def GET(self, path):
print 'user_preferences', path, web.ctx.site.can_write(path), context.user
# only people who can modify the preferences should be able to see them
if web.ctx.site.can_write(path):
return core.view().GET(path)
else:
return render.permission_denied(path, "Permission Denied.")
def POST(self, key):
i = web.input("v", _comment=None)
v = i.v and safeint(i.v, None)
if v is None:
raise web.seeother(web.changequery({}))
if not web.ctx.site.can_write(key) or not user_is_admin_or_librarian():
return render.permission_denied(
web.ctx.fullpath, "Permission denied to edit " + key + ".")
thing = web.ctx.site.get(key, i.v)
if not thing:
raise web.notfound()
def revert(thing):
if thing.type.key == "/type/delete" and thing.revision > 1:
prev = web.ctx.site.get(thing.key, thing.revision - 1)
if prev.type.key in ["/type/delete", "/type/redirect"]:
return revert(prev)
else:
prev._save("revert to revision %d" % prev.revision)
return prev
elif thing.type.key == "/type/redirect":
redirect = web.ctx.site.get(thing.location)
if redirect and redirect.type.key not in [
"/type/delete",
"/type/redirect",
]:
return redirect
else:
# bad redirect. Try the previous revision
prev = web.ctx.site.get(thing.key, thing.revision - 1)
return revert(prev)
else:
return thing
def process(value):
if isinstance(value, list):
return [process(v) for v in value]
elif isinstance(value, client.Thing):
if value.key:
if value.type.key in ['/type/delete', '/type/revert']:
return revert(value)
else:
return value
else:
for k in value:
value[k] = process(value[k])
return value
else:
return value
for k in thing:
thing[k] = process(thing[k])
comment = i._comment or "reverted to revision %d" % v
thing._save(comment)
raise web.seeother(key)
def POST(self, key):
i = web.input("v", _comment=None)
v = i.v and safeint(i.v, None)
if v is None:
raise web.seeother(web.changequery({}))
user = accounts.get_current_user()
is_admin = user and user.key in [m.key for m in web.ctx.site.get('/usergroup/admin').members]
if not (is_admin and web.ctx.site.can_write(key)):
return render.permission_denied(web.ctx.fullpath, "Permission denied to edit " + key + ".")
thing = web.ctx.site.get(key, i.v)
if not thing:
raise web.notfound()
def revert(thing):
if thing.type.key == "/type/delete" and thing.revision > 1:
prev = web.ctx.site.get(thing.key, thing.revision-1)
if prev.type.key in ["/type/delete", "/type/redirect"]:
return revert(prev)
else:
prev._save("revert to revision %d" % prev.revision)
return prev
elif thing.type.key == "/type/redirect":
redirect = web.ctx.site.get(thing.location)
if redirect and redirect.type.key not in ["/type/delete", "/type/redirect"]:
return redirect
else:
# bad redirect. Try the previous revision
prev = web.ctx.site.get(thing.key, thing.revision-1)
return revert(prev)
else:
return thing
def process(value):
if isinstance(value, list):
return [process(v) for v in value]
elif isinstance(value, client.Thing):
if value.key:
if value.type.key in ['/type/delete', '/type/revert']:
return revert(value)
else:
return value
else:
for k in value.keys():
value[k] = process(value[k])
return value
else:
return value
for k in thing.keys():
thing[k] = process(thing[k])
comment = i._comment or "reverted to revision %d" % v
thing._save(comment)
raise web.seeother(key)
def handle(self, cls, args=()):
m = getattr(cls(), web.ctx.method, None)
if not m:
raise web.nomethod(cls=cls)
else:
if self.is_admin():
return m(*args)
else:
return render.permission_denied(web.ctx.path, "Permission denied.")
def GET(self):
# make sure the request is coming from the LAN.
if web.ctx.ip not in ['127.0.0.1', '0.0.0.0'] and web.ctx.ip.rsplit(".", 1)[0] != local_ip().rsplit(".", 1)[0]:
return render.permission_denied(web.ctx.fullpath, "Permission denied to reload templates/macros.")
from infogami.plugins.wikitemplates import code as wikitemplates
wikitemplates.load_all()
from openlibrary.plugins.upstream import code as upstream
upstream.reload()
return delegate.RawText("done")
def GET(self):
# make sure the request is coming from the LAN.
if web.ctx.ip not in ['127.0.0.1', '0.0.0.0'] and web.ctx.ip.rsplit(".", 1)[0] != local_ip().rsplit(".", 1)[0]:
return render.permission_denied(web.ctx.fullpath, "Permission denied to reload templates/macros.")
from infogami.plugins.wikitemplates import code as wikitemplates
wikitemplates.load_all()
from openlibrary.plugins.upstream import code as upstream
upstream.reload()
return delegate.RawText("done")
def GET(self, key):
# only allow admin users to edit yaml
if not self.is_admin():
return render.permission_denied(key, 'Permission Denied')
try:
d = self.get_data(key)
except web.HTTPError, e:
if web.ctx.status.lower() == "404 not found":
d = {"key": key}
else:
raise
def GET(self, key):
# only allow admin users to edit yaml
if not self.is_admin():
return render.permission_denied(key, 'Permission Denied')
try:
d = self.get_data(key)
except web.HTTPError, e:
if web.ctx.status.lower() == "404 not found":
d = {"key": key}
else:
raise
def handle(self, cls, args=()):
# Use admin theme
context.bodyid = "admin"
m = getattr(cls(), web.ctx.method, None)
if not m:
raise web.nomethod(cls=cls)
else:
if self.is_admin():
return m(*args)
else:
return render.permission_denied(web.ctx.path, "Permission denied.")
def GET(self, key):
# only allow admin users to edit yaml
if not self.is_admin():
return render.permission_denied(key, 'Permission Denied')
try:
d = self.get_data(key)
except web.HTTPError as e:
if web.ctx.status.lower() == '404 not found':
d = {'key': key}
else:
raise
return render.edit_yaml(key, self.dump(d))
def handle(self, cls, args=(), librarians=False):
# Use admin theme
context.cssfile = "admin"
m = getattr(cls(), web.ctx.method, None)
if not m:
raise web.nomethod(cls=cls)
else:
if (self.is_admin() or (librarians and context.user and
context.user.is_librarian())):
return m(*args)
else:
return render.permission_denied(web.ctx.path, "Permission denied.")
def GET(self, username, key='loans'):
user = web.ctx.site.get('/people/%s' % username)
if not user:
return render.notfound("User %s" % username, create=False)
cur_user = accounts.get_current_user()
if not cur_user or cur_user.key.split('/')[-1] != username:
return render.permission_denied(web.ctx.path, 'Permission Denied')
readlog = ReadingLog(user=user)
works = readlog.get_works(key, page=1, limit=2000)
works_json = [
{
'title': w.get('title'),
'key': w.key,
'author_keys': [a.author.key for a in w.get('authors', [])],
'first_publish_year': w.first_publish_year or None,
'subjects': w.get('subjects'),
'subject_people': w.get('subject_people'),
'subject_places': w.get('subject_places'),
'subject_times': w.get('subject_times'),
} for w in works
]
author_keys = set(
a
for work in works_json
for a in work['author_keys']
)
authors_json = [
{
'key': a.key,
'name': a.name,
'birth_date': a.get('birth_date'),
}
for a in web.ctx.site.get_many(list(author_keys))
]
page = render['account/readinglog_stats'](
json.dumps(works_json),
json.dumps(authors_json),
len(works_json),
user.key,
user.displayname,
web.ctx.path.rsplit('/', 1)[0],
key,
lang=web.ctx.lang,
)
page.v2 = True
return page
def POST(self, key):
# only allow admin users to edit yaml
if not self.is_admin():
return render.permission_denied(key, 'Permission Denied')
i = web.input(body='', _comment=None)
if '_save' in i:
d = self.load(i.body)
p = web.ctx.site.new(key, d)
try:
p._save(i._comment)
except (client.ClientException, ValidationException), e:
add_flash_message('error', str(e))
return render.edit_yaml(key, i.body)
raise web.seeother(key + '.yml')
def POST(self, key):
# only allow admin users to edit yaml
if not self.is_admin():
return render.permission_denied(key, 'Permission Denied')
i = web.input(body='', _comment=None)
if '_save' in i:
d = self.load(i.body)
p = web.ctx.site.new(key, d)
try:
p._save(i._comment)
except (client.ClientException, ValidationException), e:
add_flash_message('error', str(e))
return render.edit_yaml(key, i.body)
raise web.seeother(key + '.yml')
