From 598980269bc2e4751dcb7ef0dd4d2cf796eb9275 Mon Sep 17 00:00:00 2001 From: Logan Hanks Date: Tue, 22 Jan 2013 12:31:25 -0800 Subject: [PATCH] Add OAuth support to many types of listings. --- r2/r2/controllers/listingcontroller.py | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/r2/r2/controllers/listingcontroller.py b/r2/r2/controllers/listingcontroller.py index a5173ac68..d084fa295 100755 --- a/r2/r2/controllers/listingcontroller.py +++ b/r2/r2/controllers/listingcontroller.py @@ -52,7 +52,7 @@ from pylons.controllers.util import redirect_to import random from functools import partial -class ListingController(RedditController): +class ListingController(RedditController, OAuth2ResourceController): """Generalized controller for pages with lists of links.""" # toggle skipping of links based on the users' save/hide/vote preferences @@ -84,6 +84,10 @@ class ListingController(RedditController): render_params = {} extra_page_classes = ['listing-page'] + def pre(self): + self.check_for_bearer_token() + RedditController.pre(self) + @property def menus(self): """list of menus underneat the header (e.g., sort, time, kind, @@ -180,6 +184,7 @@ class ListingController(RedditController): builder_wrapper = staticmethod(default_thing_wrapper()) + @require_oauth2_scope("read") @base_listing @api_doc(api_section.listings, extensions=['json', 'xml']) def GET_listing(self, **env): @@ -389,6 +394,7 @@ class HotController(FixListing, ListingController): def title(self): return c.site.title + @require_oauth2_scope("read") @listing_api_doc(uri='/hot') def GET_listing(self, **env): self.requested_ad = request.get.get('ad') @@ -437,6 +443,7 @@ class NewController(ListingController): # point. Now just redirect to GET mode. return self.redirect(request.fullpath + query_string(dict(sort=sort))) + @require_oauth2_scope("read") @validate(sort = VMenu('controller', NewMenu)) @listing_api_doc(uri='/new') def GET_listing(self, sort, **env): @@ -471,6 +478,7 @@ class BrowseController(ListingController): return self.redirect( request.fullpath + query_string(dict(sort=sort, t=t))) + @require_oauth2_scope("read") @validate(t = VMenu('sort', ControversyTimeMenu)) @listing_api_doc(uri='/{sort}', uri_variants=['/top', '/controversial']) def GET_listing(self, sort, t, **env): @@ -514,6 +522,7 @@ class ByIDController(ListingController): def query(self): return self.names + @require_oauth2_scope("read") @validate(links = VByName("names", thing_cls = Link, multiple = True)) def GET_listing(self, links, **env): if not links: @@ -718,7 +727,7 @@ class UserController(ListingController): dest += "?" + query_string return redirect_to(dest) -class MessageController(ListingController, OAuth2ResourceController): +class MessageController(ListingController): show_nums = False render_cls = MessagePage allow_stylesheets = False @@ -726,10 +735,6 @@ class MessageController(ListingController, OAuth2ResourceController): # conceptually fit for styling these pages. extra_page_classes = ['messages-page'] - def pre(self): - self.check_for_bearer_token() - ListingController.pre(self) - @property def show_sidebar(self): if c.default_sr and not isinstance(c.site, (ModSR, MultiReddit)): @@ -1043,6 +1048,7 @@ class CommentsController(ListingController): def query(self): return c.site.get_all_comments() + @require_oauth2_scope("read") def GET_listing(self, **env): c.profilepage = True return ListingController.GET_listing(self, **env) @@ -1062,6 +1068,7 @@ class GildedController(ListingController): except NotImplementedError: abort(404) + @require_oauth2_scope("read") def GET_listing(self, **env): c.profilepage = True return ListingController.GET_listing(self, **env)