Ejemplo n.º 1
0
    def pages_delete(self, page, page_type='pages'):
        page = page[1:]
        if 'cancel' in p.toolkit.request.params:
            p.toolkit.redirect_to(controller=self.controller,
                                  action='%s_edit' % page_type,
                                  page='/' + page)

        try:
            if p.toolkit.request.method == 'POST':
                csrf_token.validate(
                    p.toolkit.request.POST.get('csrf-token', ''))
                p.toolkit.get_action('ckanext_pages_delete')({}, {
                    'page': page
                })
                p.toolkit.redirect_to('%s_index' % page_type)
            else:
                p.toolkit.abort(404, _('Page Not Found'))
        except p.toolkit.NotAuthorized:
            p.toolkit.abort(401, _('Unauthorized to delete page'))
        except p.toolkit.ObjectNotFound:
            p.toolkit.abort(404, _('Group not found'))
        except csrf_token.CsrfTokenValidationError:
            helpers.flash_error(_('Security token error, please try again'))
            p.toolkit.redirect_to(controller=self.controller,
                                  action='%s_edit' % page_type,
                                  page='/' + page)
        return p.toolkit.render('ckanext_pages/confirm_delete.html',
                                {'page': page})
Ejemplo n.º 2
0
    def _save_edit(self, id, context):
        try:
            data_dict = logic.clean_dict(unflatten(
                    logic.tuplize_dict(logic.parse_params(request.params))))
            context['message'] = data_dict.get('log_message', '')
            data_dict['id'] = id

            csrf_token.validate(data_dict.get('csrf-token', ''))

            # ONLY DIFFERENCE IS HERE
            if (data_dict['password1'] and data_dict['password2']) or data_dict['email']:
                identity = {'login': c.user,
                            'password': data_dict['old_password']}
                auth = authenticator.UsernamePasswordAuthenticator()

                if auth.authenticate(request.environ, identity) != c.user:
                    raise UsernamePasswordError

            # MOAN: Do I really have to do this here?
            if 'activity_streams_email_notifications' not in data_dict:
                data_dict['activity_streams_email_notifications'] = False

            user = get_action('user_update')(context, data_dict)
            h.flash_success(_('Profile updated'))
            h.redirect_to(controller='user', action='read', id=user['name'])
        except NotAuthorized:
            abort(401, _('Unauthorized to edit user %s') % id)
        except NotFound, e:
            abort(404, _('User not found'))
Ejemplo n.º 3
0
    def pages_edit(self,
                   page=None,
                   data=None,
                   errors=None,
                   error_summary=None,
                   page_type='pages'):
        if page:
            page = page[1:]
        _page = p.toolkit.get_action('ckanext_pages_show')(data_dict={
            'org_id': None,
            'page': page,
        })
        if _page is None:
            _page = {}

        if p.toolkit.request.method == 'POST' and not data:
            data = dict(p.toolkit.request.POST)

            _page.update(data)

            _page['org_id'] = None
            _page['page'] = page
            _page['page_type'] = 'page' if page_type == 'pages' else page_type

            try:
                csrf_token.validate(
                    p.toolkit.request.POST.get('csrf-token', ''))
                junk = p.toolkit.get_action('ckanext_pages_update')(
                    data_dict=_page)
            except p.toolkit.ValidationError, e:
                errors = e.error_dict
                error_summary = e.error_summary
                return self.pages_edit('/' + page,
                                       data,
                                       errors,
                                       error_summary,
                                       page_type=page_type)
            except csrf_token.CsrfTokenValidationError:
                helpers.flash_error(
                    _('Security token error, please try again'))
                form_snippet = config.get('ckanext.pages.form',
                                          'ckanext_pages/base_form.html')
                vars = {
                    'data': data,
                    'errors': errors,
                    'error_summary': error_summary,
                    'page': page,
                    'form_snippet': form_snippet
                }
                return p.toolkit.render('ckanext_pages/%s_edit.html' %
                                        page_type,
                                        extra_vars=vars)
Ejemplo n.º 4
0
    def pages_delete(self, page, page_type='pages'):
        page = page[1:]
        if 'cancel' in p.toolkit.request.params:
            p.toolkit.redirect_to(controller=self.controller, action='%s_edit' % page_type, page='/' + page)

        try:
            if p.toolkit.request.method == 'POST':
                csrf_token.validate(p.toolkit.request.POST.get('csrf-token', ''))
                p.toolkit.get_action('ckanext_pages_delete')({}, {'page': page})
                p.toolkit.redirect_to('%s_index' % page_type)
            else:
                p.toolkit.abort(404, _('Page Not Found'))
        except p.toolkit.NotAuthorized:
            p.toolkit.abort(401, _('Unauthorized to delete page'))
        except p.toolkit.ObjectNotFound:
            p.toolkit.abort(404, _('Group not found'))
        except csrf_token.CsrfTokenValidationError:
            helpers.flash_error(_('Security token error, please try again'))
            p.toolkit.redirect_to(controller=self.controller, action='%s_edit' % page_type, page='/' + page)
        return p.toolkit.render('ckanext_pages/confirm_delete.html', {'page': page})
Ejemplo n.º 5
0
    def _save_edit(self, id, context):
        try:
            if id in (c.userobj.id, c.userobj.name):
                current_user = True
            else:
                current_user = False
            old_username = c.userobj.name

            data_dict = logic.clean_dict(unflatten(
                    logic.tuplize_dict(logic.parse_params(request.params))))
            context['message'] = data_dict.get('log_message', '')
            data_dict['id'] = id

            csrf_token.validate(data_dict.get('csrf-token', ''))

            # ONLY DIFFERENCE IS HERE
            if (data_dict['password1'] and data_dict['password2']) or data_dict['email']:
                identity = {'login': c.user,
                            'password': data_dict['old_password']}
                auth = authenticator.UsernamePasswordAuthenticator()

                if auth.authenticate(request.environ, identity) != c.user:
                    raise UsernamePasswordError

            # MOAN: Do I really have to do this here?
            if 'activity_streams_email_notifications' not in data_dict:
                data_dict['activity_streams_email_notifications'] = False

            user = get_action('user_update')(context, data_dict)
            h.flash_success(_('Profile updated'))
            if current_user and data_dict['name'] != old_username:
                # Changing currently logged in user's name.
                # Update repoze.who cookie to match
                set_repoze_user(data_dict['name'])
            h.redirect_to(controller='user', action='read', id=data_dict['name'])
        except NotAuthorized:
            abort(401, _('Unauthorized to edit user %s') % id)
        except NotFound, e:
            abort(404, _('User not found'))
Ejemplo n.º 6
0
    def pages_edit(self, page=None, data=None, errors=None, error_summary=None, page_type='pages'):
        if page:
            page = page[1:]
        _page = p.toolkit.get_action('ckanext_pages_show')(
            data_dict={'org_id': None,
                       'page': page,}
        )
        if _page is None:
            _page = {}

        if p.toolkit.request.method == 'POST' and not data:
            data = dict(p.toolkit.request.POST)

            _page.update(data)

            _page['org_id'] = None
            _page['page'] = page
            _page['page_type'] = 'page' if page_type == 'pages' else page_type

            try:
                csrf_token.validate(p.toolkit.request.POST.get('csrf-token', ''))
                junk = p.toolkit.get_action('ckanext_pages_update')(
                    data_dict=_page
                )
            except p.toolkit.ValidationError, e:
                errors = e.error_dict
                error_summary = e.error_summary
                return self.pages_edit('/' + page, data,
                                       errors, error_summary, page_type=page_type)
            except csrf_token.CsrfTokenValidationError:
                helpers.flash_error(_('Security token error, please try again'))
                form_snippet = config.get('ckanext.pages.form', 'ckanext_pages/base_form.html')
                vars = {'data': data, 'errors': errors,
                    'error_summary': error_summary, 'page': page,
                    'form_snippet': form_snippet}
                return p.toolkit.render('ckanext_pages/%s_edit.html' % page_type,
                                        extra_vars=vars)