def GET(self):
        recipe = None
        if len(self.request.id) == 10:
            recipe = rm.Recipe.find(self.request.id)

        elif len(self.request.id) == 36:
            recipe = rm.Recipe(self.request.id)

        if recipe is None:
            return NotFound()

        if recipe.user.id != self.session.id:
            return Unauthorized()

        if not recipe.public:
            if not self.session.id or self.session.id != recipe.user:
                self.session.push_alert(
                    "That recipe is not public and you do not have the rights to access it.",
                    level="error")
                return Unauthorized()

        if recipe.deleted:
            return NotFound()

        return recipe
    def POST(self):
        title = self.request.get_param("title")
        contents = self.request.get_param("contents")
        public = self.request.get_param("public", False)
        draft = self.request.get_param("draft", False)
        toc = self.request.get_param("toc", False)
        comments = self.request.get_param("comments", False)
        tags = self.request.get_param("tags")
        theme = self.request.get_param("theme", "default")

        tag = []
        if tags:
            tag = [
                bit.lstrip().rstrip().replace(" ", "_").lower()
                for bit in tags.split(",")
            ]

        f = r.table(nm.Note.table)\
            .filter({"short_code": self.request.id})\
            .coerce_to("array")\
            .run()

        if f:
            note = nm.Note(f[0]["id"])
            if note.author.id != self.session.id:
                self.session.push_alert(
                    "You don't own that note, you can't edit it!",
                    level="danger")
                return Unauthorized()

            if not "notes" in self.session.groups and note.disable:
                return NotFound()

            if note.reported:
                self.view.template = "public/notes/reported"
                return self.view

            note.title = title
            note.contents = contents
            note.public = public
            note.tags = tag
            note.table_of_contents = toc
            note.draft = draft
            note.has_comments = comments
            note.theme = theme

            note.save()

            searcher = NoteSearcher()
            searcher.update(note)
            searcher.save()

            return Redirect("/notes/%s" % note.short_code)

        else:
            return NotFound()
Exemple #3
0
    def POST(self):
        if not self.session.has_group("phots"):
            return Unauthorized()

        new_name = self.request.get_param("name")
        tags = self.request.get_param("tags")

        if tags:
            tag = tags.split(",")
        else:
            tag = []

        phot = self.request.id
        if len(phot.rsplit(".")) == 1:
            f = r.table(pm.Phot.table).filter({"short_code": phot})\
                .coerce_to("array").run()
        else:
            f = r.table(pm.Phot.table).filter({"filename": phot})\
                .coerce_to("array").run()

        if f:
            photo = pm.Phot(**f[0])
            photo.title = new_name
            photo.tags = tag
            photo.save()

            searcher = PhotSearcher()
            searcher.update(photo)
            searcher.save()

            return Redirect("/phots/" + photo.short_code)

        else:
            return NotFound()
Exemple #4
0
    def GET(self):
        self.view.partial("sidebar", "partials/admin/sidebar",
                          {"command": "users"})
        try:
            user = um.User(self.request.id)

        except NotFoundError:
            return NotFound()

        self.view.title = user.username

        deleted = self.request.get_param("d", False)
        reported = self.request.get_param("r", False)

        parts = {"user": user.id}

        if deleted:
            parts["deleted"] = True

        if reported:
            parts["reported"] = True

        query = r.table(rm.Recipe.table).filter(parts)
        res = RethinkCollection(rm.Recipe, query=query)
        page = Paginate(res,
                        self.request,
                        "title",
                        sort_direction_default="desc")

        return {"recipes": page, "user": user, "command": "recipes"}
    def POST(self):
        f = r.table(nm.Note.table)\
            .filter({"short_code": self.request.id})\
            .coerce_to("array")\
            .run()

        if f:
            note = nm.Note(**f[0])
            if not self.session.has_group("admin")\
                or note.author.id != self.session.id:
                self.session.push_alert(
                    "You don't own that note, you can't delete it!",
                    level="error")
                return Unauthorized()

            note.disable = True
            note.save()

            searcher = NoteSearcher()
            searcher.update(note)
            searcher.save()

            return {"success": True}

        else:
            return NotFound()
Exemple #6
0
    def GET(self):
        self.view.partial("sidebar", "partials/admin/sidebar",
                          {"command": "users"})
        try:
            user = um.User(self.request.id)

        except NotFoundError:
            return NotFound()

        self.view.title = user.username

        disabled = self.request.get_param("q")
        hidden_ids = r.table(pm.Phot.table).filter({
            "user": user.id
        }).filter(r.row["disable"].eq(True)).concat_map(
            lambda doc: [doc["id"]]).coerce_to("array").run()

        if disabled == "enabled":
            query = r.table(pm.Phot.table).filter({
                "user": user.id
            }).filter(lambda doc: ~r.expr(hidden_ids).contains(doc["id"]))

        else:
            query = r.table(pm.Phot.table).filter({
                "user": user.id
            }).filter(lambda doc: r.expr(hidden_ids).contains(doc["id"]))

        res = RethinkCollection(pm.Phot, query=query)

        page = Paginate(res, self.request, "created")

        self.view.data = {"page": page, "user": user, "command": "phots"}

        return self.view
Exemple #7
0
    def GET(self):
        self.view.partial("sidebar", "partials/admin/sidebar", {"command": "users"})
        try:
            user = um.User(self.request.id)

        except NotFoundError:
            return NotFound()

        self.view.title = user.username

        t = self.request.get_param("filter", "to")
        if t == "cc":
            row_filt = "cc_addresses"
        elif t == "bcc":
            row_filt = "bcc_addresses"
        else:
            row_filt = "to_addresses"

        parts = r.table(em.Email.table).filter(lambda row: row[row_filt].contains(user.id))

        result = RethinkCollection(em.Email, query=parts)
        page = Paginate(result, self.request, "created", sort_direction_default="asc")

        self.view.data = {"page": page,
                          "user": user,
                          "command": "emails"}

        return self.view
Exemple #8
0
    def POST(self):
        if len(self.request.id) == 10:
            recipe = rm.Recipe.find(self.request.id)

        elif len(self.request.id) == 36:
            recipe = rm.Recipe(self.request.id)

        else:
            recipe = None

        if recipe is None or recipe.deleted:
            return NotFound()

        if recipe.user.id != self.session.id:
            if not recipe.public:
                return Unauthorized()

        recipe.title = self.request.get_param("title")
        recipe.tags = self.request.get_param("tags")
        recipe.public = self.request.get_param("public", False)
        recipe.country = self.request.get_param("country")
        recipe.description = self.request.get_param("description")
        recipe.ingredients = self.request.get_param("ingredients")
        recipe.steps = self.request.get_param("steps")

        recipe.save()

        searcher = rs.RecipeSearcher()
        searcher.update(recipe)
        searcher.save()

        return Redirect("/recipes/{}".format(recipe.short_code))
Exemple #9
0
    def DELETE(self):
        if len(self.request.id) == 10:
            recipe = rm.Recipe.find(self.request.id)

        elif len(self.request.id) == 36:
            recipe = rm.Recipe(self.request.id)

        else:
            recipe = None

        if recipe is None or recipe.deleted:
            return NotFound()

        if recipe.user.id != self.session.id:
            return Unauthorized()

        recipe.deleted = True

        recipe.save()

        searcher = rs.RecipeSearcher()
        searcher.update(recipe)
        searcher.save()

        return {"success": True}
Exemple #10
0
    def GET(self):
        f = r.table(nm.Note.table)\
            .filter({"short_code": self.request.id})\
            .coerce_to('array')\
            .run()

        if f:
            note = nm.Note(**f[0])

            if not note.public:
                if not self.session.id or\
                        self.session.id!=note.user.id or\
                        not self.session.has_group("notes"):
                    self.session.push_alert(
                        "That note is not public and you do not have the rights to access it.",
                        level="error")
                    return Unauthorized()

            if not self.session.has_group("notes") and note.disable:
                return NotFound()

            if note.reported:
                self.view.template = "public/notes/reported"
                return self.view

            if note.draft:
                self.view.skeleton = "skeletons/header"
                self.view.data = {
                    "header":
                    """
                  <span style="text-align: center">
                    <h1 style="font-weight: 700">DRAFT</h1>
                  </span>
                    """
                }

            self.view.data = {
                "note": note,
            }

            return self.view

        else:
            return NotFound()
Exemple #11
0
    def GET(self):
        phot = self.request.id

        # check if its a short code by looking for an extension
        # otherwise we assume it's a filename
        if len(phot.rsplit(".")) == 1:
            f = r.table(pm.Phot.table).filter({"short_code": phot})\
                .coerce_to("array").run()
        else:
            f = r.table(pm.Phot.table).filter({"filename": phot})\
                .coerce_to("array").run()

        if not f:
            return NotFound()

        if "disable" in f[0] and f[0]["disable"] and \
                not self.session.has_group("phots"):
            return NotFound()

        photo = pm.Phot(**f[0])

        return photo
Exemple #12
0
    def GET(self):
        f = r.table(nm.Note.table)\
            .filter({"short_code": self.request.id})\
            .coerce_to('array').run()

        if f:
            note = nm.Note(**f[0])

            if not note.public:
                if not self.session.id or \
                        self.session.id!=note.user or \
                        not self.session.has_group("notes"):
                    self.session.push_alert(
                        "That note is not public and you do not have the rights to access it.",
                        level="error")
                    return Unauthorized()

            if not self.session.has_group("notes") and note.disable:
                return NotFound()

            return note

        else:
            return NotFound()
Exemple #13
0
    def GET(self):
        phot = self.request.id

        # check if its a short code by looking for an extension
        # otherwise we assume it's a filename

        # TODO: This could probably be just one but I'm too lazy to try
        if len(phot.rsplit(".")) == 1:
            f = r.table(pm.Phot.table).filter({"short_code": phot})\
                .coerce_to("array").run()
        else:
            f = r.table(pm.Phot.table).filter({"filename": phot})\
                .coerce_to("array").run()

        if not f:
            return NotFound()

        if "disable" in f[0] and f[0]["disable"] and \
                not self.session.has_group("phots"):
            return NotFound()

        photo = pm.Phot(f[0]["id"])

        return {"phot": photo}
Exemple #14
0
    def GET(self):
        self.view.partial("sidebar", "partials/admin/sidebar",
                          {"command": "users"})
        try:
            user = um.User(self.request.id)

        except NotFoundError:
            return NotFound()

        print self.request.url_params

        self.view.title = user.username

        self.view.data = {"user": user, "command": ""}

        return self.view
Exemple #15
0
    def POST(self):
        current_path = ''.join([c.dirs.screenshots, self.request.id])

        f = []
        for top, folders, files in os.walk(c.dirs.screenshots):
            f.extend(files)
            break

        if self.request.id in f:
            os.remove(current_path)

            self.session.push_alert("Deleting screenshot...")
            return {"success": True}

        else:
            return NotFound()
    def GET(self):
        self.view.partial("sidebar", "partials/admin/sidebar",
                          {"command": "users"})
        try:
            user = um.User(self.request.id)

        except NotFoundError:
            return NotFound()

        self.view.title = user.username

        # I should figure out a way to do this filter stuff a little easier... hmm
        filter_parts = {"user": user.id}
        public = self.request.get_param("public")
        draft = self.request.get_param("draft")
        disabled = self.request.get_param("disable")
        reported = self.request.get_param("reported", False)
        sort_by = self.request.get_param("sort_by", "created")

        if not sort_by in [
                "created", "title", "public", "reported", "draft", "disable",
                "author.id"
        ]:
            sort_by = "created"

            # should this be something I try to start doing? :/
            self.session.push_alert(
                "Couldn't figure out what to sort by, as a result of an invalid value for sort_by.",
                level="error")

        if public:
            filter_parts["public"] = False if public == "private" else True
        if draft:
            filter_parts["draft"] = False if draft == "published" else True
        if disabled:
            filter_parts["disable"] = False if disabled == "enabled" else True

        filter_parts["reported"] = reported

        q = r.table(nm.Note.table).filter(filter_parts)

        res = RethinkCollection(nm.Note, query=q)
        page = Paginate(res, self.request, sort_by)

        self.view.data = {"note_page": page, "user": user, "command": "notes"}

        return self.view
Exemple #17
0
    def GET(self):
        if len(self.request.id) == 10:
            recipe = rm.Recipe.find(self.request.id)

        elif len(self.request.id) == 36:
            recipe = rm.Recipe(self.request.id)

        else:
            recipe = None

        if recipe is None or recipe.deleted:
            return NotFound()

        if recipe.user.id != self.session.id:
            if not recipe.public:
                return Unauthorized()

        self.view.title = recipe.title
        return {"recipe": recipe}
Exemple #18
0
    def POST(self):
        try:
            user = um.User(self.request.id)
        except NotFoundError:
            return NotFound()

        password = self.request.get_param("password")
        disable = self.request.get_param("disable", False)
        email = self.request.get_param("email")
        groups = self.request.get_param("groups")
        clear_reset = self.request.get_param("clear_reset", False)

        if type(groups) is not list:
            groups = [groups]

        groups = [
            group.strip(" ").replace(" ", "_").lower() for group in groups
            if group
        ]

        user.groups = groups

        if password:
            user.set_password(password)
            self.session.push_alert(
                "Password updated, please let the user know the new password",
                level="warning")

        if email and email != user.email:
            # TODO: Only allow change if email isn't in the database yet
            user.email = email

        if clear_reset:
            del user.reset_code

        user.disable = disable

        user.save()

        return Redirect("/admin/users/" + self.request.id)