models.py 14.7 KB
Newer Older
Skia's avatar
Skia committed
1
from django.db import models
2
from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin, UserManager, Group as AuthGroup, AnonymousUser as AuthAnonymousUser
Skia's avatar
Skia committed
3
4
from django.utils.translation import ugettext_lazy as _
from django.utils import timezone
5
6
from django.core import validators
from django.core.exceptions import ValidationError
7
from django.core.urlresolvers import reverse
8
from django.conf import settings
Skia's avatar
Skia committed
9
from datetime import datetime, timedelta
Skia's avatar
Skia committed
10

Skia's avatar
Skia committed
11
12
13
14
15
16
17
class Group(AuthGroup):
    def get_absolute_url(self):
        """
        This is needed for black magic powered UpdateView's children
        """
        return reverse('core:group_edit', kwargs={'group_id': self.pk})

Skia's avatar
Skia committed
18
19
20
class User(AbstractBaseUser, PermissionsMixin):
    """
    Defines the base user class, useable in every app
Skia's avatar
Skia committed
21

Skia's avatar
Skia committed
22
23
24
    This is almost the same as the auth module AbstractUser since it inherits from it,
    but some fields are required, and the username is generated automatically with the
    name of the user (see generate_username()).
Skia's avatar
Skia committed
25

26
    Added field: nick_name, date_of_birth
Skia's avatar
Skia committed
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
    Required fields: email, first_name, last_name, date_of_birth
    """
    username = models.CharField(
        _('username'),
        max_length=254,
        unique=True,
        help_text=_('Required. 254 characters or fewer. Letters, digits and @/./+/-/_ only.'),
        validators=[
            validators.RegexValidator(
                r'^[\w.@+-]+$',
                _('Enter a valid username. This value may contain only '
                  'letters, numbers ' 'and @/./+/-/_ characters.')
            ),
        ],
        error_messages={
            'unique': _("A user with that username already exists."),
        },
    )
    first_name = models.CharField(_('first name'), max_length=30)
    last_name = models.CharField(_('last name'), max_length=30)
    email = models.EmailField(_('email address'), unique=True)
Skia's avatar
Skia committed
48
    date_of_birth = models.DateTimeField(_('date of birth'))
Skia's avatar
Skia committed
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
    nick_name = models.CharField(max_length=30, blank=True)
    is_staff = models.BooleanField(
        _('staff status'),
        default=False,
        help_text=_('Designates whether the user can log into this admin site.'),
    )
    is_active = models.BooleanField(
        _('active'),
        default=True,
        help_text=_(
            'Designates whether this user should be treated as active. '
            'Unselect this instead of deleting accounts.'
        ),
    )
    date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
64
65
    owner_group = models.ForeignKey(Group, related_name="owned_user",
                                    default=settings.AE_GROUPS['root']['id'])
Skia's avatar
Skia committed
66
67
    edit_group = models.ManyToManyField(Group, related_name="editable_user", blank=True)
    view_group = models.ManyToManyField(Group, related_name="viewable_user", blank=True)
Skia's avatar
Skia committed
68
69
70
71

    objects = UserManager()

    USERNAME_FIELD = 'username'
72
    REQUIRED_FIELDS = ['email', 'date_of_birth']
Skia's avatar
Skia committed
73
74
75
76

    class Meta:
        verbose_name = _('user')
        verbose_name_plural = _('users')
77
78
79
        # Add permissions like this to allow automatic permission validation in is_owner&co
        # model: change_prop_<class_name>
        #        view_<class_name>
80
81
        permissions = (
            ("change_prop_user", "Can change the user's properties (groups, ...)"),
82
            ("view_user", "Can view user's profile"),
83
        )
Skia's avatar
Skia committed
84

Skia's avatar
Skia committed
85
86
87
88
89
90
    def get_absolute_url(self):
        """
        This is needed for black magic powered UpdateView's children
        """
        return reverse('core:user_profile', kwargs={'user_id': self.pk})

Skia's avatar
Skia committed
91
    def __str__(self):
Skia's avatar
Skia committed
92
93
        return self.username

Skia's avatar
Skia committed
94
95
96
97
98
99
100
101
102
103
104
    def to_dict(self):
        return self.__dict__

    def get_profile(self):
        return {
            "last_name": self.last_name,
            "first_name": self.first_name,
            "nick_name": self.nick_name,
            "date_of_birth": self.date_of_birth,
        }

Skia's avatar
Skia committed
105
106
107
108
109
110
111
112
113
114
115
    def get_full_name(self):
        """
        Returns the first_name plus the last_name, with a space in between.
        """
        full_name = '%s %s' % (self.first_name, self.last_name)
        return full_name.strip()

    def get_short_name(self):
        "Returns the short name for the user."
        return self.first_name

Skia's avatar
Skia committed
116
117
118
119
120
121
122
123
124
    def get_display_name(self):
        """
        Returns the display name of the user.
        A nickname if possible, otherwise, the full name
        """
        if self.nick_name != "":
            return self.nick_name
        return self.get_full_name()

Skia's avatar
Skia committed
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
    def email_user(self, subject, message, from_email=None, **kwargs):
        """
        Sends an email to this User.
        """
        send_mail(subject, message, from_email, [self.email], **kwargs)

    def generate_username(self):
        """
        Generates a unique username based on the first and last names.
        For example: Guy Carlier gives gcarlier, and gcarlier1 if the first one exists
        Returns the generated username
        """
        user_name = str(self.first_name[0]+self.last_name).lower()
        un_set = [u.username for u in User.objects.all()]
        if user_name in un_set:
            i = 1
            while user_name+str(i) in un_set:
                i += 1
            user_name += str(i)
        self.username = user_name
        return user_name
Skia's avatar
Skia committed
146

Skia's avatar
Skia committed
147
148
149
150
151
152
    def is_owner(self, obj):
        """
        Determine if the object is owned by the user
        """
        if not hasattr(obj, "owner_group"):
            return False
153
        if (self.is_superuser or self.groups.filter(name=obj.owner_group.name).exists() or
154
155
            self.has_perm(obj.__class__.__module__.split('.')[0]+".change_prop_"+obj.__class__.__name__.lower()) or
            self.groups.filter(id=settings.AE_GROUPS['root']['id']).exists()):
Skia's avatar
Skia committed
156
157
158
159
160
161
162
163
164
165
166
167
168
169
            return True
        return False

    def can_edit(self, obj):
        """
        Determine if the object can be edited by the user
        """
        if not hasattr(obj, "edit_group"):
            return False
        if self.is_owner(obj):
            return True
        for g in obj.edit_group.all():
            if self.groups.filter(name=g.name).exists():
                return True
170
171
        if isinstance(obj, User) and obj == self:
            return True
172
173
        if self.has_perm(obj.__class__.__module__.split('.')[0]+".change_"+obj.__class__.__name__.lower()):
            return True
Skia's avatar
Skia committed
174
175
176
177
178
179
180
181
182
183
184
185
186
        return False

    def can_view(self, obj):
        """
        Determine if the object can be viewed by the user
        """
        if not hasattr(obj, "view_group"):
            return False
        if self.can_edit(obj):
            return True
        for g in obj.view_group.all():
            if self.groups.filter(name=g.name).exists():
                return True
187
188
        if self.has_perm(obj.__class__.__module__.split('.')[0]+".view_"+obj.__class__.__name__.lower()):
            return True
Skia's avatar
Skia committed
189
190
        return False

191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
class AnonymousUser(AuthAnonymousUser):
    def __init__(self, request):
        super(AnonymousUser, self).__init__()

    def is_owner(self, obj):
        return False

    def can_edit(self, obj):
        return False

    def can_view(self, obj):
        if obj.view_group.filter(pk=settings.AE_GROUPS['public']['id']).exists():
            return True
        return False

Skia's avatar
Skia committed
206
207
208
209
210
211
212
213
214
215
216
217
class LockError(Exception):
    """There was a lock error on the object"""
    pass

class AlreadyLocked(LockError):
    """The object is already locked"""
    pass

class NotLocked(LockError):
    """The object is not locked"""
    pass

Skia's avatar
Skia committed
218
class Page(models.Model):
Skia's avatar
Skia committed
219
220
221
222
223
224
225
226
227
228
    """
    The page class to build a Wiki
    Each page may have a parent and it's URL is of the form my.site/page/<grd_pa>/<parent>/<mypage>
    It has an ID field, but don't use it, since it's only there for DB part, and because compound primary key is
    awkward!
    Prefere querying pages with Page.get_page_by_full_name()

    Be careful with the full_name attribute: this field may not be valid until you call save(). It's made for fast
    query, but don't rely on it when playing with a Page object, use get_full_name() instead!
    """
Skia's avatar
Skia committed
229
    name = models.CharField(_('page name'), max_length=30, blank=False)
Skia's avatar
Skia committed
230
    parent = models.ForeignKey('self', related_name="children", null=True, blank=True, on_delete=models.SET_NULL)
Skia's avatar
Skia committed
231
232
233
    # Attention: this field may not be valid until you call save(). It's made for fast query, but don't rely on it when
    # playing with a Page object, use get_full_name() instead!
    full_name = models.CharField(_('page name'), max_length=255, blank=True)
234
235
    owner_group = models.ForeignKey(Group, related_name="owned_page",
                                    default=settings.AE_GROUPS['root']['id'])
Skia's avatar
Skia committed
236
237
    edit_group = models.ManyToManyField(Group, related_name="editable_page", blank=True)
    view_group = models.ManyToManyField(Group, related_name="viewable_page", blank=True)
Skia's avatar
Skia committed
238
    lock_mutex = {}
Skia's avatar
Skia committed
239

Skia's avatar
Skia committed
240

Skia's avatar
Skia committed
241
    class Meta:
242
        unique_together = ('name', 'parent')
Skia's avatar
Skia committed
243
        permissions = (
244
245
            ("change_prop_page", "Can change the page's properties (groups, ...)"),
            ("view_page", "Can view the page"),
Skia's avatar
Skia committed
246
247
        )

248
249
    @staticmethod
    def get_page_by_full_name(name):
Skia's avatar
Skia committed
250
251
252
253
        """
        Quicker to get a page with that method rather than building the request every time
        """
        return Page.objects.filter(full_name=name).first()
254
255
256
257
258
259

    def __init__(self, *args, **kwargs):
        super(Page, self).__init__(*args, **kwargs)

    def clean(self):
        """
Skia's avatar
Skia committed
260
        Cleans up only the name for the moment, but this can be used to make any treatment before saving the object
261
262
263
        """
        if '/' in self.name:
            self.name = self.name.split('/')[-1]
Skia's avatar
Skia committed
264
265
266
267
268
        if Page.objects.exclude(pk=self.pk).filter(full_name=self.get_full_name()).exists():
            raise ValidationError(
                _('Duplicate page'),
                code='duplicate',
            )
269
        super(Page, self).clean()
Skia's avatar
Skia committed
270
271
272
273
274
275
276
277
278
279
280
281
282
283
        if self.parent is not None and self in self.get_parent_list():
            raise ValidationError(
                _('Loop in page tree'),
                code='loop',
            )

    def get_parent_list(self):
        l = []
        p = self.parent
        while p is not None:
            l.append(p)
            p = p.parent
        return l

284
    def save(self, *args, **kwargs):
Skia's avatar
Skia committed
285
286
287
288
289
        """
        Performs some needed actions before and after saving a page in database
        """
        if not self.is_locked():
            raise NotLocked("The page is not locked and thus can not be saved")
290
        self.full_clean()
Skia's avatar
Skia committed
291
292
        # This reset the full_name just before saving to maintain a coherent field quicker for queries than the
        # recursive method
Skia's avatar
Skia committed
293
        # It also update all the children to maintain correct names
Skia's avatar
Skia committed
294
        self.full_name = self.get_full_name()
Skia's avatar
Skia committed
295
296
        for c in self.children.all():
            c.save()
297
        super(Page, self).save(*args, **kwargs)
Skia's avatar
Skia committed
298
299
300
301
302
303
304
305
306
307
308
        self.unset_lock()

    def is_locked(self):
        """
        Is True if the page is locked, False otherwise
        This is where the timeout is handled, so a locked page for which the timeout is reach will be unlocked and this
        function will return False
        """
        if self.pk not in Page.lock_mutex.keys():
            # print("Page mutex does not exists")
            return False
Skia's avatar
Skia committed
309
        if (timezone.now()-Page.lock_mutex[self.pk]['time']) > timedelta(minutes=5):
Skia's avatar
Skia committed
310
311
312
313
314
315
316
317
318
319
320
321
322
            # print("Lock timed out")
            self.unset_lock()
            return False
        return True

    def set_lock(self, user):
        """
        Sets a lock on the current page or raise an AlreadyLocked exception
        """
        if self.is_locked() and self.get_lock()['user'] != user:
            raise AlreadyLocked("The page is already locked by someone else")
        Page.lock_mutex[self.pk] = {'user': user,
                                    'time': timezone.now()}
Skia's avatar
Skia committed
323
        # print("Locking page")
Skia's avatar
Skia committed
324
325
326
327
328
329
330
331
332
333
334
335

    def set_lock_recursive(self, user):
        """
        Locks recursively all the child pages for editing properties
        """
        for p in self.children.all():
            p.set_lock_recursive(user)
        self.set_lock(user)

    def unset_lock(self):
        """Always try to unlock, even if there is no lock"""
        Page.lock_mutex.pop(self.pk, None)
Skia's avatar
Skia committed
336
        # print("Unlocking page")
Skia's avatar
Skia committed
337
338
339
340
341
342
343
344

    def get_lock(self):
        """
        Returns the page's mutex containing the time and the user in a dict
        """
        if self.is_locked():
            return Page.lock_mutex[self.pk]
        raise NotLocked("The page is not locked and thus can not return its mutex")
345

346
347
348
349
350
351
    def get_absolute_url(self):
        """
        This is needed for black magic powered UpdateView's children
        """
        return reverse('core:page', kwargs={'page_name': self.full_name})

Skia's avatar
Skia committed
352
    def __str__(self):
353
354
355
        return self.get_full_name()

    def get_full_name(self):
Skia's avatar
Skia committed
356
357
358
359
360
        """
        Computes the real full_name of the page based on its name and its parent's name
        You can and must rely on this function when working on a page object that is not freshly fetched from the DB
        (For example when treating a Page object coming from a form)
        """
Skia's avatar
Skia committed
361
362
363
        if self.parent is None:
            return self.name
        return '/'.join([self.parent.get_full_name(), self.name])
Skia's avatar
Skia committed
364
365

    def get_display_name(self):
Skia's avatar
Skia committed
366
        return self.get_full_name()
Skia's avatar
Skia committed
367

368
class PageRev(models.Model):
Skia's avatar
Skia committed
369
370
371
372
373
374
375
    """
    This is the true content of the page.
    Each page object has a revisions field that is a list of PageRev, ordered by date.
    my_page.revisions.last() gives the PageRev object that is the most up-to-date, and thus,
    is the real content of the page.
    The content is in PageRev.title and PageRev.content .
    """
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
    title = models.CharField(_("page title"), max_length=255, blank=True)
    content = models.TextField(_("page content"), blank=True)
    date = models.DateTimeField(_('date'), auto_now=True)
    author = models.ForeignKey(User, related_name='page_rev')
    page = models.ForeignKey(Page, related_name='revisions')

    class Meta:
        ordering = ['date',]

    def get_absolute_url(self):
        """
        This is needed for black magic powered UpdateView's children
        """
        return reverse('core:page', kwargs={'page_name': self.page.full_name})

    def __str__(self):
        return str(self.__dict__)

394
395
396
397
398
399
400
    def __getattribute__(self, attr):
        if attr == "owner_group":
            return self.page.owner_group
        elif attr == "edit_group":
            return self.page.edit_group
        elif attr == "view_group":
            return self.page.view_group
Skia's avatar
Skia committed
401
402
        elif attr == "unset_lock":
            return self.page.unset_lock
403
404
405
        else:
            return object.__getattribute__(self, attr)

Skia's avatar
Skia committed
406
407
408
409
    def save(self, *args, **kwargs):
        super(PageRev, self).save(*args, **kwargs)
        # Don't forget to unlock, otherwise, people will have to wait for the page's timeout
        self.page.unset_lock()
410