annotate gpp/oembed/views.py @ 322:c3d3d7114749

Fix #148; Django now requires AJAX posts to present the CSRF token. Added code suggested by Django docs to shoutbox.js. Since shoutbox.js is on every page, it should cover all cases.
author Brian Neal <bgneal@gmail.com>
date Sat, 12 Feb 2011 21:37:17 +0000
parents 47a7138fcccb
children 6d6fdc58487c
rev   line source
bgneal@285 1 """
bgneal@285 2 Views for the oembed application.
bgneal@285 3 """
bgneal@285 4 import re
bgneal@285 5 import urllib2
bgneal@285 6
bgneal@285 7 from django.http import HttpResponse
bgneal@285 8 from django.http import HttpResponseBadRequest
bgneal@285 9 from django.http import HttpResponseForbidden
bgneal@285 10 import django.utils.simplejson as json
bgneal@285 11
bgneal@285 12 from oembed.models import Provider
bgneal@285 13 from oembed.models import Oembed
bgneal@285 14 from oembed.core import get_oembed
bgneal@285 15
bgneal@285 16
bgneal@285 17 def fetch_media(request):
bgneal@285 18 """
bgneal@286 19 This view returns the HTML media of an embeddable resource as
bgneal@286 20 JSON. This view is the target of an AJAX request.
bgneal@285 21 """
bgneal@285 22 if not request.user.is_authenticated():
bgneal@285 23 return HttpResponseForbidden('Please login or register.')
bgneal@285 24
bgneal@285 25 url = request.POST.get('q')
bgneal@285 26
bgneal@285 27 if not url:
bgneal@285 28 return HttpResponseBadRequest('Please provide a valid URL.')
bgneal@285 29
bgneal@285 30 # Is this already in our database?
bgneal@285 31 try:
bgneal@285 32 oembed = Oembed.objects.get(url=url)
bgneal@285 33 except Oembed.DoesNotExist:
bgneal@285 34 pass
bgneal@285 35 else:
bgneal@285 36 data = dict(id=oembed.id, embed=oembed.html)
bgneal@285 37 return HttpResponse(json.dumps(data), content_type='application/json')
bgneal@285 38
bgneal@285 39 # It isn't in the database, try to find it from our providers
bgneal@285 40 providers = Provider.objects.all()
bgneal@285 41 for provider in providers:
bgneal@285 42 if re.match(provider.url_regex, url):
bgneal@285 43 try:
bgneal@285 44 data = get_oembed(provider.api_endpoint, url)
bgneal@285 45 except IOError, e:
bgneal@285 46 return HttpResponseBadRequest(
bgneal@285 47 "Sorry, we could not retrieve your video (%s)" % e)
bgneal@285 48
bgneal@285 49 if 'type' not in data or data['type'] != 'video':
bgneal@285 50 return HttpResponseBadRequest(
bgneal@285 51 "Hey, this doesn't look like a video..??")
bgneal@285 52
bgneal@285 53 oembed = Oembed(url=url,
bgneal@285 54 type=Oembed.VIDEO,
bgneal@285 55 title=data.get('title', ''),
bgneal@285 56 width=int(data.get('width', 0)),
bgneal@285 57 height=int(data.get('height', 0)),
bgneal@285 58 html=data.get('html', ''))
bgneal@285 59 oembed.save()
bgneal@285 60
bgneal@285 61 data = dict(id=oembed.id, embed=oembed.html)
bgneal@285 62 return HttpResponse(json.dumps(data),
bgneal@285 63 content_type='application/json')
bgneal@285 64
bgneal@287 65 return HttpResponseBadRequest("Sorry, we couldn't find that video.")
bgneal@286 66
bgneal@286 67
bgneal@286 68 def fetch_saved_media(request):
bgneal@286 69 """
bgneal@286 70 This view returns the HTML embed information for previously saved Oembed
bgneal@286 71 objects as JSON. This view is the target of an AJAX request.
bgneal@286 72 """
bgneal@286 73 if not request.user.is_authenticated():
bgneal@286 74 return HttpResponseForbidden('Please login or register.')
bgneal@286 75
bgneal@286 76 embed_ids = request.GET.getlist('embeds')
bgneal@286 77 if not embed_ids:
bgneal@286 78 return HttpResponseBadRequest('Missing embed list.')
bgneal@286 79
bgneal@286 80 embeds = Oembed.objects.in_bulk(embed_ids)
bgneal@286 81
bgneal@286 82 # build results in order
bgneal@286 83 results = []
bgneal@286 84 for pk in embeds:
bgneal@286 85 results.append(dict(id=pk, html=embeds[pk].html))
bgneal@286 86
bgneal@286 87 return HttpResponse(json.dumps(results), content_type='application/json')