def POST(self, key): # only allow admin users to edit yaml if not self.is_admin(): return render.permission_denied(key, 'Permission Denied') i = web.input(body='', _comment=None) if '_save' in i: d = self.load(i.body) p = web.ctx.site.new(key, d) try: p._save(i._comment) except (client.ClientException, ValidationException) as e: add_flash_message('error', str(e)) return render.edit_yaml(key, i.body) raise web.seeother(key + '.yml') elif '_preview' in i: add_flash_message('Preview not supported') return render.edit_yaml(key, i.body) else: add_flash_message('unknown action') return render.edit_yaml(key, i.body)
def GET(self, key): # only allow admin users to edit yaml if not self.is_admin(): return render.permission_denied(key, 'Permission Denied') try: d = self.get_data(key) except web.HTTPError as e: if web.ctx.status.lower() == '404 not found': d = {'key': key} else: raise return render.edit_yaml(key, self.dump(d))
def GET(self, key): # only allow admin users to edit yaml if not self.is_admin(): return render.permission_denied(key, 'Permission Denied') try: d = self.get_data(key) except web.HTTPError as e: if web.ctx.status.lower() == "404 not found": d = {"key": key} else: raise return render.edit_yaml(key, self.dump(d))
class _yaml_edit(_yaml): name = "edit" encoding = "yml" def is_admin(self): u = delegate.context.user return u and u.is_admin() def GET(self, key): # only allow admin users to edit yaml if not self.is_admin(): return render.permission_denied(key, 'Permission Denied') try: d = self.get_data(key) except web.HTTPError, e: if web.ctx.status.lower() == "404 not found": d = {"key": key} else: raise return render.edit_yaml(key, self.dump(d))
return render.permission_denied(key, 'Permission Denied') i = web.input(body='', _comment=None) if '_save' in i: d = self.load(i.body) p = web.ctx.site.new(key, d) try: p._save(i._comment) except (client.ClientException, ValidationException), e: add_flash_message('error', str(e)) return render.edit_yaml(key, i.body) raise web.seeother(key + '.yml') elif '_preview' in i: add_flash_message('Preview not supported') return render.edit_yaml(key, i.body) else: add_flash_message('unknown action') return render.edit_yaml(key, i.body) def can_write(): user = delegate.context.user and delegate.context.user.key usergroup = web.ctx.site.get('/usergroup/api') return usergroup and user in [u.key for u in usergroup.members] class Forbidden(web.HTTPError): def __init__(self, msg=""): web.HTTPError.__init__(self, "403 Forbidden", {}, msg) class BadRequest(web.HTTPError): def __init__(self, msg=""):
return render.permission_denied(key, 'Permission Denied') i = web.input(body='', _comment=None) if '_save' in i: d = self.load(i.body) p = web.ctx.site.new(key, d) try: p._save(i._comment) except (client.ClientException, ValidationException), e: add_flash_message('error', str(e)) return render.edit_yaml(key, i.body) raise web.seeother(key + '.yml') elif '_preview' in i: add_flash_message('Preview not supported') return render.edit_yaml(key, i.body) else: add_flash_message('unknown action') return render.edit_yaml(key, i.body) def _get_user_root(): user_root = infogami.config.get("infobase", {}).get("user_root", "/user") return web.rstrips(user_root, "/") def _get_bots(): bots = web.ctx.site.store.values(type="account", name="bot", value="true") user_root = _get_user_root() return [user_root + "/" + account['username'] for account in bots]