small update settings page+new package 'settings'

app/settings/__init__.py

@@ -0,0 +1,6 @@
+from flask import Blueprint
+
+
+bp = Blueprint('settings', __name__)
+from . import routes, json_routes
+

app/settings/forms.py

@@ -0,0 +1,139 @@
+from flask_wtf import FlaskForm
+from wtforms import (
+    BooleanField,
+    FileField,
+    PasswordField,
+    SelectField,
+    StringField,
+    SubmitField,
+    TextAreaField,
+    ValidationError
+)
+from wtforms.validators import (
+    DataRequired,
+    Email,
+    EqualTo,
+    Length,
+    Regexp
+)
+from app.models import User, UserSettingJobStatusMailNotificationLevel
+from app.auth import USERNAME_REGEX
+from app.wtf_validators import FileSizeLimit
+
+class EditProfileSettingsForm(FlaskForm):
+    email = StringField(
+        'E-Mail',
+        validators=[DataRequired(), Length(max=254), Email()]
+    )
+    username = StringField(
+        'Username',
+        validators=[
+            DataRequired(),
+            Length(max=64),
+            Regexp(
+                USERNAME_REGEX,
+                message=(
+                    'Usernames must have only letters, numbers, dots or '
+                    'underscores'
+                )
+            )
+        ]
+    )
+    submit = SubmitField()
+    
+    def __init__(self, user, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.user = user
+
+    def validate_email(self, field):
+        if (field.data != self.user.email
+                and User.query.filter_by(email=field.data).first()):
+            raise ValidationError('Email already registered')
+
+    def validate_username(self, field):
+        if (field.data != self.user.username
+                and User.query.filter_by(username=field.data).first()):
+            raise ValidationError('Username already in use')
+
+class EditPublicProfileInformationForm(FlaskForm):
+    show_email = BooleanField('Email')
+    show_last_seen = BooleanField('Last seen')
+    show_member_since = BooleanField('Member since')
+    avatar = FileField(
+        'Image File', 
+        [FileSizeLimit(max_size_in_mb=2)]
+    )
+    full_name = StringField(
+        'Full name',
+        validators=[Length(max=128)]
+    )
+    style={'style': 'overflow: auto;'}
+    about_me = TextAreaField(
+        'About me', 
+        validators=[
+            Length(max=254)
+        ],
+        render_kw=style
+    )
+    website = StringField(
+        'Website',
+        validators=[
+            Length(max=254)
+        ]
+    )
+    organization = StringField(
+        'Organization',
+        validators=[
+            Length(max=128)
+        ]
+    )
+    location = StringField(
+        'Location',
+        validators=[
+            Length(max=128)
+        ]
+    )
+
+    submit = SubmitField()
+
+    def validate_image_file(self, field):
+        if not field.data.filename.lower().endswith('.jpg' or '.png' or '.jpeg'):
+            raise ValidationError('only .jpg, .png and .jpeg!')
+
+class ChangePasswordForm(FlaskForm):
+    password = PasswordField('Old password', validators=[DataRequired()])
+    new_password = PasswordField(
+        'New password',
+        validators=[
+            DataRequired(),
+            EqualTo('new_password_2', message='Passwords must match')
+        ]
+    )
+    new_password_2 = PasswordField(
+        'New password confirmation',
+        validators=[
+            DataRequired(),
+            EqualTo('new_password', message='Passwords must match')
+        ]
+    )
+    submit = SubmitField()
+
+    def __init__(self, user, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.user = user
+
+    def validate_current_password(self, field):
+        if not self.user.verify_password(field.data):
+            raise ValidationError('Invalid password')
+
+
+class EditNotificationSettingsForm(FlaskForm):
+    job_status_mail_notification_level = SelectField(
+        'Job status mail notification level',
+        choices=[
+            (x.name, x.name.capitalize())
+            for x in UserSettingJobStatusMailNotificationLevel
+        ],
+        validators=[DataRequired()]
+    )
+    submit = SubmitField()

app/settings/json_routes.py

@@ -0,0 +1,73 @@
+from flask import abort, current_app, request
+from flask_login import current_user, login_required, logout_user
+from threading import Thread
+import os
+from app import db
+from app.decorators import content_negotiation
+from app.models import Avatar, User
+from . import bp
+
+@bp.route('/<hashid:user_id>', methods=['DELETE'])
+@login_required
+@content_negotiation(produces='application/json')
+def delete_user(user_id):
+    def _delete_user(app, user_id):
+        with app.app_context():
+            user = User.query.get(user_id)
+            user.delete()
+            db.session.commit()
+
+    user = User.query.get_or_404(user_id)
+    if not (user == current_user or current_user.is_administrator()):
+        abort(403)
+    thread = Thread(
+        target=_delete_user,
+        args=(current_app._get_current_object(), user_id)
+    )
+    if user == current_user:
+        logout_user()
+    thread.start()
+    response_data = {
+        'message': f'User "{user.username}" marked for deletion'
+    }
+    return response_data, 202
+
+@bp.route('/<hashid:user_id>/avatar', methods=['DELETE'])
+@content_negotiation(produces='application/json')
+def delete_profile_avatar(user_id):
+    def _delete_avatar(app, avatar_id):
+        with app.app_context():
+            avatar = Avatar.query.get(avatar_id)
+            avatar.delete()
+            db.session.commit()
+    user = User.query.get_or_404(user_id)
+    if user.avatar is None:
+        abort(404)
+    thread = Thread(
+        target=_delete_avatar,
+        args=(current_app._get_current_object(), user.avatar.id)
+    )
+    thread.start()
+    response_data = {
+        'message': f'Avatar marked for deletion'
+    }
+    return response_data, 202
+
+@bp.route('/<hashid:user_id>/is_public', methods=['PUT'])
+@login_required
+@content_negotiation(consumes='application/json', produces='application/json')
+def update_user_is_public(user_id):
+    is_public = request.json
+    if not isinstance(is_public, bool):
+        abort(400)
+    user = User.query.get_or_404(user_id)
+    user.is_public = is_public
+    db.session.commit()
+    response_data = {
+        'message': (
+            f'User "{user.username}" is now'
+            f' {"public" if is_public else "private"}'
+        ),
+        'category': 'corpus'
+    }
+    return response_data, 200

app/settings/routes.py

@@ -0,0 +1,108 @@
+from flask import (
+    abort,
+    flash, 
+    redirect, 
+    render_template,
+    url_for
+)
+from flask_breadcrumbs import register_breadcrumb
+from flask_login import current_user, login_required
+import os
+from app import db
+from app.models import Avatar, Corpus, ProfilePrivacySettings, User
+from . import bp
+from .forms import (
+  ChangePasswordForm,
+  EditNotificationSettingsForm,
+  EditProfileSettingsForm,
+  EditPublicProfileInformationForm
+)
+from .utils import user_endpoint_arguments_constructor as user_eac
+
+
+@bp.route('/<hashid:user_id>/edit', methods=['GET', 'POST'])
+@register_breadcrumb(bp, 'breadcrumbs.settings', '<i class="material-icons left">settings</i>Settings', endpoint_arguments_constructor=user_eac)
+@login_required
+def edit_profile(user_id):
+    user = User.query.get_or_404(user_id)
+    if not (user == current_user or current_user.is_administrator()):
+        abort(403)
+    # region forms
+    edit_profile_settings_form = EditProfileSettingsForm(
+        current_user,
+        data=current_user.to_json_serializeable(),
+        prefix='edit-profile-settings-form'
+    )
+    edit_public_profile_information_form = EditPublicProfileInformationForm(
+        data=current_user.to_json_serializeable(),
+        prefix='edit-public-profile-information-form'
+    )
+    change_password_form = ChangePasswordForm(
+        current_user,
+        prefix='change-password-form'
+    )
+    edit_notification_settings_form = EditNotificationSettingsForm(
+        data=current_user.to_json_serializeable(),
+        prefix='edit-notification-settings-form'
+    )
+    # endregion forms
+    # region handle edit profile settings form
+    if edit_profile_settings_form.validate_on_submit():
+        current_user.email = edit_profile_settings_form.email.data
+        current_user.username = edit_profile_settings_form.username.data
+        db.session.commit()
+        flash('Profile settings updated')
+        return redirect(url_for('users.user', user_id=user.id))
+    # endregion handle edit profile settings forms
+    # region handle edit public profile information form
+    if edit_public_profile_information_form.submit.data and edit_public_profile_information_form.validate():
+        print(edit_public_profile_information_form.show_email.data)
+        if edit_public_profile_information_form.show_email.data:
+            current_user.add_profile_privacy_setting(ProfilePrivacySettings.SHOW_EMAIL)
+        else:
+            current_user.remove_profile_privacy_setting(ProfilePrivacySettings.SHOW_EMAIL)
+        if edit_public_profile_information_form.show_last_seen.data:
+            current_user.add_profile_privacy_setting(ProfilePrivacySettings.SHOW_LAST_SEEN)
+        else:
+            current_user.remove_profile_privacy_setting(ProfilePrivacySettings.SHOW_LAST_SEEN)
+        if edit_public_profile_information_form.show_member_since.data:
+            current_user.add_profile_privacy_setting(ProfilePrivacySettings.SHOW_MEMBER_SINCE)
+        else:
+            current_user.remove_profile_privacy_setting(ProfilePrivacySettings.SHOW_MEMBER_SINCE)
+        if edit_public_profile_information_form.avatar.data:
+            try:
+                Avatar.create(edit_public_profile_information_form.avatar.data, user=current_user)
+            except (AttributeError, OSError):
+                abort(500)
+        current_user.about_me = edit_public_profile_information_form.about_me.data
+        current_user.location = edit_public_profile_information_form.location.data
+        current_user.organization = edit_public_profile_information_form.organization.data
+        current_user.website = edit_public_profile_information_form.website.data
+        current_user.full_name = edit_public_profile_information_form.full_name.data
+        db.session.commit()
+        flash('Profile settings updated')
+        return redirect(url_for('users.user', user_id=user.id))
+    # endregion handle edit public profile information form
+    # region handle change_password_form POST
+    if change_password_form.submit.data and change_password_form.validate():
+        current_user.password = change_password_form.new_password.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.edit_profile', user_id=user.id))
+    # endregion handle change_password_form POST
+    # region handle edit_notification_settings_form POST
+    if edit_notification_settings_form.submit and edit_notification_settings_form.validate():
+        current_user.setting_job_status_mail_notification_level = edit_notification_settings_form.job_status_mail_notification_level.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.edit_profile', user_id=user.id))
+    # endregion handle edit_notification_settings_form POST
+    return render_template(
+        'settings/edit_profile.html.j2',
+        edit_profile_settings_form=edit_profile_settings_form,
+        edit_public_profile_information_form=edit_public_profile_information_form,
+        change_password_form=change_password_form,
+        edit_notification_settings_form=edit_notification_settings_form,
+        user=user,
+        title='Settings'
+    )

app/settings/utils.py

@@ -0,0 +1,6 @@
+from flask import request, url_for
+from app.models import User
+
+
+def user_endpoint_arguments_constructor():
+    return {'user_id': request.view_args['user_id']}