[mediagoblin.git] / mediagoblin / plugins / piwigo / views.py

# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2013 MediaGoblin contributors.  See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging
import re

import six

from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented
from werkzeug.wrappers import BaseResponse

from mediagoblin.tools.translate import pass_to_ugettext as _
from mediagoblin.meddleware.csrf import csrf_exempt
from mediagoblin.auth.tools import check_login_simple
from mediagoblin.submit.lib import \
    submit_media, check_file_field, get_upload_file_limits, \
    FileUploadLimit, UserUploadLimit, UserPastUploadLimit


from mediagoblin.user_pages.lib import add_media_to_collection
from mediagoblin.db.models import Collection

from .tools import CmdTable, response_xml, check_form, \
    PWGSession, PwgNamedArray, PwgError
from .forms import AddSimpleForm, AddForm


_log = logging.getLogger(__name__)


@CmdTable("pwg.session.login", True)
def pwg_login(request):
    username = request.form.get("username")
    password = request.form.get("password")
    user = check_login_simple(username, password)
    if not user:
        return PwgError(999, 'Invalid username/password')
    request.session["user_id"] = user.id
    request.session.save()
    return True


@CmdTable("pwg.session.logout")
def pwg_logout(request):
    _log.info("Logout")
    request.session.delete()
    return True


@CmdTable("pwg.getVersion")
def pwg_getversion(request):
    return "2.5.0 (MediaGoblin)"


@CmdTable("pwg.session.getStatus")
def pwg_session_getStatus(request):
    if request.user:
        username = request.user.username
    else:
        username = "guest"
    return {'username': username}


@CmdTable("pwg.categories.getList")
def pwg_categories_getList(request):
    catlist = [{'id': -29711,
                'uppercats': "-29711",
                'name': "All my images"}]

    if request.user:
        collections = Collection.query.filter_by(
            get_actor=request.user).order_by(Collection.title)

        for c in collections:
            catlist.append({'id': c.id,
                            'uppercats': str(c.id),
                            'name': c.title,
                            'comment': c.description
                            })

    return {
          'categories': PwgNamedArray(
            catlist,
            'category',
            (
              'id',
              'url',
              'nb_images',
              'total_nb_images',
              'nb_categories',
              'date_last',
              'max_date_last',
            )
          )
        }


@CmdTable("pwg.images.exist")
def pwg_images_exist(request):
    return {}


@CmdTable("pwg.images.addSimple", True)
def pwg_images_addSimple(request):
    form = AddSimpleForm(request.form)
    if not form.validate():
        _log.error("addSimple: form failed")
        raise BadRequest()
    dump = []
    for f in form:
        dump.append("%s=%r" % (f.name, f.data))
    _log.info("addSimple: %r %s %r", request.form, " ".join(dump),
              request.files)

    if not check_file_field(request, 'image'):
        raise BadRequest()

    try:
        entry = submit_media(
            mg_app=request.app, user=request.user,
            submitted_file=request.files['image'],
            filename=request.files['image'].filename,
            title=six.text_type(form.name.data),
            description=six.text_type(form.comment.data))

        collection_id = form.category.data
        if collection_id > 0:
            collection = Collection.query.get(collection_id)
            if collection is not None and collection.actor == request.user.id:
                add_media_to_collection(collection, entry, "")

        return {
            'image_id': entry.id,
            'url': entry.url_for_self(
                request.urlgen,
                qualified=True)}

    # Handle upload limit issues
    except FileUploadLimit:
        raise BadRequest(
            _(u'Sorry, the file size is too big.'))
    except UserUploadLimit:
        raise BadRequest(
            _('Sorry, uploading this file will put you over your'
              ' upload limit.'))
    except UserPastUploadLimit:
        raise BadRequest(
            _('Sorry, you have reached your upload limit.'))


md5sum_matcher = re.compile(r"^[0-9a-fA-F]{32}$")


def fetch_md5(request, parm_name, optional_parm=False):
    val = request.form.get(parm_name)
    if (val is None) and (not optional_parm):
        _log.error("Parameter %s missing", parm_name)
        raise BadRequest("Parameter %s missing" % parm_name)
    if not md5sum_matcher.match(val):
        _log.error("Parameter %s=%r has no valid md5 value", parm_name, val)
        raise BadRequest("Parameter %s is not md5" % parm_name)
    return val


@CmdTable("pwg.images.addChunk", True)
def pwg_images_addChunk(request):
    o_sum = fetch_md5(request, 'original_sum')
    typ = request.form.get('type')
    pos = request.form.get('position')
    data = request.form.get('data')

    # Validate params:
    pos = int(pos)
    if not typ in ("file", "thumb"):
        _log.error("type %r not allowed for now", typ)
        return False

    _log.info("addChunk for %r, type %r, position %d, len: %d",
              o_sum, typ, pos, len(data))
    if typ == "thumb":
        _log.info("addChunk: Ignoring thumb, because we create our own")
        return True

    return True


@CmdTable("pwg.images.add", True)
def pwg_images_add(request):
    _log.info("add: %r", request.form)
    form = AddForm(request.form)
    check_form(form)

    return {'image_id': 123456, 'url': ''}


@csrf_exempt
def ws_php(request):
    if request.method not in ("GET", "POST"):
        _log.error("Method %r not supported", request.method)
        raise MethodNotAllowed()

    func = CmdTable.find_func(request)
    if not func:
        _log.warn("wsphp: Unhandled %s %r %r", request.method,
                  request.args, request.form)
        raise NotImplemented()

    with PWGSession(request) as session:
        result = func(request)

        if isinstance(result, BaseResponse):
            return result

        response = response_xml(result)
        session.save_to_cookie(response)

        return response
Commit	Line	Data
427beb08 E	1	# GNU MediaGoblin -- federated, autonomous media hosting
	2	# Copyright (C) 2013 MediaGoblin contributors. See AUTHORS.
	3	#
	4	# This program is free software: you can redistribute it and/or modify
	5	# it under the terms of the GNU Affero General Public License as published by
	6	# the Free Software Foundation, either version 3 of the License, or
	7	# (at your option) any later version.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU Affero General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16
	17	import logging
398d3841	18	import re
427beb08	19
e49b7e02 BP	20	import six
e49b7e02 BP	21
90d7de25	22	from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented
e4e5948c	23	from werkzeug.wrappers import BaseResponse
427beb08	24
860b380b	25	from mediagoblin.tools.translate import pass_to_ugettext as _
427beb08	26	from mediagoblin.meddleware.csrf import csrf_exempt
1d321f1c	27	from mediagoblin.auth.tools import check_login_simple
860b380b CAW	28	from mediagoblin.submit.lib import \
	29	submit_media, check_file_field, get_upload_file_limits, \
	30	FileUploadLimit, UserUploadLimit, UserPastUploadLimit
	31
c732f422	32
41501106 MS	33	from mediagoblin.user_pages.lib import add_media_to_collection
	34	from mediagoblin.db.models import Collection
	35
4adc3a85 E	36	from .tools import CmdTable, response_xml, check_form, \
4adc3a85 E	37	PWGSession, PwgNamedArray, PwgError
c1df8d19	38	from .forms import AddSimpleForm, AddForm
427beb08 E	39
	40
	41	_log = logging.getLogger(__name__)
	42
	43
427beb08 E	44	@CmdTable("pwg.session.login", True)
	45	def pwg_login(request):
	46	username = request.form.get("username")
	47	password = request.form.get("password")
1d321f1c	48	user = check_login_simple(username, password)
7fb419dd	49	if not user:
4adc3a85	50	return PwgError(999, 'Invalid username/password')
7fb419dd E	51	request.session["user_id"] = user.id
7fb419dd E	52	request.session.save()
e4e5948c	53	return True
bd3bc044 E	54
	55
	56	@CmdTable("pwg.session.logout")
	57	def pwg_logout(request):
	58	_log.info("Logout")
7fb419dd	59	request.session.delete()
e4e5948c	60	return True
bd3bc044 E	61
	62
	63	@CmdTable("pwg.getVersion")
	64	def pwg_getversion(request):
9924cd0f	65	return "2.5.0 (MediaGoblin)"
cf0816c1 E	66
	67
	68	@CmdTable("pwg.session.getStatus")
	69	def pwg_session_getStatus(request):
66594603 E	70	if request.user:
	71	username = request.user.username
	72	else:
	73	username = "guest"
	74	return {'username': username}
e4e5948c E	75
	76
	77	@CmdTable("pwg.categories.getList")
	78	def pwg_categories_getList(request):
41501106	79	catlist = [{'id': -29711,
cf0816c1	80	'uppercats': "-29711",
41501106 MS	81	'name': "All my images"}]
41501106 MS	82
7da90d56	83	if request.user:
cac478e5	84	collections = Collection.query.filter_by(
0f3bf8d4	85	get_actor=request.user).order_by(Collection.title)
cac478e5	86
7da90d56 MS	87	for c in collections:
	88	catlist.append({'id': c.id,
	89	'uppercats': str(c.id),
	90	'name': c.title,
	91	'comment': c.description
	92	})
41501106	93
e4e5948c E	94	return {
	95	'categories': PwgNamedArray(
	96	catlist,
	97	'category',
	98	(
	99	'id',
	100	'url',
	101	'nb_images',
	102	'total_nb_images',
	103	'nb_categories',
	104	'date_last',
	105	'max_date_last',
	106	)
	107	)
	108	}
427beb08 E	109
427beb08 E	110
398d3841 E	111	@CmdTable("pwg.images.exist")
	112	def pwg_images_exist(request):
	113	return {}
	114
	115
79f87b97 E	116	@CmdTable("pwg.images.addSimple", True)
	117	def pwg_images_addSimple(request):
	118	form = AddSimpleForm(request.form)
	119	if not form.validate():
	120	_log.error("addSimple: form failed")
	121	raise BadRequest()
	122	dump = []
	123	for f in form:
	124	dump.append("%s=%r" % (f.name, f.data))
1d321f1c	125	_log.info("addSimple: %r %s %r", request.form, " ".join(dump),
18e64476	126	request.files)
79f87b97	127
f6f55769 E	128	if not check_file_field(request, 'image'):
	129	raise BadRequest()
	130
860b380b CAW	131	try:
860b380b CAW	132	entry = submit_media(
a8413d8b CAW	133	mg_app=request.app, user=request.user,
	134	submitted_file=request.files['image'],
	135	filename=request.files['image'].filename,
e49b7e02	136	title=six.text_type(form.name.data),
6c067857	137	description=six.text_type(form.comment.data))
860b380b CAW	138
	139	collection_id = form.category.data
	140	if collection_id > 0:
	141	collection = Collection.query.get(collection_id)
0f3bf8d4	142	if collection is not None and collection.actor == request.user.id:
860b380b CAW	143	add_media_to_collection(collection, entry, "")
	144
	145	return {
	146	'image_id': entry.id,
	147	'url': entry.url_for_self(
	148	request.urlgen,
	149	qualified=True)}
	150
	151	# Handle upload limit issues
	152	except FileUploadLimit:
	153	raise BadRequest(
	154	_(u'Sorry, the file size is too big.'))
	155	except UserUploadLimit:
	156	raise BadRequest(
	157	_('Sorry, uploading this file will put you over your'
	158	' upload limit.'))
	159	except UserPastUploadLimit:
	160	raise BadRequest(
	161	_('Sorry, you have reached your upload limit.'))
c732f422	162
79f87b97	163
398d3841 E	164	md5sum_matcher = re.compile(r"^[0-9a-fA-F]{32}$")
398d3841 E	165
c732f422	166
398d3841 E	167	def fetch_md5(request, parm_name, optional_parm=False):
	168	val = request.form.get(parm_name)
	169	if (val is None) and (not optional_parm):
	170	_log.error("Parameter %s missing", parm_name)
	171	raise BadRequest("Parameter %s missing" % parm_name)
	172	if not md5sum_matcher.match(val):
	173	_log.error("Parameter %s=%r has no valid md5 value", parm_name, val)
	174	raise BadRequest("Parameter %s is not md5" % parm_name)
	175	return val
	176
	177
	178	@CmdTable("pwg.images.addChunk", True)
	179	def pwg_images_addChunk(request):
	180	o_sum = fetch_md5(request, 'original_sum')
	181	typ = request.form.get('type')
	182	pos = request.form.get('position')
	183	data = request.form.get('data')
	184
	185	# Validate params:
	186	pos = int(pos)
	187	if not typ in ("file", "thumb"):
	188	_log.error("type %r not allowed for now", typ)
	189	return False
	190
	191	_log.info("addChunk for %r, type %r, position %d, len: %d",
	192	o_sum, typ, pos, len(data))
	193	if typ == "thumb":
	194	_log.info("addChunk: Ignoring thumb, because we create our own")
	195	return True
	196
	197	return True
	198
	199
c1df8d19 E	200	@CmdTable("pwg.images.add", True)
	201	def pwg_images_add(request):
	202	_log.info("add: %r", request.form)
	203	form = AddForm(request.form)
	204	check_form(form)
	205
	206	return {'image_id': 123456, 'url': ''}
	207
	208
427beb08 E	209	@csrf_exempt
	210	def ws_php(request):
	211	if request.method not in ("GET", "POST"):
	212	_log.error("Method %r not supported", request.method)
	213	raise MethodNotAllowed()
	214
	215	func = CmdTable.find_func(request)
	216	if not func:
	217	_log.warn("wsphp: Unhandled %s %r %r", request.method,
	218	request.args, request.form)
90d7de25	219	raise NotImplemented()
427beb08	220
7fb419dd E	221	with PWGSession(request) as session:
7fb419dd E	222	result = func(request)
427beb08	223
7fb419dd E	224	if isinstance(result, BaseResponse):
7fb419dd E	225	return result
e4e5948c	226
7fb419dd E	227	response = response_xml(result)
7fb419dd E	228	session.save_to_cookie(response)
dc7c26f3	229
7fb419dd	230	return response