Merge branch '2.2-dev' into 119-search-bar

d37487b6 · David Haynes · 482bf59c · 011b8575 · d37487b6 · d37487b6
Commit d37487b6 authored Mar 12, 2017 by David Haynes
7 changed files
--- a/LICENSE
+++ b/LICENSE
-Copyright 2016 George Mason Student-Run Computing and Technology
+Copyright 2017 George Mason Student-Run Computing and Technology

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

--- a/go/go/forms.py
+++ b/go/go/forms.py
@@ -16,6 +16,7 @@ from crispy_forms.layout import Layout, Fieldset, Submit, HTML, Div, Field
 from crispy_forms.bootstrap import StrictButton, PrependedText, Accordion, AccordionGroup
 from bootstrap3_datetime.widgets import DateTimePicker
 from datetime import date, datetime, timedelta
+from six.moves import urllib

 """
    The form that is used in URL creation.
@@ -26,8 +27,20 @@ class URLForm(forms.ModelForm):
    def clean_target(self):
        # get the entered target link
        target = self.cleaned_data.get('target')
-        # if the host (go.gmu.edu) is in the entered target link
-        if self.host in target:
+        try:
+            final_url = urllib.request.urlopen(target).geturl()
+        # if visiting the provided url results in an HTTP error, or redirects
+        # to a page that results in an HTTP error
+        except urllib.error.URLError as e:
+            # to permit users to enter sites that return most errors, but
+            # prevent them from entering sites that result in an HTTP 300 error
+            if any(int(str(e)[11:14]) == errorNum for errorNum in range(300,308)):
+                raise ValidationError("Link results in a 300 error")
+            else:
+                final_url = ""
+        # if the host (go.gmu.edu) is in the entered target link or where it
+        # redirects
+        if self.host in final_url or self.host in target:
            raise ValidationError("You can't make a Go link to Go silly!")
        else:
            return target

--- a/go/go/views.py
+++ b/go/go/views.py
@@ -47,7 +47,32 @@ def index(request):
    # If a POST request is received, then the user has submitted a form and it's
    # time to parse the form and create a new URL object
    if request.method == 'POST':
-        return redirect('view', post(request).short)
+        # Now we initialize the form again but this time we have the POST
+        # request
+        url_form = URLForm(request.POST, host = request.META.get('HTTP_HOST'))
+
+        # Django will check the form to make sure it's valid
+        if url_form.is_valid():
+            # Call our post method to assemble our new URL object 
+            res = post(request, url_form)
+            
+            # If there is a 500 error returned, handle it
+            if res == 500:
+                return HttpResponseServerError(
+                    render(request, 'admin/500.html', {})
+                )
+
+            # Redirect to the shiny new URL 
+            return redirect('view', res.short)
+        
+        # Else, there is an error, redisplay the form with the validation errors
+        else:
+            # Render index.html passing the form to the template
+            return render(request, 'core/index.html', {
+                'form': url_form,
+            },
+            )
+

    # Render index.html passing the form to the template
    return render(request, 'core/index.html', {
@@ -58,61 +83,53 @@ def index(request):
 #rate limits are completely arbitrary
 @ratelimit(key='user', rate='3/m', method='POST', block=True)
 @ratelimit(key='user', rate='25/d', method='POST', block=True)
-def post(request):
-    # Now we initialize the form again but this time we have the POST
-    # request
-    url_form = URLForm(request.POST, host = request.META.get('HTTP_HOST'))
-
-    # Django will check the form to make sure it's valid
-    if url_form.is_valid():
-
-        # We don't commit the url object yet because we need to add its
-        # owner, and parse its date field.
-        url = url_form.save(commit = False)
-        url.owner = request.user.registereduser
-
-        # If the user entered a short url, it's already been validated,
-        # so accept it. If they did not, however, then generate a
-        # random one and use that instead.
-        short = url_form.cleaned_data.get('short').strip()
-
-        # Check if a short URL was entered
-        if len(short) > 0:
-            url.short = short
-        else:
-            # If the user didn't enter a short url, generate a random
-            # one. However, if a random one can't be generated, return
-            # a 500 server error.
-            random_short = URL.generate_valid_short()
-            if random_short is None:
-                return HttpResponseServerError(
-                    render(request, 'admin/500.html', {})
-                )
-            else:
-                url.short = random_short
-
-        # Grab the expiration field value. It's currently an unsable
-        # string value, so we need to parse it into a datetime object
-        # relative to right now.
-        expires = url_form.cleaned_data.get('expires')
-
-        # Determine what the expiration date is
-        if expires == URLForm.DAY:
-            url.expires = timezone.now() + timedelta(days = 1)
-        elif expires == URLForm.WEEK:
-            url.expires = timezone.now() + timedelta(weeks = 1)
-        elif expires == URLForm.MONTH:
-            url.expires = timezone.now() + timedelta(weeks = 3)
-        elif expires == URLForm.CUSTOM:
-            url.expires = url_form.cleaned_data.get('expires_custom')
+def post(request, url_form):
+    # We don't commit the url object yet because we need to add its
+    # owner, and parse its date field.
+    url = url_form.save(commit = False)
+    url.owner = request.user.registereduser
+
+    # If the user entered a short url, it's already been validated,
+    # so accept it. If they did not, however, then generate a
+    # random one and use that instead.
+    short = url_form.cleaned_data.get('short').strip()
+
+    # Check if a short URL was entered
+    if len(short) > 0:
+        url.short = short
+    else:
+        # If the user didn't enter a short url, generate a random
+        # one. However, if a random one can't be generated, return
+        # a 500 server error.
+        random_short = URL.generate_valid_short()
+
+        if random_short is None:
+            return 500
        else:
-            pass  # leave the field NULL
+            url.short = random_short
+
+    # Grab the expiration field value. It's currently an unsable
+    # string value, so we need to parse it into a datetime object
+    # relative to right now.
+    expires = url_form.cleaned_data.get('expires')
+
+    # Determine what the expiration date is
+    if expires == URLForm.DAY:
+        url.expires = timezone.now() + timedelta(days = 1)
+    elif expires == URLForm.WEEK:
+        url.expires = timezone.now() + timedelta(weeks = 1)
+    elif expires == URLForm.MONTH:
+        url.expires = timezone.now() + timedelta(weeks = 3)
+    elif expires == URLForm.CUSTOM:
+        url.expires = url_form.cleaned_data.get('expires_custom')
+    else:
+        pass  # leave the field NULL

-        # Make sure that our new URL object is clean, then save it and
-        # let's redirect to view this baby.
-        url.full_clean()
-        url.save()
-        return url
+    # Make sure that our new URL object is clean, then save it and
+    # let's redirect to view this baby.
+    url.full_clean()
+    url.save()
+    return url

 """
    This view allows the user to view details about a URL. Note that they

--- a/go/settings/settings.docker.py.template
+++ b/go/settings/settings.docker.py.template
@@ -168,3 +168,10 @@ EMAIL_TO = "to@example.com"
 # Domain used to email to users. See line 231 in views.py
 # ie. in Mason's case '@masonlive.gmu.edu'
 EMAIL_DOMAIN = os.environ['email_domain']
+
+# dummy cache for development-- doesn't actually cache things
+CACHES = {
+  'default': {
+    'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
+    }
+  }
--- a/go/settings/settings.py.template
+++ b/go/settings/settings.py.template
@@ -179,3 +179,14 @@ EMAIL_TO = "to@example.com"
 # Domain used to email to users. See line 231 in views.py
 # ie. in Mason's case '@masonlive.gmu.edu'
 EMAIL_DOMAIN = "@example.com"
+
+# Use redis cache when not in local development
+if DEBUG:
+    pass
+else:
+    CACHES = {
+        'default': {
+            'BACKEND': 'redis_cache.RedisCache',
+            'LOCATION': '/var/run/redis/redis.sock',
+        },
+    }
--- a/go/settings/urls.py
+++ b/go/settings/urls.py
@@ -6,6 +6,7 @@ from django.conf.urls import include, url
 import django.contrib.auth.views
 from django.contrib import admin
 from django.conf import settings
+from django.views.decorators.cache import cache_page
 from django.views.generic import TemplateView

 # App Imports
@@ -17,27 +18,27 @@ admin.autodiscover()

 # Main list of project URL's
 urlpatterns = [
-    # / - Homepage url.
-    url(r'^$', go.views.index, name='index'),
+    # / - Homepage url. Cached for 1 second (this is the page you see after logging in, so having it show as not logged in is strange)
+    url(r'^$', cache_page(1)(go.views.index), name='index'),

-    # /view/<short> - View URL data.
-    url(r'^view/(?P<short>[-\w]+)$', go.views.view, name='view'),
+    # /view/<short> - View URL data. Cached for 15 minutes
+    url(r'^view/(?P<short>[-\w]+)$', cache_page(60*15)(go.views.view), name='view'),

-    # /about - About page.
-    url(r'^about/?$', TemplateView.as_view(template_name='core/about.html'),
+    # /about - About page. Cached for 15 minutes
+    url(r'^about/?$', cache_page(60*15)(TemplateView.as_view(template_name='core/about.html')),
        name='about'),

-    # /signup - Signup page for access.
-    url(r'^signup/?$', go.views.signup, name='signup'),
+    # /signup - Signup page for access. Cached for 15 minutes
+    url(r'^signup/?$', cache_page(60*15)(go.views.signup), name='signup'),

-    # /myLinks - My-Links page, view and review links.
-    url(r'^myLinks/?$', go.views.my_links, name='my_links'),
+    # /myLinks - My-Links page, view and review links. Cached for 5 seconds
+    url(r'^myLinks/?$', cache_page(5)(go.views.my_links), name='my_links'),

    # /delete/<short> - Delete a link, no content display.
    url(r'^delete/(?P<short>[-\w]+)$', go.views.delete, name='delete'),

-    # /registered - registration complete page
-    url(r'^registered/?$', TemplateView.as_view(template_name='registered.html'),
+    # /registered - registration complete page. Cached for 15 minutes
+    url(r'^registered/?$', cache_page(60*15)(TemplateView.as_view(template_name='registered.html')),
        name='registered'),

    # /admin - Administrator interface.

--- a/requirements/base.txt
+++ b/requirements/base.txt
 Django==1.10
 django-crispy-forms==1.6.0
 django-ratelimit==1.0.1
+django-redis-cache==1.6.4
 git+https://github.com/bruno207/django-qrcode.git
 git+https://github.com/kstateome/django-cas.git
 git+https://github.com/bruno207/django-bootstrap3-datetimepicker.git
 hashids==1.1.0
 mysqlclient
+redis==2.10.5
 requests==2.11.0
 simplejson==3.8.2
+six
\ No newline at end of file