1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
17 from functools
import wraps
19 from urlparse
import urljoin
20 from urllib
import urlencode
24 from mediagoblin
.db
.util
import ObjectId
, InvalidId
25 from mediagoblin
.db
.sql
.models
import User
26 from mediagoblin
.tools
.response
import redirect
, render_404
29 def require_active_login(controller
):
31 Require an active login from the user.
34 def new_controller_func(request
, *args
, **kwargs
):
36 request
.user
.get('status') == u
'needs_email_verification':
38 request
, 'mediagoblin.user_pages.user_home',
39 user
=request
.user
.username
)
40 elif not request
.user
or request
.user
.get('status') != u
'active':
42 request
.urlgen('mediagoblin.auth.login',
48 request
.urlgen('mediagoblin.auth.login'),
52 return controller(request
, *args
, **kwargs
)
54 return new_controller_func
56 def active_user_from_url(controller
):
57 """Retrieve User() from <user> URL pattern and pass in as url_user=...
59 Returns a 404 if no such active user has been found"""
61 def wrapper(request
, *args
, **kwargs
):
62 user
= User
.query
.filter_by(username
=request
.matchdict
['user']).first()
64 return render_404(request
)
66 return controller(request
, *args
, url_user
=user
, **kwargs
)
71 def user_may_delete_media(controller
):
73 Require user ownership of the MediaEntry to delete.
76 def wrapper(request
, *args
, **kwargs
):
77 uploader_id
= request
.db
.MediaEntry
.find_one(
78 {'_id': ObjectId(request
.matchdict
['media'])}).uploader
79 if not (request
.user
.is_admin
or
80 request
.user
._id
== uploader_id
):
81 return exc
.HTTPForbidden()
83 return controller(request
, *args
, **kwargs
)
88 def user_may_alter_collection(controller
):
90 Require user ownership of the Collection to modify.
93 def wrapper(request
, *args
, **kwargs
):
94 creator_id
= request
.db
.User
.find_one(
95 {'username': request
.matchdict
['user']}).id
96 if not (request
.user
.is_admin
or
97 request
.user
._id
== creator_id
):
98 return exc
.HTTPForbidden()
100 return controller(request
, *args
, **kwargs
)
105 def uses_pagination(controller
):
107 Check request GET 'page' key for wrong values
110 def wrapper(request
, *args
, **kwargs
):
112 page
= int(request
.GET
.get('page', 1))
114 return render_404(request
)
116 return render_404(request
)
118 return controller(request
, page
=page
, *args
, **kwargs
)
123 def get_user_media_entry(controller
):
125 Pass in a MediaEntry based off of a url component
128 def wrapper(request
, *args
, **kwargs
):
129 user
= request
.db
.User
.find_one(
130 {'username': request
.matchdict
['user']})
133 return render_404(request
)
134 media
= request
.db
.MediaEntry
.find_one(
135 {'slug': request
.matchdict
['media'],
136 'state': u
'processed',
137 'uploader': user
._id
})
139 # no media via slug? Grab it via ObjectId
142 media
= request
.db
.MediaEntry
.find_one(
143 {'_id': ObjectId(request
.matchdict
['media']),
144 'state': u
'processed',
145 'uploader': user
._id
})
147 return render_404(request
)
149 # Still no media? Okay, 404.
151 return render_404(request
)
153 return controller(request
, media
=media
, *args
, **kwargs
)
158 def get_user_collection(controller
):
160 Pass in a Collection based off of a url component
163 def wrapper(request
, *args
, **kwargs
):
164 user
= request
.db
.User
.find_one(
165 {'username': request
.matchdict
['user']})
168 return render_404(request
)
170 collection
= request
.db
.Collection
.find_one(
171 {'slug': request
.matchdict
['collection'],
172 'creator': user
._id
})
174 # Still no collection? Okay, 404.
176 return render_404(request
)
178 return controller(request
, collection
=collection
, *args
, **kwargs
)
183 def get_user_collection_item(controller
):
185 Pass in a CollectionItem based off of a url component
188 def wrapper(request
, *args
, **kwargs
):
189 user
= request
.db
.User
.find_one(
190 {'username': request
.matchdict
['user']})
193 return render_404(request
)
195 collection
= request
.db
.Collection
.find_one(
196 {'slug': request
.matchdict
['collection'],
197 'creator': user
._id
})
199 collection_item
= request
.db
.CollectionItem
.find_one(
200 {'_id': request
.matchdict
['collection_item'] })
202 # Still no collection item? Okay, 404.
203 if not collection_item
:
204 return render_404(request
)
206 return controller(request
, collection_item
=collection_item
, *args
, **kwargs
)
211 def get_media_entry_by_id(controller
):
213 Pass in a MediaEntry based off of a url component
216 def wrapper(request
, *args
, **kwargs
):
218 media
= request
.db
.MediaEntry
.find_one(
219 {'_id': ObjectId(request
.matchdict
['media']),
220 'state': u
'processed'})
222 return render_404(request
)
224 # Still no media? Okay, 404.
226 return render_404(request
)
228 return controller(request
, media
=media
, *args
, **kwargs
)