2 # Copyright (C) 2018 rubenwardy
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with this program. If not, see <https://www.gnu.org/licenses/>.
18 from flask import Flask, url_for
19 from flask_sqlalchemy import SQLAlchemy
20 from flask_migrate import Migrate
21 from urllib.parse import urlparse
23 from datetime import datetime
24 from sqlalchemy.orm import validates
25 from flask_user import login_required, UserManager, UserMixin, SQLAlchemyAdapter
30 migrate = Migrate(app, db)
33 class UserRank(enum.Enum):
41 def atLeast(self, min):
42 return self.value >= min.value
45 return self.name.replace("_", " ").title()
48 return self.name.lower()
55 return [(choice, choice.getTitle()) for choice in cls]
58 def coerce(cls, item):
59 return item if type(item) == UserRank else UserRank[item]
62 class Permission(enum.Enum):
63 EDIT_PACKAGE = "EDIT_PACKAGE"
64 APPROVE_CHANGES = "APPROVE_CHANGES"
65 DELETE_PACKAGE = "DELETE_PACKAGE"
66 CHANGE_AUTHOR = "CHANGE_AUTHOR"
67 MAKE_RELEASE = "MAKE_RELEASE"
68 APPROVE_RELEASE = "APPROVE_RELEASE"
69 APPROVE_NEW = "APPROVE_NEW"
70 CHANGE_RELEASE_URL = "CHANGE_RELEASE_URL"
71 CHANGE_DNAME = "CHANGE_DNAME"
72 CHANGE_RANK = "CHANGE_RANK"
73 CHANGE_EMAIL = "CHANGE_EMAIL"
74 EDIT_EDITREQUEST = "EDIT_EDITREQUEST"
76 # Only return true if the permission is valid for *all* contexts
77 # See Package.checkPerm for package-specific contexts
78 def check(self, user):
79 if not user.is_authenticated:
82 if self == Permission.APPROVE_NEW or \
83 self == Permission.APPROVE_CHANGES or \
84 self == Permission.APPROVE_RELEASE:
85 return user.rank.atLeast(UserRank.EDITOR)
87 raise Exception("Non-global permission checked globally. Use Package.checkPerm or User.checkPerm instead.")
90 class User(db.Model, UserMixin):
91 id = db.Column(db.Integer, primary_key=True)
93 # User authentication information
94 username = db.Column(db.String(50), nullable=False, unique=True)
95 password = db.Column(db.String(255), nullable=False, server_default="")
96 reset_password_token = db.Column(db.String(100), nullable=False, server_default="")
98 rank = db.Column(db.Enum(UserRank))
101 github_username = db.Column(db.String(50), nullable=True, unique=True)
102 forums_username = db.Column(db.String(50), nullable=True, unique=True)
104 # User email information
105 email = db.Column(db.String(255), nullable=True, unique=True)
106 confirmed_at = db.Column(db.DateTime())
109 active = db.Column("is_active", db.Boolean, nullable=False, server_default="0")
110 display_name = db.Column(db.String(100), nullable=False, server_default="")
113 notifications = db.relationship("Notification", primaryjoin="User.id==Notification.user_id")
115 # causednotifs = db.relationship("Notification", backref="causer", lazy="dynamic")
116 packages = db.relationship("Package", backref="author", lazy="dynamic")
117 requests = db.relationship("EditRequest", backref="author", lazy="dynamic")
119 def __init__(self, username):
122 self.username = username
123 self.confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
124 self.display_name = username
125 self.rank = UserRank.NOT_JOINED
127 def canAccessTodoList(self):
128 return Permission.APPROVE_NEW.check(self) or \
129 Permission.APPROVE_RELEASE.check(self) or \
130 Permission.APPROVE_CHANGES.check(self)
133 return self.rank.atLeast(UserRank.NEW_MEMBER)
135 def checkPerm(self, user, perm):
136 if not user.is_authenticated:
139 if type(perm) == str:
140 perm = Permission[perm]
141 elif type(perm) != Permission:
142 raise Exception("Unknown permission given to User.checkPerm()")
144 # Members can edit their own packages, and editors can edit any packages
145 if perm == Permission.CHANGE_AUTHOR:
146 return user.rank.atLeast(UserRank.EDITOR)
147 elif perm == Permission.CHANGE_RANK or perm == Permission.CHANGE_DNAME:
148 return user.rank.atLeast(UserRank.MODERATOR)
149 elif perm == Permission.CHANGE_EMAIL:
150 return user == self or (user.rank.atLeast(UserRank.MODERATOR) and user.rank.atLeast(self.rank))
152 raise Exception("Permission {} is not related to users".format(perm.name))
154 class UserEmailVerification(db.Model):
155 id = db.Column(db.Integer, primary_key=True)
156 user_id = db.Column(db.Integer, db.ForeignKey("user.id"))
157 email = db.Column(db.String(100))
158 token = db.Column(db.String(32))
159 user = db.relationship("User", foreign_keys=[user_id])
161 class Notification(db.Model):
162 id = db.Column(db.Integer, primary_key=True)
163 user_id = db.Column(db.Integer, db.ForeignKey("user.id"))
164 causer_id = db.Column(db.Integer, db.ForeignKey("user.id"))
165 user = db.relationship("User", foreign_keys=[user_id])
166 causer = db.relationship("User", foreign_keys=[causer_id])
168 title = db.Column(db.String(100), nullable=False)
169 url = db.Column(db.String(200), nullable=True)
171 def __init__(self, us, cau, titl, ur):
178 class License(db.Model):
179 id = db.Column(db.Integer, primary_key=True)
180 name = db.Column(db.String(50), nullable=False, unique=True)
181 packages = db.relationship("Package", backref="license", lazy="dynamic")
183 def __init__(self, v):
190 class PackageType(enum.Enum):
196 return self.name.lower()
203 return [(choice, choice.value) for choice in cls]
206 def coerce(cls, item):
207 return item if type(item) == PackageType else PackageType[item]
210 class PackagePropertyKey(enum.Enum):
213 shortDesc = "Short Description"
218 harddeps = "Hard Dependencies"
219 softdeps = "Soft Dependencies"
222 issueTracker = "Issue Tracker"
223 forums = "Forum Topic ID"
225 def convert(self, value):
226 if self == PackagePropertyKey.tags:
227 return ",".join([t.title for t in value])
228 elif self == PackagePropertyKey.harddeps or self == PackagePropertyKey.softdeps:
229 return ",".join([t.author.username + "/" + t.name for t in value])
234 tags = db.Table("tags",
235 db.Column("tag_id", db.Integer, db.ForeignKey("tag.id"), primary_key=True),
236 db.Column("package_id", db.Integer, db.ForeignKey("package.id"), primary_key=True)
239 harddeps = db.Table("harddeps",
240 db.Column("package_id", db.Integer, db.ForeignKey("package.id"), primary_key=True),
241 db.Column("dependency_id", db.Integer, db.ForeignKey("package.id"), primary_key=True)
244 softdeps = db.Table("softdeps",
245 db.Column("package_id", db.Integer, db.ForeignKey("package.id"), primary_key=True),
246 db.Column("dependency_id", db.Integer, db.ForeignKey("package.id"), primary_key=True)
249 class Package(db.Model):
250 id = db.Column(db.Integer, primary_key=True)
253 author_id = db.Column(db.Integer, db.ForeignKey("user.id"))
254 name = db.Column(db.String(100), nullable=False)
255 title = db.Column(db.String(100), nullable=False)
256 shortDesc = db.Column(db.String(200), nullable=False)
257 desc = db.Column(db.Text, nullable=True)
258 type = db.Column(db.Enum(PackageType))
259 created_at = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
261 license_id = db.Column(db.Integer, db.ForeignKey("license.id"))
263 approved = db.Column(db.Boolean, nullable=False, default=False)
266 repo = db.Column(db.String(200), nullable=True)
267 website = db.Column(db.String(200), nullable=True)
268 issueTracker = db.Column(db.String(200), nullable=True)
269 forums = db.Column(db.Integer, nullable=True)
271 tags = db.relationship("Tag", secondary=tags, lazy="subquery",
272 backref=db.backref("packages", lazy=True))
274 harddeps = db.relationship("Package",
276 primaryjoin=id==harddeps.c.package_id,
277 secondaryjoin=id==harddeps.c.dependency_id,
278 backref="dependents")
280 softdeps = db.relationship("Package",
282 primaryjoin=id==softdeps.c.package_id,
283 secondaryjoin=id==softdeps.c.dependency_id,
284 backref="softdependents")
286 releases = db.relationship("PackageRelease", backref="package",
287 lazy="dynamic", order_by=db.desc("package_release_releaseDate"))
289 screenshots = db.relationship("PackageScreenshot", backref="package",
292 requests = db.relationship("EditRequest", backref="package",
295 def __init__(self, package=None):
299 self.author_id = package.author_id
300 self.created_at = package.created_at
301 self.approved = package.approved
303 for e in PackagePropertyKey:
304 setattr(self, e.name, getattr(package, e.name))
306 def getAsDictionary(self, base_url):
310 "author": self.author.display_name,
311 "shortDesc": self.shortDesc,
312 "type": self.type.toName(),
313 "license": self.license.name,
315 "url": base_url + self.getDownloadURL(),
316 "release": self.getDownloadRelease().id if self.getDownloadRelease() is not None else None,
317 "screenshots": [base_url + ss.url for ss in self.screenshots]
320 def getDetailsURL(self):
321 return url_for("package_page",
322 author=self.author.username, name=self.name)
324 def getEditURL(self):
325 return url_for("create_edit_package_page",
326 author=self.author.username, name=self.name)
328 def getApproveURL(self):
329 return url_for("approve_package_page",
330 author=self.author.username, name=self.name)
332 def getNewScreenshotURL(self):
333 return url_for("create_screenshot_page",
334 author=self.author.username, name=self.name)
336 def getCreateReleaseURL(self):
337 return url_for("create_release_page",
338 author=self.author.username, name=self.name)
340 def getCreateEditRequestURL(self):
341 return url_for("create_edit_editrequest_page",
342 author=self.author.username, name=self.name)
344 def getDownloadURL(self):
345 return url_for("package_download_page",
346 author=self.author.username, name=self.name)
348 def getMainScreenshotURL(self):
349 screenshot = self.screenshots.first()
350 return screenshot.url if screenshot is not None else None
352 def getDownloadRelease(self):
353 for rel in self.releases:
359 def canImportScreenshot(self):
360 if self.repo is None:
363 url = urlparse(self.repo)
364 if url.netloc == "github.com":
369 def canMakeReleaseFromVCS(self):
370 if self.repo is None:
373 url = urlparse(self.repo)
374 if url.netloc == "github.com":
379 def checkPerm(self, user, perm):
380 if not user.is_authenticated:
383 if type(perm) == str:
384 perm = Permission[perm]
385 elif type(perm) != Permission:
386 raise Exception("Unknown permission given to Package.checkPerm()")
388 isOwner = user == self.author
390 # Members can edit their own packages, and editors can edit any packages
391 if perm == Permission.MAKE_RELEASE:
392 return isOwner or user.rank.atLeast(UserRank.EDITOR)
394 if perm == Permission.EDIT_PACKAGE or perm == Permission.APPROVE_CHANGES:
395 return user.rank.atLeast(UserRank.MEMBER if isOwner else UserRank.EDITOR)
397 # Editors can change authors, approve new packages, and approve releases
398 elif perm == Permission.CHANGE_AUTHOR or perm == Permission.APPROVE_NEW \
399 or perm == Permission.APPROVE_RELEASE:
400 return user.rank.atLeast(UserRank.EDITOR)
402 # Moderators can delete packages
403 elif perm == Permission.DELETE_PACKAGE or perm == Permission.CHANGE_RELEASE_URL:
404 return user.rank.atLeast(UserRank.MODERATOR)
407 raise Exception("Permission {} is not related to packages".format(perm.name))
410 id = db.Column(db.Integer, primary_key=True)
411 name = db.Column(db.String(100), unique=True, nullable=False)
412 title = db.Column(db.String(100), nullable=False)
413 backgroundColor = db.Column(db.String(6), nullable=False)
414 textColor = db.Column(db.String(6), nullable=False)
416 def __init__(self, title, backgroundColor="000000", textColor="ffffff"):
418 self.backgroundColor = backgroundColor
419 self.textColor = textColor
422 regex = re.compile("[^a-z_]")
423 self.name = regex.sub("", self.title.lower().replace(" ", "_"))
425 class PackageRelease(db.Model):
426 id = db.Column(db.Integer, primary_key=True)
428 package_id = db.Column(db.Integer, db.ForeignKey("package.id"))
429 title = db.Column(db.String(100), nullable=False)
430 releaseDate = db.Column(db.DateTime, nullable=False)
431 url = db.Column(db.String(200), nullable=False)
432 approved = db.Column(db.Boolean, nullable=False, default=False)
433 task_id = db.Column(db.String(37), nullable=True)
436 def getEditURL(self):
437 return url_for("edit_release_page",
438 author=self.package.author.username,
439 name=self.package.name,
443 self.releaseDate = datetime.now()
445 class PackageScreenshot(db.Model):
446 id = db.Column(db.Integer, primary_key=True)
447 package_id = db.Column(db.Integer, db.ForeignKey("package.id"))
448 title = db.Column(db.String(100), nullable=False)
449 url = db.Column(db.String(100), nullable=False)
451 def getThumbnailURL(self):
452 return self.url # TODO
454 class EditRequest(db.Model):
455 id = db.Column(db.Integer, primary_key=True)
457 package_id = db.Column(db.Integer, db.ForeignKey("package.id"))
458 author_id = db.Column(db.Integer, db.ForeignKey("user.id"))
460 title = db.Column(db.String(100), nullable=False)
461 desc = db.Column(db.String(1000), nullable=True)
466 status = db.Column(db.Integer, nullable=False, default=0)
468 changes = db.relationship("EditRequestChange", backref="request",
472 return url_for("view_editrequest_page",
473 author=self.package.author.username,
474 name=self.package.name,
477 def getApproveURL(self):
478 return url_for("approve_editrequest_page",
479 author=self.package.author.username,
480 name=self.package.name,
483 def getRejectURL(self):
484 return url_for("reject_editrequest_page",
485 author=self.package.author.username,
486 name=self.package.name,
489 def getEditURL(self):
490 return url_for("create_edit_editrequest_page",
491 author=self.package.author.username,
492 name=self.package.name,
495 def applyAll(self, package):
496 for change in self.changes:
497 change.apply(package)
500 def checkPerm(self, user, perm):
501 if not user.is_authenticated:
504 if type(perm) == str:
505 perm = Permission[perm]
506 elif type(perm) != Permission:
507 raise Exception("Unknown permission given to EditRequest.checkPerm()")
509 isOwner = user == self.author
511 # Members can edit their own packages, and editors can edit any packages
512 if perm == Permission.EDIT_EDITREQUEST:
513 return isOwner or user.rank.atLeast(UserRank.EDITOR)
516 raise Exception("Permission {} is not related to packages".format(perm.name))
521 class EditRequestChange(db.Model):
522 id = db.Column(db.Integer, primary_key=True)
524 request_id = db.Column(db.Integer, db.ForeignKey("edit_request.id"))
525 key = db.Column(db.Enum(PackagePropertyKey), nullable=False)
527 # TODO: make diff instead
528 oldValue = db.Column(db.Text, nullable=True)
529 newValue = db.Column(db.Text, nullable=True)
531 def apply(self, package):
532 if self.key == PackagePropertyKey.tags:
534 for tagTitle in self.newValue.split(","):
535 tag = Tag.query.filter_by(title=tagTitle.strip()).first()
536 package.tags.append(tag)
538 elif self.key == PackagePropertyKey.harddeps:
539 package.harddeps.clear()
540 for pair in self.newValue.split(","):
541 key, value = pair.split("/")
542 if key is None or value is None:
545 user = User.query.filter_by(username=key).first()
549 dep = Package.query.filter_by(author=user, name=value).first()
553 package.harddeps.append(dep)
555 elif self.key == PackagePropertyKey.softdeps:
556 package.softdeps.clear()
557 for pair in self.newValue.split(","):
558 key, value = pair.split("/")
559 if key is None or value is None:
562 user = User.query.filter_by(username=key).first()
564 raise Exception("No such user!")
567 dep = Package.query.filter_by(author=user, name=value).first()
569 raise Exception("No such package!")
572 package.softdeps.append(dep)
575 setattr(package, self.key.name, self.newValue)
578 db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
579 user_manager = UserManager(db_adapter, app) # Initialize Flask-User