def handle_submit(self, converted):
context = self.context
request = self.request
workflow = self.workflow
# *will be* modified event
objectEventNotify(ObjectWillBeModifiedEvent(context))
if 'security_state' in converted:
if workflow is not None:
workflow.transition_to_state(context, request,
converted['security_state'])
context.title = converted['title']
context.text = converted['text']
context.description = extract_description(converted['text'])
# Tags and attachments
set_tags(context, request, converted['tags'])
creator = authenticated_userid(request)
attachments_folder = context['attachments']
upload_attachments(converted['attachments'], attachments_folder,
creator, request)
# modified
context.modified_by = authenticated_userid(request)
objectEventNotify(ObjectModifiedEvent(context))
location = model_url(context, request)
self.filestore.clear()
return HTTPFound(location=location)
def handle_submit(self, converted):
context = self.context
request = self.request
workflow = self.workflow
# *will be* modified event
objectEventNotify(ObjectWillBeModifiedEvent(context))
if workflow is not None:
if 'security_state' in converted:
workflow.transition_to_state(context, request,
converted['security_state'])
context.title = converted['title']
context.text = converted['text']
context.description = extract_description(converted['text'])
# Save the tags on it
set_tags(context, request, converted['tags'])
# Save new attachments
creator = authenticated_userid(request)
if support_attachments(context):
upload_attachments(converted['attachments'], context['attachments'],
creator, request)
# Modified
context.modified_by = authenticated_userid(request)
objectEventNotify(ObjectModifiedEvent(context))
location = model_url(context, request,
query={'status_message':'Forum Topic Edited'})
return HTTPFound(location=location)
def handle_submit(self, converted):
context = self.context
request = self.request
# create the page and store it
creator = authenticated_userid(request)
page = create_content(IPage,
converted['title'],
converted['text'],
extract_description(converted['text']),
creator,
)
name = make_unique_name(context, converted['title'])
context[name] = page
# tags and attachments
set_tags(page, request, converted['tags'])
attachments_folder = page['attachments']
upload_attachments(converted['attachments'], attachments_folder,
creator, request)
relocate_temp_images(page, request)
# update ordering if in ordered container
if hasattr(context, 'ordering'):
context.ordering.add(name)
location = model_url(page, request)
self.filestore.clear()
return HTTPFound(location=location)
def add_to_repo(obj, event):
"""
Add a newly created object to the version repository.
Intended use is as an IObjectAddedEvent subscriber.
"""
repo = find_repo(obj)
if repo is None:
return
try:
# If we're undeleting an object, it might already be in the repo
repo.history(obj.docid)
except:
# It is not in the repo, so add it
adapter = queryAdapter(obj, IObjectVersion)
if adapter is not None:
if adapter.comment is None:
adapter.comment = 'Content created.'
repo.archive(adapter)
container = event.parent
adapter = queryAdapter(container, IContainerVersion)
if adapter is not None:
request = get_current_request()
user = authenticated_userid(request)
repo.archive_container(adapter, user)
# Recurse into children if adding a subtree
if IFolder.providedBy(obj):
for name, child in obj.items():
fake_event = FakeEvent()
fake_event.parent = obj
add_to_repo(child, fake_event)
def handle_submit(self, converted):
context = self.context
request = self.request
workflow = self.workflow
name = make_unique_name(context, converted['title'])
creator = authenticated_userid(request)
topic = create_content(IForumTopic,
converted['title'],
converted['text'],
creator,
)
topic.description = extract_description(converted['text'])
context[name] = topic
# Set up workflow
if workflow is not None:
workflow.initialize(topic)
if 'security_state' in converted:
workflow.transition_to_state(topic, request,
converted['security_state'])
# Tags and attachments
set_tags(context, request, converted['tags'])
if support_attachments(topic):
upload_attachments(converted['attachments'], topic['attachments'],
creator, request)
location = model_url(topic, request)
return HTTPFound(location=location)
def __init__(self, context, request):
self.context = context
self.request = request
self.username = authenticated_userid(request)
self.path = model_path(context)
self.catalog = find_catalog(context)
self.tags = find_tags(context)
def handle_submit(self, converted):
context = self.context
request = self.request
parent = self.parent
creator = authenticated_userid(request)
log.debug('add_comment.html converted: %s, ctx: %s' % (str(converted),
self.context))
comment = create_content(
IComment,
parent.title,
converted['add_comment'],
extract_description(converted['add_comment']),
creator,
)
if not 'comments' in parent.keys():
parent['comments'] = create_content(ICommentsFolder)
comments = parent['comments']
next_id = comments.next_id
comments[next_id] = comment
if support_attachments(comment):
upload_attachments(converted['attachments'], comment,
creator, request)
return self.status_response('Comment added')
def __init__(self, context, request, page_title=None):
self.context = context
self.request = request
self.snippets = get_template("templates/snippets.pt")
self.snippets.doctype = xhtml
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + "/profiles/%s" % self.userid
self.here_url = self.context_url = model_url(context, request)
self.view_url = model_url(context, request, request.view_name)
settings = queryUtility(ISettings)
self.js_devel_mode = settings and getattr(settings, "js_devel_mode", None)
self.static_url = "%s/static/%s" % (app_url, _get_static_rev())
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = getattr(settings, "full_static_path", False)
if full_static_path:
if "%d" in full_static_path:
full_static_path = full_static_path % _start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = get_setting(context, "system_name", "KARL")
self.user_is_admin = "group.KarlAdmin" in effective_principals(request)
site = find_site(context)
self.admin_url = model_url(site, request, "admin.html")
self.site_announcement = getattr(site, "site_announcement", "")
def login(context, request):
referrer = request.url
if referrer == '/login.html':
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
logging.debug("views.py::login Logging in...")
if 'login' in request.POST.keys():
login = request.params['login']
password = request.params['password']
accounts = context['accounts']
#import pdb; pdb.set_trace()
if password and accounts.has_key(login) and str(password) == str(
accounts.get(login).password):
headers = remember(request, login)
logging.debug("views.py::login : Login OK.")
return HTTPFound(location=came_from, headers=headers)
master = get_template('templates/master.pt')
logged_in = authenticated_userid(request)
return rtr(
'templates/login.pt',
context=context,
request=request,
master=master,
message='',
logged_in=logged_in,
came_from=came_from)
def receive(context,request):
logging.debug("Receiving Katz...")
post = request.POST
logged_in = authenticated_userid(request)
accounts = context['accounts']
errors={}
message = ''
master = get_template('templates/master.pt')
if post.has_key('amount'):
source = post.get('source','')
amount = post.get('amount','')
target = accounts.get(logged_in)
logging.debug("Source: %s Amount: %s Target: %s",source,amount,target)
#errors = context['transactions'].isTransactionInvalid(source,logged_in,amount)
if str(post.get('pin','')) != str(target.password):
logging.error("views.py::receive Invalid pin")
errors['pin'] = 'invalid pin'
try:
tacc = accounts.get(logged_in)
sacc = accounts.get(source)
sacc.transfer(logged_in,amount)
return rtr('templates/paid.pt',context=context,request=request,master=master,logged_in=logged_in,source=sacc,target=tacc,amount=amount,message=message)
except Errors, e:
errors.update(e.message)
if errors:
message= 'please correct the errors'
def _get_criteria(request):
principals = effective_principals(request)
principals = [x for x in principals if not x.startswith('system.')]
# Check to see if we're asking for only "my" communities.
filterby = request.params.get('filter', '')
# cookie must be set even if param is empty or non-existent, to make
# the no-filter button sticky.
header = ('Set-Cookie', '%s=%s; Path=/' % (_FILTER_COOKIE, str(filterby)))
request.cookies[_FILTER_COOKIE] = filterby
request.response_headerlist = [header]
if filterby == 'mycommunities':
principals = [x for x in principals if not x.startswith('group.Karl')]
if filterby == 'mycontent':
created_by = authenticated_userid(request)
elif filterby.startswith('profile:'):
created_by = filterby[len('profile:'):]
elif filterby.startswith('community:'):
created_by = None
community = filterby[len('community:'):]
prefix = 'group.community:%s' % community
principals = [x for x in principals if x.startswith(prefix)]
else:
created_by = None
return principals, created_by
def handle_submit(self, converted):
request = self.request
context = self.context
# *will be* modified event
objectEventNotify(ObjectWillBeModifiedEvent(context))
simple_fields = ['title', 'text', 'caption', 'publication_date']
for field in simple_fields:
setattr(context, field, converted[field])
# save tags, attachments, photo
set_tags(context, request, converted['tags'])
userid = authenticated_userid(request)
attachments_folder = context['attachments']
upload_attachments(converted['attachments'], attachments_folder,
userid, request)
handle_photo_upload(context, converted)
self.filestore.clear
# mark as modified
context.modified_by = userid
objectEventNotify(ObjectModifiedEvent(context))
location = model_url(context, request)
msg = "?status_message=News%20Item%20edited"
return HTTPFound(location=location+msg)
def handle_submit(self, converted):
request = self.request
context = self.context
#create the news item and store it
creator = authenticated_userid(request)
newsitem = create_content(
INewsItem,
title=converted['title'],
text=converted['text'],
creator=creator,
publication_date=converted['publication_date'],
caption=converted['caption'],
)
name = make_unique_name(context, converted['title'])
context[name] = newsitem
# tags, attachments, and photos
set_tags(newsitem, request, converted['tags'])
attachments_folder = newsitem['attachments']
upload_attachments(converted['attachments'], attachments_folder,
creator, request)
try:
handle_photo_upload(newsitem, converted)
except Invalid, e:
raise ValidationError(**e.error_dict)
def delete_profile_view(context, request):
confirm = request.params.get('confirm')
if confirm:
parent = context.__parent__
name = context.__name__
find_users(context).remove(name)
del parent[name]
if authenticated_userid(request) == name:
return logout_view(context, request, reason='User removed')
query = {'status_message': 'Deleted profile: %s' % name}
location = model_url(parent, request, query=query)
return HTTPFound(location=location)
page_title = 'Delete Profile for %s %s' % (context.firstname,
context.lastname)
api = TemplateAPI(context, request, page_title)
# Get a layout
return render_template_to_response(
'templates/delete_profile.pt',
api=api,
)
def send(context, request):
logging.debug("Sending katz...")
post = request.POST
logged_in = authenticated_userid(request)
accounts = context["accounts"]
errors = {}
message = ""
if post.has_key("amount"):
source = accounts.get(logged_in)
amount = post.get("amount", "")
target = post.get("target", "")
logging.debug("Source: %s Amount: %s Target: %s", source, amount, target)
# errors = context['transactions'].isTransactionInvalid(logged_in,target,amount)
if str(post.get("pin", "")) != str(source.password):
logging.error("views.py::send Wrong pin")
errors["pin"] = "wrong pin"
try:
source.transfer(target, amount)
logging.debug("Sending katz successful")
except Errors, e:
errors.update(e.message)
if len(errors):
message = "please correct the errors"
else:
return HTTPFound(location="/")
def _get_user_home_path(context, request):
"""If currently authenticated user has a 'home_path' set, create a response
redirecting user to that path. Otherwise return None.
"""
userid = authenticated_userid(request)
if userid is None:
return None, None
site = find_site(context)
profiles = find_profiles(site)
profile = profiles.get(userid, None)
if profile is None:
return None, None
home_path = getattr(profile, 'home_path', None)
if home_path:
# OSI sets this to a single space to mean None
home_path = home_path.strip()
if not home_path:
return None, None
tdict = traverse(site, home_path)
target = tdict['context']
view_name = tdict['view_name']
subpath = list(tdict['subpath'])
if view_name:
subpath.insert(0, view_name)
return target, subpath
def view_login_redirect(request):
user_id = authenticated_userid(request)
if user_id:
return HTTPFound(location = request.application_url)
else:
return HTTPFound(location = request.application_url + '/login?failed=1')
def send(context, request):
logging.debug("Sending katz...")
post = request.POST
logged_in = authenticated_userid(request)
accounts = context['accounts']
errors = {}
message = ''
if post.has_key('amount'):
source = accounts.get(logged_in)
amount = post.get('amount', '')
target = post.get('target', '')
logging.debug("Source: %s Amount: %s Target: %s", source, amount,
target)
#errors = context['transactions'].isTransactionInvalid(logged_in,target,amount)
if str(post.get('pin', '')) != str(source.password):
logging.error("views.py::send Wrong pin")
errors['pin'] = 'wrong pin'
try:
source.transfer(target, amount)
logging.debug("Sending katz successful")
except Errors, e:
errors.update(e.message)
if len(errors):
message = 'please correct the errors'
else:
return HTTPFound(location='/')
def edit_referencesection_view(context, request):
tags_list = request.POST.getall('tags')
form = EditReferenceSectionForm(tags_list=tags_list)
if 'form.cancel' in request.POST:
return HTTPFound(location=model_url(context, request))
if 'form.submitted' in request.POST:
try:
converted = form.validate(request.POST)
# *will be* modified event
objectEventNotify(ObjectWillBeModifiedEvent(context))
context.title = converted['title']
context.description = converted['description']
# Save the tags on it
set_tags(context, request, converted['tags'])
# Modified
context.modified_by = authenticated_userid(request)
objectEventNotify(ObjectModifiedEvent(context))
location = model_url(context, request)
msg = "?status_message=Reference%20section%20edited"
return HTTPFound(location=location+msg)
except Invalid, e:
fielderrors = e.error_dict
fill_values = form.convert(request.POST)
def get_preferred_communities(context, request):
profiles = find_profiles(context)
userid = authenticated_userid(request)
profile = profiles[userid]
# old profiles will not have this attribute, so to be safe use getattr
preferred_communities = getattr(profile, 'preferred_communities', None)
return preferred_communities
def add_referencemanual_view(context, request):
tags_list=request.POST.getall('tags')
form = AddReferenceManualForm(tags_list=tags_list)
if 'form.cancel' in request.POST:
return HTTPFound(location=model_url(context, request))
if 'form.submitted' in request.POST:
try:
converted = form.validate(request.POST)
# Create the reference manual and store it
creator = authenticated_userid(request)
reference_manual = create_content(IReferenceManual,
converted['title'],
converted['description'],
creator,
)
name = make_unique_name(context, converted['title'])
context[name] = reference_manual
# Save the tags on it.
set_tags(reference_manual, request, converted['tags'])
location = model_url(reference_manual, request)
return HTTPFound(location=location)
except Invalid, e:
fielderrors = e.error_dict
fill_values = form.convert(request.POST)
tags_field = dict(
records = [dict(tag=t) for t in request.POST.getall('tags')]
)
def handle_submit(self, converted):
context = self.context
request = self.request
workflow = self.workflow
name = make_unique_name(context, converted['title'])
creator = authenticated_userid(request)
folder = create_content(ICommunityFolder,
converted['title'],
creator,
)
context[name] = folder
if workflow is not None:
workflow.initialize(folder)
if 'security_state' in converted:
workflow.transition_to_state(folder, request,
converted['security_state'])
# Tags, attachments, alerts
set_tags(folder, request, converted['tags'])
# Make changes post-creation based on policy in src/osi
customizer = queryMultiAdapter((folder, request), IFolderCustomizer)
if customizer:
for interface in customizer.markers:
alsoProvides(folder, interface)
location = model_url(folder, request)
return HTTPFound(location=location)
def deactivate_profile_view(context, request):
name = context.__name__
myself = authenticated_userid(request) == context.__name__
confirm = request.params.get('confirm')
if confirm:
try:
find_users(context).remove(name)
except KeyError:
pass
to_profile_inactive(context)
if myself:
return logout_view(context, request, reason='User removed')
query = {'status_message': 'Deactivated user account: %s' % name}
parent = context.__parent__
location = model_url(parent, request, query=query)
return HTTPFound(location=location)
page_title = 'Deactivate user account for %s %s' % (context.firstname,
context.lastname)
api = request.api
api.page_title = page_title
# Show confirmation page.
return dict(api=api, myself=myself)
def site_announcement_view(context, request):
"""
Edit the text of the site announcement, which will be displayed on
every page for every user of the site.
"""
api = AdminTemplateAPI(context, request, 'Admin UI: Move Content')
userid = authenticated_userid(request)
site = find_site(context)
if 'submit-site-announcement' in request.params:
annc = request.params.get('site-announcement-input', '').strip()
log.debug('site-announcement-input: %s' % annc)
if annc:
# we only take the content of the first <p> tag, with
# the <p> tags stripped
paramatcher = re.compile('<[pP]\\b[^>]*>(.*?)</[pP]>')
match = paramatcher.search(annc)
if match is not None:
annc = match.groups()[0]
site.site_announcement = {
'text': annc,
'userid': userid,
'timestamp': datetime.now(),
}
if 'remove-site-announcement' in request.params:
site.site_announcement = {}
return dict(
api=api,
menu=_menu_macro()
)
def handle_submit(self, converted):
context = self.context
request = self.request
userid = authenticated_userid(request)
# *will be* modified event
objectEventNotify(ObjectWillBeModifiedEvent(context))
context.title = converted['title']
context.text = converted['text']
context.description = extract_description(converted['text'])
# tags and attachments
set_tags(context, request, converted['tags'])
creator = userid
attachments_folder = context['attachments']
upload_attachments(converted['attachments'], attachments_folder,
creator, request)
# modified
context.modified_by = userid
objectEventNotify(ObjectModifiedEvent(context))
self.filestore.clear()
location = model_url(context, request)
msg = "?status_message=Page%20edited"
return HTTPFound(location=location+msg)
def handle_submit(self, converted):
context = self.context
request = self.request
workflow = self.workflow
# *will be* modified event
objectEventNotify(ObjectWillBeModifiedEvent(context))
if workflow is not None:
if 'security_state' in converted:
workflow.transition_to_state(context, request,
converted['security_state'])
context.text = converted['text']
context.description = extract_description(converted['text'])
newtitle = converted['title']
if newtitle != context.title:
context.change_title(newtitle)
# Save the tags on it
set_tags(context, request, converted['tags'])
# Modified
context.modified_by = authenticated_userid(request)
objectEventNotify(ObjectModifiedEvent(context))
location = model_url(context, request)
msg = "?status_message=Wiki%20Page%20edited"
return HTTPFound(location=location+msg)
def login(context, request):
referrer = request.url
if referrer == "/login.html":
referrer = "/" # never use the login form itself as came_from
came_from = request.params.get("came_from", referrer)
logging.debug("views.py::login Logging in...")
if "login" in request.POST.keys():
login = request.params["login"]
password = request.params["password"]
accounts = context["accounts"]
# import pdb; pdb.set_trace()
if password and accounts.has_key(login) and str(password) == str(accounts.get(login).password):
headers = remember(request, login)
logging.debug("views.py::login : Login OK.")
return HTTPFound(location=came_from, headers=headers)
master = get_template("templates/master.pt")
logged_in = authenticated_userid(request)
return rtr(
"templates/login.pt",
context=context,
request=request,
master=master,
message="",
logged_in=logged_in,
came_from=came_from,
)
def handle_submit(self, converted):
request = self.request
context = self.context
workflow = self.workflow
wikipage = create_content(
IWikiPage,
converted['title'],
converted['text'],
extract_description(converted['text']),
authenticated_userid(request),
)
name = make_name(context, converted['title'])
context[name] = wikipage
if workflow is not None:
workflow.initialize(wikipage)
if 'security_state' in converted:
workflow.transition_to_state(wikipage,
request,
converted['security_state'])
# Save the tags on it.
set_tags(wikipage, request, converted['tags'])
relocate_temp_images(wikipage, request)
if converted['sendalert']:
alerts = queryUtility(IAlerts, default=Alerts())
alerts.emit(wikipage, request)
msg = '?status_message=Wiki%20Page%20created'
location = model_url(wikipage, request) + msg
return HTTPFound(location=location)
def handle_submit(self, validated):
context = self.context
request = self.request
name = make_unique_name(context, validated['title'])
creator = authenticated_userid(request)
text = safe_html(validated['description'])
topic = create_content(IForumTopic,
validated['title'],
text,
creator,
)
if text:
topic.description = extract_description(text)
else:
topic.description = validated['title']
context[name] = topic
if request.POST.get('return_to') is not None:
location = request.POST['return_to']
return render_template_to_response('templates/javascript_redirect.pt',
url=location)
else:
location = model_url(topic, request)
return HTTPFound(location=location)
def deactivate_profile_view(context, request):
name = context.__name__
myself = authenticated_userid(request) == context.__name__
confirm = request.params.get("confirm")
if confirm:
try:
find_users(context).remove(name)
except KeyError:
pass
workflow = get_workflow(IProfile, "security", context)
workflow.transition_to_state(context, request, "inactive")
if myself:
return logout_view(context, request, reason="User removed")
query = {"status_message": "Deactivated user account: %s" % name}
parent = context.__parent__
location = model_url(parent, request, query=query)
return HTTPFound(location=location)
page_title = "Deactivate user account for %s %s" % (context.firstname, context.lastname)
api = TemplateAPI(context, request, page_title)
# Show confirmation page.
return dict(api=api, myself=myself)
def authenticated_user(request):
user_id = authenticated_userid(request)
try:
session = DBSession()
user = session.query(User).filter_by(user_name=user_id).one()
user.__parent__ = request.root['users']
return user
except NoResultFound:
return None
