From bf7365882bc2d21f34ca37316aece1b448dfa25b Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 30 Mar 2018 18:59:29 +0200 Subject: [PATCH] oauth2: improve views (#22934) - show client name in confirmation and authorization view - in document put authorize view show a thumbnail of the new document and a link to download it. - if document is already in the portfolio, still show information on the client and document. - factorize returning of the document. --- fargo/locale/fr/LC_MESSAGES/django.po | 93 ++++++++++++++++------------- fargo/oauth2/urls.py | 5 +- fargo/oauth2/views.py | 51 +++++++++++----- fargo/templates/fargo/oauth2/authorize.html | 3 + fargo/templates/fargo/oauth2/confirm.html | 31 ++++++---- 5 files changed, 111 insertions(+), 72 deletions(-) diff --git a/fargo/locale/fr/LC_MESSAGES/django.po b/fargo/locale/fr/LC_MESSAGES/django.po index a98f145..e4a1d6b 100644 --- a/fargo/locale/fr/LC_MESSAGES/django.po +++ b/fargo/locale/fr/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: fargo 0\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2018-03-30 16:45+0000\n" +"POT-Creation-Date: 2018-03-31 15:53+0200\n" "PO-Revision-Date: 2018-03-17 17:31+0100\n" "Last-Translator: Frederic Peters \n" "Language: French\n" @@ -16,7 +16,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -#: fargo/fargo/admin.py:21 fargo/fargo/admin.py:39 +#: fargo/fargo/admin.py:18 fargo/fargo/admin.py:33 msgid "thumbnail" msgstr "vignette" @@ -54,7 +54,7 @@ msgstr "le porte-document est plein (la limite est {limit})" msgid "user already have this document" msgstr "l'utilisateur a déjà ce document" -#: fargo/fargo/forms.py:12 fargo/fargo/models.py:169 +#: fargo/fargo/forms.py:12 fargo/fargo/models.py:173 msgid "file" msgstr "fichier" @@ -68,88 +68,88 @@ msgstr "Le fichier envoyé est trop gros (la limite est %s)" msgid "Your document box is full (limit is %s)" msgstr "Votre porte-document est plein (la limite est %s)" -#: fargo/fargo/models.py:24 +#: fargo/fargo/models.py:28 msgid "Label" msgstr "Label" -#: fargo/fargo/models.py:25 +#: fargo/fargo/models.py:29 msgid "Slug" msgstr "Slug" -#: fargo/fargo/models.py:40 fargo/fargo/models.py:106 +#: fargo/fargo/models.py:44 fargo/fargo/models.py:110 msgid "user" msgstr "utilisateur" -#: fargo/fargo/models.py:45 fargo/fargo/models.py:208 +#: fargo/fargo/models.py:49 fargo/fargo/models.py:216 msgid "document" msgstr "document" -#: fargo/fargo/models.py:47 +#: fargo/fargo/models.py:51 msgid "filename" msgstr "fichier" -#: fargo/fargo/models.py:50 fargo/fargo/models.py:121 +#: fargo/fargo/models.py:54 fargo/fargo/models.py:125 msgid "creation date" msgstr "date de création" -#: fargo/fargo/models.py:54 fargo/fargo/models.py:114 +#: fargo/fargo/models.py:58 fargo/fargo/models.py:118 msgid "origin" msgstr "origine" -#: fargo/fargo/models.py:57 +#: fargo/fargo/models.py:61 msgid "deletable by user" msgstr "effaçable par l'utilisateur" -#: fargo/fargo/models.py:60 +#: fargo/fargo/models.py:64 msgid "title" msgstr "titre" -#: fargo/fargo/models.py:64 fargo/fargo/models.py:146 +#: fargo/fargo/models.py:68 fargo/fargo/models.py:150 msgid "description" msgstr "description" -#: fargo/fargo/models.py:67 +#: fargo/fargo/models.py:71 msgid "expiration date" msgstr "date d'expiration" -#: fargo/fargo/models.py:72 +#: fargo/fargo/models.py:76 msgid "user document" msgstr "document de l'utilisateur" -#: fargo/fargo/models.py:73 +#: fargo/fargo/models.py:77 msgid "user documents" msgstr "documents de l'utilisateur" -#: fargo/fargo/models.py:109 fargo/fargo/models.py:165 +#: fargo/fargo/models.py:113 fargo/fargo/models.py:169 msgid "content hash" msgstr "hachage du contenu" -#: fargo/fargo/models.py:116 +#: fargo/fargo/models.py:120 msgid "document type" msgstr "type de document" -#: fargo/fargo/models.py:117 +#: fargo/fargo/models.py:121 msgid "data" msgstr "donnée (data)" -#: fargo/fargo/models.py:118 +#: fargo/fargo/models.py:122 msgid "start date" msgstr "date de début" -#: fargo/fargo/models.py:119 +#: fargo/fargo/models.py:123 msgid "end date" msgstr "date de fin" -#: fargo/fargo/models.py:120 +#: fargo/fargo/models.py:124 msgid "creator" msgstr "créateur" -#: fargo/fargo/models.py:140 +#: fargo/fargo/models.py:144 #, python-format msgid "%(label)s: %(value)s" msgstr "%(label)s : %(value)s" -#: fargo/fargo/models.py:209 +#: fargo/fargo/models.py:217 msgid "documents" msgstr "documents" @@ -182,11 +182,11 @@ msgstr "Document" msgid "redirect URIs" msgstr "URIs de redirection" -#: fargo/oauth2/views.py:219 +#: fargo/oauth2/views.py:231 msgid "This document is already in your portfolio" msgstr "Ce document est déjà enregistré." -#: fargo/oauth2/views.py:222 +#: fargo/oauth2/views.py:234 msgid "The document has not been uploaded" msgstr "Aucun document n'a été déposé." @@ -213,12 +213,25 @@ msgstr "S'il vous plaît veuillez réessayer avec un document moins volumineux." msgid "Upload a new document" msgstr "Transférer un nouveau document" -#: fargo/templates/fargo/oauth2/authorize.html:13 +#: fargo/templates/fargo/oauth2/authorize.html:7 +#, python-format +msgid "" +"\n" +"

The service %(oauth2_client)s want to get one of your documents.\n" +" " +msgstr "" +"\n" +"

Le site %(oauth2_client)s souhaite récupérer un de vos documents." +"

\n" +" " + +#: fargo/templates/fargo/oauth2/authorize.html:16 msgid "Choose" msgstr "Sélectionner" -#: fargo/templates/fargo/oauth2/authorize.html:14 -#: fargo/templates/fargo/oauth2/confirm.html:22 +#: fargo/templates/fargo/oauth2/authorize.html:17 +#: fargo/templates/fargo/oauth2/confirm.html:28 #: fargo/templates/fargo/upload.html:10 #: fargo/templates/fargo/userdocument_confirm_delete.html:12 #: fargo/templates/fargo/userdocument_form.html:14 @@ -227,23 +240,20 @@ msgid "Cancel" msgstr "Annuler" #: fargo/templates/fargo/oauth2/confirm.html:9 -msgid "Continue to your client url" -msgstr "Continuer avec votre URL client" - -#: fargo/templates/fargo/oauth2/confirm.html:13 #, python-format msgid "" "\n" -" Do you accept to add %(filename)s to " -"your portfolio?\n" -" " +"The service %(oauth2_client)s want to add the document \"%(filename)s\" to your " +"portfolio.\n" +" " msgstr "" "\n" -" Acceptez-vous d'ajouter %(filename)s à vos " -"documents ?\n" -" " +"Le site %(oauth2_client)s souhaite ajouter le document « %(filename)s » à " +"vos documents.\n" -#: fargo/templates/fargo/oauth2/confirm.html:21 +#: fargo/templates/fargo/oauth2/confirm.html:26 msgid "Allow" msgstr "Autoriser" @@ -262,7 +272,8 @@ msgstr "Transférer" #: fargo/templates/fargo/userdocument_confirm_delete.html:8 #, python-format msgid "Are you sure you want to delete \"%(object)s\"?" -msgstr "Êtes-vous sûr de vouloir supprimer « %(object)s » ?" +msgstr "" +"Êtes-vous sûr de vouloir supprimer le document « %(object)s » ?" #: fargo/templates/fargo/userdocument_confirm_delete.html:11 msgid "Delete" diff --git a/fargo/oauth2/urls.py b/fargo/oauth2/urls.py index 861fd8f..fb10721 100644 --- a/fargo/oauth2/urls.py +++ b/fargo/oauth2/urls.py @@ -17,12 +17,13 @@ from django.conf.urls import url from .views import (authorize_get_document, get_document_token, get_document, - authorize_put_document, put_document) + authorize_put_document, put_document, download_put_document) urlpatterns = [ url(r'get-document/authorize', authorize_get_document, name='oauth2-authorize'), url(r'get-document/token', get_document_token, name='oauth2-get-token'), url(r'get-document/', get_document, name='oauth2-get-document'), url(r'put-document/$', put_document, name='oauth2-put-document'), - url(r'put-document/(?P\w+)/authorize', authorize_put_document, name='oauth2-put-document-authorize') + url(r'put-document/(?P\w+)/authorize/', authorize_put_document, name='oauth2-put-document-authorize'), + url(r'put-document/(?P\w+)/download/', download_put_document, name='oauth2-put-document-download'), ] diff --git a/fargo/oauth2/views.py b/fargo/oauth2/views.py index d2b9428..c0c80eb 100644 --- a/fargo/oauth2/views.py +++ b/fargo/oauth2/views.py @@ -18,6 +18,7 @@ import logging from urllib import quote +from django.shortcuts import get_object_or_404 from django.utils.translation import ugettext as _ from django.utils.timezone import now from django.core.files.base import ContentFile @@ -25,7 +26,7 @@ from django.core.urlresolvers import reverse from django.http import (HttpResponse, HttpResponseBadRequest, HttpResponseRedirect) from django.views.decorators.csrf import csrf_exempt -from django.views.generic import FormView, TemplateView +from django.views.generic import FormView, TemplateView, View from django.contrib.auth.decorators import login_required from django.conf import settings @@ -107,6 +108,10 @@ class OAuth2AuthorizeView(FormView): authorization.code) return self.redirect(code=authorization.code, state=self.state) + def get_context_data(self, **kwargs): + kwargs['oauth2_client'] = self.client + return super(OAuth2AuthorizeView , self).get_context_data(**kwargs) + authorize_get_document = login_required(OAuth2AuthorizeView.as_view()) @@ -144,25 +149,29 @@ class GetDocumentTokenView(OAUTH2APIViewMixin): get_document_token = GetDocumentTokenView.as_view() +def document_response(user_document): + response = HttpResponse(content=user_document.document.content.chunks(), status=200, + content_type='application/octet-stream') + + filename = user_document.filename + ascii_filename = filename.encode('ascii', 'replace') + percent_encoded_filename = quote(filename.encode('utf8'), safe='') + response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename, + percent_encoded_filename) + return response + def get_document(request): oauth_authorize = authenticate_bearer(request) if not oauth_authorize: return HttpResponseBadRequest('http bearer authentication failed: invalid authorization header') - doc = oauth_authorize.user_document - response = HttpResponse(content=doc.document.content, status=200, - content_type='application/octet-stream') - - ascii_filename = doc.filename.encode('ascii', 'replace') - percent_encoded_filename = quote(doc.filename.encode('utf8'), safe='') - response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename, - percent_encoded_filename) + user_document = oauth_authorize.user_document logger.info(u'client "%s" retrieved document "%s" (%s) with access token "%s"', oauth_authorize.client, - doc, - doc.pk, + user_document, + user_document.pk, oauth_authorize.access_token) - return response + return document_response(user_document) class PutDocumentAPIView(OAUTH2APIViewMixin): @@ -178,7 +187,7 @@ class PutDocumentAPIView(OAUTH2APIViewMixin): client=request.user.oauth2_client, document=document, filename=filename) - uri = reverse('oauth2-put-document-authorize', args=[oauth2_document.pk]) + '/' + uri = reverse('oauth2-put-document-authorize', args=[oauth2_document.pk]) response = Response() response['Location'] = uri @@ -207,13 +216,16 @@ class OAuth2AuthorizePutView(TemplateView): return super(OAuth2AuthorizePutView, self).dispatch(request) def get_context_data(self, **kwargs): - if self.oauth2_document: + kwargs['oauth2_document'] = self.oauth2_document + kwargs['filename'] = self.oauth2_document.filename + kwargs['thumbnail_img_tag'] = self.oauth2_document.document.thumbnail_img_tag + kwargs['oauth2_client'] = self.oauth2_document.client + kwargs['download_url'] = reverse('oauth2-put-document-download', kwargs={'pk': self.oauth2_document.pk}) # verify if document already exists if not UserDocument.objects.filter( user=self.request.user, document=self.oauth2_document.document).exists(): - kwargs['filename'] = self.oauth2_document.filename kwargs['error_message'] = '' else: kwargs['error_message'] = _('This document is already in your portfolio') @@ -244,5 +256,12 @@ class OAuth2AuthorizePutView(TemplateView): finally: self.oauth2_document.delete() - authorize_put_document = login_required(OAuth2AuthorizePutView.as_view()) + + +class DownloadPutDocument(View): + def get(self, request, *args, **kwargs): + oauth2_document = get_object_or_404(OAuth2TempFile, pk=kwargs['pk']) + return document_response(oauth2_document) + +download_put_document = login_required(DownloadPutDocument.as_view()) diff --git a/fargo/templates/fargo/oauth2/authorize.html b/fargo/templates/fargo/oauth2/authorize.html index 319ca02..2a92317 100644 --- a/fargo/templates/fargo/oauth2/authorize.html +++ b/fargo/templates/fargo/oauth2/authorize.html @@ -4,6 +4,9 @@ {% block content %}
{% block form-intro %} + {% blocktrans %} +

The service {{ oauth2_client }} want to get one of your documents.

+ {% endblocktrans %} {% endblock %} {% block form %}
diff --git a/fargo/templates/fargo/oauth2/confirm.html b/fargo/templates/fargo/oauth2/confirm.html index 0156acd..abb0dfc 100644 --- a/fargo/templates/fargo/oauth2/confirm.html +++ b/fargo/templates/fargo/oauth2/confirm.html @@ -3,26 +3,31 @@ {% block content %}
+ {% if oauth2_document %} + {% block form-intro %} +

+ {% blocktrans %} +The service {{ oauth2_client }} want to add the document "{{ filename }}" to your portfolio. + {% endblocktrans %} +

+ {% if thumbnail_img_tag %}

{{ thumbnail_img_tag }}

{% endif %} + {% endblock %} + {% endif %} {% if error_message %} {% block error-message %} -

{% trans error_message %}

- {% trans "Continue to your client url" %} - {% endblock %} - {% else %} - {% block form-intro %} -

{% blocktrans %} - Do you accept to add {{ filename }} to your portfolio? - {% endblocktrans %}

+

{% trans error_message %}

{% endblock %} - {% block form %} - + {% endif %} + {% block form %} + {% csrf_token %}
- + {% if not error_message %} + + {% endif %}
- {% endblock %} - {% endif %} + {% endblock %}
{% endblock %} -- 2.16.3