Example #1
0
def admin_pages_mod(req, id):
    """Edit page could:

    * author of page, if still have pages_author right
    * admin with pages_modify right
    * admin with pages_listall right and right which must have page too
    """
    check_login(req)
    match_right(req, module_rights)
    token = do_create_token(req, '/admin/pages/%d' % id)

    page = Page(id)
    if (not do_check_right(req, 'pages_modify')) \
            and (not page.check_right(req)):
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    if req.method == 'POST':
        check_token(req, req.form.get('token'))
        page.bind(req.form)
        error = page.mod(req)
        if error:
            return generate_page(req, "admin/pages_mod.html", token=token,
                                 page=page, rights=rights, error=error,
                                 extra_rights=req.cfg.pages_extra_rights)
    # endif
    if not page.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    return generate_page(req, "admin/pages_mod.html", token=token,
                         page=page, rights=rights,
                         extra_rights=req.cfg.pages_extra_rights)
Example #2
0
def articles_remove_tag(req, id, tag_id):
    check_login(req)
    match_right(req, module_rights)
    check_token(req, req.form.get('token'), uri='/admin/articles/%d' % id)

    article = Article(id)
    article.remove_tag(req, tag_id)
    req.content_type = 'application/json'
    return '{}'
Example #3
0
def admin_redirects_delete(req, id):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.args.get('token'), uri='/admin/redirects')

    item = Redirect(id)
    if not item.delete(req):
        req.status = state.HTTP_NOT_FOUND

    return send_json(req, {})
Example #4
0
def articles_append_tag(req, id, tag_id):
    check_login(req)
    match_right(req, module_rights)
    check_token(req, req.form.get('token'), uri='/admin/articles/%d' % id)

    article = Article(id)

    if not article.append_tag(req, tag_id):
        return send_json(req, {'reason': 'integrity_error'})
    req.content_type = 'application/json'
    return '{}'
Example #5
0
def admin_menu_delete(req, id):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.args.get("token"))

    item = MenuItem(id)
    if item.delete(req):
        return js_items(req)

    req.status = state.HTTP_BAD_REQUEST
    req.content_type = "application/json"
    return json.dumps({"reason": "integrity_error"})
Example #6
0
def admin_pages_del(req, id):
    """ Delete page, could:
            * author of page if have still pages_author right
            * admin with pages_modify
    """

    check_login(req, '/log_in?referer=/admin/pages')
    match_right(req, ('pages_author', 'pages_modify'))
    check_token(req, req.form.get('token'))

    page = Page(id)
    if not page.check_right(req):
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    page.delete(req)
    # TODO: redirect to same page
    redirect(req, '/admin/pages?error=%d' % SUCCESS)
Example #7
0
def admin_menu_to(req, id):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.form.get("token"))

    item = MenuItem(id)

    if req.uri.endswith("to_child"):
        status = item.to_child(req)
    else:
        status = item.to_parent(req)
    if status:
        return js_items(req)

    req.status = state.HTTP_BAD_REQUEST
    req.content_type = "application/json"
    return json.dumps({"reason": "not_possible"})
Example #8
0
def admin_redirects_add_update(req, id=None):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.form.get('token'), uri='/admin/redirects')

    item = Redirect(id)
    item.bind(req.form)
    rv = item.mod(req) if id else item.add(req)

    if isinstance(rv, Redirect):
        return send_json(req, {})

    req.status = state.HTTP_BAD_REQUEST
    if isinstance(rv, ErrorValue):
        return send_json(req, rv, cls=ObjectEncoder)

    return send_json(req, {'reason': 'src_exist'})
Example #9
0
def admin_menu_add_update(req, id=None):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.form.get("token"))

    item = MenuItem(id)
    item.bind(req.form)
    if not item.title:
        req.status = state.HTTP_BAD_REQUEST
        req.content_type = "application/json"
        return json.dumps({"reason": "empty_title"})

    status = item.mod(req) if id else item.add(req)
    if status:
        return js_items(req)

    req.status = state.HTTP_BAD_REQUEST
    req.content_type = "application/json"
    return json.dumps({"reason": "title_exist"})
Example #10
0
def admin_pagse_add(req):
    check_login(req)
    match_right(req, ('pages_author', 'pages_modify'))
    token = do_create_token(req, '/admin/pages/add')

    if req.method == 'POST':
        check_token(req, req.form.get('token'))
        page = Page()
        page.bind(req.form, req.login.id)
        error = page.add(req)

        if error:
            return generate_page(req, "admin/pages_mod.html", token=token,
                                 rights=rights, page=page, error=error)

        redirect(req, '/admin/pages/%d' % page.id)
    # end

    return generate_page(req, "admin/pages_mod.html", token=token,
                         rights=rights)