[redakcja.git] / src / wiki / views.py

# This file is part of FNP-Redakcja, licensed under GNU Affero GPLv3 or later.
# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
#
from datetime import datetime
import json
import os
import logging
from time import mktime
from urllib.parse import quote

from django.apps import apps
from django.conf import settings
from django.urls import reverse
from django import http
from django.http import Http404, HttpResponse, HttpResponseForbidden, HttpResponseBadRequest
from django.middleware.gzip import GZipMiddleware
from django.utils.decorators import decorator_from_middleware
from django.utils.formats import localize
from django.utils.translation import gettext as _
from django.views.decorators.http import require_POST, require_GET
from django.shortcuts import get_object_or_404, render
from sorl.thumbnail import get_thumbnail

from documents.models import Book, Chunk
import sources.models
from . import nice_diff
from wiki import forms
from wiki.helpers import (JSONResponse, JSONFormInvalid, JSONServerError,
                ajax_require_permission)
from wiki.models import Theme

#
# Quick hack around caching problems, TODO: use ETags
#
from django.views.decorators.cache import never_cache

logger = logging.getLogger("fnp.wiki")

MAX_LAST_DOCS = 10


class HttpResponseLengthRequired(HttpResponse):
    status_code = 411


@never_cache
def editor(request, slug, chunk=None, template_name='wiki/document_details.html'):
    try:
        chunk = Chunk.get(slug, chunk)
    except Chunk.MultipleObjectsReturned:
        # TODO: choice page
        raise Http404
    except Chunk.DoesNotExist:
        if chunk is None:
            try:
                book = Book.objects.get(slug=slug)
            except Book.DoesNotExist:
                return http.HttpResponseRedirect(reverse("documents_create_missing", args=[slug]))
        else:
            raise Http404
    if not chunk.book.accessible(request):
        return HttpResponseForbidden("Not authorized.")

    access_time = datetime.now()
    last_books = request.session.get("wiki_last_books", {})
    last_books[reverse(editor, args=[chunk.book.slug, chunk.slug])] = {
        'time': mktime(access_time.timetuple()),
        'title': chunk.pretty_name(),
        }

    if len(last_books) > MAX_LAST_DOCS:
        oldest_key = min(last_books, key=lambda x: last_books[x]['time'])
        del last_books[oldest_key]
    request.session['wiki_last_books'] = last_books

    return render(request, template_name, {
        'chunk': chunk,
        'forms': {
            "text_save": forms.DocumentTextSaveForm(user=request.user, prefix="textsave"),
            "text_revert": forms.DocumentTextRevertForm(prefix="textrevert"),
            "pubmark": forms.DocumentPubmarkForm(prefix="pubmark"),
        },
        'can_pubmark': request.user.has_perm('documents.can_pubmark'),
        'REDMINE_URL': settings.REDMINE_URL,
    })


def editor_user_area(request):
    return render(request, 'wiki/editor-user-area.html', {
        'forms': {
            "text_save": forms.DocumentTextSaveForm(user=request.user, prefix="textsave"),
            "text_revert": forms.DocumentTextRevertForm(prefix="textrevert"),
            "pubmark": forms.DocumentPubmarkForm(prefix="pubmark"),
        },
        'can_pubmark': request.user.has_perm('documents.can_pubmark'),
    })


@require_GET
def editor_readonly(request, slug, chunk=None, template_name='wiki/document_details_readonly.html'):
    try:
        chunk = Chunk.get(slug, chunk)
        revision = request.GET['revision']
    except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist, KeyError):
        raise Http404
    if not chunk.book.accessible(request):
        return HttpResponseForbidden("Not authorized.")

    access_time = datetime.now()
    last_books = request.session.get("wiki_last_books", {})
    last_books[slug, chunk.slug] = {
        'time': mktime(access_time.timetuple()),
        'title': chunk.book.title,
        }

    if len(last_books) > MAX_LAST_DOCS:
        oldest_key = min(last_books, key=lambda x: last_books[x]['time'])
        del last_books[oldest_key]
    request.session['wiki_last_books'] = last_books

    return render(request, template_name, {
        'chunk': chunk,
        'revision': revision,
        'readonly': True,
        'REDMINE_URL': settings.REDMINE_URL,
    })


@never_cache
@decorator_from_middleware(GZipMiddleware)
def text(request, chunk_id):
    doc = get_object_or_404(Chunk, pk=chunk_id)
    if not doc.book.accessible(request):
        return HttpResponseForbidden("Not authorized.")

    if request.method == 'POST':
        # Check length to reject broken request.
        try:
            expected_cl = int(request.META['CONTENT_LENGTH'])
        except:
            return HttpResponseLengthRequired(json.dumps(
                {"__message": _("Content length required.")}
            ))
        # 411 if missing
        cl = len(request.body)
        if cl != expected_cl:
            return HttpResponseBadRequest(json.dumps(
                {"__message": _("Wrong content length, request probably interrupted.")}
            ))

        form = forms.DocumentTextSaveForm(request.POST, user=request.user, prefix="textsave")
        if form.is_valid():
            if request.user.is_authenticated:
                author = request.user
            else:
                author = None
            text = form.cleaned_data['text']
            parent_revision = form.cleaned_data['parent_revision']
            if parent_revision is not None:
                parent = doc.at_revision(parent_revision)
            else:
                parent = None
            stage = form.cleaned_data['stage_completed']
            tags = [stage] if stage else []
            publishable = (form.cleaned_data['publishable'] and
                    request.user.has_perm('documents.can_pubmark'))
            doc.commit(author=author,
                       text=text,
                       parent=parent,
                       description=form.cleaned_data['comment'],
                       tags=tags,
                       author_name=form.cleaned_data['author_name'],
                       author_email=form.cleaned_data['author_email'],
                       publishable=publishable,
                       )
            revision = doc.revision()
            return JSONResponse({
                'text': doc.materialize() if parent_revision != revision else None,
                'meta': {},
                'revision': revision,
            })
        else:
            return JSONFormInvalid(form)
    else:
        revision = request.GET.get("revision", None)
        
        try:
            revision = int(revision)
        except (ValueError, TypeError):
            revision = doc.revision()

        if revision is not None:
            text = doc.at_revision(revision).materialize()
        else:
            text = ''

        return JSONResponse({
            'text': text,
            'meta': {},
            'revision': revision,
        })


@never_cache
@require_POST
def revert(request, chunk_id):
    form = forms.DocumentTextRevertForm(request.POST, prefix="textrevert")
    if form.is_valid():
        doc = get_object_or_404(Chunk, pk=chunk_id)
        if not doc.book.accessible(request):
            return HttpResponseForbidden("Not authorized.")

        revision = form.cleaned_data['revision']

        comment = form.cleaned_data['comment']
        comment += "\n#revert to %s" % revision

        if request.user.is_authenticated:
            author = request.user
        else:
            author = None

        before = doc.revision()
        logger.info("Reverting %s to %s", chunk_id, revision)
        doc.at_revision(revision).revert(author=author, description=comment)

        return JSONResponse({
            'text': doc.materialize() if before != doc.revision() else None,
            'meta': {},
            'revision': doc.revision(),
        })
    else:
        return JSONFormInvalid(form)


@never_cache
def gallery(request, directory):
    try:
        base_url = ''.join((
                        settings.MEDIA_URL,
                        settings.IMAGE_DIR,
                        directory))

        base_dir = os.path.join(
                    settings.MEDIA_ROOT,
                    settings.IMAGE_DIR,
                    directory)

        def map_to_url(filename):
            return quote(("%s/%s" % (base_url, filename)))

        def is_image(filename):
            return os.path.splitext(filename)[1].lower() in (u'.jpg', u'.jpeg', u'.png')

        books = Book.objects.filter(gallery=directory)

        if not all(book.public for book in books) and not request.user.is_authenticated:
            return HttpResponseForbidden("Not authorized.")

        images = [
            {
                "url": map_to_url(f),
                "thumb": get_thumbnail(os.path.join(base_dir, f), '120x120').url
            } for f in sorted(os.listdir(base_dir)) if is_image(f)
        ]

        return JSONResponse(images)
    except (IndexError, OSError):
        logger.exception("Unable to fetch gallery")
        raise http.Http404


@never_cache
def scans_list(request, pks):
    pks = pks.split(',')
    bss = [
        get_object_or_404(sources.models.BookSource, pk=pk)
        for pk in pks
    ]
    def map_to_url(filename):
        return quote(("%s/%s" % (settings.MEDIA_URL, filename)))
    images = []
    for bs in bss:
        images.extend([
            {
                "url": map_to_url(f),
            } for f in bs.get_view_files()
        ])
    return JSONResponse(images)


@never_cache
def diff(request, chunk_id):
    revA = int(request.GET.get('from', 0))
    revB = int(request.GET.get('to', 0))

    if revA > revB:
        revA, revB = revB, revA

    if revB == 0:
        revB = None

    doc = get_object_or_404(Chunk, pk=chunk_id)
    if not doc.book.accessible(request):
        return HttpResponseForbidden("Not authorized.")

    # allow diff from the beginning
    if revA:
        docA = doc.at_revision(revA).materialize()
    else:
        docA = ""
    docB = doc.at_revision(revB).materialize()

    return http.HttpResponse(nice_diff.html_diff_table(docA.splitlines(),
                                         docB.splitlines(), context=3))


@never_cache
def revision(request, chunk_id):
    doc = get_object_or_404(Chunk, pk=chunk_id)
    if not doc.book.accessible(request):
        return HttpResponseForbidden("Not authorized.")
    Presence = apps.get_model('team', 'Presence')
    Presence.report(request.user, doc, request.GET.get('a') == 'true')
    return http.HttpResponse(str(doc.revision()))


@never_cache
def history(request, chunk_id):
    # TODO: pagination
    doc = get_object_or_404(Chunk, pk=chunk_id)
    if not doc.book.accessible(request):
        return HttpResponseForbidden("Not authorized.")

    history = doc.history()
    try:
        before = int(request.GET.get('before'))
    except:
        pass
    else:
        history = history.filter(revision__lt=before)
    changes = []
    for change in history.reverse()[:20]:
        changes.append({
                "version": change.revision,
                "description": change.description,
                "author": change.author_str(),
                "date": localize(change.created_at),
                "publishable": change.publishable,
                "tag": ',\n'.join(str(tag) for tag in change.tags.all()),
                "published": _("Published") + ": " + \
                    localize(change.publish_log.order_by('-book_record__timestamp')[0].book_record.timestamp) \
                    if change.publish_log.exists() else "",
            })
    return JSONResponse(changes)


@require_POST
@ajax_require_permission('documents.can_pubmark')
def pubmark(request, chunk_id):
    form = forms.DocumentPubmarkForm(request.POST, prefix="pubmark")
    if form.is_valid():
        doc = get_object_or_404(Chunk, pk=chunk_id)
        if not doc.book.accessible(request):
            return HttpResponseForbidden("Not authorized.")

        revision = form.cleaned_data['revision']
        publishable = form.cleaned_data['publishable']
        change = doc.at_revision(revision)
        if publishable != change.publishable:
            change.set_publishable(publishable)
            return JSONResponse({"message": _("Revision marked")})
        else:
            return JSONResponse({"message": _("Nothing changed")})
    else:
        return JSONFormInvalid(form)


@require_POST
@ajax_require_permission('documents.book_edit')
def set_gallery(request, chunk_id):
    doc = get_object_or_404(Chunk, pk=chunk_id)
    book = doc.book
    book.gallery = request.POST['gallery']
    book.save(update_fields=['gallery'])
    return JSONResponse({})

@require_POST
@ajax_require_permission('documents.chunk_edit')
def set_gallery_start(request, chunk_id):
    doc = get_object_or_404(Chunk, pk=chunk_id)
    doc.gallery_start = request.POST['start']
    doc.save(update_fields=['gallery_start'])
    return JSONResponse({})

@ajax_require_permission('documents.chunk_edit')
def galleries(request):
    return JSONResponse(
        sorted(
            os.listdir(
                os.path.join(
                    settings.MEDIA_ROOT,
                    settings.IMAGE_DIR,
                )
            )
        )
    )

def themes(request):
    prefix = request.GET.get('q', '')
    return http.HttpResponse('\n'.join([str(t) for t in Theme.objects.filter(name__istartswith=prefix)]))


def back(request):
    return render(request, 'wiki/back.html')