def permission_check(self, page):
perms = db.get(page.permissions)
anonrole = Role.all().filter("name", "Anonymous").get()
if perms:
for perm in perms:
if perm.role.name == "Anonymous":
return True
user = self.ws.users.get_current_user(self)
if not user:
return False
actions = []
if self.ws.users.is_current_user_admin(self):
return True
for perm in perms:
if perm.role.key() == anonrole.key():
actions.append(perm.type)
return True
if user.key() in perm.role.users:
actions.append(perm.type)
if len(actions) == 0:
return False
else:
return True
else:
return True
def post(self):
if 'register-email' not in self.request.arguments() or 'register-password' not in self.request.arguments() or 'confirm-password' not in self.request.arguments():
self.json_out({'success': False,'message': 'Required parameter missing.'})
if self.request.get('register-email') == "" or self.request.get('register-password') == "" or self.request.get('confirm-password') == "" or self.request.get('confirm-password') != self.request.get('register-password'):
self.json_out({'success': False,'message': 'Please enter a valid email address and password to register'})
user = self.ws.users.get_current_user(self)
wsuser = User.register_user(self.request.get('register-email'), self.request.get('register-password'), self.ws.site.secret, user)
email_notifier.EmailNotifier.notify(Role.get_administrators(), '*****@*****.**', self.create_admin_content())
email_notifier.EmailNotifier.notify([wsuser], '*****@*****.**', self.create_user_content())
self.redirect(self.request.get("return_url") or "/")
def is_current_user_admin(cls, handler):
if u'user' in handler.session:
user = User.get(handler.session['user'])
role = Role.all().filter("name", "Administrator").get()
if user.key() in role.users:
return True
else:
return False
else:
return False
def get(self):
contents = Content.all().fetch(1000)
theme_packages = ThemePackage.all().fetch(1000)
themes = Theme.all().fetch(1000)
pages = Page.all().fetch(1000)
images = Image.all().fetch(1000)
roles = Role.all().fetch(1000)
sections = Section.all().fetch(1000)
_users = User.all().fetch(1000)
actions = ACTIONS
template_values = {'logout_url':self.ws.users.create_logout_url('/'),'theme_packages': theme_packages,'themes': themes, 'images': images, 'pages': pages, 'contents':contents, 'roles':roles, 'users':_users, 'actions': actions, 'sections': sections, 'site': self.ws.site}
self.response.out.write(template.render('templates/manage.html',template_values))
def get(self, args, format):
type = args.split("/")[0]
key = args.split("/")[1]
model = db.get(key)
result = model.delete()
self.ws.site.sanity_check()
for role in Role.all().fetch(1000):
role.sanity_check()
for permission in Permission.all().fetch(1000):
permission.sanity_check()
memcache.flush_all()
self.response.out.write(type + " : " + key)
def generate_admin_html(self, page, user):
contents = Content.all().fetch(1000)
roles = Role.all().fetch(1000)
emaildata = {"contents": contents, "roles": roles}
emailcontext = template.Context(emaildata)
email_template = template.Template(open("templates/email.html").read())
email_html = email_template.render(emailcontext)
admindata = {
"page_edit": Page.to_form(self.request.path, "edit", page.key()),
"theme_edit": Theme.to_form(self.request.path, "edit", page.theme.key(), page.key()),
"page_key": page.key(),
"path": self.request.path,
"permission_table": Permission.get_table(page.key()),
"sections": (
{
"name": section.name.replace("section_", "").capitalize(),
"theme_key": section.theme.key(),
"theme_html": section.theme.html,
"theme_css": section.theme.css,
"theme_js": section.theme.js,
"content": (
{
"title": content.title,
"content_edit": Content.to_edit_list("title", self.request.path),
"content_form": Content.to_form(
self.request.path, "edit", content.key(), section.key()
),
"content_deepform": Content.to_form(self.request.path, rel_key=section.key()),
}
for content in section.get_contents()
),
}
for section in page.get_sections()
),
"page_form": Page.to_form(self.request.path, rel_key=self.ws.site.key()),
"user_form": User.to_form(self.request.path),
"user_list": User.to_edit_list("email", self.request.path, True),
"user_edit_form": User.to_form(self.request.path, "edit", user.key()),
"user_import": open("defaults/admin/user_import.html").read(),
"images": self.ws.site.images_for_use(),
"email_blast": email_html,
}
context = template.Context(admindata)
admin_template = template.Template(open("defaults/admin/tabs.html").read())
admin_html = admin_template.render(context)
return admin_html
