X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=mediagoblin%2Fdecorators.py;h=83602c7063c1d3dd64fed18b2fe8a979c7e5b378;hb=ff6933fa4c63611f8e3d512d6608767cbdece6ec;hp=19e22bcabe257125f97a5e4944faa2e71aa81e2e;hpb=b43b17fc2686f5524413a66f8e98f3ab0cc11a60;p=mediagoblin.git

diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py
index 19e22bca..83602c70 100644
--- a/mediagoblin/decorators.py
+++ b/mediagoblin/decorators.py
@@ -1,5 +1,5 @@
 # GNU MediaGoblin -- federated, autonomous media hosting
-# Copyright (C) 2011 MediaGoblin contributors.  See AUTHORS.
+# Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -40,12 +40,12 @@ def require_active_login(controller):
                 request.user.get('status') == u'needs_email_verification':
             return redirect(
                 request, 'mediagoblin.user_pages.user_home',
-                user=request.user['username'])
+                user=request.user.username)
         elif not request.user or request.user.get('status') != u'active':
             return exc.HTTPFound(
                 location="%s?next=%s" % (
                     request.urlgen("mediagoblin.auth.login"),
-                    request.path_info))
+                    request.full_path))
 
         return controller(request, *args, **kwargs)
 
@@ -57,10 +57,10 @@ def user_may_delete_media(controller):
     Require user ownership of the MediaEntry to delete.
     """
     def wrapper(request, *args, **kwargs):
-        uploader = request.db.MediaEntry.find_one(
-            {'_id': ObjectId(request.matchdict['media'])}).uploader()
-        if not (request.user['is_admin'] or
-                request.user['_id'] == uploader['_id']):
+        uploader_id = request.db.MediaEntry.find_one(
+            {'_id': ObjectId(request.matchdict['media'])}).uploader
+        if not (request.user.is_admin or
+                request.user._id == uploader_id):
             return exc.HTTPForbidden()
 
         return controller(request, *args, **kwargs)
@@ -95,11 +95,10 @@ def get_user_media_entry(controller):
 
         if not user:
             return render_404(request)
-
         media = request.db.MediaEntry.find_one(
             {'slug': request.matchdict['media'],
              'state': 'processed',
-             'uploader': user['_id']})
+             'uploader': user._id})
 
         # no media via slug?  Grab it via ObjectId
         if not media:
@@ -107,7 +106,7 @@ def get_user_media_entry(controller):
                 media = request.db.MediaEntry.find_one(
                     {'_id': ObjectId(request.matchdict['media']),
                      'state': 'processed',
-                     'uploader': user['_id']})
+                     'uploader': user._id})
             except InvalidId:
                 return render_404(request)
 
@@ -119,6 +118,7 @@ def get_user_media_entry(controller):
 
     return _make_safe(wrapper, controller)
 
+
 def get_media_entry_by_id(controller):
     """
     Pass in a MediaEntry based off of a url component
@@ -138,4 +138,3 @@ def get_media_entry_by_id(controller):
         return controller(request, media=media, *args, **kwargs)
 
     return _make_safe(wrapper, controller)
-