heckyel/mediagoblin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into 623_context_hooks

Browse Source
This commit is contained in:
Christopher Allan Webber 2013-05-10 20:19:16 -05:00
commit e39feb041b
11 changed files with 138 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/source/siteadmin/relnotes.rst
View File

@ -100,7 +100,19 @@ MongoDB-based MediaGoblin instance to the newer SQL-based system.
**Do this to upgrade** **Do this to upgrade**
1. Make sure to run ``bin/gmg dbupdate`` after upgrading. # directory of your mediagoblin install
cd /srv/mediagoblin.example.org
# copy source for this release
git fetch
git checkout tags/v0.3.2
# perform any needed database updates
bin/gmg dbupdate
# restart your servers however you do that, e.g.,
sudo service mediagoblin-paster restart
sudo service mediagoblin-celeryd restart
**New features** **New features**

2
mediagoblin.ini
View File

@ -20,6 +20,8 @@ email_debug_mode = true
allow_registration = true allow_registration = true
## Uncomment this to turn on video or enable other media types ## Uncomment this to turn on video or enable other media types
## You may have to install dependencies, and will have to run ./bin/dbupdate
## See http://docs.mediagoblin.org/siteadmin/media-types.html for details.
# media_types = mediagoblin.media_types.image, mediagoblin.media_types.video # media_types = mediagoblin.media_types.image, mediagoblin.media_types.video
## Uncomment this to put some user-overriding templates here ## Uncomment this to put some user-overriding templates here

3
mediagoblin/config_spec.ini
View File

@ -34,6 +34,9 @@ allow_registration = boolean(default=True)
# tag parsing # tag parsing
tags_max_length = integer(default=255) tags_max_length = integer(default=255)
# Enable/disable comments
allow_comments = boolean(default=True)
# Whether comments are ascending or descending # Whether comments are ascending or descending
comments_ascending = boolean(default=True) comments_ascending = boolean(default=True)

2
mediagoblin/init/config.py
View File

@ -70,7 +70,7 @@ def read_mediagoblin_config(config_path, config_spec=CONFIG_SPEC_PATH):
config_path, config_path,
interpolation='ConfigParser') interpolation='ConfigParser')
plugins = config["plugins"].keys() plugins = config.get("plugins", {}).keys()
plugin_configs = {} plugin_configs = {}
for plugin in plugins: for plugin in plugins:

4
mediagoblin/plugins/api/__init__.py
View File

@ -23,11 +23,11 @@ _log = logging.getLogger(__name__)
PLUGIN_DIR = os.path.dirname(__file__) PLUGIN_DIR = os.path.dirname(__file__)
config = pluginapi.get_config(__name__)
def setup_plugin(): def setup_plugin():
_log.info('Setting up API...') _log.info('Setting up API...')
config = pluginapi.get_config(__name__)
_log.debug('API config: {0}'.format(config)) _log.debug('API config: {0}'.format(config))
routes = [ routes = [

5
mediagoblin/plugins/piwigo/__init__.py
View File

@ -17,6 +17,8 @@
import logging import logging
from mediagoblin.tools import pluginapi from mediagoblin.tools import pluginapi
from mediagoblin.tools.session import SessionManager
from .tools import PWGSession
_log = logging.getLogger(__name__) _log = logging.getLogger(__name__)
@ -32,6 +34,9 @@ def setup_plugin():
pluginapi.register_routes(routes) pluginapi.register_routes(routes)
PWGSession.session_manager = SessionManager("pwg_id", "plugins.piwigo")
hooks = { hooks = {
'setup': setup_plugin 'setup': setup_plugin
} }

16
mediagoblin/plugins/piwigo/forms.py
View File

@ -26,3 +26,19 @@ class AddSimpleForm(wtforms.Form):
# tags = wtforms.FieldList(wtforms.TextField()) # tags = wtforms.FieldList(wtforms.TextField())
category = wtforms.IntegerField() category = wtforms.IntegerField()
level = wtforms.IntegerField() level = wtforms.IntegerField()
_md5_validator = wtforms.validators.Regexp(r"^[0-9a-fA-F]{32}$")
class AddForm(wtforms.Form):
original_sum = wtforms.TextField(None,
[_md5_validator,
wtforms.validators.Required()])
thumbnail_sum = wtforms.TextField(None,
[wtforms.validators.Optional(False),
_md5_validator])
file_sum = wtforms.TextField(None, [_md5_validator])
name = wtforms.TextField()
date_creation = wtforms.TextField()
categories = wtforms.TextField()

46
mediagoblin/plugins/piwigo/tools.py
View File

@ -18,8 +18,9 @@ import logging
import six import six
import lxml.etree as ET import lxml.etree as ET
from werkzeug.exceptions import MethodNotAllowed from werkzeug.exceptions import MethodNotAllowed, BadRequest
from mediagoblin.tools.request import setup_user_in_request
from mediagoblin.tools.response import Response from mediagoblin.tools.response import Response
@ -106,3 +107,46 @@ class CmdTable(object):
_log.warn("Method %s only allowed for POST", cmd_name) _log.warn("Method %s only allowed for POST", cmd_name)
raise MethodNotAllowed() raise MethodNotAllowed()
return func return func
def check_form(form):
if not form.validate():
_log.error("form validation failed for form %r", form)
for f in form:
if len(f.error):
_log.error("Errors for %s: %r", f.name, f.errors)
raise BadRequest()
dump = []
for f in form:
dump.append("%s=%r" % (f.name, f.data))
_log.debug("form: %s", " ".join(dump))
class PWGSession(object):
session_manager = None
def __init__(self, request):
self.request = request
self.in_pwg_session = False
def __enter__(self):
# Backup old state
self.old_session = self.request.session
self.old_user = self.request.user
# Load piwigo session into state
self.request.session = self.session_manager.load_session_from_cookie(
self.request)
setup_user_in_request(self.request)
self.in_pwg_session = True
return self
def __exit__(self, *args):
# Restore state
self.request.session = self.old_session
self.request.user = self.old_user
self.in_pwg_session = False
def save_to_cookie(self, response):
assert self.in_pwg_session
self.session_manager.save_session_to_cookie(self.request.session,
self.request, response)

59
mediagoblin/plugins/piwigo/views.py
View File

@ -20,11 +20,12 @@ import re
from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented
from werkzeug.wrappers import BaseResponse from werkzeug.wrappers import BaseResponse
from mediagoblin import mg_globals
from mediagoblin.meddleware.csrf import csrf_exempt from mediagoblin.meddleware.csrf import csrf_exempt
from mediagoblin.submit.lib import check_file_field from mediagoblin.submit.lib import check_file_field
from .tools import CmdTable, PwgNamedArray, response_xml from mediagoblin.auth.lib import fake_login_attempt
from .forms import AddSimpleForm from .tools import CmdTable, PwgNamedArray, response_xml, check_form, \
PWGSession
from .forms import AddSimpleForm, AddForm
_log = logging.getLogger(__name__) _log = logging.getLogger(__name__)
@ -34,13 +35,25 @@ _log = logging.getLogger(__name__)
def pwg_login(request): def pwg_login(request):
username = request.form.get("username") username = request.form.get("username")
password = request.form.get("password") password = request.form.get("password")
_log.info("Login for %r/%r...", username, password) _log.debug("Login for %r/%r...", username, password)
user = request.db.User.query.filter_by(username=username).first()
if not user:
_log.info("User %r not found", username)
fake_login_attempt()
return False
if not user.check_login(password):
_log.warn("Wrong password for %r", username)
return False
_log.info("Logging %r in", username)
request.session["user_id"] = user.id
request.session.save()
return True return True
@CmdTable("pwg.session.logout") @CmdTable("pwg.session.logout")
def pwg_logout(request): def pwg_logout(request):
_log.info("Logout") _log.info("Logout")
request.session.delete()
return True return True
@ -51,7 +64,11 @@ def pwg_getversion(request):
@CmdTable("pwg.session.getStatus") @CmdTable("pwg.session.getStatus")
def pwg_session_getStatus(request): def pwg_session_getStatus(request):
return {'username': "fake_user"} if request.user:
username = request.user.username
else:
username = "guest"
return {'username': username}
@CmdTable("pwg.categories.getList") @CmdTable("pwg.categories.getList")
@ -133,17 +150,13 @@ def pwg_images_addChunk(request):
return True return True
def possibly_add_cookie(request, response): @CmdTable("pwg.images.add", True)
# TODO: We should only add a *real* cookie, if def pwg_images_add(request):
# authenticated. And if there is no cookie already. _log.info("add: %r", request.form)
if True: form = AddForm(request.form)
response.set_cookie( check_form(form)
'pwg_id',
"some_fake_for_now", return {'image_id': 123456, 'url': ''}
path=request.environ['SCRIPT_NAME'],
domain=mg_globals.app_config.get('csrf_cookie_domain'),
secure=(request.scheme.lower() == 'https'),
httponly=True)
@csrf_exempt @csrf_exempt
@ -158,13 +171,13 @@ def ws_php(request):
request.args, request.form) request.args, request.form)
raise NotImplemented() raise NotImplemented()
result = func(request) with PWGSession(request) as session:
result = func(request)
if isinstance(result, BaseResponse): if isinstance(result, BaseResponse):
return result return result
response = response_xml(result) response = response_xml(result)
session.save_to_cookie(response)
possibly_add_cookie(request, response) return response
return response

14
mediagoblin/templates/mediagoblin/user_pages/media.html
View File

@ -43,7 +43,7 @@
{%- endtrans -%} {%- endtrans -%}
</p> </p>
{% include "mediagoblin/utils/prev_next.html" %} {% include "mediagoblin/utils/prev_next.html" %}
<div class="media_pane"> <div class="media_pane">
<div class="media_image_container"> <div class="media_image_container">
{% block mediagoblin_media %} {% block mediagoblin_media %}
{% set display_media = request.app.public_store.file_url( {% set display_media = request.app.public_store.file_url(
@ -71,7 +71,7 @@
{{ media.title }} {{ media.title }}
</h2> </h2>
{% if request.user and {% if request.user and
(media.uploader == request.user.id or (media.uploader == request.user.id or
request.user.is_admin) %} request.user.is_admin) %}
{% set edit_url = request.urlgen('mediagoblin.edit.edit_media', {% set edit_url = request.urlgen('mediagoblin.edit.edit_media',
user= media.get_uploader.username, user= media.get_uploader.username,
@ -90,11 +90,13 @@
{% if not request.user %} {% if not request.user %}
href="{{ request.urlgen('mediagoblin.auth.login') }}" href="{{ request.urlgen('mediagoblin.auth.login') }}"
{% endif %} {% endif %}
class="button_action" id="button_addcomment" title="Add a comment"> {% if app_config['allow_comments'] %}
{% trans %}Add a comment{% endtrans %} class="button_action" id="button_addcomment" title="Add a comment">
{% trans %}Add a comment{% endtrans %}
{% endif %}
</a> </a>
{% if request.user %} {% if request.user %}
<form action="{{ request.urlgen('mediagoblin.user_pages.media_post_comment', <form action="{{ request.urlgen('mediagoblin.user_pages.media_post_comment',
user= media.get_uploader.username, user= media.get_uploader.username,
media_id=media.id) }}" method="POST" id="form_comment"> media_id=media.id) }}" method="POST" id="form_comment">
{{ wtforms_util.render_divs(comment_form) }} {{ wtforms_util.render_divs(comment_form) }}
@ -160,7 +162,7 @@
{% include "mediagoblin/utils/license.html" %} {% include "mediagoblin/utils/license.html" %}
{% include "mediagoblin/utils/exif.html" %} {% include "mediagoblin/utils/exif.html" %}
{%- if media.attachment_files|count %} {%- if media.attachment_files|count %}
<h3>{% trans %}Attachments{% endtrans %}</h3> <h3>{% trans %}Attachments{% endtrans %}</h3>
<ul> <ul>

8
mediagoblin/user_pages/views.py
View File

@ -161,7 +161,13 @@ def media_post_comment(request, media):
comment.author = request.user.id comment.author = request.user.id
comment.content = unicode(request.form['comment_content']) comment.content = unicode(request.form['comment_content'])
if not comment.content.strip(): # Show error message if commenting is disabled.
if not mg_globals.app_config['allow_comments']:
messages.add_message(
request,
messages.ERROR,
_("Sorry, comments are disabled."))
elif not comment.content.strip():
messages.add_message( messages.add_message(
request, request,
messages.ERROR, messages.ERROR,