From a062149e90731cfd730d8a539a32354065a8c9e8 Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Thu, 13 Sep 2012 20:59:00 +0200 Subject: [PATCH] Created API plugin, moved api_auth to the API plugin --- mediagoblin/plugins/api/__init__.py | 41 +++++++++++++++++++++ mediagoblin/plugins/api/tools.py | 53 +++++++++++++++++++++++++++ mediagoblin/plugins/api/views.py | 32 ++++++++++++++++ mediagoblin/plugins/oauth/__init__.py | 2 - mediagoblin/plugins/oauth/views.py | 12 ------ mediagoblin/tools/pluginapi.py | 29 --------------- 6 files changed, 126 insertions(+), 43 deletions(-) create mode 100644 mediagoblin/plugins/api/__init__.py create mode 100644 mediagoblin/plugins/api/tools.py create mode 100644 mediagoblin/plugins/api/views.py diff --git a/mediagoblin/plugins/api/__init__.py b/mediagoblin/plugins/api/__init__.py new file mode 100644 index 00000000..f3526aa1 --- /dev/null +++ b/mediagoblin/plugins/api/__init__.py @@ -0,0 +1,41 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +import os +import logging + +from routes.route import Route + +from mediagoblin.tools import pluginapi + +_log = logging.getLogger(__name__) + +PLUGIN_DIR = os.path.dirname(__file__) + + +def setup_plugin(): + config = pluginapi.get_config(__name__) + + _log.info('Setting up API...') + + routes = [ + Route('mediagoblin.plugins.api.test', '/api/test', + controller='mediagoblin.plugins.api.views:api_test')] + + pluginapi.register_routes(routes) + +hooks = { + 'setup': setup_plugin} diff --git a/mediagoblin/plugins/api/tools.py b/mediagoblin/plugins/api/tools.py new file mode 100644 index 00000000..a8873b06 --- /dev/null +++ b/mediagoblin/plugins/api/tools.py @@ -0,0 +1,53 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +import logging + +from functools import wraps +from webob import exc + +from mediagoblin.tools.pluginapi import PluginManager + +_log = logging.getLogger(__name__) + + +def api_auth(controller): + @wraps(controller) + def wrapper(request, *args, **kw): + auth_candidates = [] + + for auth in PluginManager().get_hook_callables('auth'): + _log.debug('Plugin auth: {0}'.format(auth)) + if auth.trigger(request): + auth_candidates.append(auth) + + # If we can't find any authentication methods, we should not let them + # pass. + if not auth_candidates: + return exc.HTTPForbidden() + + # For now, just select the first one in the list + auth = auth_candidates[0] + + _log.debug('Using {0} to authorize request {1}'.format( + auth, request.url)) + + if not auth(request, *args, **kw): + return exc.HTTPForbidden() + + return controller(request, *args, **kw) + + return wrapper diff --git a/mediagoblin/plugins/api/views.py b/mediagoblin/plugins/api/views.py new file mode 100644 index 00000000..7d6ef572 --- /dev/null +++ b/mediagoblin/plugins/api/views.py @@ -0,0 +1,32 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +import json +from webob import exc, Response + +from mediagoblin.plugins.api.tools import api_auth + + +@api_auth +def api_test(request): + if not request.user: + return exc.HTTPForbidden() + + user_data = { + 'username': request.user.username, + 'email': request.user.email} + + return Response(json.dumps(user_data)) diff --git a/mediagoblin/plugins/oauth/__init__.py b/mediagoblin/plugins/oauth/__init__.py index af39ae93..04aa7815 100644 --- a/mediagoblin/plugins/oauth/__init__.py +++ b/mediagoblin/plugins/oauth/__init__.py @@ -38,8 +38,6 @@ def setup_plugin(): routes = [ Route('mediagoblin.plugins.oauth.authorize', '/oauth/authorize', controller='mediagoblin.plugins.oauth.views:authorize'), - Route('mediagoblin.plugins.oauth.test', '/api/test', - controller='mediagoblin.plugins.oauth.views:api_test'), Route('mediagoblin.plugins.oauth.access_token', '/oauth/access_token', controller='mediagoblin.plugins.oauth.views:access_token')] diff --git a/mediagoblin/plugins/oauth/views.py b/mediagoblin/plugins/oauth/views.py index 7627b97a..70be3039 100644 --- a/mediagoblin/plugins/oauth/views.py +++ b/mediagoblin/plugins/oauth/views.py @@ -91,15 +91,3 @@ def access_token(request): error_data = { 'error': 'Incorrect code'} return Response(json.dumps(error_data)) - - -@pluginapi.api_auth -def api_test(request): - if not request.user: - return exc.HTTPForbidden() - - user_data = { - 'username': request.user.username, - 'email': request.user.email} - - return Response(json.dumps(user_data)) diff --git a/mediagoblin/tools/pluginapi.py b/mediagoblin/tools/pluginapi.py index f0c8bbc8..7c1e108b 100644 --- a/mediagoblin/tools/pluginapi.py +++ b/mediagoblin/tools/pluginapi.py @@ -209,32 +209,3 @@ def get_config(key): return plugin_section.get(key, {}) -def api_auth(controller): - @wraps(controller) - def wrapper(request, *args, **kw): - auth_candidates = [] - - for auth in PluginManager().get_hook_callables('auth'): - _log.debug('Plugin auth: {0}'.format(auth)) - if auth.trigger(request): - auth_candidates.append(auth) - - # If we can't find any authentication methods, we should not let them - # pass. - if not auth_candidates: - from webob import exc - return exc.HTTPForbidden() - - # For now, just select the first one in the list - auth = auth_candidates[0] - - _log.debug('Using {0} to authorize request {1}'.format( - auth, request.url)) - - if not auth(request, *args, **kw): - from webob import exc - return exc.HTTPForbidden() - - return controller(request, *args, **kw) - - return wrapper -- 2.25.1