contentdb/app/blueprints/admin/admin.py

207 lines
7.0 KiB
Python
Raw Normal View History

2020-07-12 17:34:25 +02:00
# ContentDB
2021-01-30 17:59:42 +01:00
# Copyright (C) 2018-21 rubenwardy
2018-05-17 16:18:20 +02:00
#
# This program is free software: you can redistribute it and/or modify
2021-01-30 17:59:42 +01:00
# it under the terms of the GNU Affero General Public License as published by
2018-05-17 16:18:20 +02:00
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2021-01-30 17:59:42 +01:00
# GNU Affero General Public License for more details.
2018-05-17 16:18:20 +02:00
#
2021-01-30 17:59:42 +01:00
# You should have received a copy of the GNU Affero General Public License
2018-05-17 16:18:20 +02:00
# along with this program. If not, see <https://www.gnu.org/licenses/>.
2022-01-26 20:12:42 +01:00
from flask import redirect, render_template, url_for, request, flash
2020-12-09 21:38:36 +01:00
from flask_login import current_user, login_user
2018-05-13 16:28:27 +02:00
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField, BooleanField
2023-07-29 22:34:23 +02:00
from wtforms.validators import InputRequired, Length, Optional
from app.utils import rank_required, add_audit_log, add_notification, get_system_user, nonempty_or_none, \
get_int_or_abort
2020-12-04 03:23:04 +01:00
from . import bp
2021-07-30 20:42:11 +02:00
from .actions import actions
2023-07-29 22:34:23 +02:00
from app.models import UserRank, Package, db, PackageState, User, AuditSeverity, NotificationType, PackageAlias
from ...querybuilder import QueryBuilder
2020-12-04 03:23:04 +01:00
2018-05-13 16:28:27 +02:00
@bp.route("/admin/", methods=["GET", "POST"])
@rank_required(UserRank.EDITOR)
2018-05-13 16:28:27 +02:00
def admin_page():
if request.method == "POST" and current_user.rank.at_least(UserRank.ADMIN):
action = request.form["action"]
2023-05-12 02:06:09 +02:00
if action in actions:
2021-07-30 20:42:11 +02:00
ret = actions[action]["func"]()
if ret:
return ret
else:
2020-01-24 19:15:09 +01:00
flash("Unknown action: " + action, "danger")
return render_template("admin/list.html", actions=actions)
2018-05-13 16:28:27 +02:00
2022-01-26 20:12:42 +01:00
2018-05-13 16:28:27 +02:00
class SwitchUserForm(FlaskForm):
username = StringField("Username")
submit = SubmitField("Switch")
@bp.route("/admin/switchuser/", methods=["GET", "POST"])
2018-05-13 16:28:27 +02:00
@rank_required(UserRank.ADMIN)
def switch_user():
2018-05-13 16:28:27 +02:00
form = SwitchUserForm(formdata=request.form)
2020-12-05 00:07:19 +01:00
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
2018-05-13 16:28:27 +02:00
if user is None:
2020-01-24 19:15:09 +01:00
flash("Unable to find user", "danger")
2020-12-09 21:38:36 +01:00
elif login_user(user):
return redirect(url_for("users.profile", username=current_user.username))
2018-05-13 16:28:27 +02:00
else:
2020-01-24 19:15:09 +01:00
flash("Unable to login as user", "danger")
2018-05-13 16:28:27 +02:00
# Process GET or invalid POST
return render_template("admin/switch_user.html", form=form)
2020-12-05 22:41:53 +01:00
class SendNotificationForm(FlaskForm):
2022-01-26 20:12:42 +01:00
title = StringField("Title", [InputRequired(), Length(1, 300)])
url = StringField("URL", [InputRequired(), Length(1, 100)], default="/")
2020-12-05 22:41:53 +01:00
submit = SubmitField("Send")
@bp.route("/admin/send-notification/", methods=["GET", "POST"])
@rank_required(UserRank.ADMIN)
def send_bulk_notification():
form = SendNotificationForm(request.form)
if form.validate_on_submit():
2023-06-19 22:27:49 +02:00
add_audit_log(AuditSeverity.MODERATION, current_user,
2022-01-26 20:12:42 +01:00
"Sent bulk notification", url_for("admin.admin_page"), None, form.title.data)
2020-12-05 22:41:53 +01:00
users = User.query.filter(User.rank >= UserRank.NEW_MEMBER).all()
2023-06-19 22:27:49 +02:00
add_notification(users, get_system_user(), NotificationType.OTHER, form.title.data, form.url.data, None)
2020-12-05 22:41:53 +01:00
db.session.commit()
return redirect(url_for("admin.admin_page"))
return render_template("admin/send_bulk_notification.html", form=form)
2021-12-21 00:52:51 +01:00
@bp.route("/admin/restore/", methods=["GET", "POST"])
@rank_required(UserRank.EDITOR)
def restore():
if request.method == "POST":
target = request.form["submit"]
if "Review" in target:
target = PackageState.READY_FOR_REVIEW
elif "Changes" in target:
target = PackageState.CHANGES_NEEDED
else:
target = PackageState.WIP
package = Package.query.get(request.form["package"])
if package is None:
flash("Unknown package", "danger")
else:
package.state = target
2023-06-19 22:27:49 +02:00
add_audit_log(AuditSeverity.EDITOR, current_user, f"Restored package to state {target.value}",
package.get_url("packages.view"), package)
2021-12-21 00:52:51 +01:00
db.session.commit()
return redirect(package.get_url("packages.view"))
2021-12-21 00:52:51 +01:00
2022-01-26 20:12:42 +01:00
deleted_packages = Package.query \
.filter(Package.state == PackageState.DELETED) \
.join(Package.author) \
.order_by(db.asc(User.username), db.asc(Package.name)) \
.all()
return render_template("admin/restore.html", deleted_packages=deleted_packages)
2023-07-29 22:34:23 +02:00
class TransferPackageForm(FlaskForm):
old_username = StringField("Old Username", [InputRequired()])
new_username = StringField("New Username", [InputRequired()])
package = StringField("Package", [Optional()])
remove_maintainer = BooleanField("Remove current owner from maintainers")
2023-07-29 22:34:23 +02:00
submit = SubmitField("Transfer")
def perform_transfer(form: TransferPackageForm):
query = Package.query.filter(Package.author.has(username=form.old_username.data))
if nonempty_or_none(form.package.data):
query = query.filter_by(name=form.package.data)
packages = query.all()
if len(packages) == 0:
flash("Unable to find package(s)", "danger")
return
new_user = User.query.filter_by(username=form.new_username.data).first()
if new_user is None:
flash("Unable to find new user", "danger")
return
names = [x.name for x in packages]
already_existing = Package.query.filter(Package.author_id == new_user.id, Package.name.in_(names)).all()
if len(already_existing) > 0:
existing_names = [x.name for x in already_existing]
flash("Unable to transfer packages as names exist at destination: " + ", ".join(existing_names), "danger")
return
2023-07-29 22:34:23 +02:00
for package in packages:
if form.remove_maintainer.data:
package.maintainers.remove(package.author)
2023-07-29 22:34:23 +02:00
package.author = new_user
package.maintainers.append(new_user)
package.aliases.append(PackageAlias(form.old_username.data, package.name))
add_audit_log(AuditSeverity.MODERATION, current_user,
f"Transferred {form.old_username.data}/{package.name} to {form.new_username.data}",
package.get_url("packages.view"), package)
db.session.commit()
flash("Transferred " + ", ".join([x.name for x in packages]), "success")
return redirect(url_for("admin.transfer"))
@bp.route("/admin/transfer/", methods=["GET", "POST"])
@rank_required(UserRank.MODERATOR)
def transfer():
form = TransferPackageForm(formdata=request.form)
if form.validate_on_submit():
ret = perform_transfer(form)
if ret is not None:
return ret
# Process GET or invalid POST
return render_template("admin/transfer.html", form=form)
@bp.route("/admin/storage/")
@rank_required(UserRank.EDITOR)
def storage():
qb = QueryBuilder(request.args, cookies=True)
qb.only_approved = False
packages = qb.build_package_query().all()
show_all = len(packages) < 100
min_size = get_int_or_abort(request.args.get("min_size"), 0 if show_all else 50)
data = []
for package in packages:
size_releases = sum([x.file_size_bytes for x in package.releases])
size_screenshots = sum([x.file_size_bytes for x in package.screenshots])
latest_release = package.releases.first()
size_latest = latest_release.file_size_bytes if latest_release else 0
size_total = size_releases + size_screenshots
2024-01-18 19:14:02 +01:00
if size_total > min_size*1024*1024:
data.append([package, size_total, size_releases, size_screenshots, size_latest])
data.sort(key=lambda x: x[1], reverse=True)
return render_template("admin/storage.html", data=data)