Example #1
0
def admin_news(req):
    check_login(req)
    match_right(req, module_rights)

    show = req.args.getfirst("show", "", uni)

    pager = Pager(sort="desc")
    pager.bind(req.args)

    kwargs = {}

    if show == "ready":
        pager.set_params(show=show)
        kwargs["state"] = 2
        kwargs["public_date"] = 0
    elif show == "drafts":
        pager.set_params(show=show)
        kwargs["state"] = 1
    else:
        show = None

    if not do_check_right(req, "news_editor"):
        kwargs["author_id"] = req.login.id

    rows = New.list(req, pager, **kwargs)
    return generate_page(req, "admin/news.html", pager=pager, rows=rows, show=show)
Example #2
0
def admin_news_add(req):
    check_login(req)
    match_right(req, module_rights)

    new = New()
    if req.method == "POST":
        new.bind(req.form, req.login.id)
        error = new.add(req)

        if error:
            return generate_page(req, "admin/news_mod.html", new=new, error=error)

        redirect(req, "/admin/news/%d" % new.id)
    # end

    new.state = 2 if do_check_right(req, "news_editor") else 1
    return generate_page(req, "admin/news_mod.html", new=new)
Example #3
0
def admin_news_enable(req, id):
    check_login(req, "/log_in?referer=/admin/news")
    match_right(req, module_rights)
    check_referer(req, "/admin/news")

    new = New(id)
    if not new.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    if (not do_check_right(req, "news_editor")) and (
        not (new.author_id == req.login.id and new.public_date.year == 1970)
    ):
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    n_state = int(req.uri.endswith("/enable"))
    n_state = (n_state * 2) if new.public_date.year > 1970 else n_state
    new.set_state(req, n_state)

    redirect(req, "/admin/news")
Example #4
0
def admin_news_mod(req, id):
    check_login(req)
    match_right(req, module_rights)

    new = New(id)
    if not new.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    if not do_check_right(req, "news_editor") and new.author_id != req.login.id:
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    if req.method == "POST":
        new.bind(req.form)
        error = new.mod(req)
        if error != new:
            return generate_page(req, "admin/news_mod.html", new=new, error=error)

        if not new.get(req):
            raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    return generate_page(req, "admin/news_mod.html", new=new)