2 files changed, 20 insertions, 56 deletions

diff --git a/mediagoblin/plugins/api/tools.py b/mediagoblin/plugins/api/tools.py
index ecc50364..e5878258 100644
--- a/mediagoblin/plugins/api/tools.py
+++ b/mediagoblin/plugins/api/tools.py
@@ -18,9 +18,9 @@ import logging
 import json
 
 from functools import wraps
-from webob import exc, Response
 from urlparse import urljoin
-
+from werkzeug.exceptions import Forbidden
+from werkzeug.wrappers import Response
 from mediagoblin import mg_globals
 from mediagoblin.tools.pluginapi import PluginManager
 from mediagoblin.storage.filestorage import BasicFileStorage
@@ -54,23 +54,22 @@ class Auth(object):
 
 def json_response(serializable, _disable_cors=False, *args, **kw):
     '''
-    Serializes a json objects and returns a webob.Response object with the
+    Serializes a json objects and returns a werkzeug Response object with the
     serialized value as the response body and Content-Type: application/json.
 
     :param serializable: A json-serializable object
 
     Any extra arguments and keyword arguments are passed to the
-    webob.Response.__init__ method.
+    Response.__init__ method.
     '''
-    response = Response(json.dumps(serializable), *args, **kw)
-    response.headers['Content-Type'] = 'application/json'
+    response = Response(json.dumps(serializable), *args, content_type='application/json', **kw)
 
     if not _disable_cors:
         cors_headers = {
                 'Access-Control-Allow-Origin': '*',
                 'Access-Control-Allow-Methods': 'POST, GET, OPTIONS',
                 'Access-Control-Allow-Headers': 'Content-Type, X-Requested-With'}
-        response.headers.update(cors_headers)
+        (response.headers.set(key, value) for key, value in cors_headers)
 
     return response
 
@@ -136,14 +135,14 @@ def api_auth(controller):
         auth_candidates = []
 
         for auth in PluginManager().get_hook_callables('auth'):
-            _log.debug('Plugin auth: {0}'.format(auth))
             if auth.trigger(request):
+                _log.debug('{0} believes it is capable of authenticating this request.'.format(auth))
                 auth_candidates.append(auth)
 
         # If we can't find any authentication methods, we should not let them
         # pass.
         if not auth_candidates:
-            return exc.HTTPForbidden()
+            raise Forbidden()
 
         # For now, just select the first one in the list
         auth = auth_candidates[0]
@@ -157,7 +156,7 @@ def api_auth(controller):
                         'status': 403,
                         'errors': auth.errors})
 
-            return exc.HTTPForbidden()
+            raise Forbidden()
 
         return controller(request, *args, **kw)
 
diff --git a/mediagoblin/plugins/api/views.py b/mediagoblin/plugins/api/views.py
index a1b1bcac..6aa4ef9f 100644
--- a/mediagoblin/plugins/api/views.py
+++ b/mediagoblin/plugins/api/views.py
@@ -16,22 +16,18 @@
 
 import json
 import logging
-import uuid
 
 from os.path import splitext
-from webob import exc, Response
-from werkzeug.utils import secure_filename
 from werkzeug.datastructures import FileStorage
-from celery import registry
+from werkzeug.exceptions import BadRequest, Forbidden
+from werkzeug.wrappers import Response
 
-from mediagoblin.db.util import ObjectId
 from mediagoblin.decorators import require_active_login
-from mediagoblin.processing import mark_entry_failed
-from mediagoblin.processing.task import ProcessMedia
 from mediagoblin.meddleware.csrf import csrf_exempt
 from mediagoblin.media_types import sniff_media
 from mediagoblin.plugins.api.tools import api_auth, get_entry_serializable, \
         json_response
+from mediagoblin.submit.lib import prepare_queue_task, run_process_media
 
 _log = logging.getLogger(__name__)
 
@@ -47,20 +43,19 @@ def post_entry(request):
 
     if request.method != 'POST':
         _log.debug('Must POST against post_entry')
-        return exc.HTTPBadRequest()
+        raise BadRequest()
 
     if not 'file' in request.files \
             or not isinstance(request.files['file'], FileStorage) \
             or not request.files['file'].stream:
         _log.debug('File field not found')
-        return exc.HTTPBadRequest()
+        raise BadRequest()
 
     media_file = request.files['file']
 
     media_type, media_manager = sniff_media(media_file)
 
     entry = request.db.MediaEntry()
-    entry.id = ObjectId()
     entry.media_type = unicode(media_type)
     entry.title = unicode(request.form.get('title')
             or splitext(media_file.filename)[0])
@@ -72,28 +67,14 @@ def post_entry(request):
 
     entry.generate_slug()
 
-    task_id = unicode(uuid.uuid4())
-
-    # Now store generate the queueing related filename
-    queue_filepath = request.app.queue_store.get_unique_filepath(
-        ['media_entries',
-            task_id,
-            secure_filename(media_file.filename)])
-
     # queue appropriately
-    queue_file = request.app.queue_store.get_file(
-        queue_filepath, 'wb')
+    queue_file = prepare_queue_task(request.app, entry, media_file.filename)
 
     with queue_file:
         queue_file.write(request.files['file'].stream.read())
 
-    # Add queued filename to the entry
-    entry.queued_media_file = queue_filepath
-
-    entry.queued_task_id = task_id
-
     # Save now so we have this data before kicking off processing
-    entry.save(validate=True)
+    entry.save()
 
     if request.form.get('callback_url'):
         metadata = request.db.ProcessingMetaData()
@@ -105,36 +86,20 @@ def post_entry(request):
     #
     # (... don't change entry after this point to avoid race
     # conditions with changes to the document via processing code)
-    process_media = registry.tasks[ProcessMedia.name]
-    try:
-        process_media.apply_async(
-            [unicode(entry._id)], {},
-            task_id=task_id)
-    except BaseException as e:
-        # The purpose of this section is because when running in "lazy"
-        # or always-eager-with-exceptions-propagated celery mode that
-        # the failure handling won't happen on Celery end.  Since we
-        # expect a lot of users to run things in this way we have to
-        # capture stuff here.
-        #
-        # ... not completely the diaper pattern because the
-        # exception is re-raised :)
-        mark_entry_failed(entry._id, e)
-        # re-raise the exception
-        raise
+    run_process_media(entry)
 
     return json_response(get_entry_serializable(entry, request.urlgen))
 
 
 @api_auth
+@require_active_login
 def api_test(request):
-    if not request.user:
-        return exc.HTTPForbidden()
-
     user_data = {
             'username': request.user.username,
             'email': request.user.email}
 
+    # TODO: This is the *only* thing using Response() here, should that
+    # not simply use json_response()?
     return Response(json.dumps(user_data))