def attachments_detach(req, object_type, object_id, path, webid):
check_login(req)
match_right(req, [R_ADMIN, 'attachments_author'])
check_origin(req)
attachment = Attachment(Attachment.web_to_id(webid))
attachment.detach(req, object_type, object_id)
if attachment.delete(req) is None:
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
return js_items(req, object_type=object_type, object_id=object_id)
def admin_attachments_images_thumb(req):
check_login(req)
match_right(req, [R_ADMIN, 'attachments_modify'])
check_origin(req)
# job must be singleton
pid, status = run_job(req, req.uri, thumb_images, True)
req.content_type = 'application/json'
if not status:
req.status = state.HTTP_NOT_ACCEPTABLE
return '{}'
req.status = state.HTTP_CREATED
return json.dumps({'pid': pid})
def admin_attachments_add_update(req, id=None):
check_login(req)
match_right(req, [R_ADMIN, 'attachments_author'])
check_origin(req)
attachment = Attachment()
attachment.bind(req.form, req.login.id)
status = attachment.add(req)
if not status == attachment:
req.status = state.HTTP_BAD_REQUEST
req.content_type = 'application/json'
return json.dumps({'reason': Attachment.error(status)})
req.content_type = 'application/json'
return json.dumps({'attachment': attachment.dumps()})
def attachments_view_not(req, object_type, object_id):
check_login(req)
match_right(req, [R_ADMIN, 'attachments_author'])
check_origin(req)
return js_items(req, object_type=object_type, object_id=object_id,
NOT=True)
