def attachments_detach(req, object_type, object_id, path, webid): check_login(req) match_right(req, [R_ADMIN, 'attachments_author']) check_origin(req) attachment = Attachment(Attachment.web_to_id(webid)) attachment.detach(req, object_type, object_id) if attachment.delete(req) is None: raise SERVER_RETURN(state.HTTP_NOT_FOUND) return js_items(req, object_type=object_type, object_id=object_id)
def admin_attachments_images_thumb(req): check_login(req) match_right(req, [R_ADMIN, 'attachments_modify']) check_origin(req) # job must be singleton pid, status = run_job(req, req.uri, thumb_images, True) req.content_type = 'application/json' if not status: req.status = state.HTTP_NOT_ACCEPTABLE return '{}' req.status = state.HTTP_CREATED return json.dumps({'pid': pid})
def admin_attachments_add_update(req, id=None): check_login(req) match_right(req, [R_ADMIN, 'attachments_author']) check_origin(req) attachment = Attachment() attachment.bind(req.form, req.login.id) status = attachment.add(req) if not status == attachment: req.status = state.HTTP_BAD_REQUEST req.content_type = 'application/json' return json.dumps({'reason': Attachment.error(status)}) req.content_type = 'application/json' return json.dumps({'attachment': attachment.dumps()})
def attachments_view_not(req, object_type, object_id): check_login(req) match_right(req, [R_ADMIN, 'attachments_author']) check_origin(req) return js_items(req, object_type=object_type, object_id=object_id, NOT=True)