Python script, ASCII text executable
1
import json
2
from datetime import datetime
3
from email.policy import default
4
from time import perf_counter
5
import flask
7
from flask_sqlalchemy import SQLAlchemy
8
from flask_bcrypt import Bcrypt
9
from flask_httpauth import HTTPBasicAuth
10
from markupsafe import escape, Markup
11
from flask_migrate import Migrate, current
12
from jinja2_fragments.flask import render_block
13
from sqlalchemy.orm import backref
14
import sqlalchemy.dialects.postgresql
15
from os import path
16
import os
17
from urllib.parse import urlencode
18
import mimetypes
19
import ruamel.yaml as yaml
20
from PIL import Image
22
from sqlalchemy.orm.persistence import post_update
23
from sqlalchemy.sql.functions import current_user
24
import config
26
import markdown
27
app = flask.Flask(__name__)
29
bcrypt = Bcrypt(app)
30
app.config["SQLALCHEMY_DATABASE_URI"] = config.DB_URI
32
app.config["SECRET_KEY"] = config.DB_PASSWORD
33
db = SQLAlchemy(app)
35
migrate = Migrate(app, db)
36
@app.template_filter("split")
39
def split(value, separator=None, maxsplit=-1):
40
return value.split(separator, maxsplit)
41
@app.template_filter("median")
44
def median(value):
45
value = list(value) # prevent generators
46
return sorted(value)[len(value) // 2]
47
@app.template_filter("set")
50
def set_filter(value):
51
return set(value)
52
@app.template_global()
55
def modify_query(**new_values):
56
args = flask.request.args.copy()
57
for key, value in new_values.items():
58
args[key] = value
59
return f"{flask.request.path}?{urlencode(args)}"
61
@app.context_processor
64
def default_variables():
65
return {
66
"current_user": db.session.get(User, flask.session.get("username")),
67
}
68
with app.app_context():
71
class User(db.Model):
72
username = db.Column(db.String(32), unique=True, nullable=False, primary_key=True)
73
password_hashed = db.Column(db.String(60), nullable=False)
74
admin = db.Column(db.Boolean, nullable=False, default=False, server_default="false")
75
pictures = db.relationship("PictureResource", back_populates="author")
76
joined_timestamp = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
77
galleries = db.relationship("Gallery", back_populates="owner")
78
galleries_joined = db.relationship("UserInGallery", back_populates="user")
79
def __init__(self, username, password):
81
self.username = username
82
self.password_hashed = bcrypt.generate_password_hash(password).decode("utf-8")
83
@property
85
def formatted_name(self):
86
if self.admin:
87
return self.username + "*"
88
return self.username
89
class Licence(db.Model):
92
id = db.Column(db.String(64), primary_key=True) # SPDX identifier
93
title = db.Column(db.UnicodeText, nullable=False) # the official name of the licence
94
description = db.Column(db.UnicodeText,
95
nullable=False) # brief description of its permissions and restrictions
96
info_url = db.Column(db.String(1024),
97
nullable=False) # the URL to a page with general information about the licence
98
url = db.Column(db.String(1024),
99
nullable=True) # the URL to a page with the full text of the licence and more information
100
pictures = db.relationship("PictureLicence", back_populates="licence")
101
free = db.Column(db.Boolean, nullable=False,
102
default=False) # whether the licence is free or not
103
logo_url = db.Column(db.String(1024), nullable=True) # URL to the logo of the licence
104
pinned = db.Column(db.Boolean, nullable=False,
105
default=False) # whether the licence should be shown at the top of the list
106
def __init__(self, id, title, description, info_url, url, free, logo_url=None,
108
pinned=False):
109
self.id = id
110
self.title = title
111
self.description = description
112
self.info_url = info_url
113
self.url = url
114
self.free = free
115
self.logo_url = logo_url
116
self.pinned = pinned
117
class PictureLicence(db.Model):
120
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
121
resource_id = db.Column(db.Integer, db.ForeignKey("picture_resource.id"))
123
licence_id = db.Column(db.String(64), db.ForeignKey("licence.id"))
124
resource = db.relationship("PictureResource", back_populates="licences")
126
licence = db.relationship("Licence", back_populates="pictures")
127
def __init__(self, resource, licence):
129
self.resource = resource
130
self.licence = licence
131
class Resource(db.Model):
134
__abstract__ = True
135
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
137
title = db.Column(db.UnicodeText, nullable=False)
138
description = db.Column(db.UnicodeText, nullable=False)
139
timestamp = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
140
origin_url = db.Column(db.String(2048),
141
nullable=True) # should be left empty if it's original or the source is unknown but public domain
142
class PictureNature(db.Model):
145
# Examples:
146
# "photo", "paper-scan", "2d-art-photo", "sculpture-photo", "computer-3d", "computer-painting",
147
# "computer-line-art", "diagram", "infographic", "text", "map", "chart-graph", "screen-capture",
148
# "screen-photo", "pattern", "collage", "ai", and so on
149
id = db.Column(db.String(64), primary_key=True)
150
description = db.Column(db.UnicodeText, nullable=False)
151
resources = db.relationship("PictureResource", back_populates="nature")
152
def __init__(self, id, description):
154
self.id = id
155
self.description = description
156
class PictureObjectInheritance(db.Model):
159
parent_id = db.Column(db.String(64), db.ForeignKey("picture_object.id"),
160
primary_key=True)
161
child_id = db.Column(db.String(64), db.ForeignKey("picture_object.id"),
162
primary_key=True)
163
parent = db.relationship("PictureObject", foreign_keys=[parent_id],
165
back_populates="child_links")
166
child = db.relationship("PictureObject", foreign_keys=[child_id],
167
back_populates="parent_links")
168
def __init__(self, parent, child):
170
self.parent = parent
171
self.child = child
172
class PictureObject(db.Model):
175
id = db.Column(db.String(64), primary_key=True)
176
description = db.Column(db.UnicodeText, nullable=False)
177
child_links = db.relationship("PictureObjectInheritance",
179
foreign_keys=[PictureObjectInheritance.parent_id],
180
back_populates="parent")
181
parent_links = db.relationship("PictureObjectInheritance",
182
foreign_keys=[PictureObjectInheritance.child_id],
183
back_populates="child")
184
def __init__(self, id, description):
186
self.id = id
187
self.description = description
188
class PictureRegion(db.Model):
191
# This is for picture region annotations
192
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
193
json = db.Column(sqlalchemy.dialects.postgresql.JSONB, nullable=False)
194
resource_id = db.Column(db.Integer, db.ForeignKey("picture_resource.id"),
196
nullable=False)
197
object_id = db.Column(db.String(64), db.ForeignKey("picture_object.id"), nullable=True)
198
resource = db.relationship("PictureResource", backref="regions")
200
object = db.relationship("PictureObject", backref="regions")
201
def __init__(self, json, resource, object):
203
self.json = json
204
self.resource = resource
205
self.object = object
206
class PictureResource(Resource):
209
# This is only for bitmap pictures. Vectors will be stored under a different model
210
# File name is the ID in the picture directory under data, without an extension
211
file_format = db.Column(db.String(64), nullable=False) # MIME type
212
width = db.Column(db.Integer, nullable=False)
213
height = db.Column(db.Integer, nullable=False)
214
nature_id = db.Column(db.String(32), db.ForeignKey("picture_nature.id"), nullable=True)
215
author_name = db.Column(db.String(32), db.ForeignKey("user.username"), nullable=False)
216
author = db.relationship("User", back_populates="pictures")
217
nature = db.relationship("PictureNature", back_populates="resources")
219
replaces_id = db.Column(db.Integer, db.ForeignKey("picture_resource.id"), nullable=True)
221
replaced_by_id = db.Column(db.Integer, db.ForeignKey("picture_resource.id"),
222
nullable=True)
223
replaces = db.relationship("PictureResource", remote_side="PictureResource.id",
225
foreign_keys=[replaces_id], back_populates="replaced_by",
226
post_update=True)
227
replaced_by = db.relationship("PictureResource", remote_side="PictureResource.id",
228
foreign_keys=[replaced_by_id], post_update=True)
229
copied_from_id = db.Column(db.Integer, db.ForeignKey("picture_resource.id"),
231
nullable=True)
232
copied_from = db.relationship("PictureResource", remote_side="PictureResource.id",
233
backref="copies", foreign_keys=[copied_from_id])
234
licences = db.relationship("PictureLicence", back_populates="resource")
236
galleries = db.relationship("PictureInGallery", back_populates="resource")
237
def __init__(self, title, author, description, origin_url, licence_ids, mime,
239
nature=None):
240
self.title = title
241
self.author = author
242
self.description = description
243
self.origin_url = origin_url
244
self.file_format = mime
245
self.width = self.height = 0
246
self.nature = nature
247
db.session.add(self)
248
db.session.commit()
249
for licence_id in licence_ids:
250
joiner = PictureLicence(self, db.session.get(Licence, licence_id))
251
db.session.add(joiner)
252
def put_annotations(self, json):
254
# Delete all previous annotations
255
db.session.query(PictureRegion).filter_by(resource_id=self.id).delete()
256
for region in json:
258
object_id = region["object"]
259
picture_object = db.session.get(PictureObject, object_id)
260
region_data = {
262
"type": region["type"],
263
"shape": region["shape"],
264
}
265
region_row = PictureRegion(region_data, self, picture_object)
267
db.session.add(region_row)
268
class PictureInGallery(db.Model):
271
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
272
resource_id = db.Column(db.Integer, db.ForeignKey("picture_resource.id"),
273
nullable=False)
274
gallery_id = db.Column(db.Integer, db.ForeignKey("gallery.id"), nullable=False)
275
resource = db.relationship("PictureResource")
277
gallery = db.relationship("Gallery")
278
def __init__(self, resource, gallery):
280
self.resource = resource
281
self.gallery = gallery
282
class UserInGallery(db.Model):
285
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
286
username = db.Column(db.String(32), db.ForeignKey("user.username"), nullable=False)
287
gallery_id = db.Column(db.Integer, db.ForeignKey("gallery.id"), nullable=False)
288
user = db.relationship("User")
290
gallery = db.relationship("Gallery")
291
def __init__(self, user, gallery):
293
self.user = user
294
self.gallery = gallery
295
class Gallery(db.Model):
298
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
299
title = db.Column(db.UnicodeText, nullable=False)
300
description = db.Column(db.UnicodeText, nullable=False)
301
pictures = db.relationship("PictureInGallery", back_populates="gallery")
302
owner_name = db.Column(db.String(32), db.ForeignKey("user.username"), nullable=False)
303
owner = db.relationship("User", back_populates="galleries")
304
users = db.relationship("UserInGallery", back_populates="gallery")
305
def __init__(self, title, description, owner):
307
self.title = title
308
self.description = description
309
self.owner = owner
310
@app.route("/")
313
def index():
314
return flask.render_template("home.html", resources=PictureResource.query.order_by(
315
db.func.random()).limit(10).all())
316
@app.route("/accounts/")
319
def accounts():
320
return flask.render_template("login.html")
321
@app.route("/login", methods=["POST"])
324
def login():
325
username = flask.request.form["username"]
326
password = flask.request.form["password"]
327
user = db.session.get(User, username)
329
if user is None:
331
flask.flash("This username is not registered.")
332
return flask.redirect("/accounts")
333
if not bcrypt.check_password_hash(user.password_hashed, password):
335
flask.flash("Incorrect password.")
336
return flask.redirect("/accounts")
337
flask.flash("You have been logged in.")
339
flask.session["username"] = username
341
return flask.redirect("/")
342
@app.route("/logout")
345
def logout():
346
flask.session.pop("username", None)
347
flask.flash("You have been logged out.")
348
return flask.redirect("/")
349
@app.route("/signup", methods=["POST"])
352
def signup():
353
username = flask.request.form["username"]
354
password = flask.request.form["password"]
355
if db.session.get(User, username) is not None:
357
flask.flash("This username is already taken.")
358
return flask.redirect("/accounts")
359
if set(username) > set("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"):
361
flask.flash(
362
"Usernames can only contain the Latin alphabet, digits, hyphens, and underscores.")
363
return flask.redirect("/accounts")
364
if len(username) < 3 or len(username) > 32:
366
flask.flash("Usernames must be between 3 and 32 characters long.")
367
return flask.redirect("/accounts")
368
if len(password) < 6:
370
flask.flash("Passwords must be at least 6 characters long.")
371
return flask.redirect("/accounts")
372
user = User(username, password)
374
db.session.add(user)
375
db.session.commit()
376
flask.session["username"] = username
378
flask.flash("You have been registered and logged in.")
380
return flask.redirect("/")
382
@app.route("/profile", defaults={"username": None})
385
@app.route("/profile/<username>")
386
def profile(username):
387
if username is None:
388
if "username" in flask.session:
389
return flask.redirect("/profile/" + flask.session["username"])
390
else:
391
flask.flash("Please log in to perform this action.")
392
return flask.redirect("/accounts")
393
user = db.session.get(User, username)
395
if user is None:
396
flask.abort(404)
397
return flask.render_template("profile.html", user=user)
399
@app.route("/object/<id>")
402
def has_object(id):
403
object_ = db.session.get(PictureObject, id)
404
if object_ is None:
405
flask.abort(404)
406
query = db.session.query(PictureResource).join(PictureRegion).filter(
408
PictureRegion.object_id == id)
409
page = int(flask.request.args.get("page", 1))
411
per_page = int(flask.request.args.get("per_page", 16))
412
resources = query.paginate(page=page, per_page=per_page)
414
return flask.render_template("object.html", object=object_, resources=resources,
416
page_number=page,
417
page_length=per_page, num_pages=resources.pages,
418
prev_page=resources.prev_num,
419
next_page=resources.next_num, PictureRegion=PictureRegion)
420
@app.route("/upload")
423
def upload():
424
if "username" not in flask.session:
425
flask.flash("Log in to upload pictures.")
426
return flask.redirect("/accounts")
427
licences = Licence.query.order_by(Licence.free.desc(), Licence.pinned.desc(),
429
Licence.title).all()
430
types = PictureNature.query.all()
432
return flask.render_template("upload.html", licences=licences, types=types)
434
@app.route("/upload", methods=["POST"])
437
def upload_post():
438
title = flask.request.form["title"]
439
description = flask.request.form["description"]
440
origin_url = flask.request.form["origin_url"]
441
author = db.session.get(User, flask.session.get("username"))
442
licence_ids = flask.request.form.getlist("licence")
443
nature_id = flask.request.form["nature"]
444
if author is None:
446
flask.abort(401)
447
file = flask.request.files["file"]
449
if not file or not file.filename:
451
flask.flash("Select a file")
452
return flask.redirect(flask.request.url)
453
if not file.mimetype.startswith("image/"):
455
flask.flash("Only images are supported")
456
return flask.redirect(flask.request.url)
457
if not title:
459
flask.flash("Enter a title")
460
return flask.redirect(flask.request.url)
461
if not description:
463
description = ""
464
if not nature_id:
466
flask.flash("Select a picture type")
467
return flask.redirect(flask.request.url)
468
if not licence_ids:
470
flask.flash("Select licences")
471
return flask.redirect(flask.request.url)
472
licences = [db.session.get(Licence, licence_id) for licence_id in licence_ids]
474
if not any(licence.free for licence in licences):
475
flask.flash("Select at least one free licence")
476
return flask.redirect(flask.request.url)
477
resource = PictureResource(title, author, description, origin_url, licence_ids,
479
file.mimetype,
480
db.session.get(PictureNature, nature_id))
481
db.session.add(resource)
482
db.session.commit()
483
file.save(path.join(config.DATA_PATH, "pictures", str(resource.id)))
484
pil_image = Image.open(path.join(config.DATA_PATH, "pictures", str(resource.id)))
485
resource.width, resource.height = pil_image.size
486
db.session.commit()
487
if flask.request.form.get("annotations"):
489
try:
490
resource.put_annotations(json.loads(flask.request.form.get("annotations")))
491
db.session.commit()
492
except json.JSONDecodeError:
493
flask.flash("Invalid annotations")
494
flask.flash("Picture uploaded successfully")
496
return flask.redirect("/picture/" + str(resource.id))
498
@app.route("/picture/<int:id>/")
501
def picture(id):
502
resource = db.session.get(PictureResource, id)
503
if resource is None:
504
flask.abort(404)
505
image = Image.open(path.join(config.DATA_PATH, "pictures", str(resource.id)))
507
current_user = db.session.get(User, flask.session.get("username"))
509
have_permission = current_user and (current_user == resource.author or current_user.admin)
510
return flask.render_template("picture.html", resource=resource,
512
file_extension=mimetypes.guess_extension(resource.file_format),
513
size=image.size, copies=resource.copies,
514
have_permission=have_permission)
515
@app.route("/picture/<int:id>/annotate")
518
def annotate_picture(id):
519
resource = db.session.get(PictureResource, id)
520
if resource is None:
521
flask.abort(404)
522
current_user = db.session.get(User, flask.session.get("username"))
524
if current_user is None:
525
flask.abort(401)
526
if resource.author != current_user and not current_user.admin:
527
flask.abort(403)
528
return flask.render_template("picture-annotation.html", resource=resource,
530
file_extension=mimetypes.guess_extension(resource.file_format))
531
@app.route("/picture/<int:id>/put-annotations-form")
534
def put_annotations_form(id):
535
resource = db.session.get(PictureResource, id)
536
if resource is None:
537
flask.abort(404)
538
current_user = db.session.get(User, flask.session.get("username"))
540
if current_user is None:
541
flask.abort(401)
542
if resource.author != current_user and not current_user.admin:
544
flask.abort(403)
545
return flask.render_template("put-annotations-form.html", resource=resource)
547
@app.route("/picture/<int:id>/put-annotations-form", methods=["POST"])
550
def put_annotations_form_post(id):
551
resource = db.session.get(PictureResource, id)
552
if resource is None:
553
flask.abort(404)
554
current_user = db.session.get(User, flask.session.get("username"))
556
if current_user is None:
557
flask.abort(401)
558
if resource.author != current_user and not current_user.admin:
560
flask.abort(403)
561
resource.put_annotations(json.loads(flask.request.form["annotations"]))
563
db.session.commit()
565
return flask.redirect("/picture/" + str(resource.id))
567
@app.route("/picture/<int:id>/save-annotations", methods=["POST"])
570
def save_annotations(id):
571
resource = db.session.get(PictureResource, id)
572
if resource is None:
573
flask.abort(404)
574
current_user = db.session.get(User, flask.session.get("username"))
576
if resource.author != current_user and not current_user.admin:
577
flask.abort(403)
578
resource.put_annotations(flask.request.json)
580
db.session.commit()
582
response = flask.make_response()
584
response.status_code = 204
585
return response
586
@app.route("/picture/<int:id>/get-annotations")
589
def get_annotations(id):
590
resource = db.session.get(PictureResource, id)
591
if resource is None:
592
flask.abort(404)
593
regions = db.session.query(PictureRegion).filter_by(resource_id=id).all()
595
regions_json = []
597
for region in regions:
599
regions_json.append({
600
"object": region.object_id,
601
"type": region.json["type"],
602
"shape": region.json["shape"],
603
})
604
return flask.jsonify(regions_json)
606
@app.route("/picture/<int:id>/delete")
609
def delete_picture(id):
610
resource = db.session.get(PictureResource, id)
611
if resource is None:
612
flask.abort(404)
613
current_user = db.session.get(User, flask.session.get("username"))
615
if current_user is None:
616
flask.abort(401)
617
if resource.author != current_user and not current_user.admin:
619
flask.abort(403)
620
PictureLicence.query.filter_by(resource=resource).delete()
622
PictureRegion.query.filter_by(resource=resource).delete()
623
PictureInGallery.query.filter_by(resource=resource).delete()
624
if resource.replaces:
625
resource.replaces.replaced_by = None
626
if resource.replaced_by:
627
resource.replaced_by.replaces = None
628
resource.copied_from = None
629
for copy in resource.copies:
630
copy.copied_from = None
631
db.session.delete(resource)
632
db.session.commit()
633
return flask.redirect("/")
635
@app.route("/picture/<int:id>/mark-replacement", methods=["POST"])
638
def mark_picture_replacement(id):
639
resource = db.session.get(PictureResource, id)
640
if resource is None:
641
flask.abort(404)
642
current_user = db.session.get(User, flask.session.get("username"))
644
if current_user is None:
645
flask.abort(401)
646
if resource.copied_from.author != current_user and not current_user.admin:
648
flask.abort(403)
649
resource.copied_from.replaced_by = resource
651
resource.replaces = resource.copied_from
652
db.session.commit()
654
return flask.redirect("/picture/" + str(resource.copied_from.id))
656
@app.route("/picture/<int:id>/remove-replacement", methods=["POST"])
659
def remove_picture_replacement(id):
660
resource = db.session.get(PictureResource, id)
661
if resource is None:
662
flask.abort(404)
663
current_user = db.session.get(User, flask.session.get("username"))
665
if current_user is None:
666
flask.abort(401)
667
if resource.author != current_user and not current_user.admin:
669
flask.abort(403)
670
resource.replaced_by.replaces = None
672
resource.replaced_by = None
673
db.session.commit()
675
return flask.redirect("/picture/" + str(resource.id))
677
@app.route("/picture/<int:id>/edit-metadata")
680
def edit_picture(id):
681
resource = db.session.get(PictureResource, id)
682
if resource is None:
683
flask.abort(404)
684
current_user = db.session.get(User, flask.session.get("username"))
686
if current_user is None:
687
flask.abort(401)
688
if resource.author != current_user and not current_user.admin:
690
flask.abort(403)
691
licences = Licence.query.order_by(Licence.free.desc(), Licence.pinned.desc(),
693
Licence.title).all()
694
types = PictureNature.query.all()
696
return flask.render_template("edit-picture.html", resource=resource, licences=licences,
698
types=types,
699
PictureLicence=PictureLicence)
700
@app.route("/picture/<int:id>/edit-metadata", methods=["POST"])
703
def edit_picture_post(id):
704
resource = db.session.get(PictureResource, id)
705
if resource is None:
706
flask.abort(404)
707
current_user = db.session.get(User, flask.session.get("username"))
709
if current_user is None:
710
flask.abort(401)
711
if resource.author != current_user and not current_user.admin:
713
flask.abort(403)
714
title = flask.request.form["title"]
716
description = flask.request.form["description"]
717
origin_url = flask.request.form["origin_url"]
718
licence_ids = flask.request.form.getlist("licence")
719
nature_id = flask.request.form["nature"]
720
if not title:
722
flask.flash("Enter a title")
723
return flask.redirect(flask.request.url)
724
if not description:
726
description = ""
727
if not nature_id:
729
flask.flash("Select a picture type")
730
return flask.redirect(flask.request.url)
731
if not licence_ids:
733
flask.flash("Select licences")
734
return flask.redirect(flask.request.url)
735
licences = [db.session.get(Licence, licence_id) for licence_id in licence_ids]
737
if not any(licence.free for licence in licences):
738
flask.flash("Select at least one free licence")
739
return flask.redirect(flask.request.url)
740
resource.title = title
742
resource.description = description
743
resource.origin_url = origin_url
744
for licence_id in licence_ids:
745
joiner = PictureLicence(resource, db.session.get(Licence, licence_id))
746
db.session.add(joiner)
747
resource.nature = db.session.get(PictureNature, nature_id)
748
db.session.commit()
750
return flask.redirect("/picture/" + str(resource.id))
752
@app.route("/picture/<int:id>/copy")
755
def copy_picture(id):
756
resource = db.session.get(PictureResource, id)
757
if resource is None:
758
flask.abort(404)
759
current_user = db.session.get(User, flask.session.get("username"))
761
if current_user is None:
762
flask.abort(401)
763
new_resource = PictureResource(resource.title, current_user, resource.description,
765
resource.origin_url,
766
[licence.licence_id for licence in resource.licences],
767
resource.file_format,
768
resource.nature)
769
for region in resource.regions:
771
db.session.add(PictureRegion(region.json, new_resource, region.object))
772
db.session.commit()
774
# Create a hard link for the new picture
776
old_path = path.join(config.DATA_PATH, "pictures", str(resource.id))
777
new_path = path.join(config.DATA_PATH, "pictures", str(new_resource.id))
778
os.link(old_path, new_path)
779
new_resource.width = resource.width
781
new_resource.height = resource.height
782
new_resource.copied_from = resource
783
db.session.commit()
785
return flask.redirect("/picture/" + str(new_resource.id))
787
@app.route("/gallery/<int:id>/")
790
def gallery(id):
791
gallery = db.session.get(Gallery, id)
792
if gallery is None:
793
flask.abort(404)
794
current_user = db.session.get(User, flask.session.get("username"))
796
have_permission = current_user and (current_user == gallery.owner or current_user.admin or UserInGallery.query.filter_by(user=current_user, gallery=gallery).first())
798
return flask.render_template("gallery.html", gallery=gallery,
800
have_permission=have_permission)
801
@app.route("/create-gallery")
804
def create_gallery():
805
if "username" not in flask.session:
806
flask.flash("Log in to create galleries.")
807
return flask.redirect("/accounts")
808
return flask.render_template("create-gallery.html")
810
@app.route("/create-gallery", methods=["POST"])
813
def create_gallery_post():
814
if not flask.session.get("username"):
815
flask.abort(401)
816
if not flask.request.form.get("title"):
818
flask.flash("Enter a title")
819
return flask.redirect(flask.request.url)
820
description = flask.request.form.get("description", "")
822
gallery = Gallery(flask.request.form["title"], description,
824
db.session.get(User, flask.session["username"]))
825
db.session.add(gallery)
826
db.session.commit()
827
return flask.redirect("/gallery/" + str(gallery.id))
829
@app.route("/gallery/<int:id>/add-picture", methods=["POST"])
832
def gallery_add_picture(id):
833
gallery = db.session.get(Gallery, id)
834
if gallery is None:
835
flask.abort(404)
836
if "username" not in flask.session:
838
flask.abort(401)
839
if flask.session["username"] != gallery.owner_name and not current_user.admin and not UserInGallery.query.filter_by(user=current_user, gallery=gallery).first():
841
flask.abort(403)
842
picture_id = flask.request.form.get("picture_id")
844
if "/" in picture_id: # also allow full URLs
845
picture_id = picture_id.rstrip("/").rpartition("/")[1]
846
if not picture_id:
847
flask.flash("Select a picture")
848
return flask.redirect("/gallery/" + str(gallery.id))
849
picture_id = int(picture_id)
850
picture = db.session.get(PictureResource, picture_id)
852
if picture is None:
853
flask.flash("Invalid picture")
854
return flask.redirect("/gallery/" + str(gallery.id))
855
if PictureInGallery.query.filter_by(resource=picture, gallery=gallery).first():
857
flask.flash("This picture is already in the gallery")
858
return flask.redirect("/gallery/" + str(gallery.id))
859
db.session.add(PictureInGallery(picture, gallery))
861
db.session.commit()
863
return flask.redirect("/gallery/" + str(gallery.id))
865
@app.route("/gallery/<int:id>/remove-picture", methods=["POST"])
868
def gallery_remove_picture(id):
869
gallery = db.session.get(Gallery, id)
870
if gallery is None:
871
flask.abort(404)
872
if "username" not in flask.session:
874
flask.abort(401)
875
current_user = db.session.get(User, flask.session.get("username"))
877
if flask.session["username"] != gallery.owner_name and not current_user.admin and not UserInGallery.query.filter_by(user=current_user, gallery=gallery).first():
879
flask.abort(403)
880
picture_id = int(flask.request.form.get("picture_id"))
882
picture = db.session.get(PictureResource, picture_id)
884
if picture is None:
885
flask.flash("Invalid picture")
886
return flask.redirect("/gallery/" + str(gallery.id))
887
picture_in_gallery = PictureInGallery.query.filter_by(resource=picture,
889
gallery=gallery).first()
890
if picture_in_gallery is None:
891
flask.flash("This picture isn't in the gallery")
892
return flask.redirect("/gallery/" + str(gallery.id))
893
db.session.delete(picture_in_gallery)
895
db.session.commit()
897
return flask.redirect("/gallery/" + str(gallery.id))
899
@app.route("/gallery/<int:id>/users")
902
def gallery_users(id):
903
gallery = db.session.get(Gallery, id)
904
if gallery is None:
905
flask.abort(404)
906
current_user = db.session.get(User, flask.session.get("username"))
908
have_permission = current_user and (current_user == gallery.owner or current_user.admin)
909
return flask.render_template("gallery-users.html", gallery=gallery,
911
have_permission=have_permission)
912
@app.route("/gallery/<int:id>/users/add", methods=["POST"])
915
def gallery_add_user(id):
916
gallery = db.session.get(Gallery, id)
917
if gallery is None:
918
flask.abort(404)
919
current_user = db.session.get(User, flask.session.get("username"))
921
if current_user is None:
922
flask.abort(401)
923
if current_user != gallery.owner and not current_user.admin:
925
flask.abort(403)
926
username = flask.request.form.get("username")
928
if username == gallery.owner_name:
929
flask.flash("The owner is already in the gallery")
930
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
931
user = db.session.get(User, username)
933
if user is None:
934
flask.flash("User not found")
935
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
936
if UserInGallery.query.filter_by(user=user, gallery=gallery).first():
938
flask.flash("User is already in the gallery")
939
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
940
db.session.add(UserInGallery(user, gallery))
942
db.session.commit()
944
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
946
@app.route("/gallery/<int:id>/users/remove", methods=["POST"])
949
def gallery_remove_user(id):
950
gallery = db.session.get(Gallery, id)
951
if gallery is None:
952
flask.abort(404)
953
current_user = db.session.get(User, flask.session.get("username"))
955
if current_user is None:
956
flask.abort(401)
957
if current_user != gallery.owner and not current_user.admin:
959
flask.abort(403)
960
username = flask.request.form.get("username")
962
user = db.session.get(User, username)
963
if user is None:
964
flask.flash("User not found")
965
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
966
user_in_gallery = UserInGallery.query.filter_by(user=user, gallery=gallery).first()
968
if user_in_gallery is None:
969
flask.flash("User is not in the gallery")
970
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
971
db.session.delete(user_in_gallery)
973
db.session.commit()
975
return flask.redirect("/gallery/" + str(gallery.id) + "/users")
977
def get_picture_query(query_data):
980
query = db.session.query(PictureResource)
981
requirement_conditions = {
983
"has_object": lambda value: PictureResource.regions.any(
984
PictureRegion.object_id.in_(value)),
985
"nature": lambda value: PictureResource.nature_id.in_(value),
986
"licence": lambda value: PictureResource.licences.any(
987
PictureLicence.licence_id.in_(value)),
988
"author": lambda value: PictureResource.author_name.in_(value),
989
"title": lambda value: PictureResource.title.ilike(value),
990
"description": lambda value: PictureResource.description.ilike(value),
991
"origin_url": lambda value: db.func.lower(db.func.substr(
992
PictureResource.origin_url,
993
db.func.length(db.func.split_part(PictureResource.origin_url, "://", 1)) + 4
994
)).in_(value),
995
"above_width": lambda value: PictureResource.width >= value,
996
"below_width": lambda value: PictureResource.width <= value,
997
"above_height": lambda value: PictureResource.height >= value,
998
"below_height": lambda value: PictureResource.height <= value,
999
"before_date": lambda value: PictureResource.timestamp <= datetime.utcfromtimestamp(
1000
value),
1001
"after_date": lambda value: PictureResource.timestamp >= datetime.utcfromtimestamp(
1002
value)
1003
}
1004
if "want" in query_data:
1005
for i in query_data["want"]:
1006
requirement, value = list(i.items())[0]
1007
condition = requirement_conditions.get(requirement)
1008
if condition:
1009
query = query.filter(condition(value))
1010
if "exclude" in query_data:
1011
for i in query_data["exclude"]:
1012
requirement, value = list(i.items())[0]
1013
condition = requirement_conditions.get(requirement)
1014
if condition:
1015
query = query.filter(~condition(value))
1016
if not query_data.get("include_obsolete", False):
1017
query = query.filter(PictureResource.replaced_by_id.is_(None))
1018
return query
1020
@app.route("/query-pictures")
1023
def graphical_query_pictures():
1024
return flask.render_template("graphical-query-pictures.html")
1025
@app.route("/query-pictures-results")
1028
def graphical_query_pictures_results():
1029
query_yaml = flask.request.args.get("query", "")
1030
yaml_parser = yaml.YAML()
1031
query_data = yaml_parser.load(query_yaml) or {}
1032
query = get_picture_query(query_data)
1033
page = int(flask.request.args.get("page", 1))
1035
per_page = int(flask.request.args.get("per_page", 16))
1036
resources = query.paginate(page=page, per_page=per_page)
1038
return flask.render_template("graphical-query-pictures-results.html", resources=resources,
1040
query=query_yaml,
1041
page_number=page, page_length=per_page,
1042
num_pages=resources.pages,
1043
prev_page=resources.prev_num, next_page=resources.next_num)
1044
@app.route("/raw/picture/<int:id>")
1047
def raw_picture(id):
1048
resource = db.session.get(PictureResource, id)
1049
if resource is None:
1050
flask.abort(404)
1051
response = flask.send_from_directory(path.join(config.DATA_PATH, "pictures"),
1053
str(resource.id))
1054
response.mimetype = resource.file_format
1055
return response
1057
@app.route("/object/")
1060
def graphical_object_types():
1061
return flask.render_template("object-types.html", objects=PictureObject.query.all())
1062
@app.route("/api/object-types")
1065
def object_types():
1066
objects = db.session.query(PictureObject).all()
1067
return flask.jsonify({object.id: object.description for object in objects})
1068
@app.route("/api/query-pictures", methods=["POST"]) # sadly GET can't have a body
1071
def query_pictures():
1072
offset = int(flask.request.args.get("offset", 0))
1073
limit = int(flask.request.args.get("limit", 16))
1074
ordering = flask.request.args.get("ordering", "date-desc")
1075
yaml_parser = yaml.YAML()
1077
query_data = yaml_parser.load(flask.request.data) or {}
1078
query = get_picture_query(query_data)
1079
match ordering:
1081
case "date-desc":
1082
query = query.order_by(PictureResource.timestamp.desc())
1083
case "date-asc":
1084
query = query.order_by(PictureResource.timestamp.asc())
1085
case "title-asc":
1086
query = query.order_by(PictureResource.title.asc())
1087
case "title-desc":
1088
query = query.order_by(PictureResource.title.desc())
1089
case "random":
1090
query = query.order_by(db.func.random())
1091
case "number-regions-desc":
1092
query = query.order_by(db.func.count(PictureResource.regions).desc())
1093
case "number-regions-asc":
1094
query = query.order_by(db.func.count(PictureResource.regions).asc())
1095
query = query.offset(offset).limit(limit)
1097
resources = query.all()
1098
json_response = {
1100
"date_generated": datetime.utcnow().timestamp(),
1101
"resources": [],
1102
"offset": offset,
1103
"limit": limit,
1104
}
1105
json_resources = json_response["resources"]
1107
for resource in resources:
1109
json_resource = {
1110
"id": resource.id,
1111
"title": resource.title,
1112
"description": resource.description,
1113
"timestamp": resource.timestamp.timestamp(),
1114
"origin_url": resource.origin_url,
1115
"author": resource.author_name,
1116
"file_format": resource.file_format,
1117
"width": resource.width,
1118
"height": resource.height,
1119
"nature": resource.nature_id,
1120
"licences": [licence.licence_id for licence in resource.licences],
1121
"replaces": resource.replaces_id,
1122
"replaced_by": resource.replaced_by_id,
1123
"regions": [],
1124
"download": config.ROOT_URL + flask.url_for("raw_picture", id=resource.id),
1125
}
1126
for region in resource.regions:
1127
json_resource["regions"].append({
1128
"object": region.object_id,
1129
"type": region.json["type"],
1130
"shape": region.json["shape"],
1131
})
1132
json_resources.append(json_resource)
1134
return flask.jsonify(json_response)
1136
@app.route("/api/picture/<int:id>/")
1139
def api_picture(id):
1140
resource = db.session.get(PictureResource, id)
1141
if resource is None:
1142
flask.abort(404)
1143
json_resource = {
1145
"id": resource.id,
1146
"title": resource.title,
1147
"description": resource.description,
1148
"timestamp": resource.timestamp.timestamp(),
1149
"origin_url": resource.origin_url,
1150
"author": resource.author_name,
1151
"file_format": resource.file_format,
1152
"width": resource.width,
1153
"height": resource.height,
1154
"nature": resource.nature_id,
1155
"licences": [licence.licence_id for licence in resource.licences],
1156
"replaces": resource.replaces_id,
1157
"replaced_by": resource.replaced_by_id,
1158
"regions": [],
1159
"download": config.ROOT_URL + flask.url_for("raw_picture", id=resource.id),
1160
}
1161
for region in resource.regions:
1162
json_resource["regions"].append({
1163
"object": region.object_id,
1164
"type": region.json["type"],
1165
"shape": region.json["shape"],
1166
})
1167
return flask.jsonify(json_resource)
1169
@app.route("/api/licence/")
1172
def api_licences():
1173
licences = db.session.query(Licence).all()
1174
json_licences = {
1175
licence.id: {
1176
"title": licence.title,
1177
"free": licence.free,
1178
"pinned": licence.pinned,
1179
} for licence in licences
1180
}
1181
return flask.jsonify(json_licences)
1183
@app.route("/api/licence/<id>/")
1186
def api_licence(id):
1187
licence = db.session.get(Licence, id)
1188
if licence is None:
1189
flask.abort(404)
1190
json_licence = {
1192
"id": licence.id,
1193
"title": licence.title,
1194
"description": licence.description,
1195
"info_url": licence.info_url,
1196
"legalese_url": licence.url,
1197
"free": licence.free,
1198
"logo_url": licence.logo_url,
1199
"pinned": licence.pinned,
1200
}
1201
return flask.jsonify(json_licence)
1203
@app.route("/api/nature/")
1206
def api_natures():
1207
natures = db.session.query(PictureNature).all()
1208
json_natures = {
1209
nature.id: nature.description for nature in natures
1210
}
1211
return flask.jsonify(json_natures)
1213
@app.route("/api/user/")
1216
def api_users():
1217
offset = int(flask.request.args.get("offset", 0))
1218
limit = int(flask.request.args.get("limit", 16))
1219
users = db.session.query(User).offset(offset).limit(limit).all()
1221
json_users = {
1223
user.username: {
1224
"admin": user.admin,
1225
} for user in users
1226
}
1227
return flask.jsonify(json_users)
1229
@app.route("/api/user/<username>/")
1232
def api_user(username):
1233
user = db.session.get(User, username)
1234
if user is None:
1235
flask.abort(404)
1236
json_user = {
1238
"username": user.username,
1239
"admin": user.admin,
1240
"joined": user.joined_timestamp.timestamp(),
1241
}
1242
return flask.jsonify(json_user)
1244