Use Django 1.4 @ensure_csrf_cookie method PLAT-664

cms/djangoapps/contentstore/views/assets.py

@@ -5,9 +5,8 @@ import json
 
 from django.http import HttpResponseBadRequest
 from django.contrib.auth.decorators import login_required
-from django.views.decorators.http import require_http_methods
-from django_future.csrf import ensure_csrf_cookie
-from django.views.decorators.http import require_POST
+from django.views.decorators.csrf import ensure_csrf_cookie
+from django.views.decorators.http import require_http_methods, require_POST
 from django.conf import settings
 
 from edxmako.shortcuts import render_to_response

cms/djangoapps/contentstore/views/certificates.py

@@ -25,7 +25,7 @@ import json
 
 from django.conf import settings
 from django.contrib.auth.decorators import login_required
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.http import HttpResponse
 from django.utils.translation import ugettext as _
 from django.views.decorators.http import require_http_methods

cms/djangoapps/contentstore/views/checklist.py

@@ -5,7 +5,7 @@ from util.json_request import JsonResponse
 from django.http import HttpResponseBadRequest
 from django.contrib.auth.decorators import login_required
 from django.views.decorators.http import require_http_methods
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from edxmako.shortcuts import render_to_response
 from django.http import HttpResponseNotFound
 from django.core.exceptions import PermissionDenied

cms/djangoapps/contentstore/views/course.py

@@ -30,7 +30,7 @@ from opaque_keys import InvalidKeyError
 from opaque_keys.edx.locations import Location
 from opaque_keys.edx.keys import CourseKey
 
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from contentstore.course_info_model import get_course_updates, update_course_updates, delete_course_update
 from contentstore.course_group_config import (
     GroupConfiguration,

cms/djangoapps/contentstore/views/entrance_exam.py

@@ -7,7 +7,7 @@ import json
 import logging
 
 from django.contrib.auth.decorators import login_required
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.http import HttpResponse, HttpResponseBadRequest
 
 from contentstore.views.helpers import create_xblock, remove_entrance_exam_graders

cms/djangoapps/contentstore/views/export_git.py

@@ -7,7 +7,7 @@ import logging
 
 from django.contrib.auth.decorators import login_required
 from django.core.exceptions import PermissionDenied
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.utils.translation import ugettext as _
 
 from student.auth import has_course_author_access

cms/djangoapps/contentstore/views/import_export.py

@@ -18,9 +18,9 @@ from django.core.files.temp import NamedTemporaryFile
 from django.core.servers.basehttp import FileWrapper
 from django.http import HttpResponse, HttpResponseNotFound
 from django.utils.translation import ugettext as _
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.http import require_http_methods, require_GET
 
-from django_future.csrf import ensure_csrf_cookie
 import dogstats_wrapper as dog_stats_api
 from edxmako.shortcuts import render_to_response
 from xmodule.contentstore.django import contentstore

cms/djangoapps/contentstore/views/library.py

@@ -16,7 +16,7 @@ from django.core.exceptions import PermissionDenied
 from django.conf import settings
 from django.utils.translation import ugettext as _
 from django.views.decorators.http import require_http_methods
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from edxmako.shortcuts import render_to_response
 from opaque_keys import InvalidKeyError
 from opaque_keys.edx.keys import CourseKey

cms/djangoapps/contentstore/views/public.py

@@ -1,7 +1,7 @@
 """
 Public views
 """
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.core.context_processors import csrf
 from django.core.urlresolvers import reverse
 from django.shortcuts import redirect

cms/djangoapps/contentstore/views/tabs.py

@@ -8,7 +8,7 @@ from django.http import HttpResponseNotFound
 from django.conf import settings
 from django.contrib.auth.decorators import login_required
 from django.core.exceptions import PermissionDenied
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.http import require_http_methods
 
 from edxmako.shortcuts import render_to_response

cms/djangoapps/contentstore/views/user.py

@@ -4,7 +4,7 @@ from django.contrib.auth.decorators import login_required
 from django.views.decorators.http import require_http_methods
 from django.utils.translation import ugettext as _
 from django.views.decorators.http import require_POST
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from edxmako.shortcuts import render_to_response
 
 from xmodule.modulestore.django import modulestore

common/djangoapps/django_future/csrf.py

@@ -1,83 +0,0 @@
-# Taken from Django 1.4
-
-import warnings
-
-from django.middleware.csrf import CsrfViewMiddleware, get_token
-from django.utils.decorators import decorator_from_middleware, available_attrs
-from functools import wraps
-
-csrf_protect = decorator_from_middleware(CsrfViewMiddleware)
-csrf_protect.__name__ = "csrf_protect"
-csrf_protect.__doc__ = """
-This decorator adds CSRF protection in exactly the same way as
-CsrfViewMiddleware, but it can be used on a per view basis.  Using both, or
-using the decorator multiple times, is harmless and efficient.
-"""
-
-
-class _EnsureCsrfToken(CsrfViewMiddleware):
-    # We need this to behave just like the CsrfViewMiddleware, but not reject
-    # requests.
-    def _reject(self, request, reason):
-        return None
-
-
-requires_csrf_token = decorator_from_middleware(_EnsureCsrfToken)
-requires_csrf_token.__name__ = 'requires_csrf_token'
-requires_csrf_token.__doc__ = """
-Use this decorator on views that need a correct csrf_token available to
-RequestContext, but without the CSRF protection that csrf_protect
-enforces.
-"""
-
-
-class _EnsureCsrfCookie(CsrfViewMiddleware):
-    def _reject(self, request, reason):
-        return None
-
-    def process_view(self, request, callback, callback_args, callback_kwargs):
-        retval = super(_EnsureCsrfCookie, self).process_view(request, callback, callback_args, callback_kwargs)
-        # Forces process_response to send the cookie
-        get_token(request)
-        return retval
-
-
-ensure_csrf_cookie = decorator_from_middleware(_EnsureCsrfCookie)
-ensure_csrf_cookie.__name__ = 'ensure_csrf_cookie'
-ensure_csrf_cookie.__doc__ = """
-Use this decorator to ensure that a view sets a CSRF cookie, whether or not it
-uses the csrf_token template tag, or the CsrfViewMiddleware is used.
-"""
-
-
-def csrf_response_exempt(view_func):
-    """
-    Modifies a view function so that its response is exempt
-    from the post-processing of the CSRF middleware.
-    """
-    warnings.warn("csrf_response_exempt is deprecated. It no longer performs a "
-                  "function, and calls to it can be removed.",
-                  PendingDeprecationWarning)
-    return view_func
-
-
-def csrf_view_exempt(view_func):
-    """
-    Marks a view function as being exempt from CSRF view protection.
-    """
-    warnings.warn("csrf_view_exempt is deprecated. Use csrf_exempt instead.",
-                  PendingDeprecationWarning)
-    return csrf_exempt(view_func)
-
-
-def csrf_exempt(view_func):
-    """
-    Marks a view function as being exempt from the CSRF view protection.
-    """
-    # We could just do view_func.csrf_exempt = True, but decorators
-    # are nicer if they don't have side-effects, so we return a new
-    # function.
-    def wrapped_view(*args, **kwargs):
-        return view_func(*args, **kwargs)
-    wrapped_view.csrf_exempt = True
-    return wraps(view_func, assigned=available_attrs(view_func))(wrapped_view)

common/djangoapps/external_auth/views.py

@@ -34,7 +34,7 @@ try:
     from django.views.decorators.csrf import csrf_exempt
 except ImportError:
     from django.contrib.csrf.middleware import csrf_exempt
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 
 import django_openid_auth.views as openid_views
 from django_openid_auth import auth as openid_auth

common/djangoapps/student/views.py

@@ -26,11 +26,10 @@ from django.http import (HttpResponse, HttpResponseBadRequest, HttpResponseForbi
                          HttpResponseServerError, Http404)
 from django.shortcuts import redirect
 from django.utils.translation import ungettext
-from django_future.csrf import ensure_csrf_cookie
 from django.utils.http import cookie_date, base36_to_int
 from django.utils.translation import ugettext as _, get_language
 from django.views.decorators.cache import never_cache
-from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie
 from django.views.decorators.http import require_POST, require_GET
 
 from django.db.models.signals import post_save

common/djangoapps/track/views/__init__.py

@@ -7,7 +7,7 @@ from django.contrib.auth.decorators import login_required
 from django.http import HttpResponse
 from django.shortcuts import redirect
 
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 
 from edxmako.shortcuts import render_to_response
 

common/djangoapps/track/views/segmentio.py

@@ -8,7 +8,7 @@ from django.conf import settings
 from django.contrib.auth.models import User
 from django.http import HttpResponse
 from django.views.decorators.http import require_POST
-from django_future.csrf import csrf_exempt
+from django.views.decorators.csrf import csrf_exempt
 
 from eventtracking import tracker
 from opaque_keys.edx.keys import CourseKey

lms/djangoapps/branding/views.py

@@ -9,7 +9,7 @@ from django.views.decorators.cache import cache_control
 from django.http import HttpResponse, Http404
 from django.utils import translation
 from django.shortcuts import redirect
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from staticfiles.storage import staticfiles_storage
 
 from edxmako.shortcuts import render_to_response

lms/djangoapps/ccx/views.py

@@ -22,7 +22,7 @@ from django.core.validators import validate_email
 from django.shortcuts import redirect
 from django.utils.translation import ugettext as _
 from django.views.decorators.cache import cache_control
-from django_future.csrf import ensure_csrf_cookie  # pylint: disable=import-error
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.models import User
 

lms/djangoapps/courseware/views.py

@@ -24,7 +24,7 @@ from django.http import Http404, HttpResponse, HttpResponseBadRequest
 from django.shortcuts import redirect
 from certificates import api as certs_api
 from edxmako.shortcuts import render_to_response, render_to_string, marketing_link
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.cache import cache_control
 from django.db import transaction
 from markupsafe import escape

lms/djangoapps/dashboard/sysadmin.py

@@ -25,7 +25,7 @@ from django.utils.translation import ugettext as _
 from django.views.decorators.cache import cache_control
 from django.views.generic.base import TemplateView
 from django.views.decorators.http import condition
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from edxmako.shortcuts import render_to_response
 import mongoengine
 from path import path

lms/djangoapps/debug/views.py

@@ -7,7 +7,7 @@ from django.http import Http404, HttpResponse, HttpResponseNotFound
 from django.contrib.auth.decorators import login_required
 from django.utils.html import escape
 
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from edxmako.shortcuts import render_to_response
 
 from codejail.safe_exec import safe_exec

lms/djangoapps/instructor/hint_manager.py

@@ -11,7 +11,7 @@ import json
 import re
 
 from django.http import HttpResponse, Http404
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 
 from edxmako.shortcuts import render_to_response, render_to_string
 

lms/djangoapps/instructor/views/api.py

@@ -12,7 +12,7 @@ import re
 import time
 import requests
 from django.conf import settings
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.http import require_POST
 from django.views.decorators.cache import cache_control
 from django.core.exceptions import ValidationError, PermissionDenied

lms/djangoapps/instructor/views/instructor_dashboard.py

@@ -12,7 +12,7 @@ import pytz
 from django.contrib.auth.decorators import login_required
 from django.views.decorators.http import require_POST
 from django.utils.translation import ugettext as _
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.cache import cache_control
 from edxmako.shortcuts import render_to_response
 from django.core.urlresolvers import reverse

lms/djangoapps/instructor/views/legacy.py

@@ -20,7 +20,7 @@ from StringIO import StringIO
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.http import HttpResponse
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.cache import cache_control
 from django.core.urlresolvers import reverse
 from django.core.mail import send_mail

lms/djangoapps/static_template_view/views.py

@@ -8,7 +8,7 @@ from mako.exceptions import TopLevelLookupException
 from django.shortcuts import redirect
 from django.conf import settings
 from django.http import HttpResponseNotFound, HttpResponseServerError, Http404
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 
 from util.cache import cache_if_anonymous
 

lms/djangoapps/student_account/views.py

@@ -15,7 +15,7 @@ from django.http import HttpRequest
 from django_countries import countries
 from django.core.urlresolvers import reverse, resolve
 from django.utils.translation import ugettext as _
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.http import require_http_methods
 
 from lang_pref.api import released_languages

openedx/core/djangoapps/course_groups/views.py

@@ -2,7 +2,7 @@
 Views related to course groups functionality.
 """
 
-from django_future.csrf import ensure_csrf_cookie
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.decorators.http import require_POST
 from django.contrib.auth.models import User
 from django.core.paginator import Paginator, EmptyPage