basic_auth branch that openid is forked from
Commits squashed together (in reverse chronological order):
- do the label thing only for boolean fields
- made edit_account to autofocus on the first field
- added feature to render_divs where if field.label == '' then it
will render form.description the same a render_label
- added allow_registration check
- refactored create_user
- removed verification_key from create_user
- removed get_user from openid
- cleanup after removing openid from template_env.globals
- fix for werkzueg 0.9.1
- cleanup after merge
- more tests
- restored openid extra_validation just for safety
- tests for openid
- deleted openid extra_validation
- passed next parameter in session for openid
- fixed a bug that was deleting the messages
- implemented openid store using sqlalchemy
- ask openid provider for 'nickname' to prefill username in registration form
- refactored delete openid url to work with generic urls such as
google and to not allow a user to delete a url if it is there only
one and they don't have a pw
- refactored login to register user workflow, which fixed a problem
where the 'or register with a password link' wasn't showing up when
the finish_login view called the register view because there wasn't
any redirect.
- added the ability to remove openid's
- added the ability to add openids to an existing account
- refactored start_login and finish_login views
- modified edit_account.html to use render_divs
- modified gmg/edit/views to behave appropriatly if no password
authentication is enabled. moved the update email stuff to it's own
funtion to make edit_account view cleaner. edit_account now
modifies the form depending on the plugins.
- minor typos
- added retrieving email from openid provider
- moved allow_registration check to a decorator
- moved check if auth is enabled to a decorator
- changed openid user registration to go through login first
- cleanup after merge
- modified verification emails to use itsdangerous tokens
- added error handling on bad token, fixed route, and added tests
- added support for user to change email address
- added link to login view openid/password in login template
- updated openid get_user function
- modified get_user function to take kwargs instead of username
- no need for user might be email kwarg in check_login_simple
- added gen_password_hash and check_password functions to auth/__init__
- added focus to form input
- made imports fully qualified
- modified basic_auth.check_login to check that the user has a pw_hash first
- changed occurances of form.data['whatever'] to form.whatever.data
- convert tabs to spaces in register template, remove unsed
templates, and fixed trans tags in templates
- in process of openid login. it works, but needs major imporvements
- make password field required in basic_auth form
- check if password field present in basic_auth create_user
- modified openid create_user function
- modified models based on Elronds suggestions
- changed register form action to a variable to be passed in by the
view using the template
- openid plugin v0, still need to authenticate via openid.
- added a register_user function to be able to use in a plugin's
register view, and modified auth/views.register to redirect to
openid/register if appropriate.
- Modified basic_auth plugin to work with modified auth plugin
hooks. Added context variables. Removed basic_auth/tools which was
previously renamed to basic_auth/lib.
- modified auth/__init__ hooks to work better with multiple
plugins. Removed auth/lib.py. And added a basic_extra_verification
function that all plugins will use.
- added models and migrations for openid plugin
as to not conflict with the new federated groups which are also being written.
I also fixed up some of the code in the user_in_group/user_has_privilege decor-
ator. Users are now assigned the default privileges when they sign up, and ass-
iged active once they are activated. I updated the gmg command makeadmin to use
my groups as well. Lastly, I added the decorator to various views, requiring th-
at users belong to appropriate groups to access pages.
--\ mediagoblin/auth/tools.py
--| Added code to assign new users to default privileges
--\ mediagoblin/auth/views.py
--| Added code to assign users to u'active' privilege once the email
| verification is complete
--\ mediagoblin/db/migrations.py
--| Renamed Group class to Privilege class
--\ mediagoblin/db/models.py
--| Renamed Group class to Privilege class
--\ mediagoblin/decorators.py
--| Renamed function based on the Group->Privilege change
--| Rewrote the function to be, ya know, functional
--\ mediagoblin/gmg_commands/users.py
--| Changed the 'makeadmin' command to add the target user to the admin
| privilege group as well as affecting 'is_admin' column
--\ mediagoblin/submit/views.py
--| Added the requirement that a user has the 'uploader' privilege in order
| to submit new media.
--\ mediagoblin/user_pages/views.py
--| Added the requirement that a user has the 'commenter' privilege in order
| to make a comment.
--| Added the requirement that a user has the 'reporter' privilege in order
| to submit new reports.
--| Got rid of some vestigial code in the file_a_report function.
code. I added in two major pieces of functionality: table foundations and a
decorator to confirm whether or not a user is a member of a certain group.
Table Foundations are default rows that should be present in a given table as
soon as the database is initialized. For example, I am using these to populate
the core__groups table with all of the necessary groups ('moderator', 'com-
menter', etc). Right now, this is achieved by adding a dictionary of parameters
(with the parameters as lists) to the constant FOUNDATIONS in
mediagoblin.db.models. The keys to this dictionary are uninstantiated classes.
The classes which require foundations also have must have a constructor so that
the list of parameters can be passed appropriately like so:
Model(*parameters)
In order to implement these foundations, I added the method populate_table_fou-
-ndations to MigrationManager in mediagoblin.db.migration_tools.
The decorator, called user_in_group, accepts as a parameter a unicode string,
and then decides whether to redirect to 403 or let the user access the page. The
identifier is the Group.group_name string, because I believe that will allow for
the most readable code.
I also added in the simple decorator require_admin_login.
In terms of tightening up my code, I made many minor changes to my use of white
space and made a few small documentation additions. I removed a vestigial class
(ReportForm) from mediagoblin.user_pages.forms. I moved all of my migrations in-
to one registered Migration.
Setting up Foundations
==============================
--\ mediagoblin/db/migration_tools.py
--| created: MigrationManager.populate_table_foundations
--| modified: MigrationManager.init_or_migrate to run
| self.populate_table_foundations on init
--\ mediagoblin/db/models.py
--| created: FOUNDATIONS
----| created: group_foundations
Working With Permissions
==============================
--\ mediagoblin/decorators.py
--| created: user_in_group
--| created: require_admin_login
--\ mediagoblin/user_pages/views.py
--| modified: added decorator user_in_group to file_a_report
--\ mediagoblin/admin/views.py
--| modified: added decorator require_admin_login to all views functions
General Code Tidying
=============================
--/ mediagoblin/admin/views.py
--/ mediagoblin/user_pages/forms.py
--/ mediagoblin/db/models.py
--/ mediagoblin/user_pages/lib.py
--/ mediagoblin/user_pages/views.py
--/ mediagoblin/db/migrations.py
lity. At this point, I have finished all the of basic work with the models! I
still need to do some tightening of their documentation, but they seem to be
working well.
Working with Models
========================================
--\ mediagoblin/db/models.py
--| Added in the Report model and table. This model is strictly a parent
----| Added in the CommentReport model which holds information about a report
| filed against a comment. This class inherits from Report.
----| Added in the MediaReport model which holds information about a report f-
| -iled against a media entry. This class inherits from Report.
--| Added in a UserBan model and table. This model is in a one to one relatio-
| -nship with User. This object acts as a marker for whether a user is banned
| or not.
--| Added in a Group model. These objects are in a many-to-many relationship
| with User to explain which privileges a User has.
----| Added in GroupUserAssociation which is a table used to hold this many to
| many relationship between Group & User.
--\ mediagoblin/db/migrations.py
--| Added in the migrations for all of the additions to models
--| Added UserBan_v0
--| Added Report_v0
----| Added CommentReport_v0
----| Added MediaReport_v0
--| Added Group_v0
----| Added GroupUserAssociation_v0
Working with Templates, Views, and Routing
===============================================
>>> Reporting a Comment or a MediaEntry
--\ mediagoblin/user_pages/views.py
--| Added in the function file_a_report to allow user to file reports against
| MediaEntries or Comments. Handles GET and POST requests.
--| Added in the function file_a_comment_report which uses file_a_report but
| also catches appropriate information for comment_ids. I may be able to do
| this more eloquently with decorators.
--\ mediagoblin/user_pages/routing.py
--| Added in route 'mediagoblin.user_pages.media_home.report_media'
| (linked to address /u/<user>/m/<media>/report/ )
--| Added in route ''mediagoblin.user_pages.media_home.report_comment'
| (linked to address /u/<user>/m/<media>/c/<comment>/report/ )
--\ mediagoblin/templates/mediagoblin/user_pages/report.html
--| I created this file to handle the filing of a report.
--\ mediagoblin/templates/mediagoblin/user_pages/media.html
--| Modified this file to add in links allowing users to report either media
| or comments.
--\ mediagoblin/user_pages/lib.py
--| Added in build_report_form which processes data as either a CommentReport or
| a MediaReport depending on which parameters are present
--\ mediagoblin/user_pages/forms.py
--| Added in CommentReportForm
--| Added in MediaReportForm
--| note: ReportForm is vestigial to an earlier strategy I used and I'll remove it
| promptly
--\ mediagoblin/decorators.py
--| Added in 'get_media_comment_by_id' for use in mediagoblin/user_pages/views.py
>>> New Admin Panels
--\ mediagoblin/admin/views.py
--| Added in the function admin_users_panel
--| Added in the function admin_reports_panel
--\ mediagoblin/admin/routing.py
--| Added in route 'mediagoblin.admin.users'
| (linked to address '/a/users')
--| Added in route 'mediagoblin.admin.reports'
| (linked to address '/a/reports/')
--\ mediagoblin/templates/admin/user.html
--| Created this file as a template for monitoring users
--\ mediagoblin/templates/admin/report.html
--| Created this file as a template for monitoring reports filed against media or
| comments
It turns out this has to do with some additions to the fixture adding
of media entries. Since the new fake_upload field is True by default,
adding multiple entries that have media_files at once meant that
multiple additions of FileKeynames would be added at once if they were
not saved at the same time. Tricky!
Thankfully, Elrond helped us figure this one out. Thanks, Elrond :)
And thanks also to Aapo Rantalainen for sponsoring this commit!
