bookwyrm-mastodon/bookwyrm/views/helpers.py

""" helper functions used in various views """
import re
from requests import HTTPError
from django.core.exceptions import FieldError
from django.db.models import Q
from django.http import Http404

from bookwyrm import activitypub, models
from bookwyrm.connectors import ConnectorException, get_data
from bookwyrm.status import create_generated_note
from bookwyrm.utils import regex


def get_user_from_username(viewer, username):
    """helper function to resolve a localname or a username to a user"""
    if viewer.is_authenticated and viewer.localname == username:
        # that's yourself, fool
        return viewer

    # raises 404 if the user isn't found
    try:
        return models.User.viewer_aware_objects(viewer).get(localname=username)
    except models.User.DoesNotExist:
        pass

    # if the localname didn't match, try the username
    try:
        return models.User.viewer_aware_objects(viewer).get(username=username)
    except models.User.DoesNotExist:
        raise Http404()


def is_api_request(request):
    """check whether a request is asking for html or data"""
    return "json" in request.headers.get("Accept", "") or request.path[-5:] == ".json"


def is_bookwyrm_request(request):
    """check if the request is coming from another bookwyrm instance"""
    user_agent = request.headers.get("User-Agent")
    if user_agent is None or re.search(regex.BOOKWYRM_USER_AGENT, user_agent) is None:
        return False
    return True


def privacy_filter(viewer, queryset, privacy_levels=None, following_only=False):
    """filter objects that have "user" and "privacy" fields"""
    privacy_levels = privacy_levels or ["public", "unlisted", "followers", "direct"]
    # if there'd a deleted field, exclude deleted items
    try:
        queryset = queryset.filter(deleted=False)
    except FieldError:
        pass

    # exclude blocks from both directions
    if not viewer.is_anonymous:
        blocked = models.User.objects.filter(id__in=viewer.blocks.all()).all()
        queryset = queryset.exclude(Q(user__in=blocked) | Q(user__blocks=viewer))

    # you can't see followers only or direct messages if you're not logged in
    if viewer.is_anonymous:
        privacy_levels = [p for p in privacy_levels if not p in ["followers", "direct"]]

    # filter to only privided privacy levels
    queryset = queryset.filter(privacy__in=privacy_levels)

    # only include statuses the user follows
    if following_only:
        queryset = queryset.exclude(
            ~Q(  # remove everythign except
                Q(user__in=viewer.following.all())
                | Q(user=viewer)  # user following
                | Q(mention_users=viewer)  # is self  # mentions user
            ),
        )
    # exclude followers-only statuses the user doesn't follow
    elif "followers" in privacy_levels:
        queryset = queryset.exclude(
            ~Q(  # user isn't following and it isn't their own status
                Q(user__in=viewer.following.all()) | Q(user=viewer)
            ),
            privacy="followers",  # and the status is followers only
        )

    # exclude direct messages not intended for the user
    if "direct" in privacy_levels:
        try:
            queryset = queryset.exclude(
                ~Q(Q(user=viewer) | Q(mention_users=viewer)), privacy="direct"
            )
        except FieldError:
            queryset = queryset.exclude(~Q(user=viewer), privacy="direct")

    return queryset


def handle_remote_webfinger(query):
    """webfingerin' other servers"""
    user = None

    # usernames could be @user@domain or user@domain
    if not query:
        return None

    if query[0] == "@":
        query = query[1:]

    try:
        domain = query.split("@")[1]
    except IndexError:
        return None

    try:
        user = models.User.objects.get(username__iexact=query)
    except models.User.DoesNotExist:
        url = "https://%s/.well-known/webfinger?resource=acct:%s" % (domain, query)
        try:
            data = get_data(url)
        except (ConnectorException, HTTPError):
            return None

        for link in data.get("links"):
            if link.get("rel") == "self":
                try:
                    user = activitypub.resolve_remote_id(
                        link["href"], model=models.User
                    )
                except (KeyError, activitypub.ActivitySerializerError):
                    return None
    return user


def get_edition(book_id):
    """look up a book in the db and return an edition"""
    book = models.Book.objects.select_subclasses().get(id=book_id)
    if isinstance(book, models.Work):
        book = book.default_edition
    return book


def handle_reading_status(user, shelf, book, privacy):
    """post about a user reading a book"""
    # tell the world about this cool thing that happened
    try:
        message = {
            "to-read": "wants to read",
            "reading": "started reading",
            "read": "finished reading",
        }[shelf.identifier]
    except KeyError:
        # it's a non-standard shelf, don't worry about it
        return

    status = create_generated_note(user, message, mention_books=[book], privacy=privacy)
    status.save()


def is_blocked(viewer, user):
    """is this viewer blocked by the user?"""
    if viewer.is_authenticated and viewer in user.blocks.all():
        return True
    return False


def get_landing_books():
    """list of books for the landing page"""

    return list(
        set(
            models.Edition.objects.filter(
                review__published_date__isnull=False,
                review__deleted=False,
                review__user__local=True,
                review__privacy__in=["public", "unlisted"],
            )
            .exclude(cover__exact="")
            .distinct()
            .order_by("-review__published_date")[:6]
        )
    )
Runs black 2021-03-08 11:49:10 -05:00			`""" helper functions used in various views """`
tests status class view 2021-01-12 17:43:59 -05:00			`import re`
			`from requests import HTTPError`
Show dms in the right places 2021-02-24 14:59:21 -05:00			`from django.core.exceptions import FieldError`
Simplifies query for landing page books 2021-08-07 20:12:09 -04:00			`from django.db.models import Q`
Refactor get_user_from_username to raise 404 directly 2021-04-30 12:33:36 -04:00			`from django.http import Http404`
tests status class view 2021-01-12 17:43:59 -05:00
			`from bookwyrm import activitypub, models`
			`from bookwyrm.connectors import ConnectorException, get_data`
Adds shelf views 2021-01-13 14:45:08 -05:00			`from bookwyrm.status import create_generated_note`
tests status class view 2021-01-12 17:43:59 -05:00			`from bookwyrm.utils import regex`

Creates landing page views 2021-01-12 13:44:17 -05:00
Better user block privacy 2021-02-23 15:41:37 -05:00			`def get_user_from_username(viewer, username):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""helper function to resolve a localname or a username to a user"""`
Fixes username helper 2021-05-23 00:33:56 -04:00			`if viewer.is_authenticated and viewer.localname == username:`
Improves shelf page query efficiency a little 2021-05-22 22:54:50 -04:00			`# that's yourself, fool`
			`return viewer`

Refactor get_user_from_username to raise 404 directly 2021-04-30 12:33:36 -04:00			`# raises 404 if the user isn't found`
Moves user views to class view 2021-01-12 15:05:30 -05:00			`try:`
Typo fix 2021-02-23 16:05:43 -05:00			`return models.User.viewer_aware_objects(viewer).get(localname=username)`
Moves user views to class view 2021-01-12 15:05:30 -05:00			`except models.User.DoesNotExist:`
Refactor get_user_from_username to raise 404 directly 2021-04-30 12:33:36 -04:00			`pass`

			`# if the localname didn't match, try the username`
			`try:`
Better user block privacy 2021-02-23 15:41:37 -05:00			`return models.User.viewer_aware_objects(viewer).get(username=username)`
Refactor get_user_from_username to raise 404 directly 2021-04-30 12:33:36 -04:00			`except models.User.DoesNotExist:`
			`raise Http404()`
Moves user views to class view 2021-01-12 15:05:30 -05:00

			`def is_api_request(request):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""check whether a request is asking for html or data"""`
Avoid error when request Accept header is not set 2021-03-29 17:05:58 -04:00			`return "json" in request.headers.get("Accept", "") or request.path[-5:] == ".json"`
Moves user views to class view 2021-01-12 15:05:30 -05:00

Outbox sensitive to user agent strings 2021-02-23 14:34:15 -05:00			`def is_bookwyrm_request(request):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""check if the request is coming from another bookwyrm instance"""`
Runs black 2021-03-08 11:49:10 -05:00			`user_agent = request.headers.get("User-Agent")`
Updates code for linter 2021-06-18 17:12:56 -04:00			`if user_agent is None or re.search(regex.BOOKWYRM_USER_AGENT, user_agent) is None:`
Adds status views 2021-01-12 16:47:00 -05:00			`return False`
			`return True`


Improves privacy-related display 2021-02-24 14:35:19 -05:00			`def privacy_filter(viewer, queryset, privacy_levels=None, following_only=False):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""filter objects that have "user" and "privacy" fields"""`
Runs black 2021-03-08 11:49:10 -05:00			`privacy_levels = privacy_levels or ["public", "unlisted", "followers", "direct"]`
Removes get activity feed function 2021-03-22 22:17:46 -04:00			`# if there'd a deleted field, exclude deleted items`
			`try:`
			`queryset = queryset.filter(deleted=False)`
			`except FieldError:`
			`pass`
Improves privacy-related display 2021-02-24 14:35:19 -05:00
hide blocked content from feed 2021-01-24 19:13:26 -05:00			`# exclude blocks from both directions`
handles list privacy in display 2021-01-31 11:41:11 -05:00			`if not viewer.is_anonymous:`
			`blocked = models.User.objects.filter(id__in=viewer.blocks.all()).all()`
Runs black 2021-03-08 11:49:10 -05:00			`queryset = queryset.exclude(Q(user__in=blocked) \| Q(user__blocks=viewer))`
hide blocked content from feed 2021-01-24 19:13:26 -05:00
Creates landing page views 2021-01-12 13:44:17 -05:00			`# you can't see followers only or direct messages if you're not logged in`
handles list privacy in display 2021-01-31 11:41:11 -05:00			`if viewer.is_anonymous:`
Runs black 2021-03-08 11:49:10 -05:00			`privacy_levels = [p for p in privacy_levels if not p in ["followers", "direct"]]`
Creates landing page views 2021-01-12 13:44:17 -05:00
			`# filter to only privided privacy levels`
handles list privacy in display 2021-01-31 11:41:11 -05:00			`queryset = queryset.filter(privacy__in=privacy_levels)`
Creates landing page views 2021-01-12 13:44:17 -05:00
			`# only include statuses the user follows`
			`if following_only:`
			`queryset = queryset.exclude(`
Runs black 2021-03-08 11:49:10 -05:00			`~Q( # remove everythign except`
			`Q(user__in=viewer.following.all())`
			`\| Q(user=viewer) # user following`
			`\| Q(mention_users=viewer) # is self # mentions user`
Creates landing page views 2021-01-12 13:44:17 -05:00			`),`
			`)`
			`# exclude followers-only statuses the user doesn't follow`
Runs black 2021-03-08 11:49:10 -05:00			`elif "followers" in privacy_levels:`
Creates landing page views 2021-01-12 13:44:17 -05:00			`queryset = queryset.exclude(`
Runs black 2021-03-08 11:49:10 -05:00			`~Q( # user isn't following and it isn't their own status`
handles list privacy in display 2021-01-31 11:41:11 -05:00			`Q(user__in=viewer.following.all()) \| Q(user=viewer)`
Creates landing page views 2021-01-12 13:44:17 -05:00			`),`
Runs black 2021-03-08 11:49:10 -05:00			`privacy="followers", # and the status is followers only`
Creates landing page views 2021-01-12 13:44:17 -05:00			`)`

			`# exclude direct messages not intended for the user`
Runs black 2021-03-08 11:49:10 -05:00			`if "direct" in privacy_levels:`
Show dms in the right places 2021-02-24 14:59:21 -05:00			`try:`
			`queryset = queryset.exclude(`
Runs black 2021-03-08 11:49:10 -05:00			`~Q(Q(user=viewer) \| Q(mention_users=viewer)), privacy="direct"`
Show dms in the right places 2021-02-24 14:59:21 -05:00			`)`
			`except FieldError:`
Runs black 2021-03-08 11:49:10 -05:00			`queryset = queryset.exclude(~Q(user=viewer), privacy="direct")`
Show dms in the right places 2021-02-24 14:59:21 -05:00
handles list privacy in display 2021-01-31 11:41:11 -05:00			`return queryset`


Adds status views 2021-01-12 16:47:00 -05:00			`def handle_remote_webfinger(query):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""webfingerin' other servers"""`
Adds status views 2021-01-12 16:47:00 -05:00			`user = None`

			`# usernames could be @user@domain or user@domain`
			`if not query:`
			`return None`

Runs black 2021-03-08 11:49:10 -05:00			`if query[0] == "@":`
Adds status views 2021-01-12 16:47:00 -05:00			`query = query[1:]`

			`try:`
Runs black 2021-03-08 11:49:10 -05:00			`domain = query.split("@")[1]`
Adds status views 2021-01-12 16:47:00 -05:00			`except IndexError:`
			`return None`

			`try:`
Case insensitive remote user search 2021-04-08 12:59:21 -04:00			`user = models.User.objects.get(username__iexact=query)`
Adds status views 2021-01-12 16:47:00 -05:00			`except models.User.DoesNotExist:`
Runs black 2021-03-08 11:49:10 -05:00			`url = "https://%s/.well-known/webfinger?resource=acct:%s" % (domain, query)`
Adds status views 2021-01-12 16:47:00 -05:00			`try:`
			`data = get_data(url)`
			`except (ConnectorException, HTTPError):`
			`return None`

Runs black 2021-03-08 11:49:10 -05:00			`for link in data.get("links"):`
			`if link.get("rel") == "self":`
Adds status views 2021-01-12 16:47:00 -05:00			`try:`
			`user = activitypub.resolve_remote_id(`
Runs black 2021-03-08 11:49:10 -05:00			`link["href"], model=models.User`
Adds status views 2021-01-12 16:47:00 -05:00			`)`
Gracefully handle errors in webfinger during search 2021-04-07 12:17:04 -04:00			`except (KeyError, activitypub.ActivitySerializerError):`
Adds status views 2021-01-12 16:47:00 -05:00			`return None`
			`return user`
Adds book class view and re-works pagination 2021-01-13 12:42:54 -05:00

			`def get_edition(book_id):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""look up a book in the db and return an edition"""`
Adds book class view and re-works pagination 2021-01-13 12:42:54 -05:00			`book = models.Book.objects.select_subclasses().get(id=book_id)`
			`if isinstance(book, models.Work):`
Don't store default edition in the dataase 2021-04-28 18:19:24 -04:00			`book = book.default_edition`
Adds book class view and re-works pagination 2021-01-13 12:42:54 -05:00			`return book`


Adds shelf views 2021-01-13 14:45:08 -05:00			`def handle_reading_status(user, shelf, book, privacy):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""post about a user reading a book"""`
Adds shelf views 2021-01-13 14:45:08 -05:00			`# tell the world about this cool thing that happened`
			`try:`
			`message = {`
Runs black 2021-03-08 11:49:10 -05:00			`"to-read": "wants to read",`
			`"reading": "started reading",`
			`"read": "finished reading",`
Adds shelf views 2021-01-13 14:45:08 -05:00			`}[shelf.identifier]`
			`except KeyError:`
			`# it's a non-standard shelf, don't worry about it`
			`return`

Runs black 2021-03-08 11:49:10 -05:00			`status = create_generated_note(user, message, mention_books=[book], privacy=privacy)`
Adds shelf views 2021-01-13 14:45:08 -05:00			`status.save()`

Hide user pages to blocked users 2021-01-26 11:31:55 -05:00
			`def is_blocked(viewer, user):`
New version of black, new whitespace 2021-04-26 12:15:42 -04:00			`"""is this viewer blocked by the user?"""`
Hide user pages to blocked users 2021-01-26 11:31:55 -05:00			`if viewer.is_authenticated and viewer in user.blocks.all():`
			`return True`
			`return False`
Request invite flow 2021-03-20 22:14:41 -04:00

Renames "discover" 2021-08-07 14:15:02 -04:00			`def get_landing_books():`
			`"""list of books for the landing page"""`
Cleans up landing page, since we're here 2021-08-07 19:37:51 -04:00
Simplifies query for landing page books 2021-08-07 20:12:09 -04:00			`return list(`
			`set(`
			`models.Edition.objects.filter(`
			`review__published_date__isnull=False,`
			`review__deleted=False,`
			`review__user__local=True,`
			`review__privacy__in=["public", "unlisted"],`
			`)`
			`.exclude(cover__exact="")`
			`.distinct()`
			`.order_by("-review__published_date")[:6]`
Request invite flow 2021-03-20 22:14:41 -04:00			`)`
Fixes python formatting 2021-05-22 12:55:38 -04:00			`)`