-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathviews.py
127 lines (103 loc) · 5.18 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
from django.shortcuts import render_to_response, get_object_or_404
from django.template import RequestContext
from django.contrib.auth.models import User, AnonymousUser
from django.http import HttpResponse, HttpResponseServerError, \
HttpResponseNotAllowed, HttpResponseForbidden, HttpResponseBadRequest
from django.conf import settings
from models import Song, SongForm, QuotaError
from log import log_song_upload, log_song_download, log_song_delete
def index(request):
latest_uploads = Song.objects.order_by('-date_created')[:10]
people = filter(
lambda user: Song.objects.filter(owner=user).count(),
User.objects.all())
return render_to_response('index.html', {
'latest_uploads': latest_uploads,
'logged_in': not isinstance(request.user, AnonymousUser),
'people': people,
}, RequestContext(request))
def upload(request):
if isinstance(request.user, AnonymousUser):
return HttpResponseForbidden("You need to log in.")
if request.method == 'POST':
form = SongForm(request.POST, request.FILES)
if form.is_valid():
song = form.save(commit=False)
song.owner = request.user
song.original_name = request.FILES['data_file'].name
try:
song.save()
except QuotaError, e:
if e.kind == 'user':
return HttpResponseBadRequest('File upload failed: you have '
'exceeded your quota of %d bytes.' % e.value)
elif e.kind == 'total':
return HttpResponseServerError('File upload failed: there is '
'no more room on the server.')
log_song_upload(request, song)
return render_to_response('song_upload_done.html', {}, RequestContext(request))
else:
form = SongForm()
return render_to_response('song_upload.html', {'form': form}, RequestContext(request))
def delete(request):
from django.core.exceptions import ObjectDoesNotExist
if request.method != 'POST':
return HttpResponseNotAllowed(['POST'])
song_id = request.POST.get('song', '-1')
try:
song = Song.objects.get(id=song_id)
except ObjectDoesNotExist:
return HttpResponseBadRequest("The song does not exist.")
if song.owner != request.user:
return HttpResponseForbidden('This song is not yours to delete.')
log_song_delete(request, song)
song.delete()
return render_to_response('song_delete_done.html', RequestContext(request))
def person_page(request, username):
user = get_object_or_404(User, username=username)
songs = Song.objects.filter(owner=user)
return render_to_response('person_page.html', {'songs': songs}, RequestContext(request))
def song_page(request, song_code):
if isinstance(request.user, AnonymousUser):
return HttpResponseForbidden('Only logged-in users can download songs.')
song = get_object_or_404(Song, data_file='%s.mp3' % song_code)
return render_to_response('song_page.html', {'song': song}, RequestContext(request))
def download_song(request, song_code):
import os
from django.core.servers.basehttp import FileWrapper
from urllib import quote
if isinstance(request.user, AnonymousUser):
return HttpResponseForbidden('Only logged-in users can download songs.')
song = get_object_or_404(Song, data_file='%s.mp3' % song_code)
log_song_download(request, song)
data_file_path = '%s%s' % (settings.MEDIA_ROOT, song.data_file)
wrapper = FileWrapper(file(data_file_path))
response = HttpResponse(wrapper, content_type='audio/mpeg')
response['Content-Disposition'] = 'attachment; filename="%s"' % song.original_name.replace('"', '_')
response['Content-Length'] = os.path.getsize(data_file_path)
return response
def auth(request):
from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth import login, logout
if isinstance(request.user, AnonymousUser):
if request.method == 'POST':
if request.POST.get('do', None) != 'login':
return HttpResponseBadRequest('Logged-in users can only perform logout.')
auth_form = AuthenticationForm(request, request.POST)
if auth_form.is_valid():
login(request, auth_form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return render_to_response('auth.html', {}, RequestContext(request))
else:
auth_form = AuthenticationForm()
request.session.set_test_cookie()
return render_to_response('auth.html', {'auth_form': auth_form}, RequestContext(request))
else:
if request.method == 'POST':
if request.POST.get('do', None) != 'logout':
return HttpResponseBadRequest('Logged-in users can only perform logout.')
logout(request)
return render_to_response('auth.html', {'auth_form': AuthenticationForm()}, RequestContext(request))
else:
return render_to_response('auth.html', {}, RequestContext(request))