コード例 #1
0
ファイル: utils.py プロジェクト: Fivebread/streetsign
        def wrapped(*args, **kwargs):
            if request.method in methods:
                try:
                    user_session.get_user()
                except user_session.NotLoggedIn:
                    flash('Sorry! You need to be logged in!')
                    return permission_denied('You must be logged in!')

            return f(*args, **kwargs)
コード例 #2
0
        def wrapped(*args, **kwargs):
            if request.method in methods:
                try:
                    user_session.get_user()
                except user_session.NotLoggedIn:
                    flash('Sorry! You need to be logged in!')
                    return permission_denied('You must be logged in!')

            return f(*args, **kwargs)
コード例 #3
0
def posts():
    ''' (HTML) list of ALL posts. (also deletes broken posts, if error) '''

    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        user = User()

    try:
        if user.is_admin:
            return render_template('posts.html', posts=Post.select(), user=user)
        else:
            return render_template('posts.html',
                                   posts=Post.select() \
                                             .where(Post.status == 0), user=user)
    except Feed.DoesNotExist:
        # Ah. Database inconsistancy! Not good, lah.
        ps = Post.raw('select post.id from post'
                      ' left join feed on feed.id = post.feed_id'
                      ' where feed.id is null;')
        for p in ps:
            p.delete_instance()
        flash('Cleaned up old posts...')

    if user.is_admin:
        return render_template('posts.html', posts=Post.select(), user=user)
    else:
        return render_template('posts.html',
                               posts=Post.select()\
                                         .where(Post.status == 0), user=user)
コード例 #4
0
def user_files_list(dir_name=""):
    ''' HTML list of user-uploaded files. '''

    user = user_session.get_user()

    full_path = pathjoin(g.site_vars['user_dir'], dir_name)

    if not isdir(full_path):
        makedirs(full_path)

    if request.method == 'POST' and user.is_admin:
        if request.form.get('action') == 'upload':
            f = request.files['image_file']
            if f and allow_filetype(f.filename):
                filename = secure_filename(f.filename)
                f.save(pathjoin(full_path, filename))
                flash('Uploaded file:' + filename)
            else:
                flash('Sorry. Invalid Filetype')
        elif request.form.get('action') == 'delete':
            filename = secure_filename(request.form.get('filename'))
            full_filename = pathjoin(full_path, filename)
            remove(full_filename)
            flash('Deleted ' + filename)

    files = make_dirlist(dir_name)

    return render_template('user_files.html',
                           full_path=full_path,
                           file_list=files,
                           dirname=dir_name)
コード例 #5
0
ファイル: feeds_and_posts.py プロジェクト: Zedeldi/streetsign
def posts():
    ''' (HTML) list of ALL posts. (also deletes broken posts, if error) '''

    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        user = User()

    try:
        if user.is_admin:
            return render_template('posts.html',
                                   posts=Post.select(),
                                   user=user)
        else:
            return render_template('posts.html',
                                   posts=Post.select() \
                                             .where(Post.status == 0), user=user)
    except Feed.DoesNotExist:
        # Ah. Database inconsistancy! Not good, lah.
        ps = Post.raw('select post.id from post'
                      ' left join feed on feed.id = post.feed_id'
                      ' where feed.id is null;')
        for p in ps:
            p.delete_instance()
        flash('Cleaned up old posts...')

    if user.is_admin:
        return render_template('posts.html', posts=Post.select(), user=user)
    else:
        return render_template('posts.html',
                               posts=Post.select()\
                                         .where(Post.status == 0), user=user)
コード例 #6
0
def feeds():
    ''' the back end list of feeds. '''

    if request.method == 'POST':
        if not user_session.is_admin():
            flash('Only Admins can do this!')
            return redirect(url_for('feeds'))

        action = request.form.get('action', 'create')

        if action == 'create':
            if not request.form.get('title', '').strip():
                flash("I'm not making you an un-named feed!")
                return redirect(url_for('feeds'))
            Feed(name=request.form.get('title', 'blank').strip()).save()

    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn as e:
        user = User()

    return render_template('feeds.html',
                           feeds=Feed.select(),
                           user=user,
                           external_sources=ExternalSource.select(),
                           source_types=external_source_types.types())
コード例 #7
0
ファイル: screens.py プロジェクト: keyanmca/streetsign
def save_aliases():
    ''' save the current aliases. '''
    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        flash('Sorry, you need to be logged in!')
        return redirect(url_for('index'))
    if not user.is_admin:
        flash('Sorry. You are NOT an admin!')
        return redirect(url_for('index'))

    if request.method == 'POST':
        aliases = form_json('aliases', [])

        try:
            alias_configvar = ConfigVar.get(ConfigVar.id == 'screens.aliases')
        except ConfigVar.DoesNotExist:
            alias_configvar = ConfigVar()
            alias_configvar.id='screens.aliases'
            alias_configvar.save(force_insert=True)

        alias_configvar.value = aliases
        alias_configvar.save()
        return jsonify(aliases=json.loads(alias_configvar.value))

    return jsonify(aliases=config_var('screens.aliases', []))
コード例 #8
0
ファイル: user_files.py プロジェクト: keyanmca/streetsign
def user_files_list(dir_name=""):
    ''' HTML list of user-uploaded files. '''

    user = user_session.get_user()

    full_path = pathjoin(g.site_vars['user_dir'], dir_name)

    if not isdir(full_path):
        makedirs(full_path)

    if request.method == 'POST' and user.is_admin:
        if request.form.get('action') == 'upload':
            f = request.files['image_file']
            if f and allow_filetype(f.filename):
                filename = secure_filename(f.filename)
                f.save(pathjoin(full_path, filename))
                flash('Uploaded file:' + filename)
            else:
                flash('Sorry. Invalid Filetype')
        elif request.form.get('action') == 'delete':
            filename = secure_filename(request.form.get('filename'))
            full_filename = pathjoin(full_path, filename)
            remove(full_filename)
            flash('Deleted ' + filename)


    files = make_dirlist(dir_name)

    return render_template('user_files.html',
                           full_path=full_path,
                           file_list=files,
                           dirname=dir_name)
コード例 #9
0
ファイル: utils.py プロジェクト: keyanmca/streetsign
        def wrapped(*args, **kwargs):
            if request.method in methods:
                try:
                    user = user_session.get_user()
                except user_session.NotLoggedIn:
                    flash('Sorry! You need to be logged in!')
                    return redirect(url_for('index'))

            return f(*args, **kwargs)
コード例 #10
0
ファイル: screens.py プロジェクト: keyanmca/streetsign
def screenedit(screenid):
    ''' edit one screen '''

    try:
        if int(screenid) == -1:
            flash('New Screen')
            screen = Screen() # pylint: disable=no-value-for-parameter
        else:
            screen = Screen().get(Screen.id == int(screenid)) # pylint: disable=no-value-for-parameter

        backgrounds = [basename(x) for x in \
                       glob(app.config['SITE_VARS']['user_dir']  + '*')
                       if allow_filetype(x)]

    except Screen.DoesNotExist:
        flash('Invalid Screen ID! Screen does NOT exist!')
        return redirect(url_for('index'))

    if request.method == 'POST':
        if not user_session.logged_in():
            flash("You're not logged in!")
            return redirect(url_for('posts'))

        user = user_session.get_user()
        if not user.is_admin:
            flash('Sorry. You are NOT an admin!')
            return redirect(url_for('index'))

        if request.form.get('action', 'update') == 'delete':
            screen.delete_instance()
            flash('deleted')
            return redirect(request.referrer)

        # first check that name is OK:
        try:
            oldname = screen.urlname
            screen.urlname = urllib.quote(request.form.get('urlname'), '')
            screen.save()
        except sqlite3.IntegrityError:
            screen.urlname = oldname
            flash("Sorry! That name is already being used!")

        screen.background = request.form.get('background')
        screen.settings = request.form.get('settings', '')
        screen.css = request.form.get('css', '').replace('"',"'")
        screen.zones = form_json('zones', {})
        screen.save()
        flash('saved.')

        if int(screenid) == -1:
            return redirect(url_for('screenedit', screenid=screen.id))

    return render_template('screen_editor.html',
                           feeds=Feed.select(),
                           backgrounds=backgrounds,
                           screen=screen)
コード例 #11
0
def feedpage(feedid):
    ''' the back end settings for one feed. '''

    try:
        feed = Feed.get(id=feedid)
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        user = User()
    except:
        flash('invalid feed id! (' + str(feedid) + ')')
        return redirect(url_for('feeds'))

    if request.method == 'POST':
        if not user_session.logged_in():
            flash("You're not logged in!")
            return redirect(url_for('feeds'))

        if not user.is_admin:
            flash('Sorry! Only Admins can change these details.')
            return redirect(request.referrer)

        action = request.form.get('action', 'none')

        if action == 'edit':
            feed.name = request.form.get('title', feed.name).strip()

            inlist = request.form.getlist

            feed.post_types = ', '.join(inlist('post_types'))

            feed.set_authors(by_id(User, inlist('authors')))
            feed.set_publishers(by_id(User, inlist('publishers')))
            feed.set_author_groups(by_id(Group, inlist('author_groups')))
            feed.set_publisher_groups(by_id(Group, inlist('publisher_groups')))

            feed.save()
            flash('Saved')
        elif action == 'delete':

            for post in feed.posts:
                post_type_module = post_types.load(post.type)
                delete_post_and_run_callback(post, post_type_module)

            feed.delete_instance(True, True) # cascade/recursive delete.
            flash('Deleted')
            return redirect(url_for('feeds'))

    return render_template('feed.html',
                           feed=feed,
                           user=user,
                           all_posttypes=post_types.types(),
                           allusers=User.select(),
                           allgroups=Group.select()
                          )
コード例 #12
0
def feedpage(feedid):
    ''' the back end settings for one feed. '''

    try:
        feed = Feed.get(id=feedid)
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        user = User()
    except:
        flash('invalid feed id! (' + str(feedid) + ')')
        return redirect(url_for('feeds'))

    if request.method == 'POST':
        if not user_session.logged_in():
            flash("You're not logged in!")
            return redirect(url_for('feeds'))

        if not user.is_admin:
            flash('Sorry! Only Admins can change these details.')
            return redirect(request.referrer)

        action = request.form.get('action', 'none')

        if action == 'edit':
            feed.name = request.form.get('title', feed.name).strip()

            inlist = request.form.getlist

            feed.post_types = ', '.join(inlist('post_types'))

            feed.set_authors(by_id(User, inlist('authors')))
            feed.set_publishers(by_id(User, inlist('publishers')))
            feed.set_author_groups(by_id(Group, inlist('author_groups')))
            feed.set_publisher_groups(by_id(Group, inlist('publisher_groups')))

            feed.save()
            flash('Saved')
        elif action == 'delete':

            for post in feed.posts:
                post_type_module = post_types.load(post.type)
                delete_post_and_run_callback(post, post_type_module)

            feed.delete_instance(True, True) # cascade/recursive delete.
            flash('Deleted')
            return redirect(url_for('feeds'))

    return render_template('feed.html',
                           feed=feed,
                           user=user,
                           all_posttypes=post_types.types(),
                           allusers=User.select(),
                           allgroups=Group.select()
                          )
コード例 #13
0
ファイル: __init__.py プロジェクト: Fivebread/streetsign
def index():
    ''' main front page / dashboard / index. '''
    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn as e:
        user = User()

    if not user:
        user = User()


    publishable_feeds = user.publishable_feeds()


    posts_to_publish = Post.select()\
                           .where((Post.published==False) &
                                  (Post.feed << publishable_feeds))

    screens = Screen.select()
    aliases = config_var('screens.aliases', [])

    for alias in aliases:
        for screen in screens:
            if screen.urlname == alias['screen_name']:
                alias['screen'] = screen
                break
        else:
            alias['screen'] = None

    return render_template('dashboard.html',
        aliases=aliases,
        feeds=Feed.select(),
        publishable_feeds=publishable_feeds,
        posts=Post.select().where(Post.author == user)\
                  .order_by(Post.write_date.desc())\
                  .limit(15),
        posts_to_publish=posts_to_publish,
        screens=screens,
        user=user)
コード例 #14
0
ファイル: feeds_and_posts.py プロジェクト: Zedeldi/streetsign
def feeds():
    ''' the back end list of feeds. '''

    if request.method == 'POST':
        action = request.form.get('action', 'create')

        if action == 'create':
            if not request.form.get('title', '').strip():
                flash("I'm not making you an un-named feed!")
                return redirect(url_for('feeds'))
            Feed(name=request.form.get('title', 'blank').strip()).save()

    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        user = User()

    return render_template('feeds.html',
                           feeds=Feed.select(),
                           user=user,
                           external_sources=ExternalSource.select(),
                           source_types=external_source_types.types())
コード例 #15
0
ファイル: __init__.py プロジェクト: rcompaore/streetsign
def index():
    ''' main front page / dashboard / index. '''
    try:
        user = user_session.get_user()
    except user_session.NotLoggedIn:
        user = User()

    if not user:
        user = User()

    publishable_feeds = user.publishable_feeds()


    posts_to_publish = Post.select()\
                           .where((Post.published == False) &
                                  (Post.feed << publishable_feeds))

    screens = Screen.select()
    aliases = config_var('screens.aliases', [])

    for alias in aliases:
        for screen in screens:
            if screen.urlname == alias['screen_name']:
                alias['screen'] = screen
                break
        else:
            alias['screen'] = None

    return render_template('dashboard.html',
                           aliases=aliases,
                           feeds=Feed.select(),
                           publishable_feeds=publishable_feeds,
                           posts=Post.select().where(Post.author == user)\
                                     .order_by(Post.write_date.desc())\
                                     .limit(15),
                           posts_to_publish=posts_to_publish,
                           screens=screens,
                           user=user)
コード例 #16
0
def user_edit(userid=-1):
    ''' edit one user.  Admins can edit any user, but other users
        can only edit themselves. if userid is -1, create a new user. '''

    try:
        current_user = user_session.get_user()
    except user_session.NotLoggedIn as e:
        flash("Sorry, you're not logged in!")
        return permission_denied("You're not logged in!")

    userid = int(userid)

    if userid != -1:
        try:
            user = User.get(id=userid)
        except User.DoesNotExist:
            return not_found(title="User doesn't exist",
                             message="Sorry, that user does not exist!")
    else:

        if not current_user.is_admin:
            flash('Sorry! Only admins can create new users!')
            return permission_denied("Admins only!")

        try:
            user = User.get(loginname=request.form.get('loginname', ''))
            return permission_denied("Username already exists!")
        except peewee.DoesNotExist:
            pass

        user = User()  #pylint: disable=no-value-for-parameter

    if request.method == 'POST':
        if current_user != user and not current_user.is_admin:
            return permission_denied("Sorry, you may not edit this user.")

        update_user(user, request.form, current_user)

        # save:

        try:
            user.save()
            if userid == -1:
                flash('New user created.')
                return redirect(url_for('user_edit', userid=user.id))
            else:
                flash('Saved')

        except peewee.IntegrityError as err:
            flash('Cannot Save:' + str(err))

    elif request.method == 'DELETE':
        if not current_user.is_admin:
            return 'Sorry, only admins can delete users', 403

        if user.id == current_user.id:
            return 'Sorry! You cannot delete yourself!', 403

        user.delete_instance(recursive=True)

        return 'User: %s deleted. (And all their posts)' % user.displayname

    users_posts = Post.select().where(Post.author == user) \
                               .order_by(Post.write_date.desc()) \
                               .limit(10)

    return render_template('user.html',
                           allgroups=Group.select(),
                           posts=users_posts,
                           user=user)
コード例 #17
0
ファイル: feeds_and_posts.py プロジェクト: Zedeldi/streetsign
def post_new(feed_id):
    ''' create a new post! '''

    #if not user_session.logged_in():
    #    flash("You're not logged in!")
    #    return redirect(url_for('index'))

    user = user_session.get_user()

    try:
        feed = Feed.get(id=feed_id)
    except Feed.DoesNotExist:
        flash('Sorry, Feed does not exist!')
        return redirect(url_for('feeds'))

    if not feed.user_can_write(user):
        flash("Sorry! You don't have permission to write here!")
        return redirect(request.referrer if request.referrer else '/')

    if request.method == 'GET':
        # send a blank form for the user:

        post = Post()
        post.feed = feed

        # give list of available post types:

        all_posttypes = dict([(x['id'], x) for x in post_types.types()])

        if post.feed.post_types:

            allowed_post_types = []

            for post_type in post.feed.post_types_as_list():
                if post_type in all_posttypes:
                    allowed_post_types.append(all_posttypes[post_type])
        else:
            allowed_post_types = list(all_posttypes.values())

        # return the page:

        return render_template('postnew.html',
                               current_feed=feed,
                               post=post,
                               user=user,
                               post_types=allowed_post_types)

    else:  # POST. new post!
        post_type = request.form.get('post_type')
        try:
            post_type_module = post_types.load(post_type)
        except:
            flash('Sorry! invalid post type.')
            return redirect(request.referrer if request.referrer else '/')

        if feed.post_types and post_type not in feed.post_types_as_list():
            flash('sorry! this post type is not allowed in this feed!')
            return redirect(request.referrer if request.referrer else '/')

        post = Post(type=post_type, author=user)

        try:
            post.feed = feed

            if_i_cant_write_then_i_quit(post, user)

            post_form_intake(post, request.form, post_type_module)

        except PleaseRedirect as e:
            flash(str(e.msg))
            return redirect(e.url if e.url else request.url)

        post.save()
        post.publish(user)  # publish all posts by default
        flash('Saved!')

        return redirect(url_for('feedpage', feedid=post.feed.id))
コード例 #18
0
ファイル: feeds_and_posts.py プロジェクト: Zedeldi/streetsign
def postpage(postid):
    ''' Edit a post. '''

    if not user_session.logged_in():
        flash("You're not logged in!")
        return redirect(url_for('posts'))

    try:
        post = Post.get(Post.id == postid)
        post_type_module = post_types.load(post.type)
        user = user_session.get_user()

    except Post.DoesNotExist:
        flash('Sorry! Post id:{0} not found!'.format(postid))
        return redirect(url_for('posts'))

    if request.method == 'POST':
        try:
            # check for write permission, and if the post is
            # already published, publish permission.

            if_i_cant_write_then_i_quit(post, user)

            # if the user is allowed to set the feed to what they've
            # requested, then do it.

            post.feed = try_to_set_feed(post,
                                        request.form.get('post_feed', False),
                                        user)

        except PleaseRedirect as e:
            flash(str(e.msg))
            redirect(e.url)

        # if it's a publish or delete request, handle that instead:
        action = request.form.get('action', 'edit')

        if action == 'delete':
            # don't need extra guards, as if_i_cant... deals with it above
            delete_post_and_run_callback(post, post_type_module)
            flash('Deleted')
        elif action == 'publish':
            try:
                post.publish(user)
                flash("Published")
            except PermissionDenied:
                flash("Sorry, you don't have permission to publish"
                      " posts in this feed.")
        elif action == 'unpublish':
            try:
                post.publish(user, False)
                flash("Published!")
            except PermissionDenied:
                flash('Sorry, you do NOT have permission' \
                       ' to unpublish on this feed.')
        elif action == 'move':
            if not user_session.is_admin():
                flash('Sorry! You are not an admin!')
                return jsonify({'error': 'permission denied'})
            post.feed = Feed.get(Feed.id == getint('feed', post.feed))
            post.save()
            return jsonify({'message': 'Moved to ' + post.feed.name})

        if action not in ('edit', 'update'):
            return redirect(request.referrer if request.referrer else '/')

        # finally get around to editing the content of the post...
        try:
            post_form_intake(post, request.form, post_type_module)
            post.save()
            flash('Updated.')
        except Exception as e:
            flash('invalid content for this data type!')
            flash(str(e))

    # Should we bother displaying 'Post' button, and editable controls
    # if the user can't write to this post anyway?

    #can_write, can_publish = can_user_write_and_publish(user, post)

    return render_template('post_editor.html',
                           post=post,
                           current_feed=post.feed.id,
                           feedlist=user.writeable_feeds(),
                           user=user,
                           form_content=post_type_module.form(
                               json.loads(post.content)))
コード例 #19
0
def user_edit(userid=-1):
    ''' edit one user.  Admins can edit any user, but other users
        can only edit themselves. if userid is -1, create a new user. '''

    try:
        current_user = user_session.get_user()
    except user_session.NotLoggedIn as e:
        flash("Sorry, you're not logged in!")
        return permission_denied("You're not logged in!")

    userid = int(userid)

    if userid != -1:
        try:
            user = User.get(id=userid)
        except User.DoesNotExist:
            return not_found(title="User doesn't exist",
                             message="Sorry, that user does not exist!")
    else:
        if not current_user.is_admin:
            flash('Sorry! Only admins can create new users!')
            return permission_denied("Admins only!")

        try:
            user = User.get(loginname=request.form['loginname'])
            return permission_denied("Username already exists!")
        except peewee.DoesNotExist:
            pass

        user = User() #pylint: disable=no-value-for-parameter

    if request.method == 'POST':
        if current_user != user and not current_user.is_admin:
            return permission_denied("Sorry, you may not edit this user.")

        update_user(user, request.form, current_user)

        # save:

        try:
            user.save()
            if userid == -1:
                flash('New user created.')
                return redirect(url_for('user_edit', userid=user.id))
            else:
                flash('Saved')

        except peewee.IntegrityError as err:
            flash('Cannot Save:' + str(err))

    elif request.method == 'DELETE':
        if not current_user.is_admin:
            return 'Sorry, only admins can delete users', 403

        if user.id == current_user.id:
            return 'Sorry! You cannot delete yourself!', 403

        user.delete_instance(recursive=True)

        return 'User: %s deleted. (And all their posts)' % user.displayname

    users_posts = Post.select().where(Post.author == user) \
                               .order_by(Post.write_date.desc()) \
                               .limit(10)

    return render_template('user.html',
                           allgroups=Group.select(),
                           posts=users_posts, user=user)
コード例 #20
0
ファイル: feeds_and_posts.py プロジェクト: Zedeldi/streetsign
def external_data_source_edit(source_id):
    ''' Editing a external data source '''

    if not user_session.is_admin():
        flash('Only Admins can do this!')
        return redirect(url_for('feeds'))

    # first find the data type:

    if request.method == 'DELETE':
        ExternalSource.delete() \
                      .where(ExternalSource.id == int(source_id)) \
                      .execute()
        return 'deleted'

    if source_id == None:
        try:
            source = ExternalSource()
            source.type = request.args['type']
            source.name = "new " + source.type + " source"
            source.feed = Feed.get()  # set initial feed
        except KeyError:
            return 'No type specified.', 500
    else:
        try:
            source = ExternalSource.get(id=source_id)
        except peewee.DoesNotExist:
            return 'Invalid id.', 404

    # Try and load the external source type ( and check it's valid):

    try:
        module = external_source_types.load(source.type)
    except ImportError:
        return 'Invalid External Source Type', 404

    # if it's a post, then update the data with 'receive':

    if request.method == 'POST':
        source.post_as_user = user_session.get_user()

        source.settings = json.dumps(module.receive(request))
        source.name = request.form.get('name', source.name)

        source.frequency = getint('frequency', 60)
        source.publish = getbool('publish', False)
        source.lifetime_start = getstr('active_start',
                                       source.lifetime_start,
                                       validate=DATESTR)
        source.lifetime_end = getstr('active_end',
                                     source.lifetime_end,
                                     validate=DATESTR)
        source.display_time = getint('display_time', source.display_time)
        source.post_template = request.form.get('post_template',
                                                source.post_template)
        try:
            source.feed = Feed.get(Feed.id == getint('feed', 100))
            source.save()
            if source_id == None:
                # new source!
                return redirect(
                    url_for('external_data_source_edit', source_id=source.id))
            else:
                flash('Updated.')
        except Feed.DoesNotExist:
            flash("Can't save! Invalid Feed!{}".format(getint('feed', '-11')))

    return render_template("external_source.html",
                           source=source,
                           feeds=Feed.select(),
                           form=module.form(json.loads(source.settings)))
コード例 #21
0
def external_data_source_edit(source_id):
    ''' Editing a external data source '''

    if not user_session.is_admin():
        flash('Only Admins can do this!')
        return redirect(url_for('feeds'))

    # first find the data type:

    if request.method == 'DELETE':
        ExternalSource.delete() \
                      .where(ExternalSource.id == int(source_id)) \
                      .execute()
        return 'deleted'

    if source_id == None:
        try:
            source = ExternalSource()
            source.type = request.args['type']
            source.name = "new " + source.type + " source"
            source.feed = Feed.get() # set initial feed
        except KeyError:
            return 'No type specified.', 500
    else:
        try:
            source = ExternalSource.get(id=source_id)
        except peewee.DoesNotExist:
            return 'Invalid id.', 404

    # Try and load the external source type ( and check it's valid):

    try:
        module = external_source_types.load(source.type)
    except ImportError:
        return 'Invalid External Source Type', 404

    # if it's a post, then update the data with 'receive':

    if request.method == 'POST':
        source.post_as_user = user_session.get_user()

        source.settings = json.dumps(module.receive(request))
        source.name = request.form.get('name', source.name)

        source.frequency = getint('frequency', 60)
        source.publish = getbool('publish', False)
        source.lifetime_start = request.form.get('active_start',
                                                 source.lifetime_start)
        source.lifetime_end = request.form.get('active_end',
                                               source.lifetime_end)
        source.display_time = getint('display_time', source.display_time)
        source.post_template = request.form.get('post_template',
                                                source.post_template)
        try:
            source.feed = Feed.get(Feed.id == getint('feed', 100))
            source.save()
            if source_id == None:
                # new source!
                return redirect(url_for('external_data_source_edit',
                                        source_id=source.id))
            else:
                flash('Updated.')
        except Feed.DoesNotExist:
            flash("Can't save! Invalid Feed!{}".format(
                getint('feed', '-11')))


    return render_template("external_source.html",
                           source=source,
                           feeds=Feed.select(),
                           form=module.form(json.loads(source.settings)))
コード例 #22
0
def postpage(postid):
    ''' Edit a post. '''

    if not user_session.logged_in():
        flash("You're not logged in!")
        return redirect(url_for('posts'))

    try:
        post = Post.get(Post.id == postid)
        post_type_module = post_types.load(post.type)
        user = user_session.get_user()

    except Post.DoesNotExist:
        flash('Sorry! Post id:{0} not found!'.format(postid))
        return redirect(url_for('posts'))

    if request.method == 'POST':
        try:
            # check for write permission, and if the post is
            # already published, publish permission.

            if_i_cant_write_then_i_quit(post, user)

            # if the user is allowed to set the feed to what they've
            # requested, then do it.

            post.feed = try_to_set_feed(post,
                                        request.form.get('post_feed', False),
                                        user)

        except PleaseRedirect as e:
            flash(str(e.msg))
            redirect(e.url)

        # if it's a publish or delete request, handle that instead:
        action = request.form.get('action', 'edit')

        if action == 'delete':
            # don't need extra guards, as if_i_cant... deals with it above
            delete_post_and_run_callback(post, post_type_module)
            flash('Deleted')
        elif action == 'publish':
            try:
                post.publish(user)
                flash("Published")
            except PermissionDenied:
                flash("Sorry, you don't have permission to publish"
                      " posts in this feed.")
        elif action == 'unpublish':
            try:
                post.publish(user, False)
                flash("Published!")
            except PermissionDenied:
                flash('Sorry, you do NOT have permission' \
                       ' to unpublish on this feed.')
        elif action == 'move':
            if not user_session.is_admin():
                flash('Sorry! You are not an admin!')
                return jsonify({'error': 'permission denied'})
            post.feed = Feed.get(Feed.id == getint('feed', post.feed))
            post.save()
            return jsonify({'message': 'Moved to ' + post.feed.name})

        if action not in ('edit', 'update'):
            return redirect(request.referrer if request.referrer else '/')

        # finally get around to editing the content of the post...
        try:
            post_form_intake(post, request.form, post_type_module)
            post.save()
            flash('Updated.')
        except Exception as e:
            flash('invalid content for this data type!')
            flash(str(e))

    # Should we bother displaying 'Post' button, and editable controls
    # if the user can't write to this post anyway?

    #can_write, can_publish = can_user_write_and_publish(user, post)

    return render_template('post_editor.html',
                           post=post,
                           current_feed=post.feed.id,
                           feedlist=user.writeable_feeds(),
                           user=user,
                           form_content=post_type_module.form(json.loads(post.content)))
コード例 #23
0
def post_new(feed_id):
    ''' create a new post! '''

    if not user_session.logged_in():
        flash("You're not logged in!")
        return redirect(url_for('index'))

    user = user_session.get_user()

    try:
        feed = Feed.get(id=feed_id)
    except Feed.DoesNotExist:
        flash('Sorry, Feed does not exist!')
        return redirect(url_for('feeds'))

    if not feed.user_can_write(user):
        flash("Sorry! You don't have permission to write here!")
        return redirect(request.referrer if request.referrer else '/')

    if request.method == 'GET':
        # send a blank form for the user:

        post = Post()
        post.feed = feed

        # give list of available post types:

        all_posttypes = dict([(x['id'], x) for x in post_types.types()])

        if post.feed.post_types:

            allowed_post_types = []

            for post_type in post.feed.post_types_as_list():
                if post_type in all_posttypes:
                    allowed_post_types.append(all_posttypes[post_type])
        else:
            allowed_post_types = all_posttypes.values()

        # return the page:

        return render_template('postnew.html',
                               current_feed=feed,
                               post=post,
                               user=user,
                               post_types=allowed_post_types)

    else: # POST. new post!
        post_type = request.form.get('post_type')
        try:
            post_type_module = post_types.load(post_type)
        except:
            flash('Sorry! invalid post type.')
            return redirect(request.referrer if request.referrer else '/')

        if feed.post_types and post_type not in feed.post_types_as_list():
            flash('sorry! this post type is not allowed in this feed!')
            return redirect(request.referrer if request.referrer else '/')

        post = Post(type=post_type, author=user)

        try:
            post.feed = feed

            if_i_cant_write_then_i_quit(post, user)

            post_form_intake(post, request.form, post_type_module)

        except PleaseRedirect as e:
            flash(str(e.msg))
            return redirect(e.url if e.url else request.url)

        post.save()
        flash('Saved!')

        return redirect(url_for('feedpage', feedid=post.feed.id))