def create_resource(request): res = SiteResponse(request) page = '1' resource = { 'id': 'new', 'title': '', 'tags': '', 'content': 'Lorem ipsum...', 'published': False, 'pub_date': datetime.now() } user = User.objects.get(id=request.user.id) # DELETE EXISTING RESOURCE if request.method == 'GET' and _contains(request.GET, ['resource-id', 'delete']): resource = Resource.objects.get(id=_clean(request.GET, 'resource-id')) resource.delete() return redirect('/resources') # EDIT EXISTING RESOURCE if request.method == 'GET' and _contains(request.GET, ['resource-id']): resource = Resource.objects.get(id=_clean(request.GET, 'resource-id')) # SAVE POST elif request.method == 'POST' and _contains( request.POST, ['resource-id', 'title', 'nice-url', 'tags', 'content', 'pub-date']): page = _clean(request.GET, 'page', page) if _clean(request.POST, 'resource-id') == 'new': resource = Resource.objects.create(user=user) else: resource = Resource.objects.get( id=_clean(request.POST, 'resource-id')) resource.user = user resource.title = unescape(_clean(request.POST, 'title')) resource.nice_url = _clean(request.POST, 'nice-url') resource.content = unescape(_clean(request.POST, 'content')) resource.set_tags(_clean(request.POST, 'tags')) resource.published = 'published' in request.POST resource.sticky = 'sticky' in request.POST resource.pub_date = datetime.strptime(_clean(request.POST, 'pub-date'), '%m/%d/%Y %I:%M %p') resource.save() return redirect('/resources?page=' + page) return render( request, settings.THEME_TEMPLATES['create_resource'], { 'page_id': 0, 'is_admin': user.is_superuser, 'user_id': user.id, 'response': res, 'resource': resource, })
def login(request): res = SiteResponse(request) next_url = '/' user = None if 'next' in request.GET: next_url = request.GET['next'] if request.user.is_authenticated: return redirect(next_url) if request.method == 'POST' and _contains(request.POST, ['user', 'password']): user = authenticate(username=_clean(request.POST, 'user'), password=_clean(request.POST, 'password')) if user is not None: auth_login(request, user) return redirect(next_url) else: res.errors.append('Invalid username/password.') return render( request, settings.THEME_TEMPLATES['login'], { 'response': res, 'page_id': 0, 'next_url': next_url } )
def check_nice_url(request): check_json = {'exists': False, 'ids': []} if request.method == 'GET' and _contains(request.GET, ['nice-url']): nice_url = _clean(request.GET, 'nice-url') posts = Post.objects.filter(nice_url=nice_url) if posts: check_json['exists'] = True for post in posts: check_json['ids'].append(post.id) return HttpResponse(json.dumps(check_json), content_type='application/json')
def get_section(request): section = {} is_admin = request.user.is_superuser if is_admin and request.method == 'GET' and _contains(request.GET, ['section-id']): try: section = SiteSection.objects.get(id=_clean(request.GET, 'section-id')) section = section.dict except: section = {} return HttpResponse( json.dumps(section), content_type='application/json' )
def view_resource(request, nice_url): res = SiteResponse(request) user = None resource = None related_resources = [] num_related = 5 user = None is_admin = False if request.user.is_authenticated: user = User.objects.get(id=request.user.id) is_admin = user.is_superuser full_url = "{0}{1}/resources/{2}".format(settings.PROTOCOL_PREFIX, settings.ALLOWED_HOSTS[0], nice_url) try: resource = Resource.objects.get(nice_url=escape(nice_url)) related_resources = Resource.objects.filter( tags__in=resource.tags.all(), published=True).exclude(id=resource.id).order_by( 'tags__text', 'title')[0:num_related] except: res.errors.append(traceback.format_exc()) if resource and user and request.method == 'POST' and _contains( request.POST, ['comment-text']): comment = Comment.objects.create(user=user, text=_clean(request.POST, 'comment-text')) resource.comments.add(comment) return render( request, settings.THEME_TEMPLATES['view_resource'], { 'response': res, 'page_id': 0, 'user': user, 'is_admin': is_admin, 'resource': resource, 'related_resources': related_resources, 'full_url': full_url })
def view_blog(request, nice_url): res = SiteResponse(request) user = None post = None full_url = "{0}/blog/{1}".format(settings.SITE_PREFIX, nice_url) related_posts = [] num_related = 10 user = None is_admin = False if request.user.is_authenticated: user = User.objects.get(id=request.user.id) is_admin = user.is_superuser try: post = BlogEntry.objects.get(nice_url=escape(nice_url)) related_posts = BlogEntry.objects.filter( tags__in=post.tags.all(), published=True).exclude(id=post.id).order_by( 'tags__text', 'title')[0:num_related] except: res.errors.append(traceback.format_exc()) if post and user and request.method == 'POST' and _contains( request.POST, ['comment-text']): comment = Comment.objects.create(user=user, text=_clean(request.POST, 'comment-text')) post.comments.add(comment) return render( request, settings.THEME_TEMPLATES['view_blog'], { 'response': res, 'page_id': 0, 'user': user, 'is_admin': is_admin, 'post': post, 'full_url': full_url, 'related_posts': related_posts })
def create_blog_post(request): res = SiteResponse(request) page = '1' blog_post = { 'id': 'new', 'title': '', 'tags': '', 'content': 'Lorem ipsum...', 'published': False, 'pub_date': datetime.now() } authors = User.objects.filter( Q(is_superuser=True) | Q(profile__can_blog=True)).order_by( 'last_name', 'first_name') # DELETE EXISTING POST if request.method == 'GET' and _contains(request.GET, ['post-id', 'delete']): blog_post = BlogEntry.objects.get(id=_clean(request.GET, 'post-id')) blog_post.delete() return redirect('/blog') # EDIT EXISTING POST if request.method == 'GET' and _contains(request.GET, ['post-id']): blog_post = BlogEntry.objects.get(id=_clean(request.GET, 'post-id')) # SAVE POST elif request.method == 'POST' and _contains(request.POST, [ 'post-id', 'title', 'nice-url', 'author-id', 'tags', 'content', 'pub-date' ]): page = _clean(request.GET, 'page', page) author = User.objects.get(id=_clean(request.POST, 'author-id')) if _clean(request.POST, 'post-id') == 'new': blog_post = BlogEntry.objects.create(user=author) else: blog_post = BlogEntry.objects.get( id=_clean(request.POST, 'post-id')) blog_post.user = author blog_post.title = unescape(_clean(request.POST, 'title')) blog_post.nice_url = _clean(request.POST, 'nice-url') blog_post.content = unescape(_clean(request.POST, 'content')) blog_post.pub_date = datetime.strptime( _clean(request.POST, 'pub-date'), '%m/%d/%Y %I:%M %p') blog_post.set_tags(_clean(request.POST, 'tags')) blog_post.published = 'published' in request.POST blog_post.sticky = 'sticky' in request.POST if 'featured-img' in request.POST: blog_post.featured_image = _clean(request.POST, 'featured-img') blog_post.save() return redirect('/blog?page=' + page) elif request.method == 'POST': res.errors.append('Please fill out all required fields.') return render( request, settings.THEME_TEMPLATES['create_blog'], { 'page_id': 0, 'authors': authors, 'is_admin': request.user.is_superuser, 'user_id': request.user.id, 'response': res, 'blog_post': blog_post, })
def create_podcast(request): res = SiteResponse(request) podcast = { 'id': 'new', 'title': '', 'tags': '', 'summary': 'Lorem ipsum...', 'url': '', 'published': False, 'pub_date': datetime.now() } authors = User.objects.filter( Q(is_superuser=True) | Q(profile__can_cast=True)).order_by( 'last_name', 'first_name') # DELETE EXISTING POST if request.method == 'GET' and _contains(request.GET, ['podcast-id', 'delete']): podcast = PodCast.objects.get(id=_clean(request.GET, 'podcast-id')) podcast.delete() return redirect('/podcast') # EDIT EXISTING POST if request.method == 'GET' and _contains(request.GET, ['podcast-id']): podcast = PodCast.objects.get(id=_clean(request.GET, 'podcast-id')) # SAVE POST elif request.method == 'POST' and _contains(request.POST, [ 'podcast-id', 'title', 'nice-url', 'author-id', 'url', 'summary', 'pub-date' ]): author = User.objects.get(id=_clean(request.POST, 'author-id')) if _clean(request.POST, 'podcast-id') == 'new': podcast = PodCast.objects.create(user=author) else: podcast = PodCast.objects.get( id=_clean(request.POST, 'podcast-id')) podcast.user = author podcast.title = unescape(_clean(request.POST, 'title')) podcast.nice_url = _clean(request.POST, 'nice-url') podcast.summary = unescape(_clean(request.POST, 'summary')) if 'itunes-summary' in request.POST: podcast.itunes_summary = _clean(request.POST, 'itunes-summary') if _clean(request.POST, 'url'): podcast_path = settings.MEDIA_ROOT + '/' + _clean( request.POST, 'url') audio = MP3(podcast_path) podcast.set_duration(audio.info.length) podcast.byte_size = str(os.path.getsize(podcast_path)) podcast.pub_date = datetime.strptime(_clean(request.POST, 'pub-date'), '%m/%d/%Y %I:%M %p') podcast.url = _clean(request.POST, 'url') podcast.published = 'published' in request.POST if not podcast.guid: podcast.guid = str(uuid.uuid4()) podcast.save() return redirect('/podcast') return render( request, settings.THEME_TEMPLATES['create_podcast'], { 'page_id': 0, 'authors': authors, 'is_admin': request.user.is_superuser, 'user_id': request.user.id, 'response': res, 'podcast': podcast, })
def process_CMS(request, res, nice_url): page = None editing = False sections = [] try: page = SitePage.objects.get(url=escape(nice_url)) except: res.errors.append('Unable to find the page you requested.') if 'editing' in request.GET and res.is_admin: editing = True if res.is_admin and page and _contains(request.GET, ['editing', 'section', 'move']): section_id = _clean(request.GET, 'section') direction = _clean(request.GET, 'move') sections = SiteSection.objects.filter(page_id=page.id).order_by('order') swapped = False for x in range(0, len(sections)): if str(sections[x].id) == section_id: if direction == 'up': if x > 0: swap_order = sections[x - 1].order sections[x - 1].order = sections[x].order sections[x - 1].save() sections[x].order = swap_order sections[x].save() swapped = True break elif direction == 'down': if x < len(sections) - 1: swap_order = sections[x + 1].order sections[x + 1].order = sections[x].order sections[x + 1].save() sections[x].order = swap_order sections[x].save() swapped = True break if swapped: redirect('/{0}?editing=true'.format(nice_url)) if page and request.method == 'POST': # HANDLE INLINE EDITOR SUBMISSION if res.is_admin and _contains( request.POST, [ 'content_save', 'editabledata', 'editorID', ]): new_html = request.POST['editabledata'] column_id = _clean(request.POST, 'editorID').replace('section-content-', '') ContentVersion.objects.create( column_id=column_id, html=new_html) #return HttpResponse('') # HANDLE CUSTOM EDITOR SUBMISSION elif res.is_admin and _contains( request.POST, [ 'column-id', 'new-content', 'custom-content-save' ] ): column_id = _clean(request.POST, 'column-id') new_html = unescape(_clean(request.POST, 'new-content')) ContentVersion.objects.create( column_id=column_id, html=new_html ) # HANDLE SECTION EDITOR SUBMISSION elif res.is_admin and _contains( request.POST, [ 'page-id', 'sec-id', 'sec-order', 'layout-json', 'header-text', 'header-css', 'header-name' ]): sec_id = _clean(request.POST, 'sec-id') sec_order = int(_clean(request.POST, 'sec-order')) layout_json = request.POST['layout-json'] if 'delete-section' in request.POST: section = section = SiteSection.objects.get(page=page, id=_clean(request.POST, 'sec-id')) section.delete() else: try: sec_header_text = unescape(_clean(request.POST, 'header-text')) sec_header_css = _clean(request.POST, 'header-css') sec_header_name = _clean(request.POST, 'header-name') sec_show_header = 'show-header' in request.POST sec_full_width = 'full-width' in request.POST section = None if sec_id == 'new': section = SiteSection.objects.create( page_id=page.id, order=sec_order, header_css_class=sec_header_css, header_text=sec_header_text, name=sec_header_name, ) else: section = SiteSection.objects.get(page_id=page.id, id=sec_id) section.header_text = sec_header_text section.header_css_class = sec_header_css section.name = sec_header_name section.show_header = sec_show_header section.full_width = sec_full_width section.save() if section: layout = json.loads(layout_json) existing_row_ids = [] existing_col_ids = [] for row in layout['rows']: sec_row = None if 'new' in row['id']: sec_row = SectionRow.objects.create( section=section, css=row['css'], order=row['order'] ) else: sec_row = SectionRow.objects.get(section=section, id=row['id']) sec_row.css = row['css'] sec_row.order = row['order'] sec_row.save() existing_row_ids.append(sec_row.id) if sec_row: for col in row['cols']: sec_col = None if 'new' in col['id']: sec_col = SectionColumn.objects.create( row=sec_row, width=col['size'], css=col['css'], is_custom=col['is_custom'], order=col['order'] ) else: sec_col = SectionColumn.objects.get(row=sec_row, id=col['id']) sec_col.width = col['size'] sec_col.css = col['css'] sec_col.is_custom = col['is_custom'] sec_col.order = col['order'] sec_col.save() existing_col_ids.append(sec_col.id) # Delete any rows or cols that shouldn't exist anymore rows_to_delete = SectionRow.objects.filter(section=section).exclude(pk__in=existing_row_ids) for row in rows_to_delete: row.delete() cols_to_delete = SectionColumn.objects.filter(row__section=section).exclude( pk__in=existing_col_ids) for col in cols_to_delete: col.delete() except: res.errors.append(traceback.format_exc()) # GET THE SECTIONS AND LOAD CONTENT try: sections = SiteSection.objects.filter(page_id=page.id).order_by('order') order = -1 for section in sections: if 'section' in settings.THEME_TEMPLATES: template = loader.get_template(settings.THEME_TEMPLATES['section']) context = { 'section': section, 'response': res, 'editing': editing, 'page': page} section.html = template.render(context) if section.order == order: section.order += 1 section.save() order = section.order except: res.errors.append(traceback.format_exc()) sections = [] return page, sections, editing, res
def register(request): res = SiteResponse(request) next_url = '/' new_user = True if 'next' in request.GET: next_url = request.GET['next'] user = { 'id': 'new', 'username': '', 'email': '', 'first_name': '', 'last_name': '', 'is_superuser': False, 'profile': { 'website': '', 'can_blog': False, 'can_cast': False, 'subscribe_newsletter': True, } } is_admin = request.user.is_superuser if is_admin and 'impersonate-username' in request.GET: user = User.objects.get(username=_clean(request.GET, 'impersonate-username')) new_user = False elif is_admin and 'create' in request.GET: pass elif request.user.is_authenticated: new_user = False user = User.objects.get(id=request.user.id) if request.method == 'GET' and 'logout' in request.GET: logout(request) return redirect('/') if request.method == 'POST' and _contains(request.POST, [ 'user', 'password', 'email', 'fname', 'lname', 'website' ]): username = _clean(request.POST, 'user') password = _clean(request.POST, 'password') email = _clean(request.POST, 'email') fname = _clean(request.POST, 'fname') lname = _clean(request.POST, 'lname') website = _clean(request.POST, 'website') if 'password2' in request.POST: if not password == _clean(request.POST, 'password2'): user['username'] = username user['email'] = email user['first_name'] = fname user['last_name'] = lname user['profile']['website'] = website res.errors.append('Your passwords do not match.') if not res.errors: if hasattr(user, 'id'): user.username = username if password: user.set_password(password) user.email = email else: user = User.objects.create_user( username, email, password ) user.first_name = fname user.last_name = lname user.is_superuser = '******' in request.POST user.profile.website = website user.profile.can_blog = 'can-blog' in request.POST user.profile.can_cast = 'can-cast' in request.POST if user.is_superuser or user.profile.can_blog or user.profile.can_cast: user.is_staff = True user.profile.subscribe_newsletter = 'subscribe' in request.POST user.save() if 'create' in request.GET: return redirect('/accounts/register/?impersonate=' + str(user.id)) else: if next_url: auth_login(request, user) return redirect(next_url) elif new_user: auth_login(request, user) res.success = 'Registration complete!' else: res.success = 'Profile updated.' return render( request, settings.THEME_TEMPLATES['create_user'], { 'response': res, 'page_id': 0, 'user': user, 'next': next_url, 'is_admin': is_admin } )