def publisher_admin_images(self):
self.meta_tags(title="Images")
if request.method == "POST":
id = request.form.get("id", None)
action = request.form.get("action")
description = request.form.get("description")
if id:
image = PostModel.UploadObject.get(id)
if image:
if action == "delete":
image.delete()
obj = storage.get(image.name)
if obj:
obj.delete()
flash("Image deleted successfully!", "success")
else:
image.update(description=description)
flash("Image updated successfully!", "success")
else:
abort(404, "No image ID provided")
return redirect(url_for("PublisherAdmin:images"))
else:
page = request.args.get("page", 1)
per_page = self.get_config("PAGINATION_PER_PAGE", 25)
images = PostModel.UploadObject.all()\
.filter(PostModel.UploadObject.type == "IMAGE")\
.order_by(PostModel.UploadObject.name.asc())
images = images.paginate(page=page, per_page=per_page)
return dict(images=images)
def page_single(self, id=None, slug=None, month=None, date=None):
"""
Endpoints options
single
- post_show_byline
"""
post = None
_q = {}
if id:
_q = {"id": id}
elif slug:
_q = {"slug": slug}
post = Post.get_published(types=query.get("types"), **_q)
if not post:
abort("PublisherPageNotFound")
self.meta_tags(title=post.title,
image=post.top_image,
description=post.excerpt)
_kwargs = {
#"post_show_byline": opt_endpoints.get("single.post_show_byline", True)
}
_kwargs = dict()
return dict(post=self.prepare_post(post),
**_kwargs)
def publisher_admin_preview(self, id):
"""
Read Post
"""
post = PostModel.Post.get(id)
if not post:
abort(404, "Post doesn't exist")
self.meta_tags(title="Read: %s " % post.title)
return dict(post=post)
def user_admin_get(self, id):
self.meta_tags(title="User Info - Users Admin")
user = User.get(id, include_deleted=True)
if not user:
abort(404, "User doesn't exist")
if current_user.role.level < user.role.level:
abort(403, "Not enough rights to access this user info")
return dict(user=user,
user_roles_options=self._user_roles_options())
def publisher_admin_edit(self, id):
"""
Create / Edit Post
"""
self.meta_tags(title="Edit Post")
types = [(t.id, t.name) for t in PostModel.Type.all().order_by(PostModel.Type.name.asc())]
categories = [(c.id, c.name) for c in PostModel.Category.all().order_by(PostModel.Category.name.asc())]
checked_cats = []
type_id = request.args.get("type_id", None)
# data to pass to view
post = {
"id": 0,
"title": "",
"content": "",
"slug": "",
"is_public": True,
"is_sticky": False,
"is_featured": False,
"type_id": 0 if not type_id else int(type_id),
"options": {}
}
# saved in session
flashed_data = get_flashed_data()
if request.args.get("error") and flashed_data:
post = flashed_data
checked_cats = post["post_categories"]
elif id:
post = PostModel.Post.get(id)
if not post or post.is_revision:
abort(404, "Post doesn't exist")
checked_cats = [c.id for c in post.categories]
images = PostModel.UploadObject.all()\
.filter(PostModel.UploadObject.type == "IMAGE")\
.order_by(PostModel.UploadObject.name.asc())
images_list = [{"id": img.id, "url": img.object_url} for img in images]
return dict(post=post,
types=types,
categories=categories,
checked_categories=checked_cats,
images_list=images_list)
def reset_password(self, token):
self._login_enabled()
logout_user()
self.meta_tags(title="Reset Password")
user = User.get_by_temp_login(token)
if user:
if not user.has_temp_login:
return redirect(url_for(on_signin_view))
if request.method == "POST":
try:
self.change_password_handler(user_context=user)
user.clear_temp_login()
flash("Password updated successfully!", "success")
return redirect(url_for(on_signin_view))
except Exception as ex:
flash("Error: %s" % ex.message, "error")
return redirect(url_for(endpoint_namespace % "reset_password",
token=token))
else:
return dict(token=token)
else:
abort(404, "Invalid token")
def contact_page(self):
# Email to
email_to = kwargs.pop("email_to", self.get_config("APPLICATION_CONTACT_EMAIL", None))
if mailer.validated is not True:
abort("MailerMisconfiguredError")
elif not email_to:
abort("ContactPageMissingEmailToError")
if request.method == "POST":
email = request.form.get("email")
subject = request.form.get("subject")
message = request.form.get("message")
name = request.form.get("name")
flash_message = "Message sent. Thank you!"
flash_type = "success"
if recaptcha.verify():
if not email or not subject or not message:
flash_message = "All fields are required"
flash_type = "error"
elif not utils.is_valid_email(email):
flash_message = "Invalid email address"
flash_type = "error"
else:
try:
mailer.send_template("contact-us.txt",
to=email_to,
reply_to=email,
mail_from=email,
mail_subject=subject,
mail_message=message,
mail_name=name)
except Exception as ex:
abort("MailerMisconfiguredError")
else:
flash_message = "Security code is invalid"
flash_type = "error"
flash(flash_message, flash_type)
return redirect(url_for(return_to))
self.meta_tags(title="Contact Us")
return {}
def publisher_admin_post(self):
id = request.form.get("id")
title = request.form.get("title")
slug = request.form.get("slug")
content = request.form.get("content")
description = request.form.get("description")
type_id = request.form.get("type_id")
post_categories = request.form.getlist("post_categories")
published_date = request.form.get("published_date")
status = request.form.get("status", "draft")
is_published = True if status == "publish" else False
is_draft = True if status == "draft" else False
is_public = True if request.form.get("is_public") == "y" else False
is_sticky = True if request.form.get("is_sticky") == "y" else False
is_featured = True if request.form.get("is_featured") == "y" else False
featured_image = request.form.get("featured_image")
featured_embed = request.form.get("featured_embed")
featured_media_top = request.form.get("featured_media_top", "")
social_options = request.form.getlist("social_options")
tags = list(set(request.form.get("tags", "").split(",")))
now_dt = datetime.datetime.now()
data = {
"title": title,
"content": content,
"description": description,
"featured_image": featured_image,
"featured_embed": featured_embed,
"featured_media_top": featured_media_top,
"type_id": type_id,
"is_sticky": is_sticky,
"is_featured": is_featured,
"is_public": is_public
}
if status in ["draft", "publish"] and (not title or not type_id):
if not title:
flash("Post Title is missing ", "error")
if not type_id:
flash("Post type is missing", "error")
data.update({
"published_date": published_date,
"post_categories": post_categories,
"options": {"social_options": social_options},
})
flash_data(data)
if id:
url = url_for("PublisherAdmin:edit", id=id, error=1)
else:
url = url_for("PublisherAdmin:new", error=1)
return redirect(url)
published_date = datetime.datetime.strptime(published_date, "%Y-%m-%d %H:%M:%S") \
if published_date else now_dt
if id and status in ["delete", "revision"]:
post = PostModel.Post.get(id)
if not post:
abort(404, "Post '%s' doesn't exist" % id)
if status == "delete":
post.delete()
flash("Post deleted successfully!", "success")
return redirect(url_for("PublisherAdmin:index"))
elif status == "revision":
data.update({
"user_id": current_user.id,
"parent_id": id,
"is_revision": True,
"is_draft": False,
"is_published": False,
"is_public": False
})
post = PostModel.Post.create(**data)
return jsonify({"revision_id": post.id})
elif status in ["draft", "publish"]:
data.update({
"is_published": is_published,
"is_draft": is_draft,
"is_revision": False,
"is_public": is_public
})
if id:
post = PostModel.Post.get(id)
if not post:
abort(404, "Post '%s' doesn't exist" % id)
elif post.is_revision:
abort(403, "Can't access this post")
else:
if is_sticky and not post.is_sticky:
data["sticky_at"] = now_dt
if is_featured and not post.is_featured:
data["featured_at"] = now_dt
post.update(**data)
else:
data["user_id"] = current_user.id
if is_published:
data["published_at"] = published_date
if is_sticky:
data["sticky_at"] = now_dt
if is_featured:
data["featured_at"] = now_dt
post = PostModel.Post.create(**data)
# prepare tags
_tags = []
for tag in tags:
tag = tag.strip().lower()
_tag = PostModel.Tag.get_by_slug(name=tag)
if tag and not _tag:
_tag = PostModel.Tag.new(name=tag)
if _tag:
_tags.append(_tag.id)
post.update_tags(_tags)
post.set_slug(slug or title)
post.update_categories(map(int, post_categories))
post.set_options("social", social_options)
if post.is_published and not post.published_at:
post.update(published_at=published_date)
flash("Post saved successfully!", "success")
return redirect(url_for("PublisherAdmin:edit", id=post.id))
else:
abort(400, "Invalid post status")
def user_admin_post(self):
try:
id = request.form.get("id")
user = User.get(id, include_deleted=True)
if not user:
flash("Can't change user info. Invalid user", "error")
return redirect(url_for("UserAdmin:index"))
if current_user.role.level < user.role.level:
abort(403, "Not enough rights to update this user info")
email = request.form.get("email", "").strip()
first_name = request.form.get("first_name")
last_name = request.form.get("last_name")
user_role = request.form.get("user_role")
action = request.form.get("action")
if user.id != current_user.id:
_role = Role.get(user_role)
if not _role:
raise UserError("Invalid role")
if current_user.role.name.lower() not in PRIVILEDGED_ROLES:
raise UserError("Not Enough right to change user's info")
if action == "activate":
user.update(active=True)
flash("User has been ACTIVATED", "success")
elif action == "deactivate":
user.update(active=False)
flash("User is now DEACTIVATED", "success")
elif action == "delete":
user.delete()
flash("User has been deleted", "success")
elif action == "undelete":
user.delete(False)
flash("User is now active", "success")
else:
if email and email != user.email:
if not utils.is_valid_email(email):
raise UserError("Invalid email address '%s'" % email)
else:
if User.get_by_email(email):
raise UserError("Email exists already '%s'" % email)
user.update(email=email)
user.update(first_name=first_name,
last_name=last_name,
role_id=_role.id)
else:
if email and email != user.email:
if not utils.is_valid_email(email):
raise UserError("Invalid email address '%s'" % email)
else:
if User.get_by_email(email):
raise UserError("Email exists already '%s'" % email)
user.update(email=email)
user.update(first_name=first_name,
last_name=last_name)
flash("User's Info updated successfully!", "success")
except ApplicationError as ex:
flash("Error: %s " % ex.message, "error")
return redirect(url_for("UserAdmin:get", id=id))
def _oauth_enabled(self):
if self._package_conf.get("enable_oauth") is not True:
abort("UserOAuthDisabledError")
def _signup_enabled(self):
if self._package_conf.get("enable_signup") is not True:
abort("UserSignupDisabledError")
def _login_enabled(self):
if self._package_conf.get("enable_login") is not True:
abort("UserLoginDisabledError")