def edit(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.EDIT:
return access.forbidden_page()
if request.args.get("action") == "view":
note.text = request.args.get("text")
note.name = request.args.get("name")
db.commit()
flash("{} saved.".format(note.name))
return redirect(url_for("notes.view", id=id))
elif request.args.get("action") == "save":
note.text = request.args.get("text")
note.name = request.args.get("name")
db.commit()
flash("{} saved.".format(note.name))
return redirect(url_for("notes.edit", id=id))
elif request.args.get("action") == "delete":
note.labels.clear()
db.delete(note)
db.commit()
flash("{} deleted.".format(note.name))
return redirect(url_for('notes.index'))
else:
return render_template(
'edit_note.html',
note=note,
)
def index():
notes = [
note for note in db.query(Note).all()
if access.access(note) > access.NOTHING
]
return render_template("notes.html", notes=notes)
def view(id=0):
label = db.query(Label).get(id)
if not label:
flash("Label {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(label) < access.VIEW:
return access.forbidden_page()
# TODO: SQL filtering
labeled = [i for i in label.labeling if access.access(i) >= access.VIEW]
bms = [i for i in labeled if i.type == "bookmark"]
lbls = [i for i in labeled if i.type == "label"]
bms.sort(key=lambda x: x.created_timestamp)
lbls.sort(key=lambda x: x.created_timestamp)
return render_template(
"bm_results.html",
bookmarks=bms,
label=label,
labels=lbls, #VIEW RIGHTS
backs=label.labels, #VIEW RIGHTS
signed=signed)
def access(chuml_node):
if current_user.name == "admin":
return ADMIN
if current_user == chuml_node.author:
return ADMIN
policy = chuml_node.access
if policy == None:
return NOTHING
# public share
public_access = policy.public_can
# link share
secret = request.args.get("secret")
if secret == policy.secret:
link_access = policy.with_secret_can
else:
link_access = NOTHING
# individual share
user_access = db.query(UserAccess).get({
"user_id": current_user.id,
"access_policy_id": policy.id
})
if user_access:
individual_access = user_access.user_can
else:
individual_access = NOTHING
return max(public_access, link_access, individual_access)
def edit_post(id=0):
label = db.query(Label).get(id)
if not label:
return "label {} not found".format(id)
if access.access(label) < access.EDIT:
return "access forbidden to {}".format(id)
try:
action = get_arg("action")
if action == "set_name":
label.name = get_arg("name")
db.commit()
return "success: name set"
elif action == "delete":
label.labels.clear()
db.delete(label)
db.commit()
return "success: deleted"
else:
return "nothing done"
except Exception as e:
print("===== labels =====")
print(e)
print("==================")
db.rollback()
return str(e)
def add():
query = request.args.get("q")
# TODO: add override warning
if query:
query = query.split()
print("[bookmarks]", query)
url = query.pop()
if url[:4] != "http":
url = "http://" + url
label_name = query[0]
words = query[1:]
name = " ".join(words)
if not name:
name = get_page_title(url)
label = db.query(Label).filter_by(name=label_name,
author=current_user).one_or_none()
if not label:
label = labels.internal_add(label_name, current_user)
internal_add(name, url, current_user, [label])
return ("Bookmark</br>" + "<b>" + name + "</b> -> <a href=" + url +
">" + url + "</a>" + "</br>with label <b>" + label_name +
"</b>" + "</br>added.")
return "bookmark.add requires argment q"
def edit_post(id=0):
bm = db.query(Bookmark).get(id)
if not bm:
flash("Bookmark {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(bm) < access.EDIT:
return access.forbidden_page()
try:
action = get_arg("action")
if action == "set_name":
bm.name = get_arg("name")
db.commit()
return "success: name set"
elif action == "set_url":
bm.url = get_arg("url")
db.commit()
return "success: url set"
elif action == "delete":
bm.labels.clear()
db.delete(bm)
db.commit()
return "success: deleted"
else:
return "nothing done"
except Exception as e:
print("===== bookmarks =====")
print(e)
print("==================")
db.rollback()
return str(e)
def add():
if "q" in request.args:
words = extended_split(request.args.get("q"))
key, url, search = (words + 3 * [""])[:3]
print("=======q=", [request.args.get("q"), key, url, search])
return redirect(url_for("search.add", key=key, url=url, search=search))
elif "key" in request.args and request.args.get("url"):
key = request.args.get("key")
# why to control key?
#if not key.replace(" ","").replace("_","").replace("-","").isalnum():
# return "Invalid key."
url = request.args.get("url")
engine = db.query(SearchEngine).filter_by(
key=key, author=current_user).one_or_none()
if engine:
force = request.args.get("force")
if not force == "True":
return render_template(
"add.html",
caption="{key} already points at {url}".format(
key=key,
url=engine.search if engine.search else engine.url),
key=request.args.get("key", ""),
url=request.args.get("url", ""),
search=request.args.get("search", ""),
force="True",
button="Override")
else:
print("===========editing==to==", url)
engine.url = url
engine.search = request.args.get("search")
db.commit()
else:
engine = SearchEngine(
url=url,
key=key,
search=request.args.get("search"),
)
db.add(engine)
db.commit()
return """
<b>{key}</b> -> {url}
<br/> added <br/>
<a href="{url}">back</a>
""".format(key=key, url=engine.url)
else:
return render_template(
"add.html",
caption="example search: https://www.google.com/search?q={query}",
key=request.args.get("key", ""),
url=request.args.get("url", ""),
search=request.args.get("search", ""),
force="",
button="Submit")
def load_or_write(key):
item = db.query(Sensitive).get(key)
if not item:
value = input("Enter " + key + ":")
db.add(Sensitive(key=key,value=value))
db.commit()
else:
value = item.value
return value
def edit_get(id=0):
bm = db.query(Bookmark).get(id)
if not bm:
flash("Bookmark {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(bm) < access.EDIT:
return access.forbidden_page()
return render_template("edit_bookmark.html", bm=bm)
def internal_add(name, author, labels=[], t=None):
if t == None:
t = int(time.time())
if db.query(Label).filter_by(name=name, author=author).all():
label = db.query(Label).filter_by(name=name, author=author).first()
else:
label = Label(name=name,
author=author,
created_timestamp=t,
updated_timestamp=t)
db.add(label)
for l in labels:
if not l in label.labels:
label.labels.append(l)
db.commit()
return label
def edit_get(id=0):
label = db.query(Label).get(id)
if not label:
flash("Label {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(label) < access.EDIT:
return access.forbidden_page()
return render_template("edit_label.html", label=label)
def line():
query = request.args.get("q")
if not query:
return render_template("search.html", engine="")
words = query.split()
keyword = words[0]
exp = " ".join(words[1:])
engine = db.query(SearchEngine).filter_by(
key=keyword, author=current_user).one_or_none()
if engine:
"""
if db.query(SearchEngine).filter_by(
key=keyword,
author=current_user
).all():
keyword = ""
engine = None
exp = None
for i,word in enumerate(words):
if db.query(SearchEngine).filter_by(
key=keyword+word,
author=current_user).all():
keyword += word
engine = db.query(SearchEngine).filter_by(
key=keyword,
author=current_user
).first()
else:
exp = " ".join(words[i:])
print("=======line==exp=", exp)
"""
if not exp:
return redirect(engine.url)
if engine.search:
return redirect(engine.search.format(query=quote(exp)))
"""
elif keyword == "add":
exp = " ".join(query.split()[1:])
return redirect(url_for("search.add",q=exp))
elif keyword == "bm":
exp = " ".join(query.split()[1:])
return redirect(url_for("bookmarks.search",q=exp))
elif keyword == "lb":
exp = " ".join(query.split()[1:])
return redirect(url_for("labels.search",q=exp))
elif keyword == "a":
blogid = query.split(" ")[1]
line = " ".join(query.split()[2:])
return redirect(url_for("blog.append",id=blogid,line=line))"""
return redirect("https://google.com/search?q=" + query)
def edit_post(id=0):
node = db.query(Node).get(id)
if not node:
return "node {} not found".format(id)
if access.access(node) < access.EDIT:
return "access forbidden to node {}".format(id)
try:
action = get_arg("action")
if action == "remove_label":
label_name = get_arg("label_name")
label = db.query(Label).filter_by(
author=current_user,
name=label_name,
).one_or_none()
node.labels.remove(label)
db.commit()
return "success: label removed"
elif action == "add_label":
label_name = get_arg("label_name")
label = db.query(Label).filter_by(
author=current_user,
name=label_name,
).one_or_none()
if not label:
label = Label(name=name)
db.add(label)
db.commit()
node.labels.append(label)
db.commit()
return "success: label added"
else:
return "nothing done"
except Exception as e:
print("===== nodes =====")
print(e)
print("==================")
db.rollback()
return str(e)
def view(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.VIEW:
return access.forbidden_page()
rendered = markdown(note.text, extensions=["tables"])
return render_template('view_note.html',
note=note,
rendered=rendered,
user_can_edit=access.access(note) >= access.EDIT)
def login_post():
name = request.form.get('username')
pasw = request.form.get('password')
remember = True # if request.form.get('remember') else False
user = db.query(User).filter_by(name=name).one_or_none()
if not user or user.pasw != hash(pasw + user.salt):
flash('Please check your login details and try again.')
return redirect(url_for('auth.login')) # if user doesn't exist or password is wrong, reload the page
login_user(user, remember=remember)
next = request.form.get('next')
if next:
return redirect(next)
else:
return redirect(url_for('auth.profile'))
def index():
q = request.args.get("q", default="")
search_set = db.query(Label).filter(Label.name.like(
"%{}%".format(q))).all()
accessible_labels = [
p for p in search_set if access.access(p) >= access.VIEW
]
if not accessible_labels:
return "No labels found."
if len(accessible_labels) == 1:
return redirect(url_for("labels.view", id=accessible_labels[0].id))
return render_template("labels.html",
labels=accessible_labels,
signed=signed)
def add():
query = request.args.get("q")
# TODO: add override warning
if query:
print("[labels]", query)
query = query.split()
name = query[0]
labels = query[1:]
# TODO: add double dot feature
labels = [
l for l in db.query(Label).filter_by(author=current_user).all()
if l.name in labels
]
internal_add(name, current_user, labels)
return ("Label</br>" + '#' + name + "</br>with labels: " +
", ".join(map(signed, labels)) + "</br>added.")
return "bookmark.add requires argment q"
def append(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.EDIT:
return access.forbidden_page()
line = request.args.get('line')
if line == None:
flash("`line` arg required.")
return redirect(url_for('notes.index'))
note.text += " \n" + line
db.commit()
flash("<i>{}</i> appended to {}.".format(line, note.name))
return redirect(url_for("notes.view", id=id))
def signup_post():
name = request.form.get('username')
pasw = request.form.get('password')
user = db.query(User).filter_by(name=name).one_or_none()
if user or name in ["guest", "admin"]:
flash("Username " + name + " already registred.")
return redirect(url_for('auth.signup'))
user = add_user(name, pasw)
login_user(user)
flash(name + " successfully signed up.")
if "redirect" in request.args:
return redirect(request.args.get("redirect"))
else:
return redirect(url_for('auth.profile'))
def users_labels():
return db.query(Label).filter_by(author=current_user).all()
from chuml.utils import db
from chuml.models import *
to_export = [Bookmark, Label, Note, SearchEngine, User] #, \
#Sensitive, User, AccessPolicy, UserAccess]
result = dict()
for model in to_export:
cont = []
result[model.__tablename__] = cont
for obj in db.query(model).all():
cont.append(obj.to_dict())
import json
with open("dump.json", "w") as file:
json.dump(result, file)
def load_user(user_id):
return db.query(User).get(user_id)
import json
from chuml.auth import auth
from chuml.search import bookmarks
from chuml.search import labels
from chuml.utils import db
#db.db_path = "../../db"
author = db.query(auth.User).filter_by(name="agi").first()
from_firefox_label = labels.internal_add("_from_firefox", author)
def add_node(node, parrent=None):
label = None
name = node["title"].replace(' ', '_')
if not name:
name = "no_name"
t = node["lastModified"] // 1000
if parrent:
label = labels.internal_add(name, author, [parrent], t=t)
else:
label = labels.internal_add(name, author, t=t)
#raise ValueError("no title")
print("======", label.__repr__(), "=======")
if not "children" in node:
return
for c in node["children"]:
if c["typeCode"] == 2: # node
def users_labels():
return '[' + ",".join(
['"' + label.name + '"' for label in labels.users_labels()]) + ']'
app.jinja_env.globals.update(users_labels=users_labels)
from chuml.auth import access
def can_view(node):
return access.access(node) >= access.VIEW
app.jinja_env.globals.update(can_view=can_view)
def can_edit(node):
return access.access(node) >= access.EDIT
app.jinja_env.globals.update(can_edit=can_edit)
# create admin
if not db.query(User).filter_by(name="admin").one_or_none():
auth.add_user("admin", config.admin_pasw)
# create guest
if not db.query(User).filter_by(name="guest").one_or_none():
auth.add_user("guest", config.guest_pasw)
