159 Commits

Author SHA1 Message Date
Christopher Allan Webber
eff722ef15 fixing hook_handle for when result is never assigned, avoid reference without assignent 2013-04-19 14:58:22 -05:00
Christopher Allan Webber
e49b7bf290 As Elrond points out, we might as well .pop() default_handler 2013-04-19 14:25:02 -05:00
Christopher Allan Webber
ff259f6bf3 Hooks: the Next Generation!
I have not tested any of this but it looks right ;)
2013-04-19 13:56:05 -05:00
Christopher Allan Webber
dd7eac8223 And... pyblosxom code removed again :)
We agreed on a new direction on IRC last night...
2013-04-19 13:13:32 -05:00
Christopher Allan Webber
0ea7b48055 pyblosxom run_callback hoisted 2013-04-18 17:03:25 -05:00
Elrond
bc92ff9d3c Start to use six for basestring.
six allows us to smoothly get more forward compatible with
py3.  The idea is to change things over to use six, when/if
we feel a need for it.
2013-04-18 16:14:16 +02:00
Christopher Allan Webber
6432755db3 Merge remote-tracking branch 'refs/remotes/tsyesika/394-fuzzy-timestamp' 2013-04-13 11:42:34 -05:00
Jessica T
79e2d4eee4 Adds the unit tests and removes useless function we don't use 2013-04-12 01:40:15 +01:00
Jessica T
f1c3807db7 Adds the timesince ability which fixes #394 2013-04-11 22:37:48 +01:00
Christopher Allan Webber
761e26bb29 Merge branch '637_friendlier_hooks' 2013-04-10 17:53:05 -05:00
Christopher Allan Webber
0a5c6ec901 Remove unhandled_okay from kwargs if it's there before passing to functions. 2013-04-10 17:42:29 -05:00
Christopher Allan Webber
cdc821eb74 callable hook convenience functions.. now work, and with tests!
- Added three "callables" test plugins.
 - updated callable_runone to check for unhandled_okay in the kwargs
   dict.

All passing!
2013-04-10 17:36:21 -05:00
Christopher Allan Webber
33cbccb09d Fix sessions so they work across the site. 2013-04-10 10:08:09 -05:00
Elrond
b0ee3aae91 Make session cookies more secure.
1. Our session cookies only need to be available to http, so
   mark them appropiately.

2. Send the cookie to the subpath for mediagoblin.

And instantiate a session manager on the app, once.
2013-04-09 22:49:11 +02:00
Elrond
11780855da Fix left over from variable renaming. 2013-04-09 22:37:10 +02:00
Christopher Allan Webber
e495e28ee0 Convenience functions for callable hooks 2013-04-07 17:46:11 -05:00
Brett Smith
3843697c28 Call is_updated instead of testing it boolean. 2013-03-25 09:20:46 -04:00
Brett Smith
09102e0767 Harden It's Dangerous key management.
The previous code was theoretically subject to timing attacks, where
an attacker could read the key in between the time it was saved to the
file and when the chmod happened.  This version prevents that by using
umasks to ensure the files always have the right permissions.

This version also avoids using a key that cannot be saved due to some
system setup bug.
2013-03-24 16:27:20 -04:00
Brett Smith
5d1a8815d1 Set a starting value for session.send_new_cookie.
This makes session.__init__ slightly more complicated but probably
simplifies everything else, especially if we make the class smarter
later by having it track changes itself.
2013-03-24 15:39:49 -04:00
Brett Smith
627a721cf6 Delete the session cookie on an empty session. 2013-03-24 14:47:02 -04:00
Brett Smith
c7424612d7 Back sessions with It's Dangerous.
This is a contribution to #668.
2013-03-24 14:44:41 -04:00
Elrond
bb530c4445 Improve fs security for itsdangerous secret.
Set mode 700 on the directory, mode 600 on the file.
2013-03-22 19:12:55 +01:00
Elrond
5a8aae3aba Docs for get_timed_signer_url. 2013-03-22 19:09:19 +01:00
Elrond
5907154a59 Basic itsdangerous infrastructure.
Implement the basic infrastructure for using itsdangerous
in mediagoblin. Usage instructions will follow.
2013-03-22 18:46:47 +01:00
Christopher Allan Webber
8dad2978e7 A more realistic "con" explaination in the docstring of exif_fix_image_orientation
Thanks to dnet for catching this.

This commit sponsored by Chester Zeller.  Thanks!
2013-03-15 09:19:22 -05:00
Christopher Allan Webber
ddbf6af1e2 Huge amount of work to (mostly) allow .ogg (and maybe other) formats to skip transcode
- Update get_display_media in several ways:
   - now uses the media type's own declaration of the order of things
   - returns both the media_size and the media_path, as per the docstring
   - implicitly uses self.media_files as opposed to forcing you to pass it in
 - update videos to use get_display_media
 - update images to declare media_fetch_order in the media manager (videos also)
 - update stl to use media.media_files['original'] instead of weird
   use of get_display_media
 - update sidebar to only conditionally show webm_640

TODO still: identify video type information *during* processing, show
that in the <video><source /></video> element.

This commit sponsored by Nathan Yergler.  Thanks, nyergler!
2013-03-02 19:06:31 -06:00
András Veres-Szentkirályi
0037706a57 simplified get_useful 2013-02-22 22:24:29 +01:00
András Veres-Szentkirályi
f2da5bef9a use dict.iteritems() instead of dict.items() 2013-02-22 22:24:29 +01:00
András Veres-Szentkirályi
6dc508d27f use list expression instead of 3-deep for 2013-02-22 22:24:29 +01:00
András Veres-Szentkirályi
5e746bfdd3 simplified clean_exif 2013-02-22 22:24:29 +01:00
András Veres-Szentkirályi
9aff782ba7 close file properly and remove unneeded variable 2013-02-22 22:24:29 +01:00
András Veres-Szentkirályi
64376dc0bc typofix in comment 2013-02-22 22:24:29 +01:00
András Veres-Szentkirályi
dd51c03985 use key in dict instead of key in dict.keys() 2013-02-22 22:24:29 +01:00
Elrond
0c8073a3a3 Merge remote-tracking branch 'pythonsnake/537_version'
* pythonsnake/537_version:
  Added "version" before the version
  Fix bug 537
2013-02-19 13:34:13 +01:00
Elrond
df5b142ab9 Fix deleting media with attachments.
If one deletes a media with attachments, there have been
various problems:
1) If the file in the storage did not exist any more (maybe
   because due to a previous deletion attempt?), the error
   propagation failed, because the wrong thing was
   gathered.
2) The attachment database entries were not deleted.
   Using cascade for this, for now.

Also add a simple unit test, that tests both by having a
broken attachment on a media.
2013-02-18 14:55:42 +01:00
pythonsnake
2a0aed84a6 Fix bug 537 2013-02-10 12:01:24 +01:00
Elrond
657a463799 Use system wide EXIF package, if available.
Created and tested by Simon Fondrie-Teitler.

Thanks!
2013-02-07 00:31:37 +01:00
Elrond
cf41e7d744 Improve formatting for hook template docs. 2013-01-31 20:58:19 +01:00
Christopher Allan Webber
8a4d0dbc07 Switching set syntax to python2.6 compatible 2013-01-31 12:33:50 -06:00
Christopher Allan Webber
ec553298ff Even better documentation for get_hook_templates!
Tells how you *can* use it in templates if you really like.
2013-01-30 13:27:05 -06:00
Christopher Allan Webber
f097cf648c Improved documentation for get_hook_templates, noting the template tag 2013-01-30 13:25:20 -06:00
Christopher Allan Webber
08f3966d54 Moved the docstring for the plugin template stuff from the class to module method 2013-01-30 13:22:19 -06:00
Christopher Allan Webber
46da25827f No need for an __init__ at all in the TemplateHookExtension, really. 2013-01-30 13:22:19 -06:00
Christopher Allan Webber
927be5e8ca Move template hook over to a template_hook tag. Seems to work! :) 2013-01-30 13:22:19 -06:00
Christopher Allan Webber
a3f811a6e8 Geolocation stuff, including including templates seems to be working-ish
- I'm having trouble seeing if the geolocation stuff actually works,
   but plugins are included
 - including a list of template hooks works, however the macro to
   include them does not, so it's kinda verbose
2013-01-30 13:22:18 -06:00
Christopher Allan Webber
1c2d01ae3b Very start of plugin hooks and openstreetmap pluginification
- Added start of template hook code to pluginapi.py
 - Started to break openstreetmap into plugin; moved templates
 - Added plugin hooks in media and image media templates

... almost certainly, none of this works yet. :)
2013-01-30 13:22:18 -06:00
Elrond
04453ccf42 Better Py3 compat: d.has_key(k) -> k in d
py3 does not have dict.has_key any more. You have to use
"key in dict" instead. As that works in python2 as well,
let's use that.

Also some small bits of pep8.
2013-01-30 15:03:04 +01:00
Christopher Allan Webber
c7d135b6ea Merge branch '216_cwebber_style_unique_slugs' 2013-01-25 12:03:40 -06:00
Sebastian Spaeth
0f9cf6ef32 Normalize the email address in the same way in all places
We were case normalizing the email address for registration, but not at
all for the forgotten password retrieval. Make a
tools.mail.normalize_email helper that can be used to normalize the
email in the same way in all places.

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
2013-01-21 15:38:57 +01:00
Elrond
626a093ccc Move workbench into tools directory. 2013-01-17 22:15:57 +01:00