Example #1
0
def admin_pages_mod(req, id):
    """Edit page could:

    * author of page, if still have pages_author right
    * admin with pages_modify right
    * admin with pages_listall right and right which must have page too
    """
    check_login(req)
    match_right(req, module_rights)
    token = do_create_token(req, '/admin/pages/%d' % id)

    page = Page(id)
    if (not do_check_right(req, 'pages_modify')) \
            and (not page.check_right(req)):
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    if req.method == 'POST':
        check_token(req, req.form.get('token'))
        page.bind(req.form)
        error = page.mod(req)
        if error:
            return generate_page(req, "admin/pages_mod.html", token=token,
                                 page=page, rights=rights, error=error,
                                 extra_rights=req.cfg.pages_extra_rights)
    # endif
    if not page.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    return generate_page(req, "admin/pages_mod.html", token=token,
                         page=page, rights=rights,
                         extra_rights=req.cfg.pages_extra_rights)
Example #2
0
def admin_menu(req):
    check_login(req)
    check_right(req, module_right)

    pager = Pager(limit=-1)
    items = MenuItem.list(req, pager)

    return generate_page(
        req, "admin/page_menu.html", token=do_create_token(req, "/admin/menu"), pager=pager, items=items
    )
Example #3
0
def admin_pages(req):
    check_login(req)
    match_right(req, module_rights)

    error = req.args.getfirst('error', 0, int)

    pager = Pager()
    pager.bind(req.args)

    if not do_match_right(req, ('pages_modify', 'pages_listall')):
        rows = Page.list(req, pager, author_id=req.login.id)
    else:
        rows = Page.list(req, pager)
    return generate_page(req, "admin/pages.html",
                         token=do_create_token(req, '/admin/pages'),
                         pager=pager, rows=rows, error=error)
Example #4
0
def admin_pagse_add(req):
    check_login(req)
    match_right(req, ('pages_author', 'pages_modify'))
    token = do_create_token(req, '/admin/pages/add')

    if req.method == 'POST':
        check_token(req, req.form.get('token'))
        page = Page()
        page.bind(req.form, req.login.id)
        error = page.add(req)

        if error:
            return generate_page(req, "admin/pages_mod.html", token=token,
                                 rights=rights, page=page, error=error)

        redirect(req, '/admin/pages/%d' % page.id)
    # end

    return generate_page(req, "admin/pages_mod.html", token=token,
                         rights=rights)