not all JSONEncoded fields should be mutable dicts
This commit is contained in:
parent
4c617543c5
commit
42dbb26a13
@ -26,7 +26,7 @@ from sqlalchemy.sql import and_
|
|||||||
from migrate.changeset.constraint import UniqueConstraint
|
from migrate.changeset.constraint import UniqueConstraint
|
||||||
|
|
||||||
|
|
||||||
from mediagoblin.db.extratypes import JSONEncoded
|
from mediagoblin.db.extratypes import JSONEncoded, MutationDict
|
||||||
from mediagoblin.db.migration_tools import RegisterMigration, inspect_table
|
from mediagoblin.db.migration_tools import RegisterMigration, inspect_table
|
||||||
from mediagoblin.db.models import MediaEntry, Collection, User, MediaComment
|
from mediagoblin.db.models import MediaEntry, Collection, User, MediaComment
|
||||||
|
|
||||||
@ -502,7 +502,7 @@ def add_file_metadata(db):
|
|||||||
metadata = MetaData(bind=db.bind)
|
metadata = MetaData(bind=db.bind)
|
||||||
media_file_table = inspect_table(metadata, "core__mediafiles")
|
media_file_table = inspect_table(metadata, "core__mediafiles")
|
||||||
|
|
||||||
col = Column('file_metadata', JSONEncoded)
|
col = Column('file_metadata', MutationDict.as_mutable(JSONEncoded))
|
||||||
col.create(media_file_table)
|
col.create(media_file_table)
|
||||||
|
|
||||||
db.commit()
|
db.commit()
|
||||||
|
@ -48,7 +48,6 @@ from migrate import changeset
|
|||||||
|
|
||||||
_log = logging.getLogger(__name__)
|
_log = logging.getLogger(__name__)
|
||||||
|
|
||||||
MutationDict.associate_with(JSONEncoded)
|
|
||||||
|
|
||||||
|
|
||||||
class User(Base, UserMixin):
|
class User(Base, UserMixin):
|
||||||
@ -395,7 +394,7 @@ class MediaFile(Base):
|
|||||||
nullable=False)
|
nullable=False)
|
||||||
name_id = Column(SmallInteger, ForeignKey(FileKeynames.id), nullable=False)
|
name_id = Column(SmallInteger, ForeignKey(FileKeynames.id), nullable=False)
|
||||||
file_path = Column(PathTupleWithSlashes)
|
file_path = Column(PathTupleWithSlashes)
|
||||||
file_metadata = Column(JSONEncoded)
|
file_metadata = Column(MutationDict.as_mutable(JSONEncoded))
|
||||||
|
|
||||||
__table_args__ = (
|
__table_args__ = (
|
||||||
PrimaryKeyConstraint('media_entry', 'name_id'),
|
PrimaryKeyConstraint('media_entry', 'name_id'),
|
||||||
|
@ -18,12 +18,12 @@ import datetime
|
|||||||
|
|
||||||
from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint,
|
from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint,
|
||||||
AccessTokenEndpoint)
|
AccessTokenEndpoint)
|
||||||
|
|
||||||
from mediagoblin.decorators import require_active_login
|
from mediagoblin.decorators import require_active_login
|
||||||
from mediagoblin.tools.translate import pass_to_ugettext
|
from mediagoblin.tools.translate import pass_to_ugettext
|
||||||
from mediagoblin.meddleware.csrf import csrf_exempt
|
from mediagoblin.meddleware.csrf import csrf_exempt
|
||||||
from mediagoblin.tools.request import decode_request
|
from mediagoblin.tools.request import decode_request
|
||||||
from mediagoblin.tools.response import (render_to_response, redirect,
|
from mediagoblin.tools.response import (render_to_response, redirect,
|
||||||
json_response, render_400,
|
json_response, render_400,
|
||||||
form_response)
|
form_response)
|
||||||
from mediagoblin.tools.crypto import random_string
|
from mediagoblin.tools.crypto import random_string
|
||||||
@ -41,7 +41,7 @@ client_types = ["web", "native"] # currently what pump supports
|
|||||||
def client_register(request):
|
def client_register(request):
|
||||||
""" Endpoint for client registration """
|
""" Endpoint for client registration """
|
||||||
try:
|
try:
|
||||||
data = decode_request(request)
|
data = decode_request(request)
|
||||||
except ValueError:
|
except ValueError:
|
||||||
error = "Could not decode data."
|
error = "Could not decode data."
|
||||||
return json_response({"error": error}, status=400)
|
return json_response({"error": error}, status=400)
|
||||||
@ -56,7 +56,7 @@ def client_register(request):
|
|||||||
if data.get("application_type", None) not in client_types:
|
if data.get("application_type", None) not in client_types:
|
||||||
error = "Unknown application_type."
|
error = "Unknown application_type."
|
||||||
return json_response({"error": error}, status=400)
|
return json_response({"error": error}, status=400)
|
||||||
|
|
||||||
client_type = data["type"]
|
client_type = data["type"]
|
||||||
|
|
||||||
if client_type == "client_update":
|
if client_type == "client_update":
|
||||||
@ -69,7 +69,7 @@ def client_register(request):
|
|||||||
return json_response({"error": error}, status=400)
|
return json_response({"error": error}, status=400)
|
||||||
|
|
||||||
client = Client.query.filter_by(
|
client = Client.query.filter_by(
|
||||||
id=data["client_id"],
|
id=data["client_id"],
|
||||||
secret=data["client_secret"]
|
secret=data["client_secret"]
|
||||||
).first()
|
).first()
|
||||||
|
|
||||||
@ -78,7 +78,7 @@ def client_register(request):
|
|||||||
return json_response({"error": error}, status=403)
|
return json_response({"error": error}, status=403)
|
||||||
|
|
||||||
client.application_name = data.get(
|
client.application_name = data.get(
|
||||||
"application_name",
|
"application_name",
|
||||||
client.application_name
|
client.application_name
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -108,12 +108,12 @@ def client_register(request):
|
|||||||
client_secret = random_string(43) # again, seems to be what pump uses
|
client_secret = random_string(43) # again, seems to be what pump uses
|
||||||
expirey = 0 # for now, lets not have it expire
|
expirey = 0 # for now, lets not have it expire
|
||||||
expirey_db = None if expirey == 0 else expirey
|
expirey_db = None if expirey == 0 else expirey
|
||||||
application_type = data["application_type"]
|
application_type = data["application_type"]
|
||||||
|
|
||||||
# save it
|
# save it
|
||||||
client = Client(
|
client = Client(
|
||||||
id=client_id,
|
id=client_id,
|
||||||
secret=client_secret,
|
secret=client_secret,
|
||||||
expirey=expirey_db,
|
expirey=expirey_db,
|
||||||
application_type=application_type,
|
application_type=application_type,
|
||||||
)
|
)
|
||||||
@ -126,12 +126,12 @@ def client_register(request):
|
|||||||
if logo_url is not None and not validate_url(logo_url):
|
if logo_url is not None and not validate_url(logo_url):
|
||||||
error = "Logo URL {0} is not a valid URL.".format(logo_url)
|
error = "Logo URL {0} is not a valid URL.".format(logo_url)
|
||||||
return json_response(
|
return json_response(
|
||||||
{"error": error},
|
{"error": error},
|
||||||
status=400
|
status=400
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
client.logo_url = logo_url
|
client.logo_url = logo_url
|
||||||
|
|
||||||
client.application_name = data.get("application_name", None)
|
client.application_name = data.get("application_name", None)
|
||||||
|
|
||||||
contacts = data.get("contacts", None)
|
contacts = data.get("contacts", None)
|
||||||
@ -146,8 +146,8 @@ def client_register(request):
|
|||||||
# not a valid email
|
# not a valid email
|
||||||
error = "Email {0} is not a valid email.".format(contact)
|
error = "Email {0} is not a valid email.".format(contact)
|
||||||
return json_response({"error": error}, status=400)
|
return json_response({"error": error}, status=400)
|
||||||
|
|
||||||
|
|
||||||
client.contacts = contacts
|
client.contacts = contacts
|
||||||
|
|
||||||
redirect_uris = data.get("redirect_uris", None)
|
redirect_uris = data.get("redirect_uris", None)
|
||||||
@ -166,7 +166,7 @@ def client_register(request):
|
|||||||
|
|
||||||
client.redirect_uri = redirect_uris
|
client.redirect_uri = redirect_uris
|
||||||
|
|
||||||
|
|
||||||
client.save()
|
client.save()
|
||||||
|
|
||||||
expirey = 0 if client.expirey is None else client.expirey
|
expirey = 0 if client.expirey is None else client.expirey
|
||||||
@ -182,7 +182,7 @@ def client_register(request):
|
|||||||
def request_token(request):
|
def request_token(request):
|
||||||
""" Returns request token """
|
""" Returns request token """
|
||||||
try:
|
try:
|
||||||
data = decode_request(request)
|
data = decode_request(request)
|
||||||
except ValueError:
|
except ValueError:
|
||||||
error = "Could not decode data."
|
error = "Could not decode data."
|
||||||
return json_response({"error": error}, status=400)
|
return json_response({"error": error}, status=400)
|
||||||
@ -193,7 +193,7 @@ def request_token(request):
|
|||||||
|
|
||||||
if not data and request.headers:
|
if not data and request.headers:
|
||||||
data = request.headers
|
data = request.headers
|
||||||
|
|
||||||
data = dict(data) # mutableifying
|
data = dict(data) # mutableifying
|
||||||
|
|
||||||
authorization = decode_authorization_header(data)
|
authorization = decode_authorization_header(data)
|
||||||
@ -226,12 +226,12 @@ def request_token(request):
|
|||||||
|
|
||||||
return form_response(tokens)
|
return form_response(tokens)
|
||||||
|
|
||||||
@require_active_login
|
@require_active_login
|
||||||
def authorize(request):
|
def authorize(request):
|
||||||
""" Displays a page for user to authorize """
|
""" Displays a page for user to authorize """
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
return authorize_finish(request)
|
return authorize_finish(request)
|
||||||
|
|
||||||
_ = pass_to_ugettext
|
_ = pass_to_ugettext
|
||||||
token = request.args.get("oauth_token", None)
|
token = request.args.get("oauth_token", None)
|
||||||
if token is None:
|
if token is None:
|
||||||
@ -243,10 +243,10 @@ def authorize(request):
|
|||||||
if oauth_request is None:
|
if oauth_request is None:
|
||||||
err_msg = _("No request token found.")
|
err_msg = _("No request token found.")
|
||||||
return render_400(request, err_msg)
|
return render_400(request, err_msg)
|
||||||
|
|
||||||
if oauth_request.used:
|
if oauth_request.used:
|
||||||
return authorize_finish(request)
|
return authorize_finish(request)
|
||||||
|
|
||||||
if oauth_request.verifier is None:
|
if oauth_request.verifier is None:
|
||||||
orequest = GMGRequest(request)
|
orequest = GMGRequest(request)
|
||||||
request_validator = GMGRequestValidator()
|
request_validator = GMGRequestValidator()
|
||||||
@ -279,7 +279,7 @@ def authorize(request):
|
|||||||
"mediagoblin/api/authorize.html",
|
"mediagoblin/api/authorize.html",
|
||||||
context
|
context
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
def authorize_finish(request):
|
def authorize_finish(request):
|
||||||
""" Finishes the authorize """
|
""" Finishes the authorize """
|
||||||
@ -288,7 +288,7 @@ def authorize_finish(request):
|
|||||||
verifier = request.form["oauth_verifier"]
|
verifier = request.form["oauth_verifier"]
|
||||||
oauth_request = RequestToken.query.filter_by(token=token, verifier=verifier)
|
oauth_request = RequestToken.query.filter_by(token=token, verifier=verifier)
|
||||||
oauth_request = oauth_request.first()
|
oauth_request = oauth_request.first()
|
||||||
|
|
||||||
if oauth_request is None:
|
if oauth_request is None:
|
||||||
# invalid token or verifier
|
# invalid token or verifier
|
||||||
err_msg = _("No request token found.")
|
err_msg = _("No request token found.")
|
||||||
@ -321,10 +321,10 @@ def authorize_finish(request):
|
|||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
def access_token(request):
|
def access_token(request):
|
||||||
""" Provides an access token based on a valid verifier and request token """
|
""" Provides an access token based on a valid verifier and request token """
|
||||||
data = request.headers
|
data = request.headers
|
||||||
|
|
||||||
parsed_tokens = decode_authorization_header(data)
|
parsed_tokens = decode_authorization_header(data)
|
||||||
|
|
||||||
if parsed_tokens == dict() or "oauth_token" not in parsed_tokens:
|
if parsed_tokens == dict() or "oauth_token" not in parsed_tokens:
|
||||||
error = "Missing required parameter."
|
error = "Missing required parameter."
|
||||||
|
Loading…
x
Reference in New Issue
Block a user