Beispiel #1
0
 def taskeditform(self, id=None, *args, **kwargs):
     if ormdb == "sqlite":
         # 為了避免跨執行緒使用 SQLite3, 重新 connect 資料庫
         Database.connect()
     user = self.printuser()
     password, adsense, anonymous, mail_suffix, site_closed, read_only = self.parse_config(filename="pygroup_config")
     if read_only == "yes" and user != "admin":
         return "<a href='/'>Go to main page</a><br /><br />error, site is read only!"
     if user == "anonymous" and anonymous != "yes":
         raise cherrypy.HTTPRedirect("login")
     else:
         try:
             query = Task.at(int(id)).select()
             result = query.execute()
             data = result.one()
             output = "user:"******", owner:"+data.owner+"<br /><br />"
             if user != data.owner:
                 if user != "admin":
                     return output + "error! Not authorized!"
                 else:
                     template_lookup = TemplateLookup(directories=[template_root_dir+"/templates"])
                     mytemplate = template_lookup.get_template("taskeditform.html")
                     return mytemplate.render(user=user, id=id, data=data)
             else:
                 template_lookup = TemplateLookup(directories=[template_root_dir+"/templates"])
                 mytemplate = template_lookup.get_template("taskeditform.html")
                 return mytemplate.render(user=user, id=id, data=data)
         except:
             return "error! Not authorized!"
Beispiel #2
0
 def taskdelete(self, id=None, type=None, name=None, content=None, *args, **kwargs):
     if ormdb == "sqlite":
         # 為了避免跨執行緒使用 SQLite3, 重新 connect 資料庫
         Database.connect()
     # check user and data owner
     user = self.printuser()
     password, adsense, anonymous, mail_suffix, site_closed, read_only = self.parse_config(filename="pygroup_config")
     if read_only == "yes" and user != "admin":
         return "<a href='/'>Go to main page</a><br /><br />error, site is read only!"
     if user == "anonymous" and anonymous != "yes":
         raise cherrypy.HTTPRedirect("login")
     query = Task.at(int(id)).select()
     result = query.execute()
     data = result.one()
     now = strftime("%Y-%m-%d %H:%M:%S", localtime())
     output = "user:"******", owner:"+data.owner+"<br /><br />"
     if user != data.owner:
         if user != "admin":
             return "error! Not authorized!"
         else:
             # 若資料為主緒則一併刪除子緒, 若為子緒, 則只刪除該子緒
             if data.follow == 0:
                 # 表示資料為主緒
                 # 先刪除主緒
                 query = Task.at(int(id)).delete()
                 query.execute()
                 # 再刪除所有對應子緒
                 query = Task.where(follow=int(id)).delete()
                 query.execute()
                 output += "所有序列資料已經刪除!<br />"
             else:
                 # 表示資料為子緒
                 query = Task.at(int(id)).delete()
                 query.execute()
                 output += "資料已經刪除!<br />"
     else:
         # 若資料為主緒則一併刪除子緒, 若為子緒, 則只刪除該子緒
         if data.follow == 0:
             # 表示資料為主緒
             # 先刪除主緒
             query = Task.at(int(id)).delete()
             query.execute()
             # 再刪除所有對應子緒
             query = Task.where(follow=int(id)).delete()
             query.execute()
             output += '''所有序列資料已經刪除!<br /><br />
             <a href='/'>Go to main page</a><br />
 '''
         else:
             # 表示資料為子緒
             query = Task.at(int(id)).delete()
             query.execute()
             output += '''資料已經刪除!<br /><br />
             <a href='/'>Go to main page</a><br />
 '''
     return output
Beispiel #3
0
 def taskaction(self, type=None, name=None, follow=0, content=None, ip=None, *args, **kwargs):
     if content == None or name == "":
         return "標題與內容都不可空白!<br /><a href='/'>Go to main page</a><br />"
     else:
         start_time = time.time()
         owner = self.printuser()
         if self.allow_pass(owner) == "no":
             raise cherrypy.HTTPRedirect("login")
         ip = self.client_ip()
         now = datetime.datetime.now(pytz.timezone('Asia/Taipei')).strftime('%Y-%m-%d %H:%M:%S')
         # user 若帶有 @ 則用 at 代替
         if "@" in owner:
             owner = owner.replace('@', 'at')
         content = content.replace('\n', '')
         #invalid_tags = ['table', 'th', 'tr', 'td', 'html', 'body', 'head', 'javascript', 'script', 'tbody', 'thead', 'tfoot', 'div', 'span']
         #content = self.clean_html(content, invalid_tags)
         valid_tags = ['a', 'br', 'h1', 'h2', 'h3', 'p', 'div', 'hr', 'img', 'iframe', 'li', 'ul', 'b', 'ol', 'pre']
         tags = ''
         for tag in valid_tags:
             tags += tag
         content = self.strip_tags(content, tags)
         # 這裡要除掉 </br> 關閉 break 的標註, 否則在部分瀏覽器會產生額外的跳行
         content = str(content).replace('</br>', '')
         time_elapsed = round(time.time() - start_time, 5)
         if ormdb == "sqlite":
             # 為了避免跨執行緒使用 SQLite3, 重新 connect 資料庫
             Database.connect()
         # last insert id 為 data.id
         data = Task.create(owner=owner, name=str(name), type=type, time=str(now), follow=follow, content=content, ip=str(ip))
         # 這裡要與 taskedit 相同, 提供回到首頁或繼續編輯按鈕
         output = "<a href='/'>Go to main page</a><br />"
         output +="<a href='/taskeditform?id="+str(data.id)+"'>繼續編輯</a><br /><br />"
         output += '''以下資料已經更新:<br /><br />
         owner:'''+owner+'''<br />
         name:'''+name+'''<br />
         type:'''+type+'''<br />
         time:'''+str(now)+'''<br />
         content:'''+str(content)+'''<br /><br />
         <a href='/'>Go to main page</a><br />
     '''
         output +="<a href='/taskeditform?id="+str(data.id)+"'>繼續編輯</a><br /><br />"
     
         return output
Beispiel #4
0
 def test_connect(self):
     Database.connect()
     assert Database.conn_is_up()
Beispiel #5
0
 def taskdeleteform(self, id=None, *args, **kwargs):
     if ormdb == "sqlite":
         # 為了避免跨執行緒使用 SQLite3, 重新 connect 資料庫
         Database.connect()
     user = self.printuser()
     password, adsense, anonymous, mail_suffix, site_closed, read_only = self.parse_config(filename="pygroup_config")
     if read_only == "yes" and user != "admin":
         return "<a href='/'>Go to main page</a><br /><br />error, site is read only!"
     if user == "anonymous" and anonymous != "yes":
         raise cherrypy.HTTPRedirect("login")
     else:
         try:
             # 這裡要區分刪除子緒或主緒資料
             # 若刪除子緒, 則 data 只包含子緒資料, 若為主緒, 則 data 必須包含所有資料
             # 先找出資料, 判定是否為主緒
             query = Task.at(int(id)).select()
             result = query.execute()
             data = result.one()
             owner = data.owner
             if user != data.owner:
                 if user != "admin":
                     return output + "error! 非資料擁有者, Not authorized!"
                 else:
                     if data.follow == 0:
                         # 表示該資料為主緒資料
                         # 資料要重新搜尋, 納入子資料
                         query = Task.where((Task.id == id) | (Task.follow == id)).select()
                         result = query.execute()
                         data = result.all()
                         output = "資料為主緒資料<br />"
                         # 增加一個資料類型判斷, main 表資料為主緒
                         type = "main"
                     else:
                         # 表示該資料為子緒資料
                         # 直接採用 data 資料送到 taskdeleteform.html
                         output = "資料為子緒資料<br />"
                         # 增加一個資料類型判斷, alone 表資料為子緒
                         type = "alone"
                     output += "user:"******", owner:"+owner+"<br /><br />"
                     template_lookup = TemplateLookup(directories=[template_root_dir+"/templates"])
                     mytemplate = template_lookup.get_template("taskdeleteform.html")
                     # 這裡的 type 為所要刪除資料的類型, 為 main 或為 alone
                     return mytemplate.render(user=user, id=id, data=data, type=type)
             else:
                 if data.follow == 0:
                     # 表示該資料為主緒資料
                     # 資料要重新搜尋, 納入子資料
                     query = Task.where((Task.id == id) | (Task.follow == id)).select()
                     result = query.execute()
                     data = result.all()
                     output = "資料為主緒資料<br />"
                     # 增加一個資料類型判斷, main 表資料為主緒
                     type = "main"
                 else:
                     # 表示該資料為子緒資料
                     # 直接採用 data 資料送到 taskdeleteform.html
                     output = "資料為子緒資料<br />"
                     # 增加一個資料類型判斷, alone 表資料為子緒
                     type = "alone"
                 output += "user:"******", owner:"+owner+"<br /><br />"
                 template_lookup = TemplateLookup(directories=[template_root_dir+"/templates"])
                 mytemplate = template_lookup.get_template("taskdeleteform.html")
                 # 這裡的 type 為所要刪除資料的類型, 為 main 或為 alone
                 return mytemplate.render(user=user, id=id, data=data, type=type)
         except:
             return "error! 無法正確查詢資料, Not authorized!"
Beispiel #6
0
 def taskedit(self, id=None, type=None, name=None, content=None, *args, **kwargs):
     if ormdb == "sqlite":
         # 為了避免跨執行緒使用 SQLite3, 重新 connect 資料庫
         Database.connect()
     # check user and data owner
     if id == None:
         return "error<br /><br /><a href='/'>Go to main page</a><br />"
     user = self.printuser()
     password, adsense, anonymous, mail_suffix, site_closed, read_only = self.parse_config(filename="pygroup_config")
     if read_only == "yes" and user != "admin":
         return "<a href='/'>Go to main page</a><br /><br />error, site is read only!"
     if user == "anonymous" and anonymous != "yes":
         raise cherrypy.HTTPRedirect("login")
     query = Task.at(int(id)).select()
     result = query.execute()
     data = result.one()
     now = strftime("%Y-%m-%d %H:%M:%S", localtime())
     
     # Python 3.x:
     #import html.parser
     #html_parser = html.parser.HTMLParser()
     #content = html_parser.unescape(content)
     # 過濾資料
     content = content.replace('\n', '')
     #invalid_tags = ['table', 'th', 'tr', 'td', 'html', 'body', 'head', 'javascript', 'script', 'tbody', 'thead', 'tfoot', 'div', 'span']
     #content = self.clean_html(content, invalid_tags)
     valid_tags = ['a', 'br', 'h1', 'h2', 'h3', 'p', 'div', 'hr', 'img', 'iframe', 'li', 'ul', 'b', 'ol', 'pre']
     tags = ''
     for tag in valid_tags:
         tags += tag
     content = self.strip_tags(content, tags)
     #content = self.html_filter(content, valid_tags)
     # 這裡要除掉 </br> 關閉 break 的標註, 否則在部分瀏覽器會產生額外的跳行
     content = str(content).replace('</br>', '')
     output = "user:"******", owner:"+data.owner+"<br /><br />"
     if user != data.owner:
         if  user != "admin":
             return "error! Not authorized!"
         else:
             query = Task.at(int(id)).update(type=type, name=name, content=content, time=str(now))
             query.execute()
             output += "<a href='/'>Go to main page</a><br />"
             output +="<a href='/taskeditform?id="+str(id)+"'>繼續編輯</a><br /><br />"
             output += '''以下資料已經更新:<br /><br />
             owner:'''+data.owner+'''<br />
             name:'''+name+'''<br />
             type:'''+type+'''<br />
             time:'''+str(now)+'''<br />
             content:'''+str(content)+'''<br /><br />
             <a href='/'>Go to main page</a><br />
 '''
             output +="<a href='/taskeditform?id="+str(id)+"'>繼續編輯</a><br />"
     else:
         query = Task.at(int(id)).update(type=type, name=name, content=str(content), time=str(now))
         query.execute()
         output += "<a href='/'>Go to main page</a><br />"
         output +="<a href='/taskeditform?id="+str(id)+"'>繼續編輯</a><br /><br />"
         output += '''以下資料已經更新:<br /><br />
         owner:'''+data.owner+'''<br />
         name:'''+name+'''<br />
         type:'''+type+'''<br />
         time:'''+str(now)+'''<br />
         content:'''+str(content)+'''<br /><br />
         <a href='/'>Go to main page</a><br />
 '''
         output +="<a href='/taskeditform?id="+str(id)+"'>繼續編輯</a><br />"
         
     return output
Beispiel #7
0
    def index(self, page=1, item_per_page=5, id=0, flat=0, desc=0, keyword=None, *args, **kwargs):
        if ormdb == "sqlite":
            # 為了避免跨執行緒使用 SQLite3, 重新 connect 資料庫
            Database.connect()
        user = self.printuser()
        # 這裡不用 self.allow_pass 原因在於需要 adsense 變數
        saved_password, adsense, anonymous, mail_suffix, site_closed, read_only = self.parse_config(filename="pygroup_config")
        if user == "anonymous" and anonymous != "yes":
            if id != 0:
                raise cherrypy.HTTPRedirect("login?id="+id)
            else:
                raise cherrypy.HTTPRedirect("login")
        if adsense == "yes":
            filename = data_dir+"adsense_content"
            with open(filename, encoding="utf-8") as file:
                adsense_content = file.read()
        else:
            adsense_content = ""
        #ip = cherrypy.request.remote.ip
        ip = self.client_ip()
        template_lookup = TemplateLookup(directories=[template_root_dir+"/templates"])
        # 必須要從 templates 目錄取出 tasklist2.html
        mytemplate = template_lookup.get_template("tasklist.html")
        # 這裡要加入單獨根據 id 號, 列出某一特定資料緒的分支
        # 若 id 為 0 表示非指定列出各別主緒資料, 而是列出全部資料
        # 這時可再根據各筆資料列印時找出各主緒資料的附屬資料筆數
        # 加入 flat = 1 時, 列出所有資料
        # 請注意這裡直接從 tasksearchform.html 中的關鍵字查詢, 指定以 tasklist 執行, 但是無法單獨列出具有關鍵字的 task 資料, 而是子緒有關鍵字時, 也是列出主緒資料
        if keyword == None:
            if id == 0:
                if flat == 0:
                    # 只列出主資料緒
                    # desc 為 0 表示要 id 由小到大排序列出資料
                    if desc == 0:
                        method = "?"
                        query = Task.where(Task.follow==0).select()
                    else:
                        # desc 為 1 表示 id 反向排序
                        method = "?desc=1"
                        query = Task.where(Task.follow==0).orderby(Task.id, desc=True).select()
                    result = query.execute()
                    data = result.all()

                else:
                    # flat 為 1 表示要列出所有資料
                    # 原先沒有反向排序, 內建使用正向排序
                    if desc == 0:
                        method = "?flat=1"
                        query = Task.select()
                    else:
                        method = "?flat=1&desc=1"
                        query = Task.orderby(Task.id, desc=True).select()
                    result = query.execute()
                    data = result.all()
            else:
                method = "?id="+str(id)
                # 設法列出主資料與其下屬資料緒, 這裡是否可以改為 recursive 追蹤多緒資料
                # 只列出主緒與下一層子緒資料
                query = Task.where((Task.id == id) | (Task.follow == id)).select()
                result = query.execute()
                data = result.all()
        else:
            # 有關鍵字查詢時(只查 owner, content, type 與 name), 只列出主資料緒
            #flat = 1
            method = "?keyword="+keyword+"&flat="+str(flat)
            query = Task.where((Task.content.like('%%%s%%' % (keyword))) | (Task.name.like('%%%s%%' % (keyword))) | \
            (Task.owner.like('%%%s%%' % (keyword))) | \
            (Task.type.like('%%%s%%' % (keyword))) \
                ).select()
            result = query.execute()
            data = result.all()
        follow = []
        for task in data:
            # 改為 mysql
            query = Task.where((Task.follow == task.id)).select()
            result = query.execute()
            follow_data = result.all()
            follow.append(len(follow_data))
        #
        # 送出 user, id, flat, method 與 data
        #
        # 增加傳送 read_only, 若 read_only = yes 則不列出 taskform, 而且所有新增編輯刪除功能均失效
        #
        return mytemplate.render(user=user, id=id, flat=flat, method=method, data=data,  \
            page=page, item_per_page=item_per_page, ip=ip, follow=follow, keyword=keyword, \
            adsense_content=adsense_content, adsense=adsense, anonymous=anonymous, \
            site_closed=site_closed, read_only=read_only)