug('Subscription request,  %s', request)
	registration_id = request.POST['registration_id']
	agent = request.POST['agent']
	is_mobile = request.POST['is_mobile']
	ip = get_or_create_ip(get_client_ip(request), logger)
	Subscription.objects.update_or_create(
		registration_id=registration_id,
		defaults={
			'user': request.user,
			'inactive': False,
			'updated': datetime.datetime.now(),
			'agent': agent,
			'is_mobile': is_mobile == 'true',
			'ip': ip
		}
	)
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')

@require_http_methods('POST')
@validation
def validate_user(request):
	"""
	Validates user during registration
	"""
	utils.check_user(request.POST.get('username'))
	# hardcoded ok check in register.js
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


def get_service_worker(request):  # this stub is only for development, this is replaced in nginx for prod
	worker = open(os.path.join(settings.STATIC_ROOT, 'js', 'sw.js'), 'rb')
	response = HttpResponse(content=worker)
	response['Content-Type'] = 'application/javascript'
	return response

@require_http_methods('GET')
@login_required_no_redirect(False)
def home(request):
	"""
	Login or logout navbar is creates by means of create_nav_page
	@return:  the x intercept of the line M{y=m*x+b}.
	"""
	context = csrf(request)
	ip = get_client_ip(request)
	if not UserJoinedInfo.objects.filter(Q(ip__ip=ip) & Q(user=request.user)).exists():
		ip_obj = get_or_create_ip(ip, logger)
		UserJoinedInfo.objects.create(ip=ip_obj, user=request.user)
	up = UserProfile.objects.defer('suggestions', 'highlight_code', 'embedded_youtube', 'online_change_sound', 'incoming_file_call_sound', 'message_sound', 'theme').get(id=request.user.id)
	context['suggestions'] = up.suggestions
	context['highlight_code'] = up.highlight_code
	context['message_sound'] = up.message_sound
	context['incoming_file_call_sound'] = up.incoming_file_call_sound
	context['online_change_sound'] = up.online_change_sound
	context['theme'] = up.theme
	context['embedded_youtube'] = up.embedded_youtube
	context['extensionId'] = settings.EXTENSION_ID
	context['extensionUrl'] = settings.EXTENSION_INSTALL_URL
	context['defaultRoomId'] = settings.ALL_ROOM_ID
	context['manifest'] = hasattr(settings, 'FIREBASE_API_KEY')
	return render_to_response('chat.html', context, context_instance=RequestContext(request))


@login_required_no_redirect(True)
def logout(request):
	"""
	POST. Logs out into system.
	"""
	registration_id = request.POST.get('registration_id')
	if registration_id is not None:
		Subscription.objects.filter(registration_id=registration_id).delete()
	djangologout(request)
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


@require_http_methods(['POST'])
def auth(request):
	"""
	Logs in into system.
	"""
	username = request.POST.get('username')
	password = request.POST.get('password')
	user = authenticate(username=username, password=password)
	if user is not None:
		djangologin(request, user)
		message = settings.VALIDATION_IS_OK
	else:
		message = 'Login or password is wrong'
	logger.debug('Auth request %s ; Response: %s', hide_fields(request.POST, ('password',)), message)
	return HttpResponse(message, content_type='text/plain')


def send_restore_password(request):
	"""
	Sends email verification code
	"""
	logger.debug('Recover password request %s', request)
	try:
		username_or_password = request.POST.get('username_or_password')
		check_captcha(request)
		user_profile = UserProfile.objects.get(Q(username=username_or_password) | Q(email=username_or_password))
		if not user_profile.email:
			raise ValidationError("You didn't specify email address for this user")
		verification = Verification(type_enum=Verification.TypeChoices.password, user_id=user_profile.id)
		verification.save()
		send_reset_password_email(request, user_profile, verification)
		message = settings.VALIDATION_IS_OK
		logger.debug('Verification email has been send for token %s to user %s(id=%d)',
				verification.token, user_profile.username, user_profile.id)
	except UserProfile.DoesNotExist:
		message = "User with this email or username doesn't exist"
		logger.debug("Skipping password recovery request for nonexisting user")
	except (UserProfile.DoesNotExist, ValidationError) as e:
		logger.debug('Not sending verification email because %s', e)
		message = 'Unfortunately we were not able to send you restore password email because {}'.format(e)
	return HttpResponse(message, content_type='text/plain')


@require_http_methods(['GET'])
def proceed_email_changed(request):
	try:
		with transaction.atomic():
			token = request.GET['token']
			logger.debug('Proceed change email with token %s', token)
			user, verification = utils.get_user_by_code(token, Verification.TypeChoices.email)
			new_ver = send_new_email_ver(request, user, verification.email)
			user.email = verification.email
			user.email_verification = new_ver
			user.save(update_fields=('email', 'email_verification'))
			verification.verified = True
			verification.save(update_fields=('verified',))
			logger.info('Email has been change for token %s user %s(id=%d)', token, user.username, user.id)
			return render_to_response(
				'email_changed.html',
				{'text': 'Your email has been changed to {}.'.format(verification.email)},
				context_instance=RequestContext(request)
			)
	except Exception as e:
		return render_to_response(
			'email_changed.html',
			{'text': 'Unable to change your email because {}'.format(e.message)}
			, context_instance=RequestContext(request)
		)


class RestorePassword(View):

	@transaction.atomic
	@validation
	def post(self, request):
		"""
		Sends email verification token
		"""
		token = request.POST.get('token', False)
		logger.debug('Proceed Recover password with token %s', token)
		user, verification = utils.get_user_by_code(token, Verification.TypeChoices.password)
		password = request.POST.get('password')
		check_password(password)
		user.set_password(password)
		user.save(update_fields=('password',))
		verification.verified = True
		verification.save(update_fields=('verified',))
		logger.info('Password has been change for token %s user %s(id=%d)', token, user.username, user.id)
		return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')

	def get(self, request):
		token = request.GET.get('token', False)
		logger.debug('Rendering restore password page with token  %s', token)
		try:
			user = utils.get_user_by_code(token, Verification.TypeChoices.password)[0]
			response = {
				'message': settings.VALIDATION_IS_OK,
				'restore_user': user.username,
				'token': token
			}
		except ValidationError as e:
			logger.debug('Rejecting verification token %s because %s', token, e)
			response = {'message': "Unable to confirm email with token {} because {}".format(token, e)}
		return render_to_response('reset_password.html', response, context_instance=RequestContext(request))


@require_http_methods('GET')
def confirm_email(request):
	"""
	Accept the verification token sent to email
	"""
	token = request.GET.get('token', False)
	logger.debug('Processing email confirm with token  %s', token)
	try:
		try:
			v = Verification.objects.get(token=token)
		except Verification.DoesNotExist:
			raise ValidationError('Unknown verification token')
		if v.type_enum not in (Verification.TypeChoices.register, Verification.TypeChoices.confirm_email):
			raise ValidationError('This is not confirm email token')
		if v.verified:
			raise ValidationError('This verification token already accepted')
		user = UserProfile.objects.get(id=v.user_id)
		if user.email_verification_id != v.id:
			raise ValidationError('Verification token expired because you generated another one')
		v.verified = True
		v.save(update_fields=['verified'])
		message = settings.VALIDATION_IS_OK
		logger.info('Email verification token %s has been accepted for user %s(id=%d)', token, user.username, user.id)
	except Exception as e:
		logger.debug('Rejecting verification token %s because %s', token, e)
		message = ("Unable to confirm email with token {} because {}".format(token, e))
	response = {'message': message}
	return render_to_response('confirm_mail.html', response, context_instance=RequestContext(request))


@require_http_methods('GET')
def show_profile(request, profile_id):
	try:
		user_profile = UserProfile.objects.get(pk=profile_id)
		form = UserProfileReadOnlyForm(instance=user_profile)
		form.username = user_profile.username
		return render_to_response(
			'show_profile.html',
			{'form': form},
			context_instance=RequestContext(request)
		)
	except ObjectDoesNotExist:
		raise Http404


@require_http_methods('GET')
def statistics(request):
	pie_data = IpAddress.objects.values('country').filter(country__isnull=False).annotate(count=Count("country"))
	return HttpResponse(json.dumps(list(pie_data)), content_type='application/json')


@login_required_no_redirect()
@transaction.atomic
def report_issue(request):
	logger.info('Saving issue: %s', hide_fields(request.POST, ('log',), huge=True))
	issue_text = request.POST['issue']
	issue = Issue.objects.get_or_create(content=issue_text)[0]
	issue_details = IssueDetails(
		sender_id=request.user.id,
		browser=request.POST.get('browser'),
		issue=issue,
		log=request.POST.get('log')
	)
	try:
		mail_admins("{} reported issue".format(request.user.username), issue_text, fail_silently=True)
	except Exception as e:
		logging.error("Failed to send issue email because {}".format(e))
	issue_details.save()
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


class ProfileView(View):

	@login_required_no_redirect()
	def get(self, request):
		user_profile = UserProfile.objects.get(pk=request.user.id)
		form = UserProfileForm(instance=user_profile)
		c = csrf(request)
		c['form'] = form
		c['date_format'] = settings.DATE_INPUT_FORMATS_JS
		return render_to_response('change_profile.html', c, context_instance=RequestContext(request))


	@transaction.atomic
	@login_required_no_redirect()
	@validation # should follow after transaciton.atomic, thus ValidationError doesn't rollback
	def post(self, request):
		logger.info('Saving profile: %s', hide_fields(request.POST, ("base64_image", ), huge=True))
		user_profile = UserProfile.objects.get(pk=request.user.id)
		image_base64 = request.POST.get('base64_image')
		new_email = request.POST['email']
		if not new_email:
			new_email = None
		if new_email:
			utils.validate_email(new_email)
		utils.validate_user(request.POST['username'])
		if image_base64 is not None:
			image = extract_photo(image_base64)
			request.FILES['photo'] = image
		passwd = request.POST['password']
		if passwd:
			if request.user.password:
				is_valid = authenticate(username=request.user.username, password=request.POST['old_password'])
				if not is_valid:
					return HttpResponse("Invalid old password", content_type='text/plain')
			utils.check_password(passwd)
			request.POST['password'] = make_password(passwd)
		form = UserProfileForm(request.POST, request.FILES, instance=user_profile)
		if form.is_valid():
			if not passwd:
				form.instance.password = form.initial['password']
			if new_email != form.initial['email']:
				if form.initial['email'] and form.instance.email_verification and  form.instance.email_verification.verified:
					verification = Verification(
						type_enum=Verification.TypeChoices.email,
						user_id=user_profile.id,
						email=new_email
					)
					verification.save()
					send_email_change(request, request.user.username, form.initial['email'], verification, new_email)
					raise ValidationError("In order to change an email please confirm it from you current address. We send you an verification email to {}.".format(form.initial['email']))
				if new_email:
					new_ver = send_new_email_ver(request, request.user, new_email)
					form.instance.email_verification = new_ver
			profile = form.save()
			if passwd and form.initial['email']:
				send_password_changed(request, form.initial['email'])
			response = profile. photo.url if 'photo' in  request.FILES else settings.VALIDATION_IS_OK
		else:
			response = form.errors
		return HttpResponse(response, content_type='text/plain')


class RegisterView(View):

	def get(self, request):
		logger.debug(
			'Rendering register page with captcha site key %s and oauth key %s',
			RECAPTCHA_SITE_KEY, GOOGLE_OAUTH_2_CLIENT_ID
		)
		c = csrf(request)
		c['captcha_key'] = RECAPTCHA_SITE_KEY
		c['captcha_url'] = RECAPTHCA_SITE_URL
		c['oauth_url'] = GOOGLE_OAUTH_2_JS_URL
		c['oauth_token'] = GOOGLE_OAUTH_2_CLIENT_ID
		c['fb_app_id'] = FACEBOOK_APP_ID
		c['fb_js_url'] = FACEBOOK_JS_URL
		return render_to_response("register.html", c, context_instance=RequestContext(request))

	@transaction.atomic
	@validation
	def post(self, request):
		rp = request.POST
		logger.info('Got register request %s', hide_fields(rp, ('password', 'repeatpassword')))
		(username, password, email) = (rp.get('username'), rp.get('password'), rp.get('email'))
		check_user(username)
		check_password(password)
		check_email(email)
		user_profile = UserProfile(username=username, email=email, sex_str=rp.get('sex'))
		user_profile.set_password(password)
		create_user_model(user_profile)
		# You must call authenticate before you can call login
		auth_user = authenticate(username=username, password=password)
		if email:
			send_sign_up_email(user_profile, request.get_host(), request)
		djangologin(request, auth_user)
		return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


1			# -- encoding: utf-8 --
2			import datetime
3			import json
4			import logging
5			import os
6
7			from django.contrib.auth import authenticate
8			from django.contrib.auth import login as djangologin
9			from django.contrib.auth import logout as djangologout
10			from django.contrib.auth.hashers import make_password
11			from django.core.mail import mail_admins
12
13			from chat.templatetags.md5url import md5url
14			from chat.tornado.message_creator import MessagesCreator
15
16			try:
17			from django.template.context_processors import csrf
18			except ImportError:
19			from django.core.context_processors import csrf
20			from django.core.exceptions import ObjectDoesNotExist, ValidationError, PermissionDenied
21			from django.db import transaction
22			from django.db.models import Count, Q
23			from django.http import Http404
24			from django.http import HttpResponse
25			from django.shortcuts import render_to_response
26			from django.template import RequestContext
27			from django.views.decorators.http import require_http_methods
28			from django.views.generic import View
29			from chat import utils
30			from chat.decorators import login_required_no_redirect, validation
31			from chat.forms import UserProfileForm, UserProfileReadOnlyForm
32			from chat.models import Issue, IssueDetails, IpAddress, UserProfile, Verification, Message, Subscription, \
33			SubscriptionMessages, RoomUsers, Room, UserJoinedInfo, UploadedFile
34			from django.conf import settings
35			from chat.utils import hide_fields, check_user, check_password, check_email, extract_photo, send_sign_up_email, \
36			create_user_model, check_captcha, send_reset_password_email, get_client_ip, get_or_create_ip, \
37			send_password_changed, send_email_change, send_new_email_ver, get_message_images_videos
38
39			logger = logging.getLogger(__name__)
40			RECAPTCHA_SITE_KEY = getattr(settings, "RECAPTCHA_SITE_KEY", None)
41			RECAPTHCA_SITE_URL = getattr(settings, "RECAPTHCA_SITE_URL", None)
42			GOOGLE_OAUTH_2_CLIENT_ID = getattr(settings, "GOOGLE_OAUTH_2_CLIENT_ID", None)
43			GOOGLE_OAUTH_2_JS_URL = getattr(settings, "GOOGLE_OAUTH_2_JS_URL", None)
44			FACEBOOK_APP_ID = getattr(settings, "FACEBOOK_APP_ID", None)
45			FACEBOOK_JS_URL = getattr(settings, "FACEBOOK_JS_URL", None)
46
47			# TODO doesn't work
48			def handler404(request):
49			return HttpResponse("Page not found", content_type='text/plain')
50
51
52			@require_http_methods(['POST'])
53			@validation
54			def validate_email(request):
55			"""
56			POST only, validates email during registration
57			"""
58			utils.check_email(request.POST.get('email'))
59			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
60
61
62			@require_http_methods(['POST'])
63			@login_required_no_redirect(False)
64			@transaction.atomic
65			def upload_file(request):
66			"""
67			POST only, validates email during registration
68			"""
69			logger.debug('Uploading file %s', request.POST)
70			res = []
71			for file in request.FILES:
72			uf = UploadedFile(symbol=file[1], user=request.user, file=request.FILES[file], type_enum=UploadedFile.UploadedFileChoices(file[0]))
73			uf.save()
74			res.append(uf.id)
75			return HttpResponse(json.dumps(res), content_type='application/json')
76
77
78			@require_http_methods(['POST'])
79			@login_required_no_redirect(False)
80			@transaction.atomic
81			def save_room_settings(request):
82			"""
83			POST only, validates email during registration
84			"""
85			logger.debug('save_room_settings request, %s', request.POST)
86			room_id = request.POST['roomId']
87			room_name = request.POST.get('roomName')
88			updated = RoomUsers.objects.filter(room_id=room_id, user_id=request.user.id).update(
89			volume=request.POST['volume'],
90			notifications=request.POST['notifications'] == 'true',
91			)
92			if updated != 1:
93			raise PermissionDenied
94			if room_name is not None:
95			room_name = room_name.strip()
96			if room_name and int(room_id) != settings.ALL_ROOM_ID:
97			Room.objects.filter(id=room_id).update(name = room_name)
98			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
99
100
101			@require_http_methods('GET')
102			@transaction.atomic
103			def get_firebase_playback(request):
104			registration_id = request.META['HTTP_AUTH']
105			logger.debug('Firebase playback, id %s', registration_id)
106			query_sub_message = SubscriptionMessages.objects.filter(subscription__registration_id=registration_id, received=False).order_by('-message__time')[:1]
107			sub_message = query_sub_message[0]
108			SubscriptionMessages.objects.filter(id=sub_message.id).update(received=True)
109			message = Message.objects.select_related("sender__username", "room__name").get(id=sub_message.message_id)
110			data = {
111			'title': message.sender.username,
112			'options': {
113			'body': message.content,
114			'icon': md5url('images/favicon.ico'),
115			'data': {
116			'id': sub_message.message_id,
117			'sender': message.sender.username,
118			'room': message.room.name,
119			'roomId': message.room_id
120			},
121			'requireInteraction': True
122			},
123			}
124			return HttpResponse(json.dumps(data), content_type='application/json')
125
126
127			def test(request):
128			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
129
130
131			@require_http_methods('POST')
132			@login_required_no_redirect(False)
133			@validation
134			def search_messages(request):
135			data = request.POST['data']
136			room_id = request.POST['room']
137			if not RoomUsers.objects.filter(room_id=room_id, user_id=request.user.id).exists():
138			raise ValidationError("You can't access this room")
139			messages = Message.objects.filter(content__icontains=data, room_id=room_id)[:10]
140			imv = get_message_images_videos(messages)
141			result = []
142			for message in messages:
143			files = MessagesCreator.prepare_img_video(imv, message.id)
144			prep_m = MessagesCreator.create_message(message, files)
145			result.append(prep_m)
146			response = json.dumps(result)
147			return HttpResponse(response, content_type='application/json')
148
149
150			@require_http_methods('POST')
151			def register_subscription(request):
152			logger.debug('Subscription request, %s', request)
153			registration_id = request.POST['registration_id']
154			agent = request.POST['agent']
155			is_mobile = request.POST['is_mobile']
156			ip = get_or_create_ip(get_client_ip(request), logger)
157			Subscription.objects.update_or_create(
158			registration_id=registration_id,
159			defaults={
160			'user': request.user,
161			'inactive': False,
162			'updated': datetime.datetime.now(),
163			'agent': agent,
164			'is_mobile': is_mobile == 'true',
165			'ip': ip
166			}
167			)
168			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
169
170			@require_http_methods('POST')
171			@validation
172			def validate_user(request):
173			"""
174			Validates user during registration
175			"""
176			utils.check_user(request.POST.get('username'))
177			# hardcoded ok check in register.js
178			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
179
180
181			def get_service_worker(request): # this stub is only for development, this is replaced in nginx for prod
182			worker = open(os.path.join(settings.STATIC_ROOT, 'js', 'sw.js'), 'rb')
183			response = HttpResponse(content=worker)
184			response['Content-Type'] = 'application/javascript'
185			return response
186
187			@require_http_methods('GET')
188			@login_required_no_redirect(False)
189			def home(request):
190			"""
191			Login or logout navbar is creates by means of create_nav_page
192			@return: the x intercept of the line M{y=m*x+b}.
193			"""
194			context = csrf(request)
195			ip = get_client_ip(request)
196			if not UserJoinedInfo.objects.filter(Q(ip__ip=ip) & Q(user=request.user)).exists():
197			ip_obj = get_or_create_ip(ip, logger)
198			UserJoinedInfo.objects.create(ip=ip_obj, user=request.user)
199			up = UserProfile.objects.defer('suggestions', 'highlight_code', 'embedded_youtube', 'online_change_sound', 'incoming_file_call_sound', 'message_sound', 'theme').get(id=request.user.id)
200			context['suggestions'] = up.suggestions
201			context['highlight_code'] = up.highlight_code
202			context['message_sound'] = up.message_sound
203			context['incoming_file_call_sound'] = up.incoming_file_call_sound
204			context['online_change_sound'] = up.online_change_sound
205			context['theme'] = up.theme
206			context['embedded_youtube'] = up.embedded_youtube
207			context['extensionId'] = settings.EXTENSION_ID
208			context['extensionUrl'] = settings.EXTENSION_INSTALL_URL
209			context['defaultRoomId'] = settings.ALL_ROOM_ID
210			context['manifest'] = hasattr(settings, 'FIREBASE_API_KEY')
211			return render_to_response('chat.html', context, context_instance=RequestContext(request))
212
213
214			@login_required_no_redirect(True)
215			def logout(request):
216			"""
217			POST. Logs out into system.
218			"""
219			registration_id = request.POST.get('registration_id')
220			if registration_id is not None:
221			Subscription.objects.filter(registration_id=registration_id).delete()
222			djangologout(request)
223			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
224
225
226			@require_http_methods(['POST'])
227			def auth(request):
228			"""
229			Logs in into system.
230			"""
231			username = request.POST.get('username')
232			password = request.POST.get('password')
233			user = authenticate(username=username, password=password)
234			if user is not None:
235			djangologin(request, user)
236			message = settings.VALIDATION_IS_OK
237			else:
238			message = 'Login or password is wrong'
239			logger.debug('Auth request %s ; Response: %s', hide_fields(request.POST, ('password',)), message)
240			return HttpResponse(message, content_type='text/plain')
241
242
243			def send_restore_password(request):
244			"""
245			Sends email verification code
246			"""
247			logger.debug('Recover password request %s', request)
248			try:
249			username_or_password = request.POST.get('username_or_password')
250			check_captcha(request)
251			user_profile = UserProfile.objects.get(Q(username=username_or_password) \| Q(email=username_or_password))
252			if not user_profile.email:
253			raise ValidationError("You didn't specify email address for this user")
254			verification = Verification(type_enum=Verification.TypeChoices.password, user_id=user_profile.id)
255			verification.save()
256			send_reset_password_email(request, user_profile, verification)
257			message = settings.VALIDATION_IS_OK
258			logger.debug('Verification email has been send for token %s to user %s(id=%d)',
259			verification.token, user_profile.username, user_profile.id)
260			except UserProfile.DoesNotExist:
261			message = "User with this email or username doesn't exist"
262			logger.debug("Skipping password recovery request for nonexisting user")
263			except (UserProfile.DoesNotExist, ValidationError) as e:
264			logger.debug('Not sending verification email because %s', e)
265			message = 'Unfortunately we were not able to send you restore password email because {}'.format(e)
266			return HttpResponse(message, content_type='text/plain')
267
268
269			@require_http_methods(['GET'])
270			def proceed_email_changed(request):
271			try:
272			with transaction.atomic():
273			token = request.GET['token']
274			logger.debug('Proceed change email with token %s', token)
275			user, verification = utils.get_user_by_code(token, Verification.TypeChoices.email)
276			new_ver = send_new_email_ver(request, user, verification.email)
277			user.email = verification.email
278			user.email_verification = new_ver
279			user.save(update_fields=('email', 'email_verification'))
280			verification.verified = True
281			verification.save(update_fields=('verified',))
282			logger.info('Email has been change for token %s user %s(id=%d)', token, user.username, user.id)
283			return render_to_response(
284			'email_changed.html',
285			{'text': 'Your email has been changed to {}.'.format(verification.email)},
286			context_instance=RequestContext(request)
287			)
288			except Exception as e:
289			return render_to_response(
290			'email_changed.html',
291			{'text': 'Unable to change your email because {}'.format(e.message)}
292			, context_instance=RequestContext(request)
293			)
294
295
296			class RestorePassword(View):
297
298			@transaction.atomic
299			@validation
300			def post(self, request):
301			"""
302			Sends email verification token
303			"""
304			token = request.POST.get('token', False)
305			logger.debug('Proceed Recover password with token %s', token)
306			user, verification = utils.get_user_by_code(token, Verification.TypeChoices.password)
307			password = request.POST.get('password')
308			check_password(password)
309			user.set_password(password)
310			user.save(update_fields=('password',))
311			verification.verified = True
312			verification.save(update_fields=('verified',))
313			logger.info('Password has been change for token %s user %s(id=%d)', token, user.username, user.id)
314			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
315
316			def get(self, request):
317			token = request.GET.get('token', False)
318			logger.debug('Rendering restore password page with token %s', token)
319			try:
320			user = utils.get_user_by_code(token, Verification.TypeChoices.password)[0]
321			response = {
322			'message': settings.VALIDATION_IS_OK,
323			'restore_user': user.username,
324			'token': token
325			}
326			except ValidationError as e:
327			logger.debug('Rejecting verification token %s because %s', token, e)
328			response = {'message': "Unable to confirm email with token {} because {}".format(token, e)}
329			return render_to_response('reset_password.html', response, context_instance=RequestContext(request))
330
331
332			@require_http_methods('GET')
333			def confirm_email(request):
334			"""
335			Accept the verification token sent to email
336			"""
337			token = request.GET.get('token', False)
338			logger.debug('Processing email confirm with token %s', token)
339			try:
340			try:
341			v = Verification.objects.get(token=token)
342			except Verification.DoesNotExist:
343			raise ValidationError('Unknown verification token')
344			if v.type_enum not in (Verification.TypeChoices.register, Verification.TypeChoices.confirm_email):
345			raise ValidationError('This is not confirm email token')
346			if v.verified:
347			raise ValidationError('This verification token already accepted')
348			user = UserProfile.objects.get(id=v.user_id)
349			if user.email_verification_id != v.id:
350			raise ValidationError('Verification token expired because you generated another one')
351			v.verified = True
352			v.save(update_fields=['verified'])
353			message = settings.VALIDATION_IS_OK
354			logger.info('Email verification token %s has been accepted for user %s(id=%d)', token, user.username, user.id)
355			except Exception as e:
356			logger.debug('Rejecting verification token %s because %s', token, e)
357			message = ("Unable to confirm email with token {} because {}".format(token, e))
358			response = {'message': message}
359			return render_to_response('confirm_mail.html', response, context_instance=RequestContext(request))
360
361
362			@require_http_methods('GET')
363			def show_profile(request, profile_id):
364			try:
365			user_profile = UserProfile.objects.get(pk=profile_id)
366			form = UserProfileReadOnlyForm(instance=user_profile)
367			form.username = user_profile.username
368			return render_to_response(
369			'show_profile.html',
370			{'form': form},
371			context_instance=RequestContext(request)
372			)
373			except ObjectDoesNotExist:
374			raise Http404
375
376
377			@require_http_methods('GET')
378			def statistics(request):
379			pie_data = IpAddress.objects.values('country').filter(country__isnull=False).annotate(count=Count("country"))
380			return HttpResponse(json.dumps(list(pie_data)), content_type='application/json')
381
382
383			@login_required_no_redirect()
384			@transaction.atomic
385			def report_issue(request):
386			logger.info('Saving issue: %s', hide_fields(request.POST, ('log',), huge=True))
387			issue_text = request.POST['issue']
388			issue = Issue.objects.get_or_create(content=issue_text)[0]
389			issue_details = IssueDetails(
390			sender_id=request.user.id,
391			browser=request.POST.get('browser'),
392			issue=issue,
393			log=request.POST.get('log')
394			)
395			try:
396			mail_admins("{} reported issue".format(request.user.username), issue_text, fail_silently=True)
397			except Exception as e:
398			logging.error("Failed to send issue email because {}".format(e))
399			issue_details.save()
400			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
401
402
403			class ProfileView(View):
404
405			@login_required_no_redirect()
406			def get(self, request):
407			user_profile = UserProfile.objects.get(pk=request.user.id)
408			form = UserProfileForm(instance=user_profile)
409			c = csrf(request)
410			c['form'] = form
411			c['date_format'] = settings.DATE_INPUT_FORMATS_JS
412			return render_to_response('change_profile.html', c, context_instance=RequestContext(request))
413
414
415			@transaction.atomic
416			@login_required_no_redirect()
417			@validation # should follow after transaciton.atomic, thus ValidationError doesn't rollback
418			def post(self, request):
419			logger.info('Saving profile: %s', hide_fields(request.POST, ("base64_image", ), huge=True))
420			user_profile = UserProfile.objects.get(pk=request.user.id)
421			image_base64 = request.POST.get('base64_image')
422			new_email = request.POST['email']
423			if not new_email:
424			new_email = None
425			if new_email:
426			utils.validate_email(new_email)
427			utils.validate_user(request.POST['username'])
428			if image_base64 is not None:
429			image = extract_photo(image_base64)
430			request.FILES['photo'] = image
431			passwd = request.POST['password']
432			if passwd:
433			if request.user.password:
434			is_valid = authenticate(username=request.user.username, password=request.POST['old_password'])
435			if not is_valid:
436			return HttpResponse("Invalid old password", content_type='text/plain')
437			utils.check_password(passwd)
438			request.POST['password'] = make_password(passwd)
439			form = UserProfileForm(request.POST, request.FILES, instance=user_profile)
440			if form.is_valid():
441			if not passwd:
442			form.instance.password = form.initial['password']
443			if new_email != form.initial['email']:
444			if form.initial['email'] and form.instance.email_verification and form.instance.email_verification.verified:
445			verification = Verification(
446			type_enum=Verification.TypeChoices.email,
447			user_id=user_profile.id,
448			email=new_email
449			)
450			verification.save()
451			send_email_change(request, request.user.username, form.initial['email'], verification, new_email)
452			raise ValidationError("In order to change an email please confirm it from you current address. We send you an verification email to {}.".format(form.initial['email']))
453			if new_email:
454			new_ver = send_new_email_ver(request, request.user, new_email)
455			form.instance.email_verification = new_ver
456			profile = form.save()
457			if passwd and form.initial['email']:
458			send_password_changed(request, form.initial['email'])
459			response = profile. photo.url if 'photo' in request.FILES else settings.VALIDATION_IS_OK
460			else:
461			response = form.errors
462			return HttpResponse(response, content_type='text/plain')
463
464
465			class RegisterView(View):
466
467			def get(self, request):
468			logger.debug(
469			'Rendering register page with captcha site key %s and oauth key %s',
470			RECAPTCHA_SITE_KEY, GOOGLE_OAUTH_2_CLIENT_ID
471			)
472			c = csrf(request)
473			c['captcha_key'] = RECAPTCHA_SITE_KEY
474			c['captcha_url'] = RECAPTHCA_SITE_URL
475			c['oauth_url'] = GOOGLE_OAUTH_2_JS_URL
476			c['oauth_token'] = GOOGLE_OAUTH_2_CLIENT_ID
477			c['fb_app_id'] = FACEBOOK_APP_ID
478			c['fb_js_url'] = FACEBOOK_JS_URL
479			return render_to_response("register.html", c, context_instance=RequestContext(request))
480
481			@transaction.atomic
482			@validation
483			def post(self, request):
484			rp = request.POST
485			logger.info('Got register request %s', hide_fields(rp, ('password', 'repeatpassword')))
486			(username, password, email) = (rp.get('username'), rp.get('password'), rp.get('email'))
487			check_user(username)
488			check_password(password)
489			check_email(email)
490			user_profile = UserProfile(username=username, email=email, sex_str=rp.get('sex'))
491			user_profile.set_password(password)
492			create_user_model(user_profile)
493			# You must call authenticate before you can call login
494			auth_user = authenticate(username=username, password=password)
495			if email:
496			send_sign_up_email(user_profile, request.get_host(), request)
497			djangologin(request, auth_user)
498			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
499

Deathangel908 / pychat

Push — master ( cd5ef7...1da252 )

upload_file() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like