def view(request, nidb64): try: node = Node(nidb64, user=request.user) except ObjectDoesNotExist: from django.http import Http404 raise Http404 if request.method == 'POST': return post(request, node) elif request.method == 'PUT': return put(request, node) elif request.method == 'DELETE': return delete(request, node) elif request.method != 'GET': return not_allowed(request, ['GET', 'POST', 'PUT', 'DELETE']) if not node.can_view(): if not request.user.is_authenticated(): from django.contrib.auth.views import redirect_to_login return redirect_to_login(request.path) else: raise PermissionDenied if request.is_ajax(): return get(request, node) else: params = { 'node': node } if node.is_folder(): return render(request, 'docs/folder.html', params) else: return render(request, 'docs/file.html', params)
def main(request): if not request.user.profile.is_sitcon_staff: return redirect('index') from docs.models import Folder node = Node(nodeobj=Folder.objects.get(id=0)) return redirect('docs:view', node.nid())
def render(request, identifier): try: node = Node(identifier, user=request.user) except ObjectDoesNotExist: node = None if not node or not node.is_file(): try: permalink = Permalink.objects.get(name=identifier) except Permalink.DoesNotExist: permalink = None if not permalink or (permalink.valid_since and permalink.valid_since > now()): from django.http import Http404 raise Http404 node = Node(nodeobj=permalink.file, user=request.user) rev = permalink.revision if permalink.revision else permalink.file.current_revision else: rev = node.model.current_revision if not node.can_view(): if request.user.is_authenticated(): from django.core.exceptions import PermissionDenied raise PermissionDenied else: from django.contrib.auth.views import redirect_to_login return redirect_to_login(request.path) text = rev.text if text.format == BlobText.MARKDOWN: from core.formatting import render_document rendered_text = render_document(text.text) elif text.format == BlobText.HTML: rendered_text = text else: # text.format == BlobText.TEXT: rendered_text = r'<blockquote>%s</blockquote>' % text.text return render_request(request, 'docs/render.html', { 'node': node, 'text': rendered_text, })
def main(request): from docs.models import Folder node = Node(nodeobj=Folder.objects.get(id=0)) return redirect('docs:view', node.nid())
def put(request, node): PUT = parse_json(request) if not PUT: return bad_request(request, {'error': 'invalid_json'}) f = node.model if 'star' in PUT: if not node.can_view(): raise PermissionDenied if not request.user.is_authenticated(): return bad_request(request, {'error': 'login_required'}) f.starring.add(request.user) elif 'unstar' in PUT: if not node.can_view(): raise PermissionDenied if not request.user.is_authenticated(): return bad_request(request, {'error': 'login_required'}) f.starring.remove(request.user) elif 'rename' in PUT: if not node.can_edit(): raise PermissionDenied name = PUT.get('name') if not name: return bad_request(request, {'error': 'invalid_name'}) f.name = name f.save() elif 'move' in PUT: if not node.can_edit(): raise PermissionDenied try: parent = Node(PUT.get('at')) except ObjectDoesNotExist: return bad_request(request, {'error': 'invalid_node'}) if not parent.is_folder(): return bad_request(request, {'error': 'node_is_not_a_folder'}) elif not parent.can_edit(): raise PermissionDenied elif parent.is_archived(): return bad_request(request, {'error': 'node_archived'}) f.parent = parent f.save() elif 'archive' in PUT: if not request.user.has_perm('docs.archive'): raise PermissionDenied f.is_archived = True f.save() elif 'unarchive' in PUT: if not request.user.has_perm('docs.archive'): raise PermissionDenied f.is_archived = False f.save() elif 'permissions' in PUT: if node.can_edit(): raise PermissionDenied if not request.user.is_authenticated(): return bad_request(request, {'error': 'login_required'}) try: effects = dict((y, x) for x, y in Permission.EFFECT_ENUMERATION) kinds = dict((y, x) for x, y in Permission.TYPE_ENUMERATION) scopes = dict((y, x) for x, y in Permission.SCOPE_ENUMERATION) perms = [] for obj in PUT.get('permissions'): p = Permission() p.effect = effects[obj['effect']] p.type = kinds[obj['type']] if 'group' in obj: p.scope = Permission.PER_GROUP p.target = obj['group'] elif 'user' in obj: p.scope = Permission.PER_USER p.target = obj['user'] else: p.scope = scopes[obj['scope']] perms.append(p) f.permissions.clear() f.permissions.bulk_create(perms) except TypeError: return bad_request(request, {'error': 'invalid_permissions'}) except (KeyError, ValueError): return bad_request(request, {'error': 'invalid_entry'}) return render_json(request, {'status': 'success'})
def create(request): if request.method == 'POST': kind = request.POST.get('type') name = request.POST.get('name') at = request.POST.get('at') if not (kind and name and at): return bad_request(request, {'error': 'invalid_args'}) try: parent = Node(at, user=request.user) except ObjectDoesNotExist: return bad_request(request, {'error': 'invalid_node'}) if not parent.is_folder(): return bad_request(request, {'error': 'node_is_not_a_folder'}) if not parent.can_edit(): from django.core.exceptions import PermissionDenied raise PermissionDenied # Warning: removed creation restrictions on <ALLOW * EDIT> folder. Careful. if parent.is_archived(): return bad_request(request, {'error': 'node_archived'}) if kind == 'file': r = create_revision(request) if not r: return bad_request(request, {'error': 'content_required'}) f = File() f.current_revision = r elif kind == 'folder': f = Folder() else: return bad_request(request, {'error': 'invalid_type'}) f.parent = parent.model f.name = name f.save() node = Node(nodeobj=f, user=request.user) if request.is_ajax(): result = { 'status': 'success', 'nid': node.nid(), 'timestamp': f.last_modified, } if node.is_file(): result['revision'] = r.id return render(request, result) else: return redirect('docs:view', node.nid()) elif request.is_ajax(): return not_allowed(request, ['POST']) else: try: parent = Node(request.GET.get('at'), user=request.user) except (TypeError, ObjectDoesNotExist): parent = None if not parent or not parent.is_folder(): return redirect('docs:main') if not parent.can_edit(): if not request.user.is_authenticated(): from django.contrib.auth.views import redirect_to_login return redirect_to_login(request.path) else: from django.core.exceptions import PermissionDenied raise PermissionDenied return render(request, 'docs/create.html', {'parent': parent})
def main(request): from docs.models import Folder node = Node(nodeobj=Folder.objects.get(id=1)) return redirect('docs:view', node.nid())