| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485 |
- # -*- coding: utf-8 -*-
- """
- flaskbb.management.forms
- ~~~~~~~~~~~~~~~~~~~~~~~~
- It provides the forms that are needed for the management views.
- :copyright: (c) 2014 by the FlaskBB Team.
- :license: BSD, see LICENSE for more details.
- """
- import logging
- from flask_wtf import FlaskForm
- from wtforms import (BooleanField, HiddenField, IntegerField, PasswordField,
- SelectField, StringField, SubmitField, TextAreaField)
- from wtforms.validators import (DataRequired, Optional, Email, regexp, Length,
- URL, ValidationError)
- from wtforms.ext.sqlalchemy.fields import (QuerySelectField,
- QuerySelectMultipleField)
- from sqlalchemy.orm.session import make_transient, make_transient_to_detached
- from flask_babelplus import lazy_gettext as _
- from flaskbb.utils.fields import BirthdayField
- from flaskbb.extensions import db
- from flaskbb.forum.models import Forum, Category
- from flaskbb.user.models import User, Group
- from flaskbb.utils.requirements import IsAtleastModerator
- from flask_allows import Permission
- logger = logging.getLogger(__name__)
- USERNAME_RE = r'^[\w.+-]+$'
- is_username = regexp(USERNAME_RE,
- message=_("You can only use letters, numbers or dashes."))
- def selectable_forums():
- return Forum.query.order_by(Forum.position)
- def selectable_categories():
- return Category.query.order_by(Category.position)
- def selectable_groups():
- return Group.query.order_by(Group.id.asc()).all()
- def select_primary_group():
- return Group.query.filter(Group.guest != True).order_by(Group.id)
- class UserForm(FlaskForm):
- username = StringField(_("Username"), validators=[
- DataRequired(message=_("A valid username is required.")),
- is_username])
- email = StringField(_("Email address"), validators=[
- DataRequired(message=_("A valid email address is required.")),
- Email(message=_("Invalid email address."))])
- password = PasswordField("Password", validators=[
- DataRequired()])
- birthday = BirthdayField(_("Birthday"), format="%d %m %Y", validators=[
- Optional()])
- gender = SelectField(_("Gender"), default="None", choices=[
- ("None", ""),
- ("Male", _("Male")),
- ("Female", _("Female"))])
- location = StringField(_("Location"), validators=[
- Optional()])
- website = StringField(_("Website"), validators=[
- Optional(), URL()])
- avatar = StringField(_("Avatar"), validators=[
- Optional(), URL()])
- signature = TextAreaField(_("Forum signature"), validators=[
- Optional(), Length(min=0, max=250)])
- notes = TextAreaField(_("Notes"), validators=[
- Optional(), Length(min=0, max=5000)])
- activated = BooleanField(_("Is active?"), validators=[
- Optional()])
- primary_group = QuerySelectField(
- _("Primary group"),
- query_factory=select_primary_group,
- get_label="name")
- secondary_groups = QuerySelectMultipleField(
- _("Secondary groups"),
- # TODO: Template rendering errors "NoneType is not callable"
- # without this, figure out why.
- query_factory=select_primary_group,
- get_label="name")
- submit = SubmitField(_("Save"))
- def validate_username(self, field):
- if hasattr(self, "user"):
- user = User.query.filter(
- db.and_(
- User.username.like(field.data.lower()),
- db.not_(User.id == self.user.id)
- )
- ).first()
- else:
- user = User.query.filter(
- User.username.like(field.data.lower())
- ).first()
- if user:
- raise ValidationError(_("This username is already taken."))
- def validate_email(self, field):
- if hasattr(self, "user"):
- user = User.query.filter(
- db.and_(
- User.email.like(field.data.lower()),
- db.not_(User.id == self.user.id)
- )
- ).first()
- else:
- user = User.query.filter(
- User.email.like(field.data.lower())
- ).first()
- if user:
- raise ValidationError(_("This email address is already taken."))
- def save(self):
- data = self.data
- data.pop('submit', None)
- data.pop('csrf_token', None)
- user = User(**data)
- return user.save()
- class AddUserForm(UserForm):
- pass
- class EditUserForm(UserForm):
- password = PasswordField("Password", validators=[Optional()])
- def __init__(self, user, *args, **kwargs):
- self.user = user
- kwargs['obj'] = self.user
- UserForm.__init__(self, *args, **kwargs)
- class GroupForm(FlaskForm):
- name = StringField(_("Group name"), validators=[
- DataRequired(message=_("Please enter a name for the group."))])
- description = TextAreaField(_("Description"), validators=[
- Optional()])
- admin = BooleanField(
- _("Is 'Admin' group?"),
- description=_("With this option the group has access to "
- "the admin panel.")
- )
- super_mod = BooleanField(
- _("Is 'Super Moderator' group?"),
- description=_("Check this, if the users in this group are allowed to "
- "moderate every forum.")
- )
- mod = BooleanField(
- _("Is 'Moderator' group?"),
- description=_("Check this, if the users in this group are allowed to "
- "moderate specified forums.")
- )
- banned = BooleanField(
- _("Is 'Banned' group?"),
- description=_("Only one group of type 'Banned' is allowed.")
- )
- guest = BooleanField(
- _("Is 'Guest' group?"),
- description=_("Only one group of type 'Guest' is allowed.")
- )
- editpost = BooleanField(
- _("Can edit posts"),
- description=_("Check this, if the users in this group can edit posts.")
- )
- deletepost = BooleanField(
- _("Can delete posts"),
- description=_("Check this, if the users in this group can delete "
- "posts.")
- )
- deletetopic = BooleanField(
- _("Can delete topics"),
- description=_("Check this, if the users in this group can delete "
- "topics.")
- )
- posttopic = BooleanField(
- _("Can create topics"),
- description=_("Check this, if the users in this group can create "
- "topics.")
- )
- postreply = BooleanField(
- _("Can post replies"),
- description=_("Check this, if the users in this group can post "
- "replies.")
- )
- mod_edituser = BooleanField(
- _("Moderators can edit user profiles"),
- description=_("Allow moderators to edit another user's profile "
- "including password and email changes.")
- )
- mod_banuser = BooleanField(
- _("Moderators can ban users"),
- description=_("Allow moderators to ban other users.")
- )
- viewhidden = BooleanField(
- _("Can view hidden posts and topics"),
- description=_("Allows a user to view hidden posts and topics"),
- )
- makehidden = BooleanField(
- _("Can hide posts and topics"),
- description=_("Allows a user to hide posts and topics"),
- )
- submit = SubmitField(_("Save"))
- def validate_name(self, field):
- if hasattr(self, "group"):
- group = Group.query.filter(
- db.and_(
- Group.name.like(field.data.lower()),
- db.not_(Group.id == self.group.id)
- )
- ).first()
- else:
- group = Group.query.filter(
- Group.name.like(field.data.lower())
- ).first()
- if group:
- raise ValidationError(_("This group name is already taken."))
- def validate_banned(self, field):
- if hasattr(self, "group"):
- group = Group.query.filter(
- db.and_(
- Group.banned,
- db.not_(Group.id == self.group.id)
- )
- ).count()
- else:
- group = Group.query.filter_by(banned=True).count()
- if field.data and group > 0:
- raise ValidationError(_("There is already a group of type "
- "'Banned'."))
- def validate_guest(self, field):
- if hasattr(self, "group"):
- group = Group.query.filter(
- db.and_(
- Group.guest,
- db.not_(Group.id == self.group.id)
- )
- ).count()
- else:
- group = Group.query.filter_by(guest=True).count()
- if field.data and group > 0:
- raise ValidationError(_("There is already a group of type "
- "'Guest'."))
- def validate(self):
- if not super(GroupForm, self).validate():
- return False
- result = True
- permission_fields = (
- self.editpost, self.deletepost, self.deletetopic,
- self.posttopic, self.postreply, self.mod_edituser,
- self.mod_banuser, self.viewhidden, self.makehidden
- )
- group_fields = [
- self.admin, self.super_mod, self.mod, self.banned, self.guest
- ]
- # we do not allow to modify any guest permissions
- if self.guest.data:
- for field in permission_fields:
- if field.data:
- # if done in 'validate_guest' it would display this
- # warning on the fields
- field.errors.append(
- _("Can't assign any permissions to this group.")
- )
- result = False
- checked = []
- for field in group_fields:
- if field.data and field.data in checked:
- if len(checked) > 1:
- field.errors.append(
- "A group can't have multiple group types."
- )
- result = False
- else:
- checked.append(field.data)
- return result
- def save(self):
- data = self.data
- data.pop('submit', None)
- data.pop('csrf_token', None)
- group = Group(**data)
- return group.save()
- class EditGroupForm(GroupForm):
- def __init__(self, group, *args, **kwargs):
- self.group = group
- kwargs['obj'] = self.group
- GroupForm.__init__(self, *args, **kwargs)
- class AddGroupForm(GroupForm):
- pass
- class ForumForm(FlaskForm):
- title = StringField(
- _("Forum title"),
- validators=[DataRequired(message=_("Please enter a forum title."))]
- )
- description = TextAreaField(
- _("Description"),
- validators=[Optional()],
- description=_("You can format your description with Markdown.")
- )
- position = IntegerField(
- _("Position"),
- default=1,
- validators=[DataRequired(message=_("Please enter a position for the"
- "forum."))]
- )
- category = QuerySelectField(
- _("Category"),
- query_factory=selectable_categories,
- allow_blank=False,
- get_label="title",
- description=_("The category that contains this forum.")
- )
- external = StringField(
- _("External link"),
- validators=[Optional(), URL()],
- description=_("A link to a website i.e. 'http://flaskbb.org'.")
- )
- moderators = StringField(
- _("Moderators"),
- description=_("Comma separated usernames. Leave it blank if you do "
- "not want to set any moderators.")
- )
- show_moderators = BooleanField(
- _("Show moderators"),
- description=_("Do you want to show the moderators on the index page?")
- )
- locked = BooleanField(
- _("Locked?"),
- description=_("Disable new posts and topics in this forum.")
- )
- groups = QuerySelectMultipleField(
- _("Group access"),
- query_factory=selectable_groups,
- get_label="name",
- description=_("Select the groups that can access this forum.")
- )
- submit = SubmitField(_("Save"))
- def validate_external(self, field):
- if hasattr(self, "forum"):
- if self.forum.topics.count() > 0:
- raise ValidationError(_("You cannot convert a forum that "
- "contains topics into an "
- "external link."))
- def validate_show_moderators(self, field):
- if field.data and not self.moderators.data:
- raise ValidationError(_("You also need to specify some "
- "moderators."))
- def validate_moderators(self, field):
- approved_moderators = []
- if field.data:
- moderators = [mod.strip() for mod in field.data.split(',')]
- users = User.query.filter(User.username.in_(moderators))
- for user in users:
- if not Permission(IsAtleastModerator, identity=user):
- raise ValidationError(
- _("%(user)s is not in a moderators group.",
- user=user.username)
- )
- else:
- approved_moderators.append(user)
- field.data = approved_moderators
- def save(self):
- data = self.data
- # delete submit and csrf_token from data
- data.pop('submit', None)
- data.pop('csrf_token', None)
- forum = Forum(**data)
- return forum.save()
- class EditForumForm(ForumForm):
- id = HiddenField()
- def __init__(self, forum, *args, **kwargs):
- self.forum = forum
- kwargs['obj'] = self.forum
- ForumForm.__init__(self, *args, **kwargs)
- def save(self):
- data = self.data
- # delete submit and csrf_token from data
- data.pop('submit', None)
- data.pop('csrf_token', None)
- forum = Forum(**data)
- # flush SQLA info from created instance so that it can be merged
- make_transient(forum)
- make_transient_to_detached(forum)
- return forum.save()
- class AddForumForm(ForumForm):
- pass
- class CategoryForm(FlaskForm):
- title = StringField(_("Category title"), validators=[
- DataRequired(message=_("Please enter a category title."))])
- description = TextAreaField(
- _("Description"),
- validators=[Optional()],
- description=_("You can format your description with Markdown.")
- )
- position = IntegerField(
- _("Position"),
- default=1,
- validators=[DataRequired(message=_("Please enter a position for the "
- "category."))]
- )
- submit = SubmitField(_("Save"))
- def save(self):
- data = self.data
- # delete submit and csrf_token from data
- data.pop('submit', None)
- data.pop('csrf_token', None)
- category = Category(**data)
- return category.save()
|
