bookwyrm/bookwyrm/models/base_model.py

""" base model with default fields """
import base64
from Crypto import Random

from django.core.exceptions import PermissionDenied
from django.db import models
from django.db.models import Q
from django.dispatch import receiver
from django.http import Http404
from django.utils.translation import gettext_lazy as _
from django.utils.text import slugify

from bookwyrm.settings import DOMAIN
from .fields import RemoteIdField


DeactivationReason = [
    ("pending", _("Pending")),
    ("self_deletion", _("Self deletion")),
    ("self_deactivation", _("Self deactivation")),
    ("moderator_suspension", _("Moderator suspension")),
    ("moderator_deletion", _("Moderator deletion")),
    ("domain_block", _("Domain block")),
]


def new_access_code():
    """the identifier for a user invite"""
    return base64.b32encode(Random.get_random_bytes(5)).decode("ascii")


class BookWyrmModel(models.Model):
    """shared fields"""

    created_date = models.DateTimeField(auto_now_add=True)
    updated_date = models.DateTimeField(auto_now=True)
    remote_id = RemoteIdField(null=True, activitypub_field="id")

    def get_remote_id(self):
        """generate the url that resolves to the local object, without a slug"""
        base_path = f"https://{DOMAIN}"
        if hasattr(self, "user"):
            base_path = f"{base_path}{self.user.local_path}"

        model_name = type(self).__name__.lower()
        return f"{base_path}/{model_name}/{self.id}"

    class Meta:
        """this is just here to provide default fields for other models"""

        abstract = True

    @property
    def local_path(self):
        """how to link to this object in the local app, with a slug"""
        local = self.get_remote_id().replace(f"https://{DOMAIN}", "")

        name = None
        if hasattr(self, "name_field"):
            name = getattr(self, self.name_field)
        elif hasattr(self, "name"):
            name = self.name

        if name:
            slug = slugify(name)
            local = f"{local}/s/{slug}"

        return local

    def raise_visible_to_user(self, viewer):
        """is a user authorized to view an object?"""
        # make sure this is an object with privacy owned by a user
        if not hasattr(self, "user") or not hasattr(self, "privacy"):
            return

        # viewer can't see it if the object's owner blocked them
        if viewer in self.user.blocks.all():
            raise Http404()

        # you can see your own posts and any public or unlisted posts
        if viewer == self.user or self.privacy in ["public", "unlisted"]:
            return

        # you can see the followers only posts of people you follow
        if self.privacy == "followers" and (
            self.user.followers.filter(id=viewer.id).first()
        ):
            return

        # you can see dms you are tagged in
        if hasattr(self, "mention_users"):
            if (
                self.privacy in ["direct", "followers"]
                and self.mention_users.filter(id=viewer.id).first()
            ):

                return

        # you can see groups of which you are a member
        if (
            hasattr(self, "memberships")
            and viewer.is_authenticated
            and self.memberships.filter(user=viewer).exists()
        ):
            return

        # you can see objects which have a group of which you are a member
        if hasattr(self, "group"):
            if (
                hasattr(self.group, "memberships")
                and self.group.memberships.filter(user=viewer).exists()
            ):
                return

        raise Http404()

    def raise_not_editable(self, viewer):
        """does this user have permission to edit this object? liable to be overwritten
        by models that inherit this base model class"""
        if not hasattr(self, "user"):
            return

        # generally moderators shouldn't be able to edit other people's stuff
        if self.user == viewer:
            return

        raise PermissionDenied()

    def raise_not_deletable(self, viewer):
        """does this user have permission to delete this object? liable to be
        overwritten by models that inherit this base model class"""
        if not hasattr(self, "user"):
            return

        # but generally moderators can delete other people's stuff
        if self.user == viewer or viewer.has_perm("bookwyrm.moderate_post"):
            return

        raise PermissionDenied()

    @classmethod
    def privacy_filter(cls, viewer, privacy_levels=None):
        """filter objects that have "user" and "privacy" fields"""
        queryset = cls.objects
        if hasattr(queryset, "select_subclasses"):
            queryset = queryset.select_subclasses()

        privacy_levels = privacy_levels or ["public", "unlisted", "followers", "direct"]
        # you can't see followers only or direct messages if you're not logged in
        if viewer.is_anonymous:
            privacy_levels = [
                p for p in privacy_levels if not p in ["followers", "direct"]
            ]
        else:
            # exclude blocks from both directions
            queryset = queryset.exclude(
                Q(user__blocked_by=viewer) | Q(user__blocks=viewer)
            )

        # filter to only provided privacy levels
        queryset = queryset.filter(privacy__in=privacy_levels)

        if "followers" in privacy_levels:
            queryset = cls.followers_filter(queryset, viewer)

        # exclude direct messages not intended for the user
        if "direct" in privacy_levels:
            queryset = cls.direct_filter(queryset, viewer)

        return queryset

    @classmethod
    def followers_filter(cls, queryset, viewer):
        """Override-able filter for "followers" privacy level"""
        return queryset.exclude(
            ~Q(  # user isn't following and it isn't their own status
                Q(user__followers=viewer) | Q(user=viewer)
            ),
            privacy="followers",  # and the status is followers only
        )

    @classmethod
    def direct_filter(cls, queryset, viewer):
        """Override-able filter for "direct" privacy level"""
        return queryset.exclude(~Q(user=viewer), privacy="direct")


@receiver(models.signals.post_save)
# pylint: disable=unused-argument
def set_remote_id(sender, instance, created, *args, **kwargs):
    """set the remote_id after save (when the id is available)"""
    if not created or not hasattr(instance, "get_remote_id"):
        return
    if not instance.remote_id:
        instance.remote_id = instance.get_remote_id()
        try:
            instance.save(broadcast=False)
        except TypeError:
            instance.save()
Runs black 2021-03-08 16:49:10 +00:00			`""" base model with default fields """`
Adds email confirmation code field 2021-08-06 21:42:18 +00:00			`import base64`
			`from Crypto import Random`
Adds model function to check perms 2021-09-27 21:02:34 +00:00
			`from django.core.exceptions import PermissionDenied`
Forgot to add the migration and models helper 2020-02-18 00:50:44 +00:00			`from django.db import models`
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00			`from django.db.models import Q`
Unify concept of absolute_id and remote_id 2020-05-13 01:56:28 +00:00			`from django.dispatch import receiver`
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`from django.http import Http404`
Use readable/translatable strings for db choices 2021-09-11 21:16:52 +00:00			`from django.utils.translation import gettext_lazy as _`
Generation of slugs and new urls to handle slugs - TODO: redirect to correct slug if not found. 2022-03-02 08:21:23 +00:00			`from django.utils.text import slugify`
Forgot to add the migration and models helper 2020-02-18 00:50:44 +00:00
Moves activitypub mixin to its own file 2021-02-04 18:47:03 +00:00			`from bookwyrm.settings import DOMAIN`
			`from .fields import RemoteIdField`
Forgot to add the migration and models helper 2020-02-18 00:50:44 +00:00
Allow users to set privacy on imported reviews or not import them at all. Fixes #252 2020-10-30 18:21:02 +00:00
Use readable/translatable strings for db choices 2021-09-11 21:16:52 +00:00			`DeactivationReason = [`
			`("pending", _("Pending")),`
			`("self_deletion", _("Self deletion")),`
Allow users to temporarily deactivate their accounts (#2324) 2022-11-10 21:40:54 +00:00			`("self_deactivation", _("Self deactivation")),`
Use readable/translatable strings for db choices 2021-09-11 21:16:52 +00:00			`("moderator_suspension", _("Moderator suspension")),`
			`("moderator_deletion", _("Moderator deletion")),`
			`("domain_block", _("Domain block")),`
			`]`
Deactivate connectors related to blocked federated servers 2021-05-11 18:31:02 +00:00

Adds email confirmation code field 2021-08-06 21:42:18 +00:00			`def new_access_code():`
			`"""the identifier for a user invite"""`
			`return base64.b32encode(Random.get_random_bytes(5)).decode("ascii")`


Renames bookwyrm base model 2020-09-21 15:16:34 +00:00			`class BookWyrmModel(models.Model):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""shared fields"""`
Runs black 2021-03-08 16:49:10 +00:00
Forgot to add the migration and models helper 2020-02-18 00:50:44 +00:00			`created_date = models.DateTimeField(auto_now_add=True)`
Fixes mistake in parent model definition 2020-02-21 01:33:50 +00:00			`updated_date = models.DateTimeField(auto_now=True)`
Runs black 2021-03-08 16:49:10 +00:00			`remote_id = RemoteIdField(null=True, activitypub_field="id")`
Forgot to add the migration and models helper 2020-02-18 00:50:44 +00:00
No more remote id with slug, just add slug in local path. 2022-03-11 12:18:52 +00:00			`def get_remote_id(self):`
Generation of slugs and new urls to handle slugs - TODO: redirect to correct slug if not found. 2022-03-02 08:21:23 +00:00			`"""generate the url that resolves to the local object, without a slug"""`
Updating string format synatx part 2 2021-09-18 18:32:00 +00:00			`base_path = f"https://{DOMAIN}"`
Runs black 2021-03-08 16:49:10 +00:00			`if hasattr(self, "user"):`
Updating string format synatx part 2 2021-09-18 18:32:00 +00:00			`base_path = f"{base_path}{self.user.local_path}"`
black 2022-03-02 09:47:08 +00:00
Bug fixes and absolute ids 2020-02-18 01:53:40 +00:00			`model_name = type(self).__name__.lower()`
Updating string format synatx part 2 2021-09-18 18:32:00 +00:00			`return f"{base_path}/{model_name}/{self.id}"`
Forgot to add the migration and models helper 2020-02-18 00:50:44 +00:00
No more remote id with slug, just add slug in local path. 2022-03-11 12:18:52 +00:00			`class Meta:`
			`"""this is just here to provide default fields for other models"""`

			`abstract = True`

			`@property`
			`def local_path(self):`
			`"""how to link to this object in the local app, with a slug"""`
			`local = self.get_remote_id().replace(f"https://{DOMAIN}", "")`
Generation of slugs and new urls to handle slugs - TODO: redirect to correct slug if not found. 2022-03-02 08:21:23 +00:00
			`name = None`
			`if hasattr(self, "name_field"):`
			`name = getattr(self, self.name_field)`
			`elif hasattr(self, "name"):`
			`name = self.name`

			`if name:`
			`slug = slugify(name)`
No more remote id with slug, just add slug in local path. 2022-03-11 12:18:52 +00:00			`local = f"{local}/s/{slug}"`
Runs black 2021-03-08 16:49:10 +00:00
No more remote id with slug, just add slug in local path. 2022-03-11 12:18:52 +00:00			`return local`
User generated local paths 2020-12-31 01:36:35 +00:00
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`def raise_visible_to_user(self, viewer):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""is a user authorized to view an object?"""`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00			`# make sure this is an object with privacy owned by a user`
			`if not hasattr(self, "user") or not hasattr(self, "privacy"):`
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`return`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00
			`# viewer can't see it if the object's owner blocked them`
			`if viewer in self.user.blocks.all():`
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`raise Http404()`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00
			`# you can see your own posts and any public or unlisted posts`
			`if viewer == self.user or self.privacy in ["public", "unlisted"]:`
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`return`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00
			`# you can see the followers only posts of people you follow`
Fixes privacy filters for followers-only replies 2021-10-14 23:26:28 +00:00			`if self.privacy == "followers" and (`
			`self.user.followers.filter(id=viewer.id).first()`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00			`):`
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`return`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00
			`# you can see dms you are tagged in`
			`if hasattr(self, "mention_users"):`
			`if (`
Fixes privacy display 2021-10-15 20:26:02 +00:00			`self.privacy in ["direct", "followers"]`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00			`and self.mention_users.filter(id=viewer.id).first()`
			`):`
Merge branch 'main' into groups-merge-test Big merge of a couple of weeks' work from the main project back into this branch. :ohno: 2021-10-02 23:49:38 +00:00
lint raise_visible_to_user Don't return True unnecessarily 2021-10-04 21:09:24 +00:00			`return`
change group owner from 'manager' to 'user' This will allow privacy management to use existing code. Some template updates also are for rationalising how groups are created and edited. 2021-09-27 05:36:41 +00:00
allow members to see groups and their lists - add additional logic to visible_to_user, for groups and their objects - cleans up some queries in Group view NOTE: I can't work out how to make group lists only visible to users who should be able to see them, on user group listings. They still can't access the actual group, but can see it on user pages. This is potentialy problematic. 2021-09-27 10:24:25 +00:00			`# you can see groups of which you are a member`
run Black on changed code 2021-10-04 10:31:28 +00:00			`if (`
			`hasattr(self, "memberships")`
Fixes bug in logged out group view 2021-12-28 22:33:30 +00:00			`and viewer.is_authenticated`
run Black on changed code 2021-10-04 10:31:28 +00:00			`and self.memberships.filter(user=viewer).exists()`
			`):`
lint raise_visible_to_user Don't return True unnecessarily 2021-10-04 21:09:24 +00:00			`return`
allow members to see groups and their lists - add additional logic to visible_to_user, for groups and their objects - cleans up some queries in Group view NOTE: I can't work out how to make group lists only visible to users who should be able to see them, on user group listings. They still can't access the actual group, but can see it on user pages. This is potentialy problematic. 2021-09-27 10:24:25 +00:00
			`# you can see objects which have a group of which you are a member`
			`if hasattr(self, "group"):`
			`if (`
group members can see lists - fix visible_to_user for group objects (like lists) - temporarily disable privacy_filter on group lists 2021-10-02 08:31:56 +00:00			`hasattr(self.group, "memberships")`
			`and self.group.memberships.filter(user=viewer).exists()`
allow members to see groups and their lists - add additional logic to visible_to_user, for groups and their objects - cleans up some queries in Group view NOTE: I can't work out how to make group lists only visible to users who should be able to see them, on user group listings. They still can't access the actual group, but can see it on user pages. This is potentialy problematic. 2021-09-27 10:24:25 +00:00			`):`
lint raise_visible_to_user Don't return True unnecessarily 2021-10-04 21:09:24 +00:00			`return`
change group owner from 'manager' to 'user' This will allow privacy management to use existing code. Some template updates also are for rationalising how groups are created and edited. 2021-09-27 05:36:41 +00:00
Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`raise Http404()`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00
Adds model function to check perms 2021-09-27 21:02:34 +00:00			`def raise_not_editable(self, viewer):`
			`"""does this user have permission to edit this object? liable to be overwritten`
			`by models that inherit this base model class"""`
			`if not hasattr(self, "user"):`
			`return`

			`# generally moderators shouldn't be able to edit other people's stuff`
			`if self.user == viewer:`
			`return`

Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`raise PermissionDenied()`
Adds model function to check perms 2021-09-27 21:02:34 +00:00
			`def raise_not_deletable(self, viewer):`
			`"""does this user have permission to delete this object? liable to be`
			`overwritten by models that inherit this base model class"""`
			`if not hasattr(self, "user"):`
			`return`

			`# but generally moderators can delete other people's stuff`
Fixes errors in permissions 2022-07-07 21:01:51 +00:00			`if self.user == viewer or viewer.has_perm("bookwyrm.moderate_post"):`
Adds model function to check perms 2021-09-27 21:02:34 +00:00			`return`

Changes visiblity function to raise 2021-09-27 22:54:58 +00:00			`raise PermissionDenied()`
Fixes visible_to_user check for non-federated objs why did this cause a problem _now_?? 2021-04-11 17:45:08 +00:00
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00			`@classmethod`
Filter followers only in place It's only used in one spot 2021-10-06 18:12:03 +00:00			`def privacy_filter(cls, viewer, privacy_levels=None):`
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00			`"""filter objects that have "user" and "privacy" fields"""`
			`queryset = cls.objects`
			`if hasattr(queryset, "select_subclasses"):`
			`queryset = queryset.select_subclasses()`

			`privacy_levels = privacy_levels or ["public", "unlisted", "followers", "direct"]`
Move privacy levels filter to clearer location 2021-10-06 18:15:17 +00:00			`# you can't see followers only or direct messages if you're not logged in`
			`if viewer.is_anonymous:`
			`privacy_levels = [`
			`p for p in privacy_levels if not p in ["followers", "direct"]`
			`]`
Style cleanup 2021-10-06 18:23:36 +00:00			`else:`
			`# exclude blocks from both directions`
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00			`queryset = queryset.exclude(`
			`Q(user__blocked_by=viewer) \| Q(user__blocks=viewer)`
			`)`

Style cleanup 2021-10-06 18:23:36 +00:00			`# filter to only provided privacy levels`
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00			`queryset = queryset.filter(privacy__in=privacy_levels)`

Filter followers only in place It's only used in one spot 2021-10-06 18:12:03 +00:00			`if "followers" in privacy_levels:`
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00			`queryset = cls.followers_filter(queryset, viewer)`

			`# exclude direct messages not intended for the user`
			`if "direct" in privacy_levels:`
			`queryset = cls.direct_filter(queryset, viewer)`

			`return queryset`

			`@classmethod`
			`def followers_filter(cls, queryset, viewer):`
			`"""Override-able filter for "followers" privacy level"""`
			`return queryset.exclude(`
			`~Q( # user isn't following and it isn't their own status`
			`Q(user__followers=viewer) \| Q(user=viewer)`
			`),`
			`privacy="followers", # and the status is followers only`
			`)`

			`@classmethod`
			`def direct_filter(cls, queryset, viewer):`
			`"""Override-able filter for "direct" privacy level"""`
User override in child class instead of if/else for privacy_filter 2021-10-06 18:08:54 +00:00			`return queryset.exclude(~Q(user=viewer), privacy="direct")`
Moves privacy filter to model class 2021-10-06 16:48:11 +00:00
Unify concept of absolute_id and remote_id 2020-05-13 01:56:28 +00:00
Updates for broadcast changes 2020-05-14 01:23:54 +00:00			`@receiver(models.signals.post_save)`
Runs black 2021-03-08 16:49:10 +00:00			`# pylint: disable=unused-argument`
Add statuses to timelines 2021-03-22 21:11:23 +00:00			`def set_remote_id(sender, instance, created, args, *kwargs):`
New version of black, new whitespace 2021-04-26 16:15:42 +00:00			`"""set the remote_id after save (when the id is available)"""`
Runs black 2021-03-08 16:49:10 +00:00			`if not created or not hasattr(instance, "get_remote_id"):`
Unify concept of absolute_id and remote_id 2020-05-13 01:56:28 +00:00			`return`
More books tests 2020-05-14 18:28:45 +00:00			`if not instance.remote_id:`
			`instance.remote_id = instance.get_remote_id()`
Fixes field and lists tests 2021-02-07 00:13:59 +00:00			`try:`
			`instance.save(broadcast=False)`
			`except TypeError:`
			`instance.save()`