X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=mediagoblin%2Fedit%2Fviews.py;h=673409bda6bd41dadda6482dad1e794971ddc610;hb=c8ccd23e8e0d77df3e7382cd6330e0c993bbcc8e;hp=f372fbb9e00f2dce66324bfd060233d8782c09e2;hpb=5f72a4c3314a6e6c0d05d916f380557fdf744d57;p=mediagoblin.git diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index f372fbb9..673409bd 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -1,5 +1,5 @@ # GNU MediaGoblin -- federated, autonomous media hosting -# Copyright (C) 2011 Free Software Foundation, Inc +# Copyright (C) 2011 MediaGoblin contributors. See AUTHORS. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by @@ -14,16 +14,27 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +import uuid from webob import exc +from string import split +from cgi import FieldStorage +from datetime import datetime + +from werkzeug.utils import secure_filename from mediagoblin import messages -from mediagoblin.util import ( - render_to_response, redirect, cleaned_markdown_conversion) +from mediagoblin import mg_globals + +from mediagoblin.auth import lib as auth_lib from mediagoblin.edit import forms from mediagoblin.edit.lib import may_edit_media from mediagoblin.decorators import require_active_login, get_user_media_entry - +from mediagoblin.tools.response import render_to_response, redirect +from mediagoblin.tools.translate import pass_to_ugettext as _ +from mediagoblin.tools.text import ( + clean_html, convert_to_tag_list_of_dicts, + media_tags_as_string, cleaned_markdown_conversion) @get_user_media_entry @require_active_login @@ -31,10 +42,15 @@ def edit_media(request, media): if not may_edit_media(request, media): return exc.HTTPForbidden() - form = forms.EditForm(request.POST, - title = media['title'], - slug = media['slug'], - description = media['description']) + defaults = dict( + title=media['title'], + slug=media['slug'], + description=media['description'], + tags=media_tags_as_string(media['tags'])) + + form = forms.EditForm( + request.POST, + **defaults) if request.method == 'POST' and form.validate(): # Make sure there isn't already a MediaEntry with such a slug @@ -42,42 +58,93 @@ def edit_media(request, media): existing_user_slug_entries = request.db.MediaEntry.find( {'slug': request.POST['slug'], 'uploader': media['uploader'], - '_id': {'$ne': media['_id']}}).count() - + '_id': {'$ne': media._id}}).count() + if existing_user_slug_entries: form.slug.errors.append( - u'An entry with that slug already exists for this user.') + _(u'An entry with that slug already exists for this user.')) else: - media['title'] = request.POST['title'] - media['description'] = request.POST.get('description') + media['title'] = unicode(request.POST['title']) + media['description'] = unicode(request.POST.get('description')) + media['tags'] = convert_to_tag_list_of_dicts( + request.POST.get('tags')) media['description_html'] = cleaned_markdown_conversion( media['description']) - media['slug'] = request.POST['slug'] + media['slug'] = unicode(request.POST['slug']) media.save() - return redirect(request, "mediagoblin.user_pages.media_home", - user=media.uploader()['username'], media=media['slug']) + return exc.HTTPFound( + location=media.url_for_self(request.urlgen)) if request.user['is_admin'] \ - and media['uploader'] != request.user['_id'] \ + and media['uploader'] != request.user._id \ and request.method != 'POST': messages.add_message( request, messages.WARNING, - "You are editing another user's media. Proceed with caution.") - + _("You are editing another user's media. Proceed with caution.")) return render_to_response( request, 'mediagoblin/edit/edit.html', {'media': media, 'form': form}) - + +@get_user_media_entry @require_active_login -def edit_profile(request): +def edit_attachments(request, media): + if mg_globals.app_config['allow_attachments']: + form = forms.EditAttachmentsForm() + + # Add any attachements + if ('attachment_file' in request.POST + and isinstance(request.POST['attachment_file'], FieldStorage) + and request.POST['attachment_file'].file): + + attachment_public_filepath \ + = mg_globals.public_store.get_unique_filepath( + ['media_entries', unicode(media._id), 'attachment', + secure_filename(request.POST['attachment_file'].filename)]) + + attachment_public_file = mg_globals.public_store.get_file( + attachment_public_filepath, 'wb') + + try: + attachment_public_file.write( + request.POST['attachment_file'].file.read()) + finally: + request.POST['attachment_file'].file.close() + + media['attachment_files'].append(dict( + name=request.POST['attachment_name'] \ + or request.POST['attachment_file'].filename, + filepath=attachment_public_filepath, + created=datetime.utcnow(), + )) + media.save() + + messages.add_message( + request, messages.SUCCESS, + "You added the attachment %s!" \ + % (request.POST['attachment_name'] + or request.POST['attachment_file'].filename)) + + return exc.HTTPFound( + location=media.url_for_self(request.urlgen)) + return render_to_response( + request, + 'mediagoblin/edit/attachments.html', + {'media': media, + 'form': form}) + else: + return exc.HTTPForbidden() + + +@require_active_login +def edit_profile(request): # admins may edit any user profile given a username in the querystring edit_username = request.GET.get('username') if request.user['is_admin'] and request.user['username'] != edit_username: @@ -86,28 +153,46 @@ def edit_profile(request): if request.method != 'POST': messages.add_message( request, messages.WARNING, - "You are editing a user's profile. Proceed with caution.") + _("You are editing a user's profile. Proceed with caution.")) else: user = request.user form = forms.EditProfileForm(request.POST, - url = user.get('url'), - bio = user.get('bio')) + url=user.get('url'), + bio=user.get('bio')) if request.method == 'POST' and form.validate(): - user['url'] = request.POST['url'] - user['bio'] = request.POST['bio'] + password_matches = auth_lib.bcrypt_check_password( + request.POST['old_password'], + user['pw_hash']) + + if (request.POST['old_password'] or request.POST['new_password']) and not \ + password_matches: + form.old_password.errors.append(_('Wrong password')) + + return render_to_response( + request, + 'mediagoblin/edit/edit_profile.html', + {'user': user, + 'form': form}) + + user['url'] = unicode(request.POST['url']) + user['bio'] = unicode(request.POST['bio']) + + if password_matches: + user['pw_hash'] = auth_lib.bcrypt_gen_password_hash( + request.POST['new_password']) - user['bio_html'] = cleaned_markdown_conversion(user['bio']) + user['bio_html'] = cleaned_markdown_conversion(user['bio']) - user.save() + user.save() - messages.add_message(request, - messages.SUCCESS, - 'Profile edited!') - return redirect(request, - 'mediagoblin.user_pages.user_home', - user=edit_username) + messages.add_message(request, + messages.SUCCESS, + _("Profile edited!")) + return redirect(request, + 'mediagoblin.user_pages.user_home', + user=user['username']) return render_to_response( request,