3 from tornado import escape,web,ioloop,httpserver,httpclient
5 from datetime import datetime
7 from bson.objectid import ObjectId #don't remove
8 from linebot.api import LineBotApi
9 from linebot.exceptions import (InvalidSignatureError)
10 from linebot.models import (TextSendMessage)
13 class BaseHandler(web.RequestHandler):
14 def get_current_user(self):
15 user = self.get_secure_cookie('admin_user')
16 return escape.utf8(user)
18 def set_current_user(self,username):
19 self.set_secure_cookie('admin_user',username)
21 def clear_current_user(self):
22 self.clear_cookie('admin_user')
24 class IndexHandler(BaseHandler):
25 def get(self,dbname,page='0'):
26 dbname = escape.url_unescape(dbname)
27 params = self.application.db['params'].find_one({'app':'bbs'})
28 if params['mentenance'] is True:
29 self.render('mentenance.htm',title=params['title'],db=dbname)
31 if dbname not in self.application.coll():
32 if self.current_user == b'admin':
33 coll = self.application.db[dbname]
37 raise web.HTTPError(404)
38 key = self.get_argument('key','')
40 table = self.application.db[dbname]
41 rec = table.find_one({'number':int(key)})
43 self.render('article.htm',record=rec)
46 raise web.HTTPError(404)
48 rule = escape.url_unescape(self.get_cookie('aikotoba',''))
49 na = escape.url_unescape(self.get_cookie('username',u'誰かさん'))
50 pos = self.application.gpos(dbname,page)
51 table = self.application.db[dbname]
54 start = table.count()-i
58 bool = (dbname == params['info name'])
63 rec.skip(start).limit(i)
64 if table.count() >= 10*i:
65 self.render('modules/full.htm',position=pos,records=rec,data=params,db=dbname)
67 if bool is True and self.current_user != b'admin':
68 self.render('modules/info.htm',position=pos,records=rec,data=params,db=dbname)
70 self.render('modules/index.htm',position=pos,records=rec,data=params,username=na,db=dbname,aikotoba=rule)
72 class LoginHandler(BaseHandler):
74 info = self.application.db['params'].find_one({'app':'bbs'})
75 query = self.get_query_argument('next','/'+info['info name'])
76 i = query[1:].find('/')
81 self.render('login.htm',db=escape.url_unescape(qs))
84 dbname = self.get_argument('record','')
86 self.redirect('/login')
88 pw = self.application.db['params'].find_one({'app':'bbs'})
89 if self.get_argument('password') == pw['password']:
90 self.set_current_user('admin')
91 if dbname == 'master':
92 self.redirect('/master')
94 self.redirect('/'+dbname+'/admin/0/')
96 class LogoutHandler(BaseHandler):
98 self.clear_current_user()
99 self.redirect('/login')
101 class JumpHandler(BaseHandler):
103 self.clear_current_user()
106 class NaviHandler(web.RequestHandler):
108 if 'params' not in self.application.coll():
109 item = {"mentenance":False,"out_words":[u"阿保",u"馬鹿",u"死ね"],"password":"admin",
110 "title2":"<h1 style=color:gray;text-align:center>pybbs</h1>",
111 "bad_words":["<style","<link","<script","<img"],"count":30,
112 "title":"pybbs","info name":"info",'app':'bbs'}
113 self.application.db['params'].insert(item)
114 self.application.db['info']
115 table = self.application.db['params'].find_one({'app':'bbs'})
116 if table['mentenance'] is True:
117 self.render('mentenance.htm',title=table['title'],db=table['info name'])
119 coll,na = self.name()
120 self.render('top.htm',coll=coll,name=na,full=self.full)
123 coll = sorted(self.application.coll(),key=str.lower)
124 na = self.application.db['params'].find_one({'app':'bbs'})['info name']
131 def full(self,dbname):
132 if dbname in self.application.db.collection_names():
133 i = 10*self.application.db['params'].find_one({'app':'bbs'})['count']
134 table = self.application.db[dbname]
135 if table.count() >= i:
139 class TitleHandler(NaviHandler):
141 rec = sorted(self.title(),key=lambda x: x['date2'])
142 self.render('title.htm',coll=rec,full=self.full)
145 name = self.application.coll()
149 table = self.application.db[x]
152 tmp = table.find_one({'number':1})
162 rec = table.find().sort('number')
165 i = datetime.strptime(s,'%Y/%m/%d %H:%M')
166 year = datetime.now().year-i.year
173 item['date2'] = j+31*(i.month-1)+i.day
176 class RegistHandler(web.RequestHandler):
177 def post(self,dbname):
178 if dbname not in self.application.coll():
179 raise web.HTTPError(404)
180 rec = self.application.db['params'].find_one({'app':'bbs'})
181 words = rec['bad_words']
182 out = rec['out_words']
183 rule = self.get_argument('aikotoba')
184 na = self.get_argument('name')
185 sub = self.get_argument('title')
186 com = self.get_argument('comment',None,False)
197 for line in com.splitlines():
201 if word in line.lower():
202 error += u'タグ違反.('+word+')'
204 obj = re.finditer('http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', line)
206 if x.group() not in url:
207 url.append(x.group())
215 line = line.replace(' ',' ',j)
219 text += '<p>'+self.link(line)+'</p>'
222 s = s+'<tr><td><a href={0} class=livepreview target=_blank>{0}</a></td></tr>'.format(x)
224 text = text+'<table><tr><td>検出url:</td></tr>'+s+'</table>'
225 pw = self.get_argument('password')
227 error += u'文字数が1,000をこえました.'
232 article = self.application.db[dbname]
233 if article.count() == 0:
236 items = article.find()
237 item = items.sort('number')[article.count()-1]
238 no = item['number']+1
240 self.set_cookie('aikotoba',escape.url_escape(rule))
242 reg = {'number':no,'name':na,'title':sub,'comment':text,'raw':com,'password':pw,'date':s.strftime('%Y/%m/%d %H:%M')}
244 self.set_cookie('username',escape.url_escape(na))
245 self.redirect('/'+dbname+'#article')
247 self.render('regist.htm',content=error)
249 def link(self,command):
252 obj = re.finditer('>>[0-9]+',command)
254 s = '<a class=minpreview data-preview-url=/{0}?key={1} href=/{0}/userdel?job={1}>>>{1}</a>'.format(self.database,x.group()[2:])
255 text = text+command[i:x.start()]+s
258 text = text+command[i:]
261 class AdminHandler(BaseHandler):
263 def get(self,dbname,page='0'):
265 dbname = self.get_argument('record','')
266 if dbname not in self.application.coll():
267 raise web.HTTPError(404)
268 table = self.application.db[dbname]
269 rec = table.find().sort('number')
270 mente = self.application.db['params'].find_one({'app':'bbs'})
271 if mente['mentenance'] is True:
272 check = 'checked=checked'
275 pos = self.application.gpos(dbname,page)
279 start = table.count()-i
282 rec.skip(start).limit(i)
283 self.render('modules/admin.htm',position=pos,records=rec,mente=check,password=mente['password'],db=dbname)
285 class AdminConfHandler(BaseHandler):
287 def post(self,dbname,func):
289 param = self.application.db['params'].find_one({'app':'bbs'})
290 if self.get_argument('mente','') == 'on':
294 word = self.get_argument('pass','')
296 self.render('regist.htm',content='パスワードを設定してください')
299 param['mentenance']=mente
300 param['password']=word
301 self.application.db['params'].save(param)
303 table = self.application.db[dbname]
304 for x in self.get_arguments('item'):
305 table.remove({'number':int(x)})
306 self.redirect('/'+dbname+'/admin/0/')
308 class UserHandler(web.RequestHandler):
309 def get(self,dbname):
310 q = self.get_query_argument('job','0',strip=True)
311 self.redirect(self.application.page(dbname,q))
313 def post(self,dbname):
314 number = self.get_argument('number')
315 if number.isdigit() is True:
317 url = self.application.page(dbname,number)
318 if 'password' in self.request.arguments.keys():
319 pas = self.get_argument('password')
323 table = self.application.db[dbname]
324 obj = table.find_one({'number':num})
325 if obj and(obj['password'] == pas):
326 table.update({'number':num},{'$set':{'title':u'削除されました','name':'','comment':u'<i><b>投稿者により削除されました</b></i>','raw':''}})
329 self.redirect('/'+dbname)
331 class SearchHandler(web.RequestHandler):
332 def post(self,dbname=''):
333 arg = self.get_argument('word1')
335 self.andor = self.get_argument('type')
336 self.radiobox = self.get_argument('filter')
339 for x in self.application.coll():
340 moji = self.search(x)
341 for y in sorted(moji,key=lambda k: k['number']):
345 rec = sorted(self.search(dbname),key=lambda x: x['number'])
346 self.render('modules/search.htm',records=rec,word1=arg,db=dbname)
348 def get(self,dbname=''):
349 if dbname not in self.application.coll() and dbname != '':
350 raise web.HTTPError(404)
351 self.render('modules/search.htm',records=[],word1='',db=dbname)
353 def search(self,dbname):
354 table = self.application.db[dbname]
355 andor = self.andor == 'OR'
356 element = self.word.split()
360 elm.append(re.escape(x))
361 if self.radiobox == 'comment':
364 query.append({'raw':re.compile(qu,re.IGNORECASE)})
368 result = table.find({'$or':query})
371 result = table.find({'$and':query})
376 for text in x['raw'].splitlines():
382 text = text.replace(' ',' ',i)
384 if y.lower() in text.lower():
385 com += '<p style=background-color:'+color+'>'+text+'<br></p>'
391 com += '<p>'+text+'</p>'
398 query.append({'name':x})
401 for x in table.find({'$or':query}):
404 class HelpHandler(web.RequestHandler):
406 self.render('help.htm',req='')
409 com = self.get_argument('help','')
410 line = com.splitlines(True)
414 time = datetime.now()
415 db = self.application.db['master']
416 db.insert({'comment':com,'time':time.strftime('%Y/%m/%d')})
417 self.render('help.htm',req='送信しました')
419 class MasterHandler(BaseHandler):
422 if self.current_user == b'admin':
423 com = self.application.db['master'].find()
424 sum = self.application.db['temp'].find().count()
425 self.render('master.htm',com=com,sum=sum)
427 raise web.HTTPError(404)
429 class AlertHandler(web.RequestHandler):
431 db = self.get_query_argument('db')
432 num = self.get_query_argument('num')
433 table = self.application.db[db]
434 tb = table.find_one({'number':int(num)})
436 time = datetime.now().strftime('%Y/%m/%d')
437 link = self.application.page(db,num)
438 jump = '<p><a href={0}>{0}</a>'.format(link)
439 d = datetime.now().weekday()
440 table = self.application.db['temp']
441 table.remove({'date':{'$ne':d}})
442 result = table.insert(
443 {'comment':com+jump,'time':time,'link':link,'date':d,'db':db,'num':num})
444 self.render('alert.htm',com=com+jump,num=str(result))
447 id = ObjectId(self.get_argument('num'))
448 table = self.application.db['temp']
449 tb = table.find_one({'_id':id})
451 com = self.get_argument('com')
452 table.remove({'_id':id})
453 if self.get_argument('cancel','') == 'cancel':
457 tb['comment'] = com+tb['comment']
459 table = self.application.db['master']
463 class CleanHandler(web.RequestHandler):
465 bool = self.get_argument('all', 'false').lower()
466 table = self.application.db['master']
469 self.application.db['temp'].remove()
470 elif bool == 'false':
471 for x in list(table.find()):
472 if not 'num' in x.keys():
473 table.remove({'_id':x['_id']})
475 item = self.application.db[x['db']].find_one({'number':int(x['num'])})
476 if (not item)or(item['raw'] == ''):
477 table.remove({'_id':x['_id']})
478 com = self.application.db['master'].find()
479 sum = self.application.db['temp'].find().count()
480 self.render('master.htm', com=com, sum=sum)
482 class FooterModule(web.UIModule):
483 def render(self,number,url,link):
484 return self.render_string('modules/footer.htm',index=number,url=url,link=link)
486 class HeadlineApi(web.RequestHandler):
489 for coll in self.application.coll():
490 table = self.application.db[coll]
491 if table.count() == 0:
494 text = table.find().sort('number')[table.count()-1]
495 mydict = {'number':text['number'],'name':text['name'],'title':text['title'],'comment':text['raw'][0:20]}
496 response[coll] = mydict
497 self.write(json.dumps(response,ensure_ascii=False))
499 class ArticleApi(web.RequestHandler):
500 def get(self,dbname,number):
502 if dbname in self.application.coll():
503 table = self.application.db[dbname]
504 response = table.find_one({'number':int(number)})
509 del response['comment']
510 del response['password']
511 self.write(json.dumps(response,ensure_ascii=False))
513 class ListApi(web.RequestHandler):
514 def get(self,dbname):
516 if dbname in self.application.coll():
517 table = self.application.db[dbname]
519 for data in table.find().sort('number'):
520 response[data['number']] = data['raw'][0:20]
523 self.write(json.dumps(response,ensure_ascii=False))
525 class WebHookHandler(web.RequestHandler):
527 #pz = pytz.timezone('Asia/Tokyo')
528 now = datetime.now()#pz)
531 if (w < 5)and(t >= 9)and(t < 16):
533 table, na = self.users()
534 item = table.find({'no':re.compile(no,re.IGNORECASE)})
535 if item.count() == 1:
537 ans = x['name']+'\n'+x['no']
538 elif item.count() > 1:
541 list1 = sorted(obj, key=lambda k:k['name'])
543 if x['name'] == list1[0]['name']:
544 ans += x['name']+'\n'+x['no']+'\n'
549 ans = self.itr(sorted(list1, key=lambda k:k['no']))
551 ans = self.itr(table.find().sort('no'))
552 ans = '-*-'+na+' list-*-\n'+ans
558 ans += '【'+x['no']+'】 '
562 s = '-*-database names-*-\n'
563 out = ['objectlabs-system','objectlabs-system.admin.collections','users_bot']
564 for x in self.application.db.collection_names(include_system_collections=False):
565 if not x in out and x[-4:] == '_bot' and x != '_bot':
569 def setting(self, dbname):
570 dbname = dbname.lower()+'_bot'
571 ca = self.application.db.collection_names(include_system_collections=False)
572 if 'users_bos' in ca:
573 ca.remove('users_bot')
575 db = self.application.db['users_bot']
576 item = db.find_one({'name':self.uid})
577 if item['dbname'] == dbname:
580 db.update({'name':self.uid}, {'name':self.uid, 'dbname':dbname})
585 db = self.application.db['users_bot']
586 item = db.find_one({'name':self.uid})
588 return self.application.db[x], x[:-4]
592 signature = self.request.headers['X-Line-Signature']
593 body = self.request.body
594 parser = WebhookParser(self.application.ch)
596 parser.parse(body, signature)
597 except InvalidSignatureError:
601 dic = escape.json_decode(self.request.body)
602 for event in dic['events']:
603 if 'replyToken' in event.keys():
604 self.uid = event['source']['userId']
606 if event['type'] == 'unfollow':
607 self.application.db[bot].remove({'name':self.uid})
609 elif event['type'] != 'message' or event['message']['type'] != 'text':
611 item = self.application.db['params'].find_one({'app':'bot'})
616 if item and 'access_token' in item.keys():
617 token = item['access_token']
619 token =self.application.tk
620 if not bot in self.application.db.collection_names() or not self.application.db[bot].find_one({'name':self.uid}):
621 db = self.application.db[bot]
622 db.insert({'name':self.uid, 'dbname':de})
623 x = event['message']['text']
630 linebot = LineBotApi(token)
631 linebot.reply_message(event['replyToken'], TextSendMessage(text=te))
633 class InitHandler(web.RequestHandler):
635 de = self.get_argument('default', '')
637 names = self.application.db.collection_names()
640 if x[-4:] == '_bot' and x != 'users_bot':
642 self.render('init.htm',db=db)
644 tb = self.application.db['params']
645 if tb.find_one({'app':'bot'}):
646 tb.update({'app':'bot'}, {'app':'bot', 'default':de+'_bot'})
648 tb.insert({'app':'bot', 'default':de+'_bot'})
649 for x in glob.glob('./*.txt'):
653 self.main(x[2:-4].lower(), data)
655 def main(self, name, data):
656 if name == 'requirements':
660 for x in data.split('\n'):
661 if len(x) > 0 and x[0] == '@':
667 table = self.application.db[name+'_bot']
672 class TokenHandler(web.RequestHandler):
673 def on_response(self, response):
674 dic = escape.json_decode(response.body)
675 token = dic['access_token']
676 table = self.application.db['params']
677 data = {'app':'bot', 'access_token':token}
678 if table.find_one({'app':'bot'}):
686 url = 'https://api.line.me/v2/oauth/accessToken'
687 headers = 'application/x-www-form-urlencoded'
688 data = {'grant_type':'client_credentials', 'client_id':self.application.id, 'client_secret':self.application.ch}
689 body = urllib.parse.urlencode(data)
690 req = httpclient.HTTPRequest(url=url,method='POST',headers=headers,body=body)
691 http = httpclient.AsyncHTTPClient()
692 http.fetch(req, callback=self.on_response)
694 class Application(web.Application):
695 id = os.environ['Bot_Id']
696 ch = os.environ['Channel_Secret']
697 uri = os.environ['MONGODB_URI']
698 ac = os.environ['ACCOUNT']
699 tk = os.environ['long_token']
700 db = pymongo.MongoClient(uri)[ac]
702 handlers = [(r'/',NaviHandler),(r'/login',LoginHandler),(r'/logout',LogoutHandler),(r'/title',TitleHandler),
703 (r'/headline/api',HeadlineApi),(r'/read/api/([a-zA-Z0-9_]+)/([0-9]+)',ArticleApi),
704 (r'/write/api/([a-zA-Z0-9_%]+)/()/()/()',ArticleApi),(r'/list/api/([a-zA-Z0-9_%]+)',ListApi),
705 (r'/help',HelpHandler),(r'/master',MasterHandler),(r'/alert',AlertHandler),(r'/jump',JumpHandler),
706 (r'/callback',WebHookHandler),(r'/init',InitHandler),(r'/search',SearchHandler),(r'/clean',CleanHandler),(r'/token',TokenHandler),
707 (r'/([a-zA-Z0-9_%]+)',IndexHandler),(r'/([a-zA-Z0-9_%]+)/([0-9]+)/',IndexHandler),
708 (r'/([a-zA-Z0-9_%]+)/admin/([0-9]+)/*',AdminHandler),(r'/([a-zA-Z0-9_%]+)/admin/([a-z]+)/*',AdminConfHandler),(r'/([a-zA-Z0-9_%]+)/userdel',UserHandler),
709 (r'/([a-zA-Z0-9_%]+)/search',SearchHandler),(r'/([a-zA-Z0-9_%]+)/regist',RegistHandler)]
710 settings = {'template_path':os.path.join(os.path.dirname(__file__),'templates'),
711 'static_path':os.path.join(os.path.dirname(__file__),'static'),
712 'ui_modules':{'Footer':FooterModule},
713 'cookie_secret':os.environ['cookie'],
714 'xsrf_cookies':False,
718 super().__init__(handlers,**settings)
720 def gpos(self,dbname,page):
721 params = self.db['params'].find_one({'app':'bbs'})
725 elif (pos-1)*params['count'] >= self.db[dbname].count():
729 def page(self,dbname,number):
730 table = self.db[dbname]
731 rec = table.find({'number':{'$lte':int(number)}}).count()
732 s = self.db['params'].find_one({'app':'bbs'})
733 conf = int(s['count'])
734 if table.find().count() - rec >= conf:
735 return '/'+dbname+'/'+str(1+rec//conf)+'/#'+number
737 return '/'+dbname+'#'+number
740 name = self.db.collection_names()
741 for x in ['objectlabs-system.admin.collections','objectlabs-system','system.indexes',
742 'params','master','temp']:
750 if __name__ == '__main__':
752 http_server = httpserver.HTTPServer(app)
753 port = int(os.environ.get('PORT',5000))
754 http_server.listen(port)
755 ioloop.IOLoop.instance().start()