def GET(self):
recipe = None
if len(self.request.id) == 10:
recipe = rm.Recipe.find(self.request.id)
elif len(self.request.id) == 36:
recipe = rm.Recipe(self.request.id)
if recipe is None:
return NotFound()
if recipe.user.id != self.session.id:
return Unauthorized()
if not recipe.public:
if not self.session.id or self.session.id != recipe.user:
self.session.push_alert(
"That recipe is not public and you do not have the rights to access it.",
level="error")
return Unauthorized()
if recipe.deleted:
return NotFound()
return recipe
def POST(self):
title = self.request.get_param("title")
contents = self.request.get_param("contents")
public = self.request.get_param("public", False)
draft = self.request.get_param("draft", False)
toc = self.request.get_param("toc", False)
comments = self.request.get_param("comments", False)
tags = self.request.get_param("tags")
theme = self.request.get_param("theme", "default")
tag = []
if tags:
tag = [
bit.lstrip().rstrip().replace(" ", "_").lower()
for bit in tags.split(",")
]
f = r.table(nm.Note.table)\
.filter({"short_code": self.request.id})\
.coerce_to("array")\
.run()
if f:
note = nm.Note(f[0]["id"])
if note.author.id != self.session.id:
self.session.push_alert(
"You don't own that note, you can't edit it!",
level="danger")
return Unauthorized()
if not "notes" in self.session.groups and note.disable:
return NotFound()
if note.reported:
self.view.template = "public/notes/reported"
return self.view
note.title = title
note.contents = contents
note.public = public
note.tags = tag
note.table_of_contents = toc
note.draft = draft
note.has_comments = comments
note.theme = theme
note.save()
searcher = NoteSearcher()
searcher.update(note)
searcher.save()
return Redirect("/notes/%s" % note.short_code)
else:
return NotFound()
def POST(self):
if not self.session.has_group("phots"):
return Unauthorized()
new_name = self.request.get_param("name")
tags = self.request.get_param("tags")
if tags:
tag = tags.split(",")
else:
tag = []
phot = self.request.id
if len(phot.rsplit(".")) == 1:
f = r.table(pm.Phot.table).filter({"short_code": phot})\
.coerce_to("array").run()
else:
f = r.table(pm.Phot.table).filter({"filename": phot})\
.coerce_to("array").run()
if f:
photo = pm.Phot(**f[0])
photo.title = new_name
photo.tags = tag
photo.save()
searcher = PhotSearcher()
searcher.update(photo)
searcher.save()
return Redirect("/phots/" + photo.short_code)
else:
return NotFound()
def GET(self):
self.view.partial("sidebar", "partials/admin/sidebar",
{"command": "users"})
try:
user = um.User(self.request.id)
except NotFoundError:
return NotFound()
self.view.title = user.username
deleted = self.request.get_param("d", False)
reported = self.request.get_param("r", False)
parts = {"user": user.id}
if deleted:
parts["deleted"] = True
if reported:
parts["reported"] = True
query = r.table(rm.Recipe.table).filter(parts)
res = RethinkCollection(rm.Recipe, query=query)
page = Paginate(res,
self.request,
"title",
sort_direction_default="desc")
return {"recipes": page, "user": user, "command": "recipes"}
def POST(self):
f = r.table(nm.Note.table)\
.filter({"short_code": self.request.id})\
.coerce_to("array")\
.run()
if f:
note = nm.Note(**f[0])
if not self.session.has_group("admin")\
or note.author.id != self.session.id:
self.session.push_alert(
"You don't own that note, you can't delete it!",
level="error")
return Unauthorized()
note.disable = True
note.save()
searcher = NoteSearcher()
searcher.update(note)
searcher.save()
return {"success": True}
else:
return NotFound()
def GET(self):
self.view.partial("sidebar", "partials/admin/sidebar",
{"command": "users"})
try:
user = um.User(self.request.id)
except NotFoundError:
return NotFound()
self.view.title = user.username
disabled = self.request.get_param("q")
hidden_ids = r.table(pm.Phot.table).filter({
"user": user.id
}).filter(r.row["disable"].eq(True)).concat_map(
lambda doc: [doc["id"]]).coerce_to("array").run()
if disabled == "enabled":
query = r.table(pm.Phot.table).filter({
"user": user.id
}).filter(lambda doc: ~r.expr(hidden_ids).contains(doc["id"]))
else:
query = r.table(pm.Phot.table).filter({
"user": user.id
}).filter(lambda doc: r.expr(hidden_ids).contains(doc["id"]))
res = RethinkCollection(pm.Phot, query=query)
page = Paginate(res, self.request, "created")
self.view.data = {"page": page, "user": user, "command": "phots"}
return self.view
def GET(self):
self.view.partial("sidebar", "partials/admin/sidebar", {"command": "users"})
try:
user = um.User(self.request.id)
except NotFoundError:
return NotFound()
self.view.title = user.username
t = self.request.get_param("filter", "to")
if t == "cc":
row_filt = "cc_addresses"
elif t == "bcc":
row_filt = "bcc_addresses"
else:
row_filt = "to_addresses"
parts = r.table(em.Email.table).filter(lambda row: row[row_filt].contains(user.id))
result = RethinkCollection(em.Email, query=parts)
page = Paginate(result, self.request, "created", sort_direction_default="asc")
self.view.data = {"page": page,
"user": user,
"command": "emails"}
return self.view
def POST(self):
if len(self.request.id) == 10:
recipe = rm.Recipe.find(self.request.id)
elif len(self.request.id) == 36:
recipe = rm.Recipe(self.request.id)
else:
recipe = None
if recipe is None or recipe.deleted:
return NotFound()
if recipe.user.id != self.session.id:
if not recipe.public:
return Unauthorized()
recipe.title = self.request.get_param("title")
recipe.tags = self.request.get_param("tags")
recipe.public = self.request.get_param("public", False)
recipe.country = self.request.get_param("country")
recipe.description = self.request.get_param("description")
recipe.ingredients = self.request.get_param("ingredients")
recipe.steps = self.request.get_param("steps")
recipe.save()
searcher = rs.RecipeSearcher()
searcher.update(recipe)
searcher.save()
return Redirect("/recipes/{}".format(recipe.short_code))
def DELETE(self):
if len(self.request.id) == 10:
recipe = rm.Recipe.find(self.request.id)
elif len(self.request.id) == 36:
recipe = rm.Recipe(self.request.id)
else:
recipe = None
if recipe is None or recipe.deleted:
return NotFound()
if recipe.user.id != self.session.id:
return Unauthorized()
recipe.deleted = True
recipe.save()
searcher = rs.RecipeSearcher()
searcher.update(recipe)
searcher.save()
return {"success": True}
def GET(self):
f = r.table(nm.Note.table)\
.filter({"short_code": self.request.id})\
.coerce_to('array')\
.run()
if f:
note = nm.Note(**f[0])
if not note.public:
if not self.session.id or\
self.session.id!=note.user.id or\
not self.session.has_group("notes"):
self.session.push_alert(
"That note is not public and you do not have the rights to access it.",
level="error")
return Unauthorized()
if not self.session.has_group("notes") and note.disable:
return NotFound()
if note.reported:
self.view.template = "public/notes/reported"
return self.view
if note.draft:
self.view.skeleton = "skeletons/header"
self.view.data = {
"header":
"""
<span style="text-align: center">
<h1 style="font-weight: 700">DRAFT</h1>
</span>
"""
}
self.view.data = {
"note": note,
}
return self.view
else:
return NotFound()
def GET(self):
phot = self.request.id
# check if its a short code by looking for an extension
# otherwise we assume it's a filename
if len(phot.rsplit(".")) == 1:
f = r.table(pm.Phot.table).filter({"short_code": phot})\
.coerce_to("array").run()
else:
f = r.table(pm.Phot.table).filter({"filename": phot})\
.coerce_to("array").run()
if not f:
return NotFound()
if "disable" in f[0] and f[0]["disable"] and \
not self.session.has_group("phots"):
return NotFound()
photo = pm.Phot(**f[0])
return photo
def GET(self):
f = r.table(nm.Note.table)\
.filter({"short_code": self.request.id})\
.coerce_to('array').run()
if f:
note = nm.Note(**f[0])
if not note.public:
if not self.session.id or \
self.session.id!=note.user or \
not self.session.has_group("notes"):
self.session.push_alert(
"That note is not public and you do not have the rights to access it.",
level="error")
return Unauthorized()
if not self.session.has_group("notes") and note.disable:
return NotFound()
return note
else:
return NotFound()
def GET(self):
phot = self.request.id
# check if its a short code by looking for an extension
# otherwise we assume it's a filename
# TODO: This could probably be just one but I'm too lazy to try
if len(phot.rsplit(".")) == 1:
f = r.table(pm.Phot.table).filter({"short_code": phot})\
.coerce_to("array").run()
else:
f = r.table(pm.Phot.table).filter({"filename": phot})\
.coerce_to("array").run()
if not f:
return NotFound()
if "disable" in f[0] and f[0]["disable"] and \
not self.session.has_group("phots"):
return NotFound()
photo = pm.Phot(f[0]["id"])
return {"phot": photo}
def GET(self):
self.view.partial("sidebar", "partials/admin/sidebar",
{"command": "users"})
try:
user = um.User(self.request.id)
except NotFoundError:
return NotFound()
print self.request.url_params
self.view.title = user.username
self.view.data = {"user": user, "command": ""}
return self.view
def POST(self):
current_path = ''.join([c.dirs.screenshots, self.request.id])
f = []
for top, folders, files in os.walk(c.dirs.screenshots):
f.extend(files)
break
if self.request.id in f:
os.remove(current_path)
self.session.push_alert("Deleting screenshot...")
return {"success": True}
else:
return NotFound()
def GET(self):
self.view.partial("sidebar", "partials/admin/sidebar",
{"command": "users"})
try:
user = um.User(self.request.id)
except NotFoundError:
return NotFound()
self.view.title = user.username
# I should figure out a way to do this filter stuff a little easier... hmm
filter_parts = {"user": user.id}
public = self.request.get_param("public")
draft = self.request.get_param("draft")
disabled = self.request.get_param("disable")
reported = self.request.get_param("reported", False)
sort_by = self.request.get_param("sort_by", "created")
if not sort_by in [
"created", "title", "public", "reported", "draft", "disable",
"author.id"
]:
sort_by = "created"
# should this be something I try to start doing? :/
self.session.push_alert(
"Couldn't figure out what to sort by, as a result of an invalid value for sort_by.",
level="error")
if public:
filter_parts["public"] = False if public == "private" else True
if draft:
filter_parts["draft"] = False if draft == "published" else True
if disabled:
filter_parts["disable"] = False if disabled == "enabled" else True
filter_parts["reported"] = reported
q = r.table(nm.Note.table).filter(filter_parts)
res = RethinkCollection(nm.Note, query=q)
page = Paginate(res, self.request, sort_by)
self.view.data = {"note_page": page, "user": user, "command": "notes"}
return self.view
def GET(self):
if len(self.request.id) == 10:
recipe = rm.Recipe.find(self.request.id)
elif len(self.request.id) == 36:
recipe = rm.Recipe(self.request.id)
else:
recipe = None
if recipe is None or recipe.deleted:
return NotFound()
if recipe.user.id != self.session.id:
if not recipe.public:
return Unauthorized()
self.view.title = recipe.title
return {"recipe": recipe}
def POST(self):
try:
user = um.User(self.request.id)
except NotFoundError:
return NotFound()
password = self.request.get_param("password")
disable = self.request.get_param("disable", False)
email = self.request.get_param("email")
groups = self.request.get_param("groups")
clear_reset = self.request.get_param("clear_reset", False)
if type(groups) is not list:
groups = [groups]
groups = [
group.strip(" ").replace(" ", "_").lower() for group in groups
if group
]
user.groups = groups
if password:
user.set_password(password)
self.session.push_alert(
"Password updated, please let the user know the new password",
level="warning")
if email and email != user.email:
# TODO: Only allow change if email isn't in the database yet
user.email = email
if clear_reset:
del user.reset_code
user.disable = disable
user.save()
return Redirect("/admin/users/" + self.request.id)