7 files changed, 369 insertions, 1 deletions

diff --git a/mediagoblin/tools/crypto.py b/mediagoblin/tools/crypto.py
new file mode 100644
index 00000000..1379d21b
--- /dev/null
+++ b/mediagoblin/tools/crypto.py
@@ -0,0 +1,113 @@
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2013 MediaGoblin contributors.  See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import errno
+import itsdangerous
+import logging
+import os.path
+import random
+import tempfile
+from mediagoblin import mg_globals
+
+_log = logging.getLogger(__name__)
+
+
+# Use the system (hardware-based) random number generator if it exists.
+# -- this optimization is lifted from Django
+try:
+    getrandbits = random.SystemRandom().getrandbits
+except AttributeError:
+    getrandbits = random.getrandbits
+
+
+__itsda_secret = None
+
+
+def load_key(filename):
+    global __itsda_secret
+    key_file = open(filename)
+    try:
+        __itsda_secret = key_file.read()
+    finally:
+        key_file.close()
+
+
+def create_key(key_dir, key_filepath):
+    global __itsda_secret
+    old_umask = os.umask(077)
+    key_file = None
+    try:
+        if not os.path.isdir(key_dir):
+            os.makedirs(key_dir)
+            _log.info("Created %s", key_dir)
+        key = str(getrandbits(192))
+        key_file = tempfile.NamedTemporaryFile(dir=key_dir, suffix='.bin',
+                                               delete=False)
+        key_file.write(key)
+        key_file.flush()
+        os.rename(key_file.name, key_filepath)
+        key_file.close()
+    finally:
+        os.umask(old_umask)
+        if (key_file is not None) and (not key_file.closed):
+            key_file.close()
+            os.unlink(key_file.name)
+    __itsda_secret = key
+    _log.info("Saved new key for It's Dangerous")
+
+
+def setup_crypto():
+    global __itsda_secret
+    key_dir = mg_globals.app_config["crypto_path"]
+    key_filepath = os.path.join(key_dir, 'itsdangeroussecret.bin')
+    try:
+        load_key(key_filepath)
+    except IOError, error:
+        if error.errno != errno.ENOENT:
+            raise
+        create_key(key_dir, key_filepath)
+
+
+def get_timed_signer_url(namespace):
+    """
+    This gives a basic signing/verifying object.
+
+    The namespace makes sure signed tokens can't be used in
+    a different area. Like using a forgot-password-token as
+    a session cookie.
+
+    Basic usage:
+
+    .. code-block:: python
+
+       _signer = None
+       TOKEN_VALID_DAYS = 10
+       def setup():
+           global _signer
+           _signer = get_timed_signer_url("session cookie")
+       def create_token(obj):
+           return _signer.dumps(obj)
+       def parse_token(token):
+           # This might raise an exception in case
+           # of an invalid token, or an expired token.
+           return _signer.loads(token, max_age=TOKEN_VALID_DAYS*24*3600)
+
+    For more details see
+    http://pythonhosted.org/itsdangerous/#itsdangerous.URLSafeTimedSerializer
+    """
+    assert __itsda_secret is not None
+    return itsdangerous.URLSafeTimedSerializer(__itsda_secret,
+         salt=namespace)
diff --git a/mediagoblin/tools/pluginapi.py b/mediagoblin/tools/pluginapi.py
index 784bede9..283350a8 100644
--- a/mediagoblin/tools/pluginapi.py
+++ b/mediagoblin/tools/pluginapi.py
@@ -272,3 +272,70 @@ def get_hook_templates(hook_name):
       A list of strings representing template paths.
     """
     return PluginManager().get_template_hooks(hook_name)
+
+
+###########################
+# Callable convenience code
+###########################
+
+class CantHandleIt(Exception):
+    """
+    A callable may call this method if they look at the relevant
+    arguments passed and decide it's not possible for them to handle
+    things.
+    """
+    pass
+
+class UnhandledCallable(Exception):
+    """
+    Raise this method if no callables were available to handle the
+    specified hook.  Only used by callable_runone.
+    """
+    pass
+
+
+def callable_runone(hookname, *args, **kwargs):
+    """
+    Run the callable hook HOOKNAME... run until the first response,
+    then return.
+
+    This function will run stop at the first hook that handles the
+    result.  Hooks raising CantHandleIt will be skipped.
+
+    Unless unhandled_okay is True, this will error out if no hooks
+    have been registered to handle this function.
+    """
+    callables = PluginManager().get_hook_callables(hookname)
+
+    unhandled_okay = kwargs.pop("unhandled_okay", False)
+
+    for callable in callables:
+        try:
+            return callable(*args, **kwargs)
+        except CantHandleIt:
+            continue
+
+    if unhandled_okay is False:
+        raise UnhandledCallable(
+            "No hooks registered capable of handling '%s'" % hookname)
+
+
+def callable_runall(hookname, *args, **kwargs):
+    """
+    Run all callables for HOOKNAME.
+
+    This method will run *all* hooks that handle this method (skipping
+    those that raise CantHandleIt), and will return a list of all
+    results.
+    """
+    callables = PluginManager().get_hook_callables(hookname)
+
+    results = []
+
+    for callable in callables:
+        try:
+            results.append(callable(*args, **kwargs))
+        except CantHandleIt:
+            continue
+
+    return results
diff --git a/mediagoblin/tools/request.py b/mediagoblin/tools/request.py
index bc67b96f..ee342eae 100644
--- a/mediagoblin/tools/request.py
+++ b/mediagoblin/tools/request.py
@@ -35,4 +35,4 @@ def setup_user_in_request(request):
         # Something's wrong... this user doesn't exist?  Invalidate
         # this session.
         _log.warn("Killing session for user id %r", request.session['user_id'])
-        request.session.invalidate()
+        request.session.delete()
diff --git a/mediagoblin/tools/session.py b/mediagoblin/tools/session.py
new file mode 100644
index 00000000..fdc32523
--- /dev/null
+++ b/mediagoblin/tools/session.py
@@ -0,0 +1,68 @@
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2013 MediaGoblin contributors.  See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import itsdangerous
+import logging
+
+import crypto
+
+_log = logging.getLogger(__name__)
+
+class Session(dict):
+    def __init__(self, *args, **kwargs):
+        self.send_new_cookie = False
+        dict.__init__(self, *args, **kwargs)
+
+    def save(self):
+        self.send_new_cookie = True
+
+    def is_updated(self):
+        return self.send_new_cookie
+
+    def delete(self):
+        self.clear()
+        self.save()
+
+
+class SessionManager(object):
+    def __init__(self, cookie_name='MGSession', namespace=None):
+        if namespace is None:
+            namespace = cookie_name
+        self.signer = crypto.get_timed_signer_url(namespace)
+        self.cookie_name = cookie_name
+
+    def load_session_from_cookie(self, request):
+        cookie = request.cookies.get(self.cookie_name)
+        if not cookie:
+            return Session()
+        ### FIXME: Future cookie-blacklisting code
+        # m = BadCookie.query.filter_by(cookie = cookie)
+        # if m:
+        #     _log.warn("Bad cookie received: %s", m.reason)
+        #     raise BadRequest()
+        try:
+            return Session(self.signer.loads(cookie))
+        except itsdangerous.BadData:
+            return Session()
+
+    def save_session_to_cookie(self, session, request, response):
+        if not session.is_updated():
+            return
+        elif not session:
+            response.delete_cookie(self.cookie_name)
+        else:
+            response.set_cookie(self.cookie_name, self.signer.dumps(session),
+                httponly=True)
diff --git a/mediagoblin/tools/template.py b/mediagoblin/tools/template.py
index 74d811eb..78d65654 100644
--- a/mediagoblin/tools/template.py
+++ b/mediagoblin/tools/template.py
@@ -29,9 +29,11 @@ from mediagoblin import _version
 from mediagoblin.tools import common
 from mediagoblin.tools.translate import get_gettext_translation
 from mediagoblin.tools.pluginapi import get_hook_templates
+from mediagoblin.tools.timesince import timesince
 from mediagoblin.meddleware.csrf import render_csrf_form_token
 
 
+
 SETUP_JINJA_ENVS = {}
 
 
@@ -73,6 +75,9 @@ def get_jinja_env(template_loader, locale):
 
     template_env.filters['urlencode'] = url_quote_plus
 
+    # add human readable fuzzy date time
+    template_env.globals['timesince'] = timesince
+
     # allow for hooking up plugin templates
     template_env.globals['get_hook_templates'] = get_hook_templates
 
diff --git a/mediagoblin/tools/timesince.py b/mediagoblin/tools/timesince.py
new file mode 100644
index 00000000..b761c1be
--- /dev/null
+++ b/mediagoblin/tools/timesince.py
@@ -0,0 +1,95 @@
+# Copyright (c) Django Software Foundation and individual contributors.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification,
+# are permitted provided that the following conditions are met:
+#
+#    1. Redistributions of source code must retain the above copyright notice,
+#       this list of conditions and the following disclaimer.
+#    
+#    2. Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#
+#    3. Neither the name of Django nor the names of its contributors may be used
+#       to endorse or promote products derived from this software without
+#       specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+from __future__ import unicode_literals
+
+import datetime
+import pytz
+
+from mediagoblin.tools.translate import pass_to_ugettext, lazy_pass_to_ungettext as _
+
+"""UTC time zone as a tzinfo instance."""
+utc = pytz.utc if pytz else UTC()
+
+def is_aware(value):
+    """
+    Determines if a given datetime.datetime is aware.
+
+    The logic is described in Python's docs:
+    http://docs.python.org/library/datetime.html#datetime.tzinfo
+    """
+    return value.tzinfo is not None and value.tzinfo.utcoffset(value) is not None
+
+def timesince(d, now=None, reversed=False):
+    """
+    Takes two datetime objects and returns the time between d and now
+    as a nicely formatted string, e.g. "10 minutes".  If d occurs after now,
+    then "0 minutes" is returned.
+
+    Units used are years, months, weeks, days, hours, and minutes.
+    Seconds and microseconds are ignored.  Up to two adjacent units will be
+    displayed.  For example, "2 weeks, 3 days" and "1 year, 3 months" are
+    possible outputs, but "2 weeks, 3 hours" and "1 year, 5 days" are not.
+
+    Adapted from http://blog.natbat.co.uk/archive/2003/Jun/14/time_since
+    """
+    chunks = (
+      (60 * 60 * 24 * 365, lambda n: _('year', 'years', n)),
+      (60 * 60 * 24 * 30, lambda n: _('month', 'months', n)),
+      (60 * 60 * 24 * 7, lambda n : _('week', 'weeks', n)),
+      (60 * 60 * 24, lambda n : _('day', 'days', n)),
+      (60 * 60, lambda n: _('hour', 'hours', n)),
+      (60, lambda n: _('minute', 'minutes', n))
+    )
+    # Convert datetime.date to datetime.datetime for comparison.
+    if not isinstance(d, datetime.datetime):
+        d = datetime.datetime(d.year, d.month, d.day)
+    if now and not isinstance(now, datetime.datetime):
+        now = datetime.datetime(now.year, now.month, now.day)
+
+    if not now:
+        now = datetime.datetime.now(utc if is_aware(d) else None)
+
+    delta = (d - now) if reversed else (now - d)
+    # ignore microseconds
+    since = delta.days * 24 * 60 * 60 + delta.seconds
+    if since <= 0:
+        # d is in the future compared to now, stop processing.
+        return '0 ' + pass_to_ugettext('minutes')
+    for i, (seconds, name) in enumerate(chunks):
+        count = since // seconds
+        if count != 0:
+            break
+    s = pass_to_ugettext('%(number)d %(type)s') % {'number': count, 'type': name(count)}
+    if i + 1 < len(chunks):
+        # Now get the second item
+        seconds2, name2 = chunks[i + 1]
+        count2 = (since - (seconds * count)) // seconds2
+        if count2 != 0:
+            s += pass_to_ugettext(', %(number)d %(type)s') % {'number': count2, 'type': name2(count2)}
+    return s
diff --git a/mediagoblin/tools/translate.py b/mediagoblin/tools/translate.py
index 1d37c4de..4acafac7 100644
--- a/mediagoblin/tools/translate.py
+++ b/mediagoblin/tools/translate.py
@@ -123,6 +123,16 @@ def pass_to_ugettext(*args, **kwargs):
         *args, **kwargs)
 
 
+def pass_to_ungettext(*args, **kwargs):
+    """
+    Pass a translation on to the appropriate ungettext method.
+
+    The reason we can't have a global ugettext method is because
+    mg_globals gets swapped out by the application per-request.
+    """
+    return mg_globals.thread_scope.translations.ungettext(
+        *args, **kwargs)
+
 def lazy_pass_to_ugettext(*args, **kwargs):
     """
     Lazily pass to ugettext.
@@ -158,6 +168,16 @@ def lazy_pass_to_ngettext(*args, **kwargs):
     """
     return LazyProxy(pass_to_ngettext, *args, **kwargs)
 
+def lazy_pass_to_ungettext(*args, **kwargs):
+    """
+    Lazily pass to ungettext.
+
+    This is useful if you have to define a translation on a module
+    level but you need it to not translate until the time that it's
+    used as a string.
+    """
+    return LazyProxy(pass_to_ungettext, *args, **kwargs)
+
 
 def fake_ugettext_passthrough(string):
     """