def edit(id=0): note = db.query(Note).get(id) if not note: flash("Note {} not found.".format(id)) return redirect(url_for('notes.index')) if access.access(note) < access.EDIT: return access.forbidden_page() if request.args.get("action") == "view": note.text = request.args.get("text") note.name = request.args.get("name") db.commit() flash("{} saved.".format(note.name)) return redirect(url_for("notes.view", id=id)) elif request.args.get("action") == "save": note.text = request.args.get("text") note.name = request.args.get("name") db.commit() flash("{} saved.".format(note.name)) return redirect(url_for("notes.edit", id=id)) elif request.args.get("action") == "delete": note.labels.clear() db.delete(note) db.commit() flash("{} deleted.".format(note.name)) return redirect(url_for('notes.index')) else: return render_template( 'edit_note.html', note=note, )
def index(): notes = [ note for note in db.query(Note).all() if access.access(note) > access.NOTHING ] return render_template("notes.html", notes=notes)
def view(id=0): label = db.query(Label).get(id) if not label: flash("Label {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(label) < access.VIEW: return access.forbidden_page() # TODO: SQL filtering labeled = [i for i in label.labeling if access.access(i) >= access.VIEW] bms = [i for i in labeled if i.type == "bookmark"] lbls = [i for i in labeled if i.type == "label"] bms.sort(key=lambda x: x.created_timestamp) lbls.sort(key=lambda x: x.created_timestamp) return render_template( "bm_results.html", bookmarks=bms, label=label, labels=lbls, #VIEW RIGHTS backs=label.labels, #VIEW RIGHTS signed=signed)
def access(chuml_node): if current_user.name == "admin": return ADMIN if current_user == chuml_node.author: return ADMIN policy = chuml_node.access if policy == None: return NOTHING # public share public_access = policy.public_can # link share secret = request.args.get("secret") if secret == policy.secret: link_access = policy.with_secret_can else: link_access = NOTHING # individual share user_access = db.query(UserAccess).get({ "user_id": current_user.id, "access_policy_id": policy.id }) if user_access: individual_access = user_access.user_can else: individual_access = NOTHING return max(public_access, link_access, individual_access)
def edit_post(id=0): label = db.query(Label).get(id) if not label: return "label {} not found".format(id) if access.access(label) < access.EDIT: return "access forbidden to {}".format(id) try: action = get_arg("action") if action == "set_name": label.name = get_arg("name") db.commit() return "success: name set" elif action == "delete": label.labels.clear() db.delete(label) db.commit() return "success: deleted" else: return "nothing done" except Exception as e: print("===== labels =====") print(e) print("==================") db.rollback() return str(e)
def add(): query = request.args.get("q") # TODO: add override warning if query: query = query.split() print("[bookmarks]", query) url = query.pop() if url[:4] != "http": url = "http://" + url label_name = query[0] words = query[1:] name = " ".join(words) if not name: name = get_page_title(url) label = db.query(Label).filter_by(name=label_name, author=current_user).one_or_none() if not label: label = labels.internal_add(label_name, current_user) internal_add(name, url, current_user, [label]) return ("Bookmark</br>" + "<b>" + name + "</b> -> <a href=" + url + ">" + url + "</a>" + "</br>with label <b>" + label_name + "</b>" + "</br>added.") return "bookmark.add requires argment q"
def edit_post(id=0): bm = db.query(Bookmark).get(id) if not bm: flash("Bookmark {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(bm) < access.EDIT: return access.forbidden_page() try: action = get_arg("action") if action == "set_name": bm.name = get_arg("name") db.commit() return "success: name set" elif action == "set_url": bm.url = get_arg("url") db.commit() return "success: url set" elif action == "delete": bm.labels.clear() db.delete(bm) db.commit() return "success: deleted" else: return "nothing done" except Exception as e: print("===== bookmarks =====") print(e) print("==================") db.rollback() return str(e)
def add(): if "q" in request.args: words = extended_split(request.args.get("q")) key, url, search = (words + 3 * [""])[:3] print("=======q=", [request.args.get("q"), key, url, search]) return redirect(url_for("search.add", key=key, url=url, search=search)) elif "key" in request.args and request.args.get("url"): key = request.args.get("key") # why to control key? #if not key.replace(" ","").replace("_","").replace("-","").isalnum(): # return "Invalid key." url = request.args.get("url") engine = db.query(SearchEngine).filter_by( key=key, author=current_user).one_or_none() if engine: force = request.args.get("force") if not force == "True": return render_template( "add.html", caption="{key} already points at {url}".format( key=key, url=engine.search if engine.search else engine.url), key=request.args.get("key", ""), url=request.args.get("url", ""), search=request.args.get("search", ""), force="True", button="Override") else: print("===========editing==to==", url) engine.url = url engine.search = request.args.get("search") db.commit() else: engine = SearchEngine( url=url, key=key, search=request.args.get("search"), ) db.add(engine) db.commit() return """ <b>{key}</b> -> {url} <br/> added <br/> <a href="{url}">back</a> """.format(key=key, url=engine.url) else: return render_template( "add.html", caption="example search: https://www.google.com/search?q={query}", key=request.args.get("key", ""), url=request.args.get("url", ""), search=request.args.get("search", ""), force="", button="Submit")
def load_or_write(key): item = db.query(Sensitive).get(key) if not item: value = input("Enter " + key + ":") db.add(Sensitive(key=key,value=value)) db.commit() else: value = item.value return value
def edit_get(id=0): bm = db.query(Bookmark).get(id) if not bm: flash("Bookmark {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(bm) < access.EDIT: return access.forbidden_page() return render_template("edit_bookmark.html", bm=bm)
def internal_add(name, author, labels=[], t=None): if t == None: t = int(time.time()) if db.query(Label).filter_by(name=name, author=author).all(): label = db.query(Label).filter_by(name=name, author=author).first() else: label = Label(name=name, author=author, created_timestamp=t, updated_timestamp=t) db.add(label) for l in labels: if not l in label.labels: label.labels.append(l) db.commit() return label
def edit_get(id=0): label = db.query(Label).get(id) if not label: flash("Label {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(label) < access.EDIT: return access.forbidden_page() return render_template("edit_label.html", label=label)
def line(): query = request.args.get("q") if not query: return render_template("search.html", engine="") words = query.split() keyword = words[0] exp = " ".join(words[1:]) engine = db.query(SearchEngine).filter_by( key=keyword, author=current_user).one_or_none() if engine: """ if db.query(SearchEngine).filter_by( key=keyword, author=current_user ).all(): keyword = "" engine = None exp = None for i,word in enumerate(words): if db.query(SearchEngine).filter_by( key=keyword+word, author=current_user).all(): keyword += word engine = db.query(SearchEngine).filter_by( key=keyword, author=current_user ).first() else: exp = " ".join(words[i:]) print("=======line==exp=", exp) """ if not exp: return redirect(engine.url) if engine.search: return redirect(engine.search.format(query=quote(exp))) """ elif keyword == "add": exp = " ".join(query.split()[1:]) return redirect(url_for("search.add",q=exp)) elif keyword == "bm": exp = " ".join(query.split()[1:]) return redirect(url_for("bookmarks.search",q=exp)) elif keyword == "lb": exp = " ".join(query.split()[1:]) return redirect(url_for("labels.search",q=exp)) elif keyword == "a": blogid = query.split(" ")[1] line = " ".join(query.split()[2:]) return redirect(url_for("blog.append",id=blogid,line=line))""" return redirect("https://google.com/search?q=" + query)
def edit_post(id=0): node = db.query(Node).get(id) if not node: return "node {} not found".format(id) if access.access(node) < access.EDIT: return "access forbidden to node {}".format(id) try: action = get_arg("action") if action == "remove_label": label_name = get_arg("label_name") label = db.query(Label).filter_by( author=current_user, name=label_name, ).one_or_none() node.labels.remove(label) db.commit() return "success: label removed" elif action == "add_label": label_name = get_arg("label_name") label = db.query(Label).filter_by( author=current_user, name=label_name, ).one_or_none() if not label: label = Label(name=name) db.add(label) db.commit() node.labels.append(label) db.commit() return "success: label added" else: return "nothing done" except Exception as e: print("===== nodes =====") print(e) print("==================") db.rollback() return str(e)
def view(id=0): note = db.query(Note).get(id) if not note: flash("Note {} not found.".format(id)) return redirect(url_for('notes.index')) if access.access(note) < access.VIEW: return access.forbidden_page() rendered = markdown(note.text, extensions=["tables"]) return render_template('view_note.html', note=note, rendered=rendered, user_can_edit=access.access(note) >= access.EDIT)
def login_post(): name = request.form.get('username') pasw = request.form.get('password') remember = True # if request.form.get('remember') else False user = db.query(User).filter_by(name=name).one_or_none() if not user or user.pasw != hash(pasw + user.salt): flash('Please check your login details and try again.') return redirect(url_for('auth.login')) # if user doesn't exist or password is wrong, reload the page login_user(user, remember=remember) next = request.form.get('next') if next: return redirect(next) else: return redirect(url_for('auth.profile'))
def index(): q = request.args.get("q", default="") search_set = db.query(Label).filter(Label.name.like( "%{}%".format(q))).all() accessible_labels = [ p for p in search_set if access.access(p) >= access.VIEW ] if not accessible_labels: return "No labels found." if len(accessible_labels) == 1: return redirect(url_for("labels.view", id=accessible_labels[0].id)) return render_template("labels.html", labels=accessible_labels, signed=signed)
def add(): query = request.args.get("q") # TODO: add override warning if query: print("[labels]", query) query = query.split() name = query[0] labels = query[1:] # TODO: add double dot feature labels = [ l for l in db.query(Label).filter_by(author=current_user).all() if l.name in labels ] internal_add(name, current_user, labels) return ("Label</br>" + '#' + name + "</br>with labels: " + ", ".join(map(signed, labels)) + "</br>added.") return "bookmark.add requires argment q"
def append(id=0): note = db.query(Note).get(id) if not note: flash("Note {} not found.".format(id)) return redirect(url_for('notes.index')) if access.access(note) < access.EDIT: return access.forbidden_page() line = request.args.get('line') if line == None: flash("`line` arg required.") return redirect(url_for('notes.index')) note.text += " \n" + line db.commit() flash("<i>{}</i> appended to {}.".format(line, note.name)) return redirect(url_for("notes.view", id=id))
def signup_post(): name = request.form.get('username') pasw = request.form.get('password') user = db.query(User).filter_by(name=name).one_or_none() if user or name in ["guest", "admin"]: flash("Username " + name + " already registred.") return redirect(url_for('auth.signup')) user = add_user(name, pasw) login_user(user) flash(name + " successfully signed up.") if "redirect" in request.args: return redirect(request.args.get("redirect")) else: return redirect(url_for('auth.profile'))
def users_labels(): return db.query(Label).filter_by(author=current_user).all()
from chuml.utils import db from chuml.models import * to_export = [Bookmark, Label, Note, SearchEngine, User] #, \ #Sensitive, User, AccessPolicy, UserAccess] result = dict() for model in to_export: cont = [] result[model.__tablename__] = cont for obj in db.query(model).all(): cont.append(obj.to_dict()) import json with open("dump.json", "w") as file: json.dump(result, file)
def load_user(user_id): return db.query(User).get(user_id)
import json from chuml.auth import auth from chuml.search import bookmarks from chuml.search import labels from chuml.utils import db #db.db_path = "../../db" author = db.query(auth.User).filter_by(name="agi").first() from_firefox_label = labels.internal_add("_from_firefox", author) def add_node(node, parrent=None): label = None name = node["title"].replace(' ', '_') if not name: name = "no_name" t = node["lastModified"] // 1000 if parrent: label = labels.internal_add(name, author, [parrent], t=t) else: label = labels.internal_add(name, author, t=t) #raise ValueError("no title") print("======", label.__repr__(), "=======") if not "children" in node: return for c in node["children"]: if c["typeCode"] == 2: # node
def users_labels(): return '[' + ",".join( ['"' + label.name + '"' for label in labels.users_labels()]) + ']' app.jinja_env.globals.update(users_labels=users_labels) from chuml.auth import access def can_view(node): return access.access(node) >= access.VIEW app.jinja_env.globals.update(can_view=can_view) def can_edit(node): return access.access(node) >= access.EDIT app.jinja_env.globals.update(can_edit=can_edit) # create admin if not db.query(User).filter_by(name="admin").one_or_none(): auth.add_user("admin", config.admin_pasw) # create guest if not db.query(User).filter_by(name="guest").one_or_none(): auth.add_user("guest", config.guest_pasw)