From dc8c54e6dba8129a210adeca4f1ad7b295dc4ded Mon Sep 17 00:00:00 2001
From: Zev Benjamin <zev@humbughq.com>
Date: Tue, 6 Nov 2012 14:27:55 -0500
Subject: [PATCH] Move view decorators into decorator.py

(imported from commit 737cff552b395493f44864ac06e901b0ba17fa29)
---
 zephyr/decorator.py | 41 +++++++++++++++++++++++++++++++++++++++++
 zephyr/views.py     | 42 ++----------------------------------------
 2 files changed, 43 insertions(+), 40 deletions(-)

diff --git a/zephyr/decorator.py b/zephyr/decorator.py
index 39894a09c3..d97654e1d0 100644
--- a/zephyr/decorator.py
+++ b/zephyr/decorator.py
@@ -1,3 +1,7 @@
+from django.views.decorators.csrf import csrf_exempt
+from zephyr.models import UserProfile
+from zephyr.lib.response import json_success, json_error
+
 from functools import wraps
 
 import types
@@ -24,3 +28,40 @@ def asynchronous(method):
     if getattr(method, 'csrf_exempt', False):
         wrapper.csrf_exempt = True
     return wrapper
+
+def require_post(view_func):
+    @wraps(view_func)
+    def _wrapped_view_func(request, *args, **kwargs):
+        if request.method != "POST":
+            return json_error('This form can only be submitted by POST.')
+        return view_func(request, *args, **kwargs)
+    return _wrapped_view_func
+
+# authenticated_api_view will add the authenticated user's user_profile to
+# the view function's arguments list, since we have to look it up
+# anyway.
+def authenticated_api_view(view_func):
+    @csrf_exempt
+    @require_post
+    @wraps(view_func)
+    def _wrapped_view_func(request, *args, **kwargs):
+        try:
+            user_profile = UserProfile.objects.get(user__email=request.POST.get("email"))
+        except UserProfile.DoesNotExist:
+            return json_error("Invalid user")
+        if user_profile is None or request.POST.get("api-key") != user_profile.api_key:
+            return json_error('Invalid API user/key pair.')
+        return view_func(request, user_profile, *args, **kwargs)
+    return _wrapped_view_func
+
+# Checks if the request is a POST request and that the user is logged
+# in.  If not, return an error (the @login_required behavior of
+# redirecting to a login page doesn't make sense for json views)
+def authenticated_json_view(view_func):
+    @require_post
+    @wraps(view_func)
+    def _wrapped_view_func(request, *args, **kwargs):
+        if not request.user.is_authenticated():
+            return json_error("Not logged in")
+        return view_func(request, *args, **kwargs)
+    return _wrapped_view_func
diff --git a/zephyr/views.py b/zephyr/views.py
index 3d1e3bd3df..82c08c18b5 100644
--- a/zephyr/views.py
+++ b/zephyr/views.py
@@ -19,15 +19,14 @@ from zephyr.forms import RegistrationForm, HomepageForm, is_unique, \
     is_active
 from django.views.decorators.csrf import csrf_exempt
 
-from zephyr.decorator import asynchronous
+from zephyr.decorator import asynchronous, require_post, \
+    authenticated_api_view, authenticated_json_view
 from zephyr.lib.query import last_n
 from zephyr.lib.avatar import gravatar_hash
 from zephyr.lib.response import json_success, json_error
 
 from confirmation.models import Confirmation
 
-from functools import wraps
-
 import datetime
 import simplejson
 import socket
@@ -40,43 +39,6 @@ import base64
 
 SERVER_GENERATION = int(time.time())
 
-def require_post(view_func):
-    @wraps(view_func)
-    def _wrapped_view_func(request, *args, **kwargs):
-        if request.method != "POST":
-            return json_error('This form can only be submitted by POST.')
-        return view_func(request, *args, **kwargs)
-    return _wrapped_view_func
-
-# authenticated_api_view will add the authenticated user's user_profile to
-# the view function's arguments list, since we have to look it up
-# anyway.
-def authenticated_api_view(view_func):
-    @csrf_exempt
-    @require_post
-    @wraps(view_func)
-    def _wrapped_view_func(request, *args, **kwargs):
-        try:
-            user_profile = UserProfile.objects.get(user__email=request.POST.get("email"))
-        except UserProfile.DoesNotExist:
-            return json_error("Invalid user")
-        if user_profile is None or request.POST.get("api-key") != user_profile.api_key:
-            return json_error('Invalid API user/key pair.')
-        return view_func(request, user_profile, *args, **kwargs)
-    return _wrapped_view_func
-
-# Checks if the request is a POST request and that the user is logged
-# in.  If not, return an error (the @login_required behavior of
-# redirecting to a login page doesn't make sense for json views)
-def authenticated_json_view(view_func):
-    @require_post
-    @wraps(view_func)
-    def _wrapped_view_func(request, *args, **kwargs):
-        if not request.user.is_authenticated():
-            return json_error("Not logged in")
-        return view_func(request, *args, **kwargs)
-    return _wrapped_view_func
-
 def get_stream(stream_name, realm):
     try:
         return Stream.objects.get(name__iexact=stream_name, realm=realm)