def login(request):
if request.method == "GET":
form = LoginForm()
# It is important to set next to a sensible default value if not defined so POST can avoid None values later.
redirect_path = request.GET.get("next", default="/dashboard/")
else:
form = LoginForm(request.POST)
redirect_path = request.POST.get("next", default="")
if not redirect_path:
redirect_path = "/dashboard"
if form.is_valid():
mail = form.cleaned_data["email"]
logger.info("Trying to authenticate user %s", mail)
user = authenticate(
username=mail, password=form.cleaned_data["password"])
# Since 1.10, inactive user are not allowed to login anymore.
if user is not None:
logger.info(
"User credentials are valid. Redirecting to %s", redirect_path)
auth_login(request, user)
response = HttpResponseRedirect(redirect_path)
set_cookie(response, "quota", user.userprofile.quota)
set_cookie(response, "used_space",
user.userprofile.used_space)
return response
else:
logger.info(
"Could not authenticate user with given credentials.")
form.errors["__all__"] = form.error_class(
[_("CREDENTIALS_ERROR")])
return render(request, "account/login.html", {"form": form, "next": redirect_path})
def insert(request):
logger.info("Request files %s; Request post %s" %
(request.FILES, request.POST))
form = PhotoCheckForm(request.POST, request.FILES, auto_id=False)
if form.is_valid():
place = form.cleaned_data["place"]
logger.info("User %d is trying to insert a new Photo into Place %d." %
(request.user.pk, place.pk))
# ===================================================================
# check place
# ===================================================================
if not is_authorized(place, request.user):
logger.warn(
"User %s not authorized to insert a new Photo in Place %d. Aborting."
% (request.user, place.pk))
return error("This is not your place!")
# ===================================================================
# check & convert image
# ===================================================================
try:
original, thumb = create_thumb(request.FILES["photo"])
except Exception as e:
logger.error("Could not create thumb. Reason: %s", str(e))
return error(str(e))
# ===================================================================
# check upload limit
# ===================================================================
size = get_size(original)
userprofile = request.user.userprofile
if userprofile.used_space + size > userprofile.quota:
return error(
"No more space left. Delete or resize some older photos.")
photo = Photo(**form.cleaned_data, order=0, size=size)
# Necessary to avoid "multiple values for argument" error
photo.photo = original
photo.thumb = thumb
userprofile.used_space += photo.size
userprofile.save()
photo.save()
logger.info("Photo %d inserted with order %d and size %d." %
(photo.pk, photo.order, photo.size))
response = success(photo)
set_cookie(response, "used_space", userprofile.used_space)
return response
else:
return error(str(form.errors))
def delete(request, album_id):
try:
album_id = int(album_id)
logger.info("User %d is trying to delete Album %d." %
(request.user.pk, album_id))
album = Album.objects.get(user=request.user, pk=album_id)
size = 0
for place in Place.objects.filter(album=album):
for photo in Photo.objects.filter(place=place):
size += photo.size
album.delete()
# Free space for user.
used_space = update_used_space(request.user, -1 * size)
logger.info("Album %d deleted." % album_id)
response = success()
set_cookie(response, "used_space", used_space)
return response
except (KeyError, Album.DoesNotExist) as e:
logger.warn("Something unexpected happened: %s" % str(e))
return error(str(e))
def delete(request, photo_id):
try:
photo_id = int(photo_id)
logger.info("User %d is trying to delete Photo %d." %
(request.user.pk, photo_id))
photo = Photo.objects.get(pk=photo_id)
if not is_authorized(photo, request.user):
logger.warn(
"User %s not authorized to delete Photo %d. Aborting." %
(request.user, photo_id))
return error("not your photo")
used_space = update_used_space(request.user, -1 * photo.size)
logger.info("Photo %d deleted." % photo_id)
photo.delete()
response = success()
set_cookie(response, "used_space", used_space)
return response
except (KeyError, Photo.DoesNotExist) as e:
logger.error("Something unexpected happened: %s" % str(e))
return error(str(e))
def delete(request, place_id):
try:
place_id = int(place_id)
logger.info("User %d is trying to delete Place %d." %
(request.user.pk, place_id))
place = Place.objects.get(pk=place_id)
if not is_authorized(place, request.user):
logger.warn(
"User %d not authorized to delete Place %d. Aborting." %
(request.user.pk, place_id))
# TODO Add localization.
return error("not your place")
size = 0
for photo in Photo.objects.filter(place=place):
size += photo.size
used_space = update_used_space(request.user, -1 * size)
place.delete()
logger.info("Place %d deleted." % place_id)
response = success()
set_cookie(response, "used_space", used_space)
return response
except Place.DoesNotExist as e:
return error(str(e))