diff options
| -rw-r--r-- | mediagoblin/auth/views.py | 11 | ||||
| -rw-r--r-- | mediagoblin/confirm/__init__.py | 17 | ||||
| -rw-r--r-- | mediagoblin/confirm/forms.py | 26 | ||||
| -rw-r--r-- | mediagoblin/confirm/lib.py | 24 | ||||
| -rw-r--r-- | mediagoblin/confirm/routing.py | 21 | ||||
| -rw-r--r-- | mediagoblin/confirm/views.py | 56 | ||||
| -rw-r--r-- | mediagoblin/edit/views.py | 11 | ||||
| -rw-r--r-- | mediagoblin/routing.py | 2 | ||||
| -rw-r--r-- | mediagoblin/submit/views.py | 4 | ||||
| -rw-r--r-- | mediagoblin/templates/mediagoblin/confirm/confirm_delete.html | 48 | ||||
| -rw-r--r-- | mediagoblin/templates/mediagoblin/user_pages/media.html | 7 | ||||
| -rw-r--r-- | mediagoblin/user_pages/routing.py | 2 | ||||
| -rw-r--r-- | mediagoblin/user_pages/views.py | 2 |
13 files changed, 216 insertions, 15 deletions
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 4c4a34fd..48c5937c 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -44,11 +44,12 @@ def register(request): if request.method == 'POST' and register_form.validate(): # TODO: Make sure the user doesn't exist already - + username = unicode(request.POST['username'].lower()) + email = unicode(request.POST['email'].lower()) users_with_username = request.db.User.find( - {'username': request.POST['username'].lower()}).count() + {'username': username}).count() users_with_email = request.db.User.find( - {'email': request.POST['email'].lower()}).count() + {'email': email}).count() extra_validation_passes = True @@ -64,8 +65,8 @@ def register(request): if extra_validation_passes: # Create the user user = request.db.User() - user['username'] = request.POST['username'].lower() - user['email'] = request.POST['email'].lower() + user['username'] = username + user['email'] = email user['pw_hash'] = auth_lib.bcrypt_gen_password_hash( request.POST['password']) user.save(validate=True) diff --git a/mediagoblin/confirm/__init__.py b/mediagoblin/confirm/__init__.py new file mode 100644 index 00000000..a8eeb5ed --- /dev/null +++ b/mediagoblin/confirm/__init__.py @@ -0,0 +1,17 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 Free Software Foundation, Inc +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + diff --git a/mediagoblin/confirm/forms.py b/mediagoblin/confirm/forms.py new file mode 100644 index 00000000..4529528b --- /dev/null +++ b/mediagoblin/confirm/forms.py @@ -0,0 +1,26 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 Free Software Foundation, Inc +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + +import wtforms + +from mediagoblin.util import fake_ugettext_passthrough as _ + +class ConfirmDeleteForm(wtforms.Form): + confirm = wtforms.RadioField('Confirm', + default='False', + choices=[('False', 'No, I made a mistake!'), + ('True', 'Yes, delete it!')]) diff --git a/mediagoblin/confirm/lib.py b/mediagoblin/confirm/lib.py new file mode 100644 index 00000000..2efc3735 --- /dev/null +++ b/mediagoblin/confirm/lib.py @@ -0,0 +1,24 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 Free Software Foundation, Inc +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + +def may_delete_media(request, media): + """Check, if the request's user may edit the media details""" + if media['uploader'] == request.user['_id']: + return True + if request.user['is_admin']: + return True + return False diff --git a/mediagoblin/confirm/routing.py b/mediagoblin/confirm/routing.py new file mode 100644 index 00000000..d8c1ef22 --- /dev/null +++ b/mediagoblin/confirm/routing.py @@ -0,0 +1,21 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 Free Software Foundation, Inc +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + +from routes.route import Route + +confirm_routes = [ +] diff --git a/mediagoblin/confirm/views.py b/mediagoblin/confirm/views.py new file mode 100644 index 00000000..a4a63582 --- /dev/null +++ b/mediagoblin/confirm/views.py @@ -0,0 +1,56 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 Free Software Foundation, Inc +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import uuid + +from webob import exc +from string import split + +from mediagoblin import messages +from mediagoblin import mg_globals +from mediagoblin.util import ( + render_to_response, redirect, clean_html, convert_to_tag_list_of_dicts, + media_tags_as_string, cleaned_markdown_conversion) +from mediagoblin.util import pass_to_ugettext as _ +from mediagoblin.confirm import forms +from mediagoblin.confirm.lib import may_delete_media +from mediagoblin.decorators import require_active_login, get_user_media_entry + + +@get_user_media_entry +@require_active_login +def confirm_delete(request, media): + if not may_delete_media(request, media): + return exc.HTTPForbidden() + + form = forms.ConfirmDeleteForm(request.POST) + + if request.method == 'POST' and form.validate(): + if request.POST.get('confirm') == 'True': + username = media.uploader()['username'] + media.delete() + return redirect(request, "mediagoblin.user_pages.user_home", + user=username) + else: + return redirect(request, "mediagoblin.user_pages.media_home", + user=media.uploader()['username'], + media=media['slug']) + + return render_to_response( + request, + 'mediagoblin/confirm/confirm_delete.html', + {'media': media, + 'form': form}) diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index b0145a04..f766afdc 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -14,6 +14,7 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +import uuid from webob import exc from string import split @@ -64,8 +65,8 @@ def edit_media(request, media): form.slug.errors.append( _(u'An entry with that slug already exists for this user.')) else: - media['title'] = request.POST['title'] - media['description'] = request.POST.get('description') + media['title'] = unicode(request.POST['title']) + media['description'] = unicode(request.POST.get('description')) media['tags'] = convert_to_tag_list_of_dicts( request.POST.get('tags')) @@ -80,7 +81,7 @@ def edit_media(request, media): and 'y' == request.POST['attachment_delete']: del media['attachment_files'][0] - media['slug'] = request.POST['slug'] + media['slug'] = unicode(request.POST['slug']) media.save() return redirect(request, "mediagoblin.user_pages.media_home", @@ -171,8 +172,8 @@ def edit_profile(request): bio=user.get('bio')) if request.method == 'POST' and form.validate(): - user['url'] = request.POST['url'] - user['bio'] = request.POST['bio'] + user['url'] = unicode(request.POST['url']) + user['bio'] = unicode(request.POST['bio']) user['bio_html'] = cleaned_markdown_conversion(user['bio']) diff --git a/mediagoblin/routing.py b/mediagoblin/routing.py index 1340da60..125f7270 100644 --- a/mediagoblin/routing.py +++ b/mediagoblin/routing.py @@ -21,6 +21,7 @@ from mediagoblin.submit.routing import submit_routes from mediagoblin.user_pages.routing import user_routes from mediagoblin.edit.routing import edit_routes from mediagoblin.listings.routing import tag_routes +from mediagoblin.confirm.routing import confirm_routes def get_mapper(): @@ -36,5 +37,6 @@ def get_mapper(): mapping.extend(user_routes, '/u') mapping.extend(edit_routes, '/edit') mapping.extend(tag_routes, '/tag') + mapping.extend(confirm_routes, '/confirm') return mapping diff --git a/mediagoblin/submit/views.py b/mediagoblin/submit/views.py index 4481adeb..b9395145 100644 --- a/mediagoblin/submit/views.py +++ b/mediagoblin/submit/views.py @@ -55,10 +55,10 @@ def submit_start(request): entry = request.db.MediaEntry() entry['_id'] = ObjectId() entry['title'] = ( - request.POST['title'] + unicode(request.POST['title']) or unicode(splitext(filename)[0])) - entry['description'] = request.POST.get('description') + entry['description'] = unicode(request.POST.get('description')) entry['description_html'] = cleaned_markdown_conversion( entry['description']) diff --git a/mediagoblin/templates/mediagoblin/confirm/confirm_delete.html b/mediagoblin/templates/mediagoblin/confirm/confirm_delete.html new file mode 100644 index 00000000..67d45811 --- /dev/null +++ b/mediagoblin/templates/mediagoblin/confirm/confirm_delete.html @@ -0,0 +1,48 @@ +{# +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 Free Software Foundation, Inc +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +#} +{% extends "mediagoblin/base.html" %} + +{% import "/mediagoblin/utils/wtforms.html" as wtforms_util %} + +{% block mediagoblin_content %} + + <form action="{{ request.urlgen('mediagoblin.confirm.confirm_delete', + user=media.uploader().username, + media=media._id) }}" + method="POST" enctype="multipart/form-data"> + <div class="grid_8 prefix_1 suffix_1 edit_box form_box"> + <h1> + {%- trans title=media['title'] -%} + Really delete {{ title }}? + {%- endtrans %} + </h1> + <p> + <em> + {%- trans -%} + If you choose yes, the media entry will be deleted <strong>permanently.</strong> + {%- endtrans %} + </em> + </p> + + {{ wtforms_util.render_divs(form) }} + <div class="form_submit_buttons"> + <input type="submit" value="{% trans %}Save changes{% endtrans %}" class="button" /> + </div> + </div> + </form> +{% endblock %} diff --git a/mediagoblin/templates/mediagoblin/user_pages/media.html b/mediagoblin/templates/mediagoblin/user_pages/media.html index 0425500e..fe953e77 100644 --- a/mediagoblin/templates/mediagoblin/user_pages/media.html +++ b/mediagoblin/templates/mediagoblin/user_pages/media.html @@ -128,8 +128,11 @@ class="media_icon" />edit</a> </p> <p> - <img src="{{ request.staticdirect('/images/icon_delete.png') }}" - class="media_icon" />{% trans %}delete{% endtrans %} + <a href="{{ request.urlgen('mediagoblin.confirm.confirm_delete', + user= media.uploader().username, + media= media._id) }}" + ><img src="{{ request.staticdirect('/images/icon_delete.png') }}" + class="media_icon" />{% trans %}delete{% endtrans %}</a> </p> {% endif %} diff --git a/mediagoblin/user_pages/routing.py b/mediagoblin/user_pages/routing.py index 65c0fa64..55ee8e4d 100644 --- a/mediagoblin/user_pages/routing.py +++ b/mediagoblin/user_pages/routing.py @@ -32,6 +32,8 @@ user_routes = [ Route('mediagoblin.edit.attachments', '/{user}/m/{media}/attachments/', controller="mediagoblin.edit.views:edit_attachments"), + Route('mediagoblin.confirm.confirm_delete', "/{user}/m/{media}/confirm/", + controller="mediagoblin.confirm.views:confirm_delete"), Route('mediagoblin.user_pages.atom_feed', '/{user}/atom/', controller="mediagoblin.user_pages.views:atom_feed"), Route('mediagoblin.user_pages.media_post_comment', diff --git a/mediagoblin/user_pages/views.py b/mediagoblin/user_pages/views.py index 2d9bcd21..080d98d7 100644 --- a/mediagoblin/user_pages/views.py +++ b/mediagoblin/user_pages/views.py @@ -130,7 +130,7 @@ def media_post_comment(request): comment = request.db.MediaComment() comment['media_entry'] = ObjectId(request.matchdict['media']) comment['author'] = request.user['_id'] - comment['content'] = request.POST['comment_content'] + comment['content'] = unicode(request.POST['comment_content']) comment['content_html'] = cleaned_markdown_conversion(comment['content']) |