Merge branch 'master' into 623_context_hooks
This commit is contained in:
Christopher Allan Webber
commit
e39feb041b
@ -100,7 +100,19 @@ MongoDB-based MediaGoblin instance to the newer SQL-based system.
|
||||
|
||||
**Do this to upgrade**
|
||||
|
||||
1. Make sure to run ``bin/gmg dbupdate`` after upgrading.
|
||||
# directory of your mediagoblin install
|
||||
cd /srv/mediagoblin.example.org
|
||||
|
||||
# copy source for this release
|
||||
git fetch
|
||||
git checkout tags/v0.3.2
|
||||
|
||||
# perform any needed database updates
|
||||
bin/gmg dbupdate
|
||||
|
||||
# restart your servers however you do that, e.g.,
|
||||
sudo service mediagoblin-paster restart
|
||||
sudo service mediagoblin-celeryd restart
|
||||
|
||||
|
||||
**New features**
|
||||
|
||||
@ -20,6 +20,8 @@ email_debug_mode = true
|
||||
allow_registration = true
|
||||
|
||||
## Uncomment this to turn on video or enable other media types
|
||||
## You may have to install dependencies, and will have to run ./bin/dbupdate
|
||||
## See http://docs.mediagoblin.org/siteadmin/media-types.html for details.
|
||||
# media_types = mediagoblin.media_types.image, mediagoblin.media_types.video
|
||||
|
||||
## Uncomment this to put some user-overriding templates here
|
||||
|
||||
@ -34,6 +34,9 @@ allow_registration = boolean(default=True)
|
||||
# tag parsing
|
||||
tags_max_length = integer(default=255)
|
||||
|
||||
# Enable/disable comments
|
||||
allow_comments = boolean(default=True)
|
||||
|
||||
# Whether comments are ascending or descending
|
||||
comments_ascending = boolean(default=True)
|
||||
|
||||
|
||||
@ -70,7 +70,7 @@ def read_mediagoblin_config(config_path, config_spec=CONFIG_SPEC_PATH):
|
||||
config_path,
|
||||
interpolation='ConfigParser')
|
||||
|
||||
plugins = config["plugins"].keys()
|
||||
plugins = config.get("plugins", {}).keys()
|
||||
plugin_configs = {}
|
||||
|
||||
for plugin in plugins:
|
||||
|
||||
@ -23,11 +23,11 @@ _log = logging.getLogger(__name__)
|
||||
|
||||
PLUGIN_DIR = os.path.dirname(__file__)
|
||||
|
||||
config = pluginapi.get_config(__name__)
|
||||
|
||||
def setup_plugin():
|
||||
_log.info('Setting up API...')
|
||||
|
||||
config = pluginapi.get_config(__name__)
|
||||
|
||||
_log.debug('API config: {0}'.format(config))
|
||||
|
||||
routes = [
|
||||
|
||||
@ -17,6 +17,8 @@
|
||||
import logging
|
||||
|
||||
from mediagoblin.tools import pluginapi
|
||||
from mediagoblin.tools.session import SessionManager
|
||||
from .tools import PWGSession
|
||||
|
||||
_log = logging.getLogger(__name__)
|
||||
|
||||
@ -32,6 +34,9 @@ def setup_plugin():
|
||||
|
||||
pluginapi.register_routes(routes)
|
||||
|
||||
PWGSession.session_manager = SessionManager("pwg_id", "plugins.piwigo")
|
||||
|
||||
|
||||
hooks = {
|
||||
'setup': setup_plugin
|
||||
}
|
||||
|
||||
@ -26,3 +26,19 @@ class AddSimpleForm(wtforms.Form):
|
||||
# tags = wtforms.FieldList(wtforms.TextField())
|
||||
category = wtforms.IntegerField()
|
||||
level = wtforms.IntegerField()
|
||||
|
||||
|
||||
_md5_validator = wtforms.validators.Regexp(r"^[0-9a-fA-F]{32}$")
|
||||
|
||||
|
||||
class AddForm(wtforms.Form):
|
||||
original_sum = wtforms.TextField(None,
|
||||
[_md5_validator,
|
||||
wtforms.validators.Required()])
|
||||
thumbnail_sum = wtforms.TextField(None,
|
||||
[wtforms.validators.Optional(False),
|
||||
_md5_validator])
|
||||
file_sum = wtforms.TextField(None, [_md5_validator])
|
||||
name = wtforms.TextField()
|
||||
date_creation = wtforms.TextField()
|
||||
categories = wtforms.TextField()
|
||||
|
||||
@ -18,8 +18,9 @@ import logging
|
||||
|
||||
import six
|
||||
import lxml.etree as ET
|
||||
from werkzeug.exceptions import MethodNotAllowed
|
||||
from werkzeug.exceptions import MethodNotAllowed, BadRequest
|
||||
|
||||
from mediagoblin.tools.request import setup_user_in_request
|
||||
from mediagoblin.tools.response import Response
|
||||
|
||||
|
||||
@ -106,3 +107,46 @@ class CmdTable(object):
|
||||
_log.warn("Method %s only allowed for POST", cmd_name)
|
||||
raise MethodNotAllowed()
|
||||
return func
|
||||
|
||||
|
||||
def check_form(form):
|
||||
if not form.validate():
|
||||
_log.error("form validation failed for form %r", form)
|
||||
for f in form:
|
||||
if len(f.error):
|
||||
_log.error("Errors for %s: %r", f.name, f.errors)
|
||||
raise BadRequest()
|
||||
dump = []
|
||||
for f in form:
|
||||
dump.append("%s=%r" % (f.name, f.data))
|
||||
_log.debug("form: %s", " ".join(dump))
|
||||
|
||||
|
||||
class PWGSession(object):
|
||||
session_manager = None
|
||||
|
||||
def __init__(self, request):
|
||||
self.request = request
|
||||
self.in_pwg_session = False
|
||||
|
||||
def __enter__(self):
|
||||
# Backup old state
|
||||
self.old_session = self.request.session
|
||||
self.old_user = self.request.user
|
||||
# Load piwigo session into state
|
||||
self.request.session = self.session_manager.load_session_from_cookie(
|
||||
self.request)
|
||||
setup_user_in_request(self.request)
|
||||
self.in_pwg_session = True
|
||||
return self
|
||||
|
||||
def __exit__(self, *args):
|
||||
# Restore state
|
||||
self.request.session = self.old_session
|
||||
self.request.user = self.old_user
|
||||
self.in_pwg_session = False
|
||||
|
||||
def save_to_cookie(self, response):
|
||||
assert self.in_pwg_session
|
||||
self.session_manager.save_session_to_cookie(self.request.session,
|
||||
self.request, response)
|
||||
|
||||
@ -20,11 +20,12 @@ import re
|
||||
from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented
|
||||
from werkzeug.wrappers import BaseResponse
|
||||
|
||||
from mediagoblin import mg_globals
|
||||
from mediagoblin.meddleware.csrf import csrf_exempt
|
||||
from mediagoblin.submit.lib import check_file_field
|
||||
from .tools import CmdTable, PwgNamedArray, response_xml
|
||||
from .forms import AddSimpleForm
|
||||
from mediagoblin.auth.lib import fake_login_attempt
|
||||
from .tools import CmdTable, PwgNamedArray, response_xml, check_form, \
|
||||
PWGSession
|
||||
from .forms import AddSimpleForm, AddForm
|
||||
|
||||
|
||||
_log = logging.getLogger(__name__)
|
||||
@ -34,13 +35,25 @@ _log = logging.getLogger(__name__)
|
||||
def pwg_login(request):
|
||||
username = request.form.get("username")
|
||||
password = request.form.get("password")
|
||||
_log.info("Login for %r/%r...", username, password)
|
||||
_log.debug("Login for %r/%r...", username, password)
|
||||
user = request.db.User.query.filter_by(username=username).first()
|
||||
if not user:
|
||||
_log.info("User %r not found", username)
|
||||
fake_login_attempt()
|
||||
return False
|
||||
if not user.check_login(password):
|
||||
_log.warn("Wrong password for %r", username)
|
||||
return False
|
||||
_log.info("Logging %r in", username)
|
||||
request.session["user_id"] = user.id
|
||||
request.session.save()
|
||||
return True
|
||||
|
||||
|
||||
@CmdTable("pwg.session.logout")
|
||||
def pwg_logout(request):
|
||||
_log.info("Logout")
|
||||
request.session.delete()
|
||||
return True
|
||||
|
||||
|
||||
@ -51,7 +64,11 @@ def pwg_getversion(request):
|
||||
|
||||
@CmdTable("pwg.session.getStatus")
|
||||
def pwg_session_getStatus(request):
|
||||
return {'username': "fake_user"}
|
||||
if request.user:
|
||||
username = request.user.username
|
||||
else:
|
||||
username = "guest"
|
||||
return {'username': username}
|
||||
|
||||
|
||||
@CmdTable("pwg.categories.getList")
|
||||
@ -133,17 +150,13 @@ def pwg_images_addChunk(request):
|
||||
return True
|
||||
|
||||
|
||||
def possibly_add_cookie(request, response):
|
||||
# TODO: We should only add a *real* cookie, if
|
||||
# authenticated. And if there is no cookie already.
|
||||
if True:
|
||||
response.set_cookie(
|
||||
'pwg_id',
|
||||
"some_fake_for_now",
|
||||
path=request.environ['SCRIPT_NAME'],
|
||||
domain=mg_globals.app_config.get('csrf_cookie_domain'),
|
||||
secure=(request.scheme.lower() == 'https'),
|
||||
httponly=True)
|
||||
@CmdTable("pwg.images.add", True)
|
||||
def pwg_images_add(request):
|
||||
_log.info("add: %r", request.form)
|
||||
form = AddForm(request.form)
|
||||
check_form(form)
|
||||
|
||||
return {'image_id': 123456, 'url': ''}
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
@ -158,13 +171,13 @@ def ws_php(request):
|
||||
request.args, request.form)
|
||||
raise NotImplemented()
|
||||
|
||||
with PWGSession(request) as session:
|
||||
result = func(request)
|
||||
|
||||
if isinstance(result, BaseResponse):
|
||||
return result
|
||||
|
||||
response = response_xml(result)
|
||||
|
||||
possibly_add_cookie(request, response)
|
||||
session.save_to_cookie(response)
|
||||
|
||||
return response
|
||||
|
||||
@ -90,8 +90,10 @@
|
||||
{% if not request.user %}
|
||||
href="{{ request.urlgen('mediagoblin.auth.login') }}"
|
||||
{% endif %}
|
||||
{% if app_config['allow_comments'] %}
|
||||
class="button_action" id="button_addcomment" title="Add a comment">
|
||||
{% trans %}Add a comment{% endtrans %}
|
||||
{% endif %}
|
||||
</a>
|
||||
{% if request.user %}
|
||||
<form action="{{ request.urlgen('mediagoblin.user_pages.media_post_comment',
|
||||
|
||||
@ -161,7 +161,13 @@ def media_post_comment(request, media):
|
||||
comment.author = request.user.id
|
||||
comment.content = unicode(request.form['comment_content'])
|
||||
|
||||
if not comment.content.strip():
|
||||
# Show error message if commenting is disabled.
|
||||
if not mg_globals.app_config['allow_comments']:
|
||||
messages.add_message(
|
||||
request,
|
||||
messages.ERROR,
|
||||
_("Sorry, comments are disabled."))
|
||||
elif not comment.content.strip():
|
||||
messages.add_message(
|
||||
request,
|
||||
messages.ERROR,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user