BLT Private Project

blt/urls.py

@@ -415,7 +415,24 @@
     re_path(r"^contributors/$", contributors_view, name="contributors"),
     path("company/", include("company.urls")),
     path("sponsor/", website.views.sponsor_view, name="sponsor"),
-    path("companies/", DomainListView.as_view(), name="domain_lists"),
+
+    path(
+        "issue/<int:issue_pk>/request_access/",
+        website.views.request_access,
+        name="issue_request_access",
+    ),
+    path(
+        "issue2/<int:issue_pk>/request_access/",
+        website.views.request_access,
+        name="issue_request_access",
+    ),
+    path("private/<int:user_pk>/issue/", website.views.private_issue, name="private_issue"),
+    path(
+        "private/<int:user_pk>/issue/<int:issue_pk>/grant_access/",
+        website.views.grant_access,
+        name="grant_access",
+    ),
+    path("companies/", DomainListView.as_view(), name="domain_list"),
 ]
 
 if settings.DEBUG:

website/admin.py

@@ -14,6 +14,7 @@
     IssueScreenshot,
     Payment,
     Points,
+    RequestIssueAccess,
     Subscription,
     UserProfile,
     Wallet,
@@ -187,3 +188,4 @@ class UserAdmin(ImportExportModelAdmin):
 admin.site.register(Payment, PaymentAdmin)
 admin.site.register(IssueScreenshot)
 admin.site.register(HuntPrize)
+admin.site.register(RequestIssueAccess)

website/decorator.py

@@ -0,0 +1,35 @@
+from functools import wraps
+
+from django.contrib import messages
+from django.shortcuts import redirect
+
+from website.models import Issue
+
+
+def private_test_function(user, user_pk, issue_pk):
+    try:
+        issue = Issue.objects.get(id=issue_pk)
+        if user.pk == user_pk and issue.user.pk == user.pk:
+            return True
+
+    except:
+        return user.pk == user_pk
+
+
+def private_access_check(
+    message_to_deliver="Not allowed to \
+            access the Private page",
+):
+    def decorator(view):
+        @wraps(view)
+        def _wrapped_view(request, *args, **kwargs):
+            pk = kwargs.get("user_pk")
+            issue_pk = kwargs.get("issue_pk")
+            if not private_test_function(request.user, pk, issue_pk):
+                messages.error(request, message_to_deliver)
+                return redirect("/accounts/login")
+            return view(request, *args, **kwargs)
+
+        return _wrapped_view
+
+    return decorator

website/migrations/0082_requestaccess.py

@@ -0,0 +1,48 @@
+# Generated by Django 4.2.8 on 2024-02-01 11:57
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ("website", "0081_userprofile_issue_downvoted"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="RequestAccess",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("message", models.CharField(blank=True, max_length=100, null=True)),
+                (
+                    "issue",
+                    models.ForeignKey(
+                        blank=True,
+                        null=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to="website.issue",
+                    ),
+                ),
+                (
+                    "user",
+                    models.ForeignKey(
+                        blank=True,
+                        null=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+            ],
+        ),
+    ]

website/migrations/0083_issue_viewer.py

@@ -0,0 +1,26 @@
+# Generated by Django 4.2.8 on 2024-02-02 17:52
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ("website", "0082_requestaccess"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="issue",
+            name="viewer",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="viewer",
+                to=settings.AUTH_USER_MODEL,
+            ),
+        ),
+    ]

website/migrations/0084_remove_issue_viewer_issue_viewer.py

@@ -0,0 +1,28 @@
+# Generated by Django 4.2.8 on 2024-02-02 21:48
+
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ("website", "0083_issue_viewer"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="issue",
+            name="viewer",
+        ),
+        migrations.AddField(
+            model_name="issue",
+            name="viewer",
+            field=models.ManyToManyField(
+                blank=True,
+                null=True,
+                related_name="viewer",
+                to=settings.AUTH_USER_MODEL,
+            ),
+        ),
+    ]

website/migrations/0085_merge_20240218_1322.py

@@ -0,0 +1,12 @@
+# Generated by Django 5.0.2 on 2024-02-18 13:22
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("website", "0082_issue_reporter_ip_address"),
+        ("website", "0084_remove_issue_viewer_issue_viewer"),
+    ]
+
+    operations = []

website/migrations/0086_rename_requestaccess_requestissueaccess.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.0.2 on 2024-02-24 00:14
+
+from django.conf import settings
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("website", "0085_merge_20240218_1322"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.RenameModel(
+            old_name="RequestAccess",
+            new_name="RequestIssueAccess",
+        ),
+    ]

website/migrations/0087_merge_20240226_2025.py

@@ -0,0 +1,12 @@
+# Generated by Django 5.0.2 on 2024-02-26 20:25
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("website", "0083_alter_invitefriend_options_and_more"),
+        ("website", "0086_rename_requestaccess_requestissueaccess"),
+    ]
+
+    operations = []

website/models.py

@@ -251,6 +251,7 @@ class Issue(models.Model):
     modified = models.DateTimeField(auto_now=True)
     is_hidden = models.BooleanField(default=False)
     rewarded = models.PositiveIntegerField(default=0)  # money rewarded by the company
+    viewer = models.ManyToManyField(User, null=True, blank=True, related_name="viewer")
     reporter_ip_address = models.GenericIPAddressField(null=True, blank=True)
 
     def __unicode__(self):
@@ -315,6 +316,12 @@ class Meta:
         ordering = ["-created"]
 
 
+class RequestIssueAccess(models.Model):
+    issue = models.ForeignKey(Issue, null=True, blank=True, on_delete=models.CASCADE)
+    user = models.ForeignKey(User, null=True, blank=True, on_delete=models.CASCADE)
+    message = models.CharField(max_length=100, null=True, blank=True)
+
+
 class IssueScreenshot(models.Model):
     image = models.ImageField(upload_to="screenshots", validators=[validate_image])
     issue = models.ForeignKey(Issue, on_delete=models.CASCADE, related_name="screenshots")

website/templates/email/granted_access.txt

@@ -0,0 +1,61 @@
+{% load custom_tags %}
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+</head>
+<body style="margin: 0; padding: 0;">
+	<table style="border: 1px solid #cccccc;" cellpadding="0" cellspacing="0" width="100%">
+		<tr>
+			<td>
+    		<table align="center" border="0" cellpadding="0" cellspacing="0" width="600" style="border: 1px solid #cccccc;">
+    			<tr>
+    				<td align="center" style="padding: 40px 0 30px 0;">
+ 							<img src="https://{% env 'FQDN' %}/static/img/logo-large-transparent.png" alt="{% env 'PROJECT_NAME' %}" width="300" height="73" style="display: block;"/>
+						</td>
+     			</tr>
+     			<tr>
+      			<td align="left">
+						Hey, {{name}},<br>
+						you have successfully granted viewership access of the following issue
+						https://{% env 'FQDN' %}/issue2/{{ issue_pk }} 
+
+						Best,<br>
+						<br>
+						The {% env 'PROJECT_NAME' %} Team<br>
+    				</td>
+    			</tr>
+    			<tr>
+      			<td style="padding: 30px 30px 30px 30px;">
+      				<table border="0" cellpadding="0" cellspacing="0" width="100%" style="border: 1px solid #cccccc;">
+        				<tr>
+       						<td align="center">
+      							<table border="0" cellpadding="0" cellspacing="0">
+            					<tr border="0" align="center">
+            						<td>
+            							<a href="{% env 'TWITTER_URL' %}">
+          								Twitter</a>
+        								</td>
+        								<td style="font-size: 0; line-height: 0;" width="20">&nbsp;</td>
+            						<td>
+            							<a href="{% env 'FACEBOOK_URL' %}">
+            							Facebook</a>
+            						</td>
+        								<td style="font-size: 0; line-height: 0;" width="20">&nbsp;</td>
+        								<td>
+        									<a href="{% env 'GITHUB_URL' %}">
+            							GitHub</a>
+            						</td>
+           						</tr>
+          					</table>
+        	   			</td>
+        				</tr>
+        			</table>
+    				</td>
+   				</tr>
+  			</table>
+   		</td>
+  	</tr>
+  </table>
+</body>

website/templates/email/request_access.txt

@@ -0,0 +1,61 @@
+{% load custom_tags %}
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+</head>
+<body style="margin: 0; padding: 0;">
+	<table style="border: 1px solid #cccccc;" cellpadding="0" cellspacing="0" width="100%">
+		<tr>
+			<td>
+    		<table align="center" border="0" cellpadding="0" cellspacing="0" width="600" style="border: 1px solid #cccccc;">
+    			<tr>
+    				<td align="center" style="padding: 40px 0 30px 0;">
+ 							<img src="https://{% env 'FQDN' %}/static/img/logo-large-transparent.png" alt="{% env 'PROJECT_NAME' %}" width="300" height="73" style="display: block;"/>
+						</td>
+     			</tr>
+     			<tr>
+      			<td align="left">
+						Hey, {{name}},<br>
+						<a href="https://{% env 'FQDN' %}/profile/{{requester}}">{{ requester }}</a> has requested for the access of the following issue
+						https://{% env 'FQDN' %}/issue2/{{ issue_pk }} 
+
+						Best,<br>
+						<br>
+						The {% env 'PROJECT_NAME' %} Team<br>
+    				</td>
+    			</tr>
+    			<tr>
+      			<td style="padding: 30px 30px 30px 30px;">
+      				<table border="0" cellpadding="0" cellspacing="0" width="100%" style="border: 1px solid #cccccc;">
+        				<tr>
+       						<td align="center">
+      							<table border="0" cellpadding="0" cellspacing="0">
+            					<tr border="0" align="center">
+            						<td>
+            							<a href="{% env 'TWITTER_URL' %}">
+          								Twitter</a>
+        								</td>
+        								<td style="font-size: 0; line-height: 0;" width="20">&nbsp;</td>
+            						<td>
+            							<a href="{% env 'FACEBOOK_URL' %}">
+            							Facebook</a>
+            						</td>
+        								<td style="font-size: 0; line-height: 0;" width="20">&nbsp;</td>
+        								<td>
+        									<a href="{% env 'GITHUB_URL' %}">
+            							GitHub</a>
+            						</td>
+           						</tr>
+          					</table>
+        	   			</td>
+        				</tr>
+        			</table>
+    				</td>
+   				</tr>
+  			</table>
+   		</td>
+  	</tr>
+  </table>
+</body>