gcivil-nyu-org / team4-wed-spring25 / 683

Committed 30 Apr 2025 03:08PM UTC coverage: 93.047% (-0.2%) from 93.242%

Build # 683

Build Type

push

travis-pro

Committed by

divya603

Commit Message

change password

Run Details

1820 of 1956 relevant lines covered (93.05%)

0.93 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

76.57

/parks/views.py

from django.shortcuts import render
from django.shortcuts import get_object_or_404
from django.shortcuts import redirect
from django.http import (  # noqa: F401  # Ignore "imported but unused"
    HttpResponseForbidden,
    HttpResponse,
    JsonResponse,
    HttpResponsePermanentRedirect,
)
from django.urls import reverse  # noqa: F401  # Ignore "imported but unused"
from django.db.models import OuterRef, Subquery, CharField, Q, Avg, Count, Prefetch
from django.db.models.functions import Cast
from .models import (
    DogRunNew,
    Review,
    ParkImage,
    ReviewReport,
    ImageReport,
    ParkPresence,
    Reply,
    ReplyReport,
    ParkInfoReport,
)
from django.forms.models import model_to_dict
from django.contrib.auth.decorators import login_required

import json
import datetime
from django.contrib import messages
from django.utils import timezone
from django.utils.timezone import now, localtime
from django.views.decorators.http import require_POST
from django.views.decorators.cache import never_cache
from datetime import timedelta

from django.contrib.auth.models import User
from .models import Message
from collections import defaultdict

from accounts.decorators import ban_protected
from accounts.utils import is_user_banned
from django.contrib.auth import logout


@ban_protected
@login_required
def chat_view(request, username):
    recipient = get_object_or_404(User, username=username)
    messages = Message.objects.filter(
        sender__in=[request.user, recipient], recipient__in=[request.user, recipient]
    )
    if request.method == "POST":
        content = request.POST.get("content")
        if content:
            Message.objects.create(
                sender=request.user, recipient=recipient, content=content
            )
            return redirect("chat_view", username=username)
    return render(
        request, "parks/chat.html", {"recipient": recipient, "messages": messages}
    )


@ban_protected
@login_required
def all_messages_view(request):
    user = request.user
    # Get all messages involving the user, either sent or received
    messages = (
        Message.objects.filter(Q(sender=user) | Q(recipient=user))
        .select_related("sender", "recipient")
        .order_by("-timestamp")
    )

    # Group by the *other* user
    grouped = defaultdict(list)
    for msg in messages:
        other_user = msg.recipient if msg.sender == user else msg.sender
        grouped[other_user.username].append(msg)

    return render(
        request, "parks/all_messages.html", {"grouped_messages": dict(grouped)}
    )


@ban_protected
@login_required
def delete_conversation(request, sender_username):
    # Get the recipient user object (the sender of the conversation)
    recipient = get_object_or_404(User, username=sender_username)

    # Delete messages where the user is either the sender or recipient
    Message.objects.filter(
        sender__in=[request.user, recipient], recipient__in=[request.user, recipient]
    ).delete()

    # Redirect to the all messages view after deleting the conversation
    return redirect("all_messages")


@ban_protected
@login_required
@require_POST
def checkin_view(request):
    data = json.loads(request.body)
    park_id = data.get("park_id")
    park = get_object_or_404(DogRunNew, id=park_id)

    # Remove existing 'current' check-ins from other parks
    ParkPresence.objects.filter(user=request.user, status="current").exclude(
        park=park
    ).delete()

    # Check in to this park
    presence, created = ParkPresence.objects.update_or_create(
        user=request.user,
        park=park,
        defaults={"status": "current", "time": timezone.now()},
    )

    return JsonResponse({"status": "checked in", "new": created})


@ban_protected
@login_required
@require_POST
def bethere_view(request):
    try:
        data = json.loads(request.body)
        park_id = data.get("park_id")
        time_str = data.get("time")  # e.g. "17:30"

        if not park_id or not time_str:
            return JsonResponse({"error": "Missing park_id or time"}, status=400)

        # Parse and validate time
        try:
            arrival_time = datetime.datetime.strptime(time_str, "%H:%M").time()
        except ValueError:
            return JsonResponse({"error": "Invalid time format"}, status=400)

        current_datetime = now()
        today = current_datetime.date()
        arrival_datetime = timezone.make_aware(
            datetime.datetime.combine(today, arrival_time)
        )

        if arrival_datetime < current_datetime:
            return JsonResponse({"error": "Cannot select a past time"}, status=400)

        park = get_object_or_404(DogRunNew, id=park_id)

        # ✅ Save the full datetime, not just the time
        presence, created = ParkPresence.objects.update_or_create(
            user=request.user,
            park=park,
            defaults={"status": "On their way", "time": arrival_datetime},
        )

        formatted_time = arrival_datetime.strftime("%I:%M %p")
        return JsonResponse({"status": "on their way", "time": formatted_time})

    except Exception as e:
        import traceback

        print(traceback.format_exc())
        return JsonResponse({"error": str(e)}, status=500)


def expire_old_checkins():
    expiration_time = timezone.now() - timedelta(hours=1)
    ParkPresence.objects.filter(status="current", time__lt=expiration_time).delete()


def home_view(request):
    return render(request, "parks/home.html")


@never_cache
def park_and_map(request):
    # Get filter values from GET request
    query = request.GET.get("query", "").strip()
    filter_value = request.GET.get("filter", "").strip()
    accessible_value = request.GET.get("accessible", "").strip()
    borough_value = request.GET.get("borough", "").strip().upper()

    thumbnail = ParkImage.objects.filter(
        park_id=OuterRef("pk"), is_removed=False, review__is_removed=False
    ).values("image")[:1]

    # Fetch all dog runs from the database
    parks = (
        DogRunNew.objects.all()
        .order_by("id")
        .prefetch_related("images")
        .annotate(
            thumbnail_url=Cast(Subquery(thumbnail), output_field=CharField()),
            average_rating=Avg("reviews__rating", filter=Q(reviews__is_removed=False)),
            review_count=Count("reviews", filter=Q(reviews__is_removed=False)),
        )
    )

    # Search by ZIP, name, or Google name
    if query:
        parks = parks.filter(
            Q(name__icontains=query)
            | Q(google_name__icontains=query)
            | Q(zip_code__icontains=query)
        )

    # Filter by park type (e.g., "Off-Leash")
    if filter_value:
        parks = parks.filter(dogruns_type__iexact=filter_value)

    # Filter by accessibility only if explicitly set to "True" or "False"
    if accessible_value == "True":
        parks = parks.filter(accessible=True)
    elif accessible_value == "False":
        parks = parks.filter(accessible=False)

    if borough_value:
        parks = parks.filter(borough=borough_value)

    # Convert parks to JSON (for JS use)
    # parks_json = json.dumps(list(parks.values()))

    parks_json = json.dumps(
        [
            {
                **model_to_dict(park),
                "thumbnail_url": park.thumbnail_url,
                "average_rating": park.average_rating,
                "review_count": park.review_count,
                "url": park.detail_page_url(),
            }
            for park in parks
        ]
    )

    # Render the template
    return render(
        request,
        "parks/combined_view.html",
        {
            "parks": parks,
            "parks_json": parks_json,
            "query": query,
            "selected_type": filter_value,
            "selected_accessible": accessible_value,
            "selected_borough": borough_value,
        },
    )


@never_cache
def park_detail(request, slug, id):
    park = get_object_or_404(DogRunNew, id=id)
    if slug != park.slug:
        return HttpResponsePermanentRedirect(park.detail_page_url())

    images = ParkImage.objects.filter(
        park=park, is_removed=False, review__is_removed=False
    )

    # Prefetch only non-removed images for each review
    visible_images = Prefetch(
        "images",
        queryset=ParkImage.objects.filter(is_removed=False),
        to_attr="visible_images",
    )
    reviews = park.reviews.filter(is_removed=False).prefetch_related(
        visible_images, "replies__user__userprofile", "user__userprofile"  # load avatar
    )
    reviews = park.reviews.filter(is_removed=False).prefetch_related(visible_images)

    average_rating = reviews.aggregate(Avg("rating"))["rating__avg"]

    # Clean up expired "On their way" entries
    now = localtime()
    # Call the function to expire old check-ins
    expire_old_checkins()

    ParkPresence.objects.filter(park=park, status="On their way", time__lt=now).delete()

    # Updated counts after cleanup
    current_count = ParkPresence.objects.filter(park=park, status="current").count()
    on_the_way_count = ParkPresence.objects.filter(
        park=park, status="On their way", time__isnull=False, time__gte=now
    ).count()

    query = request.GET.get("q", "")

    # Only users currently checked-in or on their way
    presences = ParkPresence.objects.filter(
        park=park, status__in=["current", "On their way"]
    )

    if query:
        presences = presences.filter(user__username__icontains=query)

    if request.user.is_authenticated and request.method == "POST":

        if is_user_banned(request.user):
            logout(request)
            messages.error(
                request,
                "Your account is banned. "
                "You cannot perform this action. You have been logged out.",
            )
            return redirect("login")

        form_type = request.POST.get("form_type")

        if form_type == "submit_review":
            review_text = request.POST.get("text", "").strip()
            rating_value = request.POST.get("rating", "").strip()

            if not rating_value.isdigit():
                messages.error(request, "Please select a rating before submitting.")
                return redirect(park.detail_page_url())

            rating = int(rating_value)
            if rating < 1 or rating > 5:
                return render(
                    request,
                    "parks/park_detail.html",
                    {
                        "park": park,
                        "images": images,
                        "reviews": reviews,
                        "error_message": "Rating must be between 1 and 5 stars!",
                        "average_rating": average_rating,
                        "current_count": current_count,
                        "on_the_way_count": on_the_way_count,
                    },
                )

            review = Review.objects.create(
                park=park,
                text=review_text if review_text else "",
                rating=rating,
                user=request.user,
            )
            images = request.FILES.getlist("images")
            ALLOWED_IMAGE_TYPES = ["image/jpeg", "image/png", "image/webp"]

            invalid_type = any(
                img.content_type not in ALLOWED_IMAGE_TYPES for img in images
            )

            if invalid_type:
                messages.error(request, "Only JPEG, PNG, or WebP images are allowed.")
                review.delete()
                return redirect("park_detail", slug=park.slug, id=park.id)

            MAX_IMAGE_SIZE = 5 * 1024 * 1024  # 5 MB

            invalid_images = [img for img in images if img.size > MAX_IMAGE_SIZE]

            if invalid_images:
                messages.error(request, "Each image must be under 5 MB.")
                review.delete()
                return redirect("park_detail", slug=park.slug, id=park.id)

            # Save valid images
            for image in images:
                ParkImage.objects.create(
                    park=park, image=image, review=review, user=request.user
                )

            messages.success(request, "Your review was submitted successfully!")
            return redirect(park.detail_page_url())

        elif form_type == "check_in":
            ParkPresence.objects.create(
                user=request.user,
                park=park,
                status="current",
                time=now,
            )

        elif form_type == "be_there_at":
            time_str = request.POST.get("time")
            try:
                arrival_time = timezone.datetime.combine(
                    now.date(), timezone.datetime.strptime(time_str, "%H:%M").time()
                )
                arrival_time = timezone.make_aware(
                    arrival_time
                )  # Make it timezone aware
            except (ValueError, TypeError):
                arrival_time = None

            if arrival_time and arrival_time >= now:
                ParkPresence.objects.create(
                    user=request.user,
                    park=park,
                    status="on_the_way",
                    time=arrival_time,
                )
        # report reviews
        elif form_type == "report_review":
            if request.user.is_authenticated:
                review_id = request.POST.get("review_id")
                reason = request.POST.get("reason", "").strip()

                if review_id and reason:
                    review = get_object_or_404(Review, id=review_id)

                    # prevent duplicate reports by the same user
                    exists = ReviewReport.objects.filter(
                        review=review, reported_by=request.user
                    ).exists()

                    if exists:
                        messages.error(
                            request, "You have already reported this review before."
                        )
                    else:
                        ReviewReport.objects.create(
                            review=review, reported_by=request.user, reason=reason
                        )
                        messages.success(
                            request, "Your review report was submitted successfully."
                        )
            else:
                messages.error(request, "You must be logged in to report a review.")

            return redirect(park.detail_page_url())

        elif form_type == "submit_reply":
            if request.user.is_authenticated:
                parent_review_id = request.POST.get("parent_review_id")
                reply_text = request.POST.get("reply_text", "").strip()
                parent_reply_id = request.POST.get("parent_reply_id")

                if parent_review_id and reply_text:
                    parent_review = get_object_or_404(Review, id=parent_review_id)

                    parent_reply = None
                    if parent_reply_id:
                        try:
                            parent_reply = Reply.objects.get(id=parent_reply_id)
                        except Reply.DoesNotExist:
                            parent_reply = None  # fallback: just attach to review

                    Reply.objects.create(
                        review=parent_review,
                        user=request.user,
                        text=reply_text,
                        parent_reply=parent_reply,
                    )

                    messages.success(request, "Reply submitted successfully!")
        return redirect(park.detail_page_url())

    park_json = json.dumps(model_to_dict(park))

    return render(
        request,
        "parks/park_detail.html",
        {
            "park": park,
            "images": images,
            "reviews": reviews,
            "park_json": park_json,
            "average_rating": average_rating,
            "current_count": current_count,
            "on_the_way_count": on_the_way_count,
            "presences": presences,
            "query": query,
        },
    )


def try_hard_delete_review_if_all_replies_deleted(review):
    if review.is_deleted and not review.replies.filter(is_deleted=False).exists():
        ParkImage.objects.filter(review=review).delete()
        review.delete()


@ban_protected
@login_required
def delete_review(request, review_id):
    review = get_object_or_404(Review, id=review_id)

    # Ensure the current user owns the review
    if request.user != review.user:
        return HttpResponseForbidden("You are not allowed to delete this review.")

    # If there are any non-deleted replies, perform soft-delete
    if review.replies.filter(is_deleted=False).exists():
        review.is_deleted = True
        review.text = ""
        review.save()
    else:
        # Delete associated images (if any), then delete the review
        review.images.all().delete()
        review.delete()

    messages.success(request, "You have successfully deleted the review!")
    return redirect(review.park.detail_page_url())


@ban_protected
@login_required
def delete_image(request, image_id):
    image = get_object_or_404(ParkImage, id=image_id)
    if image.user == request.user:
        image.delete()
        messages.success(request, "You have successfully deleted the image!")
        return redirect(image.park.detail_page_url())
    return HttpResponseForbidden("You are not allowed to delete this image.")


def contact_view(request):
    return render(request, "parks/contact.html")


@ban_protected
@login_required
def report_image(request, image_id):
    image = get_object_or_404(ParkImage, id=image_id)

    if request.method == "POST":
        reason = request.POST.get("reason", "").strip()
        if reason:
            # Check if this user already reported this image
            already_reported = ImageReport.objects.filter(
                user=request.user, image=image
            ).exists()
            if already_reported:
                messages.error(request, "You have already reported this image before.")
            else:
                ImageReport.objects.create(
                    user=request.user, image=image, reason=reason
                )
                messages.success(request, "You have successfully reported the image!")
        return redirect(image.park.detail_page_url())

    return redirect(image.park.detail_page_url())


@ban_protected
@login_required
def delete_reply(request, reply_id):
    reply = get_object_or_404(Reply, id=reply_id)

    if reply.user != request.user:
        messages.error(request, "You can only delete your own replies.")
        return redirect(request.META.get("HTTP_REFERER", "/"))

    if reply.children.filter(is_deleted=False).exists():
        # Soft-delete: mark deleted, clear text
        reply.is_deleted = True
        reply.text = ""
        reply.save()
    else:
        reply.delete()

    messages.success(request, "Reply deleted successfully.")
    # check & hard delete
    try_hard_delete_review_if_all_replies_deleted(reply.review)
    return redirect(request.META.get("HTTP_REFERER", "/"))


@ban_protected
@login_required
def report_reply(request, reply_id):
    if request.method == "POST":
        reason = request.POST.get("reason", "").strip()
        reply = get_object_or_404(Reply, id=reply_id)
        if reply.user != request.user and reason:
            ReplyReport.objects.create(reply=reply, user=request.user, reason=reason)
            messages.success(request, "Reply reported successfully.")
        else:
            messages.error(request, "You cannot report your own reply.")
    return redirect(request.META.get("HTTP_REFERER", "/"))


def custom_500_view(request):
    return render(request, "500.html", status=500)


def trigger_500(request):
    raise Exception("Simulated 500 error")


@ban_protected
@login_required
def report_park_info(request, park_id):
    if request.method == "POST":
        park = get_object_or_404(DogRunNew, id=park_id)
        new_dogruns_type = request.POST.get("new_dogruns_type")
        new_accessible = request.POST.get("new_accessible") == "True"

        ParkInfoReport.objects.create(
            park=park,
            user=request.user,
            new_dogruns_type=new_dogruns_type,
            new_accessible=new_accessible,
        )
        messages.success(request, "Thank you! Your report was submitted.")
        return redirect(park.detail_page_url())

1	from django.shortcuts import render	1✔
2	from django.shortcuts import get_object_or_404	1✔
3	from django.shortcuts import redirect	1✔
4	from django.http import ( # noqa: F401 # Ignore "imported but unused"	1✔
5	HttpResponseForbidden,
6	HttpResponse,
7	JsonResponse,
8	HttpResponsePermanentRedirect,
9	)
10	from django.urls import reverse # noqa: F401 # Ignore "imported but unused"	1✔
11	from django.db.models import OuterRef, Subquery, CharField, Q, Avg, Count, Prefetch	1✔
12	from django.db.models.functions import Cast	1✔
13	from .models import (	1✔
14	DogRunNew,
15	Review,
16	ParkImage,
17	ReviewReport,
18	ImageReport,
19	ParkPresence,
20	Reply,
21	ReplyReport,
22	ParkInfoReport,
23	)
24	from django.forms.models import model_to_dict	1✔
25	from django.contrib.auth.decorators import login_required	1✔
26
27	import json	1✔
28	import datetime	1✔
29	from django.contrib import messages	1✔
30	from django.utils import timezone	1✔
31	from django.utils.timezone import now, localtime	1✔
32	from django.views.decorators.http import require_POST	1✔
33	from django.views.decorators.cache import never_cache	1✔
34	from datetime import timedelta	1✔
35
36	from django.contrib.auth.models import User	1✔
37	from .models import Message	1✔
38	from collections import defaultdict	1✔
39
40	from accounts.decorators import ban_protected	1✔
41	from accounts.utils import is_user_banned	1✔
42	from django.contrib.auth import logout	1✔
43
44
45	@ban_protected	1✔
46	@login_required	1✔
47	def chat_view(request, username):	1✔
48	recipient = get_object_or_404(User, username=username)	1✔
49	messages = Message.objects.filter(	1✔
50	sender__in=[request.user, recipient], recipient__in=[request.user, recipient]
51	)
52	if request.method == "POST":	1✔
53	content = request.POST.get("content")	1✔
54	if content:	1✔
55	Message.objects.create(	1✔
56	sender=request.user, recipient=recipient, content=content
57	)
58	return redirect("chat_view", username=username)	1✔
59	return render(	1✔
60	request, "parks/chat.html", {"recipient": recipient, "messages": messages}
61	)
62
63
64	@ban_protected	1✔
65	@login_required	1✔
66	def all_messages_view(request):	1✔
67	user = request.user	1✔
68	# Get all messages involving the user, either sent or received
69	messages = (	1✔
70	Message.objects.filter(Q(sender=user) \| Q(recipient=user))
71	.select_related("sender", "recipient")
72	.order_by("-timestamp")
73	)
74
75	# Group by the other user
76	grouped = defaultdict(list)	1✔
77	for msg in messages:	1✔
78	other_user = msg.recipient if msg.sender == user else msg.sender	1✔
79	grouped[other_user.username].append(msg)	1✔
80
81	return render(	1✔
82	request, "parks/all_messages.html", {"grouped_messages": dict(grouped)}
83	)
84
85
86	@ban_protected	1✔
87	@login_required	1✔
88	def delete_conversation(request, sender_username):	1✔
89	# Get the recipient user object (the sender of the conversation)
90	recipient = get_object_or_404(User, username=sender_username)	1✔
91
92	# Delete messages where the user is either the sender or recipient
93	Message.objects.filter(	1✔
94	sender__in=[request.user, recipient], recipient__in=[request.user, recipient]
95	).delete()
96
97	# Redirect to the all messages view after deleting the conversation
98	return redirect("all_messages")	1✔
99
100
101	@ban_protected	1✔
102	@login_required	1✔
103	@require_POST	1✔
104	def checkin_view(request):	1✔
105	data = json.loads(request.body)	×
106	park_id = data.get("park_id")	×
107	park = get_object_or_404(DogRunNew, id=park_id)	×
108
109	# Remove existing 'current' check-ins from other parks
110	ParkPresence.objects.filter(user=request.user, status="current").exclude(	×
111	park=park
112	).delete()
113
114	# Check in to this park
115	presence, created = ParkPresence.objects.update_or_create(	×
116	user=request.user,
117	park=park,
118	defaults={"status": "current", "time": timezone.now()},
119	)
120
121	return JsonResponse({"status": "checked in", "new": created})	×
122
123
124	@ban_protected	1✔
125	@login_required	1✔
126	@require_POST	1✔
127	def bethere_view(request):	1✔
128	try:	×
129	data = json.loads(request.body)	×
130	park_id = data.get("park_id")	×
131	time_str = data.get("time") # e.g. "17:30"	×
132
133	if not park_id or not time_str:	×
134	return JsonResponse({"error": "Missing park_id or time"}, status=400)	×
135
136	# Parse and validate time
137	try:	×
138	arrival_time = datetime.datetime.strptime(time_str, "%H:%M").time()	×
139	except ValueError:	×
140	return JsonResponse({"error": "Invalid time format"}, status=400)	×
141
142	current_datetime = now()	×
143	today = current_datetime.date()	×
144	arrival_datetime = timezone.make_aware(	×
145	datetime.datetime.combine(today, arrival_time)
146	)
147
148	if arrival_datetime < current_datetime:	×
149	return JsonResponse({"error": "Cannot select a past time"}, status=400)	×
150
151	park = get_object_or_404(DogRunNew, id=park_id)	×
152
153	# ✅ Save the full datetime, not just the time
154	presence, created = ParkPresence.objects.update_or_create(	×
155	user=request.user,
156	park=park,
157	defaults={"status": "On their way", "time": arrival_datetime},
158	)
159
160	formatted_time = arrival_datetime.strftime("%I:%M %p")	×
161	return JsonResponse({"status": "on their way", "time": formatted_time})	×
162
163	except Exception as e:
164	import traceback
165
166	print(traceback.format_exc())
167	return JsonResponse({"error": str(e)}, status=500)
168
169
170	def expire_old_checkins():	1✔
171	expiration_time = timezone.now() - timedelta(hours=1)	1✔
172	ParkPresence.objects.filter(status="current", time__lt=expiration_time).delete()	1✔
173
174
175	def home_view(request):	1✔
176	return render(request, "parks/home.html")	×
177
178
179	@never_cache	1✔
180	def park_and_map(request):	1✔
181	# Get filter values from GET request
182	query = request.GET.get("query", "").strip()	1✔
183	filter_value = request.GET.get("filter", "").strip()	1✔
184	accessible_value = request.GET.get("accessible", "").strip()	1✔
185	borough_value = request.GET.get("borough", "").strip().upper()	1✔
186
187	thumbnail = ParkImage.objects.filter(	1✔
188	park_id=OuterRef("pk"), is_removed=False, review__is_removed=False
189	).values("image")[:1]
190
191	# Fetch all dog runs from the database
192	parks = (	1✔
193	DogRunNew.objects.all()
194	.order_by("id")
195	.prefetch_related("images")
196	.annotate(
197	thumbnail_url=Cast(Subquery(thumbnail), output_field=CharField()),
198	average_rating=Avg("reviews__rating", filter=Q(reviews__is_removed=False)),
199	review_count=Count("reviews", filter=Q(reviews__is_removed=False)),
200	)
201	)
202
203	# Search by ZIP, name, or Google name
204	if query:	1✔
205	parks = parks.filter(	×
206	Q(name__icontains=query)
207	\| Q(google_name__icontains=query)
208	\| Q(zip_code__icontains=query)
209	)
210
211	# Filter by park type (e.g., "Off-Leash")
212	if filter_value:	1✔
213	parks = parks.filter(dogruns_type__iexact=filter_value)	×
214
215	# Filter by accessibility only if explicitly set to "True" or "False"
216	if accessible_value == "True":	1✔
217	parks = parks.filter(accessible=True)	×
218	elif accessible_value == "False":	1✔
219	parks = parks.filter(accessible=False)	×
220
221	if borough_value:	1✔
222	parks = parks.filter(borough=borough_value)	1✔
223
224	# Convert parks to JSON (for JS use)
225	# parks_json = json.dumps(list(parks.values()))
226
227	parks_json = json.dumps(	1✔
228	[
229	{
230	**model_to_dict(park),
231	"thumbnail_url": park.thumbnail_url,
232	"average_rating": park.average_rating,
233	"review_count": park.review_count,
234	"url": park.detail_page_url(),
235	}
236	for park in parks
237	]
238	)
239
240	# Render the template
241	return render(	1✔
242	request,
243	"parks/combined_view.html",
244	{
245	"parks": parks,
246	"parks_json": parks_json,
247	"query": query,
248	"selected_type": filter_value,
249	"selected_accessible": accessible_value,
250	"selected_borough": borough_value,
251	},
252	)
253
254
255	@never_cache	1✔
256	def park_detail(request, slug, id):	1✔
257	park = get_object_or_404(DogRunNew, id=id)	1✔
258	if slug != park.slug:	1✔
259	return HttpResponsePermanentRedirect(park.detail_page_url())	1✔
260
261	images = ParkImage.objects.filter(	1✔
262	park=park, is_removed=False, review__is_removed=False
263	)
264
265	# Prefetch only non-removed images for each review
266	visible_images = Prefetch(	1✔
267	"images",
268	queryset=ParkImage.objects.filter(is_removed=False),
269	to_attr="visible_images",
270	)
271	reviews = park.reviews.filter(is_removed=False).prefetch_related(	1✔
272	visible_images, "replies__user__userprofile", "user__userprofile" # load avatar
273	)
274	reviews = park.reviews.filter(is_removed=False).prefetch_related(visible_images)	1✔
275
276	average_rating = reviews.aggregate(Avg("rating"))["rating__avg"]	1✔
277
278	# Clean up expired "On their way" entries
279	now = localtime()	1✔
280	# Call the function to expire old check-ins
281	expire_old_checkins()	1✔
282
283	ParkPresence.objects.filter(park=park, status="On their way", time__lt=now).delete()	1✔
284
285	# Updated counts after cleanup
286	current_count = ParkPresence.objects.filter(park=park, status="current").count()	1✔
287	on_the_way_count = ParkPresence.objects.filter(	1✔
288	park=park, status="On their way", time__isnull=False, time__gte=now
289	).count()
290
291	query = request.GET.get("q", "")	1✔
292
293	# Only users currently checked-in or on their way
294	presences = ParkPresence.objects.filter(	1✔
295	park=park, status__in=["current", "On their way"]
296	)
297
298	if query:	1✔
299	presences = presences.filter(user__username__icontains=query)	×
300
301	if request.user.is_authenticated and request.method == "POST":	1✔
302
303	if is_user_banned(request.user):	1✔
304	logout(request)	×
305	messages.error(	×
306	request,
307	"Your account is banned. "
308	"You cannot perform this action. You have been logged out.",
309	)
310	return redirect("login")	×
311
312	form_type = request.POST.get("form_type")	1✔
313
314	if form_type == "submit_review":	1✔
315	review_text = request.POST.get("text", "").strip()	1✔
316	rating_value = request.POST.get("rating", "").strip()	1✔
317
318	if not rating_value.isdigit():	1✔
319	messages.error(request, "Please select a rating before submitting.")	×
320	return redirect(park.detail_page_url())	×
321
322	rating = int(rating_value)	1✔
323	if rating < 1 or rating > 5:	1✔
324	return render(	×
325	request,
326	"parks/park_detail.html",
327	{
328	"park": park,
329	"images": images,
330	"reviews": reviews,
331	"error_message": "Rating must be between 1 and 5 stars!",
332	"average_rating": average_rating,
333	"current_count": current_count,
334	"on_the_way_count": on_the_way_count,
335	},
336	)
337
338	review = Review.objects.create(	1✔
339	park=park,
340	text=review_text if review_text else "",
341	rating=rating,
342	user=request.user,
343	)
344	images = request.FILES.getlist("images")	1✔
345	ALLOWED_IMAGE_TYPES = ["image/jpeg", "image/png", "image/webp"]	1✔
346
347	invalid_type = any(	1✔
348	img.content_type not in ALLOWED_IMAGE_TYPES for img in images
349	)
350
351	if invalid_type:	1✔
352	messages.error(request, "Only JPEG, PNG, or WebP images are allowed.")	×
353	review.delete()	×
354	return redirect("park_detail", slug=park.slug, id=park.id)	×
355
356	MAX_IMAGE_SIZE = 5 * 1024 * 1024 # 5 MB	1✔
357
358	invalid_images = [img for img in images if img.size > MAX_IMAGE_SIZE]	1✔
359
360	if invalid_images:	1✔
361	messages.error(request, "Each image must be under 5 MB.")	×
362	review.delete()	×
363	return redirect("park_detail", slug=park.slug, id=park.id)	×
364
365	# Save valid images
366	for image in images:	1✔
367	ParkImage.objects.create(	1✔
368	park=park, image=image, review=review, user=request.user
369	)
370
371	messages.success(request, "Your review was submitted successfully!")	1✔
372	return redirect(park.detail_page_url())	1✔
373
374	elif form_type == "check_in":	1✔
375	ParkPresence.objects.create(	1✔
376	user=request.user,
377	park=park,
378	status="current",
379	time=now,
380	)
381
382	elif form_type == "be_there_at":	1✔
383	time_str = request.POST.get("time")	1✔
384	try:	1✔
385	arrival_time = timezone.datetime.combine(	1✔
386	now.date(), timezone.datetime.strptime(time_str, "%H:%M").time()
387	)
388	arrival_time = timezone.make_aware(	1✔
389	arrival_time
390	) # Make it timezone aware
391	except (ValueError, TypeError):	×
392	arrival_time = None	×
393
394	if arrival_time and arrival_time >= now:	1✔
395	ParkPresence.objects.create(	1✔
396	user=request.user,
397	park=park,
398	status="on_the_way",
399	time=arrival_time,
400	)
401	# report reviews
402	elif form_type == "report_review":	1✔
403	if request.user.is_authenticated:	1✔
404	review_id = request.POST.get("review_id")	1✔
405	reason = request.POST.get("reason", "").strip()	1✔
406
407	if review_id and reason:	1✔
408	review = get_object_or_404(Review, id=review_id)	1✔
409
410	# prevent duplicate reports by the same user
411	exists = ReviewReport.objects.filter(	1✔
412	review=review, reported_by=request.user
413	).exists()
414
415	if exists:	1✔
416	messages.error(	1✔
417	request, "You have already reported this review before."
418	)
419	else:
420	ReviewReport.objects.create(	1✔
421	review=review, reported_by=request.user, reason=reason
422	)
423	messages.success(	1✔
424	request, "Your review report was submitted successfully."
425	)
426	else:
427	messages.error(request, "You must be logged in to report a review.")	×
428
429	return redirect(park.detail_page_url())	1✔
430
431	elif form_type == "submit_reply":	1✔
432	if request.user.is_authenticated:	1✔
433	parent_review_id = request.POST.get("parent_review_id")	1✔
434	reply_text = request.POST.get("reply_text", "").strip()	1✔
435	parent_reply_id = request.POST.get("parent_reply_id")	1✔
436
437	if parent_review_id and reply_text:	1✔
438	parent_review = get_object_or_404(Review, id=parent_review_id)	1✔
439
440	parent_reply = None	1✔
441	if parent_reply_id:	1✔
442	try:	1✔
443	parent_reply = Reply.objects.get(id=parent_reply_id)	1✔
444	except Reply.DoesNotExist:	1✔
445	parent_reply = None # fallback: just attach to review	1✔
446
447	Reply.objects.create(	1✔
448	review=parent_review,
449	user=request.user,
450	text=reply_text,
451	parent_reply=parent_reply,
452	)
453
454	messages.success(request, "Reply submitted successfully!")	1✔
455	return redirect(park.detail_page_url())	1✔
456
457	park_json = json.dumps(model_to_dict(park))	1✔
458
459	return render(	1✔
460	request,
461	"parks/park_detail.html",
462	{
463	"park": park,
464	"images": images,
465	"reviews": reviews,
466	"park_json": park_json,
467	"average_rating": average_rating,
468	"current_count": current_count,
469	"on_the_way_count": on_the_way_count,
470	"presences": presences,
471	"query": query,
472	},
473	)
474
475
476	def try_hard_delete_review_if_all_replies_deleted(review):	1✔
477	if review.is_deleted and not review.replies.filter(is_deleted=False).exists():	1✔
478	ParkImage.objects.filter(review=review).delete()	×
479	review.delete()	×
480
481
482	@ban_protected	1✔
483	@login_required	1✔
484	def delete_review(request, review_id):	1✔
485	review = get_object_or_404(Review, id=review_id)	1✔
486
487	# Ensure the current user owns the review
488	if request.user != review.user:	1✔
489	return HttpResponseForbidden("You are not allowed to delete this review.")	×
490
491	# If there are any non-deleted replies, perform soft-delete
492	if review.replies.filter(is_deleted=False).exists():	1✔
493	review.is_deleted = True	×
494	review.text = ""	×
495	review.save()	×
496	else:
497	# Delete associated images (if any), then delete the review
498	review.images.all().delete()	1✔
499	review.delete()	1✔
500
501	messages.success(request, "You have successfully deleted the review!")	1✔
502	return redirect(review.park.detail_page_url())	1✔
503
504
505	@ban_protected	1✔
506	@login_required	1✔
507	def delete_image(request, image_id):	1✔
508	image = get_object_or_404(ParkImage, id=image_id)	1✔
509	if image.user == request.user:	1✔
510	image.delete()	1✔
511	messages.success(request, "You have successfully deleted the image!")	1✔
512	return redirect(image.park.detail_page_url())	1✔
513	return HttpResponseForbidden("You are not allowed to delete this image.")	×
514
515
516	def contact_view(request):	1✔
517	return render(request, "parks/contact.html")	×
518
519
520	@ban_protected	1✔
521	@login_required	1✔
522	def report_image(request, image_id):	1✔
523	image = get_object_or_404(ParkImage, id=image_id)	1✔
524
525	if request.method == "POST":	1✔
526	reason = request.POST.get("reason", "").strip()	1✔
527	if reason:	1✔
528	# Check if this user already reported this image
529	already_reported = ImageReport.objects.filter(	1✔
530	user=request.user, image=image
531	).exists()
532	if already_reported:	1✔
533	messages.error(request, "You have already reported this image before.")	1✔
534	else:
535	ImageReport.objects.create(	1✔
536	user=request.user, image=image, reason=reason
537	)
538	messages.success(request, "You have successfully reported the image!")	1✔
539	return redirect(image.park.detail_page_url())	1✔
540
541	return redirect(image.park.detail_page_url())	×
542
543
544	@ban_protected	1✔
545	@login_required	1✔
546	def delete_reply(request, reply_id):	1✔
547	reply = get_object_or_404(Reply, id=reply_id)	1✔
548
549	if reply.user != request.user:	1✔
550	messages.error(request, "You can only delete your own replies.")	1✔
551	return redirect(request.META.get("HTTP_REFERER", "/"))	1✔
552
553	if reply.children.filter(is_deleted=False).exists():	1✔
554	# Soft-delete: mark deleted, clear text
555	reply.is_deleted = True	×
556	reply.text = ""	×
557	reply.save()	×
558	else:
559	reply.delete()	1✔
560
561	messages.success(request, "Reply deleted successfully.")	1✔
562	# check & hard delete
563	try_hard_delete_review_if_all_replies_deleted(reply.review)	1✔
564	return redirect(request.META.get("HTTP_REFERER", "/"))	1✔
565
566
567	@ban_protected	1✔
568	@login_required	1✔
569	def report_reply(request, reply_id):	1✔
570	if request.method == "POST":	1✔
571	reason = request.POST.get("reason", "").strip()	1✔
572	reply = get_object_or_404(Reply, id=reply_id)	1✔
573	if reply.user != request.user and reason:	1✔
574	ReplyReport.objects.create(reply=reply, user=request.user, reason=reason)	1✔
575	messages.success(request, "Reply reported successfully.")	1✔
576	else:
577	messages.error(request, "You cannot report your own reply.")	1✔
578	return redirect(request.META.get("HTTP_REFERER", "/"))	1✔
579
580
581	def custom_500_view(request):	1✔
582	return render(request, "500.html", status=500)	×
583
584
585	def trigger_500(request):	1✔
586	raise Exception("Simulated 500 error")	×
587
588
589	@ban_protected	1✔
590	@login_required	1✔
591	def report_park_info(request, park_id):	1✔
592	if request.method == "POST":	×
593	park = get_object_or_404(DogRunNew, id=park_id)	×
594	new_dogruns_type = request.POST.get("new_dogruns_type")	×
595	new_accessible = request.POST.get("new_accessible") == "True"	×
596
597	ParkInfoReport.objects.create(	×
598	park=park,
599	user=request.user,
600	new_dogruns_type=new_dogruns_type,
601	new_accessible=new_accessible,
602	)
603	messages.success(request, "Thank you! Your report was submitted.")	×
604	return redirect(park.detail_page_url())	×

gcivil-nyu-org / team4-wed-spring25 / 683

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous