def authorized(api_key,project_id): user = User() print "api key is %s" % api_key user.api_login(api_key) if not user.is_authenticated(): print "wrong password" return False login_user(user) identity_changed.send(current_app._get_current_object(),identity=Identity(user.user.id)) permission = EditProjectPermission(project_id) if not permission.can(): print "bad permission" return False return True
def project_entry_create(project_id): form = EntryForm(csrf_enabled=False) edit = False project = Project() project.get(project_id) permission = EditProjectPermission(project_id) if not permission.can(): abort(403) if form.validate_on_submit(): name = form.name.data description = form.description.data source = form.source.data entry_id = project.add_entry(name,description,source) return redirect('/project/%s/' % (project_id)) return render_template('entry_create.html',form=form)
def project_view(project_id): form = ProjectUpdateForm(csrf_enabled=False) project = Project() print project_id project.get(project_id) permission = EditProjectPermission(project_id) edit = False if request.method == 'POST': edit = True if not permission.can(): abort(403) if form.validate_on_submit(): # name is not edited because it bind to the database name project.project.description = form.description.data project.save() return render_template('project_view.html',project=project,form=form,edit=edit,permission=permission)
def project_entry_detail(project_id,entry_id): # add entry should be a new form, remove from old form permission = EditProjectPermission(project_id) form = EntryUpdateForm(csrf_enabled=False) # we also will need upload form FYI project = Project() project.get(project_id) edit = False print project.project.entry.keys() entry = project.get_entry(entry_id) if form.validate_on_submit(): if not permission.can(): abort(403) description = form.description.data source = form.source.data project.update_entry(entry_id,description,source) edit = True # not to mention we will need a project detail return render_template('entry_view.html',project=project,form=form,edit=edit,entry_id=entry_id,permission=permission)