code. I added in two major pieces of functionality: table foundations and a
decorator to confirm whether or not a user is a member of a certain group.
Table Foundations are default rows that should be present in a given table as
soon as the database is initialized. For example, I am using these to populate
the core__groups table with all of the necessary groups ('moderator', 'com-
menter', etc). Right now, this is achieved by adding a dictionary of parameters
(with the parameters as lists) to the constant FOUNDATIONS in
mediagoblin.db.models. The keys to this dictionary are uninstantiated classes.
The classes which require foundations also have must have a constructor so that
the list of parameters can be passed appropriately like so:
Model(*parameters)
In order to implement these foundations, I added the method populate_table_fou-
-ndations to MigrationManager in mediagoblin.db.migration_tools.
The decorator, called user_in_group, accepts as a parameter a unicode string,
and then decides whether to redirect to 403 or let the user access the page. The
identifier is the Group.group_name string, because I believe that will allow for
the most readable code.
I also added in the simple decorator require_admin_login.
In terms of tightening up my code, I made many minor changes to my use of white
space and made a few small documentation additions. I removed a vestigial class
(ReportForm) from mediagoblin.user_pages.forms. I moved all of my migrations in-
to one registered Migration.
Setting up Foundations
==============================
--\ mediagoblin/db/migration_tools.py
--| created: MigrationManager.populate_table_foundations
--| modified: MigrationManager.init_or_migrate to run
| self.populate_table_foundations on init
--\ mediagoblin/db/models.py
--| created: FOUNDATIONS
----| created: group_foundations
Working With Permissions
==============================
--\ mediagoblin/decorators.py
--| created: user_in_group
--| created: require_admin_login
--\ mediagoblin/user_pages/views.py
--| modified: added decorator user_in_group to file_a_report
--\ mediagoblin/admin/views.py
--| modified: added decorator require_admin_login to all views functions
General Code Tidying
=============================
--/ mediagoblin/admin/views.py
--/ mediagoblin/user_pages/forms.py
--/ mediagoblin/db/models.py
--/ mediagoblin/user_pages/lib.py
--/ mediagoblin/user_pages/views.py
--/ mediagoblin/db/migrations.py
lity. At this point, I have finished all the of basic work with the models! I
still need to do some tightening of their documentation, but they seem to be
working well.
Working with Models
========================================
--\ mediagoblin/db/models.py
--| Added in the Report model and table. This model is strictly a parent
----| Added in the CommentReport model which holds information about a report
| filed against a comment. This class inherits from Report.
----| Added in the MediaReport model which holds information about a report f-
| -iled against a media entry. This class inherits from Report.
--| Added in a UserBan model and table. This model is in a one to one relatio-
| -nship with User. This object acts as a marker for whether a user is banned
| or not.
--| Added in a Group model. These objects are in a many-to-many relationship
| with User to explain which privileges a User has.
----| Added in GroupUserAssociation which is a table used to hold this many to
| many relationship between Group & User.
--\ mediagoblin/db/migrations.py
--| Added in the migrations for all of the additions to models
--| Added UserBan_v0
--| Added Report_v0
----| Added CommentReport_v0
----| Added MediaReport_v0
--| Added Group_v0
----| Added GroupUserAssociation_v0
Working with Templates, Views, and Routing
===============================================
>>> Reporting a Comment or a MediaEntry
--\ mediagoblin/user_pages/views.py
--| Added in the function file_a_report to allow user to file reports against
| MediaEntries or Comments. Handles GET and POST requests.
--| Added in the function file_a_comment_report which uses file_a_report but
| also catches appropriate information for comment_ids. I may be able to do
| this more eloquently with decorators.
--\ mediagoblin/user_pages/routing.py
--| Added in route 'mediagoblin.user_pages.media_home.report_media'
| (linked to address /u/<user>/m/<media>/report/ )
--| Added in route ''mediagoblin.user_pages.media_home.report_comment'
| (linked to address /u/<user>/m/<media>/c/<comment>/report/ )
--\ mediagoblin/templates/mediagoblin/user_pages/report.html
--| I created this file to handle the filing of a report.
--\ mediagoblin/templates/mediagoblin/user_pages/media.html
--| Modified this file to add in links allowing users to report either media
| or comments.
--\ mediagoblin/user_pages/lib.py
--| Added in build_report_form which processes data as either a CommentReport or
| a MediaReport depending on which parameters are present
--\ mediagoblin/user_pages/forms.py
--| Added in CommentReportForm
--| Added in MediaReportForm
--| note: ReportForm is vestigial to an earlier strategy I used and I'll remove it
| promptly
--\ mediagoblin/decorators.py
--| Added in 'get_media_comment_by_id' for use in mediagoblin/user_pages/views.py
>>> New Admin Panels
--\ mediagoblin/admin/views.py
--| Added in the function admin_users_panel
--| Added in the function admin_reports_panel
--\ mediagoblin/admin/routing.py
--| Added in route 'mediagoblin.admin.users'
| (linked to address '/a/users')
--| Added in route 'mediagoblin.admin.reports'
| (linked to address '/a/reports/')
--\ mediagoblin/templates/admin/user.html
--| Created this file as a template for monitoring users
--\ mediagoblin/templates/admin/report.html
--| Created this file as a template for monitoring reports filed against media or
| comments
- Added request.notifications
- Email configuration fixes
- Set config_spec default SMTP port to `0` and switch to SSL/non-SSL
default if `port == 0`
- Added email_smtp_use_ssl configuration setting
- Added migrations for notification tables
- Added __repr__ to MediaComment(Mixin)
- Added MediaComment.get_entry => MediaEntry
- Added CommentSubscription, CommentNotification, Notification,
ProcessingNotification tables
- Added notifications.task to celery init
- Fixed a bug in the video transcoder where pygst would hijack the
--help argument.
- Added notifications
- views
- silence
- subscribe
- routes
- utility methods
- celery task
- Added half-hearted .active comment CSS style
- Added quick JS to show header_dropdown
- Added fragment template to show notifications in header_dropdown
- Added fragment template to show subscribe/unsubscribe buttons on
media/comment pages
- Updated celery setup tests with notifications.task
- Tried to fix test_misc tests that I broke
- Added notification tests
- Added and extended tests.tools fixtures
- Integrated new notifications into media_home, media_post_comment views
- Bumped SQLAlchemy dependency to >= 0.8.0 since we need polymorphic for
the notifications to work
Using collection.url_for_self(request.urlgen) instead
of request.urlgen(lengthy) is so much nicer, so using
it around the place.
Also added a few missing </a> in one template.
This is a shortcut function to redirect to the main page
for an object. Objects currently supported: media entries
and collections.
And go around and replace various places to use this.
Don't do: _("With some value: %s" % value)
Please do: _("WIth some value: %s") % value
Fixed for collection messages.
Also removed a
try:
some_code.
except Exception as e:
raise
No point in doing that.
Fixing the indentation of some_code comes in an extra
commit, because changing indentation is annoying enough
alone, so don't mix it with other changes.
The ideas is by Alon Levy.
Not only media_collect, but also other places might want to
add media to a collection. So refactor this into a function
for easier usage.
The problem is:
Collection.query.filter_by(id=X, ...)
1. X = form.collection.data
This works nicely for the completely empty form (X = None).
It does not work for a selected collection, because X
will be the collection, not its id.
2. X = request.form.get('collection') (old code).
This one works mostly, except for the completely empty
form on postgres, because in this case X = u"__None" and
postgres does not like comparing an integer column with
a string.
Fix:
collection = form.collection.data
if collection and collection.creator != request.user.id:
collection = None
That's true; I'm not sure what it's fixing, but he thinks it's fixing
something. Anyway, it's correct :)
This commit sponsored by Philippe Gauthier. Thanks!
- Don't let people who aren't the authors of a collection from adding
things to it (handled by forcing the user check in the query)
- request url in case invalid collection selected fixed
- collection_item.author doesn't yet exist; removing the selection
(we might want multiple people to be able to edit a collection in
the future but that future does not yet exist; as Elrond said,
remove this "false hope")
Thanks to Elrond to pointing out these issues.
And thanks to David Kindler for sponsoring this commit!
- Fixed PEP-008 issues.
- Removed .user-{user} from the tag URI and put it before the domain,
such as {user}@{host} instead.
- Use year from collection.created instead of current year.
tags used to be global, you could only browse media by tag for all users.
This patch implements a view that allows us to browse only a user's tagged
media.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
when linking to a comment in a MediaEntry, the page did not
contain a <a name="comment"> because, well:
We fetched a string comment-id from the routing. And the
pagination code tried to compare that to the int id on the
comment.
Fix is to let routing fetch an int from the url. Easy.
Relatedly remove duplicated comment_id fetching from the
URL in the view.
schendje rightly pointed out that we should not return to the media
homepage if we did not select a collection on the "collect" page, but
should actually return to the collect page.
This is an improvement of the user experience ;-)
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Deleting a MediaEntry instance will automatically
delete all related comments and files/attachments. This moves
implementation logic out of views.py and allows to make use of this
functionality when e.g. deleting a User() account.
Whenever a MediaEntry entry is deleted, this will also sql-delete
the corresponding MediaFile entry.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
- add a route at /u/<user>/collections/ (note trailing 's') that lists
all existing collections
- move there the "Create new collection" link, if the user is logged in
- add a new link "Browse collections" from root.html
We have a bunch of URLs that are more for internal use. At
least they're definitely not intended to be posted
somewhere for long term useage.
When those things affect a media, it's much better to
reference the media by its id. This can't change, ever.
This is better for races.
Like someone posting a comment while the owner
corrects a typo in the slug.
We provided a custom GMQuery class that offered a .sort() method for
compatibility with the Mongo syntax. Now that we have settled for sqlalchemy
which uses the order_by() method, we can safely remove this custom class
and move a little closer to "pure" and native sqlalchemy usage.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This is the last remnant that requires us to keep db.sql.fake.py. Use
ModelName.desc() or sqlalchemy.sql.expression.desc(column) to achieve
descending sorts.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This was one of the last remaining Mongo holdouts and has been removed from
the tree herewith. Good bye, ObjectId.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Elrond correctly remarked that we should be comparing user by id
and not by comparing User objects (as I mistakenly did). He is
right, of course!
Also removing the 2 stray debug prints that were left over.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Thanks to Elrond's review. 1) Use filter_by more consistently
rather than mixing filter and filter_by. 2) Add multiple AND
conditions in the same filter rule rather than using separate
ones. 3) The atom feeds used filter_by(Modelname.attr == ...)
which was the wrong pattern, of course.
Thanks for repairing my junk Elrond!
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
We were refering to model._id in most of the code base as this is
what Mongo uses. However, each use of _id required a) fixup of queries:
e.g. what we did in our find() and find_one() functions moving all
'_id' to 'id'. It also required using AliasFields to make the ._id
attribute available. This all means lots of superfluous fixing and
transitioning in a SQL world.
It will also not work in the long run. Much newer code already refers
to the objects by model.id (e.g. in the oauth plugin), which will break
with Mongo. So let's be honest, rip out the _id mongoism and live with
.id as the one canonical way to address objects.
This commit modifies all users and providers of model._id to use
model.id instead. This patch works with or without Mongo removed first,
but will break Mongo usage (even more than before)
I have not bothered to fixup db.mongo.* and db.sql.convert
(which converts from Mongo to SQL)
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
We were fetching the user collection gallery by slug only, so if two users
had the same collection slug, we would not have been sure which one we'd get.
Fix this by explicitly only fetching the specific user's collections. Also
switch over the view function to make use of the new active_user_from_url
decorator that fetches the User() object for us.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This switches the user gallery page over to use the new decorator, and
cleans up the queries to be in proper sqlalchemy format rather than the
old mongo format.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
In all cases where get_media_manager(_media_type_as_string) was called in
our code base we ultimately passed in a "MediaEntry().media_type" to get
the matching MEDIA_MANAGER. It so makes sense to make this a function of
the MediaEntry rather than a global function in mediagoblin.media_types and
passing around media_entry.media_type as arguments all the time.
It saves a few import statements and arguments. I also made it so the
Media_manager property is cached for subsequent calls, although I am not too
sure that this is needed (there are other cases for which this would make
more sense)
Also add a get_media_manager test to the media submission tests. It submits
an image and checks that both media.media_type and media.media_manager
return the right thing. Not sure if these tests could not be merged with an
existing submission test, but it can't hurt to have things explicit.
TODO: Right now we iterate through all existing media_managers to find the
right one based on the string of its module name. This should be made a simple
dict lookup to avoid all the extra work.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>