aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/plugins')
-rw-r--r--mediagoblin/plugins/api/tools.py19
-rw-r--r--mediagoblin/plugins/api/views.py57
-rw-r--r--mediagoblin/plugins/httpapiauth/__init__.py2
-rw-r--r--mediagoblin/plugins/oauth/migrations.py4
-rw-r--r--mediagoblin/plugins/oauth/models.py4
-rw-r--r--mediagoblin/plugins/oauth/views.py19
6 files changed, 36 insertions, 69 deletions
diff --git a/mediagoblin/plugins/api/tools.py b/mediagoblin/plugins/api/tools.py
index ecc50364..e5878258 100644
--- a/mediagoblin/plugins/api/tools.py
+++ b/mediagoblin/plugins/api/tools.py
@@ -18,9 +18,9 @@ import logging
import json
from functools import wraps
-from webob import exc, Response
from urlparse import urljoin
-
+from werkzeug.exceptions import Forbidden
+from werkzeug.wrappers import Response
from mediagoblin import mg_globals
from mediagoblin.tools.pluginapi import PluginManager
from mediagoblin.storage.filestorage import BasicFileStorage
@@ -54,23 +54,22 @@ class Auth(object):
def json_response(serializable, _disable_cors=False, *args, **kw):
'''
- Serializes a json objects and returns a webob.Response object with the
+ Serializes a json objects and returns a werkzeug Response object with the
serialized value as the response body and Content-Type: application/json.
:param serializable: A json-serializable object
Any extra arguments and keyword arguments are passed to the
- webob.Response.__init__ method.
+ Response.__init__ method.
'''
- response = Response(json.dumps(serializable), *args, **kw)
- response.headers['Content-Type'] = 'application/json'
+ response = Response(json.dumps(serializable), *args, content_type='application/json', **kw)
if not _disable_cors:
cors_headers = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, GET, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type, X-Requested-With'}
- response.headers.update(cors_headers)
+ (response.headers.set(key, value) for key, value in cors_headers)
return response
@@ -136,14 +135,14 @@ def api_auth(controller):
auth_candidates = []
for auth in PluginManager().get_hook_callables('auth'):
- _log.debug('Plugin auth: {0}'.format(auth))
if auth.trigger(request):
+ _log.debug('{0} believes it is capable of authenticating this request.'.format(auth))
auth_candidates.append(auth)
# If we can't find any authentication methods, we should not let them
# pass.
if not auth_candidates:
- return exc.HTTPForbidden()
+ raise Forbidden()
# For now, just select the first one in the list
auth = auth_candidates[0]
@@ -157,7 +156,7 @@ def api_auth(controller):
'status': 403,
'errors': auth.errors})
- return exc.HTTPForbidden()
+ raise Forbidden()
return controller(request, *args, **kw)
diff --git a/mediagoblin/plugins/api/views.py b/mediagoblin/plugins/api/views.py
index a1b1bcac..6aa4ef9f 100644
--- a/mediagoblin/plugins/api/views.py
+++ b/mediagoblin/plugins/api/views.py
@@ -16,22 +16,18 @@
import json
import logging
-import uuid
from os.path import splitext
-from webob import exc, Response
-from werkzeug.utils import secure_filename
from werkzeug.datastructures import FileStorage
-from celery import registry
+from werkzeug.exceptions import BadRequest, Forbidden
+from werkzeug.wrappers import Response
-from mediagoblin.db.util import ObjectId
from mediagoblin.decorators import require_active_login
-from mediagoblin.processing import mark_entry_failed
-from mediagoblin.processing.task import ProcessMedia
from mediagoblin.meddleware.csrf import csrf_exempt
from mediagoblin.media_types import sniff_media
from mediagoblin.plugins.api.tools import api_auth, get_entry_serializable, \
json_response
+from mediagoblin.submit.lib import prepare_queue_task, run_process_media
_log = logging.getLogger(__name__)
@@ -47,20 +43,19 @@ def post_entry(request):
if request.method != 'POST':
_log.debug('Must POST against post_entry')
- return exc.HTTPBadRequest()
+ raise BadRequest()
if not 'file' in request.files \
or not isinstance(request.files['file'], FileStorage) \
or not request.files['file'].stream:
_log.debug('File field not found')
- return exc.HTTPBadRequest()
+ raise BadRequest()
media_file = request.files['file']
media_type, media_manager = sniff_media(media_file)
entry = request.db.MediaEntry()
- entry.id = ObjectId()
entry.media_type = unicode(media_type)
entry.title = unicode(request.form.get('title')
or splitext(media_file.filename)[0])
@@ -72,28 +67,14 @@ def post_entry(request):
entry.generate_slug()
- task_id = unicode(uuid.uuid4())
-
- # Now store generate the queueing related filename
- queue_filepath = request.app.queue_store.get_unique_filepath(
- ['media_entries',
- task_id,
- secure_filename(media_file.filename)])
-
# queue appropriately
- queue_file = request.app.queue_store.get_file(
- queue_filepath, 'wb')
+ queue_file = prepare_queue_task(request.app, entry, media_file.filename)
with queue_file:
queue_file.write(request.files['file'].stream.read())
- # Add queued filename to the entry
- entry.queued_media_file = queue_filepath
-
- entry.queued_task_id = task_id
-
# Save now so we have this data before kicking off processing
- entry.save(validate=True)
+ entry.save()
if request.form.get('callback_url'):
metadata = request.db.ProcessingMetaData()
@@ -105,36 +86,20 @@ def post_entry(request):
#
# (... don't change entry after this point to avoid race
# conditions with changes to the document via processing code)
- process_media = registry.tasks[ProcessMedia.name]
- try:
- process_media.apply_async(
- [unicode(entry._id)], {},
- task_id=task_id)
- except BaseException as e:
- # The purpose of this section is because when running in "lazy"
- # or always-eager-with-exceptions-propagated celery mode that
- # the failure handling won't happen on Celery end. Since we
- # expect a lot of users to run things in this way we have to
- # capture stuff here.
- #
- # ... not completely the diaper pattern because the
- # exception is re-raised :)
- mark_entry_failed(entry._id, e)
- # re-raise the exception
- raise
+ run_process_media(entry)
return json_response(get_entry_serializable(entry, request.urlgen))
@api_auth
+@require_active_login
def api_test(request):
- if not request.user:
- return exc.HTTPForbidden()
-
user_data = {
'username': request.user.username,
'email': request.user.email}
+ # TODO: This is the *only* thing using Response() here, should that
+ # not simply use json_response()?
return Response(json.dumps(user_data))
diff --git a/mediagoblin/plugins/httpapiauth/__init__.py b/mediagoblin/plugins/httpapiauth/__init__.py
index d3d2065e..081b590e 100644
--- a/mediagoblin/plugins/httpapiauth/__init__.py
+++ b/mediagoblin/plugins/httpapiauth/__init__.py
@@ -41,7 +41,7 @@ class HTTPAuth(Auth):
return False
user = request.db.User.query.filter_by(
- username=request.authorization['username']).first()
+ username=unicode(request.authorization['username'])).first()
if user.check_login(request.authorization['password']):
request.user = user
diff --git a/mediagoblin/plugins/oauth/migrations.py b/mediagoblin/plugins/oauth/migrations.py
index 797e7585..6aa0d7cb 100644
--- a/mediagoblin/plugins/oauth/migrations.py
+++ b/mediagoblin/plugins/oauth/migrations.py
@@ -19,8 +19,8 @@ from sqlalchemy import (MetaData, Table, Column,
Integer, Unicode, Enum, DateTime, ForeignKey)
from sqlalchemy.ext.declarative import declarative_base
-from mediagoblin.db.sql.util import RegisterMigration
-from mediagoblin.db.sql.models import User
+from mediagoblin.db.migration_tools import RegisterMigration
+from mediagoblin.db.models import User
MIGRATIONS = {}
diff --git a/mediagoblin/plugins/oauth/models.py b/mediagoblin/plugins/oauth/models.py
index 7e247c1a..695dad31 100644
--- a/mediagoblin/plugins/oauth/models.py
+++ b/mediagoblin/plugins/oauth/models.py
@@ -19,8 +19,8 @@ import bcrypt
from datetime import datetime, timedelta
-from mediagoblin.db.sql.base import Base
-from mediagoblin.db.sql.models import User
+from mediagoblin.db.base import Base
+from mediagoblin.db.models import User
from sqlalchemy import (
Column, Unicode, Integer, DateTime, ForeignKey, Enum)
diff --git a/mediagoblin/plugins/oauth/views.py b/mediagoblin/plugins/oauth/views.py
index cf605fd2..c7b2a332 100644
--- a/mediagoblin/plugins/oauth/views.py
+++ b/mediagoblin/plugins/oauth/views.py
@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
@@ -17,7 +18,6 @@
import logging
import json
-from webob import exc, Response
from urllib import urlencode
from uuid import uuid4
from datetime import datetime
@@ -94,7 +94,7 @@ def authorize_client(request):
if not client:
_log.error('''No such client id as received from client authorization
form.''')
- return exc.HTTPBadRequest()
+ return BadRequest()
if form.validate():
relation = OAuthUserClient()
@@ -105,11 +105,11 @@ def authorize_client(request):
elif form.deny.data:
relation.state = u'rejected'
else:
- return exc.HTTPBadRequest
+ return BadRequest
relation.save()
- return exc.HTTPFound(location=form.next.data)
+ return redirect(request, location=form.next.data)
return render_to_response(
request,
@@ -162,7 +162,7 @@ def authorize(request, client):
_log.debug('Redirecting to {0}'.format(redirect_uri))
- return exc.HTTPFound(location=redirect_uri)
+ return redirect(request, location=redirect_uri)
else:
# Show prompt to allow client to access data
# - on accept: send the user agent back to the redirect_uri with the
@@ -216,12 +216,15 @@ def access_token(request):
token.client = code.client
token.save()
+ # expire time of token in full seconds
+ # timedelta.total_seconds is python >= 2.7 or we would use that
+ td = token.expires - datetime.now()
+ exp_in = 86400*td.days + td.seconds # just ignore µsec
+
access_token_data = {
'access_token': token.token,
'token_type': 'bearer',
- 'expires_in': int(
- round(
- (token.expires - datetime.now()).total_seconds()))}
+ 'expires_in': exp_in}
return json_response(access_token_data, _disable_cors=True)
else:
return json_response({
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-12 10:58:18 +0000