search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
@allowed_methods to check for correct HTTP method
[mygpo.git] / mygpo / web / views / settings.py
blob3fe85330cb5e798b47775eec6485a6bdf83de3ec
1 #
2 # This file is part of my.gpodder.org.
3 #
4 # my.gpodder.org is free software: you can redistribute it and/or modify it
5 # under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or (at your
7 # option) any later version.
8 #
9 # my.gpodder.org is distributed in the hope that it will be useful, but
10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
12 # License for more details.
13 #
14 # You should have received a copy of the GNU Affero General Public License
15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
16 #
17
18 from django.shortcuts import render_to_response
19 from django.http import HttpResponseRedirect
20 from django.contrib.auth import logout
21 from django.template import RequestContext
22 from mygpo.api.models import Podcast, Subscription, SubscriptionMeta
23 from mygpo.web.models import SecurityToken
24 from mygpo.web.forms import UserAccountForm
25 from django.forms import ValidationError
26 from django.utils.translation import ugettext as _
27 from mygpo.api.basic_auth import require_valid_user
28 from mygpo.decorators import manual_gc, allowed_methods
29 from django.contrib.auth.decorators import login_required
30 from django.shortcuts import get_object_or_404
31 from django.contrib.sites.models import Site
32
33
34 @manual_gc
35 @login_required
36 @allowed_methods(['GET', 'POST'])
37 def account(request):
38 success = False
39 error_message = ''
40
41 if request.method == 'GET':
42
43 form = UserAccountForm({
44 'email': request.user.email,
45 'public': request.user.get_profile().public_profile
46 })
47
48 return render_to_response('account.html', {
49 'form': form,
50 }, context_instance=RequestContext(request))
51
52 try:
53 form = UserAccountForm(request.POST)
54
55 if not form.is_valid():
56 raise ValueError(_('Oops! Something went wrong. Please double-check the data you entered.'))
57
58 if form.cleaned_data['password_current']:
59 if not request.user.check_password(form.cleaned_data['password_current']):
60 raise ValueError('Current password is incorrect')
61
62 request.user.set_password(form.cleaned_data['password1'])
63
64 request.user.email = form.cleaned_data['email']
65 request.user.save()
66 request.user.get_profile().save()
67
68 success = True
69
70 except ValueError, e:
71 success = False
72 error_message = e
73
74 except ValidationError, e:
75 success = False
76 error_message = e
77
78 return render_to_response('account.html', {
79 'form': form,
80 'success': success,
81 'error_message': error_message
82 }, context_instance=RequestContext(request))
83
84
85 @manual_gc
86 @login_required
87 @allowed_methods(['GET', 'POST'])
88 def delete_account(request):
89
90 if request.method == 'GET':
91 return render_to_response('delete_account.html', context_instance=RequestContext(request))
92
93 profile = request.user.get_profile()
94 profile.deleted = True
95 profile.save()
96
97 request.user.is_active = False
98 request.user.save()
99 logout(request)
100 return render_to_response('delete_account.html', {
101 'success': True
102 }, context_instance=RequestContext(request))
103
104
105 @manual_gc
106 @login_required
107 @allowed_methods(['GET'])
108 def privacy(request):
109
110 if 'private_subscriptions' in request.GET:
111 request.user.get_profile().settings['public_profile'] = False
112 request.user.get_profile().save()
113
114 elif 'public_subscriptions' in request.GET:
115 request.user.get_profile().settings['public_profile'] = True
116 request.user.get_profile().save()
117
118 if 'exclude' in request.GET:
119 id = request.GET['exclude']
120 try:
121 podcast = Podcast.objects.get(pk=id)
122 sm, c = SubscriptionMeta.objects.get_or_create(user=request.user, podcast=podcast, defaults={'public': False})
123
124 if not c:
125 sm.settings['public_subscription'] = False
126 sm.save()
127
128 except Podcast.DoesNotExist:
129 pass
130
131 if 'include' in request.GET:
132 id = request.GET['include']
133 try:
134 podcast = Podcast.objects.get(pk=id)
135 sm, c = SubscriptionMeta.objects.get_or_create(user=request.user, podcast=podcast, defaults={'public': True})
136
137 if not c:
138 sm.settings['public_subscription'] = True
139 sm.save()
140
141 except Podcast.DoesNotExist:
142 pass
143
144 subscriptions = [s for s in Subscription.objects.filter(user=request.user)]
145 included_subscriptions = set([s.podcast for s in subscriptions if s.get_meta().public])
146 excluded_subscriptions = set([s.podcast for s in subscriptions if not s.get_meta().public])
147
148 return render_to_response('privacy.html', {
149 'public_subscriptions': request.user.get_profile().public_profile,
150 'included_subscriptions': included_subscriptions,
151 'excluded_subscriptions': excluded_subscriptions,
152 }, context_instance=RequestContext(request))
153
154
155 @manual_gc
156 @login_required
157 def share(request):
158 site = Site.objects.get_current()
159 token, c = SecurityToken.objects.get_or_create(user=request.user, object='subscriptions', action='r')
160
161
162 if 'public_subscriptions' in request.GET:
163 token.token = ''
164 token.save()
165
166 elif 'private_subscriptions' in request.GET:
167 token.random_token()
168 token.save()
169
170 return render_to_response('share.html', {
171 'site': site,
172 'token': token.token,
173 }, context_instance=RequestContext(request))
gpodder.net is a webservice that connects podcast players