def screenedit(screenid):
''' edit one screen '''
try:
if int(screenid) == -1:
flash('New Screen')
screen = Screen() # pylint: disable=no-value-for-parameter
else:
screen = Screen().get(Screen.id == int(screenid)) # pylint: disable=no-value-for-parameter
backgrounds = [basename(x) for x in \
glob(app.config['SITE_VARS']['user_dir'] + '*')
if allow_filetype(x)]
except Screen.DoesNotExist:
flash('Invalid Screen ID! Screen does NOT exist!')
return redirect(url_for('index'))
if request.method == 'POST':
if not user_session.logged_in():
flash("You're not logged in!")
return redirect(url_for('posts'))
user = user_session.get_user()
if not user.is_admin:
flash('Sorry. You are NOT an admin!')
return redirect(url_for('index'))
if request.form.get('action', 'update') == 'delete':
screen.delete_instance()
flash('deleted')
return redirect(request.referrer)
# first check that name is OK:
try:
oldname = screen.urlname
screen.urlname = urllib.quote(request.form.get('urlname'), '')
screen.save()
except sqlite3.IntegrityError:
screen.urlname = oldname
flash("Sorry! That name is already being used!")
screen.background = request.form.get('background')
screen.settings = request.form.get('settings', '')
screen.css = request.form.get('css', '').replace('"',"'")
screen.zones = form_json('zones', {})
screen.save()
flash('saved.')
if int(screenid) == -1:
return redirect(url_for('screenedit', screenid=screen.id))
return render_template('screen_editor.html',
feeds=Feed.select(),
backgrounds=backgrounds,
screen=screen)
def feedpage(feedid):
''' the back end settings for one feed. '''
try:
feed = Feed.get(id=feedid)
user = user_session.get_user()
except user_session.NotLoggedIn:
user = User()
except:
flash('invalid feed id! (' + str(feedid) + ')')
return redirect(url_for('feeds'))
if request.method == 'POST':
if not user_session.logged_in():
flash("You're not logged in!")
return redirect(url_for('feeds'))
if not user.is_admin:
flash('Sorry! Only Admins can change these details.')
return redirect(request.referrer)
action = request.form.get('action', 'none')
if action == 'edit':
feed.name = request.form.get('title', feed.name).strip()
inlist = request.form.getlist
feed.post_types = ', '.join(inlist('post_types'))
feed.set_authors(by_id(User, inlist('authors')))
feed.set_publishers(by_id(User, inlist('publishers')))
feed.set_author_groups(by_id(Group, inlist('author_groups')))
feed.set_publisher_groups(by_id(Group, inlist('publisher_groups')))
feed.save()
flash('Saved')
elif action == 'delete':
for post in feed.posts:
post_type_module = post_types.load(post.type)
delete_post_and_run_callback(post, post_type_module)
feed.delete_instance(True, True) # cascade/recursive delete.
flash('Deleted')
return redirect(url_for('feeds'))
return render_template('feed.html',
feed=feed,
user=user,
all_posttypes=post_types.types(),
allusers=User.select(),
allgroups=Group.select()
)
def feedpage(feedid):
''' the back end settings for one feed. '''
try:
feed = Feed.get(id=feedid)
user = user_session.get_user()
except user_session.NotLoggedIn:
user = User()
except:
flash('invalid feed id! (' + str(feedid) + ')')
return redirect(url_for('feeds'))
if request.method == 'POST':
if not user_session.logged_in():
flash("You're not logged in!")
return redirect(url_for('feeds'))
if not user.is_admin:
flash('Sorry! Only Admins can change these details.')
return redirect(request.referrer)
action = request.form.get('action', 'none')
if action == 'edit':
feed.name = request.form.get('title', feed.name).strip()
inlist = request.form.getlist
feed.post_types = ', '.join(inlist('post_types'))
feed.set_authors(by_id(User, inlist('authors')))
feed.set_publishers(by_id(User, inlist('publishers')))
feed.set_author_groups(by_id(Group, inlist('author_groups')))
feed.set_publisher_groups(by_id(Group, inlist('publisher_groups')))
feed.save()
flash('Saved')
elif action == 'delete':
for post in feed.posts:
post_type_module = post_types.load(post.type)
delete_post_and_run_callback(post, post_type_module)
feed.delete_instance(True, True) # cascade/recursive delete.
flash('Deleted')
return redirect(url_for('feeds'))
return render_template('feed.html',
feed=feed,
user=user,
all_posttypes=post_types.types(),
allusers=User.select(),
allgroups=Group.select()
)
def postpage(postid):
''' Edit a post. '''
if not user_session.logged_in():
flash("You're not logged in!")
return redirect(url_for('posts'))
try:
post = Post.get(Post.id == postid)
post_type_module = post_types.load(post.type)
user = user_session.get_user()
except Post.DoesNotExist:
flash('Sorry! Post id:{0} not found!'.format(postid))
return redirect(url_for('posts'))
if request.method == 'POST':
try:
# check for write permission, and if the post is
# already published, publish permission.
if_i_cant_write_then_i_quit(post, user)
# if the user is allowed to set the feed to what they've
# requested, then do it.
post.feed = try_to_set_feed(post,
request.form.get('post_feed', False),
user)
except PleaseRedirect as e:
flash(str(e.msg))
redirect(e.url)
# if it's a publish or delete request, handle that instead:
action = request.form.get('action', 'edit')
if action == 'delete':
# don't need extra guards, as if_i_cant... deals with it above
delete_post_and_run_callback(post, post_type_module)
flash('Deleted')
elif action == 'publish':
try:
post.publish(user)
flash("Published")
except PermissionDenied:
flash("Sorry, you don't have permission to publish"
" posts in this feed.")
elif action == 'unpublish':
try:
post.publish(user, False)
flash("Published!")
except PermissionDenied:
flash('Sorry, you do NOT have permission' \
' to unpublish on this feed.')
elif action == 'move':
if not user_session.is_admin():
flash('Sorry! You are not an admin!')
return jsonify({'error': 'permission denied'})
post.feed = Feed.get(Feed.id == getint('feed', post.feed))
post.save()
return jsonify({'message': 'Moved to ' + post.feed.name})
if action not in ('edit', 'update'):
return redirect(request.referrer if request.referrer else '/')
# finally get around to editing the content of the post...
try:
post_form_intake(post, request.form, post_type_module)
post.save()
flash('Updated.')
except Exception as e:
flash('invalid content for this data type!')
flash(str(e))
# Should we bother displaying 'Post' button, and editable controls
# if the user can't write to this post anyway?
#can_write, can_publish = can_user_write_and_publish(user, post)
return render_template('post_editor.html',
post=post,
current_feed=post.feed.id,
feedlist=user.writeable_feeds(),
user=user,
form_content=post_type_module.form(json.loads(post.content)))
def post_new(feed_id):
''' create a new post! '''
if not user_session.logged_in():
flash("You're not logged in!")
return redirect(url_for('index'))
user = user_session.get_user()
try:
feed = Feed.get(id=feed_id)
except Feed.DoesNotExist:
flash('Sorry, Feed does not exist!')
return redirect(url_for('feeds'))
if not feed.user_can_write(user):
flash("Sorry! You don't have permission to write here!")
return redirect(request.referrer if request.referrer else '/')
if request.method == 'GET':
# send a blank form for the user:
post = Post()
post.feed = feed
# give list of available post types:
all_posttypes = dict([(x['id'], x) for x in post_types.types()])
if post.feed.post_types:
allowed_post_types = []
for post_type in post.feed.post_types_as_list():
if post_type in all_posttypes:
allowed_post_types.append(all_posttypes[post_type])
else:
allowed_post_types = all_posttypes.values()
# return the page:
return render_template('postnew.html',
current_feed=feed,
post=post,
user=user,
post_types=allowed_post_types)
else: # POST. new post!
post_type = request.form.get('post_type')
try:
post_type_module = post_types.load(post_type)
except:
flash('Sorry! invalid post type.')
return redirect(request.referrer if request.referrer else '/')
if feed.post_types and post_type not in feed.post_types_as_list():
flash('sorry! this post type is not allowed in this feed!')
return redirect(request.referrer if request.referrer else '/')
post = Post(type=post_type, author=user)
try:
post.feed = feed
if_i_cant_write_then_i_quit(post, user)
post_form_intake(post, request.form, post_type_module)
except PleaseRedirect as e:
flash(str(e.msg))
return redirect(e.url if e.url else request.url)
post.save()
flash('Saved!')
return redirect(url_for('feedpage', feedid=post.feed.id))
def postpage(postid):
''' Edit a post. '''
if not user_session.logged_in():
flash("You're not logged in!")
return redirect(url_for('posts'))
try:
post = Post.get(Post.id == postid)
post_type_module = post_types.load(post.type)
user = user_session.get_user()
except Post.DoesNotExist:
flash('Sorry! Post id:{0} not found!'.format(postid))
return redirect(url_for('posts'))
if request.method == 'POST':
try:
# check for write permission, and if the post is
# already published, publish permission.
if_i_cant_write_then_i_quit(post, user)
# if the user is allowed to set the feed to what they've
# requested, then do it.
post.feed = try_to_set_feed(post,
request.form.get('post_feed', False),
user)
except PleaseRedirect as e:
flash(str(e.msg))
redirect(e.url)
# if it's a publish or delete request, handle that instead:
action = request.form.get('action', 'edit')
if action == 'delete':
# don't need extra guards, as if_i_cant... deals with it above
delete_post_and_run_callback(post, post_type_module)
flash('Deleted')
elif action == 'publish':
try:
post.publish(user)
flash("Published")
except PermissionDenied:
flash("Sorry, you don't have permission to publish"
" posts in this feed.")
elif action == 'unpublish':
try:
post.publish(user, False)
flash("Published!")
except PermissionDenied:
flash('Sorry, you do NOT have permission' \
' to unpublish on this feed.')
elif action == 'move':
if not user_session.is_admin():
flash('Sorry! You are not an admin!')
return jsonify({'error': 'permission denied'})
post.feed = Feed.get(Feed.id == getint('feed', post.feed))
post.save()
return jsonify({'message': 'Moved to ' + post.feed.name})
if action not in ('edit', 'update'):
return redirect(request.referrer if request.referrer else '/')
# finally get around to editing the content of the post...
try:
post_form_intake(post, request.form, post_type_module)
post.save()
flash('Updated.')
except Exception as e:
flash('invalid content for this data type!')
flash(str(e))
# Should we bother displaying 'Post' button, and editable controls
# if the user can't write to this post anyway?
#can_write, can_publish = can_user_write_and_publish(user, post)
return render_template('post_editor.html',
post=post,
current_feed=post.feed.id,
feedlist=user.writeable_feeds(),
user=user,
form_content=post_type_module.form(
json.loads(post.content)))