profile.mu

#!/usr/bin/env python3


# nomadForum - a forum on the NomadNetwork
# Copyright (C) 2023-2024  AutumnSpark1226
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.


import main
import os
import RNS


def print_fields():
    user_data = main.query_database(f"SELECT display_name, enabled, show_online, login_time, about FROM users  WHERE username = '{username}'")[0]
    print(f">User profile   {username}")
    if user_data[1] == 0:
        print(">>This user account is disabled.")
    else:
        user_status = ""
        if user_data[2] == 1 and user_data[3] != 0:
            user_status = "     [`F080online`f]"
        if len(main.query_database(f"SELECT value FROM settings WHERE key = 'admin_username' AND value = '{username}'")) == 1:
            user_status += "   [`F800ADMIN`f]"
        print(f"Name: {user_data[0]}``{user_status}")
        if user_data[4] != "None":
            print(">>About:")
            print(user_data[4].replace("$newline$", "\n"))
            print("``")
        addresses = main.query_database(f"SELECT remote_id FROM connections WHERE username = '{username}' AND public = 1")
        if len(addresses) > 0:
            print(">>LXMF addresses")
            for address in addresses:
                destination = RNS.prettyhexrep(RNS.Destination.hash_from_name_and_identity("lxmf.delivery", bytes.fromhex(main.decrypt(address[0])))).replace("<", "").replace(">", "")
                print(f"`Ff22`_`[lxmf@{destination}]`_`f")
    if main.check_admin(link_id):
        print("\n>Admin actions")
        # username is not the admin's username here. However this shouldn't matter for verification. (There's still use_id/link_id)
        main.execute_sql(f"DELETE FROM verification_codes WHERE use_type = 'modify_user' AND use_id = '{link_id}' AND username = '{username}'")
        verification_code = main.get_verification_code()
        main.execute_sql(f"INSERT INTO verification_codes (username, code, use_type, use_id, creation_time) VALUES ('{username}', '{main.encrypt(verification_code)}', 'modify_user', '{link_id}', unixepoch())")
        print(f"Confirm all actions by typing: '{verification_code}'")
        print(f"Code: `B444`<8|confirmation`>`b")
        if user_data[1] == 1:
            print(f"`Ff22`_`[Disable account`:{main.page_path}/profile.mu`*|action=disable|username={username}|source_link_id={link_id}]`_`f")
        elif user_data[1] == 0:
            print(f"`Ff22`_`[Enable Account`:{main.page_path}/profile.mu`*|action=enable|username={username}|source_link_id={link_id}]`_`f")
        print(f"`Ff22`_`[Reset display name`:{main.page_path}/profile.mu`*|action=reset_display_name|username={username}|source_link_id={link_id}]`_`f")
        print(f"`Ff22`_`[Reset about page`:{main.page_path}/profile.mu`*|action=reset_about|username={username}|source_link_id={link_id}]`_`f")


def confirm_code():
    query_result = main.query_database(f"SELECT code FROM verification_codes WHERE use_type = 'modify_user' AND use_id = '{link_id}' AND username = '{username}'")
    if len(query_result) != 1:
        print(">Verification error\n")
        print_fields()
        main.close_database()
        exit(0)
    else:
        verification_code = main.decrypt(query_result[0][0])
    if confirmation == verification_code:
        main.execute_sql(f"DELETE FROM verification_codes WHERE use_type = 'modify_user' AND use_id = '{link_id}' AND username = '{username}'")
        return True
    else:
        print(">Verification error\n")
        print_fields()
        main.close_database()
        exit(0)


try:
    link_id, remote_identity = main.handle_ids()
    main.print_header(link_id)
    username = ""
    action = ""
    confirmation = ""
    for env_variable in os.environ:
        if env_variable == "var_username":
            username = os.environ[env_variable]
        elif env_variable == "var_action":
            action = os.environ[env_variable]
        elif env_variable == "field_confirmation":
            confirmation = os.environ[env_variable]
    if not main.check_username(username, allow_admin=True):
        print(">User not found")
        main.close_database(write_changes=False)
        exit(0)
    if len(main.query_database(f"SELECT user_id FROM users WHERE username = '{username}'")) != 1:
        print(">User not found")
        main.close_database(write_changes=False)
        exit(0)
    if main.check_admin(link_id):
        if action != "":
            main.verify_link_id()
        if action == "disable" and confirm_code():
            if len(main.query_database(f"SELECT value FROM settings WHERE key = 'admin_username' AND value = '{username}'")) != 0:
                print(">Admin accounts can't be disabled\n")
            else:
                main.execute_sql(f"UPDATE users SET enabled = 0, link_id = '0', login_time = 0 WHERE username = '{username}'")
                print(">Account disabled\n")
        elif action == "enable" and confirm_code():
            if len(main.query_database(f"SELECT value FROM settings WHERE key = 'admin_username' AND value = '{username}'")) != 0:
                print(">Admin accounts can't be changed\n")
            else:
                main.execute_sql(f"UPDATE users SET enabled = 1 WHERE username = '{username}'")
                print(">Account enabled\n")
        elif action == "reset_display_name" and confirm_code():
            if len(main.query_database(f"SELECT value FROM settings WHERE key = 'admin_username' AND value = '{username}'")) != 0:
                print(">Admin accounts can't be changed\n")
            else:
                main.execute_sql(f"UPDATE users SET display_name = username WHERE username = '{username}'")
                print(">Display name reset\n")
        elif action == "reset_about" and confirm_code():
            if len(main.query_database(f"SELECT value FROM settings WHERE key = 'admin_username' AND value = '{username}'")) != 0:
                print(">Admin accounts can't be changed\n")
            else:
                main.execute_sql(f"UPDATE users SET about = 'None' WHERE username = '{username}'")
                print(">About page reset\n")
    print_fields()
    main.close_database()
except Exception:
    print("An error occured")