def _wiki_edit(self, pagename, child=False): from uliweb import request, response from forms import WikiEdit from uliweb.utils.common import get_uuid from plugs.generic_attachments import enable_attachments #检查用户是否登录 functions.require_login() response.template = 'WikiView/wiki_edit.html' #if not pagename, then it'll be ':NewPage', and when submit as it, #the form check will complain it an error if not pagename: pagename = ':NewPage' page = pagename if child: parent = pagename page = pagename + '/:NewPage' else: if '/' in pagename: parent = pagename.rsplit('/', 1)[0] else: parent = '' if parent: parent_page = self.model.get(self.model.c.name == parent) #检查父结点是否存在 if not parent_page or not parent_page.enabled or parent_page.deleted: flash('父页面尚未创建,请先创建', 'error') return redirect(url_for(self.__class__.wiki, pagename=parent, action='edit')) wiki = self.model.get(self.model.c.name == page) if wiki and wiki.enabled and not wiki.deleted: #check write permission self._check_permission('write', wiki, page=wiki) else: if parent: self._check_permission('write', parent_page, page=parent_page) else: self._check_permission('write') form = WikiEdit() WikiEdit.name.label = u'页面名称' if parent: WikiEdit.name.label = u'页面名称 %s/' % parent if request.method == 'GET': #if no wiki page existed, then create one first, but will not create revision #check if the wiki is not enabled then delete it first if wiki and (not wiki.enabled or wiki.deleted): self._delete_wikipage(wiki, real=True) wiki = self.model(name=page, creator=request.user, modified_user=request.user) if not wiki: wiki = self.model(name=page, creator=request.user, modified_user=request.user) conflict = False #check if there is someone is changing the wiki page if wiki.start_time and (date.now() - wiki.start_time).seconds < settings.get_var('WIKI/WIKI_EDIT_CHECK_TIMEDELTA') and wiki._cur_user_ != request.user.id: conflict = True else: #record user and edit begin time wiki.cur_user = request.user.id wiki.start_time = date.now() wiki.save() data = wiki.to_dict() data['name'] = page.rsplit('/', 1)[-1] form.bind(data) return {'form':form, 'wiki':wiki, 'conflict':conflict} elif request.method == 'POST': form.wiki = wiki form.parent = parent if form.validate(request.POST): #check admin permission old_acl, old_acl_lines, old_begin = find_acl(wiki.acl, settings.WIKI_ACL_ALIAS) acl, acl_lines, begin = find_acl(form.content.data, settings.WIKI_ACL_ALIAS) if old_acl_lines != acl_lines: if not self._check_permission('admin', old_acl, raise_exception=False, page=wiki): flash(_('You have no right to change the acl info.'), 'error') else: wiki.acl = acl_lines lines = form.content.data.rstrip().splitlines() if wiki.acl: wiki.content = '\n'.join([wiki.acl] + lines[begin:]) else: wiki.content = '\n'.join(lines[begin:]) wiki.modified_user = request.user.id wiki.modified_time = date.now() wiki.name = form.name.data if parent: wiki.name = parent + '/' + form.name.data #check if there is already same named page existed page = self.model.get((self.model.c.name==wiki.name) & (self.model.c.id != wiki.id)) if page: if not page.enabled or page.deleted: self._delete_wikipage(page, real=True) wiki.subject = form.subject.data or '' wiki.enabled = True #process cur_user and start_time, clear when the cur_user is #request.user if wiki._cur_user_ and wiki._cur_user_ == request.user.id: wiki.cur_user = None wiki.start_time= None wiki.save() wiki.new_revision() #enable attachments enable_attachments(None, wiki, wiki.id) #update cached page self._get_cached_page_html(wiki.name, wiki.content, update=True) return redirect(url_for(self.__class__.wiki, pagename=wiki.name)) else: conflict = False #check if there is someone is changing the wiki page if wiki.start_time and (date.now() - wiki.start_time).seconds < settings.get_var('WIKI/WIKI_EDIT_CHECK_TIMEDELTA') and wiki._cur_user_ != request.user.id: conflict = True return {'form':form, 'wiki':wiki, 'conflict':conflict}
def __begin__(): return functions.require_login()
def __begin__(self): functions.require_login() if not functions.has_role(request.user, 'superuser'): error("你没有权限访问此页面")
def __begin__(self): functions.require_login() if not request.user.is_superuser: error(_('error: superuser role needed!'))
def __begin__(self): return functions.require_login() # pass
def __begin__(): from uliweb import functions return functions.require_login()
def __begin__(self): functions.require_login()
def __begin__(self): functions.require_login() if not request.user.is_superuser: error('You have not permisstion to visit the page')