Commit | Line | Data |
---|---|---|
427beb08 E |
1 | # GNU MediaGoblin -- federated, autonomous media hosting |
2 | # Copyright (C) 2013 MediaGoblin contributors. See AUTHORS. | |
3 | # | |
4 | # This program is free software: you can redistribute it and/or modify | |
5 | # it under the terms of the GNU Affero General Public License as published by | |
6 | # the Free Software Foundation, either version 3 of the License, or | |
7 | # (at your option) any later version. | |
8 | # | |
9 | # This program is distributed in the hope that it will be useful, | |
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | # GNU Affero General Public License for more details. | |
13 | # | |
14 | # You should have received a copy of the GNU Affero General Public License | |
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
16 | ||
17 | import logging | |
398d3841 | 18 | import re |
427beb08 | 19 | |
e49b7e02 BP |
20 | import six |
21 | ||
90d7de25 | 22 | from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented |
e4e5948c | 23 | from werkzeug.wrappers import BaseResponse |
427beb08 | 24 | |
860b380b | 25 | from mediagoblin.tools.translate import pass_to_ugettext as _ |
427beb08 | 26 | from mediagoblin.meddleware.csrf import csrf_exempt |
1d321f1c | 27 | from mediagoblin.auth.tools import check_login_simple |
860b380b CAW |
28 | from mediagoblin.submit.lib import \ |
29 | submit_media, check_file_field, get_upload_file_limits, \ | |
30 | FileUploadLimit, UserUploadLimit, UserPastUploadLimit | |
31 | ||
c732f422 | 32 | |
41501106 MS |
33 | from mediagoblin.user_pages.lib import add_media_to_collection |
34 | from mediagoblin.db.models import Collection | |
35 | ||
4adc3a85 E |
36 | from .tools import CmdTable, response_xml, check_form, \ |
37 | PWGSession, PwgNamedArray, PwgError | |
c1df8d19 | 38 | from .forms import AddSimpleForm, AddForm |
427beb08 E |
39 | |
40 | ||
41 | _log = logging.getLogger(__name__) | |
42 | ||
43 | ||
427beb08 E |
44 | @CmdTable("pwg.session.login", True) |
45 | def pwg_login(request): | |
46 | username = request.form.get("username") | |
47 | password = request.form.get("password") | |
1d321f1c | 48 | user = check_login_simple(username, password) |
7fb419dd | 49 | if not user: |
4adc3a85 | 50 | return PwgError(999, 'Invalid username/password') |
7fb419dd E |
51 | request.session["user_id"] = user.id |
52 | request.session.save() | |
e4e5948c | 53 | return True |
bd3bc044 E |
54 | |
55 | ||
56 | @CmdTable("pwg.session.logout") | |
57 | def pwg_logout(request): | |
58 | _log.info("Logout") | |
7fb419dd | 59 | request.session.delete() |
e4e5948c | 60 | return True |
bd3bc044 E |
61 | |
62 | ||
63 | @CmdTable("pwg.getVersion") | |
64 | def pwg_getversion(request): | |
9924cd0f | 65 | return "2.5.0 (MediaGoblin)" |
cf0816c1 E |
66 | |
67 | ||
68 | @CmdTable("pwg.session.getStatus") | |
69 | def pwg_session_getStatus(request): | |
66594603 E |
70 | if request.user: |
71 | username = request.user.username | |
72 | else: | |
73 | username = "guest" | |
74 | return {'username': username} | |
e4e5948c E |
75 | |
76 | ||
77 | @CmdTable("pwg.categories.getList") | |
78 | def pwg_categories_getList(request): | |
41501106 | 79 | catlist = [{'id': -29711, |
cf0816c1 | 80 | 'uppercats': "-29711", |
41501106 MS |
81 | 'name': "All my images"}] |
82 | ||
7da90d56 | 83 | if request.user: |
cac478e5 | 84 | collections = Collection.query.filter_by( |
0f3bf8d4 | 85 | get_actor=request.user).order_by(Collection.title) |
cac478e5 | 86 | |
7da90d56 MS |
87 | for c in collections: |
88 | catlist.append({'id': c.id, | |
89 | 'uppercats': str(c.id), | |
90 | 'name': c.title, | |
91 | 'comment': c.description | |
92 | }) | |
41501106 | 93 | |
e4e5948c E |
94 | return { |
95 | 'categories': PwgNamedArray( | |
96 | catlist, | |
97 | 'category', | |
98 | ( | |
99 | 'id', | |
100 | 'url', | |
101 | 'nb_images', | |
102 | 'total_nb_images', | |
103 | 'nb_categories', | |
104 | 'date_last', | |
105 | 'max_date_last', | |
106 | ) | |
107 | ) | |
108 | } | |
427beb08 E |
109 | |
110 | ||
398d3841 E |
111 | @CmdTable("pwg.images.exist") |
112 | def pwg_images_exist(request): | |
113 | return {} | |
114 | ||
115 | ||
79f87b97 E |
116 | @CmdTable("pwg.images.addSimple", True) |
117 | def pwg_images_addSimple(request): | |
118 | form = AddSimpleForm(request.form) | |
119 | if not form.validate(): | |
120 | _log.error("addSimple: form failed") | |
121 | raise BadRequest() | |
122 | dump = [] | |
123 | for f in form: | |
124 | dump.append("%s=%r" % (f.name, f.data)) | |
1d321f1c | 125 | _log.info("addSimple: %r %s %r", request.form, " ".join(dump), |
18e64476 | 126 | request.files) |
79f87b97 | 127 | |
f6f55769 E |
128 | if not check_file_field(request, 'image'): |
129 | raise BadRequest() | |
130 | ||
860b380b CAW |
131 | try: |
132 | entry = submit_media( | |
a8413d8b CAW |
133 | mg_app=request.app, user=request.user, |
134 | submitted_file=request.files['image'], | |
135 | filename=request.files['image'].filename, | |
e49b7e02 | 136 | title=six.text_type(form.name.data), |
6c067857 | 137 | description=six.text_type(form.comment.data)) |
860b380b CAW |
138 | |
139 | collection_id = form.category.data | |
140 | if collection_id > 0: | |
141 | collection = Collection.query.get(collection_id) | |
0f3bf8d4 | 142 | if collection is not None and collection.actor == request.user.id: |
860b380b CAW |
143 | add_media_to_collection(collection, entry, "") |
144 | ||
145 | return { | |
146 | 'image_id': entry.id, | |
147 | 'url': entry.url_for_self( | |
148 | request.urlgen, | |
149 | qualified=True)} | |
150 | ||
151 | # Handle upload limit issues | |
152 | except FileUploadLimit: | |
153 | raise BadRequest( | |
154 | _(u'Sorry, the file size is too big.')) | |
155 | except UserUploadLimit: | |
156 | raise BadRequest( | |
157 | _('Sorry, uploading this file will put you over your' | |
158 | ' upload limit.')) | |
159 | except UserPastUploadLimit: | |
160 | raise BadRequest( | |
161 | _('Sorry, you have reached your upload limit.')) | |
c732f422 | 162 | |
79f87b97 | 163 | |
398d3841 E |
164 | md5sum_matcher = re.compile(r"^[0-9a-fA-F]{32}$") |
165 | ||
c732f422 | 166 | |
398d3841 E |
167 | def fetch_md5(request, parm_name, optional_parm=False): |
168 | val = request.form.get(parm_name) | |
169 | if (val is None) and (not optional_parm): | |
170 | _log.error("Parameter %s missing", parm_name) | |
171 | raise BadRequest("Parameter %s missing" % parm_name) | |
172 | if not md5sum_matcher.match(val): | |
173 | _log.error("Parameter %s=%r has no valid md5 value", parm_name, val) | |
174 | raise BadRequest("Parameter %s is not md5" % parm_name) | |
175 | return val | |
176 | ||
177 | ||
178 | @CmdTable("pwg.images.addChunk", True) | |
179 | def pwg_images_addChunk(request): | |
180 | o_sum = fetch_md5(request, 'original_sum') | |
181 | typ = request.form.get('type') | |
182 | pos = request.form.get('position') | |
183 | data = request.form.get('data') | |
184 | ||
185 | # Validate params: | |
186 | pos = int(pos) | |
187 | if not typ in ("file", "thumb"): | |
188 | _log.error("type %r not allowed for now", typ) | |
189 | return False | |
190 | ||
191 | _log.info("addChunk for %r, type %r, position %d, len: %d", | |
192 | o_sum, typ, pos, len(data)) | |
193 | if typ == "thumb": | |
194 | _log.info("addChunk: Ignoring thumb, because we create our own") | |
195 | return True | |
196 | ||
197 | return True | |
198 | ||
199 | ||
c1df8d19 E |
200 | @CmdTable("pwg.images.add", True) |
201 | def pwg_images_add(request): | |
202 | _log.info("add: %r", request.form) | |
203 | form = AddForm(request.form) | |
204 | check_form(form) | |
205 | ||
206 | return {'image_id': 123456, 'url': ''} | |
207 | ||
208 | ||
427beb08 E |
209 | @csrf_exempt |
210 | def ws_php(request): | |
211 | if request.method not in ("GET", "POST"): | |
212 | _log.error("Method %r not supported", request.method) | |
213 | raise MethodNotAllowed() | |
214 | ||
215 | func = CmdTable.find_func(request) | |
216 | if not func: | |
217 | _log.warn("wsphp: Unhandled %s %r %r", request.method, | |
218 | request.args, request.form) | |
90d7de25 | 219 | raise NotImplemented() |
427beb08 | 220 | |
7fb419dd E |
221 | with PWGSession(request) as session: |
222 | result = func(request) | |
427beb08 | 223 | |
7fb419dd E |
224 | if isinstance(result, BaseResponse): |
225 | return result | |
e4e5948c | 226 | |
7fb419dd E |
227 | response = response_xml(result) |
228 | session.save_to_cookie(response) | |
dc7c26f3 | 229 | |
7fb419dd | 230 | return response |