1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
17 from functools
import wraps
19 from urlparse
import urljoin
20 from urllib
import urlencode
24 from mediagoblin
.db
.util
import ObjectId
, InvalidId
25 from mediagoblin
.tools
.response
import redirect
, render_404
28 def require_active_login(controller
):
30 Require an active login from the user.
33 def new_controller_func(request
, *args
, **kwargs
):
35 request
.user
.get('status') == u
'needs_email_verification':
37 request
, 'mediagoblin.user_pages.user_home',
38 user
=request
.user
.username
)
39 elif not request
.user
or request
.user
.get('status') != u
'active':
41 request
.urlgen('mediagoblin.auth.login',
47 request
.urlgen('mediagoblin.auth.login'),
51 return controller(request
, *args
, **kwargs
)
53 return new_controller_func
56 def user_may_delete_media(controller
):
58 Require user ownership of the MediaEntry to delete.
61 def wrapper(request
, *args
, **kwargs
):
62 uploader_id
= request
.db
.MediaEntry
.find_one(
63 {'_id': ObjectId(request
.matchdict
['media'])}).uploader
64 if not (request
.user
.is_admin
or
65 request
.user
._id
== uploader_id
):
66 return exc
.HTTPForbidden()
68 return controller(request
, *args
, **kwargs
)
73 def user_may_alter_collection(controller
):
75 Require user ownership of the Collection to modify.
78 def wrapper(request
, *args
, **kwargs
):
79 creator_id
= request
.db
.User
.find_one(
80 {'username': request
.matchdict
['user']}).id
81 if not (request
.user
.is_admin
or
82 request
.user
._id
== creator_id
):
83 return exc
.HTTPForbidden()
85 return controller(request
, *args
, **kwargs
)
90 def uses_pagination(controller
):
92 Check request GET 'page' key for wrong values
95 def wrapper(request
, *args
, **kwargs
):
97 page
= int(request
.GET
.get('page', 1))
99 return render_404(request
)
101 return render_404(request
)
103 return controller(request
, page
=page
, *args
, **kwargs
)
108 def get_user_media_entry(controller
):
110 Pass in a MediaEntry based off of a url component
113 def wrapper(request
, *args
, **kwargs
):
114 user
= request
.db
.User
.find_one(
115 {'username': request
.matchdict
['user']})
118 return render_404(request
)
119 media
= request
.db
.MediaEntry
.find_one(
120 {'slug': request
.matchdict
['media'],
121 'state': u
'processed',
122 'uploader': user
._id
})
124 # no media via slug? Grab it via ObjectId
127 media
= request
.db
.MediaEntry
.find_one(
128 {'_id': ObjectId(request
.matchdict
['media']),
129 'state': u
'processed',
130 'uploader': user
._id
})
132 return render_404(request
)
134 # Still no media? Okay, 404.
136 return render_404(request
)
138 return controller(request
, media
=media
, *args
, **kwargs
)
143 def get_user_collection(controller
):
145 Pass in a Collection based off of a url component
148 def wrapper(request
, *args
, **kwargs
):
149 user
= request
.db
.User
.find_one(
150 {'username': request
.matchdict
['user']})
153 return render_404(request
)
155 collection
= request
.db
.Collection
.find_one(
156 {'slug': request
.matchdict
['collection'],
157 'creator': user
._id
})
159 # Still no collection? Okay, 404.
161 return render_404(request
)
163 return controller(request
, collection
=collection
, *args
, **kwargs
)
168 def get_user_collection_item(controller
):
170 Pass in a CollectionItem based off of a url component
173 def wrapper(request
, *args
, **kwargs
):
174 user
= request
.db
.User
.find_one(
175 {'username': request
.matchdict
['user']})
178 return render_404(request
)
180 collection
= request
.db
.Collection
.find_one(
181 {'slug': request
.matchdict
['collection'],
182 'creator': user
._id
})
184 collection_item
= request
.db
.CollectionItem
.find_one(
185 {'_id': request
.matchdict
['collection_item'] })
187 # Still no collection item? Okay, 404.
188 if not collection_item
:
189 return render_404(request
)
191 return controller(request
, collection_item
=collection_item
, *args
, **kwargs
)
196 def get_media_entry_by_id(controller
):
198 Pass in a MediaEntry based off of a url component
201 def wrapper(request
, *args
, **kwargs
):
203 media
= request
.db
.MediaEntry
.find_one(
204 {'_id': ObjectId(request
.matchdict
['media']),
205 'state': u
'processed'})
207 return render_404(request
)
209 # Still no media? Okay, 404.
211 return render_404(request
)
213 return controller(request
, media
=media
, *args
, **kwargs
)