def save_sheet_api(request): """ API for listing available sheets """ if request.method == "GET": return jsonResponse({"error": "Unsupported HTTP method."}) # Save a sheet if request.method == "POST": if not request.user.is_authenticated: key = request.POST.get("apikey") if not key: return jsonResponse({"error": "You must be logged in or use an API key to save."}) apikey = db.apikeys.find_one({"key": key}) if not apikey: return jsonResponse({"error": "Unrecognized API key."}) else: apikey = None j = request.POST.get("json") if not j: return jsonResponse({"error": "No JSON given in post data."}) sheet = json.loads(j) if apikey: if "id" in sheet: sheet["lastModified"] = get_sheet(sheet["id"])["dateModified"] # Usually lastModified gets set on the frontend, so we need to set it here to match with the previous dateModified so that the check in `save_sheet` returns properly user = User.objects.get(id=apikey["uid"]) else: user = request.user if "id" in sheet: existing = get_sheet(sheet["id"]) if "error" not in existing and \ not can_edit(user, existing) and \ not can_add(request.user, existing) and \ not can_publish(request.user, existing): return jsonResponse({"error": "You don't have permission to edit this sheet."}) else: existing = None cleaned_sources = [] for source in sheet["sources"]: cleaned_sources.append(clean_source(source)) sheet["sources"] = cleaned_sources sheet["title"] = bleach_text(sheet["title"]) if "summary" in sheet: sheet["summary"] = bleach_text(sheet["summary"]) if sheet.get("group", None): # Quietly enforce group permissions if sheet["group"] not in [g["name"] for g in get_user_groups(user.id)]: # Don't allow non Group members to add a sheet to a group sheet["group"] = None if not can_publish(user, sheet): if not existing: sheet["status"] = "unlisted" else: if existing.get("group", None) != sheet["group"]: # Don't allow non Group publishers to add a new public sheet sheet["status"] = "unlisted" elif existing["status"] != sheet["status"]: # Don't allow non Group publishers from changing status of an existing sheet sheet["status"] = existing["status"] rebuild_nodes = request.POST.get('rebuildNodes', False) responseSheet = save_sheet(sheet, user.id, rebuild_nodes=rebuild_nodes) if "rebuild" in responseSheet and responseSheet["rebuild"]: # Don't bother adding user links if this data won't be used to rebuild the sheet responseSheet["sources"] = annotate_user_links(responseSheet["sources"]) return jsonResponse(responseSheet)
def save_sheet_api(request): """ API for listing available sheets """ if request.method == "GET": return jsonResponse({"error": "Unsupported HTTP method."}) # Save a sheet if request.method == "POST": if not request.user.is_authenticated: key = request.POST.get("apikey") if not key: return jsonResponse({"error": "You must be logged in or use an API key to save."}) apikey = db.apikeys.find_one({"key": key}) if not apikey: return jsonResponse({"error": "Unrecognized API key."}) else: apikey = None j = request.POST.get("json") if not j: return jsonResponse({"error": "No JSON given in post data."}) sheet = json.loads(j) if apikey: if "id" in sheet: sheet["lastModified"] = get_sheet(sheet["id"])["dateModified"] # Usually lastModified gets set on the frontend, so we need to set it here to match with the previous dateModified so that the check in `save_sheet` returns properly user = User.objects.get(id=apikey["uid"]) else: user = request.user if "id" in sheet: existing = get_sheet(sheet["id"]) if "error" not in existing and \ not can_edit(user, existing) and \ not can_add(request.user, existing) and \ not can_publish(request.user, existing): return jsonResponse({"error": "You don't have permission to edit this sheet."}) else: existing = None cleaned_sources = [] for source in sheet["sources"]: cleaned_sources.append(clean_source(source)) sheet["sources"] = cleaned_sources sheet["title"] = bleach_text(sheet["title"]) if "summary" in sheet: sheet["summary"] = bleach_text(sheet["summary"]) if sheet.get("group", None): # Quietly enforce group permissions if sheet["group"] not in [g["name"] for g in get_user_groups(user.id)]: # Don't allow non Group members to add a sheet to a group sheet["group"] = None if not can_publish(user, sheet): if not existing: sheet["status"] = "unlisted" else: if existing.get("group", None) != sheet["group"]: # Don't allow non Group publishers to add a new public sheet sheet["status"] = "unlisted" elif existing["status"] != sheet["status"]: # Don't allow non Group publishers from changing status of an existing sheet sheet["status"] = existing["status"] responseSheet = save_sheet(sheet, user.id) if "rebuild" in responseSheet and responseSheet["rebuild"]: # Don't bother adding user links if this data won't be used to rebuild the sheet responseSheet["sources"] = annotate_user_links(responseSheet["sources"]) return jsonResponse(responseSheet)
# -*- coding: utf-8 -*- # adds nodes to sources w/o nodes # adds sources to sources w/ refs but w/o texts import django django.setup() from sefaria.model import * from sefaria.system.database import db from sefaria.sheets import bleach_text sheets = db.sheets.find() for sheet in sheets: try: olddoc = sheet newdoc = olddoc newdoc["title"] = bleach_text(sheet.get("title", "")) db.sheets.update({'_id': olddoc["_id"]}, newdoc) except: print sheet