Request validation fix.
[wolnelektury.git] / src / wolnelektury / utils.py
index 9717070..b0b9726 100644 (file)
@@ -1,19 +1,27 @@
-# -*- coding: utf-8 -*-
 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
+import codecs
+import csv
+from functools import wraps
+from inspect import getargspec
+from io import BytesIO
 import json
 import os
-from functools import wraps
-
 import pytz
-from inspect import getargspec
+import re
 
+from django.conf import settings
+from django.core.cache import cache
+from django.core.mail import send_mail
 from django.http import HttpResponse
-from django.template import RequestContext
 from django.template.loader import render_to_string
 from django.utils import timezone
+from django.utils.translation import get_language
 from django.conf import settings
+from django.utils.safestring import mark_safe
+from django.utils.translation import ugettext
+
 
 tz = pytz.timezone(settings.TIME_ZONE)
 
@@ -35,7 +43,7 @@ def makedirs(path):
 
 def stringify_keys(dictionary):
     return dict((keyword.encode('ascii'), value)
-                for keyword, value in dictionary.iteritems())
+                for keyword, value in dictionary.items())
 
 
 def json_encode(obj, sort_keys=True, ensure_ascii=False):
@@ -57,7 +65,7 @@ class AjaxError(Exception):
     pass
 
 
-def ajax(login_required=True, method=None, template=None, permission_required=None):
+def ajax(login_required=False, method=None, template=None, permission_required=None):
     def decorator(fun):
         @wraps(fun)
         def ajax_view(request):
@@ -82,11 +90,11 @@ def ajax(login_required=True, method=None, template=None, permission_required=No
                 if request_params:
                     request_params = dict(
                         (key, json_decode_fallback(value))
-                        for key, value in request_params.iteritems()
+                        for key, value in request_params.items()
                         if fun_kwargs or key in fun_params)
                     kwargs.update(stringify_keys(request_params))
                 res = None
-                if login_required and not request.user.is_authenticated():
+                if login_required and not request.user.is_authenticated:
                     res = {'result': 'logout'}
                 if (permission_required and
                         not request.user.has_perm(permission_required)):
@@ -95,7 +103,7 @@ def ajax(login_required=True, method=None, template=None, permission_required=No
                 try:
                     res = fun(request, **kwargs)
                     if res and template:
-                        res = {'html': render_to_string(template, res, RequestContext(request))}
+                        res = {'html': render_to_string(template, res, request=request)}
                 except AjaxError as e:
                     res = {'result': e.args[0]}
             if 'result' not in res:
@@ -106,3 +114,96 @@ def ajax(login_required=True, method=None, template=None, permission_required=No
         return ajax_view
 
     return decorator
+
+
+def send_noreply_mail(subject, message, recipient_list, **kwargs):
+    send_mail(
+        '[WolneLektury] ' + subject,
+        message + "\n\n-- \n" + ugettext('Message sent automatically. Please do not reply.'),
+        'no-reply@wolnelektury.pl', recipient_list, **kwargs)
+
+
+# source: https://docs.python.org/2/library/csv.html#examples
+class UnicodeCSVWriter(object):
+    """
+    A CSV writer which will write rows to CSV file "f",
+    which is encoded in the given encoding.
+    """
+
+    def __init__(self, f, dialect=csv.excel, encoding="utf-8", **kwds):
+        # Redirect output to a queue
+        self.queue = BytesIO()
+        self.writer = csv.writer(self.queue, dialect=dialect, **kwds)
+        self.stream = f
+        self.encoder = codecs.getincrementalencoder(encoding)()
+
+    def writerow(self, row):
+        self.writer.writerow([s.encode("utf-8") for s in row])
+        # Fetch UTF-8 output from the queue ...
+        data = self.queue.getvalue()
+        data = data.decode("utf-8")
+        # ... and reencode it into the target encoding
+        data = self.encoder.encode(data)
+        # write to the target stream
+        self.stream.write(data)
+        # empty queue
+        self.queue.truncate(0)
+
+    def writerows(self, rows):
+        for row in rows:
+            self.writerow(row)
+
+
+# the original re.escape messes with unicode
+def re_escape(s):
+    return re.sub(r"[(){}\[\].*?|^$\\+-]", r"\\\g<0>", s)
+
+
+BOT_BITS = ['bot', 'slurp', 'spider', 'facebook', 'crawler', 'parser', 'http']
+
+
+def is_crawler(request):
+    user_agent = request.META.get('HTTP_USER_AGENT')
+    if not user_agent:
+        return True
+    user_agent = user_agent.lower()
+    return any(bot_bit in user_agent for bot_bit in BOT_BITS)
+
+
+def get_cached_render_key(instance, property_name, language=None):
+    if language is None:
+        language = get_language()
+    return 'cached_render:%s.%s:%s:%s' % (
+            type(instance).__name__,
+            property_name,
+            instance.pk,
+            language
+        )
+
+
+def cached_render(template_name, timeout=24 * 60 * 60):
+    def decorator(method):
+        @wraps(method)
+        def wrapper(self):
+            key = get_cached_render_key(self, method.__name__)
+            content = cache.get(key)
+            if content is None:
+                context = method(self)
+                content = render_to_string(template_name, context)
+                cache.set(key, str(content), timeout=timeout)
+            else:
+                content = mark_safe(content)
+            return content
+        return wrapper
+    return decorator
+
+
+def clear_cached_renders(bound_method):
+    for lc, ln in settings.LANGUAGES:
+        cache.delete(
+            get_cached_render_key(
+                bound_method.__self__,
+                bound_method.__name__,
+                lc
+            )
+        )