Commit | Line | Data |
---|---|---|
9bfe1d8e | 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
cf29e8a8 | 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
9bfe1d8e E |
3 | # |
4 | # This program is free software: you can redistribute it and/or modify | |
5 | # it under the terms of the GNU Affero General Public License as published by | |
6 | # the Free Software Foundation, either version 3 of the License, or | |
7 | # (at your option) any later version. | |
8 | # | |
9 | # This program is distributed in the hope that it will be useful, | |
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | # GNU Affero General Public License for more details. | |
13 | # | |
14 | # You should have received a copy of the GNU Affero General Public License | |
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
aba81c9f | 16 | |
1c63ad5d | 17 | from webob import exc |
3a8c3a38 JW |
18 | from cgi import FieldStorage |
19 | from datetime import datetime | |
20 | ||
21 | from werkzeug.utils import secure_filename | |
aba81c9f | 22 | |
d9ed098e | 23 | from mediagoblin import messages |
10d7496d | 24 | from mediagoblin import mg_globals |
152a3bfa | 25 | |
4837b2f2 | 26 | from mediagoblin.auth import lib as auth_lib |
aba81c9f | 27 | from mediagoblin.edit import forms |
0732236e | 28 | from mediagoblin.edit.lib import may_edit_media |
8cd5d4f8 | 29 | from mediagoblin.decorators import require_active_login, get_user_media_entry |
152a3bfa AW |
30 | from mediagoblin.tools.response import render_to_response, redirect |
31 | from mediagoblin.tools.translate import pass_to_ugettext as _ | |
32 | from mediagoblin.tools.text import ( | |
a855e92a | 33 | convert_to_tag_list_of_dicts, media_tags_as_string) |
b62b3b98 | 34 | from mediagoblin.db.util import check_media_slug_used |
c849e690 | 35 | |
97ec97db | 36 | |
8cd5d4f8 | 37 | @get_user_media_entry |
aba81c9f E |
38 | @require_active_login |
39 | def edit_media(request, media): | |
c849e690 E |
40 | if not may_edit_media(request, media): |
41 | return exc.HTTPForbidden() | |
42 | ||
2c437493 | 43 | defaults = dict( |
ec82fbd8 | 44 | title=media.title, |
5da0bf90 | 45 | slug=media.slug, |
1d939966 | 46 | description=media.description, |
a6c49d49 | 47 | tags=media_tags_as_string(media.tags), |
97ec97db | 48 | license=media.license) |
aba81c9f | 49 | |
2c437493 JW |
50 | form = forms.EditForm( |
51 | request.POST, | |
52 | **defaults) | |
53 | ||
98857207 | 54 | if request.method == 'POST' and form.validate(): |
d5e90fe4 CAW |
55 | # Make sure there isn't already a MediaEntry with such a slug |
56 | # and userid. | |
b62b3b98 E |
57 | slug_used = check_media_slug_used(request.db, media.uploader, |
58 | request.POST['slug'], media.id) | |
3a8c3a38 | 59 | |
b62b3b98 | 60 | if slug_used: |
d5e90fe4 | 61 | form.slug.errors.append( |
4b1adc13 | 62 | _(u'An entry with that slug already exists for this user.')) |
d5e90fe4 | 63 | else: |
ec82fbd8 | 64 | media.title = unicode(request.POST['title']) |
1d939966 | 65 | media.description = unicode(request.POST.get('description')) |
de917303 | 66 | media.tags = convert_to_tag_list_of_dicts( |
0712a06d | 67 | request.POST.get('tags')) |
3a8c3a38 | 68 | |
da6206c4 | 69 | media.license = unicode(request.POST.get('license', '')) or None |
25b48323 | 70 | |
5da0bf90 | 71 | media.slug = unicode(request.POST['slug']) |
99a270e9 | 72 | |
747623cc | 73 | media.save() |
d5e90fe4 | 74 | |
8d7b549b E |
75 | return exc.HTTPFound( |
76 | location=media.url_for_self(request.urlgen)) | |
98857207 | 77 | |
bec591d8 | 78 | if request.user.is_admin \ |
1ceb4fc8 | 79 | and media.uploader != request.user._id \ |
96a2c366 CAW |
80 | and request.method != 'POST': |
81 | messages.add_message( | |
82 | request, messages.WARNING, | |
4b1adc13 | 83 | _("You are editing another user's media. Proceed with caution.")) |
96a2c366 | 84 | |
9038c9f9 CAW |
85 | return render_to_response( |
86 | request, | |
c9c24934 E |
87 | 'mediagoblin/edit/edit.html', |
88 | {'media': media, | |
89 | 'form': form}) | |
46fd661e | 90 | |
3a8c3a38 JW |
91 | |
92 | @get_user_media_entry | |
630b57a3 | 93 | @require_active_login |
3a8c3a38 JW |
94 | def edit_attachments(request, media): |
95 | if mg_globals.app_config['allow_attachments']: | |
96 | form = forms.EditAttachmentsForm() | |
97 | ||
98 | # Add any attachements | |
99 | if ('attachment_file' in request.POST | |
100 | and isinstance(request.POST['attachment_file'], FieldStorage) | |
101 | and request.POST['attachment_file'].file): | |
102 | ||
103 | attachment_public_filepath \ | |
104 | = mg_globals.public_store.get_unique_filepath( | |
eabe6b67 | 105 | ['media_entries', unicode(media._id), 'attachment', |
3a8c3a38 JW |
106 | secure_filename(request.POST['attachment_file'].filename)]) |
107 | ||
108 | attachment_public_file = mg_globals.public_store.get_file( | |
109 | attachment_public_filepath, 'wb') | |
110 | ||
111 | try: | |
112 | attachment_public_file.write( | |
113 | request.POST['attachment_file'].file.read()) | |
114 | finally: | |
115 | request.POST['attachment_file'].file.close() | |
116 | ||
35029581 | 117 | media.attachment_files.append(dict( |
3a8c3a38 JW |
118 | name=request.POST['attachment_name'] \ |
119 | or request.POST['attachment_file'].filename, | |
120 | filepath=attachment_public_filepath, | |
243c3843 | 121 | created=datetime.utcnow(), |
3a8c3a38 | 122 | )) |
630b57a3 | 123 | |
3a8c3a38 JW |
124 | media.save() |
125 | ||
126 | messages.add_message( | |
127 | request, messages.SUCCESS, | |
128 | "You added the attachment %s!" \ | |
129 | % (request.POST['attachment_name'] | |
130 | or request.POST['attachment_file'].filename)) | |
131 | ||
8d7b549b E |
132 | return exc.HTTPFound( |
133 | location=media.url_for_self(request.urlgen)) | |
3a8c3a38 JW |
134 | return render_to_response( |
135 | request, | |
136 | 'mediagoblin/edit/attachments.html', | |
137 | {'media': media, | |
138 | 'form': form}) | |
139 | else: | |
140 | return exc.HTTPForbidden() | |
141 | ||
142 | ||
143 | @require_active_login | |
144 | def edit_profile(request): | |
a0cf14fe CFD |
145 | # admins may edit any user profile given a username in the querystring |
146 | edit_username = request.GET.get('username') | |
bec591d8 | 147 | if request.user.is_admin and request.user.username != edit_username: |
a0cf14fe CFD |
148 | user = request.db.User.find_one({'username': edit_username}) |
149 | # No need to warn again if admin just submitted an edited profile | |
150 | if request.method != 'POST': | |
151 | messages.add_message( | |
152 | request, messages.WARNING, | |
4b1adc13 | 153 | _("You are editing a user's profile. Proceed with caution.")) |
a0cf14fe CFD |
154 | else: |
155 | user = request.user | |
156 | ||
630b57a3 | 157 | form = forms.EditProfileForm(request.POST, |
3a8c3a38 JW |
158 | url=user.get('url'), |
159 | bio=user.get('bio')) | |
630b57a3 | 160 | |
161 | if request.method == 'POST' and form.validate(): | |
c8071fa5 JS |
162 | user.url = unicode(request.POST['url']) |
163 | user.bio = unicode(request.POST['bio']) | |
4c465852 | 164 | |
c8071fa5 | 165 | user.save() |
630b57a3 | 166 | |
c8071fa5 JS |
167 | messages.add_message(request, |
168 | messages.SUCCESS, | |
169 | _("Profile changes saved")) | |
170 | return redirect(request, | |
171 | 'mediagoblin.user_pages.user_home', | |
703d09b9 | 172 | user=user.username) |
630b57a3 | 173 | |
174 | return render_to_response( | |
175 | request, | |
176 | 'mediagoblin/edit/edit_profile.html', | |
177 | {'user': user, | |
178 | 'form': form}) | |
c8071fa5 JS |
179 | |
180 | ||
181 | @require_active_login | |
182 | def edit_account(request): | |
c8071fa5 JS |
183 | user = request.user |
184 | ||
185 | form = forms.EditAccountForm(request.POST) | |
186 | ||
630b57a3 | 187 | if request.method == 'POST' and form.validate(): |
c8ccd23e JK |
188 | password_matches = auth_lib.bcrypt_check_password( |
189 | request.POST['old_password'], | |
0ab21f98 | 190 | user.pw_hash) |
630b57a3 | 191 | |
4837b2f2 JK |
192 | if (request.POST['old_password'] or request.POST['new_password']) and not \ |
193 | password_matches: | |
c8ccd23e JK |
194 | form.old_password.errors.append(_('Wrong password')) |
195 | ||
196 | return render_to_response( | |
197 | request, | |
c8071fa5 | 198 | 'mediagoblin/edit/edit_account.html', |
c8ccd23e JK |
199 | {'user': user, |
200 | 'form': form}) | |
201 | ||
4837b2f2 | 202 | if password_matches: |
0ab21f98 | 203 | user.pw_hash = auth_lib.bcrypt_gen_password_hash( |
4837b2f2 JK |
204 | request.POST['new_password']) |
205 | ||
4837b2f2 JK |
206 | user.save() |
207 | ||
208 | messages.add_message(request, | |
209 | messages.SUCCESS, | |
c8071fa5 | 210 | _("Account settings saved")) |
4837b2f2 JK |
211 | return redirect(request, |
212 | 'mediagoblin.user_pages.user_home', | |
0ab21f98 | 213 | user=user.username) |
630b57a3 | 214 | |
215 | return render_to_response( | |
216 | request, | |
c8071fa5 | 217 | 'mediagoblin/edit/edit_account.html', |
630b57a3 | 218 | {'user': user, |
219 | 'form': form}) |