def config(self):
items = self._get_config_form_items()
data = request.POST
if 'save' in data:
#check against csrf attacks
custom_base.csrf_check(self)
try:
# really?
data_dict = logic.clean_dict(
dict_fns.unflatten(
logic.tuplize_dict(
logic.parse_params(
request.POST, ignore_keys=CACHE_PARAMETERS))))
del data_dict['save']
data = logic.get_action('config_option_update')(
{'user': c.user}, data_dict)
except logic.ValidationError, e:
errors = e.error_dict
error_summary = e.error_summary
vars = {'data': data, 'errors': errors,
'error_summary': error_summary, 'form_items': items}
return base.render('admin/config.html', extra_vars=vars)
h.redirect_to(controller='admin', action='config')
def config(self):
items = self._get_config_form_items()
data = request.POST
if 'save' in data:
#check against csrf attacks
custom_base.csrf_check(self)
try:
# really?
data_dict = logic.clean_dict(
dict_fns.unflatten(
logic.tuplize_dict(
logic.parse_params(request.POST,
ignore_keys=CACHE_PARAMETERS))))
del data_dict['save']
data = logic.get_action('config_option_update')({
'user': c.user
}, data_dict)
except logic.ValidationError, e:
errors = e.error_dict
error_summary = e.error_summary
vars = {
'data': data,
'errors': errors,
'error_summary': error_summary,
'form_items': items
}
return base.render('admin/config.html', extra_vars=vars)
h.redirect_to(controller='admin', action='config')
def new(self, data=None, errors=None, error_summary=None):
'''GET to display a form for registering a new user.
or POST the form data to actually do the user registration.
'''
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author,
'auth_user_obj': c.userobj,
'schema': self._new_form_to_db_schema(),
'save': 'save' in request.params
}
# try:
# check_access('user_create', context)
# except NotAuthorized:
# abort(401, _('Unauthorized to create a user'))
if context['save'] and not data:
#check against csrf attacks
custom_base.csrf_check(self)
return self._save_new(context)
# if c.user and not data:
# # #1799 Don't offer the registration form if already logged in
# return render('user/logout_first.html')
data = data or {}
errors = errors or {}
error_summary = error_summary or {}
vars = {'data': data, 'errors': errors, 'error_summary': error_summary}
c.is_sysadmin = authz.is_sysadmin(c.user)
c.form = render(self.new_user_form, extra_vars=vars)
return render('user/new.html')
def resource_delete(self, id, resource_id):
if 'cancel' in request.params:
h.redirect_to(controller='package', action='resource_edit',
resource_id=resource_id, id=id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
try:
check_access('package_delete', context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to delete package %s') % '')
try:
if request.method == 'POST':
# check against csrf attacks
custom_base.csrf_check(self)
get_action('resource_delete')(context, {'id': resource_id})
h.flash_notice(_('Resource has been deleted.'))
h.redirect_to(controller='package', action='read', id=id)
c.resource_dict = get_action('resource_show')(
context, {'id': resource_id})
c.pkg_id = id
except NotAuthorized:
abort(401, _('Unauthorized to delete resource %s') % '')
except NotFound:
abort(404, _('Resource not found'))
return render('package/confirm_delete_resource.html',
{'dataset_type': self._get_package_type(id)})
def resource_edit(self, id, resource_id, data=None, errors=None,
error_summary=None):
custom_base.g_analitics()
if request.method == 'POST' and not data:
#check against csrf attacks
custom_base.csrf_check(self)
data = data or \
clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.POST))))
# we don't want to include save as it is part of the form
del data['save']
context = {'model': model, 'session': model.Session,
'api_version': 3, 'for_edit': True,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
data['package_id'] = id
try:
if resource_id:
data['id'] = resource_id
get_action('resource_update')(context, data)
else:
get_action('resource_create')(context, data)
except ValidationError, e:
errors = e.error_dict
error_summary = e.error_summary
return self.resource_edit(id, resource_id, data,
errors, error_summary)
except NotAuthorized:
abort(401, _('Unauthorized to edit this resource'))
def resource_edit(self, id, resource_id, data=None, errors=None,
error_summary=None):
# custom_base.g_analitics()
if request.method == 'POST' and not data:
# check against csrf attacks
custom_base.csrf_check(self)
data = data or \
clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.POST))))
# we don't want to include save as it is part of the form
del data['save']
context = {'model': model, 'session': model.Session,
'api_version': 3, 'for_edit': True,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
data['package_id'] = id
try:
if resource_id:
data['id'] = resource_id
get_action('resource_update')(context, data)
else:
get_action('resource_create')(context, data)
except ValidationError, e:
errors = e.error_dict
error_summary = e.error_summary
return self.resource_edit(id, resource_id, data,
errors, error_summary)
except NotAuthorized:
abort(401, _('Unauthorized to edit this resource'))
def delete(self, id):
group_type = self._ensure_controller_matches_group_type(id)
if 'cancel' in request.params:
self._redirect_to_this_controller(action='edit', id=id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
try:
self._check_access('group_delete', context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to delete group %s') % '')
try:
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
self._action('group_delete')(context, {'id': id})
if group_type == 'organization':
h.flash_notice(_('Organization has been deleted.'))
elif group_type == 'group':
h.flash_notice(_('Group has been deleted.'))
else:
h.flash_notice(_('%s has been deleted.')
% _(group_type.capitalize()))
self._redirect_to_this_controller(action='index')
c.group_dict = self._action('group_show')(context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to delete group %s') % '')
except NotFound:
abort(404, _('Group not found'))
return self._render_template('group/confirm_delete.html', group_type)
def resource_delete(self, id, resource_id):
if 'cancel' in request.params:
h.redirect_to(controller='package', action='resource_edit',
resource_id=resource_id, id=id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
try:
check_access('package_delete', context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to delete package %s') % '')
try:
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
get_action('resource_delete')(context, {'id': resource_id})
h.flash_notice(_('Resource has been deleted.'))
h.redirect_to(controller='package', action='read', id=id)
c.resource_dict = get_action('resource_show')(
context, {'id': resource_id})
c.pkg_id = id
except NotAuthorized:
abort(401, _('Unauthorized to delete resource %s') % '')
except NotFound:
abort(404, _('Resource not found'))
return render('package/confirm_delete_resource.html',
{'dataset_type': self._get_package_type(id)})
def reset_config(self):
'''FIXME: This method is probably not doing what people would expect.
It will reset the configuration to values cached when CKAN started.
If these were coming from the database during startup, that's the
ones that will get applied on reset, not the ones in the ini file.
Only after restarting the server and having CKAN reset the values
from the ini file (as the db ones are not there anymore) will these
be used.
'''
if 'cancel' in request.params:
h.redirect_to(controller='admin', action='config')
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
# remove sys info items
for item in self._get_config_form_items():
name = item['name']
model.delete_system_info(name)
# reset to values in config
app_globals.reset()
h.redirect_to(controller='admin', action='config')
return base.render('admin/confirm_reset.html')
def reset_config(self):
'''FIXME: This method is probably not doing what people would expect.
It will reset the configuration to values cached when CKAN started.
If these were coming from the database during startup, that's the
ones that will get applied on reset, not the ones in the ini file.
Only after restarting the server and having CKAN reset the values
from the ini file (as the db ones are not there anymore) will these
be used.
'''
if 'cancel' in request.params:
h.redirect_to(controller='admin', action='config')
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
# remove sys info items
for item in self._get_config_form_items():
name = item['name']
model.delete_system_info(name)
# reset to values in config
app_globals.reset()
h.redirect_to(controller='admin', action='config')
return base.render('admin/confirm_reset.html')
def new(self, data=None, errors=None, error_summary=None):
if data and 'type' in data:
group_type = data['type']
else:
group_type = self._guess_group_type(True)
if data:
data['type'] = group_type
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author,
'save': 'save' in request.params,
'parent': request.params.get('parent', None)
}
try:
self._check_access('group_create', context)
except NotAuthorized:
abort(401, _('Unauthorized to create a group'))
if context['save'] and not data:
#check against csrf attacks
custom_base.csrf_check(self)
return self._save_new(context, group_type)
data = data or {}
if not data.get('image_url', '').startswith('http'):
data.pop('image_url', None)
errors = errors or {}
error_summary = error_summary or {}
vars = {
'data': data,
'errors': errors,
'error_summary': error_summary,
'action': 'new',
'group_type': group_type
}
self._setup_template_variables(context, data, group_type=group_type)
c.form = render(self._group_form(group_type=group_type),
extra_vars=vars)
return render(self._new_template(group_type),
extra_vars={'group_type': group_type})
def delete(self, id):
'''Delete user with id passed as parameter'''
context = {
'model': model,
'session': model.Session,
'user': c.user,
'auth_user_obj': c.userobj
}
data_dict = {'id': id}
try:
#check against csrf attacks
custom_base.csrf_check(self)
get_action('user_delete')(context, data_dict)
user_index = h.url_for(controller='user', action='index')
h.redirect_to(user_index)
except NotAuthorized:
msg = _('Unauthorized to delete user with id "{user_id}".')
abort(401, msg.format(user_id=id))
def delete(self, id):
if 'cancel' in request.params:
h.redirect_to(controller='package', action='edit', id=id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
try:
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
get_action('package_delete')(context, {'id': id})
h.flash_notice(_('Dataset has been deleted.'))
h.redirect_to(controller='package', action='search')
c.pkg_dict = get_action('package_show')(context, {'id': id})
dataset_type = c.pkg_dict['type'] or 'dataset'
except NotAuthorized:
abort(401, _('Unauthorized to delete package %s') % '')
except NotFound:
abort(404, _('Dataset not found'))
return render('package/confirm_delete.html',
extra_vars={'dataset_type': dataset_type})
def delete(self, id):
if 'cancel' in request.params:
h.redirect_to(controller='package', action='edit', id=id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
try:
if request.method == 'POST':
# check against csrf attacks
custom_base.csrf_check(self)
get_action('package_delete')(context, {'id': id})
h.flash_notice(_('Dataset has been deleted.'))
h.redirect_to(controller='package', action='search')
c.pkg_dict = get_action('package_show')(context, {'id': id})
dataset_type = c.pkg_dict['type'] or 'dataset'
except NotAuthorized:
abort(401, _('Unauthorized to delete package %s') % '')
except NotFound:
abort(404, _('Dataset not found'))
return render('package/confirm_delete.html',
extra_vars={'dataset_type': dataset_type})
def new(self, data=None, errors=None, error_summary=None):
if data and 'type' in data:
group_type = data['type']
else:
group_type = self._guess_group_type(True)
if data:
data['type'] = group_type
context = {'model': model, 'session': model.Session,
'user': c.user or c.author,
'save': 'save' in request.params,
'parent': request.params.get('parent', None)}
try:
self._check_access('group_create', context)
except NotAuthorized:
abort(401, _('Unauthorized to create a group'))
if context['save'] and not data:
#check against csrf attacks
custom_base.csrf_check(self)
return self._save_new(context, group_type)
data = data or {}
if not data.get('image_url', '').startswith('http'):
data.pop('image_url', None)
errors = errors or {}
error_summary = error_summary or {}
vars = {'data': data, 'errors': errors,
'error_summary': error_summary, 'action': 'new',
'group_type': group_type}
self._setup_template_variables(context, data, group_type=group_type)
c.form = render(self._group_form(group_type=group_type),
extra_vars=vars)
return render(self._new_template(group_type),
extra_vars={'group_type': group_type})
def delete(self, id):
group_type = self._ensure_controller_matches_group_type(id)
if 'cancel' in request.params:
self._redirect_to_this_controller(action='edit', id=id)
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author
}
try:
self._check_access('group_delete', context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to delete group %s') % '')
try:
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
self._action('group_delete')(context, {'id': id})
if group_type == 'organization':
h.flash_notice(_('Organization has been deleted.'))
elif group_type == 'group':
h.flash_notice(_('Group has been deleted.'))
else:
h.flash_notice(
_('%s has been deleted.') % _(group_type.capitalize()))
self._redirect_to_this_controller(action='index')
c.group_dict = self._action('group_show')(context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to delete group %s') % '')
except NotFound:
abort(404, _('Group not found'))
return self._render_template('group/confirm_delete.html', group_type)
url = url.split(config.get('ckan.upload_file_url'))
c.resource['url'] = url[1]
except NotFound:
abort(404, _('Resource not found'))
except NotAuthorized:
abort(401, _('Unauthorized to read resource %s') % id)
data = {}
errors = {}
error_summary = {}
view_type = None
to_preview = False
if request.method == 'POST':
#check against csrf attacks
custom_base.csrf_check(self)
request.POST.pop('save', None)
to_preview = request.POST.pop('preview', False)
if to_preview:
context['preview'] = True
to_delete = request.POST.pop('delete', None)
data = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.params, ignore_keys=CACHE_PARAMETERS))))
data['resource_id'] = resource_id
try:
if to_delete:
data['id'] = view_id
get_action('resource_view_delete')(context, data)
elif view_id:
data['id'] = view_id
def edit(self, id, data=None, errors=None, error_summary=None):
custom_base.g_analitics()
package_type = self._get_package_type(id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj,
'save': 'save' in request.params}
if context['save'] and not data:
#check against csrf attacks
custom_base.csrf_check(self)
return self._save_edit(id, context, package_type=package_type)
try:
c.pkg_dict = get_action('package_show')(context, {'id': id})
context['for_edit'] = True
old_data = get_action('package_show')(context, {'id': id})
# old data is from the database and data is passed from the
# user if there is a validation error. Use users data if there.
if data:
old_data.update(data)
data = old_data
except NotAuthorized:
abort(401, _('Unauthorized to read package %s') % '')
except NotFound:
abort(404, _('Dataset not found'))
# are we doing a multiphase add?
if data.get('state', '').startswith('draft'):
c.form_action = h.url_for(controller='package', action='new')
c.form_style = 'new'
return self.new(data=data, errors=errors,
error_summary=error_summary)
c.pkg = context.get("package")
c.resources_json = h.json.dumps(data.get('resources', []))
try:
check_access('package_update', context)
except NotAuthorized:
abort(401, _('User %r not authorized to edit %s') % (c.user, id))
# convert tags if not supplied in data
if data and not data.get('tag_string'):
data['tag_string'] = ', '.join(h.dict_list_reduce(
c.pkg_dict.get('tags', {}), 'name'))
errors = errors or {}
form_snippet = self._package_form(package_type=package_type)
form_vars = {'data': data, 'errors': errors,
'error_summary': error_summary, 'action': 'edit',
'dataset_type': package_type,
}
c.errors_json = h.json.dumps(errors)
self._setup_template_variables(context, {'id': id},
package_type=package_type)
#deprecated
#c.related_count = c.pkg.related_count
# we have already completed stage 1
form_vars['stage'] = ['active']
if data.get('state', '').startswith('draft'):
form_vars['stage'] = ['active', 'complete']
edit_template = self._edit_template(package_type)
#c.form = ckan.lib.render.deprecated_lazy_render(
# edit_template,
# form_snippet,
# lambda: render(form_snippet, extra_vars=form_vars),
# 'use of c.form is deprecated. please see '
# 'ckan/templates/package/edit.html for an example '
# 'of the new way to include the form snippet'
# )
return render(edit_template,
extra_vars={'form_vars': form_vars,
'form_snippet': form_snippet,
'dataset_type': package_type})
def new_resource(self, id, data=None, errors=None, error_summary=None):
# custom_base.g_analitics()
''' FIXME: This is a temporary action to allow styling of the
forms. '''
if request.method == 'POST' and not data:
# check against csrf attacks
custom_base.csrf_check(self)
save_action = request.params.get('save')
data = data or \
clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.POST))))
# we don't want to include save as it is part of the form
del data['save']
resource_id = data['id']
del data['id']
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
# see if we have any data that we are trying to save
data_provided = False
for key, value in data.iteritems():
if ((value or isinstance(value, cgi.FieldStorage))
and key not in (
'resource_type', 'spatial_coverage', 'geodetic', 'Language', 'reference_number', 'demarcation',
'_authentication_token', 'is_geographic')):
data_provided = True
break
if not data_provided and save_action != "go-dataset-complete":
if save_action == 'go-dataset':
# go to final stage of adddataset
h.redirect_to(controller='package', action='edit', id=id)
# see if we have added any resources
try:
data_dict = get_action('package_show')(context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to update dataset'))
except NotFound:
abort(404, _('The dataset {id} could not be found.'
).format(id=id))
# if not len(data_dict['resources']):
# # no data so keep on page
# msg = _('You must add at least one data resource')
# # On new templates do not use flash message
# if g.legacy_templates:
# h.flash_error(msg)
# h.redirect_to(controller='package',
# action='new_resource', id=id)
# else:
# errors = {}
# error_summary = {_('Error'): msg}
# return self.new_resource(id, data, errors,
# error_summary)
# XXX race condition if another user edits/deletes
data_dict = get_action('package_show')(context, {'id': id})
get_action('package_update')(
dict(context, allow_state_change=True),
dict(data_dict, state='active'))
analytics_helpers.update_analytics_code_by_organization(data_dict['organization']['id'])
h.redirect_to(controller='package', action='read', id=id)
data['package_id'] = id
try:
if resource_id:
data['id'] = resource_id
get_action('resource_update')(context, data)
else:
get_action('resource_create')(context, data)
except ValidationError, e:
errors = e.error_dict
error_summary = e.error_summary
return self.new_resource(id, data, errors, error_summary)
except NotAuthorized:
abort(401, _('Unauthorized to create a resource'))
def edit(self, id, data=None, errors=None, error_summary=None):
# custom_base.g_analitics()
package_type = self._get_package_type(id)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj,
'save': 'save' in request.params}
if context['save'] and not data:
# check against csrf attacks
custom_base.csrf_check(self)
return self._save_edit(id, context, package_type=package_type)
try:
c.pkg_dict = get_action('package_show')(context, {'id': id})
context['for_edit'] = True
old_data = get_action('package_show')(context, {'id': id})
# old data is from the database and data is passed from the
# user if there is a validation error. Use users data if there.
if data:
old_data.update(data)
data = old_data
except NotAuthorized:
abort(401, _('Unauthorized to read package %s') % '')
except NotFound:
abort(404, _('Dataset not found'))
analytics_helpers.update_analytics_code_by_organization(c.pkg_dict['organization']['id'])
# are we doing a multiphase add?
if data.get('state', '').startswith('draft'):
c.form_action = h.url_for(controller='package', action='new')
c.form_style = 'new'
return self.new(data=data, errors=errors,
error_summary=error_summary)
c.pkg = context.get("package")
c.resources_json = h.json.dumps(data.get('resources', []))
try:
check_access('package_update', context)
except NotAuthorized:
abort(401, _('User %r not authorized to edit %s') % (c.user, id))
# convert tags if not supplied in data
if data and not data.get('tag_string'):
data['tag_string'] = ', '.join(h.dict_list_reduce(
c.pkg_dict.get('tags', {}), 'name'))
errors = errors or {}
form_snippet = self._package_form(package_type=package_type)
form_vars = {'data': data, 'errors': errors,
'error_summary': error_summary, 'action': 'edit',
'dataset_type': package_type,
}
c.errors_json = h.json.dumps(errors)
self._setup_template_variables(context, {'id': id},
package_type=package_type)
# deprecated
# c.related_count = c.pkg.related_count
# we have already completed stage 1
form_vars['stage'] = ['active']
if data.get('state', '').startswith('draft'):
form_vars['stage'] = ['active', 'complete']
edit_template = self._edit_template(package_type)
# c.form = ckan.lib.render.deprecated_lazy_render(
# edit_template,
# form_snippet,
# lambda: render(form_snippet, extra_vars=form_vars),
# 'use of c.form is deprecated. please see '
# 'ckan/templates/package/edit.html for an example '
# 'of the new way to include the form snippet'
# )
return render(edit_template,
extra_vars={'form_vars': form_vars,
'form_snippet': form_snippet,
'dataset_type': package_type})
def new_resource(self, id, data=None, errors=None, error_summary=None):
custom_base.g_analitics()
''' FIXME: This is a temporary action to allow styling of the
forms. '''
if request.method == 'POST' and not data:
#check against csrf attacks
custom_base.csrf_check(self)
save_action = request.params.get('save')
data = data or \
clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.POST))))
# we don't want to include save as it is part of the form
del data['save']
resource_id = data['id']
del data['id']
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj}
# see if we have any data that we are trying to save
data_provided = False
for key, value in data.iteritems():
if ((value or isinstance(value, cgi.FieldStorage))
and key != 'resource_type'):
data_provided = True
break
if not data_provided and save_action != "go-dataset-complete":
if save_action == 'go-dataset':
# go to final stage of adddataset
h.redirect_to(controller='package', action='edit', id=id)
# see if we have added any resources
try:
data_dict = get_action('package_show')(context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to update dataset'))
except NotFound:
abort(404, _('The dataset {id} could not be found.'
).format(id=id))
if not len(data_dict['resources']):
# no data so keep on page
msg = _('You must add at least one data resource')
# On new templates do not use flash message
if g.legacy_templates:
h.flash_error(msg)
h.redirect_to(controller='package',
action='new_resource', id=id)
else:
errors = {}
error_summary = {_('Error'): msg}
return self.new_resource(id, data, errors,
error_summary)
# XXX race condition if another user edits/deletes
data_dict = get_action('package_show')(context, {'id': id})
get_action('package_update')(
dict(context, allow_state_change=True),
dict(data_dict, state='active'))
h.redirect_to(controller='package', action='read', id=id)
data['package_id'] = id
try:
if resource_id:
data['id'] = resource_id
get_action('resource_update')(context, data)
else:
get_action('resource_create')(context, data)
except ValidationError, e:
errors = e.error_dict
error_summary = e.error_summary
return self.new_resource(id, data, errors, error_summary)
except NotAuthorized:
abort(401, _('Unauthorized to create a resource'))
def new(self, data=None, errors=None, error_summary=None):
if data and 'type' in data:
package_type = data['type']
else:
package_type = self._guess_package_type(True)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj,
'save': 'save' in request.params}
# Package needs to have a organization group in the call to
# check_access and also to save it
try:
check_access('package_create', context)
except NotAuthorized:
abort(401, _('Unauthorized to create a package'))
if context['save'] and not data:
# check against csrf attacks
custom_base.csrf_check(self)
return self._save_new(context, package_type=package_type)
data = data or clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.params, ignore_keys=CACHE_PARAMETERS))))
c.resources_json = h.json.dumps(data.get('resources', []))
# convert tags if not supplied in data
if data and not data.get('tag_string'):
data['tag_string'] = ', '.join(
h.dict_list_reduce(data.get('tags', {}), 'name'))
errors = errors or {}
error_summary = error_summary or {}
# in the phased add dataset we need to know that
# we have already completed stage 1
stage = ['active']
if data.get('state', '').startswith('draft'):
stage = ['active', 'complete']
# if we are creating from a group then this allows the group to be
# set automatically
data['group_id'] = request.params.get('group') or \
request.params.get('groups__0__id')
form_snippet = self._package_form(package_type=package_type)
form_vars = {'data': data, 'errors': errors,
'error_summary': error_summary,
'action': 'new', 'stage': stage,
'dataset_type': package_type,
}
c.errors_json = h.json.dumps(errors)
self._setup_template_variables(context, {},
package_type=package_type)
new_template = self._new_template(package_type)
# c.form = ckan.lib.render.deprecated_lazy_render(
# new_template,
# form_snippet,
# lambda: render(form_snippet, extra_vars=form_vars),
# 'use of c.form is deprecated. please see '
# 'ckan/templates/package/base_form_page.html for an example '
# 'of the new way to include the form snippet'
# )
return render(new_template,
extra_vars={'form_vars': form_vars,
'form_snippet': form_snippet,
'dataset_type': package_type})
url = url.split(config.get('ckan.upload_file_url'))
c.resource['url'] = url[1]
except NotFound:
abort(404, _('Resource not found'))
except NotAuthorized:
abort(401, _('Unauthorized to read resource %s') % id)
data = {}
errors = {}
error_summary = {}
view_type = None
to_preview = False
if request.method == 'POST':
# check against csrf attacks
custom_base.csrf_check(self)
request.POST.pop('save', None)
to_preview = request.POST.pop('preview', False)
if to_preview:
context['preview'] = True
to_delete = request.POST.pop('delete', None)
data = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.params, ignore_keys=CACHE_PARAMETERS))))
data['resource_id'] = resource_id
try:
if to_delete:
data['id'] = view_id
get_action('resource_view_delete')(context, data)
elif view_id:
data['id'] = view_id
def edit(self, id=None, data=None, errors=None, error_summary=None):
context = {
'save': 'save' in request.params,
'schema': self._edit_form_to_db_schema(),
'model': model,
'session': model.Session,
'user': c.user,
'auth_user_obj': c.userobj
}
if id is None:
if c.userobj:
id = c.userobj.id
else:
abort(400, _('No user specified'))
data_dict = {'id': id}
try:
check_access('user_update', context, data_dict)
except NotAuthorized:
abort(401, _('Unauthorized to edit a user.'))
if (context['save']) and not data:
#check against csrf attacks
custom_base.csrf_check(self)
return self._save_edit(id, context)
try:
old_data = get_action('user_show')(context, data_dict)
schema = self._db_to_edit_form_schema()
if schema:
old_data, errors = \
dictization_functions.validate(old_data, schema, context)
c.display_name = old_data.get('display_name')
c.user_name = old_data.get('name')
data = data or old_data
except NotAuthorized:
abort(401, _('Unauthorized to edit user %s') % '')
except NotFound:
abort(404, _('User not found'))
user_obj = context.get('user_obj')
if not (authz.is_sysadmin(c.user) or c.user == user_obj.name):
abort(401,
_('User %s not authorized to edit %s') % (str(c.user), id))
errors = errors or {}
vars = {'data': data, 'errors': errors, 'error_summary': error_summary}
self._setup_template_variables(
{
'model': model,
'session': model.Session,
'user': c.user or c.author
}, data_dict)
c.is_myself = True
c.show_email_notifications = h.asbool(
config.get('ckan.activity_streams_email_notifications'))
c.form = render(self.edit_user_form, extra_vars=vars)
return render('user/edit.html')
def new(self, data=None, errors=None, error_summary=None):
if data and 'type' in data:
package_type = data['type']
else:
package_type = self._guess_package_type(True)
context = {'model': model, 'session': model.Session,
'user': c.user or c.author, 'auth_user_obj': c.userobj,
'save': 'save' in request.params}
# Package needs to have a organization group in the call to
# check_access and also to save it
try:
check_access('package_create', context)
except NotAuthorized:
abort(401, _('Unauthorized to create a package'))
if context['save'] and not data:
#check against csrf attacks
custom_base.csrf_check(self)
return self._save_new(context, package_type=package_type)
data = data or clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(
request.params, ignore_keys=CACHE_PARAMETERS))))
c.resources_json = h.json.dumps(data.get('resources', []))
# convert tags if not supplied in data
if data and not data.get('tag_string'):
data['tag_string'] = ', '.join(
h.dict_list_reduce(data.get('tags', {}), 'name'))
errors = errors or {}
error_summary = error_summary or {}
# in the phased add dataset we need to know that
# we have already completed stage 1
stage = ['active']
if data.get('state', '').startswith('draft'):
stage = ['active', 'complete']
# if we are creating from a group then this allows the group to be
# set automatically
data['group_id'] = request.params.get('group') or \
request.params.get('groups__0__id')
form_snippet = self._package_form(package_type=package_type)
form_vars = {'data': data, 'errors': errors,
'error_summary': error_summary,
'action': 'new', 'stage': stage,
'dataset_type': package_type,
}
c.errors_json = h.json.dumps(errors)
self._setup_template_variables(context, {},
package_type=package_type)
new_template = self._new_template(package_type)
#c.form = ckan.lib.render.deprecated_lazy_render(
# new_template,
# form_snippet,
# lambda: render(form_snippet, extra_vars=form_vars),
# 'use of c.form is deprecated. please see '
# 'ckan/templates/package/base_form_page.html for an example '
# 'of the new way to include the form snippet'
# )
return render(new_template,
extra_vars={'form_vars': form_vars,
'form_snippet': form_snippet,
'dataset_type': package_type})