def register(request):
"""
Your classic registration view!
"""
register_form = auth_forms.RegistrationForm(request.POST)
if request.method == 'POST' and register_form.validate():
# TODO: Make sure the user doesn't exist already
users_with_username = \
request.db.User.find({
'username': request.POST['username'].lower()
}).count()
if users_with_username:
register_form.username.errors.append(
u'Sorry, a user with that name already exists.')
else:
# Create the user
entry = request.db.User()
entry['username'] = request.POST['username'].lower()
entry['email'] = request.POST['email']
entry['pw_hash'] = auth_lib.bcrypt_gen_password_hash(
request.POST['password'])
entry.save(validate=True)
send_verification_email(entry, request)
return redirect(request, "mediagoblin.auth.register_success")
return render_to_response(request, 'mediagoblin/auth/register.html',
{'register_form': register_form})
def simple_template_render(request):
"""
A view for absolutely simple template rendering.
Just make sure 'template' is in the matchdict!
"""
template_name = request.matchdict['template']
return render_to_response(request, template_name, {})
def verify_email(request):
"""
Email verification view
validates GET parameters against database and unlocks the user account, if
you are lucky :)
"""
# If we don't have userid and token parameters, we can't do anything; 404
if not request.GET.has_key('userid') or not request.GET.has_key('token'):
return exc.HTTPNotFound()
user = request.db.User.find_one(
{'_id': ObjectId(unicode(request.GET['userid']))})
if user and user['verification_key'] == unicode(request.GET['token']):
user['status'] = u'active'
user['email_verified'] = True
verification_successful = True
user.save()
else:
verification_successful = False
return render_to_response(
request, 'mediagoblin/auth/verify_email.html', {
'user': user,
'verification_successful': verification_successful
})
def root_view(request):
media_entries = request.db.MediaEntry.find(
{u'state': u'processed'}).sort('created', DESCENDING)
return render_to_response(
request, 'mediagoblin/root.html',
{'media_entries': media_entries})
def user_gallery(request, page):
"""'Gallery' of a User()"""
user = request.db.User.find_one({
'username': request.matchdict['user'],
'status': 'active'
})
if not user:
return exc.HTTPNotFound()
cursor = request.db.MediaEntry.find({
'uploader': user['_id'],
'state': 'processed'
}).sort('created', DESCENDING)
pagination = Pagination(page, cursor)
media_entries = pagination()
#if no data is available, return NotFound
if media_entries == None:
return exc.HTTPNotFound()
return render_to_response(request, 'mediagoblin/user_pages/gallery.html', {
'user': user,
'media_entries': media_entries,
'pagination': pagination
})
def root_view(request):
media_entries = request.db.MediaEntry.find({
u'state': u'processed'
}).sort('created', DESCENDING)
return render_to_response(request, 'mediagoblin/root.html',
{'media_entries': media_entries})
def simple_template_render(request):
"""
A view for absolutely simple template rendering.
Just make sure 'template' is in the matchdict!
"""
template_name = request.matchdict['template']
return render_to_response(
request, template_name, {})
def media_home(request, media, **kwargs):
"""
'Homepage' of a MediaEntry()
"""
comment_form = user_forms.MediaCommentForm(request.POST)
(comments, pagination) = media.get_comments(kwargs.get('page'))
return render_to_response(
request, 'mediagoblin/user_pages/media.html', {
'media': media,
'comments': comments,
'pagination': pagination,
'comment_form': comment_form
})
def edit_profile(request):
user = request.user
form = forms.EditProfileForm(request.POST,
url = user.get('url'),
bio = user.get('bio'))
if request.method == 'POST' and form.validate():
user['url'] = request.POST['url']
user['bio'] = request.POST['bio']
user.save()
return redirect(request, "index", user=user['username'])
return render_to_response(
request,
'mediagoblin/edit/edit_profile.html',
{'user': user,
'form': form})
def edit_media(request, media):
if not may_edit_media(request, media):
return exc.HTTPForbidden()
form = forms.EditForm(request.POST,
title = media['title'],
slug = media['slug'],
description = media['description'])
if request.method == 'POST' and form.validate():
# Make sure there isn't already a MediaEntry with such a slug
# and userid.
existing_user_slug_entries = request.db.MediaEntry.find(
{'slug': request.POST['slug'],
'uploader': media['uploader'],
'_id': {'$ne': media['_id']}}).count()
if existing_user_slug_entries:
form.slug.errors.append(
u'An entry with that slug already exists for this user.')
else:
media['title'] = request.POST['title']
media['description'] = request.POST.get('description')
md = markdown.Markdown(
safe_mode = 'escape')
media['description_html'] = clean_html(
md.convert(
media['description']))
media['slug'] = request.POST['slug']
media.save()
return redirect(request, "mediagoblin.user_pages.media_home",
user=media.uploader()['username'], media=media['slug'])
return render_to_response(
request,
'mediagoblin/edit/edit.html',
{'media': media,
'form': form})
def login(request):
"""
MediaGoblin login view.
If you provide the POST with 'next', it'll redirect to that view.
"""
login_form = auth_forms.LoginForm(request.POST)
login_failed = False
if request.method == 'POST' and login_form.validate():
user = request.db.User.one(
{'username': request.POST['username'].lower()})
if user and user.check_login(request.POST['password']):
# set up login in session
request.session['user_id'] = unicode(user['_id'])
request.session.save()
if request.POST.get('next'):
return exc.HTTPFound(location=request.POST['next'])
else:
return redirect(request, "index")
else:
# Prevent detecting who's on this system by testing login
# attempt timings
auth_lib.fake_login_attempt()
login_failed = True
return render_to_response(
request, 'mediagoblin/auth/login.html', {
'login_form': login_form,
'next': request.GET.get('next') or request.POST.get('next'),
'login_failed': login_failed
})
def submit_success(request):
return render_to_response(
request, 'mediagoblin/submit/success.html', {})
def submit_start(request):
"""
First view for submitting a file.
"""
submit_form = submit_forms.SubmitStartForm(request.POST)
if request.method == 'POST' and submit_form.validate():
if not (request.POST.has_key('file')
and isinstance(request.POST['file'], FieldStorage)
and request.POST['file'].file):
submit_form.file.errors.append(
u'You must provide a file.')
elif not security.check_filetype(request.POST['file']):
submit_form.file.errors.append(
u'The file doesn\'t seem to be an image!')
else:
filename = request.POST['file'].filename
# create entry and save in database
entry = request.db.MediaEntry()
entry['title'] = (
request.POST['title']
or unicode(splitext(filename)[0]))
entry['description'] = request.POST.get('description')
entry['description_html'] = cleaned_markdown_conversion(
entry['description'])
entry['media_type'] = u'image' # heh
entry['uploader'] = request.user['_id']
# Save, just so we can get the entry id for the sake of using
# it to generate the file path
entry.save(validate=False)
# Generate a slug from the title
entry.generate_slug()
# Now store generate the queueing related filename
queue_filepath = request.app.queue_store.get_unique_filepath(
['media_entries',
unicode(entry['_id']),
secure_filename(filename)])
# queue appropriately
queue_file = request.app.queue_store.get_file(
queue_filepath, 'wb')
with queue_file:
queue_file.write(request.POST['file'].file.read())
# Add queued filename to the entry
entry['queued_media_file'] = queue_filepath
entry.save(validate=True)
# queue it for processing
process_media_initial.delay(unicode(entry['_id']))
return redirect(request, "mediagoblin.submit.success")
return render_to_response(
request,
'mediagoblin/submit/start.html',
{'submit_form': submit_form})