Beispiel #1
0
def main():
    header = u"Content-Type: text/html\n"
    content = []
    blog = Blog()
    post_datas = FieldStorage()
    mode = get_value(post_datas, "mode", "add")
    user = get_value(post_datas, "user")
    password = get_value(post_datas, "password")
    hash = get_value(post_datas, "hash")
    user, power = blog.is_user(user, password, hash)
    post_id = get_value(post_datas, "post")
    target = get_value(post_datas, "target")
    target_password = get_value(post_datas, "target_password")
    power = get_value(post_datas, "power")
    power_exists = (power and power.isdigit() and int(power) < VOICE)
    if not user:
        content.append(protocol.error(_(u"Wrong username/password")))
    elif not (blog.has_power(user, OP if mode == "add" else ROOT) or
            user == post[0]["author"]):
        content.append(protocol.error(_(u"You don't have the permission to do"
                                         " that.")))
    elif not (target and (power_exists and password and mode == "add") or 
             ((power_exists or password) and mode == "edit") or mode == "del"):
        content.append(protocol.error(_(u"Post datas are not set")))
    # It's ok.
    elif mode == "add":
        if not (target_password and power):
            content.append(protocol.error(_(u"Please set a password and"
                                             " permissions.")))
        else:
            ret = blog.add_user(target, target_password, power)
            content.append(protocol.success(ret) if ret else
                    protocol.error(_(u"User exists")))
    elif mode == "edit":
        blog.set_user(target, target_password if target_password else None,
                power if power else None)
        content.append(protocol.success())
    elif mode == "del":
        blog.del_user(target)
        content.append(protocol.success())
    else:
        content.append(protocol.error(_(u"Wrong mode.")))
    print header
    print u"\n".join(content).encode("utf-8", "replace")
Beispiel #2
0
def main():
    header = u"Content-Type: text/html\n"
    content = []
    blog = Blog()
    field_storage = FieldStorage()
    post_datas = {}
    for k in ("author", "password", "hash", "title", "content", "post"):
        post_datas[k] = get_value(field_storage, k)
    mode = get_value(field_storage, "mode", "add")
    captcha_code = get_value(field_storage, "captcha_content")
    captcha_path = get_value(field_storage, "captcha_path")
    post_id = get_value(field_storage, "post")
    user, power = blog.is_user(post_datas["author"], post_datas["password"],
            post_datas["hash"])
    if (blog.get_captcha_code(captcha_path) != captcha_code.strip(" ") and
            not user):
        content.append(protocol.error(_(u"Invalid captcha")))
    elif mode in ("edit", "del", "retrieve") and not (post_id and
            raw_post_id.isdigit()):
        content.append(protocol.error(_(u"Need an id")))
    elif mode == "add":
        if not (post_datas["author"] and post_datas["content"]):
            content.append(protocol.error(_(u"You have to write as least your"
                                            " name and a comment.")))
        elif not post_datas["post"]:
            content.append(protocol.error(_(u"Internal : no post ??")))
        else:
            post_datas["date"] = time()
            post_datas["moderated"] = True if blog.config.getboolean("comment",
                    "auto_moderated") else False
            new_id = blog.add_comment(Comment(**post_datas))
            content.append(protocol.success(_(u"Comment added")))
            blog.clean_captchas(captcha_path)
    elif mode == "del":
        if user:
            blog.del_comment(int(post_id))
            content.append(protocol.succes(_(u"Comment deleted")))
        else:
            content.append(protocol.error(_(u"You don't have the permission for"
                                             " doing this.")))
    elif mode == "edit":
        content.append(error(_("Not implemented")))
    elif mode == "retrieve":
        comment = blog.get_comment_by_id(int(post_id))
        if comment:
            content.append(protocol.succes(protocol.format_comment(comment)))
        else:
            content.append(protocol.error(_(u"No id %s") % post_id))
    else:
        content.append(protocol.error(_(u"You're doing it wrong.")))
        
    if post_datas["post"]:
        content.append(XHTML.tags.A(blog.rewrite(post=post_datas["post"]),
                _("Back to the post")).tostr())
    print header
    print u"\n".join(content).encode("utf-8", "replace")
Beispiel #3
0
def main():
    header = u"Content-Type: text/html\n"
    content = []
    blog = Blog()
    post_datas = FieldStorage()
    mode = get_value(post_datas, "mode", "retrieve")
    user = get_value(post_datas, "user")
    password = get_value(post_datas, "password")
    hash = get_value(post_datas, "hash")
    user, power = blog.is_user(user, password, hash)
    post_id = get_value(post_datas, "post", "")
    if mode in ("retrieve", "edit", "del") and not (post_id and
            post_id.isdigit()):
        content.append(protocol.error(_(u"Variable 'post' is not set.")))

    elif mode == "retrieve":
        post = blog.get_posts(post_id=int(post_id))
        if post:
            content.append(protocol.success(protocol.format_post(post)))
        else:
            content.append(protocol.error(_(u"No id %s." % post_id)))

    elif mode == "add":
        if user and blog.has_power(user, VOICE):
            datas = {"author": user, "date": time()}
            for k, d in (("title", u"No title"), ("tags", u""),
                    ("content", u"")):
                datas[k] = get_value(post_datas, k, d)
            new_id = blog.add_post(Post(**datas))
            content.append(protocol.success(unicode(new_id)))
        else:
            content.append(protocol.error(_(u"Wrong username/password.")))

    elif mode == "edit":
        post_id = get_value(post_datas, "post", "")
        datas = {"author": user, "date": time(), "id": int(post_id)}
        for k, d in (("title", u"No title"), ("tags", u""),
                ("content", u"")):
            datas[k] = get_value(post_datas, k, d)
        post = blog.get_posts(post_id=int(post_id))
        if post:
            if user == post["author"] or blog.has_power(user, HOP):
                blog.edit_post(Post(**datas))
                content.append(protocol.success(unicode(datas["id"])))
            else:
                content.append(protocol.error(_(u"You don't have the permission"
                                                 " to do that.")))
        else:
            content.append(protocol.error(_(u"No id %s.")) % post_id)

    elif mode == "del":
        post_id = get_value(post_datas, "post", "")
        post = blog.get_posts(post_id=int(post_id))
        if user == post["author"] or blog.has_power(user, HOP):
            if blog.del_post(post_id):
                content.append(protocol.error(_(u"(internal)")))
            else:
                content.append(protocol.success())
        else:
            content.append(protocol.error(_(u"You don't have the permission to"
                                             " do that.")))

    else:
        content.append(protocol.error(_(u"Wrong mode.")))

    print header
    print u"\n".join(content).encode("utf-8", "replace")