Update settings

2025-06-15 18:40:40 +00:00 · 2024-12-16 10:07:21 +01:00
parent 9a805b9d14
commit cda28910f5
21 changed files with 476 additions and 446 deletions
--- a/app/blueprints/settings/init.py
+++ b/app/blueprints/settings/init.py
@ -1,18 +1,7 @@
 from flask import Blueprint
-from flask_login import login_required


 bp = Blueprint('settings', __name__)


-@bp.before_request
-@login_required
-def before_request():
-    '''
-    Ensures that the routes in this package can only be visited by users that
-    are logged in.
-    '''
-    pass
-
-
 from . import routes
--- a/app/blueprints/settings/forms.py
+++ b/app/blueprints/settings/forms.py
@ -0,0 +1,160 @@
+from flask_wtf import FlaskForm
+from flask_wtf.file import FileField, FileRequired, FileSize
+from wtforms import (
+    PasswordField,
+    SelectField,
+    StringField,
+    SubmitField,
+    TextAreaField,
+    ValidationError
+)
+from wtforms.validators import (
+    DataRequired,
+    Email,
+    EqualTo,
+    Length,
+    Regexp
+)
+from app.models import User, UserSettingJobStatusMailNotificationLevel
+
+
+class UpdateAccountInformationForm(FlaskForm):
+    email = StringField(
+        'E-Mail',
+        validators=[DataRequired(), Length(max=254), Email()]
+    )
+    username = StringField(
+        'Username',
+        validators=[
+            DataRequired(),
+            Length(max=64),
+            Regexp(
+                User.username_pattern,
+                message=(
+                    'Usernames must have only letters, numbers, dots or '
+                    'underscores'
+                )
+            )
+        ]
+    )
+    submit = SubmitField()
+
+    def __init__(self, user: User, *args, **kwargs):
+        if 'data' not in kwargs:
+            kwargs['data'] = user.to_json_serializeable()
+        if 'prefix' not in kwargs:
+            kwargs['prefix'] = 'update-account-information-form'
+        super().__init__(*args, **kwargs)
+        self.user = user
+
+    def validate_email(self, field):
+        if (field.data != self.user.email
+                and User.query.filter_by(email=field.data).first()):
+            raise ValidationError('Email already registered')
+
+    def validate_username(self, field):
+        if (field.data != self.user.username
+                and User.query.filter_by(username=field.data).first()):
+            raise ValidationError('Username already in use')
+
+
+class UpdateProfileInformationForm(FlaskForm):
+    full_name = StringField(
+        'Full name',
+        validators=[Length(max=128)]
+    )
+    about_me = TextAreaField(
+        'About me',
+        validators=[
+            Length(max=254)
+        ]
+    )
+    website = StringField(
+        'Website',
+        validators=[
+            Length(max=254)
+        ]
+    )
+    organization = StringField(
+        'Organization',
+        validators=[
+            Length(max=128)
+        ]
+    )
+    location = StringField(
+        'Location',
+        validators=[
+            Length(max=128)
+        ]
+    )
+    submit = SubmitField()
+
+    def __init__(self, user: User, *args, **kwargs):
+        if 'data' not in kwargs:
+            kwargs['data'] = user.to_json_serializeable()
+        if 'prefix' not in kwargs:
+            kwargs['prefix'] = 'update-profile-information-form'
+        super().__init__(*args, **kwargs)
+
+
+class UpdateAvatarForm(FlaskForm):
+    avatar = FileField('File', validators=[FileRequired(), FileSize(2_000_000)])
+    submit = SubmitField()
+
+    def validate_avatar(self, field):
+        valid_mimetypes = ['image/jpeg', 'image/png']
+        if field.data.mimetype not in valid_mimetypes:
+            raise ValidationError('JPEG and PNG files only!')
+
+    def __init__(self, *args, **kwargs):
+        if 'prefix' not in kwargs:
+            kwargs['prefix'] = 'update-avatar-form'
+        super().__init__(*args, **kwargs)
+
+
+class UpdatePasswordForm(FlaskForm):
+    password = PasswordField('Old password', validators=[DataRequired()])
+    new_password = PasswordField(
+        'New password',
+        validators=[
+            DataRequired(),
+            EqualTo('new_password_2', message='Passwords must match')
+        ]
+    )
+    new_password_2 = PasswordField(
+        'New password confirmation',
+        validators=[
+            DataRequired(),
+            EqualTo('new_password', message='Passwords must match')
+        ]
+    )
+    submit = SubmitField()
+
+    def __init__(self, user: User, *args, **kwargs):
+        if 'prefix' not in kwargs:
+            kwargs['prefix'] = 'update-password-form'
+        super().__init__(*args, **kwargs)
+        self.user = user
+
+    def validate_current_password(self, field):
+        if not self.user.verify_password(field.data):
+            raise ValidationError('Invalid password')
+
+
+class UpdateNotificationsForm(FlaskForm):
+    job_status_mail_notification_level = SelectField(
+        'Job status mail notification level',
+        choices=[
+            (x.name, x.name.capitalize())
+            for x in UserSettingJobStatusMailNotificationLevel
+        ],
+        validators=[DataRequired()]
+    )
+    submit = SubmitField()
+
+    def __init__(self, user: User, *args, **kwargs):
+        if 'data' not in kwargs:
+            kwargs['data'] = user.to_json_serializeable()
+        if 'prefix' not in kwargs:
+            kwargs['prefix'] = 'update-notifications-form'
+        super().__init__(*args, **kwargs)
--- a/app/blueprints/settings/routes.py
+++ b/app/blueprints/settings/routes.py
@ -1,10 +1,158 @@
-from flask import g, url_for
-from flask_login import current_user
-from app.blueprints.users.settings.routes import settings as settings_route
+from flask import (
+    abort,
+    flash,
+    jsonify,
+    redirect,
+    render_template,
+    request,
+    url_for
+)
+from flask_login import current_user, login_required
+from app import db
+from app.models import Avatar
 from . import bp
+from .forms import (
+    UpdateAvatarForm,
+    UpdatePasswordForm,
+    UpdateNotificationsForm,
+    UpdateAccountInformationForm,
+    UpdateProfileInformationForm
+)


-@bp.route('/settings', methods=['GET', 'POST'])
-def settings():
-    g._nopaque_redirect_location_on_post = url_for('.settings')
-    return settings_route(current_user.id)
+@bp.route('', methods=['GET', 'POST'])
+@login_required
+def index():
+    update_account_information_form = UpdateAccountInformationForm(current_user)
+    update_profile_information_form = UpdateProfileInformationForm(current_user)
+    update_avatar_form = UpdateAvatarForm()
+    update_password_form = UpdatePasswordForm(current_user)
+    update_notifications_form = UpdateNotificationsForm(current_user)
+
+    # region handle update profile information form
+    if update_profile_information_form.submit.data and update_profile_information_form.validate():
+        current_user.about_me = update_profile_information_form.about_me.data
+        current_user.location = update_profile_information_form.location.data
+        current_user.organization = update_profile_information_form.organization.data
+        current_user.website = update_profile_information_form.website.data
+        current_user.full_name = update_profile_information_form.full_name.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.index'))
+    # endregion handle update profile information form
+
+    # region handle update avatar form
+    if update_avatar_form.submit.data and update_avatar_form.validate():
+        try:
+            Avatar.create(
+                update_avatar_form.avatar.data,
+                user=current_user
+            )
+        except (AttributeError, OSError):
+            abort(500)
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.index'))
+    # endregion handle update avatar form
+
+    # region handle update account information form
+    if update_account_information_form.submit.data and update_account_information_form.validate():
+        current_user.email = update_account_information_form.email.data
+        current_user.username = update_account_information_form.username.data
+        db.session.commit()
+        flash('Profile settings updated')
+        return redirect(url_for('.index'))
+    # endregion handle update account information form
+
+    # region handle update password form
+    if update_password_form.submit.data and update_password_form.validate():
+        current_user.password = update_password_form.new_password.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.index'))
+    # endregion handle update password form
+
+    # region handle update notifications form
+    if update_notifications_form.submit.data and update_notifications_form.validate():
+        current_user.setting_job_status_mail_notification_level = \
+            update_notifications_form.job_status_mail_notification_level.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.index'))
+    # endregion handle update notifications form
+
+    return render_template(
+        'settings/index.html.j2',
+        title='Settings',
+        update_account_information_form=update_account_information_form,
+        update_avatar_form=update_avatar_form,
+        update_notifications_form=update_notifications_form,
+        update_password_form=update_password_form,
+        update_profile_information_form=update_profile_information_form,
+        user=current_user
+    )
+
+
+@bp.route('/profile-is-public', methods=['PUT'])
+@login_required
+def update_profile_is_public():
+    new_value = request.json
+
+    if not isinstance(new_value, bool):
+        abort(400)
+
+    current_user.is_public = new_value
+    db.session.commit()
+
+    return jsonify('Your changes have been saved'), 200
+
+
+@bp.route('/profile-show-email', methods=['PUT'])
+@login_required
+def update_profile_show_email():
+    new_value = request.json
+
+    if not isinstance(new_value, bool):
+        abort(400)
+
+    if new_value:
+        current_user.add_profile_privacy_setting('SHOW_EMAIL')
+    else:
+        current_user.remove_profile_privacy_setting('SHOW_EMAIL')
+    db.session.commit()
+
+    return jsonify('Your changes have been saved'), 200
+
+
+@bp.route('/profile-show-last-seen', methods=['PUT'])
+@login_required
+def update_profile_show_last_seen():
+    new_value = request.json
+
+    if not isinstance(new_value, bool):
+        abort(400)
+
+    if new_value:
+        current_user.add_profile_privacy_setting('SHOW_LAST_SEEN')
+    else:
+        current_user.remove_profile_privacy_setting('SHOW_LAST_SEEN')
+    db.session.commit()
+
+    return jsonify('Your changes have been saved'), 200
+
+
+@bp.route('/profile-show-member-since', methods=['PUT'])
+@login_required
+def update_profile_show_member_since():
+    new_value = request.json
+
+    if not isinstance(new_value, bool):
+        abort(400)
+
+    if new_value:
+        current_user.add_profile_privacy_setting('SHOW_MEMBER_SINCE')
+    else:
+        current_user.remove_profile_privacy_setting('SHOW_MEMBER_SINCE')
+    db.session.commit()
+
+    return jsonify('Your changes have been saved'), 200