def wrapper(*args, **kwargs):
"""Wrapper that actually tests the user permissions"""
if not is_authenticated() and self.redirect_on_error:
return redirect(
'%s?next=%s' % (url_for('admin.login'), request.url))
elif not is_authenticated():
return msg.error(
_(u'No user authenticated.'),
NobodyHome.__name__)
try:
user = authenticated_user()
except AuthError, exc:
return msg.error(
unicode(exc.message),
exc.__class__.__name__)
def new_comment():
"""Posts new comments to the blog"""
print "/new_comment/"
if not is_authenticated():
resp = make_response(
dumps({
'status': 'error',
'msg': _(u'User not authenticated'),
'redirectTo': url_for('auth.login')
}))
# if request.form['content']:
# resp.set_cookie('live_comment_save', request.form['content'].replace('\n','<br/>') )
return resp
try:
nao_exibir_nome = request.form['nao_exibir_nome']
except:
nao_exibir_nome = ""
try:
post_id = request.form['comentar_em']
except:
post_id = request.form['post_id']
try:
wordpress.newComment(username=session['username'],
password=session['password'],
post_id=post_id,
content=request.form['content'],
nao_exibir_nome=nao_exibir_nome)
removecache("comentarios%s" % str(post_id))
return msg.ok(_(u'Thank you. Your comment was successfuly sent'))
except xmlrpclib.Fault, err:
return msg.error(_(err.faultString), code='CommentError')
def cadastrar_comite():
if request.method == 'POST':
nome = request.form['nome']
email = request.form['email']
telefone = request.form['telefone']
cidade = request.form['cidade']
cn = CadastroComite()
cn.nome = unicode(nome)
cn.email = unicode(email)
cn.telefone = unicode(telefone)
cn.cidade = unicode(cidade)
dbsession.commit()
# #Envia o email avisando que chegou uma nova contribuição
# sendmail(
# conf.COMITE_SUBJECT, conf.COMITE_TO_EMAIL,
# conf.COMITE_MSG % {
# 'titulo': titulo,
# 'noticia': noticia,
# }
# )
return msg.ok(_(u'Thank you. Your contribution was successfuly sent.'))
else:
return msg.error(_(u'Method not allowed'))
def contrib_json():
"""Receives a user contribution and saves to the database
This function will return a JSON format with the result of the
operation. That can be successful or an error, if it finds any
problem in data received or the lack of the authentication.
"""
if not auth.is_authenticated():
return msg.error(_(u'User not authenticated'))
raise Exception('Not funny')
form = ContribForm(csrf_enabled=False)
if form.validate_on_submit():
Contrib(title=form.data['title'].encode('utf-8'),
content=form.data['content'].encode('utf-8'),
theme=form.data['theme'],
user=auth.authenticated_user())
session.commit()
# Returning the csrf
data = {'data': _('Contribution received successful')}
data.update({'csrf': form.csrf.data})
return msg.ok(data)
else:
return format_csrf_error(form, form.errors, 'ValidationError')
def cadastrar_comite():
if request.method == 'POST':
nome = request.form['nome']
email = request.form['email']
telefone = request.form['telefone']
cidade = request.form['cidade']
cn = CadastroComite()
cn.nome = unicode(nome)
cn.email = unicode(email)
cn.telefone = unicode(telefone)
cn.cidade = unicode(cidade)
dbsession.commit()
# #Envia o email avisando que chegou uma nova contribuição
# sendmail(
# conf.COMITE_SUBJECT, conf.COMITE_TO_EMAIL,
# conf.COMITE_MSG % {
# 'titulo': titulo,
# 'noticia': noticia,
# }
# )
return msg.ok(_(u'Thank you. Your contribution was successfuly sent.'))
else:
return msg.error(_(u'Method not allowed'))
def contrib_json():
"""Receives a user contribution and saves to the database
This function will return a JSON format with the result of the
operation. That can be successful or an error, if it finds any
problem in data received or the lack of the authentication.
"""
if not auth.is_authenticated():
return msg.error(_(u'User not authenticated'))
raise Exception('Not funny')
form = ContribForm(csrf_enabled=False)
if form.validate_on_submit():
Contrib(
title=form.data['title'].encode('utf-8'),
content=form.data['content'].encode('utf-8'),
theme=form.data['theme'],
user=auth.authenticated_user())
session.commit()
# Returning the csrf
data = { 'data': _('Contribution received successful') }
data.update({ 'csrf': form.csrf.data })
return msg.ok(data)
else:
return format_csrf_error(form, form.errors, 'ValidationError')
def new_comment():
"""Posts new comments to the blog"""
print "/new_comment/"
if not is_authenticated():
resp = make_response(dumps({
'status': 'error',
'msg': _(u'User not authenticated'),
'redirectTo': url_for('auth.login')
}))
# if request.form['content']:
# resp.set_cookie('live_comment_save', request.form['content'].replace('\n','<br/>') )
return resp
try:
nao_exibir_nome = request.form['nao_exibir_nome']
except:
nao_exibir_nome = ""
try:
post_id = request.form['comentar_em']
except:
post_id = request.form['post_id']
try:
wordpress.newComment(
username=session['username'],
password=session['password'],
post_id=post_id,
content=request.form['content'],
nao_exibir_nome=nao_exibir_nome
)
removecache("comentarios%s" % str(post_id))
return msg.ok(_(u'Thank you. Your comment was successfuly sent'))
except xmlrpclib.Fault, err:
return msg.error(_(err.faultString), code='CommentError')
def profile_json():
"""Validate the request of the update of a profile.
This method will not operate in any user instance but the
authenticated one. If there's nobody authenticated, there's no way
to execute it successfuly.
"""
form = social(ProfileForm, False)
if not form.validate_on_submit():
# This field is special, it must be validated before anything. If it
# doesn't work, the action must be aborted.
if not form.csrf_is_valid:
return msg.error(_('Invalid csrf token'), 'InvalidCsrfToken')
# Usual validation error
return utils.format_csrf_error(form, form.errors, 'ValidationError')
# Let's save the authenticated user's meta data
mget = form.meta.get
try:
user = authapi.authenticated_user()
except authapi.NobodyHome:
return redirect(url_for('index'))
# First, the specific ones
email = mget('email')
redologin = False
if user.username == user.email and user.username != email \
and not (user.get_meta('twitteruser') or user.get_meta('facebookuser')):
flash(_(u'You changed your email, please relogin.'))
redologin = True
user.username = email
user.name = mget('name')
user.email = email
# Saving the thumbnail
form.meta.pop('avatar')
if bool(form.avatar.file):
flike = form.avatar.file
thumb = utils.thumbnail(flike, (48, 48))
form.meta['avatar'] = Upload.imageset.save(
FileStorage(thumb, flike.filename, flike.name),
'thumbs/%s' % user.name[0].lower())
# And then, the meta ones, stored in `UserMeta'
for key, val in form.meta.items():
user.set_meta(key, val)
# return msg.ok({
# 'data': _('User profile updated successfuly'),
# 'csrf': form.csrf.data,
# })
flash(_(u'Profile update successful'), 'alert-success')
if redologin:
authapi.logout()
return redirect(url_for('auth.login'))
else:
return redirect(url_for('.profile'))
def profile_json():
"""Validate the request of the update of a profile.
This method will not operate in any user instance but the
authenticated one. If there's nobody authenticated, there's no way
to execute it successfuly.
"""
form = social(ProfileForm, False)
if not form.validate_on_submit():
# This field is special, it must be validated before anything. If it
# doesn't work, the action must be aborted.
if not form.csrf_is_valid:
return msg.error(_('Invalid csrf token'), 'InvalidCsrfToken')
# Usual validation error
return utils.format_csrf_error(form, form.errors, 'ValidationError')
# Let's save the authenticated user's meta data
mget = form.meta.get
try:
user = authapi.authenticated_user()
except authapi.NobodyHome:
return redirect(url_for('index'))
# First, the specific ones
email = mget('email')
redologin = False
if user.username == user.email and user.username != email \
and not (user.get_meta('twitteruser') or user.get_meta('facebookuser')):
flash(_(u'You changed your email, please relogin.'))
redologin = True
user.username = email
user.name = mget('name')
user.email = email
# Saving the thumbnail
form.meta.pop('avatar')
if bool(form.avatar.file):
flike = form.avatar.file
thumb = utils.thumbnail(flike, (48, 48))
form.meta['avatar'] = Upload.imageset.save(
FileStorage(thumb, flike.filename, flike.name),
'thumbs/%s' % user.name[0].lower())
# And then, the meta ones, stored in `UserMeta'
for key, val in form.meta.items():
user.set_meta(key, val)
# return msg.ok({
# 'data': _('User profile updated successfuly'),
# 'csrf': form.csrf.data,
# })
flash(_(u'Profile update successful'), 'alert-success')
if redologin:
authapi.logout()
return redirect(url_for('auth.login'))
else:
return redirect(url_for('.profile'))
def new_contribution():
"""Posts new contributions on the page 'conselho-comunicacao' """
try:
mostrar_nome = request.form['mostrar_nome']
except KeyError:
mostrar_nome = 'N'
if not is_authenticated():
return msg.error(_(u'User not authenticated'))
try:
print "\n\nMOSTRAR NOME!", mostrar_nome
cid = wordpress.newComment(
username=session['username'],
password=session['password'],
post_id=request.form['post_id'],
content=request.form['content1'] or request.form['content2'],
categoria_sugestao=request.form['categoria_sugestao'],
mostrar_nome=mostrar_nome)
return msg.ok(_(u'Thank you. Your contribution was successfuly sent.'))
except xmlrpclib.Fault, err:
return msg.error(_(err.faultString), code='CommentError')
def new_contribution():
"""Posts new contributions on the page 'conselho-comunicacao' """
try:
mostrar_nome = request.form['mostrar_nome']
except KeyError :
mostrar_nome = 'N'
if not is_authenticated():
return msg.error(_(u'User not authenticated'))
try:
print "\n\nMOSTRAR NOME!", mostrar_nome
cid = wordpress.newComment(
username=session['username'],
password=session['password'],
post_id=request.form['post_id'],
content=request.form['content1'] or request.form['content2'],
categoria_sugestao=request.form['categoria_sugestao'],
mostrar_nome=mostrar_nome
)
return msg.ok(_(u'Thank you. Your contribution was successfuly sent.'))
except xmlrpclib.Fault, err:
return msg.error(_(err.faultString), code='CommentError')
def salvar_noticia_comite():
if request.method == 'POST':
titulo = request.form['titulo']
noticia = request.form['noticia']
cn = ComiteNews()
cn.title = unicode(titulo)
cn.content = unicode(noticia)
cn.user = authenticated_user()
dbsession.commit()
#Envia o email avisando que chegou uma nova contribuição
sendmail(conf.COMITE_SUBJECT, conf.COMITE_TO_EMAIL, conf.COMITE_MSG % {
'titulo': titulo,
'noticia': noticia,
})
return msg.ok(_(u'Thank you. Your contribution was successfuly sent.'))
else:
return msg.error(_(u'Method not allowed'))
def salvar_noticia_comite():
if request.method == 'POST':
titulo = request.form['titulo']
noticia = request.form['noticia']
cn = ComiteNews()
cn.title = unicode(titulo)
cn.content = unicode(noticia)
cn.user = authenticated_user()
dbsession.commit()
#Envia o email avisando que chegou uma nova contribuição
sendmail(
conf.COMITE_SUBJECT, conf.COMITE_TO_EMAIL,
conf.COMITE_MSG % {
'titulo': titulo,
'noticia': noticia,
}
)
return msg.ok(_(u'Thank you. Your contribution was successfuly sent.'))
else:
return msg.error(_(u'Method not allowed'))
def __call__(self, func):
@wraps(func)
def wrapper(*args, **kwargs):
"""Wrapper that actually tests the user permissions"""
if not is_authenticated() and self.redirect_on_error:
return redirect(
'%s?next=%s' % (url_for('admin.login'), request.url))
elif not is_authenticated():
return msg.error(
_(u'No user authenticated.'),
NobodyHome.__name__)
try:
user = authenticated_user()
except AuthError, exc:
return msg.error(
unicode(exc.message),
exc.__class__.__name__)
if not user.has_roles(self.roles):
return msg.error(
_(u'The currently logged user don\'t have suficient '
u'privileges to access this resource'))
return func(*args, **kwargs)
