| 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
| 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
| 3 | # |
| 4 | # This program is free software: you can redistribute it and/or modify |
| 5 | # it under the terms of the GNU Affero General Public License as published by |
| 6 | # the Free Software Foundation, either version 3 of the License, or |
| 7 | # (at your option) any later version. |
| 8 | # |
| 9 | # This program is distributed in the hope that it will be useful, |
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | # GNU Affero General Public License for more details. |
| 13 | # |
| 14 | # You should have received a copy of the GNU Affero General Public License |
| 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 16 | |
| 17 | import six |
| 18 | |
| 19 | from datetime import datetime |
| 20 | |
| 21 | from itsdangerous import BadSignature |
| 22 | from pyld import jsonld |
| 23 | from werkzeug.exceptions import Forbidden |
| 24 | from werkzeug.utils import secure_filename |
| 25 | from jsonschema import ValidationError, Draft4Validator |
| 26 | |
| 27 | from mediagoblin import messages |
| 28 | from mediagoblin import mg_globals |
| 29 | |
| 30 | from mediagoblin.auth import (check_password, |
| 31 | tools as auth_tools) |
| 32 | from mediagoblin.edit import forms |
| 33 | from mediagoblin.edit.lib import may_edit_media |
| 34 | from mediagoblin.decorators import (require_active_login, active_user_from_url, |
| 35 | get_media_entry_by_id, user_may_alter_collection, |
| 36 | get_user_collection, user_has_privilege, |
| 37 | user_not_banned) |
| 38 | from mediagoblin.tools.crypto import get_timed_signer_url |
| 39 | from mediagoblin.tools.metadata import (compact_and_validate, DEFAULT_CHECKER, |
| 40 | DEFAULT_SCHEMA) |
| 41 | from mediagoblin.tools.mail import email_debug_message |
| 42 | from mediagoblin.tools.response import (render_to_response, |
| 43 | redirect, redirect_obj, render_404) |
| 44 | from mediagoblin.tools.translate import pass_to_ugettext as _ |
| 45 | from mediagoblin.tools.template import render_template |
| 46 | from mediagoblin.tools.text import ( |
| 47 | convert_to_tag_list_of_dicts, media_tags_as_string) |
| 48 | from mediagoblin.tools.url import slugify |
| 49 | from mediagoblin.db.util import check_media_slug_used, check_collection_slug_used |
| 50 | from mediagoblin.db.models import User, Client, AccessToken |
| 51 | |
| 52 | import mimetypes |
| 53 | |
| 54 | |
| 55 | @get_media_entry_by_id |
| 56 | @require_active_login |
| 57 | def edit_media(request, media): |
| 58 | if not may_edit_media(request, media): |
| 59 | raise Forbidden("User may not edit this media") |
| 60 | |
| 61 | defaults = dict( |
| 62 | title=media.title, |
| 63 | slug=media.slug, |
| 64 | description=media.description, |
| 65 | tags=media_tags_as_string(media.tags), |
| 66 | license=media.license) |
| 67 | |
| 68 | form = forms.EditForm( |
| 69 | request.form, |
| 70 | **defaults) |
| 71 | |
| 72 | if request.method == 'POST' and form.validate(): |
| 73 | # Make sure there isn't already a MediaEntry with such a slug |
| 74 | # and userid. |
| 75 | slug = slugify(form.slug.data) |
| 76 | slug_used = check_media_slug_used(media.uploader, slug, media.id) |
| 77 | |
| 78 | if slug_used: |
| 79 | form.slug.errors.append( |
| 80 | _(u'An entry with that slug already exists for this user.')) |
| 81 | else: |
| 82 | media.title = form.title.data |
| 83 | media.description = form.description.data |
| 84 | media.tags = convert_to_tag_list_of_dicts( |
| 85 | form.tags.data) |
| 86 | |
| 87 | media.license = six.text_type(form.license.data) or None |
| 88 | media.slug = slug |
| 89 | media.save() |
| 90 | |
| 91 | return redirect_obj(request, media) |
| 92 | |
| 93 | if request.user.has_privilege(u'admin') \ |
| 94 | and media.uploader != request.user.id \ |
| 95 | and request.method != 'POST': |
| 96 | messages.add_message( |
| 97 | request, messages.WARNING, |
| 98 | _("You are editing another user's media. Proceed with caution.")) |
| 99 | |
| 100 | return render_to_response( |
| 101 | request, |
| 102 | 'mediagoblin/edit/edit.html', |
| 103 | {'media': media, |
| 104 | 'form': form}) |
| 105 | |
| 106 | |
| 107 | # Mimetypes that browsers parse scripts in. |
| 108 | # Content-sniffing isn't taken into consideration. |
| 109 | UNSAFE_MIMETYPES = [ |
| 110 | 'text/html', |
| 111 | 'text/svg+xml'] |
| 112 | |
| 113 | |
| 114 | @get_media_entry_by_id |
| 115 | @require_active_login |
| 116 | def edit_attachments(request, media): |
| 117 | if mg_globals.app_config['allow_attachments']: |
| 118 | form = forms.EditAttachmentsForm() |
| 119 | |
| 120 | # Add any attachements |
| 121 | if 'attachment_file' in request.files \ |
| 122 | and request.files['attachment_file']: |
| 123 | |
| 124 | # Security measure to prevent attachments from being served as |
| 125 | # text/html, which will be parsed by web clients and pose an XSS |
| 126 | # threat. |
| 127 | # |
| 128 | # TODO |
| 129 | # This method isn't flawless as some browsers may perform |
| 130 | # content-sniffing. |
| 131 | # This method isn't flawless as we do the mimetype lookup on the |
| 132 | # machine parsing the upload form, and not necessarily the machine |
| 133 | # serving the attachments. |
| 134 | if mimetypes.guess_type( |
| 135 | request.files['attachment_file'].filename)[0] in \ |
| 136 | UNSAFE_MIMETYPES: |
| 137 | public_filename = secure_filename('{0}.notsafe'.format( |
| 138 | request.files['attachment_file'].filename)) |
| 139 | else: |
| 140 | public_filename = secure_filename( |
| 141 | request.files['attachment_file'].filename) |
| 142 | |
| 143 | attachment_public_filepath \ |
| 144 | = mg_globals.public_store.get_unique_filepath( |
| 145 | ['media_entries', six.text_type(media.id), 'attachment', |
| 146 | public_filename]) |
| 147 | |
| 148 | attachment_public_file = mg_globals.public_store.get_file( |
| 149 | attachment_public_filepath, 'wb') |
| 150 | |
| 151 | try: |
| 152 | attachment_public_file.write( |
| 153 | request.files['attachment_file'].stream.read()) |
| 154 | finally: |
| 155 | request.files['attachment_file'].stream.close() |
| 156 | |
| 157 | media.attachment_files.append(dict( |
| 158 | name=form.attachment_name.data \ |
| 159 | or request.files['attachment_file'].filename, |
| 160 | filepath=attachment_public_filepath, |
| 161 | created=datetime.utcnow(), |
| 162 | )) |
| 163 | |
| 164 | media.save() |
| 165 | |
| 166 | messages.add_message( |
| 167 | request, messages.SUCCESS, |
| 168 | _("You added the attachment %s!") \ |
| 169 | % (form.attachment_name.data |
| 170 | or request.files['attachment_file'].filename)) |
| 171 | |
| 172 | return redirect(request, |
| 173 | location=media.url_for_self(request.urlgen)) |
| 174 | return render_to_response( |
| 175 | request, |
| 176 | 'mediagoblin/edit/attachments.html', |
| 177 | {'media': media, |
| 178 | 'form': form}) |
| 179 | else: |
| 180 | raise Forbidden("Attachments are disabled") |
| 181 | |
| 182 | @require_active_login |
| 183 | def legacy_edit_profile(request): |
| 184 | """redirect the old /edit/profile/?username=USER to /u/USER/edit/""" |
| 185 | username = request.GET.get('username') or request.user.username |
| 186 | return redirect(request, 'mediagoblin.edit.profile', user=username) |
| 187 | |
| 188 | |
| 189 | @require_active_login |
| 190 | @active_user_from_url |
| 191 | def edit_profile(request, url_user=None): |
| 192 | # admins may edit any user profile |
| 193 | if request.user.username != url_user.username: |
| 194 | if not request.user.has_privilege(u'admin'): |
| 195 | raise Forbidden(_("You can only edit your own profile.")) |
| 196 | |
| 197 | # No need to warn again if admin just submitted an edited profile |
| 198 | if request.method != 'POST': |
| 199 | messages.add_message( |
| 200 | request, messages.WARNING, |
| 201 | _("You are editing a user's profile. Proceed with caution.")) |
| 202 | |
| 203 | user = url_user |
| 204 | |
| 205 | form = forms.EditProfileForm(request.form, |
| 206 | url=user.url, |
| 207 | bio=user.bio) |
| 208 | |
| 209 | if request.method == 'POST' and form.validate(): |
| 210 | user.url = six.text_type(form.url.data) |
| 211 | user.bio = six.text_type(form.bio.data) |
| 212 | |
| 213 | user.save() |
| 214 | |
| 215 | messages.add_message(request, |
| 216 | messages.SUCCESS, |
| 217 | _("Profile changes saved")) |
| 218 | return redirect(request, |
| 219 | 'mediagoblin.user_pages.user_home', |
| 220 | user=user.username) |
| 221 | |
| 222 | return render_to_response( |
| 223 | request, |
| 224 | 'mediagoblin/edit/edit_profile.html', |
| 225 | {'user': user, |
| 226 | 'form': form}) |
| 227 | |
| 228 | EMAIL_VERIFICATION_TEMPLATE = ( |
| 229 | u'{uri}?' |
| 230 | u'token={verification_key}') |
| 231 | |
| 232 | |
| 233 | @require_active_login |
| 234 | def edit_account(request): |
| 235 | user = request.user |
| 236 | form = forms.EditAccountForm(request.form, |
| 237 | wants_comment_notification=user.wants_comment_notification, |
| 238 | license_preference=user.license_preference, |
| 239 | wants_notifications=user.wants_notifications) |
| 240 | |
| 241 | if request.method == 'POST' and form.validate(): |
| 242 | user.wants_comment_notification = form.wants_comment_notification.data |
| 243 | user.wants_notifications = form.wants_notifications.data |
| 244 | |
| 245 | user.license_preference = form.license_preference.data |
| 246 | |
| 247 | user.save() |
| 248 | messages.add_message(request, |
| 249 | messages.SUCCESS, |
| 250 | _("Account settings saved")) |
| 251 | return redirect(request, |
| 252 | 'mediagoblin.user_pages.user_home', |
| 253 | user=user.username) |
| 254 | |
| 255 | return render_to_response( |
| 256 | request, |
| 257 | 'mediagoblin/edit/edit_account.html', |
| 258 | {'user': user, |
| 259 | 'form': form}) |
| 260 | |
| 261 | @require_active_login |
| 262 | def deauthorize_applications(request): |
| 263 | """ Deauthroize OAuth applications """ |
| 264 | if request.method == 'POST' and "application" in request.form: |
| 265 | token = request.form["application"] |
| 266 | access_token = AccessToken.query.filter_by(token=token).first() |
| 267 | if access_token is None: |
| 268 | messages.add_message( |
| 269 | request, |
| 270 | messages.ERROR, |
| 271 | _("Unknown application, not able to deauthorize") |
| 272 | ) |
| 273 | else: |
| 274 | access_token.delete() |
| 275 | messages.add_message( |
| 276 | request, |
| 277 | messages.SUCCESS, |
| 278 | _("Application has been deauthorized") |
| 279 | ) |
| 280 | |
| 281 | access_tokens = AccessToken.query.filter_by(user=request.user.id) |
| 282 | applications = [(a.get_requesttoken, a) for a in access_tokens] |
| 283 | |
| 284 | return render_to_response( |
| 285 | request, |
| 286 | 'mediagoblin/edit/deauthorize_applications.html', |
| 287 | {'applications': applications} |
| 288 | ) |
| 289 | |
| 290 | @require_active_login |
| 291 | def delete_account(request): |
| 292 | """Delete a user completely""" |
| 293 | user = request.user |
| 294 | if request.method == 'POST': |
| 295 | if request.form.get(u'confirmed'): |
| 296 | # Form submitted and confirmed. Actually delete the user account |
| 297 | # Log out user and delete cookies etc. |
| 298 | # TODO: Should we be using MG.auth.views.py:logout for this? |
| 299 | request.session.delete() |
| 300 | |
| 301 | # Delete user account and all related media files etc.... |
| 302 | request.user.delete() |
| 303 | |
| 304 | # We should send a message that the user has been deleted |
| 305 | # successfully. But we just deleted the session, so we |
| 306 | # can't... |
| 307 | return redirect(request, 'index') |
| 308 | |
| 309 | else: # Did not check the confirmation box... |
| 310 | messages.add_message( |
| 311 | request, messages.WARNING, |
| 312 | _('You need to confirm the deletion of your account.')) |
| 313 | |
| 314 | # No POST submission or not confirmed, just show page |
| 315 | return render_to_response( |
| 316 | request, |
| 317 | 'mediagoblin/edit/delete_account.html', |
| 318 | {'user': user}) |
| 319 | |
| 320 | |
| 321 | @require_active_login |
| 322 | @user_may_alter_collection |
| 323 | @get_user_collection |
| 324 | def edit_collection(request, collection): |
| 325 | defaults = dict( |
| 326 | title=collection.title, |
| 327 | slug=collection.slug, |
| 328 | description=collection.description) |
| 329 | |
| 330 | form = forms.EditCollectionForm( |
| 331 | request.form, |
| 332 | **defaults) |
| 333 | |
| 334 | if request.method == 'POST' and form.validate(): |
| 335 | # Make sure there isn't already a Collection with such a slug |
| 336 | # and userid. |
| 337 | slug_used = check_collection_slug_used(collection.creator, |
| 338 | form.slug.data, collection.id) |
| 339 | |
| 340 | # Make sure there isn't already a Collection with this title |
| 341 | existing_collection = request.db.Collection.query.filter_by( |
| 342 | creator=request.user.id, |
| 343 | title=form.title.data).first() |
| 344 | |
| 345 | if existing_collection and existing_collection.id != collection.id: |
| 346 | messages.add_message( |
| 347 | request, messages.ERROR, |
| 348 | _('You already have a collection called "%s"!') % \ |
| 349 | form.title.data) |
| 350 | elif slug_used: |
| 351 | form.slug.errors.append( |
| 352 | _(u'A collection with that slug already exists for this user.')) |
| 353 | else: |
| 354 | collection.title = six.text_type(form.title.data) |
| 355 | collection.description = six.text_type(form.description.data) |
| 356 | collection.slug = six.text_type(form.slug.data) |
| 357 | |
| 358 | collection.save() |
| 359 | |
| 360 | return redirect_obj(request, collection) |
| 361 | |
| 362 | if request.user.has_privilege(u'admin') \ |
| 363 | and collection.creator != request.user.id \ |
| 364 | and request.method != 'POST': |
| 365 | messages.add_message( |
| 366 | request, messages.WARNING, |
| 367 | _("You are editing another user's collection. Proceed with caution.")) |
| 368 | |
| 369 | return render_to_response( |
| 370 | request, |
| 371 | 'mediagoblin/edit/edit_collection.html', |
| 372 | {'collection': collection, |
| 373 | 'form': form}) |
| 374 | |
| 375 | |
| 376 | def verify_email(request): |
| 377 | """ |
| 378 | Email verification view for changing email address |
| 379 | """ |
| 380 | # If no token, we can't do anything |
| 381 | if not 'token' in request.GET: |
| 382 | return render_404(request) |
| 383 | |
| 384 | # Catch error if token is faked or expired |
| 385 | token = None |
| 386 | try: |
| 387 | token = get_timed_signer_url("mail_verification_token") \ |
| 388 | .loads(request.GET['token'], max_age=10*24*3600) |
| 389 | except BadSignature: |
| 390 | messages.add_message( |
| 391 | request, |
| 392 | messages.ERROR, |
| 393 | _('The verification key or user id is incorrect.')) |
| 394 | |
| 395 | return redirect( |
| 396 | request, |
| 397 | 'index') |
| 398 | |
| 399 | user = User.query.filter_by(id=int(token['user'])).first() |
| 400 | |
| 401 | if user: |
| 402 | user.email = token['email'] |
| 403 | user.save() |
| 404 | |
| 405 | messages.add_message( |
| 406 | request, |
| 407 | messages.SUCCESS, |
| 408 | _('Your email address has been verified.')) |
| 409 | |
| 410 | else: |
| 411 | messages.add_message( |
| 412 | request, |
| 413 | messages.ERROR, |
| 414 | _('The verification key or user id is incorrect.')) |
| 415 | |
| 416 | return redirect( |
| 417 | request, 'mediagoblin.user_pages.user_home', |
| 418 | user=user.username) |
| 419 | |
| 420 | |
| 421 | def change_email(request): |
| 422 | """ View to change the user's email """ |
| 423 | form = forms.ChangeEmailForm(request.form) |
| 424 | user = request.user |
| 425 | |
| 426 | # If no password authentication, no need to enter a password |
| 427 | if 'pass_auth' not in request.template_env.globals or not user.pw_hash: |
| 428 | form.__delitem__('password') |
| 429 | |
| 430 | if request.method == 'POST' and form.validate(): |
| 431 | new_email = form.new_email.data |
| 432 | users_with_email = User.query.filter_by( |
| 433 | email=new_email).count() |
| 434 | |
| 435 | if users_with_email: |
| 436 | form.new_email.errors.append( |
| 437 | _('Sorry, a user with that email address' |
| 438 | ' already exists.')) |
| 439 | |
| 440 | if form.password and user.pw_hash and not check_password( |
| 441 | form.password.data, user.pw_hash): |
| 442 | form.password.errors.append( |
| 443 | _('Wrong password')) |
| 444 | |
| 445 | if not form.errors: |
| 446 | verification_key = get_timed_signer_url( |
| 447 | 'mail_verification_token').dumps({ |
| 448 | 'user': user.id, |
| 449 | 'email': new_email}) |
| 450 | |
| 451 | rendered_email = render_template( |
| 452 | request, 'mediagoblin/edit/verification.txt', |
| 453 | {'username': user.username, |
| 454 | 'verification_url': EMAIL_VERIFICATION_TEMPLATE.format( |
| 455 | uri=request.urlgen('mediagoblin.edit.verify_email', |
| 456 | qualified=True), |
| 457 | verification_key=verification_key)}) |
| 458 | |
| 459 | email_debug_message(request) |
| 460 | auth_tools.send_verification_email(user, request, new_email, |
| 461 | rendered_email) |
| 462 | |
| 463 | return redirect(request, 'mediagoblin.edit.account') |
| 464 | |
| 465 | return render_to_response( |
| 466 | request, |
| 467 | 'mediagoblin/edit/change_email.html', |
| 468 | {'form': form, |
| 469 | 'user': user}) |
| 470 | |
| 471 | @user_has_privilege(u'admin') |
| 472 | @require_active_login |
| 473 | @get_media_entry_by_id |
| 474 | def edit_metadata(request, media): |
| 475 | form = forms.EditMetaDataForm(request.form) |
| 476 | if request.method == "POST" and form.validate(): |
| 477 | metadata_dict = dict([(row['identifier'],row['value']) |
| 478 | for row in form.media_metadata.data]) |
| 479 | json_ld_metadata = None |
| 480 | json_ld_metadata = compact_and_validate(metadata_dict) |
| 481 | media.media_metadata = json_ld_metadata |
| 482 | media.save() |
| 483 | return redirect_obj(request, media) |
| 484 | |
| 485 | if len(form.media_metadata) == 0: |
| 486 | for identifier, value in six.iteritems(media.media_metadata): |
| 487 | if identifier == "@context": continue |
| 488 | form.media_metadata.append_entry({ |
| 489 | 'identifier':identifier, |
| 490 | 'value':value}) |
| 491 | |
| 492 | return render_to_response( |
| 493 | request, |
| 494 | 'mediagoblin/edit/metadata.html', |
| 495 | {'form':form, |
| 496 | 'media':media}) |