Previously we allowed EVERYTHING, even slashes as slug when editing the media.
Make sure we slugify the input to sanitize it.
(+ string formdata is unicode, so there is no need to convert it)
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This feature is absolutely necessary. Now a user can simply define
their default license and quickly go through a form, as opposed to
stopping to click on the select and choosing the same option over
and over again.
Also added DB migration for the field, so that's working now, too.
Rebased by Sebastian and made the default value to be unicode.
Reviewed-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Add a "Delete user account" template and link to it from the user
account settings page.
Create a delete_account function and fill in most blanks. We can now
successfully delete our own account.
Thanks to Elrond for catching a stray csrf_exempt in a previous iteration
of this patch.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
We have a bunch of URLs that are more for internal use. At
least they're definitely not intended to be posted
somewhere for long term useage.
When those things affect a media, it's much better to
reference the media by its id. This can't change, ever.
This is better for races.
Like someone posting a comment while the owner
corrects a typo in the slug.
Transition from the inconsistent /edit/profile/?username=FOO to
the nicer /u/FOO/edit/. The old pattern will still work and
redirects to the new URL.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
We were refering to model._id in most of the code base as this is
what Mongo uses. However, each use of _id required a) fixup of queries:
e.g. what we did in our find() and find_one() functions moving all
'_id' to 'id'. It also required using AliasFields to make the ._id
attribute available. This all means lots of superfluous fixing and
transitioning in a SQL world.
It will also not work in the long run. Much newer code already refers
to the objects by model.id (e.g. in the oauth plugin), which will break
with Mongo. So let's be honest, rip out the _id mongoism and live with
.id as the one canonical way to address objects.
This commit modifies all users and providers of model._id to use
model.id instead. This patch works with or without Mongo removed first,
but will break Mongo usage (even more than before)
I have not bothered to fixup db.mongo.* and db.sql.convert
(which converts from Mongo to SQL)
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Manually render the "notify me" checkbox line in the account settings
to not put the form label as a heading but in the same line as the
checkbox.
Edit forms.py to use the label attribute for the caption.
Original patch modified by Sebastian Spaeth to 1) not translate the
checkbox label in the template, it is translated in forms.py already.
2) Simplify the HTML, manually constructing the <label> tag is not
necessary, WTforms does it automatically.
Author: LotusEcho <Emma.C.Echo@gmail.com>
Modified-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Removed the Routes routing functionality and replaced it with
werkzeug.routes. Most views are functional.
Known issues:
- Translation integration with the request object is not yet figured
out. This breaks 404 pages.
In two cases (generating a new slug and editing the slug)
it is nice to know in advance (before the db gets angry)
that the slug is used/free. So created a db utility
function to check for this on mongo and sql:
check_media_slug_used()
attachments working with the sql backend.
- SQL Schema for attachment files, ordering attachments by
their name, not by the submission order (as earlier).
- Dot-Notation for attachments, where missing.
- convert existing attachments over from mongo -> sql
After a bit of discussion, we decided to drop the
pre-rendered html from the database and render it on
the fly.
In another step, we will use some proper caching method to
cache this stuff.
This commit affects the MediaEntry.description_html part.
After a bit of discussion, we decided to drop the
pre-rendered html from the database and render it on
the fly.
In another step, we will use some proper caching method to
cache this stuff.
This commit affects the User.bio_html part.
These changes allow all of the rest of the code to use tags
in sql as they were used on mongo. It's not efficient at
all, as changing tags usually means to remove all old tags
and adding all new.
The only problem here is: Old slugs for tags are not
removed, because they're shared across all MediaTags and
dropping orphans is not always easy.
The show password js depends on the password field to have
an id of "password". So give it a proper id.
Also fixed the label generation for the case of field.name
and field.id being different.
