def view(id=0): label = db.query(Label).get(id) if not label: flash("Label {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(label) < access.VIEW: return access.forbidden_page() # TODO: SQL filtering labeled = [i for i in label.labeling if access.access(i) >= access.VIEW] bms = [i for i in labeled if i.type == "bookmark"] lbls = [i for i in labeled if i.type == "label"] bms.sort(key=lambda x: x.created_timestamp) lbls.sort(key=lambda x: x.created_timestamp) return render_template( "bm_results.html", bookmarks=bms, label=label, labels=lbls, #VIEW RIGHTS backs=label.labels, #VIEW RIGHTS signed=signed)
def view(id=0): note = db.query(Note).get(id) if not note: flash("Note {} not found.".format(id)) return redirect(url_for('notes.index')) if access.access(note) < access.VIEW: return access.forbidden_page() rendered = markdown(note.text, extensions=["tables"]) return render_template('view_note.html', note=note, rendered=rendered, user_can_edit=access.access(note) >= access.EDIT)
def edit_post(id=0): bm = db.query(Bookmark).get(id) if not bm: flash("Bookmark {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(bm) < access.EDIT: return access.forbidden_page() try: action = get_arg("action") if action == "set_name": bm.name = get_arg("name") db.commit() return "success: name set" elif action == "set_url": bm.url = get_arg("url") db.commit() return "success: url set" elif action == "delete": bm.labels.clear() db.delete(bm) db.commit() return "success: deleted" else: return "nothing done" except Exception as e: print("===== bookmarks =====") print(e) print("==================") db.rollback() return str(e)
def edit_post(id=0): label = db.query(Label).get(id) if not label: return "label {} not found".format(id) if access.access(label) < access.EDIT: return "access forbidden to {}".format(id) try: action = get_arg("action") if action == "set_name": label.name = get_arg("name") db.commit() return "success: name set" elif action == "delete": label.labels.clear() db.delete(label) db.commit() return "success: deleted" else: return "nothing done" except Exception as e: print("===== labels =====") print(e) print("==================") db.rollback() return str(e)
def edit(id=0): note = db.query(Note).get(id) if not note: flash("Note {} not found.".format(id)) return redirect(url_for('notes.index')) if access.access(note) < access.EDIT: return access.forbidden_page() if request.args.get("action") == "view": note.text = request.args.get("text") note.name = request.args.get("name") db.commit() flash("{} saved.".format(note.name)) return redirect(url_for("notes.view", id=id)) elif request.args.get("action") == "save": note.text = request.args.get("text") note.name = request.args.get("name") db.commit() flash("{} saved.".format(note.name)) return redirect(url_for("notes.edit", id=id)) elif request.args.get("action") == "delete": note.labels.clear() db.delete(note) db.commit() flash("{} deleted.".format(note.name)) return redirect(url_for('notes.index')) else: return render_template( 'edit_note.html', note=note, )
def index(): notes = [ note for note in db.query(Note).all() if access.access(note) > access.NOTHING ] return render_template("notes.html", notes=notes)
def edit_get(id=0): bm = db.query(Bookmark).get(id) if not bm: flash("Bookmark {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(bm) < access.EDIT: return access.forbidden_page() return render_template("edit_bookmark.html", bm=bm)
def edit_get(id=0): label = db.query(Label).get(id) if not label: flash("Label {} not found.".format(id)) return redirect(url_for('labels.index')) if access.access(label) < access.EDIT: return access.forbidden_page() return render_template("edit_label.html", label=label)
def index(): q = request.args.get("q", default="") search_set = db.query(Label).filter(Label.name.like( "%{}%".format(q))).all() accessible_labels = [ p for p in search_set if access.access(p) >= access.VIEW ] if not accessible_labels: return "No labels found." if len(accessible_labels) == 1: return redirect(url_for("labels.view", id=accessible_labels[0].id)) return render_template("labels.html", labels=accessible_labels, signed=signed)
def append(id=0): note = db.query(Note).get(id) if not note: flash("Note {} not found.".format(id)) return redirect(url_for('notes.index')) if access.access(note) < access.EDIT: return access.forbidden_page() line = request.args.get('line') if line == None: flash("`line` arg required.") return redirect(url_for('notes.index')) note.text += " \n" + line db.commit() flash("<i>{}</i> appended to {}.".format(line, note.name)) return redirect(url_for("notes.view", id=id))
def edit_post(id=0): node = db.query(Node).get(id) if not node: return "node {} not found".format(id) if access.access(node) < access.EDIT: return "access forbidden to node {}".format(id) try: action = get_arg("action") if action == "remove_label": label_name = get_arg("label_name") label = db.query(Label).filter_by( author=current_user, name=label_name, ).one_or_none() node.labels.remove(label) db.commit() return "success: label removed" elif action == "add_label": label_name = get_arg("label_name") label = db.query(Label).filter_by( author=current_user, name=label_name, ).one_or_none() if not label: label = Label(name=name) db.add(label) db.commit() node.labels.append(label) db.commit() return "success: label added" else: return "nothing done" except Exception as e: print("===== nodes =====") print(e) print("==================") db.rollback() return str(e)
def can_edit(node): return access.access(node) >= access.EDIT
def can_view(node): return access.access(node) >= access.VIEW