zulip/zerver/lib/avatar_hash.py

from __future__ import absolute_import

from django.conf import settings
from typing import Text

from zerver.lib.utils import make_safe_digest

if False:
    # Typing import inside `if False` to avoid import loop.
    from zerver.models import UserProfile

import hashlib

def gravatar_hash(email):
    # type: (Text) -> Text
    """Compute the Gravatar hash for an email address."""
    # Non-ASCII characters aren't permitted by the currently active e-mail
    # RFCs. However, the IETF has published https://tools.ietf.org/html/rfc4952,
    # outlining internationalization of email addresses, and regardless if we
    # typo an address or someone manages to give us a non-ASCII address, let's
    # not error out on it.
    return make_safe_digest(email.lower(), hashlib.md5)

# WARNING: If this method is changed, you may need to do a
# corresponding update to zerver/migrations/0060_move_avatars_to_be_uid_based.py
def user_avatar_hash(uid):
    # type: (Text) -> Text
    # Salting the user_key may be overkill, but it prevents us from
    # basically mimicking Gravatar's hashing scheme, which could lead
    # to some abuse scenarios like folks using us as a free Gravatar
    # replacement.
    user_key = uid + settings.AVATAR_SALT
    return make_safe_digest(user_key, hashlib.sha1)

# WARNING: If this method is changed, you will may to do a
# corresponding update to zerver/migrations/0060_move_avatars_to_be_uid_based.py
def user_avatar_path(user_profile):
    # type: (UserProfile) -> Text
    user_id_hash = user_avatar_hash(str(user_profile.id))
    return '%s/%s' % (str(user_profile.realm_id), user_id_hash)
avatar: Move avatar hash computations to their own file. 2016-09-28 00:12:18 +02:00			`from __future__ import absolute_import`

			`from django.conf import settings`
mypy: Convert zerver/lib to use typing.Text. 2016-12-21 13:17:53 +01:00			`from typing import Text`
avatar: Move avatar hash computations to their own file. 2016-09-28 00:12:18 +02:00
			`from zerver.lib.utils import make_safe_digest`

mypy: Add UserProfile import in avatar_hash.py. 2017-03-05 05:24:47 +01:00			`if False:`
			# Typing import inside `if False` to avoid import loop.
			`from zerver.models import UserProfile`

avatar: Move avatar hash computations to their own file. 2016-09-28 00:12:18 +02:00			`import hashlib`

			`def gravatar_hash(email):`
mypy: Convert zerver/lib to use typing.Text. 2016-12-21 13:17:53 +01:00			`# type: (Text) -> Text`
avatar: Move avatar hash computations to their own file. 2016-09-28 00:12:18 +02:00			`"""Compute the Gravatar hash for an email address."""`
			`# Non-ASCII characters aren't permitted by the currently active e-mail`
			`# RFCs. However, the IETF has published https://tools.ietf.org/html/rfc4952,`
			`# outlining internationalization of email addresses, and regardless if we`
			`# typo an address or someone manages to give us a non-ASCII address, let's`
			`# not error out on it.`
			`return make_safe_digest(email.lower(), hashlib.md5)`

avatar: Move avatar data from email based to user id based. This commit introduces a migration for moving avatars from email based to user id based storage. This is in responce to change in behaviour of user_avatar_path to return path comprising of realm id and a hash based on user id. Also we fix test_helpers accordingly. Fixes #3776. 2017-03-03 00:15:05 +01:00			`# WARNING: If this method is changed, you may need to do a`
			`# corresponding update to zerver/migrations/0060_move_avatars_to_be_uid_based.py`
			`def user_avatar_hash(uid):`
mypy: Convert zerver/lib to use typing.Text. 2016-12-21 13:17:53 +01:00			`# type: (Text) -> Text`
avatar: Move avatar hash computations to their own file. 2016-09-28 00:12:18 +02:00			`# Salting the user_key may be overkill, but it prevents us from`
			`# basically mimicking Gravatar's hashing scheme, which could lead`
			`# to some abuse scenarios like folks using us as a free Gravatar`
			`# replacement.`
avatar: Move avatar data from email based to user id based. This commit introduces a migration for moving avatars from email based to user id based storage. This is in responce to change in behaviour of user_avatar_path to return path comprising of realm id and a hash based on user id. Also we fix test_helpers accordingly. Fixes #3776. 2017-03-03 00:15:05 +01:00			`user_key = uid + settings.AVATAR_SALT`
avatar: Move avatar hash computations to their own file. 2016-09-28 00:12:18 +02:00			`return make_safe_digest(user_key, hashlib.sha1)`
Refactor: Change user_avatar_hash with user_avatar_path at all calls. In this commit we change user_avatar_hash with user_avatar_path which now returns paths to avatars based on the email hash. Tweaked by tabbott to avoid an import loop. 2017-03-02 23:45:57 +01:00
avatar: Move avatar data from email based to user id based. This commit introduces a migration for moving avatars from email based to user id based storage. This is in responce to change in behaviour of user_avatar_path to return path comprising of realm id and a hash based on user id. Also we fix test_helpers accordingly. Fixes #3776. 2017-03-03 00:15:05 +01:00			`# WARNING: If this method is changed, you will may to do a`
			`# corresponding update to zerver/migrations/0060_move_avatars_to_be_uid_based.py`
Refactor: Change user_avatar_hash with user_avatar_path at all calls. In this commit we change user_avatar_hash with user_avatar_path which now returns paths to avatars based on the email hash. Tweaked by tabbott to avoid an import loop. 2017-03-02 23:45:57 +01:00			`def user_avatar_path(user_profile):`
			`# type: (UserProfile) -> Text`
avatar: Move avatar data from email based to user id based. This commit introduces a migration for moving avatars from email based to user id based storage. This is in responce to change in behaviour of user_avatar_path to return path comprising of realm id and a hash based on user id. Also we fix test_helpers accordingly. Fixes #3776. 2017-03-03 00:15:05 +01:00			`user_id_hash = user_avatar_hash(str(user_profile.id))`
			`return '%s/%s' % (str(user_profile.realm_id), user_id_hash)`