def handle_pingback_request(source_uri, target_uri):
"""This method is exported via XMLRPC as `pingback.ping` by the
pingback API.
"""
app = get_application()
# next we check if the source URL does indeed exist
try:
response = open_url(source_uri)
except NetException:
raise Fault(16, 'The source URL does not exist.')
# we only accept pingbacks for links below our blog URL
blog_url = app.cfg['blog_url']
if not blog_url.endswith('/'):
blog_url += '/'
if not target_uri.startswith(blog_url):
raise Fault(32, 'The specified target URL does not exist.')
path_info = target_uri[len(blog_url):]
handler = endpoint = values = None
while 1:
try:
endpoint, values = app.url_adapter.match(path_info)
except RequestRedirect, e:
path_info = e.new_url[len(blog_url):]
except NotFound, e:
break
def mt_get_post_categories(post_id, username, password):
request = login(username, password)
post = Post.query.get(post_id)
if post is None or post.content_type != 'entry':
raise Fault(404, 'no such post')
if not post.can_read():
raise Fault(403, 'you don\'t have privilegs to this post')
return map(dump_category, post.categories)
def wp_get_page(blog_id, page_id, username, password):
request = login(username, password)
post = Post.query.get(page_id)
if post is None or post.content_type != 'page':
raise Fault(404, 'No such page')
if not post.can_read():
raise Fault(403, 'You don\'t have access to this page')
return dump_post(post)
def wp_delete_category(blog_id, username, password, category_id):
request = login(username, password)
if not request.user.has_privilege(MANAGE_CATEGORIES):
raise Fault(403, 'you are not allowed to manage categories')
category = Category.query.get(category_id)
if category is None:
raise Fault(404, 'no such category')
db.delete(category)
db.commit()
return category.id
def wp_delete_page(blog_id, username, password, page_id):
request = login(username, password)
page = Post.query.get(page_id)
if page is None or page.content_type != 'page':
raise Fault(404, 'no such page')
if not page.can_edit():
raise Fault(403, 'you don\'t have privilegs to this post')
db.delete(page)
db.commit()
return True
def wp_edit_page(blog_id, page_id, username, password, struct, publish):
request = login(username, password)
page = Post.query.get(page_id)
if not page or page.content_type != 'page':
raise Fault(404, 'no such page')
if not page.can_edit():
raise Fault(403, 'you don\'t have access to this page')
generic_edit_post(request, page, struct, publish)
db.commit()
return dump_post(page)
def metaweblog_edit_post(post_id, username, password, struct, publish):
request = login(username, password)
post = Post.query.get(post_id)
if post is None:
raise Fault(404, 'No such post')
if not post.can_edit():
raise Fault(403, 'missing privileges')
generic_edit_post(request, post, struct, publish)
db.commit()
return dump_post(post)
def login(username, password):
user = User.query.filter_by(username=username).first()
if user is None or not user.check_password(password):
raise Fault(403, 'Bad login/pass combination.')
if not user.is_manager:
raise Fault(
403, 'You need to be a manager in order to '
'use the blog RPC API')
# store the user on the request object so that the functions
# inside Zine work on the request of this user.
request = get_request()
request.user = user
return request
def metaweblog_new_post(blog_id, username, password, struct, publish):
request = login(username, password)
if not request.user.has_privilege(CREATE_ENTRIES):
raise Fault(403, 'you don\'t have the privileges to '
'create new posts')
post = generic_new_post(request, struct, publish, 'entry')
db.commit()
return dump_post(post)
def wp_new_page(username, password, struct, publish):
request = login(username, password)
if not request.user.has_privilege(CREATE_PAGES):
raise Fault(403, 'you don\'t have the privileges to '
'create new pages')
post = generic_new_post(request, struct, publish, 'post')
db.commit()
return dump_post(post)
def blogger_delete_post(post_id, username, password, publish):
request = login(username, password)
entry = Post.query.get(post_id)
if entry is None or entry.content_type != 'post':
raise Fault(404, 'No such post')
db.delete(entry)
db.commit()
return True
def wp_new_category(blog_id, username, password, struct):
request = login(username, password)
if not request.user.has_privilege(MANAGE_CATEGORIES):
raise Fault(403, 'you are not allowed to manage categories')
category = Category(struct['name'],
struct.get('description', u''),
slug=struct.get('slug') or None)
db.commit()
return category.id
def mt_set_post_categories(post_id, username, password, categories):
request = login(username, password)
post = Post.query.get(post_id)
if post is None or post.content_type != 'entry':
raise Fault(404, 'no such post')
if not post.can_edit():
raise Fault(403, 'you don\'t have privilegs to this post')
ids = []
names = []
for category in categories:
if 'categoryId' in category:
ids.append(category['categoryId'])
elif 'categoryName' in category:
names.append(category['categoryName'])
post.bind_categories(
Category.query.filter(Category.id.in_(ids)
| Category.name.in_(names)).all())
db.commit()
return True
def wp_set_options(blog_id, username, password, options):
# XXX: this does not use the wordpress format for the options
request = login(username, password)
if not request.user.has_privilege(BLOG_ADMIN):
raise Fault(403, 'not enough privileges')
t = request.app.cfg.edit()
for key, value in options.iteritems():
if key in t:
t[key] = value
t.commit()
return dump_options(request.app.cfg)
def select_parser(app, struct, default='html'):
"""Selects the parser from a struct. If the parser was not found
on the system, an XMLRPC fault is raised with an appropriate error
message and code.
"""
parser = struct.get('zine_parser')
if parser is None:
return default
if parser not in app.parsers:
raise Fault(500, 'unknown parser')
return parser
def as_fault(self):
"""Return the pingback errors XMLRPC fault."""
return Fault(self.fault_code, self.internal_message
or 'unknown server error')
def wp_get_options(blog_id, username, password, options=None):
# XXX: this does not use the wordpress format for the return value
request = login(username, password)
if not request.user.has_privilege(BLOG_ADMIN):
raise Fault(403, 'not enough privileges')
return dump_options(request.app.cfg, options)