def add_user(self, username, email, real_name, password, bio, status='', role='user'):
username, real_name = username.strip(), real_name.strip()
errors = []
if not re.match(r'^[A-Za-z0-9_]{4,16}$', username):
errors.append(text('user.username_missing'))
if not re.match(r'^[A-Za-z0-9_]{4,16}$', password):
errors.append(text('user.password_invalid'))
if not self.check_email(email):
errors.append(text('user.email_missing'))
if errors:
return {'status': 'error', 'errors': errors}
if status not in User.STATUSES:
status = 'inactive'
if role not in User.ROLES:
role = 'user'
if self.repo.find_by_username(username):
errors.append(text('user.username_used'))
if errors:
return {'status': 'error', 'errors': errors}
user = User(username, email, real_name, password, bio, status, role)
user.uid = self.repo.create(user)
return {'status': 'ok', 'msg': 'saved', 'user': user}
def post_add():
if request.method == 'GET':
fields = extend_service.get_fields_by_type('post')
return render_template('admin/post/add.html',
statuses=STATUSES,
categories=category_service.dropdown(),
fields=fields)
p = request.form.get
title = p('title', default='')
description = p('description')
category = p('category', type=int, default=1)
status = p('status', default='draft')
comments = p('comments', type=int, default=0)
html = p('html')
css = p('custom_css', default='')
js = p('custom_js', default='')
slug = p('slug')
title = title.strip()
slug = slug.strip() or title
validator = Validator()
(validator.check(title, 'min', text('post.title_missing'), 1)
.check(slug, 'min', text('post.title_missing'), 1)
)
if validator.errors:
flash(validator.errors, 'error')
return render_template('admin/post/add.html')
author = g.user
post = post_service.add_post(
title, slug, description, html, css, js, category, status, comments, author)
extend_service.prcoess_field(post, 'post')
return redirect(url_for('admin.post_page'))
def post_comment(slug):
post = post_service.get_by_slug(slug)
if not post:
return theme_render('404.html', page_title='Not Found')
if post and not post.allow_comment:
return redirect(url_for('site.post', slug=slug))
p = request.form.get
name = p('name', default='')
email = p('email', default='')
content = p('content', default='')
name, content, email = name.strip(), content.strip(), email.strip()
validator = Validator()
(validator.check(email, 'email', text('comment.email_missing'))
.check(content, 'min', text('comment.email_missing'), 1)
)
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('site.post', slug=slug))
status = config.get(
'auto_published_comments', False) and 'approved' or 'pending'
comment_service.add_comment(name, email, content, status, post)
return redirect(url_for('site.post', slug=slug))
def post_edit(post_id):
if request.method == 'GET':
fields = extend_service.get_fields_by_type('post', post_id)
return render_template('admin/post/edit.html',
statuses=STATUSES,
categories=category_service.dropdown(),
article=post_service.get_by_pid(post_id),
fields=fields)
p = request.form.get
title = p('title', default='')
description = p('description')
category = p('category', type=int, default=1)
status = p('status', default='draft')
comments = p('comments', type=int, default=0)
html = p('html')
css = p('custom_css', default='')
js = p('custom_js', default='')
slug = p('slug')
title = title.strip()
slug = slug.strip() or title
validator = Validator()
(validator.check(title, 'min', text('post.title_missing'),
1).check(slug, 'min', text('post.title_missing'), 1))
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.post_edit', post_id=post_id))
post = post_service.update_post(title, slug, description, html, css, js,
category, status, comments, post_id)
extend_service.prcoess_field(post, 'post')
flash(text('post.updated'), 'success')
return redirect(url_for('admin.post_edit', post_id=post_id))
def post_comment(slug):
post = post_service.get_by_slug(slug)
if not post:
return theme_render('404.html', page_title='Not Found')
if post and not post.allow_comment:
return redirect(url_for('site.post', slug=slug))
p = request.form.get
name = p('name', default='')
email = p('email', default='')
content = p('content', default='')
name, content, email = name.strip(), content.strip(), email.strip()
validator = Validator()
(validator.check(email, 'email', text('comment.email_missing')).check(
content, 'min', text('comment.email_missing'), 1))
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('site.post', slug=slug))
status = config.get('auto_published_comments',
False) and 'approved' or 'pending'
comment_service.add_comment(name, email, content, status, post)
return redirect(url_for('site.post', slug=slug))
def update_user(self,
uid,
email,
real_name,
password,
newpass1,
newpass2,
bio,
status,
role='user'):
real_name, newpass1, newpass2, bio = real_name.strip(), newpass1.strip(
), newpass2.strip(), bio.strip()
errors = []
if not self.check_email(email):
errors.append(text('user.email_missing'))
if errors:
return {'status': 'error', 'errors': errors}
user = self.repo.find(uid)
if not user:
return {'status': 'error', 'errors': 'User not Found'}
me = g.user
if me.uid == user.uid:
if re.match(r'[A-Za-z0-9@#$%^&+=]{4,16}', newpass1):
if password and newpass1 and newpass1 == newpass2 and user.check(
password):
user.password = newpass1
elif newpass1:
errors.append(text('users.password_missing'))
if self.check_email(email):
user_ = self.repo.find_by_email(email)
if user_ and user_.uid != user.uid:
errors.append(text('user.email_used'))
else:
user.email = email
if errors:
return {'status': 'error', 'errors': errors}
if me.is_root() or me.uid == uid:
if me.is_root() and not user.is_root():
if role in (User.ADMIN, User.USER, User.EDITOR):
user.role = role
if user.status != status and status in User.STATUSES:
user.status = status
if user.real_name != real_name:
user.real_name = real_name
if user.bio != bio:
user.bio = bio
self.repo.save(user)
return {'status': 'ok', 'msg': 'updated', 'user': user}
def page_add():
if request.method == 'GET':
pages = Backend('page').dropdown(show_empty_option=True)
fields = extend_service.get_fields_by_type('page')
return render_template('admin/page/add.html',
statuses=PAGE_STATUSES,
pages=pages,
fields=fields)
f = request.form
parent = f.get('parent')
name = f.get('name')
title = f.get('title')
name = name or title
slug = f.get('slug')
content = f.get('content')
status = f.get('status')
pid = f.get('pid', type=int)
show_in_menu = f.get('show_in_menu', type=int)
show_in_menu = 1 if show_in_menu else 0
redirect_ = f.get('redirect')
validator = Validator()
validator.add('duplicate',
lambda key: page_service.is_exist_slug(key) == False)
(validator.check(title, 'min', text('page.title_missing'),
3).check(slug, 'min', text('page.slug_missing'),
3).check(slug, 'duplicate',
text('page.slug_duplicate')).check(
slug, 'regex',
text('page.slug_invalid'),
r'^[0-9_A-Za-z-]+$')
#.check(redirect, 'url', text('page.redirect_missing'))
)
if validator.errors:
flash(validator.errors, 'error')
pages = Backend('page').dropdown(show_empty_option=True)
fields = extend_service.get_fields_by_type('page')
return render_template('admin/page/add.html',
statuses=PAGE_STATUSES,
pages=pages,
fields=fields)
page = page_service.add_page(parent, name, title, slug, content, status,
redirect_, show_in_menu)
extend_service.prcoess_field(page, 'page')
return redirect(url_for('admin.page_page'))
def page_add():
if request.method == 'GET':
pages = Backend('page').dropdown(show_empty_option=True)
fields = extend_service.get_fields_by_type('page')
return render_template('admin/page/add.html',
statuses=PAGE_STATUSES,
pages=pages,
fields=fields)
f = request.form
parent = f.get('parent')
name = f.get('name')
title = f.get('title')
name = name or title
slug = f.get('slug')
content = f.get('content')
status = f.get('status')
pid = f.get('pid', type=int)
show_in_menu = f.get('show_in_menu', type=int)
show_in_menu = 1 if show_in_menu else 0
redirect_ = f.get('redirect')
validator = Validator()
validator.add(
'duplicate', lambda key: page_service.is_exist_slug(key) == False)
(validator
.check(title, 'min', text('page.title_missing'), 3)
.check(slug, 'min', text('page.slug_missing'), 3)
.check(slug, 'duplicate', text('page.slug_duplicate'))
.check(slug, 'regex', text('page.slug_invalid'), r'^[0-9_A-Za-z-]+$')
#.check(redirect, 'url', text('page.redirect_missing'))
)
if validator.errors:
flash(validator.errors, 'error')
pages = Backend('page').dropdown(show_empty_option=True)
fields = extend_service.get_fields_by_type('page')
return render_template('admin/page/add.html',
statuses=PAGE_STATUSES,
pages=pages,
fields=fields)
page = page_service.add_page(
parent, name, title, slug, content, status, redirect_, show_in_menu)
extend_service.prcoess_field(page, 'page')
return redirect(url_for('admin.page_page'))
def metadata_page():
if request.method == 'GET':
pair = storage_service.site_meta()
data = pair.json_value()
data['comment_moderation_keys'] = ','.join(
data['comment_moderation_keys'])
pages = page_service.dropdown(False)
configs = {key: data[key] for key in META_KEYS}
return render_template('admin/extend/metadata/edit.html',
pages=pages,
**configs)
p = request.form.get
sitename = p('sitename')
description = p('description')
site_page = p('site_page', type=int, default=0)
posts_per_page = p('posts_per_page', type=int, default=0)
auto_published_comments = p('auto_published_comments', type=bool)
comment_moderation_keys = p('comment_moderation_keys')
storage_service.update_site_meta(sitename, description, site_page,
posts_per_page, auto_published_comments, comment_moderation_keys)
site.clear_cache()
flash(text('metadata.updated'), 'success')
return redirect(url_for('admin.metadata_page'))
def update_user(self, uid, email, real_name, password, newpass1, newpass2, bio, status, role='user'):
real_name, newpass1, newpass2, bio = real_name.strip(), newpass1.strip(), newpass2.strip(), bio.strip()
errors = []
if not self.check_email(email):
errors.append(text('user.email_missing'))
if errors:
return {'status': 'error', 'errors': errors}
user = self.repo.find(uid)
if not user:
return {'status': 'error', 'errors': 'User not Found'}
me = g.user
if me.uid == user.uid:
if re.match(r'[A-Za-z0-9@#$%^&+=]{4,16}', newpass1):
if password and newpass1 and newpass1 == newpass2 and user.check(password):
user.password = newpass1
elif newpass1:
errors.append(text('users.password_missing'))
if self.check_email(email):
user_ = self.repo.find_by_email(email)
if user_ and user_.uid != user.uid:
errors.append(text('user.email_used'))
else:
user.email = email
if errors:
return {'status': 'error', 'errors': errors}
if me.is_root() or me.uid == uid:
if me.is_root() and not user.is_root():
if role in (User.ADMIN, User.USER, User.EDITOR):
user.role = role
if user.status != status and status in User.STATUSES:
user.status = status
if user.real_name != real_name:
user.real_name = real_name
if user.bio != bio:
user.bio = bio
self.repo.save(user)
return {'status': 'ok', 'msg': 'updated', 'user': user}
def category_delete(category_id):
if category_id == 1:
flash('The Uncategory cann\'t delete', 'error')
return redirect(url_for('admin.category_page'))
category_service.delete(category_id)
flash(text('category.deleted'), 'success')
return redirect(url_for('admin.category_page'))
def category_edit(category_id):
if request.method == 'GET':
category = category_service.get_by_cid(category_id)
return render_template('admin/category/edit.html', category=category)
p = request.form.get
title = p('title')
slug = p('slug')
description = p('description')
validator = Validator()
validator.check(title, 'min', text('category.title_missing'), 1)
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.category_edit', category_id=category_id))
category = category_service.update_category(
category_id, title, slug, description)
flash(text('category.updated'), 'success')
return redirect(url_for('admin.category_edit', category_id=category.cid))
def field_add():
if request.method == 'GET':
return render_template('admin//extend/field/add.html')
reqp = request.form
_type = reqp.get('type')
field = reqp.get('field')
key = reqp.get('key')
label = reqp.get('label')
key = key or label
validator = Validator()
validator.add(
'valid_key', lambda key: extend_service.count(key, _type) == 0)
(validator
.check(key, 'min', text('extend.key_missing'), 1)
.check(key, 'valid_key', text('extend.key_exists'))
.check(label, 'min', text('extend.label_missing'), 1)
)
if validator.errors:
flash(validator.errors, 'error')
return render_template('admin/extend/field/add.html')
if field == 'image':
attributes = {
'type': reqp.get('attributes[type]'),
'size': {
'height': reqp.get('attributes[size][height]', type=int),
'width': reqp.get('attributes[size][width]', type=int),
}
}
elif field == 'file':
attributes = {
'type': reqp.get('attributes[type]'),
}
else:
attributes = {}
extend_service.create_extend(_type, key, label, field, attributes)
return redirect(url_for('admin.field_page'))
def comment_edit(comment_id):
if request.method == 'GET':
statuses = {
'approved': text('global.approved'),
'pending': text('global.pending'),
'spam': text('global.spam')
}
comment = comment_service.get(comment_id)
return render_template('admin/comment/edit.html',
comment=comment,
statuses=statuses)
p = request.form.get
name = p('name')
email = p('email')
content = p('content')
status = p('status')
name, content = name.strip(), content.strip()
validator = Validator()
(validator.check(name, 'min', text('comment.name_missing'),
1).check(content, 'min', text('comment.content_missing'),
1))
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.comment_edit', comment_id=comment_id))
comment = comment_service.update_comment(comment_id, name, email, content,
status)
flash(text('comment.updated'), 'success')
return redirect(url_for('admin.comment_edit', comment_id=comment.cid))
def field_edit(extend_id):
if request.method == 'GET':
extend = extend_service.get_by_eid(extend_id)
return render_template('admin//extend/field/edit.html', field=extend)
reqp = request.form
_type = reqp.get('type')
field = reqp.get('field')
key = reqp.get('key')
label = reqp.get('label')
key = key or label
validator = Validator()
(validator
.check(key, 'min', text('extend.key_missing'), 1)
.check(label, 'min', text('extend.label_missing'), 1)
)
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.field_edit', extend_id=extend_id))
if field == 'image':
attributes = {
'type': reqp.get('attributes[type]'),
'size': {
'height': reqp.get('attributes[size][height]', type=int),
'width': reqp.get('attributes[size][width]', type=int),
}
}
elif field == 'file':
attributes = {
'type': reqp.get('attributes[type]'),
}
else:
attributes = {}
extend_service.update_extend(
_type, key, label, field, attributes, extend_id)
return redirect(url_for('admin.field_edit', extend_id=extend_id))
def comment_edit(comment_id):
if request.method == 'GET':
statuses = {
'approved': text('global.approved'),
'pending': text('global.pending'),
'spam': text('global.spam')
}
comment = comment_service.get(comment_id)
return render_template('admin/comment/edit.html',
comment=comment,
statuses=statuses)
p = request.form.get
name = p('name')
email = p('email')
content = p('content')
status = p('status')
name, content = name.strip(), content.strip()
validator = Validator()
(validator.check(name, 'min', text('comment.name_missing'), 1)
.check(content, 'min', text('comment.content_missing'), 1)
)
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.comment_edit', comment_id=comment_id))
comment = comment_service.update_comment(
comment_id, name, email, content, status)
flash(text('comment.updated'), 'success')
return redirect(url_for('admin.comment_edit', comment_id=comment.cid))
def add_user(self,
username,
email,
real_name,
password,
bio,
status='',
role='user'):
username, real_name = username.strip(), real_name.strip()
errors = []
if not re.match(r'^[A-Za-z0-9_]{4,16}$', username):
errors.append(text('user.username_missing'))
if not re.match(r'^[A-Za-z0-9_]{4,16}$', password):
errors.append(text('user.password_invalid'))
if not self.check_email(email):
errors.append(text('user.email_missing'))
if errors:
return {'status': 'error', 'errors': errors}
if status not in User.STATUSES:
status = 'inactive'
if role not in User.ROLES:
role = 'user'
if self.repo.find_by_username(username):
errors.append(text('user.username_used'))
if errors:
return {'status': 'error', 'errors': errors}
user = User(username, email, real_name, password, bio, status, role)
user.uid = self.repo.create(user)
return {'status': 'ok', 'msg': 'saved', 'user': user}
def login():
if request.method == 'GET':
if g.user.is_guest():
return render_template('admin/user/login.html')
return redirect(url_for('admin.post_page'))
reqp = request.form
username = reqp.get('username')
password = reqp.get('password')
result = user_service.auth(username, password)
if result['status'] == 200:
user_service.login(result['user'])
return redirect(url_for('admin.post_page'))
flash(text('user.login_error'), 'error')
return redirect(url_for('admin.login'))
def login():
if request.method == 'GET':
if g.user.is_guest():
return render_template('admin/user/login.html')
return redirect(url_for('admin.post_page'))
reqp = request.form
username = reqp.get('username')
password = reqp.get('password')
result = user_service.auth(username, password)
if result['status'] == 200:
user_service.login(result['user'])
return redirect(url_for('admin.post_page'))
flash(text('user.login_error'), 'error')
return redirect(url_for('admin.login'))
def category_add():
if request.method == 'GET':
return render_template('admin/category/add.html')
reqp = request.form
title = reqp.get('title')
slug = reqp.get('slug')
description = reqp.get('description')
validator = Validator()
validator.check(title, 'min', text('category.title_missing'), 1)
if validator.errors:
flash(validator.errors, 'error')
return render_template('admin/category/add.html')
category_service.add_category(title, slug, description)
return redirect(url_for('admin.category_page'))
def page_edit(page_id):
if request.method == 'GET':
pages = Backend('page').dropdown(show_empty_option=True)
page = Backend('page').find(page_id)
fields = extend_service.get_fields_by_type('page', page_id)
return render_template('admin/page/edit.html',
statuses=PAGE_STATUSES,
pages=pages,
page=page,
fields=fields)
f = request.form
parent = f.get('parent')
name = f.get('name')
title = f.get('title')
name = name or title
slug = f.get('slug')
content = f.get('content')
status = f.get('status')
show_in_menu = f.get('show_in_menu', type=int, default=0)
show_in_menu = 1 if show_in_menu else 0
redirect_ = f.get('redirect')
validator = Validator()
(validator
.check(title, 'min', text('page.title_missing'), 3)
#.check(redirect, 'url', text('page.redirect_missing'))
)
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.page_edit', page_id=page_id))
page = page_service.update_page(
parent, name, title, slug, content, status, redirect_, show_in_menu, page_id)
extend_service.prcoess_field(page, 'page')
return redirect(url_for('admin.page_edit', page_id=page_id))
def page_edit(page_id):
if request.method == 'GET':
pages = Backend('page').dropdown(show_empty_option=True)
page = Backend('page').find(page_id)
fields = extend_service.get_fields_by_type('page', page_id)
return render_template('admin/page/edit.html',
statuses=PAGE_STATUSES,
pages=pages,
page=page,
fields=fields)
f = request.form
parent = f.get('parent')
name = f.get('name')
title = f.get('title')
name = name or title
slug = f.get('slug')
content = f.get('content')
status = f.get('status')
show_in_menu = f.get('show_in_menu', type=int, default=0)
show_in_menu = 1 if show_in_menu else 0
redirect_ = f.get('redirect')
validator = Validator()
(validator.check(title, 'min', text('page.title_missing'), 3)
#.check(redirect, 'url', text('page.redirect_missing'))
)
if validator.errors:
flash(validator.errors, 'error')
return redirect(url_for('admin.page_edit', page_id=page_id))
page = page_service.update_page(parent, name, title, slug, content, status,
redirect_, show_in_menu, page_id)
extend_service.prcoess_field(page, 'page')
return redirect(url_for('admin.page_edit', page_id=page_id))
def post_delete(post_id):
post_service.delete(post_id)
flash(text('post.deleted'), 'success')
return redirect(url_for('admin.post_page'))
def user_delete(user_id):
user_service.delete(user_id)
flash(text('user.deleted'), 'success')
return redirect(url_for('admin.user_page'))
def comment_delete(comment_id):
comment_service.delete(comment_id)
flash(text('comment.deleted'), 'success')
return redirect(url_for('admin.comment_page'))
from white.flash import flash
from white.controller import admin_bp as bp, ADMIN, EDITOR
from white.security import security
from white.domain.comment import CommentService
from white.lang import text
from white.flash import flash
from white.lib.validator import Validator
from white.helper import site
comment_service = CommentService()
COMMENT_STATUSES = [{
'url': 'all',
'lang': text('global.all'),
'class': 'all'
}, {
'url': 'pending',
'lang': text('global.pending'),
'class': 'pending'
}, {
'url': 'approved',
'lang': text('global.approved'),
'class': 'approved'
}, {
'url': 'spam',
'lang': text('global.spam'),
'class': 'spam'
}]
from white.controller import admin_bp as bp, ADMIN, EDITOR
from white.security import security
from white.domain.comment import CommentService
from white.lang import text
from white.flash import flash
from white.lib.validator import Validator
from white.helper import site
comment_service = CommentService()
COMMENT_STATUSES = [
{'url': 'all', 'lang': text('global.all'), 'class': 'all'},
{'url': 'pending', 'lang': text('global.pending'), 'class': 'pending'},
{'url': 'approved', 'lang': text('global.approved'), 'class': 'approved'},
{'url': 'spam', 'lang': text('global.spam'), 'class': 'spam'}
]
@bp.route('/comment')
@bp.route('/comment/<status>')
@bp.route('/comment/<status>/<int:page>')
@security(EDITOR)
def comment_page(page=1, status='all'):
pagination = comment_service.page(status, page, site.posts_per_page())
return render_template('admin//comment/index.html',
statuses=COMMENT_STATUSES,
status=status,
def comment_delete(comment_id):
comment_service.delete(comment_id)
flash(text('comment.deleted'), 'success')
return redirect(url_for('admin.comment_page'))
from white.model import Category
from white.domain.post import PostService
from white.domain.category import CategoryService
from white.domain.extend import ExtendService
from white.lang import text
from white.flash import flash
from white.lib.validator import Validator
from white.helper import site
post_service = PostService()
category_service = CategoryService()
extend_service = ExtendService()
STATUSES = {
'published': text('global.published'),
'draft': text('global.draft'),
'archived': text('global.archived'),
}
@bp.route('/post')
@bp.route('/post/<int:page>')
@bp.route('/post/category/<int:category>')
@security(EDITOR)
def post_page(page=1, category=None):
pagination = post_service.page(page, site.posts_per_page(), category)
return render_template('admin//post/index.html',
categories=category_service.dropdown(),
posts=pagination,
category=category)
def post_delete(post_id):
post_service.delete(post_id)
flash(text('post.deleted'), 'success')
return redirect(url_for('admin.post_page'))
from white.orm import Backend
from white.model import Page
from white.lib.validator import Validator
from white.helper import site
from white.controller import admin_bp as bp, ADMIN, EDITOR
from white.security import security
from white.domain.page import PageService
from white.domain.extend import ExtendService
from white.lang import text
from white.flash import flash
PAGE_STATUSES = {
'published': text('global.published'),
'draft': text('global.draft'),
'archived': text('global.archived'),
}
page_service = PageService()
extend_service = ExtendService()
@bp.route('/page')
@bp.route('/page/<int:page>')
@bp.route('/page/status/<status>')
@bp.route('/page/status/<status>/<int:page>')
@security(EDITOR)
def page_page(page=1, status='all'):
pagination = page_service.page(status, page, site.posts_per_page())
def user_delete(user_id):
user_service.delete(user_id)
flash(text('user.deleted'), 'success')
return redirect(url_for('admin.user_page'))