aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/decorators.py
Commit message (Collapse)AuthorAgeFilesLines
* merge --squash openid branch to take care of a false merge commit in theRodney Ewing2013-07-031-1/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | basic_auth branch that openid is forked from Commits squashed together (in reverse chronological order): - do the label thing only for boolean fields - made edit_account to autofocus on the first field - added feature to render_divs where if field.label == '' then it will render form.description the same a render_label - added allow_registration check - refactored create_user - removed verification_key from create_user - removed get_user from openid - cleanup after removing openid from template_env.globals - fix for werkzueg 0.9.1 - cleanup after merge - more tests - restored openid extra_validation just for safety - tests for openid - deleted openid extra_validation - passed next parameter in session for openid - fixed a bug that was deleting the messages - implemented openid store using sqlalchemy - ask openid provider for 'nickname' to prefill username in registration form - refactored delete openid url to work with generic urls such as google and to not allow a user to delete a url if it is there only one and they don't have a pw - refactored login to register user workflow, which fixed a problem where the 'or register with a password link' wasn't showing up when the finish_login view called the register view because there wasn't any redirect. - added the ability to remove openid's - added the ability to add openids to an existing account - refactored start_login and finish_login views - modified edit_account.html to use render_divs - modified gmg/edit/views to behave appropriatly if no password authentication is enabled. moved the update email stuff to it's own funtion to make edit_account view cleaner. edit_account now modifies the form depending on the plugins. - minor typos - added retrieving email from openid provider - moved allow_registration check to a decorator - moved check if auth is enabled to a decorator - changed openid user registration to go through login first - cleanup after merge - modified verification emails to use itsdangerous tokens - added error handling on bad token, fixed route, and added tests - added support for user to change email address - added link to login view openid/password in login template - updated openid get_user function - modified get_user function to take kwargs instead of username - no need for user might be email kwarg in check_login_simple - added gen_password_hash and check_password functions to auth/__init__ - added focus to form input - made imports fully qualified - modified basic_auth.check_login to check that the user has a pw_hash first - changed occurances of form.data['whatever'] to form.whatever.data - convert tabs to spaces in register template, remove unsed templates, and fixed trans tags in templates - in process of openid login. it works, but needs major imporvements - make password field required in basic_auth form - check if password field present in basic_auth create_user - modified openid create_user function - modified models based on Elronds suggestions - changed register form action to a variable to be passed in by the view using the template - openid plugin v0, still need to authenticate via openid. - added a register_user function to be able to use in a plugin's register view, and modified auth/views.register to redirect to openid/register if appropriate. - Modified basic_auth plugin to work with modified auth plugin hooks. Added context variables. Removed basic_auth/tools which was previously renamed to basic_auth/lib. - modified auth/__init__ hooks to work better with multiple plugins. Removed auth/lib.py. And added a basic_extra_verification function that all plugins will use. - added models and migrations for openid plugin
* Do not encode the next kwarg twiceJoar Wandborg2013-03-021-1/+1
|
* Simplifying the "id:" url detection, per Elrond's suggestion.Christopher Allan Webber2013-02-261-11/+9
| | | | | | As pointed out, we didn't need that nested if. This commit sponsored by Paul Kuriakose. Thank you!
* Replacing several request.matchdict['media'] -> media_slug ... shorter!Christopher Allan Webber2013-02-261-2/+2
| | | | | | Thanks for pointing this out, Elrond ;) This commit sponsored by Gerardo Joven Valdivia. Thank you!
* Media URLs with ids in them are now like /u/cwebber/m/id:4112/ rather than ↵Christopher Allan Webber2013-02-261-16/+23
| | | | | | | | /u/cwebber/m/4112/ This avoids some potential name collision issues. This commit sponsored by Asokan Pichai. Thank you!
* Small PEP-8 compliance fix.Christopher Allan Webber2013-02-261-3/+3
| | | | This commit sponsored by Mats Sjöberg. Thanks!
* removed unnecessary collection lookupAndrás Veres-Szentkirályi2013-02-221-4/+0
|
* user.get('moo') -> user.mooSebastian Spaeth2013-01-221-2/+2
| | | | | | | User fields are always existent, so there is no need to .get() them, just use them directly. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Shorten Workbench(Manager) method namesSebastian Spaeth2013-01-161-1/+1
| | | | | | | | | | | 1) destroy_self() is a horrible function name, make it "destroy". workbench.destroy() is descriptive enough. 2) WorkbenchManager.create_workbench() -> WorkbenchManager.create() We use the pattern "with workbench_manager.create() as workbench:" No need to mention workbenches three times in a row... Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Implement @get_workbench decoratorSebastian Spaeth2013-01-161-0/+12
| | | | | | | | This passes in a Workbench() via the 'workbench' keyword argument, and conveniently cleans it up after the function has finished. 2 out of our 5 backends forgot to clean up their workbench, so this is clearly needed :-). Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Start to use the media_id in "admin" URLs.Elrond2013-01-111-2/+6
| | | | | | | | | | | | We have a bunch of URLs that are more for internal use. At least they're definitely not intended to be posted somewhere for long term useage. When those things affect a media, it's much better to reference the media by its id. This can't change, ever. This is better for races. Like someone posting a comment while the owner corrects a typo in the slug.
* Fix slug lookup regression (#587)Sebastian Spaeth2013-01-081-17/+21
| | | | | | | | | | | Removing the Mongo InvalidID legacy code removed an explicit check for "int" for the id lookup. This led the @get_user_media_entry decorator to fail if we looked up a nonexisting non-numerical slug (it tried to query the id with a string, which failed). Cast id to int and return 404 in case it is non-numeric which fixes the regression. It does not fix the underlying problem of slug_or_id lookups that were discussed. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Move db.sql.models* to db.models*Sebastian Spaeth2013-01-071-1/+1
|
* Remove ObjectId from the treeSebastian Spaeth2012-12-251-12/+10
| | | | | | | This was one of the last remaining Mongo holdouts and has been removed from the tree herewith. Good bye, ObjectId. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Remove InvalidIdSebastian Spaeth2012-12-251-11/+3
| | | | | | It was a NoOp in our Non-mongo world. So it is safe to remove. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Convert return HttpException to raise HttpExceptionSebastian Spaeth2012-12-231-2/+2
| | | | | | controllers (view function) raise HttpException's and do not return them. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Remove webobisms from decorators.pySebastian Spaeth2012-12-211-10/+6
| | | | | Use our own redirect function rather than webobs HttpFound Also replace HttpForbidden() with webob's Forbidden()
* Move DBModel._id -> DBModel.idSebastian Spaeth2012-12-211-10/+10
| | | | | | | | | | | | | | | | | | | | | | | We were refering to model._id in most of the code base as this is what Mongo uses. However, each use of _id required a) fixup of queries: e.g. what we did in our find() and find_one() functions moving all '_id' to 'id'. It also required using AliasFields to make the ._id attribute available. This all means lots of superfluous fixing and transitioning in a SQL world. It will also not work in the long run. Much newer code already refers to the objects by model.id (e.g. in the oauth plugin), which will break with Mongo. So let's be honest, rip out the _id mongoism and live with .id as the one canonical way to address objects. This commit modifies all users and providers of model._id to use model.id instead. This patch works with or without Mongo removed first, but will break Mongo usage (even more than before) I have not bothered to fixup db.mongo.* and db.sql.convert (which converts from Mongo to SQL) Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Create a active_user_from_url decoratorSebastian Spaeth2012-12-051-0/+15
| | | | | | | | | This can be used for URL patterns containing a <user> element. It will look up the corresponding user among all active users and return a 404 NOT FOUND page if there is no such active user. It then passes the User() instance as url_user keyword argument to the decorated view function. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Added basic collection functionalityAaron Williamson2012-09-181-0/+70
|
* Fixed ?next=<url> argument for require_active_loginJoar Wandborg2012-09-151-3/+12
| | | | It now includes the full URI, including GET args, not just the path.
* removed _make_safe in favor of functools.wrapsJakob Kramer2012-07-121-16/+12
|
* Prevent non-Unicode SQLAlchemy warnings in most submission tests.Brett Smith2012-07-081-3/+3
| | | | This commit makes test_submission mostly warning-clean.
* It's 2012 all up in hereChristopher Allan Webber2012-02-021-1/+1
|
* Replace media.get_uploader()._id by media.uploaderElrond2011-12-241-3/+3
| | | | | | media.get_uploader()._id loads a complete user object without actually needing it, because media.uploader already has the id!
* Dot-Notation for Users.is_adminElrond2011-12-051-1/+1
|
* Dot-Notation for Users.usernameElrond2011-12-051-1/+1
|
* Update the delete item to use the _id after all... it's the safest way.Christopher Allan Webber2011-12-051-1/+1
| | | | See http://bugs.foocorp.net/issues/695
* Merge remote-tracking branch ↵Christopher Allan Webber2011-12-041-2/+1
|\ | | | | | | | | | | | | | | | | 'remotes/lorochka85/bug852_use_media_slug_instead_of_id' Conflicts: mediagoblin/decorators.py mediagoblin/templates/mediagoblin/user_pages/media.html mediagoblin/templates/mediagoblin/user_pages/media_confirm_delete.html
| * Merge branch 'master' of git://gitorious.org/mediagoblin/mediagoblinlora2011-11-191-5/+5
| |\
| * | issue 582: use media.slug instead of media.idlora2011-11-191-2/+1
| | |
* | | Rename MediaEntry.uploader() to .get_uploader()Elrond2011-11-221-1/+1
| |/ |/| | | | | | | | | | | | | The .uploader() method conflicts with the uploader database field. As we're moving to .FIELD for db field access, this is a relevant conflict. So renaming .uploader() to .get_uploader()
* | Dot-Notation for "_id"Elrond2011-11-151-3/+3
| | | | | | | | | | | | | | | | | | Note: Migrations can't use "Dot Notation"! Migrations run on pymongo, not mongokit. So they can't use the "Dot Notation". This isn't really a big issue, as migrations are anyway quite mongo specific.
* | Merge remote-tracking branch 'remotes/nyergler/pep8-ification'Christopher Allan Webber2011-11-131-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | Conflicts: mediagoblin/db/migrations.py mediagoblin/db/models.py mediagoblin/user_pages/views.py mediagoblin/util.py
| * | Whitespace and formatting cleanup.Nathan Yergler2011-10-011-1/+1
| | | | | | | | | | | | | | | | | | | | | * Removed trailing whitespace * Line length < 80 where possible * Honor conventions on number of blank lines * Honor conventions about spaces around :, =
* | | i592: Use full path in various placesElrond2011-10-031-1/+1
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running mediagoblin in a sub path on a web server, most things inside mediagoblin need the "inside path", but when generating URLs for the webbrowser, full paths are needed. urlgen and routes already do that. Some (mostly pagination and login) need the URL of the current page. They used request.path_info. But this is the "inside" path, not the full. So now there is request.full_path and its used in various places.
* | Finished splitting util.py into separate files.Aaron Williamson2011-10-011-1/+1
|/
* 508. Updates copyright/license informationWill Kahn-Greene2011-09-011-1/+1
|
* Also allow admins to delete other users' media.Christopher Allan Webber2011-08-301-15/+6
|
* Feature #403 - Ability to delete media entries - Fixes according to feedbackJoar Wandborg2011-08-301-0/+26
| | | | | | | | | | * Moved `mediagoblin.confirm` stuff to `mediagoblin.user_pages`, templates too. * Removed route extension for `mediagoblin.confirm` * Created `delete_media_files` which deletes all media files on the public_store when the entry is deleted * Created a new decorator to check if a user has the permission to delete an entry.
* Use render_404 EVERYWHERE!Christopher Allan Webber2011-08-201-8/+8
|
* require_active_login now redirect's to user's homepage if not email verifiedChristopher Allan Webber2011-07-291-2/+3
|
* Move InvalidId to db.utilElrond2011-06-201-2/+1
| | | | | | Instead of import InvalidId from the low level bson module, first import it in our db.util wrapper and second import it from pymongo.errors.
* Create redirect shortcut and use it aroundElrond2011-06-051-3/+3
| | | | | This is just replacing exc.HTTPFound(location=request.urlgen(...)) by redirect(request, ...). No magic.
* Merge remote branch 'upstream/master'Elrond2011-06-021-3/+6
|\ | | | | | | | | Conflicts: mediagoblin/templates/mediagoblin/user_pages/media.html
| * Just adjusting some spacing so we don't go over 80 charsChristopher Allan Webber2011-05-311-2/+4
| |
| * Fixed bug where someone who wasn't logged in was asked to verifyAleksandar Micovic2011-05-311-4/+5
| | | | | | | | their emails.
| * Added a temporary verification page informing the user they needAleksandar Micovic2011-05-301-1/+1
| | | | | | | | to authenticate.
* | Starting "edit" functionality.Elrond2011-05-261-0/+20
|/ | | | | This adds a link to the "edit" form, the form, the view for displaying the form and that's about it.
* Update all the views so that they use the uploader reference insteadChristopher Allan Webber2011-05-221-2/+2
| | | | of uploader embedding
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-06 22:24:00 +0000