Commit d37487b6 authored by David Haynes's avatar David Haynes
Browse files

Merge branch '2.2-dev' into 119-search-bar

parents 482bf59c 011b8575
Pipeline #1067 passed with stage
in 1 minute and 23 seconds
Copyright 2016 George Mason Student-Run Computing and Technology
Copyright 2017 George Mason Student-Run Computing and Technology
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
......
......@@ -16,6 +16,7 @@ from crispy_forms.layout import Layout, Fieldset, Submit, HTML, Div, Field
from crispy_forms.bootstrap import StrictButton, PrependedText, Accordion, AccordionGroup
from bootstrap3_datetime.widgets import DateTimePicker
from datetime import date, datetime, timedelta
from six.moves import urllib
"""
The form that is used in URL creation.
......@@ -26,8 +27,20 @@ class URLForm(forms.ModelForm):
def clean_target(self):
# get the entered target link
target = self.cleaned_data.get('target')
# if the host (go.gmu.edu) is in the entered target link
if self.host in target:
try:
final_url = urllib.request.urlopen(target).geturl()
# if visiting the provided url results in an HTTP error, or redirects
# to a page that results in an HTTP error
except urllib.error.URLError as e:
# to permit users to enter sites that return most errors, but
# prevent them from entering sites that result in an HTTP 300 error
if any(int(str(e)[11:14]) == errorNum for errorNum in range(300,308)):
raise ValidationError("Link results in a 300 error")
else:
final_url = ""
# if the host (go.gmu.edu) is in the entered target link or where it
# redirects
if self.host in final_url or self.host in target:
raise ValidationError("You can't make a Go link to Go silly!")
else:
return target
......
......@@ -47,7 +47,32 @@ def index(request):
# If a POST request is received, then the user has submitted a form and it's
# time to parse the form and create a new URL object
if request.method == 'POST':
return redirect('view', post(request).short)
# Now we initialize the form again but this time we have the POST
# request
url_form = URLForm(request.POST, host = request.META.get('HTTP_HOST'))
# Django will check the form to make sure it's valid
if url_form.is_valid():
# Call our post method to assemble our new URL object
res = post(request, url_form)
# If there is a 500 error returned, handle it
if res == 500:
return HttpResponseServerError(
render(request, 'admin/500.html', {})
)
# Redirect to the shiny new URL
return redirect('view', res.short)
# Else, there is an error, redisplay the form with the validation errors
else:
# Render index.html passing the form to the template
return render(request, 'core/index.html', {
'form': url_form,
},
)
# Render index.html passing the form to the template
return render(request, 'core/index.html', {
......@@ -58,61 +83,53 @@ def index(request):
#rate limits are completely arbitrary
@ratelimit(key='user', rate='3/m', method='POST', block=True)
@ratelimit(key='user', rate='25/d', method='POST', block=True)
def post(request):
# Now we initialize the form again but this time we have the POST
# request
url_form = URLForm(request.POST, host = request.META.get('HTTP_HOST'))
# Django will check the form to make sure it's valid
if url_form.is_valid():
# We don't commit the url object yet because we need to add its
# owner, and parse its date field.
url = url_form.save(commit = False)
url.owner = request.user.registereduser
# If the user entered a short url, it's already been validated,
# so accept it. If they did not, however, then generate a
# random one and use that instead.
short = url_form.cleaned_data.get('short').strip()
# Check if a short URL was entered
if len(short) > 0:
url.short = short
else:
# If the user didn't enter a short url, generate a random
# one. However, if a random one can't be generated, return
# a 500 server error.
random_short = URL.generate_valid_short()
if random_short is None:
return HttpResponseServerError(
render(request, 'admin/500.html', {})
)
else:
url.short = random_short
# Grab the expiration field value. It's currently an unsable
# string value, so we need to parse it into a datetime object
# relative to right now.
expires = url_form.cleaned_data.get('expires')
# Determine what the expiration date is
if expires == URLForm.DAY:
url.expires = timezone.now() + timedelta(days = 1)
elif expires == URLForm.WEEK:
url.expires = timezone.now() + timedelta(weeks = 1)
elif expires == URLForm.MONTH:
url.expires = timezone.now() + timedelta(weeks = 3)
elif expires == URLForm.CUSTOM:
url.expires = url_form.cleaned_data.get('expires_custom')
def post(request, url_form):
# We don't commit the url object yet because we need to add its
# owner, and parse its date field.
url = url_form.save(commit = False)
url.owner = request.user.registereduser
# If the user entered a short url, it's already been validated,
# so accept it. If they did not, however, then generate a
# random one and use that instead.
short = url_form.cleaned_data.get('short').strip()
# Check if a short URL was entered
if len(short) > 0:
url.short = short
else:
# If the user didn't enter a short url, generate a random
# one. However, if a random one can't be generated, return
# a 500 server error.
random_short = URL.generate_valid_short()
if random_short is None:
return 500
else:
pass # leave the field NULL
url.short = random_short
# Grab the expiration field value. It's currently an unsable
# string value, so we need to parse it into a datetime object
# relative to right now.
expires = url_form.cleaned_data.get('expires')
# Determine what the expiration date is
if expires == URLForm.DAY:
url.expires = timezone.now() + timedelta(days = 1)
elif expires == URLForm.WEEK:
url.expires = timezone.now() + timedelta(weeks = 1)
elif expires == URLForm.MONTH:
url.expires = timezone.now() + timedelta(weeks = 3)
elif expires == URLForm.CUSTOM:
url.expires = url_form.cleaned_data.get('expires_custom')
else:
pass # leave the field NULL
# Make sure that our new URL object is clean, then save it and
# let's redirect to view this baby.
url.full_clean()
url.save()
return url
# Make sure that our new URL object is clean, then save it and
# let's redirect to view this baby.
url.full_clean()
url.save()
return url
"""
This view allows the user to view details about a URL. Note that they
......
......@@ -168,3 +168,10 @@ EMAIL_TO = "to@example.com"
# Domain used to email to users. See line 231 in views.py
# ie. in Mason's case '@masonlive.gmu.edu'
EMAIL_DOMAIN = os.environ['email_domain']
# dummy cache for development-- doesn't actually cache things
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
}
}
......@@ -179,3 +179,14 @@ EMAIL_TO = "to@example.com"
# Domain used to email to users. See line 231 in views.py
# ie. in Mason's case '@masonlive.gmu.edu'
EMAIL_DOMAIN = "@example.com"
# Use redis cache when not in local development
if DEBUG:
pass
else:
CACHES = {
'default': {
'BACKEND': 'redis_cache.RedisCache',
'LOCATION': '/var/run/redis/redis.sock',
},
}
......@@ -6,6 +6,7 @@ from django.conf.urls import include, url
import django.contrib.auth.views
from django.contrib import admin
from django.conf import settings
from django.views.decorators.cache import cache_page
from django.views.generic import TemplateView
# App Imports
......@@ -17,27 +18,27 @@ admin.autodiscover()
# Main list of project URL's
urlpatterns = [
# / - Homepage url.
url(r'^$', go.views.index, name='index'),
# / - Homepage url. Cached for 1 second (this is the page you see after logging in, so having it show as not logged in is strange)
url(r'^$', cache_page(1)(go.views.index), name='index'),
# /view/<short> - View URL data.
url(r'^view/(?P<short>[-\w]+)$', go.views.view, name='view'),
# /view/<short> - View URL data. Cached for 15 minutes
url(r'^view/(?P<short>[-\w]+)$', cache_page(60*15)(go.views.view), name='view'),
# /about - About page.
url(r'^about/?$', TemplateView.as_view(template_name='core/about.html'),
# /about - About page. Cached for 15 minutes
url(r'^about/?$', cache_page(60*15)(TemplateView.as_view(template_name='core/about.html')),
name='about'),
# /signup - Signup page for access.
url(r'^signup/?$', go.views.signup, name='signup'),
# /signup - Signup page for access. Cached for 15 minutes
url(r'^signup/?$', cache_page(60*15)(go.views.signup), name='signup'),
# /myLinks - My-Links page, view and review links.
url(r'^myLinks/?$', go.views.my_links, name='my_links'),
# /myLinks - My-Links page, view and review links. Cached for 5 seconds
url(r'^myLinks/?$', cache_page(5)(go.views.my_links), name='my_links'),
# /delete/<short> - Delete a link, no content display.
url(r'^delete/(?P<short>[-\w]+)$', go.views.delete, name='delete'),
# /registered - registration complete page
url(r'^registered/?$', TemplateView.as_view(template_name='registered.html'),
# /registered - registration complete page. Cached for 15 minutes
url(r'^registered/?$', cache_page(60*15)(TemplateView.as_view(template_name='registered.html')),
name='registered'),
# /admin - Administrator interface.
......
Django==1.10
django-crispy-forms==1.6.0
django-ratelimit==1.0.1
django-redis-cache==1.6.4
git+https://github.com/bruno207/django-qrcode.git
git+https://github.com/kstateome/django-cas.git
git+https://github.com/bruno207/django-bootstrap3-datetimepicker.git
hashids==1.1.0
mysqlclient
redis==2.10.5
requests==2.11.0
simplejson==3.8.2
six
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment