Project

General

Profile

0001-oauth2-improve-views-22934.patch

Benjamin Dauvergne, 03 Apr 2018 10:52 AM

Download (15.7 KB)

View differences:

Subject: [PATCH] oauth2: improve views (#22934)

- show client name in confirmation and authorization view
- in document put authorize view show a thumbnail of the new document
  and a link to download it.
- if document is already in the portfolio, still show information on the
  client and document.
- factorize returning of the document.
 fargo/locale/fr/LC_MESSAGES/django.po       | 93 ++++++++++++++++-------------
 fargo/oauth2/urls.py                        |  5 +-
 fargo/oauth2/views.py                       | 51 +++++++++++-----
 fargo/templates/fargo/oauth2/authorize.html |  3 +
 fargo/templates/fargo/oauth2/confirm.html   | 31 ++++++----
 5 files changed, 111 insertions(+), 72 deletions(-)
fargo/locale/fr/LC_MESSAGES/django.po
7 7
msgstr ""
8 8
"Project-Id-Version: fargo 0\n"
9 9
"Report-Msgid-Bugs-To: \n"
10
"POT-Creation-Date: 2018-03-30 16:45+0000\n"
10
"POT-Creation-Date: 2018-03-31 15:53+0200\n"
11 11
"PO-Revision-Date: 2018-03-17 17:31+0100\n"
12 12
"Last-Translator: Frederic Peters <fpeters@entrouvert.com>\n"
13 13
"Language: French\n"
......
16 16
"Content-Transfer-Encoding: 8bit\n"
17 17
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
18 18

  
19
#: fargo/fargo/admin.py:21 fargo/fargo/admin.py:39
19
#: fargo/fargo/admin.py:18 fargo/fargo/admin.py:33
20 20
msgid "thumbnail"
21 21
msgstr "vignette"
22 22

  
......
54 54
msgid "user already have this document"
55 55
msgstr "l'utilisateur a déjà ce document"
56 56

  
57
#: fargo/fargo/forms.py:12 fargo/fargo/models.py:169
57
#: fargo/fargo/forms.py:12 fargo/fargo/models.py:173
58 58
msgid "file"
59 59
msgstr "fichier"
60 60

  
......
68 68
msgid "Your document box is full (limit is %s)"
69 69
msgstr "Votre porte-document est plein (la limite est %s)"
70 70

  
71
#: fargo/fargo/models.py:24
71
#: fargo/fargo/models.py:28
72 72
msgid "Label"
73 73
msgstr "Label"
74 74

  
75
#: fargo/fargo/models.py:25
75
#: fargo/fargo/models.py:29
76 76
msgid "Slug"
77 77
msgstr "Slug"
78 78

  
79
#: fargo/fargo/models.py:40 fargo/fargo/models.py:106
79
#: fargo/fargo/models.py:44 fargo/fargo/models.py:110
80 80
msgid "user"
81 81
msgstr "utilisateur"
82 82

  
83
#: fargo/fargo/models.py:45 fargo/fargo/models.py:208
83
#: fargo/fargo/models.py:49 fargo/fargo/models.py:216
84 84
msgid "document"
85 85
msgstr "document"
86 86

  
87
#: fargo/fargo/models.py:47
87
#: fargo/fargo/models.py:51
88 88
msgid "filename"
89 89
msgstr "fichier"
90 90

  
91
#: fargo/fargo/models.py:50 fargo/fargo/models.py:121
91
#: fargo/fargo/models.py:54 fargo/fargo/models.py:125
92 92
msgid "creation date"
93 93
msgstr "date de création"
94 94

  
95
#: fargo/fargo/models.py:54 fargo/fargo/models.py:114
95
#: fargo/fargo/models.py:58 fargo/fargo/models.py:118
96 96
msgid "origin"
97 97
msgstr "origine"
98 98

  
99
#: fargo/fargo/models.py:57
99
#: fargo/fargo/models.py:61
100 100
msgid "deletable by user"
101 101
msgstr "effaçable par l'utilisateur"
102 102

  
103
#: fargo/fargo/models.py:60
103
#: fargo/fargo/models.py:64
104 104
msgid "title"
105 105
msgstr "titre"
106 106

  
107
#: fargo/fargo/models.py:64 fargo/fargo/models.py:146
107
#: fargo/fargo/models.py:68 fargo/fargo/models.py:150
108 108
msgid "description"
109 109
msgstr "description"
110 110

  
111
#: fargo/fargo/models.py:67
111
#: fargo/fargo/models.py:71
112 112
msgid "expiration date"
113 113
msgstr "date d'expiration"
114 114

  
115
#: fargo/fargo/models.py:72
115
#: fargo/fargo/models.py:76
116 116
msgid "user document"
117 117
msgstr "document de l'utilisateur"
118 118

  
119
#: fargo/fargo/models.py:73
119
#: fargo/fargo/models.py:77
120 120
msgid "user documents"
121 121
msgstr "documents de l'utilisateur"
122 122

  
123
#: fargo/fargo/models.py:109 fargo/fargo/models.py:165
123
#: fargo/fargo/models.py:113 fargo/fargo/models.py:169
124 124
msgid "content hash"
125 125
msgstr "hachage du contenu"
126 126

  
127
#: fargo/fargo/models.py:116
127
#: fargo/fargo/models.py:120
128 128
msgid "document type"
129 129
msgstr "type de document"
130 130

  
131
#: fargo/fargo/models.py:117
131
#: fargo/fargo/models.py:121
132 132
msgid "data"
133 133
msgstr "donnée (data)"
134 134

  
135
#: fargo/fargo/models.py:118
135
#: fargo/fargo/models.py:122
136 136
msgid "start date"
137 137
msgstr "date de début"
138 138

  
139
#: fargo/fargo/models.py:119
139
#: fargo/fargo/models.py:123
140 140
msgid "end date"
141 141
msgstr "date de fin"
142 142

  
143
#: fargo/fargo/models.py:120
143
#: fargo/fargo/models.py:124
144 144
msgid "creator"
145 145
msgstr "créateur"
146 146

  
147
#: fargo/fargo/models.py:140
147
#: fargo/fargo/models.py:144
148 148
#, python-format
149 149
msgid "%(label)s: %(value)s"
150 150
msgstr "%(label)s : %(value)s"
151 151

  
152
#: fargo/fargo/models.py:209
152
#: fargo/fargo/models.py:217
153 153
msgid "documents"
154 154
msgstr "documents"
155 155

  
......
182 182
msgid "redirect URIs"
183 183
msgstr "URIs de redirection"
184 184

  
185
#: fargo/oauth2/views.py:219
185
#: fargo/oauth2/views.py:231
186 186
msgid "This document is already in your portfolio"
187 187
msgstr "Ce document est déjà enregistré."
188 188

  
189
#: fargo/oauth2/views.py:222
189
#: fargo/oauth2/views.py:234
190 190
msgid "The document has not been uploaded"
191 191
msgstr "Aucun document n'a été déposé."
192 192

  
......
213 213
msgid "Upload a new document"
214 214
msgstr "Transférer un nouveau document"
215 215

  
216
#: fargo/templates/fargo/oauth2/authorize.html:13
216
#: fargo/templates/fargo/oauth2/authorize.html:7
217
#, python-format
218
msgid ""
219
"\n"
220
"      <p>The service %(oauth2_client)s want to get one of your documents.</"
221
"p>\n"
222
"    "
223
msgstr ""
224
"\n"
225
"        <p>Le site %(oauth2_client)s souhaite récupérer un de vos documents."
226
"</p>\n"
227
"      "
228

  
229
#: fargo/templates/fargo/oauth2/authorize.html:16
217 230
msgid "Choose"
218 231
msgstr "Sélectionner"
219 232

  
220
#: fargo/templates/fargo/oauth2/authorize.html:14
221
#: fargo/templates/fargo/oauth2/confirm.html:22
233
#: fargo/templates/fargo/oauth2/authorize.html:17
234
#: fargo/templates/fargo/oauth2/confirm.html:28
222 235
#: fargo/templates/fargo/upload.html:10
223 236
#: fargo/templates/fargo/userdocument_confirm_delete.html:12
224 237
#: fargo/templates/fargo/userdocument_form.html:14
......
227 240
msgstr "Annuler"
228 241

  
229 242
#: fargo/templates/fargo/oauth2/confirm.html:9
230
msgid "Continue to your client url"
231
msgstr "Continuer avec votre URL client"
232

  
233
#: fargo/templates/fargo/oauth2/confirm.html:13
234 243
#, python-format
235 244
msgid ""
236 245
"\n"
237
"        Do you accept to add <em class=\"filename\">%(filename)s</em> to "
238
"your portfolio?\n"
239
"      "
246
"The service %(oauth2_client)s want to add the document \"<a href="
247
"\"%(download_url)s\"><em class=\"filename\">%(filename)s</em></a>\" to your "
248
"portfolio.\n"
249
"         "
240 250
msgstr ""
241 251
"\n"
242
"        Acceptez-vous d'ajouter <em class\"filename\">%(filename)s</em> à vos "
243
"documents ?\n"
244
"      "
252
"Le site %(oauth2_client)s souhaite ajouter le document «&nbsp;<a href="
253
"\"%(download_url)s\"><em class=\"filename\">%(filename)s</em></a>&nbsp;» à "
254
"vos documents.\n"
245 255

  
246
#: fargo/templates/fargo/oauth2/confirm.html:21
256
#: fargo/templates/fargo/oauth2/confirm.html:26
247 257
msgid "Allow"
248 258
msgstr "Autoriser"
249 259

  
......
262 272
#: fargo/templates/fargo/userdocument_confirm_delete.html:8
263 273
#, python-format
264 274
msgid "Are you sure you want to delete \"%(object)s\"?"
265
msgstr "Êtes-vous sûr de vouloir supprimer « %(object)s » ?"
275
msgstr ""
276
"Êtes-vous sûr de vouloir supprimer le document «&nbsp;%(object)s&nbsp;» ?"
266 277

  
267 278
#: fargo/templates/fargo/userdocument_confirm_delete.html:11
268 279
msgid "Delete"
fargo/oauth2/urls.py
17 17
from django.conf.urls import url
18 18

  
19 19
from .views import (authorize_get_document, get_document_token, get_document,
20
                    authorize_put_document, put_document)
20
                    authorize_put_document, put_document, download_put_document)
21 21

  
22 22
urlpatterns = [
23 23
    url(r'get-document/authorize', authorize_get_document, name='oauth2-authorize'),
24 24
    url(r'get-document/token', get_document_token, name='oauth2-get-token'),
25 25
    url(r'get-document/', get_document, name='oauth2-get-document'),
26 26
    url(r'put-document/$', put_document, name='oauth2-put-document'),
27
    url(r'put-document/(?P<pk>\w+)/authorize', authorize_put_document, name='oauth2-put-document-authorize')
27
    url(r'put-document/(?P<pk>\w+)/authorize/', authorize_put_document, name='oauth2-put-document-authorize'),
28
    url(r'put-document/(?P<pk>\w+)/download/', download_put_document, name='oauth2-put-document-download'),
28 29
]
fargo/oauth2/views.py
18 18

  
19 19
from urllib import quote
20 20

  
21
from django.shortcuts import get_object_or_404
21 22
from django.utils.translation import ugettext as _
22 23
from django.utils.timezone import now
23 24
from django.core.files.base import ContentFile
......
25 26
from django.http import (HttpResponse, HttpResponseBadRequest,
26 27
                         HttpResponseRedirect)
27 28
from django.views.decorators.csrf import csrf_exempt
28
from django.views.generic import FormView, TemplateView
29
from django.views.generic import FormView, TemplateView, View
29 30
from django.contrib.auth.decorators import login_required
30 31
from django.conf import settings
31 32

  
......
107 108
                    authorization.code)
108 109
        return self.redirect(code=authorization.code, state=self.state)
109 110

  
111
    def get_context_data(self, **kwargs):
112
        kwargs['oauth2_client'] = self.client
113
        return super(OAuth2AuthorizeView , self).get_context_data(**kwargs)
114

  
110 115

  
111 116
authorize_get_document = login_required(OAuth2AuthorizeView.as_view())
112 117

  
......
144 149
get_document_token = GetDocumentTokenView.as_view()
145 150

  
146 151

  
152
def document_response(user_document):
153
    response = HttpResponse(content=user_document.document.content.chunks(), status=200,
154
                            content_type='application/octet-stream')
155

  
156
    filename = user_document.filename
157
    ascii_filename = filename.encode('ascii', 'replace')
158
    percent_encoded_filename = quote(filename.encode('utf8'), safe='')
159
    response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename,
160
                                                                                            percent_encoded_filename)
161
    return response
162

  
147 163
def get_document(request):
148 164
    oauth_authorize = authenticate_bearer(request)
149 165
    if not oauth_authorize:
150 166
        return HttpResponseBadRequest('http bearer authentication failed: invalid authorization header')
151 167

  
152
    doc = oauth_authorize.user_document
153
    response = HttpResponse(content=doc.document.content, status=200,
154
                            content_type='application/octet-stream')
155

  
156
    ascii_filename = doc.filename.encode('ascii', 'replace')
157
    percent_encoded_filename = quote(doc.filename.encode('utf8'), safe='')
158
    response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename,
159
                                                                                            percent_encoded_filename)
168
    user_document = oauth_authorize.user_document
160 169
    logger.info(u'client "%s" retrieved document "%s" (%s) with access token "%s"',
161 170
                oauth_authorize.client,
162
                doc,
163
                doc.pk,
171
                user_document,
172
                user_document.pk,
164 173
                oauth_authorize.access_token)
165
    return response
174
    return document_response(user_document)
166 175

  
167 176

  
168 177
class PutDocumentAPIView(OAUTH2APIViewMixin):
......
178 187
            client=request.user.oauth2_client,
179 188
            document=document,
180 189
            filename=filename)
181
        uri = reverse('oauth2-put-document-authorize', args=[oauth2_document.pk]) + '/'
190
        uri = reverse('oauth2-put-document-authorize', args=[oauth2_document.pk])
182 191

  
183 192
        response = Response()
184 193
        response['Location'] = uri
......
207 216
        return super(OAuth2AuthorizePutView, self).dispatch(request)
208 217

  
209 218
    def get_context_data(self, **kwargs):
210

  
211 219
        if self.oauth2_document:
220
            kwargs['oauth2_document'] = self.oauth2_document
221
            kwargs['filename'] = self.oauth2_document.filename
222
            kwargs['thumbnail_img_tag'] = self.oauth2_document.document.thumbnail_img_tag
223
            kwargs['oauth2_client'] = self.oauth2_document.client
224
            kwargs['download_url'] = reverse('oauth2-put-document-download', kwargs={'pk': self.oauth2_document.pk})
212 225
            # verify if document already exists
213 226
            if not UserDocument.objects.filter(
214 227
                    user=self.request.user,
215 228
                    document=self.oauth2_document.document).exists():
216
                kwargs['filename'] = self.oauth2_document.filename
217 229
                kwargs['error_message'] = ''
218 230
            else:
219 231
                kwargs['error_message'] = _('This document is already in your portfolio')
......
244 256
        finally:
245 257
            self.oauth2_document.delete()
246 258

  
247

  
248 259
authorize_put_document = login_required(OAuth2AuthorizePutView.as_view())
260

  
261

  
262
class DownloadPutDocument(View):
263
    def get(self, request, *args, **kwargs):
264
        oauth2_document = get_object_or_404(OAuth2TempFile, pk=kwargs['pk'])
265
        return document_response(oauth2_document)
266

  
267
download_put_document = login_required(DownloadPutDocument.as_view())
fargo/templates/fargo/oauth2/authorize.html
4 4
{% block content %}
5 5
<div id="fargo-oauth2-authorize">
6 6
  {% block form-intro %}
7
    {% blocktrans %}
8
      <p>The service {{ oauth2_client }} want to get one of your documents.</p>
9
    {% endblocktrans %}
7 10
  {% endblock %}
8 11
  {% block form %}
9 12
  <form method="post" enctype="multipart/form-data">
fargo/templates/fargo/oauth2/confirm.html
3 3

  
4 4
{% block content %}
5 5
<div id="fargo-oauth2-confirm">
6
  {% if oauth2_document %}
7
    {% block form-intro %}
8
      <p>
9
         {% blocktrans %}
10
The service {{ oauth2_client }} want to add the document "<a href="{{ download_url }}"><em class="filename">{{ filename }}</em></a>" to your portfolio.
11
         {% endblocktrans %}
12
      </p>
13
      {% if thumbnail_img_tag %}<p class="fargo-thumbnail">{{ thumbnail_img_tag }}</p>{% endif %}
14
    {% endblock %}
15
  {% endif %}
6 16
  {% if error_message %}
7 17
    {% block error-message %}
8
    <p>{% trans error_message %}</p>
9
    <a href="{{ redirect_uri }}">{% trans "Continue to your client url" %}</a>
10
    {% endblock %}
11
  {% else %}
12
    {% block form-intro %}
13
      <p>{% blocktrans %}
14
        Do you accept to add <em class="filename">{{ filename }}</em> to your portfolio?
15
      {% endblocktrans %}</p>
18
      <p>{% trans error_message %}</p>
16 19
    {% endblock %}
17
    {% block form %}
18
    <form id="send-file" method="post" enctype="multipart/form-data">
20
  {% endif %}
21
  {% block form %}
22
    <form id="send-file" method="post">
19 23
      {% csrf_token %}
20 24
      <div class="buttons">
21
        <button name="submit">{% trans "Allow" %}</button>
25
        {% if not error_message %}
26
          <button name="submit">{% trans "Allow" %}</button>
27
        {% endif %}
22 28
        <button name="cancel">{% trans "Cancel" %}</button>
23 29
      </div>
24 30
    </form>
25
    {% endblock %}
26
  {% endif %}
31
  {% endblock %}
27 32
</div>
28 33
{% endblock %}
29
-