def add(request, node_id):
if node_id:
p = get_object_or_404(Node, id=node_id)
if p.user.id != request.user.id:
return HttpResponse("you are not the owner of this node")
p.add_child(user=request.user, label=request.POST.get('label', ''))
return HttpResponseRedirect(p.get_absolute_url())
else:
Node.add_root(user=request.user, label=request.POST.get('label', ''))
return HttpResponseRedirect("/")
def api(request, node_id):
if request.method == "POST":
d = loads(request.read())
if node_id:
p = get_object_or_404(Node, id=node_id)
if p.user.id != request.user.id:
return HttpResponse("you are not the owner of this node")
p.add_child(user=request.user, label=d['label'])
else:
n = Node.add_root(user=request.user, label=d['label'])
if request.method == "PUT" and node_id:
n = get_object_or_404(Node, id=node_id)
if n.user.id != request.user.id:
return HttpResponse("you are not the owner of this node")
d = loads(request.read())
n.label = d['label']
n.details = d['details']
if 'target' in d and d['target'] != "":
n.target = d['target']
n.save()
if request.method == "DELETE" and node_id:
return api_delete_node(request, node_id)
return api_get(request, node_id)