Commit Graph

795 Commits

Author SHA1 Message Date
0264821189 Comment option to set CORS for GCS bucket
This is originally introduced to enable access from pillar-web
javascript to GCS buckets (via the vrview.js library). For the moment
it is commented since we do not allow HDRI node_type in all projects.
2016-07-19 18:20:34 +02:00
a248e3285c Added optional project.header_node node ID reference.
This can be used to show a video on the project page in Pillar-Web.
2016-07-19 16:09:49 +02:00
54f3ca6924 project_manage_users: Prevent internal error when the user can't be found. 2016-07-19 14:03:58 +02:00
fe148e1e6b Simplified settings by introducing _node_embedded_schema.
This follows the same style as the already-existing _file_embedded_schema.
2016-07-19 12:33:42 +02:00
9b3e75b9b9 Nodes: embed 'short_link' when 'short_code' is present and not empty.
This prevents calls to /nodes/<node-id>/share to get the short link.
2016-07-15 11:23:13 +02:00
b880034fda Using before_returning_node_permissions in before_returning_node_resource_permissions 2016-07-15 11:09:24 +02:00
642cbafa09 Added urler service, which can fetch the URL of any project. 2016-07-13 16:52:48 +02:00
34e3cb1e7d Management command for refreshing home project permissions. 2016-07-13 15:59:38 +02:00
a844f1ddda Home project: allow commenting on nodes.
This is only set up correctly for new home projects. Existing home projects
should be migrated using a yet-to-be-written script.
2016-07-13 15:40:41 +02:00
158c7665e4 Removed some debug logging 2016-07-13 15:34:30 +02:00
b6ef96022c Added OPTIONS call to get allowed options on node types
This allows us to check whether a user is allowed to comment on a project
without requiring access to the project itself.
2016-07-13 15:09:40 +02:00
1f4e9ec7f3 authorization: split part of has_permissions() into compute_allowed_methods()
This allows other code to re-use the effective permission computations.
2016-07-13 15:08:34 +02:00
da938da38d Bugfix and some extra debug logging 2016-07-13 15:07:40 +02:00
9cd7198005 Make shared nodes world-gettable 2016-07-13 12:28:01 +02:00
6f952cde01 sync_role_groups: Iterating over users, instead of user/role combos.
This fixes all roles & group memberships at once, and fixes a bug where
the script had to be re-run to apply multiple role changes on a single
user.
2016-07-08 13:03:43 +02:00
a5d7b20b45 Changed confusing log message 2016-07-08 12:50:07 +02:00
8c94af0427 Made a management.py command 'badger <action> <user_email> <role>'
The action can be 'grant' or 'revoke'.
2016-07-08 12:34:49 +02:00
5d26de633c Limit uploadable file size to 32 MiB for non-subscribers. 2016-07-08 12:34:49 +02:00
1c03ea8dec Don't encode video and don't send uploaded files to GCS when TESTING.
Unittests shouldn't connect to external systems. We could mock GCS and
Zencoder, but that's a lot more work, and takes time to maintain.
2016-07-08 12:34:49 +02:00
1c18699de8 Importing werkzeug.exceptions instead of each individual exception 2016-07-08 12:34:49 +02:00
78e4474f94 Disabled uninteresting debug log 2016-07-08 12:32:37 +02:00
0b8aff1054 sync_project_groups: gracefully handle invalid object IDs.
Otherwise a mistake at the CLI will create a bugsnag.
2016-07-08 12:08:52 +02:00
f6eab4878f Log ensure_valid_link() stuff to separate logger. 2016-07-08 12:08:01 +02:00
896e2bc147 Override content type before creating file document in MongoDB 2016-07-07 19:05:42 +02:00
a1b26fe911 Removed 'theatre link' from short link info.
The short link should always link to the theatre mode anyway.
2016-07-07 17:00:24 +02:00
0f8cfc89b3 Nodes now have only one short code 2016-07-07 15:41:42 +02:00
3f3e9ac7db Nodes can now be shared with /nodes/<node_id>/share endpoint.
A POST will create a short link (if it doesn't exist already), whereas
a GET will return the short link for the node.

The endpoint will return a dict like:

{'short_code': 'XXXXXX',
 'short_link': 'https://blender.cloud/r/XXXXX',
 'theatre_link': 'https://blender.cloud/r/XXXXX?t'}
2016-07-07 15:17:56 +02:00
251f5ac86a Added app.utils.str2id() to convert IDs on URLs to ObjectId.
Raises a BadRequest exception when the ID is malformed.
2016-07-07 14:56:30 +02:00
be1deb7eb6 Moved MongoDB index creation to app startup.
At the first request to Pillar, the application will create all missing
indices. This also happens in unittests, so that we get the correct
behaviour for 'unique' indices.
2016-07-07 14:55:07 +02:00
d5683afb84 manager command 'setup_db_indices': Adds missing database indices.
This does NOT drop and recreate existing indices, nor does it reconfigure
existing indices. If you want that, drop them manually first.
2016-07-07 12:44:06 +02:00
6a7d3bd972 Removed obsolete node_types_schema 2016-07-07 11:59:28 +02:00
ff99134ac4 PEP8 formatting 2016-07-07 11:57:59 +02:00
ff8d5c96b7 stream_to_gcs: Return a BadRequest(400) error when content type is missing
We're using uploaded_file.content_type.startswith('image/'), which
fails with an AttributeError if uploaded_file.content_type is None. We
now check for this and properly return info about the missing conten type
to the caller.
2016-07-07 11:11:06 +02:00
782ac9ac1e Disable webm variation creation for video assets
Encoding webm video is very time consuming and currently h264 is
supported by most browsers. Once we switch to a different encoding
backend we can reintroduce it, if needed, along with multiple
resolutions.
2016-07-07 10:42:05 +02:00
694016f58b Fixed issue creating non-sync nodes on home project. 2016-07-06 15:19:41 +02:00
d95004e62e Node 'user' property now defaults to the current user ID. 2016-07-06 15:19:28 +02:00
447473303a sync_project_groups: mention user ID in bad/ok group count
Makes it easier to grep & process the output
2016-07-06 14:12:32 +02:00
51a51e5782 sync_project_groups: also support identifying user by user ID 2016-07-06 12:55:40 +02:00
2be94bd504 Reformat 2016-07-06 12:50:07 +02:00
5b60dad831 Added script to add users to admin groups of projects they created.
For now, can only be run on individual users, identified by email address.

./manage.py sync_project_groups user@domain true

Replace 'true' with 'false' to just see the status and not update the DB.
2016-07-06 12:49:51 +02:00
57e2f01153 Bug fix: users loose their project groups after getting role.
The badger service erased the user's groups when assigning subscriber
group membership.
2016-07-06 12:35:16 +02:00
40b29d7d40 Send Blinker signal when user roles change due to a PUT on the user. 2016-07-06 11:53:26 +02:00
3a33475efc Refactored blender_id.validate_create_user()
Semantically still the same code.
2016-07-06 11:53:10 +02:00
91238aacb7 Managing home project permissions when granting/revoking subscriber/demo role.
This is hooked into the badger service using a Blinker signal. This signal
also needs to be sent from a PUT on the user document.
2016-07-06 11:05:24 +02:00
4b1b02318b Explicitly pass the application path to Git.
Without this, it doesn't work on our production environment.
2016-07-05 13:05:47 +02:00
def1a3d080 Send the Git revision to Bugsnag
This allows us to use the "ignore until a new version is deployed" feature.
2016-07-05 13:01:19 +02:00
dda0e2c868 When creating user from BlenderID, full_name defaults to username. 2016-07-05 12:36:32 +02:00
8a0fa8afd6 Log error when unable to create new user in mongodb. 2016-07-04 13:19:02 +02:00
7e85b32fc7 Gracefully handle missing node types when validating custom fields. 2016-07-04 12:36:54 +02:00
b507216d23 Increased log level for dynamic property validation errors 2016-06-30 18:38:57 +02:00