def projects(self):
"""Get list of project for the user"""
# Find node_type project id (this could become static)
node_type = NodeType.find_first({
'where': '{"name" : "project"}',
},
api=self.api)
if not node_type: return abort(404)
# Define key for querying for the project
if self.is_organization:
user_path = 'properties.organization'
else:
user_path = 'user'
# Query for the project
# TODO currently, this system is weak since we rely on the user property
# of a node when searching for a project using the user it. This allows
# us to find a project that belongs to an organization also by requesting
# the user that originally created the node. This can be fixed by
# introducing a 'user' property in the project node type.
projects = Node.all({
'where': '{"node_type" : "%s", "%s": "%s"}'\
% (node_type._id, user_path, self._id),
}, api=self.api)
for project in projects._items:
attach_project_pictures(project, self.api)
return projects
def edit(project_url):
api = system_util.pillar_api()
# Fetch the Node or 404
try:
project = Project.find_one({'where': {'url': project_url}}, api=api)
# project = Project.find(project_url, api=api)
except ResourceNotFound:
abort(404)
attach_project_pictures(project, api)
form = ProjectForm(
project_id=project._id,
name=project.name,
url=project.url,
summary=project.summary,
description=project.description,
is_private=u'GET' not in project.permissions.world,
category=project.category,
status=project.status,
)
if form.validate_on_submit():
project = Project.find(project._id, api=api)
project.name = form.name.data
project.url = form.url.data
project.summary = form.summary.data
project.description = form.description.data
project.category = form.category.data
project.status = form.status.data
if form.picture_square.data:
project.picture_square = form.picture_square.data
if form.picture_header.data:
project.picture_header = form.picture_header.data
# Update world permissions from is_private checkbox
if form.is_private.data:
project.permissions.world = []
else:
project.permissions.world = [u'GET']
project.update(api=api)
# Reattach the pictures
attach_project_pictures(project, api)
else:
if project.picture_square:
form.picture_square.data = project.picture_square._id
if project.picture_header:
form.picture_header.data = project.picture_header._id
# List of fields from the form that should be hidden to regular users
if current_user.has_role('admin'):
hidden_fields = []
else:
hidden_fields = ['url', 'status', 'is_private', 'category']
return render_template('projects/edit.html',
form=form,
hidden_fields=hidden_fields,
project=project,
title="edit",
api=api)
def projects(self):
"""Get list of project for the user"""
# Find node_type project id (this could become static)
node_type = NodeType.find_first({
'where': '{"name" : "project"}',
}, api=self.api)
if not node_type: return abort(404)
# Define key for querying for the project
if self.is_organization:
user_path = 'properties.organization'
else:
user_path = 'user'
# Query for the project
# TODO currently, this system is weak since we rely on the user property
# of a node when searching for a project using the user it. This allows
# us to find a project that belongs to an organization also by requesting
# the user that originally created the node. This can be fixed by
# introducing a 'user' property in the project node type.
projects = Node.all({
'where': '{"node_type" : "%s", "%s": "%s"}'\
% (node_type._id, user_path, self._id),
}, api=self.api)
for project in projects._items:
attach_project_pictures(project, self.api)
return projects
def sharing(project_url):
api = system_util.pillar_api()
# Fetch the project or 404
try:
project = Project.find_one({
'where': '{"url" : "%s"}' % (project_url)}, api=api)
except ResourceNotFound:
return abort(404)
# Fetch users that are part of the admin group
users = project.get_users(api=api)
for user in users['_items']:
user['avatar'] = gravatar(user['email'])
if request.method == 'POST':
user_id = request.form['user_id']
action = request.form['action']
if action == 'add':
user = project.add_user(user_id, api=api)
elif action == 'remove':
user = project.remove_user(user_id, api=api)
# Add gravatar to user
user['avatar'] = gravatar(user['email'])
return jsonify(user)
attach_project_pictures(project, api)
return render_template('projects/sharing.html',
api=api,
title="sharing",
project=project,
users=users['_items'])
def index():
api = system_util.pillar_api()
projects_user = Project.all({
'where': {'user': current_user.objectid},
'sort': '-_created'
}, api=api)
projects_shared = Project.all({
'where': {'user': {'$ne': current_user.objectid},
'permissions.groups.group': {'$in': current_user.groups},
'is_private': True},
'sort': '-_created',
'embedded': {'user': 1},
}, api=api)
# Attach project images
for project in projects_user['_items']:
attach_project_pictures(project, api)
for project in projects_shared['_items']:
attach_project_pictures(project, api)
return render_template(
'projects/index_dashboard.html',
gravatar=gravatar(current_user.email, size=128),
title='dashboard',
projects_user=projects_user['_items'],
projects_shared=projects_shared['_items'],
api=system_util.pillar_api())
def sharing(project_url):
api = system_util.pillar_api()
# Fetch the project or 404
try:
project = Project.find_one({'where': '{"url" : "%s"}' % (project_url)},
api=api)
except ResourceNotFound:
return abort(404)
# Fetch users that are part of the admin group
users = project.get_users(api=api)
for user in users['_items']:
user['avatar'] = gravatar(user['email'])
if request.method == 'POST':
user_id = request.form['user_id']
action = request.form['action']
if action == 'add':
user = project.add_user(user_id, api=api)
elif action == 'remove':
user = project.remove_user(user_id, api=api)
# Add gravatar to user
user['avatar'] = gravatar(user['email'])
return jsonify(user)
attach_project_pictures(project, api)
return render_template('projects/sharing.html',
api=api,
title="sharing",
project=project,
users=users['_items'])
def edit(project_url):
api = system_util.pillar_api()
# Fetch the Node or 404
try:
project = Project.find_one({'where': {'url': project_url}}, api=api)
# project = Project.find(project_url, api=api)
except ResourceNotFound:
abort(404)
attach_project_pictures(project, api)
form = ProjectForm(
project_id=project._id,
name=project.name,
url=project.url,
summary=project.summary,
description=project.description,
is_private=u'GET' not in project.permissions.world,
category=project.category,
status=project.status,
)
if form.validate_on_submit():
project = Project.find(project._id, api=api)
project.name = form.name.data
project.url = form.url.data
project.summary = form.summary.data
project.description = form.description.data
project.category = form.category.data
project.status = form.status.data
if form.picture_square.data:
project.picture_square = form.picture_square.data
if form.picture_header.data:
project.picture_header = form.picture_header.data
# Update world permissions from is_private checkbox
if form.is_private.data:
project.permissions.world = []
else:
project.permissions.world = [u'GET']
project.update(api=api)
# Reattach the pictures
attach_project_pictures(project, api)
else:
if project.picture_square:
form.picture_square.data = project.picture_square._id
if project.picture_header:
form.picture_header.data = project.picture_header._id
# List of fields from the form that should be hidden to regular users
if current_user.has_role('admin'):
hidden_fields = []
else:
hidden_fields = ['url', 'status', 'is_private', 'category']
return render_template('projects/edit.html',
form=form,
hidden_fields=hidden_fields,
project=project,
title="edit",
api=api)
def get_projects(category):
"""Utility to get projects based on category. Should be moved on the API
and improved with more extensive filtering capabilities.
"""
api = system_util.pillar_api()
projects = Project.all({
'where': {
'category': category,
'is_private': False},
'sort': '-_created',
}, api=api)
for project in projects._items:
attach_project_pictures(project, api)
return projects
def edit_node_types(project_url):
api = system_util.pillar_api()
# Fetch the project or 404
try:
project = Project.find_one({
'where': '{"url" : "%s"}' % (project_url)}, api=api)
except ResourceNotFound:
return abort(404)
attach_project_pictures(project, api)
return render_template('projects/edit_node_types.html',
api=api,
title="edit_node_types",
project=project)
def edit_node_types(project_url):
api = system_util.pillar_api()
# Fetch the project or 404
try:
project = Project.find_one({'where': '{"url" : "%s"}' % (project_url)},
api=api)
except ResourceNotFound:
return abort(404)
attach_project_pictures(project, api)
return render_template('projects/edit_node_types.html',
api=api,
title="edit_node_types",
project=project)
def get_projects(category):
"""Utility to get projects based on category. Should be moved on the API
and improved with more extensive filtering capabilities.
"""
api = system_util.pillar_api()
projects = Project.all(
{
'where': {
'category': category,
'is_private': False
},
'sort': '-_created',
},
api=api)
for project in projects._items:
attach_project_pictures(project, api)
return projects
def get_projects(category):
"""Utility to get projects based on category. Should be moved on the API
and improved with more extensive filtering capabilities.
"""
api = SystemUtility.attract_api()
node_type = NodeType.find_first({
'where': '{"name" : "project"}',
'projection': '{"name": 1}'
}, api=api)
projects = Node.all({
'where': '{"node_type" : "%s", \
"properties.category": "%s"}' % (node_type._id, category),
'embedded': '{"picture":1}',
}, api=api)
for project in projects._items:
attach_project_pictures(project, api)
return projects
def posts_create(project_id):
api = system_util.pillar_api()
try:
project = Project.find(project_id, api=api)
except ResourceNotFound:
return abort(404)
attach_project_pictures(project, api)
blog = Node.find_one(
{'where': {
'node_type': 'blog',
'project': project_id
}}, api=api)
node_type = project.get_node_type('post')
# Check if user is allowed to create a post in the blog
if not project.node_type_has_method('post', 'POST', api=api):
return abort(403)
form = get_node_form(node_type)
if form.validate_on_submit():
# Create new post object from scratch
post_props = dict(node_type='post',
name=form.name.data,
picture=form.picture.data,
user=current_user.objectid,
parent=blog._id,
project=project._id,
properties=dict(content=form.content.data,
status=form.status.data,
url=form.url.data))
if form.picture.data == '':
post_props['picture'] = None
post = Node(post_props)
post.create(api=api)
# Only if the node is set as published, push it to the list
if post.properties.status == 'published':
project_update_nodes_list(post,
project_id=project._id,
list_name='blog')
return redirect(url_for_node(node=post))
form.parent.data = blog._id
return render_template('nodes/custom/post/create.html',
node_type=node_type,
form=form,
project=project,
api=api)
def posts_edit(post_id):
api = system_util.pillar_api()
try:
post = Node.find(post_id, {'embedded': '{"user": 1}'}, api=api)
except ResourceNotFound:
return abort(404)
# Check if user is allowed to edit the post
if not post.has_method('PUT'):
return abort(403)
project = Project.find(post.project, api=api)
attach_project_pictures(project, api)
node_type = project.get_node_type(post.node_type)
form = get_node_form(node_type)
if form.validate_on_submit():
if process_node_form(form,
node_id=post_id,
node_type=node_type,
user=current_user.objectid):
# The the post is published, add it to the list
if form.status.data == 'published':
project_update_nodes_list(post,
project_id=project._id,
list_name='blog')
return redirect(url_for_node(node=post))
form.parent.data = post.parent
form.name.data = post.name
form.content.data = post.properties.content
form.status.data = post.properties.status
form.url.data = post.properties.url
if post.picture:
form.picture.data = post.picture
# Embed picture file
post.picture = get_file(post.picture, api=api)
if post.properties.picture_square:
form.picture_square.data = post.properties.picture_square
return render_template('nodes/custom/post/edit.html',
node_type=node_type,
post=post,
form=form,
project=project,
api=api)
def edit_node_type(project_url, node_type_name):
api = system_util.pillar_api()
# Fetch the Node or 404
try:
project = Project.find_one({
'where': '{"url" : "%s"}' % (project_url)}, api=api)
except ResourceNotFound:
return abort(404)
attach_project_pictures(project, api)
node_type = project.get_node_type(node_type_name)
form = NodeTypeForm()
if form.validate_on_submit():
# Update dynamic & form schemas
dyn_schema = json.loads(form.dyn_schema.data)
node_type.dyn_schema = dyn_schema
form_schema = json.loads(form.form_schema.data)
node_type.form_schema = form_schema
# Update permissions
permissions = json.loads(form.permissions.data)
node_type.permissions = permissions
project.update(api=api)
else:
form.project_id.data = project._id
form.name.data = node_type.name
form.description.data = node_type.description
form.parent.data = node_type.parent
form.dyn_schema.data = json.dumps(
node_type.dyn_schema.to_dict(), indent=4)
form.form_schema.data = json.dumps(
node_type.form_schema.to_dict(), indent=4)
if 'permissions' in node_type:
permissions = node_type.permissions.to_dict()
else:
permissions = {}
form.permissions.data = json.dumps(permissions, indent=4)
return render_template('projects/edit_node_type.html',
form=form,
project=project,
api=api,
node_type=node_type)
def index():
api = system_util.pillar_api()
projects_user = Project.all(
{
'where': {
'user': current_user.objectid
},
'sort': '-_created'
},
api=api)
projects_shared = Project.all(
{
'where': {
'user': {
'$ne': current_user.objectid
},
'permissions.groups.group': {
'$in': current_user.groups
},
'is_private': True
},
'sort': '-_created',
'embedded': {
'user': 1
},
},
api=api)
# Attach project images
for project in projects_user['_items']:
attach_project_pictures(project, api)
for project in projects_shared['_items']:
attach_project_pictures(project, api)
return render_template('projects/index_dashboard.html',
gravatar=gravatar(current_user.email, size=128),
title='dashboard',
projects_user=projects_user['_items'],
projects_shared=projects_shared['_items'],
api=system_util.pillar_api())
def edit_node_type(project_url, node_type_name):
api = system_util.pillar_api()
# Fetch the Node or 404
try:
project = Project.find_one({'where': '{"url" : "%s"}' % (project_url)},
api=api)
except ResourceNotFound:
return abort(404)
attach_project_pictures(project, api)
node_type = project.get_node_type(node_type_name)
form = NodeTypeForm()
if form.validate_on_submit():
# Update dynamic & form schemas
dyn_schema = json.loads(form.dyn_schema.data)
node_type.dyn_schema = dyn_schema
form_schema = json.loads(form.form_schema.data)
node_type.form_schema = form_schema
# Update permissions
permissions = json.loads(form.permissions.data)
node_type.permissions = permissions
project.update(api=api)
else:
form.project_id.data = project._id
form.name.data = node_type.name
form.description.data = node_type.description
form.parent.data = node_type.parent
form.dyn_schema.data = json.dumps(node_type.dyn_schema.to_dict(),
indent=4)
form.form_schema.data = json.dumps(node_type.form_schema.to_dict(),
indent=4)
if 'permissions' in node_type:
permissions = node_type.permissions.to_dict()
else:
permissions = {}
form.permissions.data = json.dumps(permissions, indent=4)
return render_template('projects/edit_node_type.html',
form=form,
project=project,
api=api,
node_type=node_type)
def get_projects(category):
"""Utility to get projects based on category. Should be moved on the API
and improved with more extensive filtering capabilities.
"""
api = SystemUtility.attract_api()
node_type = NodeType.find_first(
{
'where': '{"name" : "project"}',
'projection': '{"name": 1}'
},
api=api)
projects = Node.all(
{
'where':
'{"node_type" : "%s", \
"properties.category": "%s"}' % (node_type._id, category),
'embedded':
'{"picture":1}',
},
api=api)
for project in projects._items:
attach_project_pictures(project, api)
return projects
def posts_view(project_id, url=None):
"""View individual blogpost"""
api = system_util.pillar_api()
# Fetch project (for backgroud images and links generation)
project = Project.find(project_id, api=api)
attach_project_pictures(project, api)
try:
blog = Node.find_one(
{
'where': {
'node_type': 'blog',
'project': project_id
},
}, api=api)
except ResourceNotFound:
abort(404)
if url:
try:
post = Node.find_one(
{
'where':
'{"parent": "%s", "properties.url": "%s"}' %
(blog._id, url),
'embedded':
'{"node_type": 1, "user": 1}',
},
api=api)
if post.picture:
post.picture = get_file(post.picture, api=api)
except ResourceNotFound:
return abort(404)
# If post is not published, check that the user is also the author of
# the post. If not, return 404.
if post.properties.status != "published":
if current_user.is_authenticated():
if not post.has_method('PUT'):
abort(403)
else:
abort(403)
return render_template('nodes/custom/post/view.html',
blog=blog,
node=post,
project=project,
title='blog',
api=api)
else:
node_type_post = project.get_node_type('post')
status_query = "" if blog.has_method(
'PUT') else ', "properties.status": "published"'
posts = Node.all(
{
'where': '{"parent": "%s" %s}' % (blog._id, status_query),
'embedded': '{"user": 1}',
'sort': '-_created'
},
api=api)
for post in posts._items:
post.picture = get_file(post.picture, api=api)
return render_template('nodes/custom/blog/index.html',
node_type_post=node_type_post,
posts=posts._items,
project=project,
title='blog',
api=api)
