nopaque/app/profile/routes.py

from flask import (
    abort,
    current_app,
    flash, 
    Markup, 
    redirect, 
    render_template, 
    send_from_directory,
    url_for
)
from flask_login import current_user, login_required
from threading import Thread
import os
from app import db
from app.models import Avatar, ProfilePrivacySettings, User
from . import bp
from .forms import (
  EditPrivacySettingsForm,
  EditProfileSettingsForm,
  EditPublicProfileInformationForm
)

@bp.before_request
@login_required
def before_request():
    pass


@bp.route('/<hashid:user_id>')
def profile(user_id):
    user = User.query.get_or_404(user_id)
    user_data = user.to_json_serializeable()
    if not user.is_public and user != current_user:
        abort(403)
    return render_template('profile/profile_page.html.j2', 
        user=user,
        user_data=user_data)

@bp.route('/<hashid:user_id>/avatars/<hashid:avatar_id>')
def avatar_download(user_id, avatar_id):
    avatar_file = Avatar.query.filter_by(user_id = user_id, id = avatar_id).first_or_404()
    if not (avatar_file and avatar_file.filename):
        abort(404)
    return send_from_directory(
        os.path.dirname(avatar_file.path),
        os.path.basename(avatar_file.path),
        as_attachment=True,
        attachment_filename=avatar_file.filename,
        mimetype=avatar_file.mimetype
    )

@bp.route('/<hashid:user_id>/avatars/<hashid:avatar_id>', methods=['DELETE'])
def delete_avatar(avatar_id, user_id):
    def _delete_avatar(app, avatar_id):
        with app.app_context():
            avatar_file = Avatar.query.get(avatar_id)
            print(avatar_file)
            avatar_file.delete()
            db.session.commit()
    thread = Thread(
        target=_delete_avatar,
        args=(current_app._get_current_object(), avatar_id)
    )
    thread.start()
    return {}, 202

@bp.route('/<hashid:user_id>/edit-profile', methods=['GET', 'POST'])
def edit_profile(user_id):
    user = User.query.get_or_404(user_id)
    edit_profile_settings_form = EditProfileSettingsForm(
        current_user,
        data=current_user.to_json_serializeable(),
        prefix='edit-profile-settings-form'
    )
    edit_privacy_settings_form = EditPrivacySettingsForm(
        data=current_user.to_json_serializeable(),
        prefix='edit-privacy-settings-form'
    )
    edit_public_profile_information_form = EditPublicProfileInformationForm(
        data=current_user.to_json_serializeable(),
        prefix='edit-public-profile-information-form'
    )

    if edit_profile_settings_form.validate_on_submit():
        current_user.email = edit_profile_settings_form.email.data
        current_user.username = edit_profile_settings_form.username.data
        db.session.commit()
        message = Markup(f'Profile settings updated')
        flash(message, 'success')
        return redirect(url_for('.profile', user_id=user.id))
    if (edit_privacy_settings_form.submit.data
        and edit_privacy_settings_form.validate()):
        current_user.is_public = edit_privacy_settings_form.is_public.data
        if edit_privacy_settings_form.show_email.data:
            current_user.add_profile_privacy_setting(ProfilePrivacySettings.SHOW_EMAIL)
        else:
            current_user.remove_profile_privacy_setting(ProfilePrivacySettings.SHOW_EMAIL)
        if edit_privacy_settings_form.show_last_seen.data:
            current_user.add_profile_privacy_setting(ProfilePrivacySettings.SHOW_LAST_SEEN)
        else:
            current_user.remove_profile_privacy_setting(ProfilePrivacySettings.SHOW_LAST_SEEN)
        if edit_privacy_settings_form.show_member_since.data:
            current_user.add_profile_privacy_setting(ProfilePrivacySettings.SHOW_MEMBER_SINCE)
        else:
            current_user.remove_profile_privacy_setting(ProfilePrivacySettings.SHOW_MEMBER_SINCE)
        db.session.commit()
        flash('Your changes have been saved')
        return redirect(url_for('.profile', user_id=user.id))
    if edit_public_profile_information_form.validate_on_submit():
        if edit_public_profile_information_form.avatar.data:
            try:
                Avatar.create(edit_public_profile_information_form.avatar.data, user=current_user)
            except (AttributeError, OSError):
                abort(500)
        current_user.about_me = edit_public_profile_information_form.about_me.data
        current_user.location = edit_public_profile_information_form.location.data
        current_user.organization = edit_public_profile_information_form.organization.data
        current_user.website = edit_public_profile_information_form.website.data
        current_user.full_name = edit_public_profile_information_form.full_name.data
        db.session.commit()
        message = Markup(f'Profile settings updated')
        flash(message, 'success')
        return redirect(url_for('.profile', user_id=user.id))
    return render_template('profile/edit_profile.html.j2',
        edit_profile_settings_form=edit_profile_settings_form,
        edit_privacy_settings_form=edit_privacy_settings_form,
        edit_public_profile_information_form=edit_public_profile_information_form,
        user=user,
        title='Edit Profile')