entrouvert
/
fargo
17
0
Fork 0
Code Issues Pull Requests 1 Releases Activity

oauth2: improve views (#22934) 

- show client name in confirmation and authorization view
- in document put authorize view show a thumbnail of the new document
  and a link to download it.
- if document is already in the portfolio, still show information on the
  client and document.
- factorize returning of the document.
This commit is contained in:
Benjamin Dauvergne 2018-03-30 18:59:29 +02:00
parent 3650d9d2c2
commit cbf2f6132b
5 changed files with 111 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
fargo/locale/fr/LC_MESSAGES/django.po
View File

@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: fargo 0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-03-30 16:45+0000\n"
"POT-Creation-Date: 2018-03-31 15:53+0200\n"
"PO-Revision-Date: 2018-03-17 17:31+0100\n"
"Last-Translator: Frederic Peters <fpeters@entrouvert.com>\n"
"Language: French\n"
@ -16,7 +16,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
#: fargo/fargo/admin.py:21 fargo/fargo/admin.py:39
#: fargo/fargo/admin.py:18 fargo/fargo/admin.py:33
msgid "thumbnail"
msgstr "vignette"
@ -54,7 +54,7 @@ msgstr "le porte-document est plein (la limite est {limit})"
msgid "user already have this document"
msgstr "l'utilisateur a déjà ce document"
#: fargo/fargo/forms.py:12 fargo/fargo/models.py:169
#: fargo/fargo/forms.py:12 fargo/fargo/models.py:173
msgid "file"
msgstr "fichier"
@ -68,88 +68,88 @@ msgstr "Le fichier envoyé est trop gros (la limite est %s)"
msgid "Your document box is full (limit is %s)"
msgstr "Votre porte-document est plein (la limite est %s)"
#: fargo/fargo/models.py:24
#: fargo/fargo/models.py:28
msgid "Label"
msgstr "Label"
#: fargo/fargo/models.py:25
#: fargo/fargo/models.py:29
msgid "Slug"
msgstr "Slug"
#: fargo/fargo/models.py:40 fargo/fargo/models.py:106
#: fargo/fargo/models.py:44 fargo/fargo/models.py:110
msgid "user"
msgstr "utilisateur"
#: fargo/fargo/models.py:45 fargo/fargo/models.py:208
#: fargo/fargo/models.py:49 fargo/fargo/models.py:216
msgid "document"
msgstr "document"
#: fargo/fargo/models.py:47
#: fargo/fargo/models.py:51
msgid "filename"
msgstr "fichier"
#: fargo/fargo/models.py:50 fargo/fargo/models.py:121
#: fargo/fargo/models.py:54 fargo/fargo/models.py:125
msgid "creation date"
msgstr "date de création"
#: fargo/fargo/models.py:54 fargo/fargo/models.py:114
#: fargo/fargo/models.py:58 fargo/fargo/models.py:118
msgid "origin"
msgstr "origine"
#: fargo/fargo/models.py:57
#: fargo/fargo/models.py:61
msgid "deletable by user"
msgstr "effaçable par l'utilisateur"
#: fargo/fargo/models.py:60
#: fargo/fargo/models.py:64
msgid "title"
msgstr "titre"
#: fargo/fargo/models.py:64 fargo/fargo/models.py:146
#: fargo/fargo/models.py:68 fargo/fargo/models.py:150
msgid "description"
msgstr "description"
#: fargo/fargo/models.py:67
#: fargo/fargo/models.py:71
msgid "expiration date"
msgstr "date d'expiration"
#: fargo/fargo/models.py:72
#: fargo/fargo/models.py:76
msgid "user document"
msgstr "document de l'utilisateur"
#: fargo/fargo/models.py:73
#: fargo/fargo/models.py:77
msgid "user documents"
msgstr "documents de l'utilisateur"
#: fargo/fargo/models.py:109 fargo/fargo/models.py:165
#: fargo/fargo/models.py:113 fargo/fargo/models.py:169
msgid "content hash"
msgstr "hachage du contenu"
#: fargo/fargo/models.py:116
#: fargo/fargo/models.py:120
msgid "document type"
msgstr "type de document"
#: fargo/fargo/models.py:117
#: fargo/fargo/models.py:121
msgid "data"
msgstr "donnée (data)"
#: fargo/fargo/models.py:118
#: fargo/fargo/models.py:122
msgid "start date"
msgstr "date de début"
#: fargo/fargo/models.py:119
#: fargo/fargo/models.py:123
msgid "end date"
msgstr "date de fin"
#: fargo/fargo/models.py:120
#: fargo/fargo/models.py:124
msgid "creator"
msgstr "créateur"
#: fargo/fargo/models.py:140
#: fargo/fargo/models.py:144
#, python-format
msgid "%(label)s: %(value)s"
msgstr "%(label)s : %(value)s"
#: fargo/fargo/models.py:209
#: fargo/fargo/models.py:217
msgid "documents"
msgstr "documents"
@ -182,11 +182,11 @@ msgstr "Document"
msgid "redirect URIs"
msgstr "URIs de redirection"
#: fargo/oauth2/views.py:219
#: fargo/oauth2/views.py:231
msgid "This document is already in your portfolio"
msgstr "Ce document est déjà enregistré."
#: fargo/oauth2/views.py:222
#: fargo/oauth2/views.py:234
msgid "The document has not been uploaded"
msgstr "Aucun document n'a été déposé."
@ -213,12 +213,25 @@ msgstr "S'il vous plaît veuillez réessayer avec un document moins volumineux."
msgid "Upload a new document"
msgstr "Transférer un nouveau document"
#: fargo/templates/fargo/oauth2/authorize.html:13
#: fargo/templates/fargo/oauth2/authorize.html:7
#, python-format
msgid ""
"\n"
" <p>The service %(oauth2_client)s want to get one of your documents.</"
"p>\n"
" "
msgstr ""
"\n"
" <p>Le site %(oauth2_client)s souhaite récupérer un de vos documents."
"</p>\n"
" "
#: fargo/templates/fargo/oauth2/authorize.html:16
msgid "Choose"
msgstr "Sélectionner"
#: fargo/templates/fargo/oauth2/authorize.html:14
#: fargo/templates/fargo/oauth2/confirm.html:22
#: fargo/templates/fargo/oauth2/authorize.html:17
#: fargo/templates/fargo/oauth2/confirm.html:28
#: fargo/templates/fargo/upload.html:10
#: fargo/templates/fargo/userdocument_confirm_delete.html:12
#: fargo/templates/fargo/userdocument_form.html:14
@ -227,23 +240,20 @@ msgid "Cancel"
msgstr "Annuler"
#: fargo/templates/fargo/oauth2/confirm.html:9
msgid "Continue to your client url"
msgstr "Continuer avec votre URL client"
#: fargo/templates/fargo/oauth2/confirm.html:13
#, python-format
msgid ""
"\n"
" Do you accept to add <em class=\"filename\">%(filename)s</em> to "
"your portfolio?\n"
" "
"The service %(oauth2_client)s want to add the document \"<a href="
"\"%(download_url)s\"><em class=\"filename\">%(filename)s</em></a>\" to your "
"portfolio.\n"
" "
msgstr ""
"\n"
" Acceptez-vous d'ajouter <em class\"filename\">%(filename)s</em> à vos "
"documents ?\n"
" "
"Le site %(oauth2_client)s souhaite ajouter le document «&nbsp;<a href="
"\"%(download_url)s\"><em class=\"filename\">%(filename)s</em></a>&nbsp;» à "
"vos documents.\n"
#: fargo/templates/fargo/oauth2/confirm.html:21
#: fargo/templates/fargo/oauth2/confirm.html:26
msgid "Allow"
msgstr "Autoriser"
@ -262,7 +272,8 @@ msgstr "Transférer"
#: fargo/templates/fargo/userdocument_confirm_delete.html:8
#, python-format
msgid "Are you sure you want to delete \"%(object)s\"?"
msgstr "Êtes-vous sûr de vouloir supprimer « %(object)s » ?"
msgstr ""
"Êtes-vous sûr de vouloir supprimer le document «&nbsp;%(object)s&nbsp;» ?"
#: fargo/templates/fargo/userdocument_confirm_delete.html:11
msgid "Delete"

5
fargo/oauth2/urls.py
View File

@ -17,12 +17,13 @@
from django.conf.urls import url
from .views import (authorize_get_document, get_document_token, get_document,
authorize_put_document, put_document)
authorize_put_document, put_document, download_put_document)
urlpatterns = [
url(r'get-document/authorize', authorize_get_document, name='oauth2-authorize'),
url(r'get-document/token', get_document_token, name='oauth2-get-token'),
url(r'get-document/', get_document, name='oauth2-get-document'),
url(r'put-document/$', put_document, name='oauth2-put-document'),
url(r'put-document/(?P<pk>\w+)/authorize', authorize_put_document, name='oauth2-put-document-authorize')
url(r'put-document/(?P<pk>\w+)/authorize/', authorize_put_document, name='oauth2-put-document-authorize'),
url(r'put-document/(?P<pk>\w+)/download/', download_put_document, name='oauth2-put-document-download'),
]

51
fargo/oauth2/views.py
View File

@ -18,6 +18,7 @@ import logging
from urllib import quote
from django.shortcuts import get_object_or_404
from django.utils.translation import ugettext as _
from django.utils.timezone import now
from django.core.files.base import ContentFile
@ -25,7 +26,7 @@ from django.core.urlresolvers import reverse
from django.http import (HttpResponse, HttpResponseBadRequest,
HttpResponseRedirect)
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import FormView, TemplateView
from django.views.generic import FormView, TemplateView, View
from django.contrib.auth.decorators import login_required
from django.conf import settings
@ -107,6 +108,10 @@ class OAuth2AuthorizeView(FormView):
authorization.code)
return self.redirect(code=authorization.code, state=self.state)
def get_context_data(self, **kwargs):
kwargs['oauth2_client'] = self.client
return super(OAuth2AuthorizeView , self).get_context_data(**kwargs)
authorize_get_document = login_required(OAuth2AuthorizeView.as_view())
@ -144,25 +149,29 @@ class GetDocumentTokenView(OAUTH2APIViewMixin):
get_document_token = GetDocumentTokenView.as_view()
def document_response(user_document):
response = HttpResponse(content=user_document.document.content.chunks(), status=200,
content_type='application/octet-stream')
filename = user_document.filename
ascii_filename = filename.encode('ascii', 'replace')
percent_encoded_filename = quote(filename.encode('utf8'), safe='')
response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename,
percent_encoded_filename)
return response
def get_document(request):
oauth_authorize = authenticate_bearer(request)
if not oauth_authorize:
return HttpResponseBadRequest('http bearer authentication failed: invalid authorization header')
doc = oauth_authorize.user_document
response = HttpResponse(content=doc.document.content, status=200,
content_type='application/octet-stream')
ascii_filename = doc.filename.encode('ascii', 'replace')
percent_encoded_filename = quote(doc.filename.encode('utf8'), safe='')
response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename,
percent_encoded_filename)
user_document = oauth_authorize.user_document
logger.info(u'client "%s" retrieved document "%s" (%s) with access token "%s"',
oauth_authorize.client,
doc,
doc.pk,
user_document,
user_document.pk,
oauth_authorize.access_token)
return response
return document_response(user_document)
class PutDocumentAPIView(OAUTH2APIViewMixin):
@ -178,7 +187,7 @@ class PutDocumentAPIView(OAUTH2APIViewMixin):
client=request.user.oauth2_client,
document=document,
filename=filename)
uri = reverse('oauth2-put-document-authorize', args=[oauth2_document.pk]) + '/'
uri = reverse('oauth2-put-document-authorize', args=[oauth2_document.pk])
response = Response()
response['Location'] = uri
@ -207,13 +216,16 @@ class OAuth2AuthorizePutView(TemplateView):
return super(OAuth2AuthorizePutView, self).dispatch(request)
def get_context_data(self, **kwargs):
if self.oauth2_document:
kwargs['oauth2_document'] = self.oauth2_document
kwargs['filename'] = self.oauth2_document.filename
kwargs['thumbnail_image'] = self.oauth2_document.document.thumbnail_image
kwargs['oauth2_client'] = self.oauth2_document.client
kwargs['download_url'] = reverse('oauth2-put-document-download', kwargs={'pk': self.oauth2_document.pk})
# verify if document already exists
if not UserDocument.objects.filter(
user=self.request.user,
document=self.oauth2_document.document).exists():
kwargs['filename'] = self.oauth2_document.filename
kwargs['error_message'] = ''
else:
kwargs['error_message'] = _('This document is already in your portfolio')
@ -244,5 +256,12 @@ class OAuth2AuthorizePutView(TemplateView):
finally:
self.oauth2_document.delete()
authorize_put_document = login_required(OAuth2AuthorizePutView.as_view())
class DownloadPutDocument(View):
def get(self, request, *args, **kwargs):
oauth2_document = get_object_or_404(OAuth2TempFile, pk=kwargs['pk'])
return document_response(oauth2_document)
download_put_document = login_required(DownloadPutDocument.as_view())

3
fargo/templates/fargo/oauth2/authorize.html
View File

@ -4,6 +4,9 @@
{% block content %}
<div id="fargo-oauth2-authorize">
{% block form-intro %}
{% blocktrans %}
<p>The service {{ oauth2_client }} want to get one of your documents.</p>
{% endblocktrans %}
{% endblock %}
{% block form %}
<form method="post" enctype="multipart/form-data">

31
fargo/templates/fargo/oauth2/confirm.html
View File

@ -3,26 +3,31 @@
{% block content %}
<div id="fargo-oauth2-confirm">
{% if oauth2_document %}
{% block form-intro %}
<p>
{% blocktrans %}
The service {{ oauth2_client }} want to add the document "<a href="{{ download_url }}"><em class="filename">{{ filename }}</em></a>" to your portfolio.
{% endblocktrans %}
</p>
{% if thumbnail %}<p class="fargo-thumbnail"><img src="{{ thumbnail.src }}" height="{{ thumbnail.height }}" width="{{ thumbnail.width }}"/></p>{% endif %}
{% endblock %}
{% endif %}
{% if error_message %}
{% block error-message %}
<p>{% trans error_message %}</p>
<a href="{{ redirect_uri }}">{% trans "Continue to your client url" %}</a>
<p>{% trans error_message %}</p>
{% endblock %}
{% else %}
{% block form-intro %}
<p>{% blocktrans %}
Do you accept to add <em class="filename">{{ filename }}</em> to your portfolio?
{% endblocktrans %}</p>
{% endblock %}
{% block form %}
<form id="send-file" method="post" enctype="multipart/form-data">
{% endif %}
{% block form %}
<form id="send-file" method="post">
{% csrf_token %}
<div class="buttons">
<button name="submit">{% trans "Allow" %}</button>
{% if not error_message %}
<button name="submit">{% trans "Allow" %}</button>
{% endif %}
<button name="cancel">{% trans "Cancel" %}</button>
</div>
</form>
{% endblock %}
{% endif %}
{% endblock %}
</div>
{% endblock %}