1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2013 MediaGoblin contributors. See AUTHORS.
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
20 from werkzeug
.exceptions
import MethodNotAllowed
, BadRequest
21 from werkzeug
.wrappers
import BaseResponse
23 from mediagoblin
import mg_globals
24 from mediagoblin
.meddleware
.csrf
import csrf_exempt
25 from mediagoblin
.tools
.response
import render_404
26 from mediagoblin
.submit
.lib
import check_file_field
27 from .tools
import CmdTable
, PwgNamedArray
, response_xml
28 from .forms
import AddSimpleForm
31 _log
= logging
.getLogger(__name__
)
34 @CmdTable("pwg.session.login", True)
35 def pwg_login(request
):
36 username
= request
.form
.get("username")
37 password
= request
.form
.get("password")
38 _log
.info("Login for %r/%r...", username
, password
)
42 @CmdTable("pwg.session.logout")
43 def pwg_logout(request
):
48 @CmdTable("pwg.getVersion")
49 def pwg_getversion(request
):
50 return "2.5.0 (MediaGoblin)"
53 @CmdTable("pwg.session.getStatus")
54 def pwg_session_getStatus(request
):
55 return {'username': "fake_user"}
58 @CmdTable("pwg.categories.getList")
59 def pwg_categories_getList(request
):
60 catlist
= ({'id': -29711,
61 'uppercats': "-29711",
62 'name': "All my images"},)
64 'categories': PwgNamedArray(
80 @CmdTable("pwg.images.exist")
81 def pwg_images_exist(request
):
85 @CmdTable("pwg.images.addSimple", True)
86 def pwg_images_addSimple(request
):
87 form
= AddSimpleForm(request
.form
)
88 if not form
.validate():
89 _log
.error("addSimple: form failed")
93 dump
.append("%s=%r" % (f
.name
, f
.data
))
94 _log
.info("addimple: %r %s %r", request
.form
, " ".join(dump
), request
.files
)
96 if not check_file_field(request
, 'image'):
99 return {'image_id': 123456, 'url': ''}
102 md5sum_matcher
= re
.compile(r
"^[0-9a-fA-F]{32}$")
104 def fetch_md5(request
, parm_name
, optional_parm
=False):
105 val
= request
.form
.get(parm_name
)
106 if (val
is None) and (not optional_parm
):
107 _log
.error("Parameter %s missing", parm_name
)
108 raise BadRequest("Parameter %s missing" % parm_name
)
109 if not md5sum_matcher
.match(val
):
110 _log
.error("Parameter %s=%r has no valid md5 value", parm_name
, val
)
111 raise BadRequest("Parameter %s is not md5" % parm_name
)
115 @CmdTable("pwg.images.addChunk", True)
116 def pwg_images_addChunk(request
):
117 o_sum
= fetch_md5(request
, 'original_sum')
118 typ
= request
.form
.get('type')
119 pos
= request
.form
.get('position')
120 data
= request
.form
.get('data')
124 if not typ
in ("file", "thumb"):
125 _log
.error("type %r not allowed for now", typ
)
128 _log
.info("addChunk for %r, type %r, position %d, len: %d",
129 o_sum
, typ
, pos
, len(data
))
131 _log
.info("addChunk: Ignoring thumb, because we create our own")
137 def possibly_add_cookie(request
, response
):
138 # TODO: We should only add a *real* cookie, if
139 # authenticated. And if there is no cookie already.
144 path
=request
.environ
['SCRIPT_NAME'],
145 domain
=mg_globals
.app_config
.get('csrf_cookie_domain'),
146 secure
=(request
.scheme
.lower() == 'https'),
152 if request
.method
not in ("GET", "POST"):
153 _log
.error("Method %r not supported", request
.method
)
154 raise MethodNotAllowed()
156 func
= CmdTable
.find_func(request
)
158 _log
.warn("wsphp: Unhandled %s %r %r", request
.method
,
159 request
.args
, request
.form
)
160 return render_404(request
)
162 result
= func(request
)
164 if isinstance(result
, BaseResponse
):
167 response
= response_xml(result
)
169 possibly_add_cookie(request
, response
)