Enable /u/USERNAME/edit/ pattern #588

author Sebastian Spaeth <Sebastian@SSpaeth.de>

Mon, 7 Jan 2013 15:18:45 +0000 (16:18 +0100)

committer Sebastian Spaeth <Sebastian@SSpaeth.de>

Wed, 9 Jan 2013 08:56:53 +0000 (09:56 +0100)
author Sebastian Spaeth <Sebastian@SSpaeth.de>
Mon, 7 Jan 2013 15:18:45 +0000 (16:18 +0100)
committer Sebastian Spaeth <Sebastian@SSpaeth.de>
Wed, 9 Jan 2013 08:56:53 +0000 (09:56 +0100)
diff --git a/mediagoblin/edit/routing.py b/mediagoblin/edit/routing.py

index 3e6787d2cc13b1fc190b090a79c1b53825be68e3..d382e549bb7a9a28084598e6eb576f4179685640 100644 (file)
--- a/mediagoblin/edit/routing.py
+++ b/mediagoblin/edit/routing.py
@@ -16,7 +16,9 @@
  
  from mediagoblin.tools.routing import add_route
  
-add_route('mediagoblin.edit.profile', '/edit/profile/',
+add_route('mediagoblin.edit.profile', '/u/<string:user>/edit/',
      'mediagoblin.edit.views:edit_profile')
+add_route('mediagoblin.edit.legacy_edit_profile', '/edit/profile/',
+    'mediagoblin.edit.views:legacy_edit_profile')
  add_route('mediagoblin.edit.account', '/edit/account/',
      'mediagoblin.edit.views:edit_account')
diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py

index 9de034bba629979a76337a855c062f3999778c49..2f669c6629ce19f6d2122f2e186d0f212a266882 100644 (file)
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -26,8 +26,8 @@ from mediagoblin import mg_globals
  from mediagoblin.auth import lib as auth_lib
  from mediagoblin.edit import forms
  from mediagoblin.edit.lib import may_edit_media
-from mediagoblin.decorators import require_active_login, get_user_media_entry, \
-    user_may_alter_collection, get_user_collection
+from mediagoblin.decorators import (require_active_login, active_user_from_url,
+     get_user_media_entry,  user_may_alter_collection, get_user_collection)
  from mediagoblin.tools.response import render_to_response, redirect
  from mediagoblin.tools.translate import pass_to_ugettext as _
  from mediagoblin.tools.text import (
@@ -167,20 +167,28 @@ def edit_attachments(request, media):
      else:
          raise Forbidden("Attachments are disabled")
  
+@require_active_login
+def legacy_edit_profile(request):
+    """redirect the old /edit/profile/?username=USER to /u/USER/edit/"""
+    username = request.GET.get('username') or request.user.username
+    return redirect(request, 'mediagoblin.edit.profile', user=username)
+
  
  @require_active_login
-def edit_profile(request):
-    # admins may edit any user profile given a username in the querystring
-    edit_username = request.GET.get('username')
-    if request.user.is_admin and request.user.username != edit_username:
-        user = request.db.User.find_one({'username': edit_username})
+@active_user_from_url
+def edit_profile(request, url_user=None):
+    # admins may edit any user profile
+    if request.user.username != url_user.username:
+        if not request.user.is_admin:
+            raise Forbidden(_("You can only edit your own profile."))
+
          # No need to warn again if admin just submitted an edited profile
          if request.method != 'POST':
              messages.add_message(
                  request, messages.WARNING,
                  _("You are editing a user's profile. Proceed with caution."))
-    else:
-        user = request.user
+
+    user = url_user
  
      form = forms.EditProfileForm(request.form,
          url=user.get('url'),
diff --git a/mediagoblin/templates/mediagoblin/edit/edit_profile.html b/mediagoblin/templates/mediagoblin/edit/edit_profile.html

index 2b2fa4fa2033e24ebae506a31e8dd6482259dd8b..163fe186995de016e045728bd3cee1d2c9403a95 100644 (file)
--- a/mediagoblin/templates/mediagoblin/edit/edit_profile.html
+++ b/mediagoblin/templates/mediagoblin/edit/edit_profile.html
@@ -27,9 +27,8 @@
  
  {% block mediagoblin_content %}
  
-  <form action="{{ request.urlgen('mediagoblin.edit.profile') }}?username={{ 
-                                                     user.username }}"
-        method="POST" enctype="multipart/form-data">
+  <form action="{{ request.urlgen('mediagoblin.edit.profile',
+        user=user.username) }}" method="POST" enctype="multipart/form-data">
      <div class="form_box edit_box">
        <h1>
          {%- trans username=user.username -%}
diff --git a/mediagoblin/templates/mediagoblin/user_pages/user.html b/mediagoblin/templates/mediagoblin/user_pages/user.html

index 65c636b9b9398f3b6b71453b99fd9cb3ab216a44..76bce1e2aedbb1a90dbffed37f05a0f4d45114be 100644 (file)
--- a/mediagoblin/templates/mediagoblin/user_pages/user.html
+++ b/mediagoblin/templates/mediagoblin/user_pages/user.html
@@ -95,9 +95,8 @@
            <p>
              {% trans %}Here's a spot to tell others about yourself.{% endtrans %}
            </p>
-          <a href="{{ request.urlgen('mediagoblin.edit.profile') }}?username={{
-                            user.username }}"
-             class="button_action">
+          <a href="{{ request.urlgen('mediagoblin.edit.profile',
+                   user=user.username) }}" class="button_action">
              {%- trans %}Edit profile{% endtrans -%}
            </a>
        {% else %}
@@ -113,8 +112,8 @@
          {% include "mediagoblin/utils/profile.html" %}
          {% if request.user and
                (request.user.id == user.id or request.user.is_admin) %}
-          <a href="{{ request.urlgen('mediagoblin.edit.profile') }}?username={{
-                          user.username }}">
+          <a href="{{ request.urlgen('mediagoblin.edit.profile',
+                   user=user.username) }}">
              {%- trans %}Edit profile{% endtrans -%}
            </a>
          {% endif %}
author	Sebastian Spaeth <Sebastian@SSpaeth.de>
	Mon, 7 Jan 2013 15:18:45 +0000 (16:18 +0100)
committer	Sebastian Spaeth <Sebastian@SSpaeth.de>
	Wed, 9 Jan 2013 08:56:53 +0000 (09:56 +0100)
mediagoblin/edit/routing.py		patch \| blob \| blame \| history
mediagoblin/edit/views.py		patch \| blob \| blame \| history
mediagoblin/templates/mediagoblin/edit/edit_profile.html		patch \| blob \| blame \| history
mediagoblin/templates/mediagoblin/user_pages/user.html		patch \| blob \| blame \| history