[mediagoblin.git] / mediagoblin / decorators.py

# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.


from webob import exc

from mediagoblin.tools.response import redirect, render_404
from mediagoblin.db.util import ObjectId, InvalidId


def _make_safe(decorator, original):
    """
    Copy the function data from the old function to the decorator.
    """
    decorator.__name__ = original.__name__
    decorator.__dict__ = original.__dict__
    decorator.__doc__ = original.__doc__
    return decorator


def require_active_login(controller):
    """
    Require an active login from the user.
    """
    def new_controller_func(request, *args, **kwargs):
        if request.user and \
                request.user.get('status') == u'needs_email_verification':
            return redirect(
                request, 'mediagoblin.user_pages.user_home',
                user=request.user.username)
        elif not request.user or request.user.get('status') != u'active':
            return exc.HTTPFound(
                location="%s?next=%s" % (
                    request.urlgen("mediagoblin.auth.login"),
                    request.full_path))

        return controller(request, *args, **kwargs)

    return _make_safe(new_controller_func, controller)


def user_may_delete_media(controller):
    """
    Require user ownership of the MediaEntry to delete.
    """
    def wrapper(request, *args, **kwargs):
        uploader_id = request.db.MediaEntry.find_one(
            {'_id': ObjectId(request.matchdict['media'])}).uploader
        if not (request.user.is_admin or
                request.user._id == uploader_id):
            return exc.HTTPForbidden()

        return controller(request, *args, **kwargs)

    return _make_safe(wrapper, controller)


def uses_pagination(controller):
    """
    Check request GET 'page' key for wrong values
    """
    def wrapper(request, *args, **kwargs):
        try:
            page = int(request.GET.get('page', 1))
            if page < 0:
                return render_404(request)
        except ValueError:
            return render_404(request)

        return controller(request, page=page, *args, **kwargs)

    return _make_safe(wrapper, controller)


def get_user_media_entry(controller):
    """
    Pass in a MediaEntry based off of a url component
    """
    def wrapper(request, *args, **kwargs):
        user = request.db.User.find_one(
            {'username': request.matchdict['user']})

        if not user:
            return render_404(request)
        media = request.db.MediaEntry.find_one(
            {'slug': request.matchdict['media'],
             'state': u'processed',
             'uploader': user._id})

        # no media via slug?  Grab it via ObjectId
        if not media:
            try:
                media = request.db.MediaEntry.find_one(
                    {'_id': ObjectId(request.matchdict['media']),
                     'state': u'processed',
                     'uploader': user._id})
            except InvalidId:
                return render_404(request)

            # Still no media?  Okay, 404.
            if not media:
                return render_404(request)

        return controller(request, media=media, *args, **kwargs)

    return _make_safe(wrapper, controller)


def get_media_entry_by_id(controller):
    """
    Pass in a MediaEntry based off of a url component
    """
    def wrapper(request, *args, **kwargs):
        try:
            media = request.db.MediaEntry.find_one(
                {'_id': ObjectId(request.matchdict['media']),
                 'state': u'processed'})
        except InvalidId:
            return render_404(request)

        # Still no media?  Okay, 404.
        if not media:
            return render_404(request)

        return controller(request, media=media, *args, **kwargs)

    return _make_safe(wrapper, controller)
Commit	Line	Data
bb3eaf20	1	# GNU MediaGoblin -- federated, autonomous media hosting
cf29e8a8	2	# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
bb3eaf20 CAW	3	#
	4	# This program is free software: you can redistribute it and/or modify
	5	# it under the terms of the GNU Affero General Public License as published by
	6	# the Free Software Foundation, either version 3 of the License, or
	7	# (at your option) any later version.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU Affero General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16
	17
	18	from webob import exc
	19
152a3bfa	20	from mediagoblin.tools.response import redirect, render_404
3efdd97c	21	from mediagoblin.db.util import ObjectId, InvalidId
724933b1	22
bb3eaf20 CAW	23
	24	def _make_safe(decorator, original):
	25	"""
	26	Copy the function data from the old function to the decorator.
	27	"""
	28	decorator.__name__ = original.__name__
	29	decorator.__dict__ = original.__dict__
	30	decorator.__doc__ = original.__doc__
	31	return decorator
	32
	33
	34	def require_active_login(controller):
	35	"""
	36	Require an active login from the user.
	37	"""
	38	def new_controller_func(request, args, *kwargs):
a72c504b CAW	39	if request.user and \
a72c504b CAW	40	request.user.get('status') == u'needs_email_verification':
d43b472a CAW	41	return redirect(
d43b472a CAW	42	request, 'mediagoblin.user_pages.user_home',
5a4e3ff1	43	user=request.user.username)
bcec749b	44	elif not request.user or request.user.get('status') != u'active':
bb3eaf20	45	return exc.HTTPFound(
7eba0306 CAW	46	location="%s?next=%s" % (
7eba0306 CAW	47	request.urlgen("mediagoblin.auth.login"),
05788ef4	48	request.full_path))
bb3eaf20 CAW	49
	50	return controller(request, args, *kwargs)
	51
	52	return _make_safe(new_controller_func, controller)
3eb6fc4f	53
53c5e0b0	54
502073f2 JW	55	def user_may_delete_media(controller):
502073f2 JW	56	"""
53c5e0b0	57	Require user ownership of the MediaEntry to delete.
502073f2 JW	58	"""
502073f2 JW	59	def wrapper(request, args, *kwargs):
4deda94a E	60	uploader_id = request.db.MediaEntry.find_one(
4deda94a E	61	{'_id': ObjectId(request.matchdict['media'])}).uploader
bec591d8	62	if not (request.user.is_admin or
4deda94a	63	request.user._id == uploader_id):
502073f2 JW	64	return exc.HTTPForbidden()
	65
	66	return controller(request, args, *kwargs)
	67
	68	return _make_safe(wrapper, controller)
	69
3eb6fc4f BK	70
	71	def uses_pagination(controller):
	72	"""
	73	Check request GET 'page' key for wrong values
	74	"""
	75	def wrapper(request, args, *kwargs):
	76	try:
1301a8ad	77	page = int(request.GET.get('page', 1))
3eb6fc4f	78	if page < 0:
de12b4e7	79	return render_404(request)
3eb6fc4f	80	except ValueError:
de12b4e7	81	return render_404(request)
3eb6fc4f	82
439e37f7	83	return controller(request, page=page, args, *kwargs)
3eb6fc4f	84
3c2567ac	85	return _make_safe(wrapper, controller)
724933b1 CAW	86
724933b1 CAW	87
01674e10	88	def get_user_media_entry(controller):
724933b1 CAW	89	"""
	90	Pass in a MediaEntry based off of a url component
	91	"""
	92	def wrapper(request, args, *kwargs):
01674e10 CAW	93	user = request.db.User.find_one(
	94	{'username': request.matchdict['user']})
	95
	96	if not user:
de12b4e7	97	return render_404(request)
724933b1 CAW	98	media = request.db.MediaEntry.find_one(
724933b1 CAW	99	{'slug': request.matchdict['media'],
5bd0adeb	100	'state': u'processed',
eabe6b67	101	'uploader': user._id})
724933b1 CAW	102
	103	# no media via slug? Grab it via ObjectId
	104	if not media:
01674e10 CAW	105	try:
	106	media = request.db.MediaEntry.find_one(
	107	{'_id': ObjectId(request.matchdict['media']),
5bd0adeb	108	'state': u'processed',
eabe6b67	109	'uploader': user._id})
01674e10	110	except InvalidId:
de12b4e7	111	return render_404(request)
724933b1 CAW	112
	113	# Still no media? Okay, 404.
	114	if not media:
de12b4e7	115	return render_404(request)
724933b1 CAW	116
	117	return controller(request, media=media, args, *kwargs)
	118
	119	return _make_safe(wrapper, controller)
aba81c9f	120
243c3843	121
aba81c9f E	122	def get_media_entry_by_id(controller):
	123	"""
	124	Pass in a MediaEntry based off of a url component
	125	"""
	126	def wrapper(request, args, *kwargs):
	127	try:
	128	media = request.db.MediaEntry.find_one(
	129	{'_id': ObjectId(request.matchdict['media']),
5bd0adeb	130	'state': u'processed'})
aba81c9f	131	except InvalidId:
de12b4e7	132	return render_404(request)
aba81c9f E	133
	134	# Still no media? Okay, 404.
	135	if not media:
de12b4e7	136	return render_404(request)
aba81c9f E	137
	138	return controller(request, media=media, args, *kwargs)
	139
	140	return _make_safe(wrapper, controller)