Enable /u/USERNAME/edit/ pattern #588

Transition from the inconsistent /edit/profile/?username=FOO to the nicer /u/FOO/edit/. The old pattern will still work and redirects to the new URL. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
2013-01-07 16:18:45 +01:00 · 2013-01-07 16:18:45 +01:00 · abc4da2927
commit abc4da2927
parent 6de8b42e4e
4 changed files with 26 additions and 18 deletions
--- a/mediagoblin/edit/routing.py
+++ b/mediagoblin/edit/routing.py
@ -16,7 +16,9 @@

 from mediagoblin.tools.routing import add_route

-add_route('mediagoblin.edit.profile', '/edit/profile/',
+add_route('mediagoblin.edit.profile', '/u/<string:user>/edit/',
    'mediagoblin.edit.views:edit_profile')
+add_route('mediagoblin.edit.legacy_edit_profile', '/edit/profile/',
+    'mediagoblin.edit.views:legacy_edit_profile')
 add_route('mediagoblin.edit.account', '/edit/account/',
    'mediagoblin.edit.views:edit_account')
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@ -26,8 +26,8 @@ from mediagoblin import mg_globals
 from mediagoblin.auth import lib as auth_lib
 from mediagoblin.edit import forms
 from mediagoblin.edit.lib import may_edit_media
-from mediagoblin.decorators import require_active_login, get_user_media_entry, \
-    user_may_alter_collection, get_user_collection
+from mediagoblin.decorators import (require_active_login, active_user_from_url,
+     get_user_media_entry,  user_may_alter_collection, get_user_collection)
 from mediagoblin.tools.response import render_to_response, redirect
 from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.tools.text import (
@ -167,20 +167,28 @@ def edit_attachments(request, media):
    else:
        raise Forbidden("Attachments are disabled")

+@require_active_login
+def legacy_edit_profile(request):
+    """redirect the old /edit/profile/?username=USER to /u/USER/edit/"""
+    username = request.GET.get('username') or request.user.username
+    return redirect(request, 'mediagoblin.edit.profile', user=username)
+

@require_active_login
-def edit_profile(request):
-    # admins may edit any user profile given a username in the querystring
-    edit_username = request.GET.get('username')
-    if request.user.is_admin and request.user.username != edit_username:
-        user = request.db.User.find_one({'username': edit_username})
+@active_user_from_url
+def edit_profile(request, url_user=None):
+    # admins may edit any user profile
+    if request.user.username != url_user.username:
+        if not request.user.is_admin:
+            raise Forbidden(_("You can only edit your own profile."))
+
        # No need to warn again if admin just submitted an edited profile
        if request.method != 'POST':
            messages.add_message(
                request, messages.WARNING,
                _("You are editing a user's profile. Proceed with caution."))
-    else:
-        user = request.user
+
+    user = url_user

    form = forms.EditProfileForm(request.form,
        url=user.get('url'),
--- a/mediagoblin/templates/mediagoblin/edit/edit_profile.html
+++ b/mediagoblin/templates/mediagoblin/edit/edit_profile.html
@ -27,9 +27,8 @@

 {% block mediagoblin_content %}

-  <form action="{{ request.urlgen('mediagoblin.edit.profile') }}?username={{ 
-                                                     user.username }}"
-        method="POST" enctype="multipart/form-data">
+  <form action="{{ request.urlgen('mediagoblin.edit.profile',
+        user=user.username) }}" method="POST" enctype="multipart/form-data">
    <div class="form_box edit_box">
      <h1>
        {%- trans username=user.username -%}
--- a/mediagoblin/templates/mediagoblin/user_pages/user.html
+++ b/mediagoblin/templates/mediagoblin/user_pages/user.html
@ -95,9 +95,8 @@
          <p>
            {% trans %}Here's a spot to tell others about yourself.{% endtrans %}
          </p>
-          <a href="{{ request.urlgen('mediagoblin.edit.profile') }}?username={{
-                            user.username }}"
-             class="button_action">
+          <a href="{{ request.urlgen('mediagoblin.edit.profile',
+                   user=user.username) }}" class="button_action">
            {%- trans %}Edit profile{% endtrans -%}
          </a>
      {% else %}
@ -113,8 +112,8 @@
        {% include "mediagoblin/utils/profile.html" %}
        {% if request.user and
              (request.user.id == user.id or request.user.is_admin) %}
-          <a href="{{ request.urlgen('mediagoblin.edit.profile') }}?username={{
-                          user.username }}">
+          <a href="{{ request.urlgen('mediagoblin.edit.profile',
+                   user=user.username) }}">
            {%- trans %}Edit profile{% endtrans -%}
          </a>
        {% endif %}