Upgrades
[redakcja.git] / src / documents / views.py
1 # This file is part of FNP-Redakcja, licensed under GNU Affero GPLv3 or later.
2 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
3 #
4 from collections import defaultdict
5 from datetime import datetime, date, timedelta
6 import logging
7 import os
8 from urllib.parse import quote_plus, unquote, urlsplit, urlunsplit
9
10 from django.conf import settings
11 from django.contrib import auth
12 from django.contrib.auth.models import User
13 from django.contrib.auth.decorators import login_required, permission_required
14 from django.urls import reverse
15 from django.db.models import Count, Q
16 from django.db import transaction
17 from django import http
18 from django.http import Http404, HttpResponse, HttpResponseForbidden
19 from django.http.response import HttpResponseRedirect
20 from django.shortcuts import get_object_or_404, render
21 from django.utils.encoding import iri_to_uri
22 from django.utils.translation import gettext_lazy as _
23 from django.views.decorators.http import require_POST
24 from django_cas_ng.decorators import user_passes_test
25
26 from apiclient import NotAuthorizedError
27 from . import forms
28 from . import helpers
29 from .helpers import active_tab
30 from .models import (Book, Chunk, Image, BookPublishRecord, 
31         ChunkPublishRecord, ImagePublishRecord, Project)
32 from fileupload.views import UploadView
33
34 #
35 # Quick hack around caching problems, TODO: use ETags
36 #
37 from django.views.decorators.cache import never_cache
38
39 logger = logging.getLogger("fnp.documents")
40
41
42 @active_tab('all')
43 @never_cache
44 def document_list(request):
45     return render(request, 'documents/document_list.html')
46
47
48 @active_tab('images')
49 @never_cache
50 def image_list(request, user=None):
51     return render(request, 'documents/image_list.html')
52
53
54 @never_cache
55 def user(request, username):
56     user = get_object_or_404(User, username=username)
57     return render(request, 'documents/user_page.html', {"viewed_user": user})
58
59
60 @login_required
61 @active_tab('my')
62 @never_cache
63 def my(request):
64     last_books = sorted(request.session.get("wiki_last_books", {}).items(),
65         key=lambda x: x[1]['time'], reverse=True)
66     for k, v in last_books:
67         v['time'] = datetime.fromtimestamp(v['time'])
68     return render(request, 'documents/my_page.html', {
69         'last_books': last_books,
70         "logout_to": '/',
71         })
72
73
74 @active_tab('users')
75 def users(request):
76     return render(request, 'documents/user_list.html', {
77         'users': User.objects.all().annotate(count=Count('chunk')).order_by(
78             '-count', 'last_name', 'first_name'),
79     })
80
81
82 @active_tab('activity')
83 def activity(request, isodate=None):
84     today = date.today()
85     try:
86         day = helpers.parse_isodate(isodate)
87     except ValueError:
88         day = today
89
90     if day > today:
91         raise Http404
92     if day != today:
93         next_day = day + timedelta(1)
94     prev_day = day - timedelta(1)
95
96     return render(request, 'documents/activity.html', locals())
97
98
99 @never_cache
100 def logout_then_redirect(request):
101     auth.logout(request)
102     return http.HttpResponseRedirect(quote_plus(request.GET.get('next', '/'), safe='/?='))
103
104
105 @permission_required('documents.add_book')
106 @active_tab('create')
107 def create_missing(request, slug=None):
108     if slug is None:
109         slug = ''
110     slug = slug.replace(' ', '-')
111
112     if request.method == "POST":
113         form = forms.DocumentCreateForm(request.POST, request.FILES)
114         if form.is_valid():
115             
116             if request.user.is_authenticated:
117                 creator = request.user
118             else:
119                 creator = None
120             book = Book.create(
121                 text=form.cleaned_data['text'],
122                 creator=creator,
123                 slug=form.cleaned_data['slug'],
124                 title=form.cleaned_data['title'],
125                 gallery=form.cleaned_data['gallery'],
126             )
127
128             return http.HttpResponseRedirect(reverse("documents_book", args=[book.slug]))
129     else:
130         form = forms.DocumentCreateForm(initial={
131                 "slug": slug,
132                 "title": slug.replace('-', ' ').title(),
133                 "gallery": slug,
134         })
135
136     return render(request, "documents/document_create_missing.html", {
137         "slug": slug,
138         "form": form,
139
140         "logout_to": '/',
141     })
142
143
144 @permission_required('documents.add_book')
145 @active_tab('upload')
146 def upload(request):
147     if request.method == "POST":
148         form = forms.DocumentsUploadForm(request.POST, request.FILES)
149         if form.is_valid():
150             from slugify import slugify
151
152             if request.user.is_authenticated:
153                 creator = request.user
154             else:
155                 creator = None
156
157             zip = form.cleaned_data['zip']
158             skipped_list = []
159             ok_list = []
160             error_list = []
161             slugs = {}
162             existing = [book.slug for book in Book.objects.all()]
163             for filename in zip.namelist():
164                 if filename[-1] == '/':
165                     continue
166                 title = os.path.basename(filename)[:-4]
167                 slug = slugify(title)
168                 if not (slug and filename.endswith('.xml')):
169                     skipped_list.append(filename)
170                 elif slug in slugs:
171                     error_list.append((filename, slug, _('Slug already used for %s' % slugs[slug])))
172                 elif slug in existing:
173                     error_list.append((filename, slug, _('Slug already used in repository.')))
174                 else:
175                     try:
176                         zip.read(filename).decode('utf-8') # test read
177                         ok_list.append((filename, slug, title))
178                     except UnicodeDecodeError:
179                         error_list.append((filename, title, _('File should be UTF-8 encoded.')))
180                     slugs[slug] = filename
181
182             if not error_list:
183                 for filename, slug, title in ok_list:
184                     book = Book.create(
185                         text=zip.read(filename).decode('utf-8'),
186                         creator=creator,
187                         slug=slug,
188                         title=title,
189                     )
190
191             return render(request, "documents/document_upload.html", {
192                 "form": form,
193                 "ok_list": ok_list,
194                 "skipped_list": skipped_list,
195                 "error_list": error_list,
196
197                 "logout_to": '/',
198             })
199     else:
200         form = forms.DocumentsUploadForm()
201
202     return render(request, "documents/document_upload.html", {
203         "form": form,
204
205         "logout_to": '/',
206     })
207
208
209 def serve_xml(request, book, slug):
210     if not book.accessible(request):
211         return HttpResponseForbidden("Not authorized.")
212     xml = book.materialize(publishable=True)
213     response = http.HttpResponse(xml, content_type='application/xml')
214     response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug
215     return response
216
217
218 @never_cache
219 def book_xml(request, slug):
220     book = get_object_or_404(Book, slug=slug)
221     return serve_xml(request, book, slug)
222
223
224 @never_cache
225 def book_xml_dc(request, slug):
226     book = get_object_or_404(Book, catalogue_book_id=slug)
227     return serve_xml(request, book, slug)
228
229
230 @never_cache
231 def book_txt(request, slug):
232     book = get_object_or_404(Book, slug=slug)
233     if not book.accessible(request):
234         return HttpResponseForbidden("Not authorized.")
235
236     doc = book.wldocument()
237     text = doc.as_text().get_bytes()
238     response = http.HttpResponse(text, content_type='text/plain')
239     response['Content-Disposition'] = 'attachment; filename=%s.txt' % slug
240     return response
241
242
243 @never_cache
244 def book_html(request, slug):
245     book = get_object_or_404(Book, slug=slug)
246     if not book.accessible(request):
247         return HttpResponseForbidden("Not authorized.")
248
249     doc = book.wldocument(parse_dublincore=False)
250     html = doc.as_html(options={'gallery': "'%s'" % book.gallery_url()})
251
252     html = html.get_bytes().decode('utf-8') if html is not None else ''
253     # response = http.HttpResponse(html, content_type='text/html')
254     # return response
255     # book_themes = {}
256     # for fragment in book.fragments.all().iterator():
257     #     for theme in fragment.tags.filter(category='theme').iterator():
258     #         book_themes.setdefault(theme, []).append(fragment)
259
260     # book_themes = book_themes.items()
261     # book_themes.sort(key=lambda s: s[0].sort_key)
262     return render(request, 'documents/book_text.html', locals())
263
264
265 @login_required
266 @never_cache
267 def book_pdf(request, slug, mobile=False):
268     book = get_object_or_404(Book, slug=slug)
269     if not book.accessible(request):
270         return HttpResponseForbidden("Not authorized.")
271
272     # TODO: move to celery
273     doc = book.wldocument()
274     # TODO: error handling
275     customizations = ['26pt', 'nothemes', 'nomargins', 'notoc'] if mobile else None
276     pdf_file = doc.as_pdf(cover=True, base_url=request.build_absolute_uri(book.gallery_path()), customizations=customizations)
277     from .ebook_utils import serve_file
278     return serve_file(pdf_file.get_filename(),
279                 book.slug + '.pdf', 'application/pdf')
280
281
282 @login_required
283 @never_cache
284 def book_epub(request, slug):
285     book = get_object_or_404(Book, slug=slug)
286     if not book.accessible(request):
287         return HttpResponseForbidden("Not authorized.")
288
289     # TODO: move to celery
290     doc = book.wldocument()
291     # TODO: error handling
292
293     #### Problemas: images in children.
294     epub = doc.as_epub(base_url='file://' + book.gallery_path() + '/').get_bytes()
295     response = HttpResponse(content_type='application/epub+zip')
296     response['Content-Disposition'] = 'attachment; filename=%s' % book.slug + '.epub'
297     response.write(epub)
298     return response
299
300
301 @login_required
302 @never_cache
303 def book_mobi(request, slug):
304     book = get_object_or_404(Book, slug=slug)
305     if not book.accessible(request):
306         return HttpResponseForbidden("Not authorized.")
307
308     # TODO: move to celery
309     doc = book.wldocument()
310     # TODO: error handling
311     mobi = doc.as_mobi(base_url='file://' + book.gallery_path() + '/').get_bytes()
312     response = HttpResponse(content_type='application/x-mobipocket-ebook')
313     response['Content-Disposition'] = 'attachment; filename=%s' % book.slug + '.mobi'
314     response.write(mobi)
315     return response
316
317
318 @never_cache
319 def revision(request, slug, chunk=None):
320     try:
321         doc = Chunk.get(slug, chunk)
322     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
323         raise Http404
324     if not doc.book.accessible(request):
325         return HttpResponseForbidden("Not authorized.")
326     return http.HttpResponse(str(doc.revision()))
327
328
329 def book(request, slug):
330     book = get_object_or_404(Book, slug=slug)
331     if not book.accessible(request):
332         return HttpResponseForbidden("Not authorized.")
333
334     if request.user.has_perm('documents.change_book'):
335         if request.method == "POST":
336             form = forms.BookForm(request.POST, instance=book)
337             if form.is_valid():
338                 form.save()
339                 return http.HttpResponseRedirect(book.get_absolute_url())
340         else:
341             form = forms.BookForm(instance=book)
342         publish_options_form = forms.PublishOptionsForm()
343         editable = True
344     else:
345         form = forms.ReadonlyBookForm(instance=book)
346         publish_options_form = forms.PublishOptionsForm()
347         editable = False
348
349     publish_error = book.publishable_error()
350     publishable = publish_error is None
351
352     try:
353         doc = book.wldocument()
354     except:
355         doc = None
356     
357     return render(request, "documents/book_detail.html", {
358         "book": book,
359         "doc": doc,
360         "publishable": publishable,
361         "publishable_error": publish_error,
362         "form": form,
363         "publish_options_form": publish_options_form,
364         "editable": editable,
365     })
366
367
368 def image(request, slug):
369     image = get_object_or_404(Image, slug=slug)
370     if not image.accessible(request):
371         return HttpResponseForbidden("Not authorized.")
372
373     if request.user.has_perm('documents.change_image'):
374         if request.method == "POST":
375             form = forms.ImageForm(request.POST, instance=image)
376             if form.is_valid():
377                 form.save()
378                 return http.HttpResponseRedirect(image.get_absolute_url())
379         else:
380             form = forms.ImageForm(instance=image)
381         editable = True
382     else:
383         form = forms.ReadonlyImageForm(instance=image)
384         editable = False
385
386     publish_error = image.publishable_error()
387     publishable = publish_error is None
388
389     return render(request, "documents/image_detail.html", {
390         "object": image,
391         "publishable": publishable,
392         "publishable_error": publish_error,
393         "form": form,
394         "editable": editable,
395     })
396
397
398 @permission_required('documents.add_chunk')
399 def chunk_add(request, slug, chunk):
400     try:
401         doc = Chunk.get(slug, chunk)
402     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
403         raise Http404
404     if not doc.book.accessible(request):
405         return HttpResponseForbidden("Not authorized.")
406
407     if request.method == "POST":
408         form = forms.ChunkAddForm(request.POST, instance=doc)
409         if form.is_valid():
410             if request.user.is_authenticated:
411                 creator = request.user
412             else:
413                 creator = None
414             doc.split(creator=creator,
415                 slug=form.cleaned_data['slug'],
416                 title=form.cleaned_data['title'],
417                 gallery_start=form.cleaned_data['gallery_start'],
418                 user=form.cleaned_data['user'],
419                 stage=form.cleaned_data['stage']
420             )
421
422             return http.HttpResponseRedirect(doc.book.get_absolute_url())
423     else:
424         form = forms.ChunkAddForm(initial={
425                 "slug": str(doc.number + 1),
426                 "title": "cz. %d" % (doc.number + 1, ),
427         })
428
429     return render(request, "documents/chunk_add.html", {
430         "chunk": doc,
431         "form": form,
432     })
433
434
435 @login_required
436 def chunk_edit(request, slug, chunk):
437     try:
438         doc = Chunk.get(slug, chunk)
439     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
440         raise Http404
441     if not doc.book.accessible(request):
442         return HttpResponseForbidden("Not authorized.")
443
444     if request.method == "POST":
445         form = forms.ChunkForm(request.POST, instance=doc)
446         if form.is_valid():
447             form.save()
448             go_next = request.GET.get('next', None)
449             if go_next:
450                 go_next = quote_plus(unquote(iri_to_uri(go_next)), safe='/?=&')
451             else:
452                 go_next = doc.book.get_absolute_url()
453             return http.HttpResponseRedirect(go_next)
454     else:
455         form = forms.ChunkForm(instance=doc)
456
457     referer = request.META.get('HTTP_REFERER')
458     if referer:
459         parts = urlsplit(referer)
460         parts = ['', ''] + list(parts[2:])
461         go_next = quote_plus(urlunsplit(parts))
462     else:
463         go_next = ''
464
465     return render(request, "documents/chunk_edit.html", {
466         "chunk": doc,
467         "form": form,
468         "go_next": go_next,
469     })
470
471
472 @transaction.atomic
473 @login_required
474 @require_POST
475 def chunk_mass_edit(request):
476     ids = [int(i) for i in request.POST.get('ids').split(',') if i.strip()]
477     chunks = list(Chunk.objects.filter(id__in=ids))
478     
479     stage = request.POST.get('stage')
480     if stage:
481         try:
482             stage = Chunk.tag_model.objects.get(slug=stage)
483         except Chunk.DoesNotExist as e:
484             stage = None
485        
486         for c in chunks: c.stage = stage
487
488     username = request.POST.get('user')
489     logger.info("username: %s" % username)
490     logger.info(request.POST)
491     if username:
492         try:
493             user = User.objects.get(username=username)
494         except User.DoesNotExist as e:
495             user = None
496             
497         for c in chunks: c.user = user
498
499     project_id = request.POST.get('project')
500     if project_id:
501         try:
502             project = Project.objects.get(pk=int(project_id))
503         except (Project.DoesNotExist, ValueError) as e:
504             project = None
505         for c in chunks:
506             book = c.book
507             book.project = project
508             book.save()
509
510     for c in chunks: c.save()
511
512     return HttpResponse("", content_type="text/plain")
513
514
515 @transaction.atomic
516 @login_required
517 @require_POST
518 def image_mass_edit(request):
519     ids = map(int, filter(lambda i: i.strip()!='', request.POST.get('ids').split(',')))
520     images = map(lambda i: Image.objects.get(id=i), ids)
521     
522     stage = request.POST.get('stage')
523     if stage:
524         try:
525             stage = Image.tag_model.objects.get(slug=stage)
526         except Image.DoesNotExist as e:
527             stage = None
528        
529         for c in images: c.stage = stage
530
531     username = request.POST.get('user')
532     logger.info("username: %s" % username)
533     logger.info(request.POST)
534     if username:
535         try:
536             user = User.objects.get(username=username)
537         except User.DoesNotExist as e:
538             user = None
539             
540         for c in images: c.user = user
541
542     project_id = request.POST.get('project')
543     if project_id:
544         try:
545             project = Project.objects.get(pk=int(project_id))
546         except (Project.DoesNotExist, ValueError) as e:
547             project = None
548         for c in images:
549             c.project = project
550
551     for c in images: c.save()
552
553     return HttpResponse("", content_type="text/plain")
554
555
556 @permission_required('documents.change_book')
557 def book_append(request, slug):
558     book = get_object_or_404(Book, slug=slug)
559     if not book.accessible(request):
560         return HttpResponseForbidden("Not authorized.")
561
562     if request.method == "POST":
563         form = forms.BookAppendForm(book, request.POST)
564         if form.is_valid():
565             append_to = form.cleaned_data['append_to']
566             append_to.append(book)
567             return http.HttpResponseRedirect(append_to.get_absolute_url())
568     else:
569         form = forms.BookAppendForm(book)
570     return render(request, "documents/book_append_to.html", {
571         "book": book,
572         "form": form,
573
574         "logout_to": '/',
575     })
576
577
578 @require_POST
579 @login_required
580 def publish(request, slug):
581     form = forms.PublishOptionsForm(request.POST)
582     if form.is_valid():
583         days = form.cleaned_data['days']
584         beta = form.cleaned_data['beta']
585         hidden = form.cleaned_data['hidden']
586     else:
587         days = 0
588         beta = False
589         hidden = False
590     book = get_object_or_404(Book, slug=slug)
591     if not book.accessible(request):
592         return HttpResponseForbidden("Not authorized.")
593
594     try:
595         protocol = 'https://' if request.is_secure() else 'http://'
596         book.publish(request.user, host=protocol + request.get_host(), days=days, beta=beta, hidden=hidden)
597     except NotAuthorizedError:
598         return http.HttpResponseRedirect(reverse('apiclient_oauth' if not beta else 'apiclient_beta_oauth'))
599     except BaseException as e:
600         return http.HttpResponse(repr(e))
601     else:
602         return http.HttpResponseRedirect(book.get_absolute_url())
603
604
605 @require_POST
606 @login_required
607 def publish_image(request, slug):
608     image = get_object_or_404(Image, slug=slug)
609     if not image.accessible(request):
610         return HttpResponseForbidden("Not authorized.")
611
612     try:
613         image.publish(request.user)
614     except NotAuthorizedError:
615         return http.HttpResponseRedirect(reverse('apiclient_oauth'))
616     except BaseException as e:
617         return http.HttpResponse(e)
618     else:
619         return http.HttpResponseRedirect(image.get_absolute_url())
620
621
622 class GalleryView(UploadView):
623     def get_object(self, request, slug):
624         book = get_object_or_404(Book, slug=slug)
625         if not book.gallery:
626             raise Http404
627         return book
628
629     def breadcrumbs(self):
630         return [
631             (_('books'), reverse('documents_document_list')),
632             (self.object.title, self.object.get_absolute_url()),
633             (_('scan gallery'),),
634         ]
635
636     def get_directory(self):
637         return "%s%s/" % (settings.IMAGE_DIR, self.object.gallery)
638
639
640 def active_users_list(request, csv=False):
641     year = int(request.GET.get('y', date.today().year))
642     by_user = defaultdict(lambda: 0)
643     by_email = defaultdict(lambda: 0)
644     names_by_email = defaultdict(set)
645     for change_model in (Chunk.change_model, Image.change_model):
646         for c in change_model.objects.filter(
647                 created_at__year=year).order_by(
648                 'author', 'author_email', 'author_name').values(
649                 'author', 'author_name', 'author_email').annotate(
650                 c=Count('author'), ce=Count('author_email')).distinct():
651             if c['author']:
652                 by_user[c['author']] += c['c']
653             else:
654                 by_email[c['author_email']] += c['ce']
655                 if (c['author_name'] or '').strip():
656                     names_by_email[c['author_email']].add(c['author_name'])
657     for user in User.objects.filter(pk__in=by_user):
658         by_email[user.email] += by_user[user.pk]
659         names_by_email[user.email].add("%s %s" % (user.first_name, user.last_name))
660
661     active_users = []
662     for email, count in by_email.items():
663         active_users.append((email, names_by_email[email], count))
664     active_users.sort(key=lambda x: -x[2])
665     if csv:
666         return http.HttpResponse(
667             '\n'.join((
668                 ','.join(
669                     (str(x[2]), x[0], ','.join(x[1]))
670                 )
671                 for x in active_users
672             )),
673             content_type='text/csv',
674             headers={
675                 'Content-Disposition': f'attachment; filename=redakcja-{year}.csv',
676             }
677         )
678     else:
679         return render(request, 'documents/active_users_list.html', {
680             'users': active_users,
681             'year': year,
682         })
683
684
685 @user_passes_test(lambda u: u.is_superuser)
686 def mark_final(request):
687     if request.method == 'POST':
688         form = forms.MarkFinalForm(data=request.POST)
689         if form.is_valid():
690             form.save()
691             return HttpResponseRedirect(reverse('mark_final_completed'))
692     else:
693         form = forms.MarkFinalForm()
694     return render(request, 'documents/mark_final.html', {'form': form})
695
696
697 def mark_final_completed(request):
698     return render(request, 'documents/mark_final_completed.html')