mediagoblin/plugins/piwigo/views.py

   1 # GNU MediaGoblin -- federated, autonomous media hosting
   2 # Copyright (C) 2013 MediaGoblin contributors.  See AUTHORS.
   3 #
   4 # This program is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU Affero General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 import logging
  18 import re
  19
  20 import six
  21
  22 from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented
  23 from werkzeug.wrappers import BaseResponse
  24
  25 from mediagoblin.tools.translate import pass_to_ugettext as _
  26 from mediagoblin.meddleware.csrf import csrf_exempt
  27 from mediagoblin.auth.tools import check_login_simple
  28 from mediagoblin.submit.lib import \
  29     submit_media, check_file_field, get_upload_file_limits, \
  30     FileUploadLimit, UserUploadLimit, UserPastUploadLimit
  31
  32
  33 from mediagoblin.user_pages.lib import add_media_to_collection
  34 from mediagoblin.db.models import Collection
  35
  36 from .tools import CmdTable, response_xml, check_form, \
  37     PWGSession, PwgNamedArray, PwgError
  38 from .forms import AddSimpleForm, AddForm
  39
  40
  41 _log = logging.getLogger(__name__)
  42
  43
  44 @CmdTable("pwg.session.login", True)
  45 def pwg_login(request):
  46     username = request.form.get("username")
  47     password = request.form.get("password")
  48     user = check_login_simple(username, password)
  49     if not user:
  50         return PwgError(999, 'Invalid username/password')
  51     request.session["user_id"] = user.id
  52     request.session.save()
  53     return True
  54
  55
  56 @CmdTable("pwg.session.logout")
  57 def pwg_logout(request):
  58     _log.info("Logout")
  59     request.session.delete()
  60     return True
  61
  62
  63 @CmdTable("pwg.getVersion")
  64 def pwg_getversion(request):
  65     return "2.5.0 (MediaGoblin)"
  66
  67
  68 @CmdTable("pwg.session.getStatus")
  69 def pwg_session_getStatus(request):
  70     if request.user:
  71         username = request.user.username
  72     else:
  73         username = "guest"
  74     return {'username': username}
  75
  76
  77 @CmdTable("pwg.categories.getList")
  78 def pwg_categories_getList(request):
  79     catlist = [{'id': -29711,
  80                 'uppercats': "-29711",
  81                 'name': "All my images"}]
  82
  83     if request.user:
  84         collections = Collection.query.filter_by(
  85             get_actor=request.user).order_by(Collection.title)
  86
  87         for c in collections:
  88             catlist.append({'id': c.id,
  89                             'uppercats': str(c.id),
  90                             'name': c.title,
  91                             'comment': c.description
  92                             })
  93
  94     return {
  95           'categories': PwgNamedArray(
  96             catlist,
  97             'category',
  98             (
  99               'id',
 100               'url',
 101               'nb_images',
 102               'total_nb_images',
 103               'nb_categories',
 104               'date_last',
 105               'max_date_last',
 106             )
 107           )
 108         }
 109
 110
 111 @CmdTable("pwg.images.exist")
 112 def pwg_images_exist(request):
 113     return {}
 114
 115
 116 @CmdTable("pwg.images.addSimple", True)
 117 def pwg_images_addSimple(request):
 118     form = AddSimpleForm(request.form)
 119     if not form.validate():
 120         _log.error("addSimple: form failed")
 121         raise BadRequest()
 122     dump = []
 123     for f in form:
 124         dump.append("%s=%r" % (f.name, f.data))
 125     _log.info("addSimple: %r %s %r", request.form, " ".join(dump),
 126               request.files)
 127
 128     if not check_file_field(request, 'image'):
 129         raise BadRequest()
 130
 131     upload_limit, max_file_size = get_upload_file_limits(request.user)
 132
 133     try:
 134         entry = submit_media(
 135             mg_app=request.app, user=request.user,
 136             submitted_file=request.files['image'],
 137             filename=request.files['image'].filename,
 138             title=six.text_type(form.name.data),
 139             description=six.text_type(form.comment.data),
 140             upload_limit=upload_limit, max_file_size=max_file_size)
 141
 142         collection_id = form.category.data
 143         if collection_id > 0:
 144             collection = Collection.query.get(collection_id)
 145             if collection is not None and collection.actor == request.user.id:
 146                 add_media_to_collection(collection, entry, "")
 147
 148         return {
 149             'image_id': entry.id,
 150             'url': entry.url_for_self(
 151                 request.urlgen,
 152                 qualified=True)}
 153
 154     # Handle upload limit issues
 155     except FileUploadLimit:
 156         raise BadRequest(
 157             _(u'Sorry, the file size is too big.'))
 158     except UserUploadLimit:
 159         raise BadRequest(
 160             _('Sorry, uploading this file will put you over your'
 161               ' upload limit.'))
 162     except UserPastUploadLimit:
 163         raise BadRequest(
 164             _('Sorry, you have reached your upload limit.'))
 165
 166
 167 md5sum_matcher = re.compile(r"^[0-9a-fA-F]{32}$")
 168
 169
 170 def fetch_md5(request, parm_name, optional_parm=False):
 171     val = request.form.get(parm_name)
 172     if (val is None) and (not optional_parm):
 173         _log.error("Parameter %s missing", parm_name)
 174         raise BadRequest("Parameter %s missing" % parm_name)
 175     if not md5sum_matcher.match(val):
 176         _log.error("Parameter %s=%r has no valid md5 value", parm_name, val)
 177         raise BadRequest("Parameter %s is not md5" % parm_name)
 178     return val
 179
 180
 181 @CmdTable("pwg.images.addChunk", True)
 182 def pwg_images_addChunk(request):
 183     o_sum = fetch_md5(request, 'original_sum')
 184     typ = request.form.get('type')
 185     pos = request.form.get('position')
 186     data = request.form.get('data')
 187
 188     # Validate params:
 189     pos = int(pos)
 190     if not typ in ("file", "thumb"):
 191         _log.error("type %r not allowed for now", typ)
 192         return False
 193
 194     _log.info("addChunk for %r, type %r, position %d, len: %d",
 195               o_sum, typ, pos, len(data))
 196     if typ == "thumb":
 197         _log.info("addChunk: Ignoring thumb, because we create our own")
 198         return True
 199
 200     return True
 201
 202
 203 @CmdTable("pwg.images.add", True)
 204 def pwg_images_add(request):
 205     _log.info("add: %r", request.form)
 206     form = AddForm(request.form)
 207     check_form(form)
 208
 209     return {'image_id': 123456, 'url': ''}
 210
 211
 212 @csrf_exempt
 213 def ws_php(request):
 214     if request.method not in ("GET", "POST"):
 215         _log.error("Method %r not supported", request.method)
 216         raise MethodNotAllowed()
 217
 218     func = CmdTable.find_func(request)
 219     if not func:
 220         _log.warn("wsphp: Unhandled %s %r %r", request.method,
 221                   request.args, request.form)
 222         raise NotImplemented()
 223
 224     with PWGSession(request) as session:
 225         result = func(request)
 226
 227         if isinstance(result, BaseResponse):
 228             return result
 229
 230         response = response_xml(result)
 231         session.save_to_cookie(response)
 232
 233         return response