def view(id=0):
label = db.query(Label).get(id)
if not label:
flash("Label {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(label) < access.VIEW:
return access.forbidden_page()
# TODO: SQL filtering
labeled = [i for i in label.labeling if access.access(i) >= access.VIEW]
bms = [i for i in labeled if i.type == "bookmark"]
lbls = [i for i in labeled if i.type == "label"]
bms.sort(key=lambda x: x.created_timestamp)
lbls.sort(key=lambda x: x.created_timestamp)
return render_template(
"bm_results.html",
bookmarks=bms,
label=label,
labels=lbls, #VIEW RIGHTS
backs=label.labels, #VIEW RIGHTS
signed=signed)
def view(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.VIEW:
return access.forbidden_page()
rendered = markdown(note.text, extensions=["tables"])
return render_template('view_note.html',
note=note,
rendered=rendered,
user_can_edit=access.access(note) >= access.EDIT)
def edit_post(id=0):
bm = db.query(Bookmark).get(id)
if not bm:
flash("Bookmark {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(bm) < access.EDIT:
return access.forbidden_page()
try:
action = get_arg("action")
if action == "set_name":
bm.name = get_arg("name")
db.commit()
return "success: name set"
elif action == "set_url":
bm.url = get_arg("url")
db.commit()
return "success: url set"
elif action == "delete":
bm.labels.clear()
db.delete(bm)
db.commit()
return "success: deleted"
else:
return "nothing done"
except Exception as e:
print("===== bookmarks =====")
print(e)
print("==================")
db.rollback()
return str(e)
def edit_post(id=0):
label = db.query(Label).get(id)
if not label:
return "label {} not found".format(id)
if access.access(label) < access.EDIT:
return "access forbidden to {}".format(id)
try:
action = get_arg("action")
if action == "set_name":
label.name = get_arg("name")
db.commit()
return "success: name set"
elif action == "delete":
label.labels.clear()
db.delete(label)
db.commit()
return "success: deleted"
else:
return "nothing done"
except Exception as e:
print("===== labels =====")
print(e)
print("==================")
db.rollback()
return str(e)
def edit(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.EDIT:
return access.forbidden_page()
if request.args.get("action") == "view":
note.text = request.args.get("text")
note.name = request.args.get("name")
db.commit()
flash("{} saved.".format(note.name))
return redirect(url_for("notes.view", id=id))
elif request.args.get("action") == "save":
note.text = request.args.get("text")
note.name = request.args.get("name")
db.commit()
flash("{} saved.".format(note.name))
return redirect(url_for("notes.edit", id=id))
elif request.args.get("action") == "delete":
note.labels.clear()
db.delete(note)
db.commit()
flash("{} deleted.".format(note.name))
return redirect(url_for('notes.index'))
else:
return render_template(
'edit_note.html',
note=note,
)
def index():
notes = [
note for note in db.query(Note).all()
if access.access(note) > access.NOTHING
]
return render_template("notes.html", notes=notes)
def edit_get(id=0):
bm = db.query(Bookmark).get(id)
if not bm:
flash("Bookmark {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(bm) < access.EDIT:
return access.forbidden_page()
return render_template("edit_bookmark.html", bm=bm)
def edit_get(id=0):
label = db.query(Label).get(id)
if not label:
flash("Label {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(label) < access.EDIT:
return access.forbidden_page()
return render_template("edit_label.html", label=label)
def index():
q = request.args.get("q", default="")
search_set = db.query(Label).filter(Label.name.like(
"%{}%".format(q))).all()
accessible_labels = [
p for p in search_set if access.access(p) >= access.VIEW
]
if not accessible_labels:
return "No labels found."
if len(accessible_labels) == 1:
return redirect(url_for("labels.view", id=accessible_labels[0].id))
return render_template("labels.html",
labels=accessible_labels,
signed=signed)
def append(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.EDIT:
return access.forbidden_page()
line = request.args.get('line')
if line == None:
flash("`line` arg required.")
return redirect(url_for('notes.index'))
note.text += " \n" + line
db.commit()
flash("<i>{}</i> appended to {}.".format(line, note.name))
return redirect(url_for("notes.view", id=id))
def edit_post(id=0):
node = db.query(Node).get(id)
if not node:
return "node {} not found".format(id)
if access.access(node) < access.EDIT:
return "access forbidden to node {}".format(id)
try:
action = get_arg("action")
if action == "remove_label":
label_name = get_arg("label_name")
label = db.query(Label).filter_by(
author=current_user,
name=label_name,
).one_or_none()
node.labels.remove(label)
db.commit()
return "success: label removed"
elif action == "add_label":
label_name = get_arg("label_name")
label = db.query(Label).filter_by(
author=current_user,
name=label_name,
).one_or_none()
if not label:
label = Label(name=name)
db.add(label)
db.commit()
node.labels.append(label)
db.commit()
return "success: label added"
else:
return "nothing done"
except Exception as e:
print("===== nodes =====")
print(e)
print("==================")
db.rollback()
return str(e)
def can_edit(node):
return access.access(node) >= access.EDIT
def can_view(node):
return access.access(node) >= access.VIEW
