Ticket #5617: 0001-Limit-access-to-media-to-logged-in-users.patch

File 0001-Limit-access-to-media-to-logged-in-users.patch, 7.8 KB (added by Olivier Mehani, 5 years ago)

  • mediagoblin.example.ini 

    From 7da6aedf697ec4da9a8c2ae255d36301912e69d1 Mon Sep 17 00:00:00 2001
From: Olivier Mehani <shtrom@ssji.net>
Date: Sat, 10 Oct 2015 16:42:03 +1100
Subject: [PATCH] Limit access to media to logged in users

Issues:
* Code is duplicated between collection and single-media display;
* Login message is not translated.

Signed-off-by: Olivier Mehani <shtrom@ssji.net>

squash! Limit access to media to logged in users

Prevent collection listing

squash! Limit access to media to logged in users

Add require_login option

squash! squash! Limit access to media to logged in users

Remove ATOM entries when not logged in
---
 mediagoblin.example.ini                       |  3 +++
 mediagoblin/config_spec.ini                   |  3 +++
 mediagoblin/listings/views.py                 |  3 +++
 .../mediagoblin/user_pages/collection.html    |  4 ++++
 .../user_pages/collection_list.html           |  4 ++++
 .../mediagoblin/user_pages/media.html         |  4 ++++
 .../mediagoblin/utils/object_gallery.html     | 23 +++++++++++--------
 .../mediagoblin/utils/require_login.html      |  8 +++++++
 mediagoblin/user_pages/views.py               |  6 +++++
 9 files changed, 49 insertions(+), 9 deletions(-)
 create mode 100644 mediagoblin/templates/mediagoblin/utils/require_login.html

diff --git a/mediagoblin.example.ini b/mediagoblin.example.ini
index 6648fb91..2628d7c2 100644
    a b email_debug_mode = true  
    3030# Set to false to disable registrations
    3131allow_registration = true
    3232
     33# Set to true to only display media to logged-in users
     34#require_login = false
     35
    3336# Set to false to disable the ability for users to report offensive content
    3437allow_reporting = true
    3538

  • mediagoblin/config_spec.ini 

    diff --git a/mediagoblin/config_spec.ini b/mediagoblin/config_spec.ini
index 8901cefa..4b056933 100644
    a b email_smtp_pass = string(default=None)  
    5252# Set to false to disable registrations
    5353allow_registration = boolean(default=True)
    5454
     55# Set to true to only display media to logged-in users
     56require_login = boolean(default=False)
     57
    5558# tag parsing
    5659tags_max_length = integer(default=255)
    5760

  • mediagoblin/listings/views.py 

    diff --git a/mediagoblin/listings/views.py b/mediagoblin/listings/views.py
index 6e1528ca..0b0050eb 100644
    a b def atom_feed(request):  
    105105        id=link,
    106106        links=atomlinks)
    107107
     108    if mg_globals.app_config["require_login"] and not request.user:
     109        return feed.get_response()
     110
    108111    for entry in cursor:
    109112        # Include a thumbnail image in content.
    110113        file_urls = get_media_file_paths(entry.media_files, request.urlgen)

  • mediagoblin/templates/mediagoblin/user_pages/collection.html 

    diff --git a/mediagoblin/templates/mediagoblin/user_pages/collection.html b/mediagoblin/templates/mediagoblin/user_pages/collection.html
index 71ba4451..171de887 100644
    a b  
    5656    <a class="button_action" href="{{ delete_url }}">{% trans %}Delete{% endtrans %}</a>
    5757  {% endif %}
    5858
     59  {% if app_config['require_login'] and not request.user %}
     60    {% include "mediagoblin/utils/require_login.html" %}
     61  {% else %}
    5962  <p>
    6063    {% autoescape False %}
    6164      {{ collection.description_html }}
     
    6871                                   user=user.username,
    6972                                   collection=collection.slug ) %}
    7073  {% include "mediagoblin/utils/feed_link.html" %}
     74  {% endif %}
    7175
    7276{% endblock %}

  • mediagoblin/templates/mediagoblin/user_pages/collection_list.html 

    diff --git a/mediagoblin/templates/mediagoblin/user_pages/collection_list.html b/mediagoblin/templates/mediagoblin/user_pages/collection_list.html
index 4b449c76..8081cb39 100644
    a b  
    4444    {% endif %}
    4545  {% endif %}
    4646
     47  {% if app_config['require_login'] and not request.user %}
     48    {% include "mediagoblin/utils/require_login.html" %}
     49  {% else %}
    4750  <ul>
    4851    {% for coll in collections %}
    4952      {%- set coll_url = coll.url_for_self(request.urlgen) %}
     
    5255      </li>
    5356    {% endfor %}
    5457  </ul>
     58  {% endif %}
    5559
    5660{% endblock %}

  • mediagoblin/templates/mediagoblin/user_pages/media.html 

    diff --git a/mediagoblin/templates/mediagoblin/user_pages/media.html b/mediagoblin/templates/mediagoblin/user_pages/media.html
index 39a09d45..3ba125d9 100644
    a b  
    3636  {% template_hook("media_head") %}
    3737{% endblock mediagoblin_head %}
    3838{% block mediagoblin_content %}
     39  {%- if app_config['require_login'] and not request.user %}
     40    {% include "mediagoblin/utils/require_login.html" %}
     41  {% else %}
    3942<div class="row foot">
    4043  <p class="eleven columns context">
    4144    {%- trans user_url=request.urlgen(
     
    245248  </div><!--end media_sidebar-->
    246249
    247250  <div class="clear"></div>
     251  {%- endif %}
    248252{% endblock %}

  • mediagoblin/templates/mediagoblin/utils/object_gallery.html 

    diff --git a/mediagoblin/templates/mediagoblin/utils/object_gallery.html b/mediagoblin/templates/mediagoblin/utils/object_gallery.html
index a01cb3d5..2a3cddaa 100644
    a b  
    5656#}
    5757{% macro object_gallery(request, media_entries, pagination,
    5858                        pagination_base_url=None, col_number=5) %}
    59   {% if media_entries and media_entries.count() %}
    60     {{ media_grid(request, media_entries, col_number=col_number) }}
    61     <div class="clear"></div>
    62     {% if pagination_base_url %}
    63       {# different url, so set that and don't keep the get params #}
    64       {{ render_pagination(request, pagination, pagination_base_url, False) }}
    65     {% else %}
    66       {{ render_pagination(request, pagination) }}
    67     {% endif %}
     59
     60  {% if app_config['require_login'] and not request.user %}
     61    {% include "mediagoblin/utils/require_login.html" %}
    6862  {% else %}
     63    {% if media_entries and media_entries.count() %}
     64      {{ media_grid(request, media_entries, col_number=col_number) }}
     65      <div class="clear"></div>
     66      {% if pagination_base_url %}
     67        {# different url, so set that and don't keep the get params #}
     68        {{ render_pagination(request, pagination, pagination_base_url, False) }}
     69      {% else %}
     70        {{ render_pagination(request, pagination) }}
     71      {% endif %}
     72    {% else %}
    6973    <p>
    7074      <i>
    7175        {%- trans -%}
     
    7983      </a>
    8084    </p>
    8185  {% endif %}
     86  {%- endif %}
    8287{% endmacro %}

  • new file mediagoblin/templates/mediagoblin/utils/require_login.html 

    diff --git a/mediagoblin/templates/mediagoblin/utils/require_login.html b/mediagoblin/templates/mediagoblin/utils/require_login.html
new file mode 100644
index 00000000..72bf4c4a
    - +  
     1<p><a href=
     2  {% if persona_auth is defined %}
     3    "javascript:;" id="persona_login"
     4  {% else %}
     5    "{{ request.urlgen('mediagoblin.auth.login') }}"
     6  {% endif %}
     7  >{%- trans %}Log in{% endtrans -%}
     8  </a> to access media.</p>

  • mediagoblin/user_pages/views.py 

    diff --git a/mediagoblin/user_pages/views.py b/mediagoblin/user_pages/views.py
index 62a4f151..8f353682 100644
    a b def atom_feed(request):  
    577577            user=request.matchdict['user']),
    578578        links=atomlinks)
    579579
     580    if mg_globals.app_config["require_login"] and not request.user:
     581        return feed.get_response()
     582
    580583    for entry in cursor:
    581584        # Include a thumbnail image in content.
    582585        file_urls = get_media_file_paths(entry.media_files, request.urlgen)
    def collection_atom_feed(request):  
    655658                    slug=collection.slug),
    656659                links=atomlinks)
    657660
     661    if mg_globals.app_config["require_login"] and not request.user:
     662        return feed.get_response()
     663
    658664    for item in cursor:
    659665        obj = item.get_object()
    660666        feed.add(