def activity_view(request):
""" /<username>/activity/<id> - Display activity
This should display a HTML presentation of the activity
this is NOT an API endpoint.
"""
# Get the user object.
username = request.matchdict["username"]
user = User.query.filter_by(username=username).first()
activity_id = request.matchdict["id"]
if request.user is None:
return render_404(request)
activity = Activity.query.filter_by(
id=activity_id,
author=user.id
).first()
if activity is None:
return render_404(request)
return render_to_response(
request,
"mediagoblin/api/activity.html",
{"activity": activity}
)
def user_collection(request, page, url_user=None):
"""A User-defined Collection"""
collection = Collection.query.filter_by(
get_creator=url_user,
slug=request.matchdict['collection']).first()
if not collection:
return render_404(request)
cursor = collection.get_collection_items()
pagination = Pagination(page, cursor)
collection_items = pagination()
# if no data is available, return NotFound
# TODO: Should an empty collection really also return 404?
if collection_items == None:
return render_404(request)
return render_to_response(
request,
'mediagoblin/user_pages/collection.html',
{'user': url_user,
'collection': collection,
'collection_items': collection_items,
'pagination': pagination})
def user_home(request, page):
"""'Homepage' of a User()"""
user = User.query.filter_by(username=request.matchdict['user']).first()
if not user:
return render_404(request)
elif not user.has_privilege(u'active'):
return render_to_response(
request,
'mediagoblin/user_pages/user_nonactive.html',
{'user': user})
cursor = MediaEntry.query.\
filter_by(uploader = user.id,
state = u'processed').order_by(MediaEntry.created.desc())
pagination = Pagination(page, cursor)
media_entries = pagination()
#if no data is available, return NotFound
if media_entries == None:
return render_404(request)
user_gallery_url = request.urlgen(
'mediagoblin.user_pages.user_gallery',
user=user.username)
return render_to_response(
request,
'mediagoblin/user_pages/user.html',
{'user': user,
'user_gallery_url': user_gallery_url,
'media_entries': media_entries,
'pagination': pagination})
def wrapper(request, *args, **kwargs):
user = request.db.User.find_one(
{'username': request.matchdict['user']})
if not user:
return render_404(request)
media = request.db.MediaEntry.find_one(
{'slug': request.matchdict['media'],
'state': u'processed',
'uploader': user._id})
# no media via slug? Grab it via ObjectId
if not media:
try:
media = request.db.MediaEntry.find_one(
{'_id': ObjectId(request.matchdict['media']),
'state': u'processed',
'uploader': user._id})
except InvalidId:
return render_404(request)
# Still no media? Okay, 404.
if not media:
return render_404(request)
return controller(request, media=media, *args, **kwargs)
def user_home(request, page):
"""'Homepage' of a User()"""
# TODO: decide if we only want homepages for active users, we can
# then use the @get_active_user decorator and also simplify the
# template html.
user = User.query.filter_by(username=request.matchdict['user']).first()
if not user:
return render_404(request)
elif user.status != u'active':
return render_to_response(request, 'mediagoblin/user_pages/user.html',
{'user': user})
cursor = MediaEntry.query.\
filter_by(uploader = user.id,
state = u'processed').order_by(MediaEntry.created.desc())
pagination = Pagination(page, cursor)
media_entries = pagination()
#if no data is available, return NotFound
if media_entries == None:
return render_404(request)
user_gallery_url = request.urlgen('mediagoblin.user_pages.user_gallery',
user=user.username)
return render_to_response(
request, 'mediagoblin/user_pages/user.html', {
'user': user,
'user_gallery_url': user_gallery_url,
'media_entries': media_entries,
'pagination': pagination
})
def user_home(request, page):
"""'Homepage' of a LocalUser()"""
user = LocalUser.query.filter_by(
username=request.matchdict['user']).first()
if not user:
return render_404(request)
elif not user.has_privilege('active'):
return render_to_response(
request, 'mediagoblin/user_pages/user_nonactive.html',
{'user': user})
cursor = MediaEntry.query.\
filter_by(actor = user.id).order_by(MediaEntry.created.desc())
pagination = Pagination(page, cursor)
media_entries = pagination()
# if no data is available, return NotFound
if media_entries == None:
return render_404(request)
user_gallery_url = request.urlgen('mediagoblin.user_pages.user_gallery',
user=user.username)
return render_to_response(
request, 'mediagoblin/user_pages/user.html', {
'user': user,
'user_gallery_url': user_gallery_url,
'media_entries': media_entries,
'pagination': pagination
})
def activity_view(request):
""" /<username>/activity/<id> - Display activity
This should display a HTML presentation of the activity
this is NOT an API endpoint.
"""
# Get the user object.
username = request.matchdict["username"]
user = LocalUser.query.filter_by(username=username).first()
activity_id = request.matchdict["id"]
if request.user is None:
return render_404(request)
activity = Activity.query.filter_by(id=activity_id, author=user.id).first()
# There isn't many places to check that the public_id is filled so this
# will do, it really should be, lets try and fix that if it isn't.
activity.get_public_id(request.urlgen)
if activity is None:
return render_404(request)
return render_to_response(request, "mediagoblin/api/activity.html",
{"activity": activity})
def user_gallery(request, page):
"""'Gallery' of a User()"""
user = request.db.User.find_one({
'username': request.matchdict['user'],
'status': u'active'})
if not user:
return render_404(request)
cursor = request.db.MediaEntry.find(
{'uploader': user._id,
'state': u'processed'}).sort('created', DESCENDING)
pagination = Pagination(page, cursor)
media_entries = pagination()
#if no data is available, return NotFound
if media_entries == None:
return render_404(request)
return render_to_response(
request,
'mediagoblin/user_pages/gallery.html',
{'user': user,
'media_entries': media_entries,
'pagination': pagination})
def user_collection(request, page):
"""A User-defined Collection"""
user = request.db.User.find_one({
'username': request.matchdict['user'],
'status': u'active'})
if not user:
return render_404(request)
collection = request.db.Collection.find_one(
{'slug': request.matchdict['collection']})
cursor = request.db.CollectionItem.find(
{'collection': collection.id})
pagination = Pagination(page, cursor)
collection_items = pagination()
#if no data is available, return NotFound
if collection_items == None:
return render_404(request)
return render_to_response(
request,
'mediagoblin/user_pages/collection.html',
{'user': user,
'collection': collection,
'collection_items': collection_items,
'pagination': pagination})
def user_home(request, page):
"""'Homepage' of a User()"""
# TODO: decide if we only want homepages for active users, we can
# then use the @get_active_user decorator and also simplify the
# template html.
user = User.query.filter_by(username=request.matchdict["user"]).first()
if not user:
return render_404(request)
elif user.status != u"active":
return render_to_response(request, "mediagoblin/user_pages/user.html", {"user": user})
cursor = MediaEntry.query.filter_by(uploader=user.id, state=u"processed").order_by(MediaEntry.created.desc())
pagination = Pagination(page, cursor)
media_entries = pagination()
# if no data is available, return NotFound
if media_entries == None:
return render_404(request)
user_gallery_url = request.urlgen("mediagoblin.user_pages.user_gallery", user=user.username)
return render_to_response(
request,
"mediagoblin/user_pages/user.html",
{"user": user, "user_gallery_url": user_gallery_url, "media_entries": media_entries, "pagination": pagination},
)
def user_collection(request, page, url_user=None):
"""A User-defined Collection"""
collection = Collection.query.filter_by(
get_actor=url_user, slug=request.matchdict['collection']).first()
if not collection:
return render_404(request)
cursor = collection.get_collection_items()
pagination = Pagination(page, cursor)
collection_items = pagination()
# if no data is available, return NotFound
# TODO: Should an empty collection really also return 404?
if collection_items == None:
return render_404(request)
return render_to_response(
request, 'mediagoblin/user_pages/collection.html', {
'user': url_user,
'collection': collection,
'collection_items': collection_items,
'pagination': pagination
})
def activity_view(request):
""" /<username>/activity/<id> - Display activity
This should display a HTML presentation of the activity
this is NOT an API endpoint.
"""
# Get the user object.
username = request.matchdict["username"]
user = LocalUser.query.filter_by(username=username).first()
activity_id = request.matchdict["id"]
if request.user is None:
return render_404(request)
activity = Activity.query.filter_by(
id=activity_id,
author=user.id
).first()
# There isn't many places to check that the public_id is filled so this
# will do, it really should be, lets try and fix that if it isn't.
activity.get_public_id(request.urlgen)
if activity is None:
return render_404(request)
return render_to_response(
request,
"mediagoblin/api/activity.html",
{"activity": activity}
)
def wrapper(request, *args, **kwargs):
try:
page = int(request.GET.get('page', 1))
if page < 0:
return render_404(request)
except ValueError:
return render_404(request)
return controller(request, page=page, *args, **kwargs)
def wrapper(request, *args, **kwargs):
try:
page = int(request.GET.get('page', 1))
if page < 0:
return render_404(request)
except ValueError:
return render_404(request)
return controller(request, page=page, *args, **kwargs)
def media_confirm_delete(request):
allowed_state = [u'failed', u'processed']
media = None
for media_state in allowed_state:
media = request.db.MediaEntry.query.filter_by(id=request.matchdict['media_id'], state=media_state).first()
if media:
break
if not media:
return render_404(request)
given_username = request.matchdict.get('user')
if given_username and (given_username != media.get_uploader.username):
return render_404(request)
uploader_id = media.uploader
if not (request.user.is_admin or
request.user.id == uploader_id):
raise Forbidden()
form = user_forms.ConfirmDeleteForm(request.form)
if request.method == 'POST' and form.validate():
if form.confirm.data is True:
username = media.get_uploader.username
# Delete MediaEntry and all related files, comments etc.
media.delete()
messages.add_message(
request, messages.SUCCESS, _('You deleted the media.'))
location = media.url_to_next(request.urlgen)
if not location:
location=media.url_to_prev(request.urlgen)
if not location:
location=request.urlgen("mediagoblin.user_pages.user_home",
user=username)
return redirect(request, location=location)
else:
messages.add_message(
request, messages.ERROR,
_("The media was not deleted because you didn't check that you were sure."))
return redirect_obj(request, media)
if ((request.user.is_admin and
request.user.id != media.uploader)):
messages.add_message(
request, messages.WARNING,
_("You are about to delete another user's media. "
"Proceed with caution."))
return render_to_response(
request,
'mediagoblin/user_pages/media_confirm_delete.html',
{'media': media,
'form': form})
def wrapper(request, *args, **kwargs):
media = MediaEntry.query.filter_by(id=request.matchdict["media_id"], state=u"processed").first()
# Still no media? Okay, 404.
if not media:
return render_404(request)
given_username = request.matchdict.get("user")
if given_username and (given_username != media.get_uploader.username):
return render_404(request)
return controller(request, media=media, *args, **kwargs)
def wrapper(request, *args, **kwargs):
media = MediaEntry.query.filter_by(id=request.matchdict['media_id'],
state=u'processed').first()
# Still no media? Okay, 404.
if not media:
return render_404(request)
given_username = request.matchdict.get('user')
if given_username and (given_username != media.get_uploader.username):
return render_404(request)
return controller(request, media=media, *args, **kwargs)
def wrapper(request, *args, **kwargs):
user = request.db.User.find_one({"username": request.matchdict["user"]})
if not user:
return render_404(request)
collection = request.db.Collection.find_one({"slug": request.matchdict["collection"], "creator": user.id})
# Still no collection? Okay, 404.
if not collection:
return render_404(request)
return controller(request, collection=collection, *args, **kwargs)
def wrapper(request, *args, **kwargs):
try:
media = request.db.MediaEntry.find_one(
{'_id': ObjectId(request.matchdict['media']),
'state': u'processed'})
except InvalidId:
return render_404(request)
# Still no media? Okay, 404.
if not media:
return render_404(request)
return controller(request, media=media, *args, **kwargs)
def wrapper(request, *args, **kwargs):
user = request.db.User.find_one({"username": request.matchdict["user"]})
if not user:
return render_404(request)
collection_item = request.db.CollectionItem.find_one({"id": request.matchdict["collection_item"]})
# Still no collection item? Okay, 404.
if not collection_item:
return render_404(request)
return controller(request, collection_item=collection_item, *args, **kwargs)
def verify_forgot_password(request):
"""
Check the forgot-password verification and possibly let the user
change their password because of it.
"""
# get form data variables, and specifically check for presence of token
formdata = _process_for_token(request)
if not formdata['has_userid_and_token']:
return render_404(request)
formdata_token = formdata['vars']['token']
formdata_userid = formdata['vars']['userid']
formdata_vars = formdata['vars']
# check if it's a valid Id
try:
user = request.db.User.find_one(
{'_id': ObjectId(unicode(formdata_userid))})
except InvalidId:
return render_404(request)
# check if we have a real user and correct token
if ((user and user.fp_verification_key and
user.fp_verification_key == unicode(formdata_token) and
datetime.datetime.now() < user.fp_token_expire
and user.email_verified and user.status == 'active')):
cp_form = auth_forms.ChangePassForm(formdata_vars)
if request.method == 'POST' and cp_form.validate():
user.pw_hash = auth_lib.bcrypt_gen_password_hash(
request.form['password'])
user.fp_verification_key = None
user.fp_token_expire = None
user.save()
messages.add_message(
request,
messages.INFO,
_("You can now log in using your new password."))
return redirect(request, 'mediagoblin.auth.login')
else:
return render_to_response(
request,
'mediagoblin/auth/change_fp.html',
{'cp_form': cp_form})
# in case there is a valid id but no user whit that id in the db
# or the token expired
else:
return render_404(request)
def wrapper(request, *args, **kwargs):
user = request.db.User.query.filter_by(
username=request.matchdict['user']).first()
if not user:
return render_404(request)
collection_item = request.db.CollectionItem.query.filter_by(
id=request.matchdict['collection_item']).first()
# Still no collection item? Okay, 404.
if not collection_item:
return render_404(request)
return controller(request, collection_item=collection_item, *args, **kwargs)
def wrapper(request, *args, **kwargs):
user = request.db.User.query.filter_by(
username=request.matchdict['user']).first()
if not user:
return render_404(request)
collection = request.db.Collection.query.filter_by(
slug=request.matchdict['collection'], creator=user.id).first()
# Still no collection? Okay, 404.
if not collection:
return render_404(request)
return controller(request, collection=collection, *args, **kwargs)
def wrapper(request, *args, **kwargs):
user = request.db.User.query.filter_by(
username=request.matchdict['user']).first()
if not user:
return render_404(request)
collection_item = request.db.CollectionItem.query.filter_by(
id=request.matchdict['collection_item']).first()
# Still no collection item? Okay, 404.
if not collection_item:
return render_404(request)
return controller(request, collection_item=collection_item, *args, **kwargs)
def verify_email(request):
"""
Email verification view for changing email address
"""
# If no token, we can't do anything
if not "token" in request.GET:
return render_404(request)
# Catch error if token is faked or expired
token = None
try:
token = get_timed_signer_url("mail_verification_token").loads(request.GET["token"], max_age=10 * 24 * 3600)
except BadSignature:
messages.add_message(request, messages.ERROR, _("The verification key or user id is incorrect."))
return redirect(request, "index")
user = User.query.filter_by(id=int(token["user"])).first()
if user:
user.email = token["email"]
user.save()
messages.add_message(request, messages.SUCCESS, _("Your email address has been verified."))
else:
messages.add_message(request, messages.ERROR, _("The verification key or user id is incorrect."))
return redirect(request, "mediagoblin.user_pages.user_home", user=user.username)
def verify_email(request):
"""
Email verification view
validates GET parameters against database and unlocks the user account, if
you are lucky :)
"""
# If we don't have userid and token parameters, we can't do anything; 404
if not 'userid' in request.GET or not 'token' in request.GET:
return render_404(request)
user = request.db.User.find_one(
{'_id': ObjectId(unicode(request.GET['userid']))})
if user and user.verification_key == unicode(request.GET['token']):
user.status = u'active'
user.email_verified = True
user.verification_key = None
user.save()
messages.add_message(
request,
messages.SUCCESS,
_("Your email address has been verified. "
"You may now login, edit your profile, and submit images!"))
else:
messages.add_message(
request,
messages.ERROR,
_('The verification key or user id is incorrect'))
return redirect(
request, 'mediagoblin.user_pages.user_home',
user=user.username)
def user_gallery(request, page, url_user=None):
"""'Gallery' of a User()"""
tag = request.matchdict.get('tag', None)
cursor = MediaEntry.query.filter_by(
uploader=url_user.id,
state=u'processed').order_by(MediaEntry.created.desc())
# Filter potentially by tag too:
if tag:
cursor = cursor.filter(
MediaEntry.tags_helper.any(
MediaTag.slug == request.matchdict['tag']))
# Paginate gallery
pagination = Pagination(page, cursor)
media_entries = pagination()
#if no data is available, return NotFound
# TODO: Should we really also return 404 for empty galleries?
if media_entries == None:
return render_404(request)
return render_to_response(
request,
'mediagoblin/user_pages/gallery.html',
{'user': url_user, 'tag': tag,
'media_entries': media_entries,
'pagination': pagination})
def atom_feed(request):
"""
generates the atom feed with the newest images
"""
user = User.query.filter_by(
username = request.matchdict['user']).first()
if not user or not user.has_privilege(u'active'):
return render_404(request)
cursor = MediaEntry.query.filter_by(
uploader = user.id,
state = u'processed').\
order_by(MediaEntry.created.desc()).\
limit(ATOM_DEFAULT_NR_OF_UPDATED_ITEMS)
"""
ATOM feed id is a tag URI (see http://en.wikipedia.org/wiki/Tag_URI)
"""
atomlinks = [{
'href': request.urlgen(
'mediagoblin.user_pages.user_home',
qualified=True, user=request.matchdict['user']),
'rel': 'alternate',
'type': 'text/html'
}]
if mg_globals.app_config["push_urls"]:
for push_url in mg_globals.app_config["push_urls"]:
atomlinks.append({
'rel': 'hub',
'href': push_url})
feed = AtomFeed(
"MediaGoblin: Feed for user '%s'" % request.matchdict['user'],
feed_url=request.url,
id='tag:{host},{year}:gallery.user-{user}'.format(
host=request.host,
year=datetime.datetime.today().strftime('%Y'),
user=request.matchdict['user']),
links=atomlinks)
for entry in cursor:
feed.add(entry.get('title'),
entry.description_html,
id=entry.url_for_self(request.urlgen, qualified=True),
content_type='html',
author={
'name': entry.get_uploader.username,
'uri': request.urlgen(
'mediagoblin.user_pages.user_home',
qualified=True, user=entry.get_uploader.username)},
updated=entry.get('created'),
links=[{
'href': entry.url_for_self(
request.urlgen,
qualified=True),
'rel': 'alternate',
'type': 'text/html'}])
return feed.get_response()
def wrapper(request, *args, **kwargs):
user = request.db.User.query.filter_by(
username=request.matchdict['user']).first()
if not user:
return render_404(request)
collection = request.db.Collection.query.filter_by(
slug=request.matchdict['collection'],
creator=user.id).first()
# Still no collection? Okay, 404.
if not collection:
return render_404(request)
return controller(request, collection=collection, *args, **kwargs)
def user_gallery(request, page, url_user=None):
"""'Gallery' of a LocalUser()"""
tag = request.matchdict.get('tag', None)
cursor = MediaEntry.query.filter_by(actor=url_user.id,
state='processed').order_by(
MediaEntry.created.desc())
# Filter potentially by tag too:
if tag:
cursor = cursor.filter(
MediaEntry.tags_helper.any(
MediaTag.slug == request.matchdict['tag']))
# Paginate gallery
pagination = Pagination(page, cursor)
media_entries = pagination()
#if no data is available, return NotFound
# TODO: Should we really also return 404 for empty galleries?
if media_entries == None:
return render_404(request)
return render_to_response(
request, 'mediagoblin/user_pages/gallery.html', {
'user': url_user,
'tag': tag,
'media_entries': media_entries,
'pagination': pagination
})
def wrapper(request, *args, **kwargs):
user = LocalUser.query.filter_by(
username=request.matchdict['user']).first()
if user is None:
return render_404(request)
return controller(request, *args, url_user=user, **kwargs)
def atom_feed(request):
"""
generates the atom feed with the newest images
"""
user = User.query.filter_by(
username = request.matchdict['user']).first()
if not user or not user.has_privilege(u'active'):
return render_404(request)
cursor = MediaEntry.query.filter_by(
uploader = user.id,
state = u'processed').\
order_by(MediaEntry.created.desc()).\
limit(ATOM_DEFAULT_NR_OF_UPDATED_ITEMS)
"""
ATOM feed id is a tag URI (see http://en.wikipedia.org/wiki/Tag_URI)
"""
atomlinks = [{
'href': request.urlgen(
'mediagoblin.user_pages.user_home',
qualified=True, user=request.matchdict['user']),
'rel': 'alternate',
'type': 'text/html'
}]
if mg_globals.app_config["push_urls"]:
for push_url in mg_globals.app_config["push_urls"]:
atomlinks.append({
'rel': 'hub',
'href': push_url})
feed = AtomFeed(
"MediaGoblin: Feed for user '%s'" % request.matchdict['user'],
feed_url=request.url,
id='tag:{host},{year}:gallery.user-{user}'.format(
host=request.host,
year=datetime.datetime.today().strftime('%Y'),
user=request.matchdict['user']),
links=atomlinks)
for entry in cursor:
feed.add(entry.get('title'),
entry.description_html,
id=entry.url_for_self(request.urlgen, qualified=True),
content_type='html',
author={
'name': entry.get_uploader.username,
'uri': request.urlgen(
'mediagoblin.user_pages.user_home',
qualified=True, user=entry.get_uploader.username)},
updated=entry.get('created'),
links=[{
'href': entry.url_for_self(
request.urlgen,
qualified=True),
'rel': 'alternate',
'type': 'text/html'}])
return feed.get_response()
def wrapper(request, *args, **kwargs):
user = request.db.User.find_one(
{'username': request.matchdict['user']})
if not user:
return render_404(request)
collection = request.db.Collection.find_one(
{'slug': request.matchdict['collection'],
'creator': user._id})
# Still no collection? Okay, 404.
if not collection:
return render_404(request)
return controller(request, collection=collection, *args, **kwargs)
def file_a_report(request, media, comment):
"""
This view handles the filing of a Report.
"""
if comment is not None:
if not comment.target().id == media.id:
return render_404(request)
form = user_forms.CommentReportForm(request.form)
context = {'media': comment.target(), 'comment': comment, 'form': form}
else:
form = user_forms.MediaReportForm(request.form)
context = {'media': media, 'form': form}
form.reporter_id.data = request.user.id
if request.method == "POST":
report_object = build_report_object(form,
media_entry=media,
comment=comment)
# if the object was built successfully, report_table will not be None
if report_object:
report_object.save()
return redirect(request, 'index')
return render_to_response(request, 'mediagoblin/user_pages/report.html',
context)
def edit_metadata(request, media):
# If media is not processed, return NotFound.
if not media.state == 'processed':
return render_404(request)
form = forms.EditMetaDataForm(request.method == 'POST' and request.form
or None)
if request.method == "POST" and form.validate():
metadata_dict = {
row['identifier']: row['value']
for row in form.media_metadata.data
}
json_ld_metadata = None
json_ld_metadata = compact_and_validate(metadata_dict)
media.media_metadata = json_ld_metadata
media.save()
return redirect_obj(request, media)
if len(form.media_metadata) == 0:
for identifier, value in media.media_metadata.items():
if identifier == "@context": continue
form.media_metadata.append_entry({
'identifier': identifier,
'value': value
})
return render_to_response(request, 'mediagoblin/edit/metadata.html', {
'form': form,
'media': media
})
def atom_feed(request):
"""
generates the atom feed with the newest images
"""
user = LocalUser.query.filter_by(
username=request.matchdict['user']).first()
if not user or not user.has_privilege('active'):
return render_404(request)
feed_title = "MediaGoblin Feed for user '%s'" % request.matchdict['user']
link = request.urlgen('mediagoblin.user_pages.user_home',
qualified=True,
user=request.matchdict['user'])
cursor = MediaEntry.query.filter_by(actor=user.id, state='processed')
cursor = cursor.order_by(MediaEntry.created.desc())
cursor = cursor.limit(ATOM_DEFAULT_NR_OF_UPDATED_ITEMS)
"""
ATOM feed id is a tag URI (see http://en.wikipedia.org/wiki/Tag_URI)
"""
atomlinks = []
if mg_globals.app_config["push_urls"]:
for push_url in mg_globals.app_config["push_urls"]:
atomlinks.append({'rel': 'hub', 'href': push_url})
feed = AtomFeedWithLinks(
title=feed_title,
link=link,
description='',
id='tag:{host},{year}:gallery.user-{user}'.format(
host=request.host,
year=datetime.datetime.today().strftime('%Y'),
user=request.matchdict['user']),
feed_url=request.url,
links=atomlinks,
)
for entry in cursor:
# Include a thumbnail image in content.
file_urls = get_media_file_paths(entry.media_files, request.urlgen)
if 'thumb' in file_urls:
content = '<img src="{thumb}" alt=' ' /> {desc}'.format(
thumb=file_urls['thumb'], desc=entry.description_html)
else:
content = entry.description_html
feed.add_item(
title=entry.get('title'),
link=entry.url_for_self(request.urlgen, qualified=True),
description=content,
unique_id=entry.url_for_self(request.urlgen, qualified=True),
author_name=entry.get_actor.username,
author_link=request.urlgen('mediagoblin.user_pages.user_home',
qualified=True,
user=entry.get_actor.username),
updateddate=entry.get('created'),
)
response = Response(feed.writeString(encoding='utf-8'),
mimetype='application/atom+xml')
return response
def wrapper(request, *args, **kwargs):
media = MediaEntry.query.filter_by(
id=request.matchdict['media'],
state=u'processed').first()
# Still no media? Okay, 404.
if not media:
return render_404(request)
return controller(request, media=media, *args, **kwargs)
def atom_feed(request):
"""
generates the atom feed with the newest images
"""
user = User.query.filter_by(username=request.matchdict["user"], status=u"active").first()
if not user:
return render_404(request)
cursor = (
MediaEntry.query.filter_by(uploader=user.id, state=u"processed")
.order_by(MediaEntry.created.desc())
.limit(ATOM_DEFAULT_NR_OF_UPDATED_ITEMS)
)
"""
ATOM feed id is a tag URI (see http://en.wikipedia.org/wiki/Tag_URI)
"""
atomlinks = [
{
"href": request.urlgen("mediagoblin.user_pages.user_home", qualified=True, user=request.matchdict["user"]),
"rel": "alternate",
"type": "text/html",
}
]
if mg_globals.app_config["push_urls"]:
for push_url in mg_globals.app_config["push_urls"]:
atomlinks.append({"rel": "hub", "href": push_url})
feed = AtomFeed(
"MediaGoblin: Feed for user '%s'" % request.matchdict["user"],
feed_url=request.url,
id="tag:{host},{year}:gallery.user-{user}".format(
host=request.host, year=datetime.datetime.today().strftime("%Y"), user=request.matchdict["user"]
),
links=atomlinks,
)
for entry in cursor:
feed.add(
entry.get("title"),
entry.description_html,
id=entry.url_for_self(request.urlgen, qualified=True),
content_type="html",
author={
"name": entry.get_uploader.username,
"uri": request.urlgen(
"mediagoblin.user_pages.user_home", qualified=True, user=entry.get_uploader.username
),
},
updated=entry.get("created"),
links=[
{"href": entry.url_for_self(request.urlgen, qualified=True), "rel": "alternate", "type": "text/html"}
],
)
return feed.get_response()
def media_preview_comment(request):
"""Runs a comment through markdown so it can be previewed."""
# If this isn't an ajax request, render_404
if not request.is_xhr:
return render_404(request)
comment = unicode(request.form["comment_content"])
cleancomment = {"content": cleaned_markdown_conversion(comment)}
return Response(json.dumps(cleancomment))
def media_preview_comment(request):
"""Runs a comment through markdown so it can be previewed."""
# If this isn't an ajax request, render_404
if not request.is_xhr:
return render_404(request)
comment = str(request.form['comment_content'])
cleancomment = {"content": cleaned_markdown_conversion(comment)}
return Response(json.dumps(cleancomment))
def wrapper(request, *args, **kwargs):
if 'comment' in request.matchdict:
comment = MediaComment.query.filter_by(
id=request.matchdict['comment']).first()
if comment is None:
return render_404(request)
return controller(request, comment=comment, *args, **kwargs)
else:
return controller(request, comment=None, *args, **kwargs)
def wrapper(request, *args, **kwargs):
if 'comment' in request.matchdict:
comment = Comment.query.filter_by(
id=request.matchdict['comment']).first()
if comment is None:
return render_404(request)
return controller(request, comment=comment, *args, **kwargs)
else:
return controller(request, comment=None, *args, **kwargs)
def blog_delete(request, **kwargs):
"""
Deletes a blog and media entries, tags associated with it.
"""
url_user = request.matchdict.get('user')
owner_user = request.db.LocalUser.query.filter(
LocalUser.username==url_user
).first()
blog_slug = request.matchdict.get('blog_slug', None)
blog = get_blog_by_slug(request, blog_slug, author=owner_user.id)
if not blog:
return render_404(request)
form = blog_forms.ConfirmDeleteForm(request.form)
if request.user.id == blog.author or request.user.has_privilege(u'admin'):
if request.method == 'POST' and form.validate():
if form.confirm.data is True:
blog.delete()
messages.add_message(
request,
messages.SUCCESS,
_('You deleted the Blog.'))
return redirect(request, "mediagoblin.media_types.blog.blog_admin_dashboard",
user=request.user.username)
else:
messages.add_message(
request,
messages.ERROR,
_("The media was not deleted because you didn't check "
"that you were sure."))
return redirect(request, "mediagoblin.media_types.blog.blog_admin_dashboard",
user=request.user.username)
else:
if request.user.has_privilege(u'admin'):
messages.add_message(
request,
messages.WARNING,
_("You are about to delete another user's Blog. "
"Proceed with caution."))
return render_to_response(
request,
'mediagoblin/blog/blog_confirm_delete.html',
{'blog':blog,
'form':form
})
else:
messages.add_message(
request,
messages.ERROR,
_("The blog was not deleted because you have no rights."))
return redirect(request, "mediagoblin.media_types.blog.blog_admin_dashboard",
user=request.user.username)
def processing_panel(request):
"""
Show to the user what media is still in conversion/processing...
and what failed, and why!
"""
# Get the user
user = request.db.User.find_one(
{'username': request.matchdict['user'],
'status': u'active'})
# Make sure the user exists and is active
if not user:
return render_404(request)
elif user.status != u'active':
return render_to_response(
request,
'mediagoblin/user_pages/user.html',
{'user': user})
# XXX: Should this be a decorator?
#
# Make sure we have permission to access this user's panel. Only
# admins and this user herself should be able to do so.
if not (user._id == request.user._id
or request.user.is_admin):
# No? Let's simply redirect to this user's homepage then.
return redirect(
request, 'mediagoblin.user_pages.user_home',
user=request.matchdict['user'])
# Get media entries which are in-processing
processing_entries = request.db.MediaEntry.find(
{'uploader': user._id,
'state': u'processing'}).sort('created', DESCENDING)
# Get media entries which have failed to process
failed_entries = request.db.MediaEntry.find(
{'uploader': user._id,
'state': u'failed'}).sort('created', DESCENDING)
processed_entries = request.db.MediaEntry.find(
{'uploader': user._id,
'state': u'processed'}).sort('created', DESCENDING).limit(10)
# Render to response
return render_to_response(
request,
'mediagoblin/user_pages/processing_panel.html',
{'user': user,
'processing_entries': processing_entries,
'failed_entries': failed_entries,
'processed_entries': processed_entries})
def wrapper(request, *args, **kwargs):
user = request.db.User.find_one(
{'username': request.matchdict['user']})
if not user:
return render_404(request)
media = request.db.MediaEntry.find_one(
{'slug': request.matchdict['media'],
'state': u'processed',
'uploader': user.id})
# no media via slug? Grab it via object id
if not media:
media = MediaEntry.query.filter_by(
id=request.matchdict['media'],
state=u'processed',
uploader=user.id).first()
# Still no media? Okay, 404.
if not media:
return render_404(request)
return controller(request, media=media, *args, **kwargs)
def blog_delete(request, **kwargs):
"""
Deletes a blog and media entries, tags associated with it.
"""
url_user = request.matchdict.get('user')
owner_user = request.db.LocalUser.query.filter(
LocalUser.username == url_user).first()
blog_slug = request.matchdict.get('blog_slug', None)
blog = get_blog_by_slug(request, blog_slug, author=owner_user.id)
if not blog:
return render_404(request)
form = blog_forms.ConfirmDeleteForm(request.form)
if request.user.id == blog.author or request.user.has_privilege(u'admin'):
if request.method == 'POST' and form.validate():
if form.confirm.data is True:
blog.delete()
messages.add_message(request, messages.SUCCESS,
_('You deleted the Blog.'))
return redirect(
request,
"mediagoblin.media_types.blog.blog_admin_dashboard",
user=request.user.username)
else:
messages.add_message(
request, messages.ERROR,
_("The media was not deleted because you didn't check "
"that you were sure."))
return redirect(
request,
"mediagoblin.media_types.blog.blog_admin_dashboard",
user=request.user.username)
else:
if request.user.has_privilege(u'admin'):
messages.add_message(
request, messages.WARNING,
_("You are about to delete another user's Blog. "
"Proceed with caution."))
return render_to_response(
request, 'mediagoblin/blog/blog_confirm_delete.html', {
'blog': blog,
'form': form
})
else:
messages.add_message(
request, messages.ERROR,
_("The blog was not deleted because you have no rights."))
return redirect(request,
"mediagoblin.media_types.blog.blog_admin_dashboard",
user=request.user.username)
def verify_email(request):
"""
Email verification view
validates GET parameters against database and unlocks the user account, if
you are lucky :)
"""
# If we don't have userid and token parameters, we can't do anything; 404
if not 'token' in request.GET:
return render_404(request)
# Catch error if token is faked or expired
try:
token = get_timed_signer_url("mail_verification_token") \
.loads(request.GET['token'], max_age=10*24*3600)
except BadSignature:
messages.add_message(
request,
messages.ERROR,
_('The verification key or user id is incorrect.'))
return redirect(
request,
'index')
user = User.query.filter_by(id=int(token)).first()
if user and user.has_privilege(u'active') is False:
user.verification_key = None
user.all_privileges.append(
Privilege.query.filter(
Privilege.privilege_name==u'active').first())
user.save()
messages.add_message(
request,
messages.SUCCESS,
_("Your email address has been verified. "
"You may now login, edit your profile, and submit images!"))
else:
messages.add_message(
request,
messages.ERROR,
_('The verification key or user id is incorrect'))
return redirect(
request, 'mediagoblin.user_pages.user_home',
user=user.username)
def edit_media(request, media):
# If media is not processed, return NotFound.
if not media.state == 'processed':
return render_404(request)
if not may_edit_media(request, media):
raise Forbidden("User may not edit this media")
defaults = dict(title=media.title,
slug=media.slug,
description=media.description,
tags=media_tags_as_string(media.tags),
license=media.license)
form = forms.EditForm(request.method == 'POST' and request.form or None,
**defaults)
if request.method == 'POST' and form.validate():
# Make sure there isn't already a MediaEntry with such a slug
# and userid.
slug = slugify(form.slug.data)
slug_used = check_media_slug_used(media.actor, slug, media.id)
if slug_used:
form.slug.errors.append(
_('An entry with that slug already exists for this user.'))
else:
media.title = form.title.data
media.description = form.description.data
media.tags = convert_to_tag_list_of_dicts(form.tags.data)
media.license = str(form.license.data) or None
media.slug = slug
media.save()
return redirect_obj(request, media)
if request.user.has_privilege('admin') \
and media.actor != request.user.id \
and request.method != 'POST':
messages.add_message(
request, messages.WARNING,
_("You are editing another user's media. Proceed with caution."))
return render_to_response(request, 'mediagoblin/edit/edit.html', {
'media': media,
'form': form
})
def draft_view(request):
blog_slug = request.matchdict.get('blog_slug', None)
blog_post_slug = request.matchdict.get('blog_post_slug', None)
user = request.matchdict.get('user')
blog = get_blog_by_slug(request, blog_slug, author=request.user.id)
blogpost = request.db.MediaEntry.query.filter_by(
state=u'failed', actor=request.user.id, slug=blog_post_slug).first()
if not blog or not blogpost:
return render_404(request)
return render_to_response(request,
'mediagoblin/blog/blogpost_draft_view.html', {
'blogpost': blogpost,
'blog': blog
})
def blog_post_listing(request):
blog_owner = request.matchdict.get('user')
blog_slug = request.matchdict.get('blog_slug', None)
owner_user = User.query.filter_by(username=blog_owner).one()
blog = request.db.Blog.query.filter_by(author=request.user.id,
slug=blog_slug).first()
if not owner_user or not blog:
return render_404(request)
all_blog_posts = get_all_blogposts_of_blog(request, blog, u'processed')
return render_to_response(request,
'mediagoblin/blog/blog_post_listing.html', {
'blog_posts': all_blog_posts,
'blog_owner': blog_owner
})
def blogpost_create(request):
form = blog_forms.BlogPostEditForm(request.form,
license=request.user.license_preference)
if request.method == 'POST' and form.validate():
blog_slug = request.matchdict.get('blog_slug')
blog = request.db.Blog.query.filter_by(slug=blog_slug,
author=request.user.id).first()
if not blog:
return render_404(request)
blogpost = request.db.MediaEntry()
blogpost.media_type = 'mediagoblin.media_types.blogpost'
blogpost.title = unicode(form.title.data)
blogpost.description = unicode(
cleaned_markdown_conversion((form.description.data)))
blogpost.tags = convert_to_tag_list_of_dicts(form.tags.data)
blogpost.license = unicode(form.license.data) or None
blogpost.uploader = request.user.id
blogpost.generate_slug()
set_blogpost_state(request, blogpost)
blogpost.save()
# connect this blogpost to its blog
blog_post_data = request.db.BlogPostData()
blog_post_data.blog = blog.id
blog_post_data.media_entry = blogpost.id
blog_post_data.save()
add_message(request, SUCCESS, _('Woohoo! Submitted!'))
add_comment_subscription(request.user, blogpost)
return redirect(request,
"mediagoblin.media_types.blog.blog-dashboard",
user=request.user.username,
blog_slug=blog.slug)
return render_to_response(
request, 'mediagoblin/blog/blog_post_edit_create.html', {
'form': form,
'app_config': mg_globals.app_config,
'user': request.user.username
})
def blogpost_edit(request):
blog_slug = request.matchdict.get('blog_slug', None)
blog_post_slug = request.matchdict.get('blog_post_slug', None)
blogpost = request.db.MediaEntry.query.filter_by(
slug=blog_post_slug, uploader=request.user.id).first()
blog = get_blog_by_slug(request, blog_slug, author=request.user.id)
if not blogpost or not blog:
return render_404(request)
defaults = dict(title=blogpost.title,
description=cleaned_markdown_conversion(
blogpost.description),
tags=media_tags_as_string(blogpost.tags),
license=blogpost.license)
form = blog_forms.BlogPostEditForm(request.form, **defaults)
if request.method == 'POST' and form.validate():
blogpost.title = six.text_type(form.title.data)
blogpost.description = six.text_type(
cleaned_markdown_conversion((form.description.data)))
blogpost.tags = convert_to_tag_list_of_dicts(form.tags.data)
blogpost.license = six.text_type(form.license.data)
set_blogpost_state(request, blogpost)
blogpost.generate_slug()
blogpost.save()
add_message(request, SUCCESS,
_('Woohoo! edited blogpost is submitted'))
return redirect(request,
"mediagoblin.media_types.blog.blog-dashboard",
user=request.user.username,
blog_slug=blog.slug)
return render_to_response(
request, 'mediagoblin/blog/blog_post_edit_create.html', {
'form': form,
'app_config': mg_globals.app_config,
'user': request.user.username,
'blog_post_slug': blog_post_slug
})
def verify_email(request):
"""
Email verification view
validates GET parameters against database and unlocks the user account, if
you are lucky :)
"""
# If we don't have userid and token parameters, we can't do anything; 404
if not 'token' in request.GET:
return render_404(request)
# Catch error if token is faked or expired
try:
token = get_timed_signer_url("mail_verification_token") \
.loads(request.GET['token'], max_age=10*24*3600)
except BadSignature:
messages.add_message(
request, messages.ERROR,
_('The verification key or user id is incorrect.'))
return redirect(request, 'index')
user = User.query.filter_by(id=int(token)).first()
if user and user.has_privilege(u'active') is False:
user.verification_key = None
user.all_privileges.append(
Privilege.query.filter(
Privilege.privilege_name == u'active').first())
user.save()
messages.add_message(
request, messages.SUCCESS,
_("Your email address has been verified. "
"You may now login, edit your profile, and submit images!"))
else:
messages.add_message(request, messages.ERROR,
_('The verification key or user id is incorrect'))
return redirect(request,
'mediagoblin.user_pages.user_home',
user=user.username)
def verify_email(request):
"""
Email verification view for changing email address
"""
# If no token, we can't do anything
if not 'token' in request.GET:
return render_404(request)
# Catch error if token is faked or expired
token = None
try:
token = get_timed_signer_url("mail_verification_token") \
.loads(request.GET['token'], max_age=10*24*3600)
except BadSignature:
messages.add_message(
request,
messages.ERROR,
_('The verification key or user id is incorrect.'))
return redirect(
request,
'index')
user = User.query.filter_by(id=int(token['user'])).first()
if user:
user.email = token['email']
user.save()
messages.add_message(
request,
messages.SUCCESS,
_('Your email address has been verified.'))
else:
messages.add_message(
request,
messages.ERROR,
_('The verification key or user id is incorrect.'))
return redirect(
request, 'mediagoblin.user_pages.user_home',
user=user.username)
def blog_about_view(request):
"""
Page containing blog description and statistics
"""
blog_slug = request.matchdict.get('blog_slug', None)
url_user = request.matchdict.get('user', None)
user = request.db.User.query.filter_by(username=url_user).first()
blog = get_blog_by_slug(request, blog_slug, author=user.id)
if not user or not blog:
return render_404(request)
else:
blog_posts_processed = blog.get_all_blog_posts(u'processed').count()
return render_to_response(request, 'mediagoblin/blog/blog_about.html',
{
'user': user,
'blog': blog,
'blogpost_count': blog_posts_processed
})
def blog_dashboard(request, page, url_user=None):
"""
Dashboard for a blog, only accessible to
the owner of the blog.
"""
blog_slug = request.matchdict.get('blog_slug', None)
blogs = request.db.Blog.query.filter_by(author=url_user.id)
config = pluginapi.get_config('mediagoblin.media_types.blog')
max_blog_count = config['max_blog_count']
if request.user and (request.user.id == url_user.id
or request.user.has_privilege(u'admin')):
if blog_slug:
blog = get_blog_by_slug(request, blog_slug)
if not blog:
return render_404(request)
else:
blog_posts_list = blog.get_all_blog_posts().order_by(
MediaEntry.created.desc())
pagination = Pagination(page, blog_posts_list)
pagination.per_page = 15
blog_posts_on_a_page = pagination()
if may_edit_blogpost(request, blog):
return render_to_response(
request, 'mediagoblin/blog/blog_admin_dashboard.html',
{
'blog_posts_list': blog_posts_on_a_page,
'blog_slug': blog_slug,
'blog': blog,
'user': url_user,
'pagination': pagination
})
if not request.user or request.user.id != url_user.id or not blog_slug:
blogs = blogs.all()
return render_to_response(request,
'mediagoblin/blog/list_of_blogs.html', {
'blogs': blogs,
'user': url_user,
'max_blog_count': max_blog_count
})
def blog_post_listing(request, page, url_user=None):
"""
Page, listing all the blog posts of a particular blog.
"""
blog_slug = request.matchdict['blog_slug']
blog = get_blog_by_slug(request, blog_slug, author=url_user.id)
if not blog:
return render_404(request)
all_blog_posts = blog.get_all_blog_posts(u'processed').order_by(
MediaEntry.created.desc())
pagination = Pagination(page, all_blog_posts)
pagination.per_page = 8
blog_posts_on_a_page = pagination()
return render_to_response(
request, 'mediagoblin/blog/blog_post_listing.html', {
'blog_posts': blog_posts_on_a_page,
'pagination': pagination,
'blog_owner': url_user,
'blog': blog
})
def blog_dashboard(request):
url_user = request.matchdict.get('user')
blog_posts_list = []
blog_slug = request.matchdict.get('blog_slug', None)
_log.info(blog_slug)
blog = request.db.Blog.query.filter_by(slug=blog_slug).first()
if not blog:
return render_404(request)
blog_posts_list = get_all_blogposts_of_blog(request, blog)
blog_post_count = blog_posts_list.count()
if may_edit_blogpost(request, blog):
return render_to_response(
request, 'mediagoblin/blog/blog_admin_dashboard.html', {
'blog_posts_list': blog_posts_list,
'blog_slug': blog_slug,
'blog': blog,
'blog_post_count': blog_post_count
})
