Redirect to right host when no avatar image is available

[ipfire.org.git] / src / web / people.py

#!/usr/bin/python

import datetime
import ldap
import logging
import tornado.web

from . import handlers_base as base
from . import ui_modules

class IndexHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self):
                self.render("people/index.html")


class AvatarHandler(base.BaseHandler):
        always_cache = True

        def get(self, uid):
                # Get the desired size of the avatar file
                size = self.get_argument("size", 0)

                try:
                        size = int(size)
                except (TypeError, ValueError):
                        size = None

                logging.debug("Querying for avatar of %s" % uid)

                # Fetch user account
                account = self.backend.accounts.get_by_uid(uid)
                if not account:
                        raise tornado.web.HTTPError(404, "Could not find account %s" % uid)

                # Allow downstream to cache this for 60 minutes
                self.set_expires(3600)

                # Resize avatar
                avatar = account.get_avatar(size)

                # If there is no avatar, we serve a default image
                if not avatar:
                        logging.debug("No avatar uploaded for %s" % account)

                        return self.redirect(self.static_url("img/default-avatar.jpg"))

                # Set headers about content
                self.set_header("Content-Disposition", "inline; filename=\"%s.jpg\"" % account.uid)
                self.set_header("Content-Type", "image/jpeg")

                # Deliver payload
                self.finish(avatar)


class CallsHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self, uid, date=None):
                account = self.backend.accounts.get_by_uid(uid)
                if not account:
                        raise tornado.web.HTTPError(404, "Could not find account %s" % uid)

                if date:
                        try:
                                date = datetime.datetime.strptime(date, "%Y-%m-%d").date()
                        except ValueError:
                                raise tornado.web.HTTPError(400, "Invalid date: %s" % date)
                else:
                        date = datetime.date.today()

                self.render("people/calls.html", account=account, date=date)


class RegistrationsHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self, uid):
                # Get own account
                if self.current_user.uid == uid:
                        account = self.current_user

                # Admins can access all other users, too
                elif self.current_user.is_admin():
                        account = self.backend.accounts.get_by_uid(uid)
                        if not account:
                                raise tornado.web.HTTPError(404, "Could not find account %s" % uid)

                # Otherwise, no access is permitted
                else:
                        raise tornado.web.HTTPError(403)

                self.render("people/registrations.html", account=account)


class SearchHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self):
                q = self.get_argument("q")

                # Perform the search
                accounts = self.backend.accounts.search(q)

                # Redirect when only one result was found
                if len(accounts) == 1:
                        self.redirect("/users/%s" % accounts[0].uid)
                        return

                self.render("people/search.html", q=q, accounts=accounts)


class UsersHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self):
                self.render("people/users.html")


class UserHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self, uid):
                account = self.backend.accounts.get_by_uid(uid)
                if not account:
                        raise tornado.web.HTTPError(404, "Could not find account %s" % uid)

                self.render("people/user.html", account=account)


class UserEditHandler(base.BaseHandler):
        @tornado.web.authenticated
        def get(self, uid):
                account = self.backend.accounts.get_by_uid(uid)
                if not account:
                        raise tornado.web.HTTPError(404, "Could not find account %s" % uid)

                # Check for permissions
                if not account.can_be_managed_by(self.current_user):
                        raise tornado.web.HTTPError(403, "%s cannot manage %s" % (self.current_user, account))

                self.render("people/user-edit.html", account=account)

        @tornado.web.authenticated
        def post(self, uid):
                account = self.backend.accounts.get_by_uid(uid)
                if not account:
                        raise tornado.web.HTTPError(404, "Could not find account %s" % uid)

                # Check for permissions
                if not account.can_be_managed_by(self.current_user):
                        raise tornado.web.HTTPError(403, "%s cannot manage %s" % (self.current_user, account))

                # Unfortunately this cannot be wrapped into a transaction
                try:
                        account.first_name = self.get_argument("first_name")
                        account.last_name  = self.get_argument("last_name")
                        account.address    = self.get_argument("address")

                        # Avatar
                        try:
                                filename, data, mimetype = self.get_file("avatar")

                                if not mimetype.startswith("image/"):
                                        raise tornado.web.HTTPError(400, "Avatar is not an image file: %s" % mimetype)

                                account.upload_avatar(data)
                        except ValueError:
                                pass

                        # Email
                        account.mail_routing_address = self.get_argument("mail_routing_address", None)

                        # Telephone
                        account.phone_numbers = self.get_argument("phone_numbers", "").splitlines()
                        account.sip_routing_address = self.get_argument("sip_routing_address", None)
                except ldap.STRONG_AUTH_REQUIRED as e:
                        raise tornado.web.HTTPError(403, "%s" % e) from e

                # Redirect back to user page
                self.redirect("/users/%s" % account.uid)


class AccountsListModule(ui_modules.UIModule):
        def render(self, accounts=None):
                if accounts is None:
                        accounts = self.backend.accounts

                return self.render_string("people/modules/accounts-list.html", accounts=accounts)


class CDRModule(ui_modules.UIModule):
        def render(self, account, date=None, limit=None):
                cdr = account.get_cdr(date=date, limit=limit)

                return self.render_string("people/modules/cdr.html", account=account, cdr=cdr)


class ChannelsModule(ui_modules.UIModule):
        def render(self, account):
                channels = self.backend.talk.freeswitch.get_sip_channels(account)

                return self.render_string("people/modules/channels.html", account=account, channels=channels)


class RegistrationsModule(ui_modules.UIModule):
        def render(self, account):
                return self.render_string("people/modules/registrations.html", account=account)