X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=mediagoblin%2Fedit%2Fviews.py;h=2bcb56946a2c02be754b37814154930c98fcc1a9;hb=9dcd8436a9c97276e69b208c7c110d5875d1400d;hp=c4d503b7ad299b265c0d23f58971872192138ec7;hpb=3a8c3a38559f2f81d6155c2349fcddc5ecd6ef28;p=mediagoblin.git diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index c4d503b7..2bcb5694 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -1,5 +1,5 @@ # GNU MediaGoblin -- federated, autonomous media hosting -# Copyright (C) 2011 Free Software Foundation, Inc +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by @@ -14,6 +14,7 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +import uuid from webob import exc from string import split @@ -24,12 +25,18 @@ from werkzeug.utils import secure_filename from mediagoblin import messages from mediagoblin import mg_globals -from mediagoblin.util import ( - render_to_response, redirect, clean_html, convert_to_tag_list_of_dicts, - media_tags_as_string, cleaned_markdown_conversion) + +from mediagoblin.auth import lib as auth_lib from mediagoblin.edit import forms from mediagoblin.edit.lib import may_edit_media from mediagoblin.decorators import require_active_login, get_user_media_entry +from mediagoblin.tools.response import render_to_response, redirect +from mediagoblin.tools.translate import pass_to_ugettext as _ +from mediagoblin.tools.text import ( + clean_html, convert_to_tag_list_of_dicts, + media_tags_as_string) +from mediagoblin.tools.licenses import SUPPORTED_LICENSES +from mediagoblin.db.util import check_media_slug_used @get_user_media_entry @@ -39,13 +46,11 @@ def edit_media(request, media): return exc.HTTPForbidden() defaults = dict( - title=media['title'], - slug=media['slug'], - description=media['description'], - tags=media_tags_as_string(media['tags'])) - - if len(media['attachment_files']): - defaults['attachment_name'] = media['attachment_files'][0]['name'] + title=media.title, + slug=media.slug, + description=media.description, + tags=media_tags_as_string(media.tags), + license=media.license) form = forms.EditForm( request.POST, @@ -54,43 +59,33 @@ def edit_media(request, media): if request.method == 'POST' and form.validate(): # Make sure there isn't already a MediaEntry with such a slug # and userid. - existing_user_slug_entries = request.db.MediaEntry.find( - {'slug': request.POST['slug'], - 'uploader': media['uploader'], - '_id': {'$ne': media['_id']}}).count() + slug_used = check_media_slug_used(request.db, media.uploader, + request.POST['slug'], media.id) - if existing_user_slug_entries: + if slug_used: form.slug.errors.append( - u'An entry with that slug already exists for this user.') + _(u'An entry with that slug already exists for this user.')) else: - media['title'] = request.POST['title'] - media['description'] = request.POST.get('description') - media['tags'] = convert_to_tag_list_of_dicts( + media.title = unicode(request.POST['title']) + media.description = unicode(request.POST.get('description')) + media.tags = convert_to_tag_list_of_dicts( request.POST.get('tags')) - media['description_html'] = cleaned_markdown_conversion( - media['description']) - - if 'attachment_name' in request.POST: - media['attachment_files'][0]['name'] = \ - request.POST['attachment_name'] + media.license = unicode(request.POST.get('license', '')) or None - if 'attachment_delete' in request.POST \ - and 'y' == request.POST['attachment_delete']: - del media['attachment_files'][0] + media.slug = unicode(request.POST['slug']) - media['slug'] = request.POST['slug'] media.save() - return redirect(request, "mediagoblin.user_pages.media_home", - user=media.uploader()['username'], media=media['slug']) + return exc.HTTPFound( + location=media.url_for_self(request.urlgen)) - if request.user['is_admin'] \ - and media['uploader'] != request.user['_id'] \ + if request.user.is_admin \ + and media.uploader != request.user._id \ and request.method != 'POST': messages.add_message( request, messages.WARNING, - "You are editing another user's media. Proceed with caution.") + _("You are editing another user's media. Proceed with caution.")) return render_to_response( request, @@ -112,7 +107,7 @@ def edit_attachments(request, media): attachment_public_filepath \ = mg_globals.public_store.get_unique_filepath( - ['media_entries', unicode(media['_id']), 'attachment', + ['media_entries', unicode(media._id), 'attachment', secure_filename(request.POST['attachment_file'].filename)]) attachment_public_file = mg_globals.public_store.get_file( @@ -124,11 +119,11 @@ def edit_attachments(request, media): finally: request.POST['attachment_file'].file.close() - media['attachment_files'].append(dict( + media.attachment_files.append(dict( name=request.POST['attachment_name'] \ or request.POST['attachment_file'].filename, filepath=attachment_public_filepath, - created=datetime.utcnow() + created=datetime.utcnow(), )) media.save() @@ -139,9 +134,8 @@ def edit_attachments(request, media): % (request.POST['attachment_name'] or request.POST['attachment_file'].filename)) - return redirect(request, 'mediagoblin.user_pages.media_home', - user=media.uploader()['username'], - media=media['slug']) + return exc.HTTPFound( + location=media.url_for_self(request.urlgen)) return render_to_response( request, 'mediagoblin/edit/attachments.html', @@ -155,13 +149,13 @@ def edit_attachments(request, media): def edit_profile(request): # admins may edit any user profile given a username in the querystring edit_username = request.GET.get('username') - if request.user['is_admin'] and request.user['username'] != edit_username: + if request.user.is_admin and request.user.username != edit_username: user = request.db.User.find_one({'username': edit_username}) # No need to warn again if admin just submitted an edited profile if request.method != 'POST': messages.add_message( request, messages.WARNING, - "You are editing a user's profile. Proceed with caution.") + _("You are editing a user's profile. Proceed with caution.")) else: user = request.user @@ -170,22 +164,62 @@ def edit_profile(request): bio=user.get('bio')) if request.method == 'POST' and form.validate(): - user['url'] = request.POST['url'] - user['bio'] = request.POST['bio'] + user.url = unicode(request.POST['url']) + user.bio = unicode(request.POST['bio']) - user['bio_html'] = cleaned_markdown_conversion(user['bio']) + user.save() - user.save() - - messages.add_message(request, - messages.SUCCESS, - 'Profile edited!') - return redirect(request, - 'mediagoblin.user_pages.user_home', - user=edit_username) + messages.add_message(request, + messages.SUCCESS, + _("Profile changes saved")) + return redirect(request, + 'mediagoblin.user_pages.user_home', + user=user.username) return render_to_response( request, 'mediagoblin/edit/edit_profile.html', {'user': user, 'form': form}) + + +@require_active_login +def edit_account(request): + edit_username = request.GET.get('username') + user = request.user + + form = forms.EditAccountForm(request.POST) + + if request.method == 'POST' and form.validate(): + password_matches = auth_lib.bcrypt_check_password( + request.POST['old_password'], + user.pw_hash) + + if (request.POST['old_password'] or request.POST['new_password']) and not \ + password_matches: + form.old_password.errors.append(_('Wrong password')) + + return render_to_response( + request, + 'mediagoblin/edit/edit_account.html', + {'user': user, + 'form': form}) + + if password_matches: + user.pw_hash = auth_lib.bcrypt_gen_password_hash( + request.POST['new_password']) + + user.save() + + messages.add_message(request, + messages.SUCCESS, + _("Account settings saved")) + return redirect(request, + 'mediagoblin.user_pages.user_home', + user=user.username) + + return render_to_response( + request, + 'mediagoblin/edit/edit_account.html', + {'user': user, + 'form': form})