def admin_pages_mod(req, id):
"""Edit page could:
* author of page, if still have pages_author right
* admin with pages_modify right
* admin with pages_listall right and right which must have page too
"""
check_login(req)
match_right(req, module_rights)
token = do_create_token(req, '/admin/pages/%d' % id)
page = Page(id)
if (not do_check_right(req, 'pages_modify')) \
and (not page.check_right(req)):
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
if req.method == 'POST':
check_token(req, req.form.get('token'))
page.bind(req.form)
error = page.mod(req)
if error:
return generate_page(req, "admin/pages_mod.html", token=token,
page=page, rights=rights, error=error,
extra_rights=req.cfg.pages_extra_rights)
# endif
if not page.get(req):
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
return generate_page(req, "admin/pages_mod.html", token=token,
page=page, rights=rights,
extra_rights=req.cfg.pages_extra_rights)
def articles_remove_tag(req, id, tag_id):
check_login(req)
match_right(req, module_rights)
check_token(req, req.form.get('token'), uri='/admin/articles/%d' % id)
article = Article(id)
article.remove_tag(req, tag_id)
req.content_type = 'application/json'
return '{}'
def admin_redirects_delete(req, id):
check_login(req)
check_right(req, module_right)
check_token(req, req.args.get('token'), uri='/admin/redirects')
item = Redirect(id)
if not item.delete(req):
req.status = state.HTTP_NOT_FOUND
return send_json(req, {})
def articles_append_tag(req, id, tag_id):
check_login(req)
match_right(req, module_rights)
check_token(req, req.form.get('token'), uri='/admin/articles/%d' % id)
article = Article(id)
if not article.append_tag(req, tag_id):
return send_json(req, {'reason': 'integrity_error'})
req.content_type = 'application/json'
return '{}'
def admin_menu_delete(req, id):
check_login(req)
check_right(req, module_right)
check_token(req, req.args.get("token"))
item = MenuItem(id)
if item.delete(req):
return js_items(req)
req.status = state.HTTP_BAD_REQUEST
req.content_type = "application/json"
return json.dumps({"reason": "integrity_error"})
def admin_pages_del(req, id):
""" Delete page, could:
* author of page if have still pages_author right
* admin with pages_modify
"""
check_login(req, '/log_in?referer=/admin/pages')
match_right(req, ('pages_author', 'pages_modify'))
check_token(req, req.form.get('token'))
page = Page(id)
if not page.check_right(req):
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
page.delete(req)
# TODO: redirect to same page
redirect(req, '/admin/pages?error=%d' % SUCCESS)
def admin_menu_to(req, id):
check_login(req)
check_right(req, module_right)
check_token(req, req.form.get("token"))
item = MenuItem(id)
if req.uri.endswith("to_child"):
status = item.to_child(req)
else:
status = item.to_parent(req)
if status:
return js_items(req)
req.status = state.HTTP_BAD_REQUEST
req.content_type = "application/json"
return json.dumps({"reason": "not_possible"})
def admin_redirects_add_update(req, id=None):
check_login(req)
check_right(req, module_right)
check_token(req, req.form.get('token'), uri='/admin/redirects')
item = Redirect(id)
item.bind(req.form)
rv = item.mod(req) if id else item.add(req)
if isinstance(rv, Redirect):
return send_json(req, {})
req.status = state.HTTP_BAD_REQUEST
if isinstance(rv, ErrorValue):
return send_json(req, rv, cls=ObjectEncoder)
return send_json(req, {'reason': 'src_exist'})
def admin_menu_add_update(req, id=None):
check_login(req)
check_right(req, module_right)
check_token(req, req.form.get("token"))
item = MenuItem(id)
item.bind(req.form)
if not item.title:
req.status = state.HTTP_BAD_REQUEST
req.content_type = "application/json"
return json.dumps({"reason": "empty_title"})
status = item.mod(req) if id else item.add(req)
if status:
return js_items(req)
req.status = state.HTTP_BAD_REQUEST
req.content_type = "application/json"
return json.dumps({"reason": "title_exist"})
def admin_pagse_add(req):
check_login(req)
match_right(req, ('pages_author', 'pages_modify'))
token = do_create_token(req, '/admin/pages/add')
if req.method == 'POST':
check_token(req, req.form.get('token'))
page = Page()
page.bind(req.form, req.login.id)
error = page.add(req)
if error:
return generate_page(req, "admin/pages_mod.html", token=token,
rights=rights, page=page, error=error)
redirect(req, '/admin/pages/%d' % page.id)
# end
return generate_page(req, "admin/pages_mod.html", token=token,
rights=rights)