aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/edit/views.py
Commit message (Collapse)AuthorAgeFilesLines
* merge --squash openid branch to take care of a false merge commit in theRodney Ewing2013-07-031-24/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | basic_auth branch that openid is forked from Commits squashed together (in reverse chronological order): - do the label thing only for boolean fields - made edit_account to autofocus on the first field - added feature to render_divs where if field.label == '' then it will render form.description the same a render_label - added allow_registration check - refactored create_user - removed verification_key from create_user - removed get_user from openid - cleanup after removing openid from template_env.globals - fix for werkzueg 0.9.1 - cleanup after merge - more tests - restored openid extra_validation just for safety - tests for openid - deleted openid extra_validation - passed next parameter in session for openid - fixed a bug that was deleting the messages - implemented openid store using sqlalchemy - ask openid provider for 'nickname' to prefill username in registration form - refactored delete openid url to work with generic urls such as google and to not allow a user to delete a url if it is there only one and they don't have a pw - refactored login to register user workflow, which fixed a problem where the 'or register with a password link' wasn't showing up when the finish_login view called the register view because there wasn't any redirect. - added the ability to remove openid's - added the ability to add openids to an existing account - refactored start_login and finish_login views - modified edit_account.html to use render_divs - modified gmg/edit/views to behave appropriatly if no password authentication is enabled. moved the update email stuff to it's own funtion to make edit_account view cleaner. edit_account now modifies the form depending on the plugins. - minor typos - added retrieving email from openid provider - moved allow_registration check to a decorator - moved check if auth is enabled to a decorator - changed openid user registration to go through login first - cleanup after merge - modified verification emails to use itsdangerous tokens - added error handling on bad token, fixed route, and added tests - added support for user to change email address - added link to login view openid/password in login template - updated openid get_user function - modified get_user function to take kwargs instead of username - no need for user might be email kwarg in check_login_simple - added gen_password_hash and check_password functions to auth/__init__ - added focus to form input - made imports fully qualified - modified basic_auth.check_login to check that the user has a pw_hash first - changed occurances of form.data['whatever'] to form.whatever.data - convert tabs to spaces in register template, remove unsed templates, and fixed trans tags in templates - in process of openid login. it works, but needs major imporvements - make password field required in basic_auth form - check if password field present in basic_auth create_user - modified openid create_user function - modified models based on Elronds suggestions - changed register form action to a variable to be passed in by the view using the template - openid plugin v0, still need to authenticate via openid. - added a register_user function to be able to use in a plugin's register view, and modified auth/views.register to redirect to openid/register if appropriate. - Modified basic_auth plugin to work with modified auth plugin hooks. Added context variables. Removed basic_auth/tools which was previously renamed to basic_auth/lib. - modified auth/__init__ hooks to work better with multiple plugins. Removed auth/lib.py. And added a basic_extra_verification function that all plugins will use. - added models and migrations for openid plugin
* cleanup after mergeRodney Ewing2013-06-251-0/+1
|
* Merge remote-tracking branch 'upstream/master' into authRodney Ewing2013-06-251-22/+94
|\ | | | | | | | | | | | | | | | | | | | | | | Conflicts: mediagoblin/app.py mediagoblin/auth/forms.py mediagoblin/auth/tools.py mediagoblin/db/migrations.py mediagoblin/db/models.py mediagoblin/edit/views.py mediagoblin/plugins/basic_auth/tools.py mediagoblin/tests/test_edit.py
| * Removing the "enter your password to change your email" bit.Christopher Allan Webber2013-06-211-31/+23
| | | | | | | | | | | | | | A good idea, though it feels fairly clumsy in the form, and I think if you're logged in you can already sabotage the user pretty well. This commit sponsored by Sergey Matveev. Thanks!
| * send_verification_email was moved to auth/toolsRodney Ewing2013-05-291-1/+2
| |
| * form is already validated, no need to validate againRodney Ewing2013-05-291-6/+2
| |
| * added error handling on bad token, fixed route, and added testsRodney Ewing2013-05-241-4/+15
| |
| * added support for user to change email addressRodney Ewing2013-05-241-16/+89
| |
* | fixed failing tests after rebaseRodney Ewing2013-05-241-2/+2
| |
* | moved bcrypt_gen_password_hash to basic_auth/tools and added ↵Rodney Ewing2013-05-241-1/+0
| | | | | | | | gen_password_hash function to auth/__init__
* | moved bcrypt_check_password to basic_auth/tools from auth/libRodney Ewing2013-05-241-0/+1
|/
* moved change pass to a seperate view and fixed issues 709Rodney Ewing2013-05-201-12/+36
|
* Create redir_obj and use it around.Elrond2013-04-281-6/+4
| | | | | | | | This is a shortcut function to redirect to the main page for an object. Objects currently supported: media entries and collections. And go around and replace various places to use this.
* No lazy_* needed here; Add ReallyLazyProxy.__repr__.Elrond2013-04-251-1/+1
| | | | | | | | | | | | One should use lazy_* only if you have a good reason. This one found by our unit tests! For example add_message adds the message to the session, the session needs to be serialized (with json) and well, LazyProxy is not serializable. To aid in debugging, gave our ReallyLazyProxy a __repr__.
* Fix-bug-667-Use-lazy_pass_to_ugettext-for-forms.Aditi Mittal2013-04-241-1/+1
|
* Use GenerateSlugMixin for collections.Elrond2013-04-061-1/+1
| | | | | Use the new way of generating slugs also for collections. Also drop the dummy_db arg to check_collection_slug_used.
* Use WTForms data field in edit/views.pyHans Lo2013-03-271-16/+16
|
* Use the media id for attachmemt editing.Elrond2013-02-241-2/+2
| | | | And remove some stray white space from the output.
* removed unused import cgi.FieldStorageAndrás Veres-Szentkirályi2013-02-221-1/+0
|
* user.get('moo') -> user.mooSebastian Spaeth2013-01-221-4/+4
| | | | | | | User fields are always existent, so there is no need to .get() them, just use them directly. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Merge remote-tracking branch 'refs/remotes/spaetz/521_license_preference' ↵Christopher Allan Webber2013-01-221-35/+32
|\ | | | | | | into mergetest
| * Add a license preference fieldMark Holmquist2013-01-171-35/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | This feature is absolutely necessary. Now a user can simply define their default license and quickly go through a form, as opposed to stopping to click on the select and choosing the same option over and over again. Also added DB migration for the field, so that's working now, too. Rebased by Sebastian and made the default value to be unicode. Reviewed-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* | Sanitize slug input on media editSebastian Spaeth2013-01-181-7/+6
|/ | | | | | | | | Previously we allowed EVERYTHING, even slashes as slug when editing the media. Make sure we slugify the input to sanitize it. (+ string formdata is unicode, so there is no need to convert it) Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Allowing to delete a user account (#302)Sebastian Spaeth2013-01-171-0/+31
| | | | | | | | | | | | | Add a "Delete user account" template and link to it from the user account settings page. Create a delete_account function and fill in most blanks. We can now successfully delete our own account. Thanks to Elrond for catching a stray csrf_exempt in a previous iteration of this patch. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Merge remote-tracking branch 'refs/remotes/elrond/misc/use_media_id'Christopher Allan Webber2013-01-161-1/+2
|\
| * Start to use the media_id in "admin" URLs.Elrond2013-01-111-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | We have a bunch of URLs that are more for internal use. At least they're definitely not intended to be posted somewhere for long term useage. When those things affect a media, it's much better to reference the media by its id. This can't change, ever. This is better for races. Like someone posting a comment while the owner corrects a typo in the slug.
* | Simplify check_media_slug_usedSebastian Spaeth2013-01-151-2/+2
|/ | | | | | | Remove the unused dummy_db argument and generally make the function readable. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Enable /u/USERNAME/edit/ pattern #588Sebastian Spaeth2013-01-091-9/+17
| | | | | | | | Transition from the inconsistent /edit/profile/?username=FOO to the nicer /u/FOO/edit/. The old pattern will still work and redirects to the new URL. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Convert return HttpException to raise HttpExceptionSebastian Spaeth2012-12-231-2/+2
| | | | | | controllers (view function) raise HttpException's and do not return them. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* webob.HTTPFound --> MG.tools.redirectSebastian Spaeth2012-12-211-5/+4
| | | | | | Transition away from webob. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Transition webob.HttpForbidden to webob's exceptions ForbiddenSebastian Spaeth2012-12-211-2/+3
| | | | Also the BadRequest exception.
* Move DBModel._id -> DBModel.idSebastian Spaeth2012-12-211-4/+4
| | | | | | | | | | | | | | | | | | | | | | | We were refering to model._id in most of the code base as this is what Mongo uses. However, each use of _id required a) fixup of queries: e.g. what we did in our find() and find_one() functions moving all '_id' to 'id'. It also required using AliasFields to make the ._id attribute available. This all means lots of superfluous fixing and transitioning in a SQL world. It will also not work in the long run. Much newer code already refers to the objects by model.id (e.g. in the oauth plugin), which will break with Mongo. So let's be honest, rip out the _id mongoism and live with .id as the one canonical way to address objects. This commit modifies all users and providers of model._id to use model.id instead. This patch works with or without Mongo removed first, but will break Mongo usage (even more than before) I have not bothered to fixup db.mongo.* and db.sql.convert (which converts from Mongo to SQL) Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
* Fix translations around.Elrond2012-12-031-1/+1
| | | | | | | This includes: - Mark more strings for translation - Don't mark html-only nonsense for translation - Mark a better part for translation.
* Fixed attachmentsJoar Wandborg2012-10-231-12/+11
|
* Replaced all request.POST with request.form, ...Joar Wandborg2012-09-291-30/+30
| | | | | - Fixed error handling in OAuth plugin - Changed request.POST file fields to request.files
* Too much was marked for translation this gettext message.Christopher Allan Webber2012-09-241-1/+3
| | | | Thanks for catching AVRS!
* Removed unnecessary reference to may_edit_collection in edit views.pyAaron Williamson2012-09-181-1/+1
|
* Added basic collection functionalityAaron Williamson2012-09-181-3/+59
|
* Added some security checks to attachment upload, it's still notJoar Wandborg2012-06-241-2/+29
| | | | waterproof.
* Merge remote-tracking branch ↵Joar Wandborg2012-06-101-30/+41
|\ | | | | | | | | | | | | 'is_derek/bug405_email_notifications_for_comments' into notifications-merge Conflicts: mediagoblin/db/mongo/migrations.py
| * Updates to send email comments, included translation, better validation.Derek Moore2012-03-251-38/+38
| |
| * These are changes for issue #405, add email comment notification.Derek Moore2012-03-151-19/+29
| |
* | Fix problems from pyflakes outputWill Kahn-Greene2012-06-031-7/+1
|/
* Changed from key-notation to dot-notation in edit_profileJoar Wandborg2012-03-081-1/+1
|
* Generic check_media_slug_used db utility.Elrond2012-03-051-5/+4
| | | | | | | | In two cases (generating a new slug and editing the slug) it is nice to know in advance (before the db gets angry) that the slug is used/free. So created a db utility function to check for this on mongo and sql: check_media_slug_used()
* Attachment support in the SQL backendElrond2012-02-281-1/+1
| | | | | | | | | attachments working with the sql backend. - SQL Schema for attachment files, ordering attachments by their name, not by the submission order (as earlier). - Dot-Notation for attachments, where missing. - convert existing attachments over from mongo -> sql
* Drop pre-rendered html: MediaEntry.description_htmlElrond2012-02-181-4/+1
| | | | | | | | | | | After a bit of discussion, we decided to drop the pre-rendered html from the database and render it on the fly. In another step, we will use some proper caching method to cache this stuff. This commit affects the MediaEntry.description_html part.
* Drop pre-rendered html: User.bio_htmlElrond2012-02-181-2/+0
| | | | | | | | | | | After a bit of discussion, we decided to drop the pre-rendered html from the database and render it on the fly. In another step, we will use some proper caching method to cache this stuff. This commit affects the User.bio_html part.
* It's 2012 all up in hereChristopher Allan Webber2012-02-021-1/+1
|
* Nearly complete support for TagsElrond2012-01-281-1/+1
| | | | | | | | | | | These changes allow all of the rest of the code to use tags in sql as they were used on mongo. It's not efficient at all, as changing tags usually means to remove all old tags and adding all new. The only problem here is: Old slugs for tags are not removed, because they're shared across all MediaTags and dropping orphans is not always easy.
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-06 21:29:20 +0000