diff options
| -rw-r--r-- | AUTHORS | 2 | ||||
| -rw-r--r-- | docs/source/pluginwriter/quickstart.rst | 2 | ||||
| -rw-r--r-- | docs/source/siteadmin/production-deployments.rst | 3 | ||||
| -rw-r--r-- | mediagoblin/auth/tools.py | 18 | ||||
| -rw-r--r-- | mediagoblin/edit/views.py | 1 | ||||
| -rw-r--r-- | mediagoblin/gmg_commands/addmedia.py | 5 | ||||
| -rw-r--r-- | mediagoblin/gmg_commands/batchaddmedia.py | 5 | ||||
| -rw-r--r-- | mediagoblin/media_types/video/models.py | 2 | ||||
| -rw-r--r-- | mediagoblin/media_types/video/transcoders.py | 8 | ||||
| -rw-r--r-- | mediagoblin/plugins/api/views.py | 3 | ||||
| -rw-r--r-- | mediagoblin/plugins/basic_auth/forms.py | 2 | ||||
| -rw-r--r-- | mediagoblin/plugins/piwigo/views.py | 5 | ||||
| -rw-r--r-- | mediagoblin/submit/lib.py | 4 | ||||
| -rw-r--r-- | mediagoblin/submit/views.py | 1 | ||||
| -rw-r--r-- | mediagoblin/templates/mediagoblin/utils/prev_next.html | 15 | ||||
| -rw-r--r-- | mediagoblin/tests/test_auth.py | 48 |
16 files changed, 87 insertions, 37 deletions
@@ -56,6 +56,7 @@ Thank you! * Jiyda Mint Moussa * Jim Campbell * Joar Wandborg +* Jonathan Sandoval * Jorge Araya Navarro * Josephine Bartholoma * Karen Rustad @@ -76,6 +77,7 @@ Thank you! * Matt Lee * Matt Molyneaux * Meg Ford +* mi * Michele Azzolari * Mike Linksvayer * Natalie Foust-Pilcher diff --git a/docs/source/pluginwriter/quickstart.rst b/docs/source/pluginwriter/quickstart.rst index 6d45ea36..212c91ad 100644 --- a/docs/source/pluginwriter/quickstart.rst +++ b/docs/source/pluginwriter/quickstart.rst @@ -111,7 +111,7 @@ The code for ``__init__.py`` looks like this: :emphasize-lines: 12,23 import logging - from mediagoblin.tools.pluginapi import Plugin, get_config + from mediagoblin.tools.pluginapi import PluginManager, get_config # This creates a logger that you can use to log information to diff --git a/docs/source/siteadmin/production-deployments.rst b/docs/source/siteadmin/production-deployments.rst index e65ac332..b7417213 100644 --- a/docs/source/siteadmin/production-deployments.rst +++ b/docs/source/siteadmin/production-deployments.rst @@ -69,6 +69,9 @@ modify it to suit your environment's setup: Group=mediagoblin Type=simple WorkingDirectory=/srv/mediagoblin.example.org/mediagoblin + # Start mg-celeryd process as root, then switch to mediagoblin user/group + # (This is needed to run the ExecStartPre commands) + PermissionsStartOnly=true # Create directory for PID (if needed) and set ownership ExecStartPre=/bin/mkdir -p /run/mediagoblin ExecStartPre=/bin/chown -hR mediagoblin:mediagoblin /run/mediagoblin diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py index 9c16a980..ae6fadf6 100644 --- a/mediagoblin/auth/tools.py +++ b/mediagoblin/auth/tools.py @@ -34,14 +34,19 @@ from mediagoblin import auth _log = logging.getLogger(__name__) -def normalize_user_or_email_field(allow_email=True, allow_user=True): - """ - Check if we were passed a field that matches a username and/or email +def normalize_user_or_email_field(allow_email=True, allow_user=True, + is_login=False): + """Check if we were passed a field that matches a username and/or email pattern. This is useful for fields that can take either a username or email - address. Use the parameters if you want to only allow a username for - instance""" + address. Use the parameters if you want to only allow a username + for instance + + is_login : bool + If is_login is True, does not check the length of username. + + """ message = _(u'Invalid User name or email address.') nomail_msg = _(u"This field does not take email addresses.") nouser_msg = _(u"This field requires an email address.") @@ -56,7 +61,8 @@ def normalize_user_or_email_field(allow_email=True, allow_user=True): else: # lower case user names if not allow_user: raise wtforms.ValidationError(nouser_msg) - wtforms.validators.Length(min=3, max=30)(form, field) + if not is_login: + wtforms.validators.Length(min=3, max=30)(form, field) wtforms.validators.Regexp(r'^[-_\w]+$')(form, field) field.data = field.data.lower() if field.data is None: # should not happen, but be cautious anyway diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index 521359f5..b15fb2e7 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -443,6 +443,7 @@ def verify_email(request): user=user.username) +@require_active_login def change_email(request): """ View to change the user's email """ form = forms.ChangeEmailForm(request.form) diff --git a/mediagoblin/gmg_commands/addmedia.py b/mediagoblin/gmg_commands/addmedia.py index 8cbfc806..9685d5a5 100644 --- a/mediagoblin/gmg_commands/addmedia.py +++ b/mediagoblin/gmg_commands/addmedia.py @@ -85,8 +85,6 @@ def addmedia(args): print("Can't find a file with filename '%s'" % args.filename) return - upload_limit, max_file_size = get_upload_file_limits(user) - def maybe_unicodeify(some_string): # this is kinda terrible if some_string is None: @@ -103,8 +101,7 @@ def addmedia(args): title=maybe_unicodeify(args.title), description=maybe_unicodeify(args.description), license=maybe_unicodeify(args.license), - tags_string=maybe_unicodeify(args.tags) or u"", - upload_limit=upload_limit, max_file_size=max_file_size) + tags_string=maybe_unicodeify(args.tags) or u"") except FileUploadLimit: print("This file is larger than the upload limits for this site.") except UserUploadLimit: diff --git a/mediagoblin/gmg_commands/batchaddmedia.py b/mediagoblin/gmg_commands/batchaddmedia.py index 2ad7e39e..274d72bc 100644 --- a/mediagoblin/gmg_commands/batchaddmedia.py +++ b/mediagoblin/gmg_commands/batchaddmedia.py @@ -73,7 +73,6 @@ def batchaddmedia(args): username=args.username))) return - upload_limit, max_file_size = get_upload_file_limits(user) temp_files = [] if os.path.isfile(args.metadata_path): @@ -87,7 +86,6 @@ def batchaddmedia(args): abs_metadata_filename = os.path.abspath(metadata_path) abs_metadata_dir = os.path.dirname(abs_metadata_filename) - upload_limit, max_file_size = get_upload_file_limits(user) def maybe_unicodeify(some_string): # this is kinda terrible @@ -159,8 +157,7 @@ FAIL: Local file {filename} could not be accessed. description=maybe_unicodeify(description), license=maybe_unicodeify(license), metadata=json_ld_metadata, - tags_string=u"", - upload_limit=upload_limit, max_file_size=max_file_size) + tags_string=u"") print(_(u"""Successfully submitted {filename}! Be sure to look at the Media Processing Panel on your website to be sure it uploaded successfully.""".format(filename=filename))) diff --git a/mediagoblin/media_types/video/models.py b/mediagoblin/media_types/video/models.py index 4742b342..da635ed7 100644 --- a/mediagoblin/media_types/video/models.py +++ b/mediagoblin/media_types/video/models.py @@ -69,7 +69,7 @@ class VideoData(Base): orig_metadata = self.orig_metadata or {} if ("webm_video" not in self.get_media_entry.media_files - and "mimetype" in orig_metadata['common']['tags'] + and "mimetype" in orig_metadata.get('common', {}).get('tags', {}) and "codec" in orig_metadata['audio'] and "codec" in orig_metadata['video']): if orig_metadata['mimetype'] == 'application/ogg': diff --git a/mediagoblin/media_types/video/transcoders.py b/mediagoblin/media_types/video/transcoders.py index f4b0341e..2d3392f2 100644 --- a/mediagoblin/media_types/video/transcoders.py +++ b/mediagoblin/media_types/video/transcoders.py @@ -31,7 +31,7 @@ sys.argv = [] import gi gi.require_version('Gst', '1.0') -from gi.repository import GObject, Gst +from gi.repository import GLib, Gst Gst.init(None) # init before import to work around https://bugzilla.gnome.org/show_bug.cgi?id=736260 from gi.repository import GstPbutils @@ -154,7 +154,7 @@ class VideoTranscoder(object): def __init__(self): _log.info('Initializing VideoTranscoder...') self.progress_percentage = None - self.loop = GObject.MainLoop() + self.loop = GLib.MainLoop() def transcode(self, src, dst, **kwargs): ''' @@ -371,11 +371,11 @@ class VideoTranscoder(object): self.pipeline.set_state(Gst.State.NULL) # This kills the loop, mercifully - GObject.idle_add(self.__stop_mainloop) + GLib.idle_add(self.__stop_mainloop) def __stop_mainloop(self): ''' - Wrapper for GObject.MainLoop.quit() + Wrapper for GLib.MainLoop.quit() This wrapper makes us able to see if self.loop.quit has been called ''' diff --git a/mediagoblin/plugins/api/views.py b/mediagoblin/plugins/api/views.py index 23341065..fdd22ace 100644 --- a/mediagoblin/plugins/api/views.py +++ b/mediagoblin/plugins/api/views.py @@ -52,8 +52,6 @@ def post_entry(request): _log.debug('File field not found') raise BadRequest() - upload_limit, max_file_size = get_upload_file_limits(request.user) - callback_url = request.form.get('callback_url') if callback_url: callback_url = six.text_type(callback_url) @@ -66,7 +64,6 @@ def post_entry(request): description=six.text_type(request.form.get('description')), license=six.text_type(request.form.get('license', '')), tags_string=six.text_type(request.form.get('tags', '')), - upload_limit=upload_limit, max_file_size=max_file_size, callback_url=callback_url) return json_response(get_entry_serializable(entry, request.urlgen)) diff --git a/mediagoblin/plugins/basic_auth/forms.py b/mediagoblin/plugins/basic_auth/forms.py index 9a6db226..3d684e91 100644 --- a/mediagoblin/plugins/basic_auth/forms.py +++ b/mediagoblin/plugins/basic_auth/forms.py @@ -38,7 +38,7 @@ class LoginForm(wtforms.Form): username = wtforms.StringField( _('Username or Email'), [wtforms.validators.InputRequired(), - normalize_user_or_email_field()]) + normalize_user_or_email_field(is_login=True)]) password = wtforms.PasswordField( _('Password')) stay_logged_in = wtforms.BooleanField( diff --git a/mediagoblin/plugins/piwigo/views.py b/mediagoblin/plugins/piwigo/views.py index ab741a72..30c7ffa2 100644 --- a/mediagoblin/plugins/piwigo/views.py +++ b/mediagoblin/plugins/piwigo/views.py @@ -128,16 +128,13 @@ def pwg_images_addSimple(request): if not check_file_field(request, 'image'): raise BadRequest() - upload_limit, max_file_size = get_upload_file_limits(request.user) - try: entry = submit_media( mg_app=request.app, user=request.user, submitted_file=request.files['image'], filename=request.files['image'].filename, title=six.text_type(form.name.data), - description=six.text_type(form.comment.data), - upload_limit=upload_limit, max_file_size=max_file_size) + description=six.text_type(form.comment.data)) collection_id = form.category.data if collection_id > 0: diff --git a/mediagoblin/submit/lib.py b/mediagoblin/submit/lib.py index 2edea70f..4979def8 100644 --- a/mediagoblin/submit/lib.py +++ b/mediagoblin/submit/lib.py @@ -103,7 +103,6 @@ class UserPastUploadLimit(UploadLimitError): def submit_media(mg_app, user, submitted_file, filename, title=None, description=None, license=None, metadata=None, tags_string=u"", - upload_limit=None, max_file_size=None, callback_url=None, urlgen=None,): """ Args: @@ -119,12 +118,11 @@ def submit_media(mg_app, user, submitted_file, filename, - license: license for this media entry - tags_string: comma separated string of tags to be associated with this entry - - upload_limit: size in megabytes that's the per-user upload limit - - max_file_size: maximum size each file can be that's uploaded - callback_url: possible post-hook to call after submission - urlgen: if provided, used to do the feed_url update and assign a public ID used in the API (very important). """ + upload_limit, max_file_size = get_upload_file_limits(user) if upload_limit and user.uploaded >= upload_limit: raise UserPastUploadLimit() diff --git a/mediagoblin/submit/views.py b/mediagoblin/submit/views.py index be473615..7bbfb645 100644 --- a/mediagoblin/submit/views.py +++ b/mediagoblin/submit/views.py @@ -76,7 +76,6 @@ def submit_start(request): description=six.text_type(submit_form.description.data), license=six.text_type(submit_form.license.data) or None, tags_string=submit_form.tags.data, - upload_limit=upload_limit, max_file_size=max_file_size, urlgen=request.urlgen) if submit_form.collection and submit_form.collection.data: diff --git a/mediagoblin/templates/mediagoblin/utils/prev_next.html b/mediagoblin/templates/mediagoblin/utils/prev_next.html index 9e262ed9..fc8672fb 100644 --- a/mediagoblin/templates/mediagoblin/utils/prev_next.html +++ b/mediagoblin/templates/mediagoblin/utils/prev_next.html @@ -19,29 +19,36 @@ {# Provide navigation links to neighboring media entries, if possible #} {% set prev_entry_url = media.url_to_prev(request.urlgen) %} {% set next_entry_url = media.url_to_next(request.urlgen) %} +{% if is_rtl %} + {% set next_arrow = "→" %} + {% set prev_arrow = "←" %} +{% else %} + {% set next_arrow = "←" %} + {% set prev_arrow = "→" %} +{% endif %} {% if prev_entry_url or next_entry_url %} <div class="navigation"> {# There are no previous entries for the very first media entry #} {% if prev_entry_url %} <a class="navigation_button navigation_left" href="{{ prev_entry_url }}"> - ← {% trans %}newer{% endtrans %} + {{next_arrow}} {% trans %}newer{% endtrans %} </a> {% else %} {# This is the first entry. display greyed-out 'previous' image #} <p class="navigation_button navigation_left"> - ← {% trans %}newer{% endtrans %} + {{next_arrow}} {% trans %}newer{% endtrans %} </p> {% endif %} {# Likewise, this could be the very last media entry #} {% if next_entry_url %} <a class="navigation_button navigation_right" href="{{ next_entry_url }}"> - {% trans %}older{% endtrans %} → + {% trans %}older{% endtrans %} {{prev_arrow}} </a> {% else %} {# This is the last entry. display greyed-out 'next' image #} <p class="navigation_button navigation_right"> - {% trans %}older{% endtrans %} → + {% trans %}older{% endtrans %} {{prev_arrow}} </p> {% endif %} </div> diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py index cb971fdb..618d02b6 100644 --- a/mediagoblin/tests/test_auth.py +++ b/mediagoblin/tests/test_auth.py @@ -1,4 +1,3 @@ - # GNU MediaGoblin -- federated, autonomous media hosting # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. # @@ -373,6 +372,53 @@ def test_authentication_views(test_app): assert not form.username.data == u'ANDREW' assert form.username.data == u'andrew' + # Successful login with short user + # -------------------------------- + short_user = fixture_add_user(username=u'me', password=u'sho') + template.clear_test_template_context() + response = test_app.post( + '/auth/login/', { + 'username': u'me', + 'password': 'sho'}) + + # User should be redirected + response.follow() + + assert urlparse.urlsplit(response.location)[2] == '/' + assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT + + # Make sure user is in the session + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html'] + session = context['request'].session + assert session['user_id'] == six.text_type(short_user.id) + + # Must logout + template.clear_test_template_context() + response = test_app.get('/auth/logout/') + + # Successful login with long user + # ---------------- + long_user = fixture_add_user( + username=u'realllylonguser@reallylongdomain.com.co', password=u'sho') + template.clear_test_template_context() + response = test_app.post( + '/auth/login/', { + 'username': u'realllylonguser@reallylongdomain.com.co', + 'password': 'sho'}) + + # User should be redirected + response.follow() + assert urlparse.urlsplit(response.location)[2] == '/' + assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT + + # Make sure user is in the session + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html'] + session = context['request'].session + assert session['user_id'] == six.text_type(long_user.id) + + template.clear_test_template_context() + response = test_app.get('/auth/logout/') + @pytest.fixture() def authentication_disabled_app(request): return get_app( |