Exemplo n.º 1
0
def Alinea_addArticle(title, format, data, published, alineaSectionID,
                      alineaUser):
    from Alinea.Sections.AlineaSection import Alinea_getSectionWithID
    from Alinea.AlineaLib import Tools, ReST
    
    section = Alinea_getSectionWithID(alineaSectionID)
    warnings = ""
    publisher = ReST.Publisher()
    
    if format == 'Raw':
        # cosmetic processings on raw data
        html  = Tools.beautyfullText(data)
    elif format == 'ReST':
        # ReST publishing
        html  = publisher.publish(data)
        warnings = publisher.getWarnings()
    else:
        # HTML data
        html = data

    if warnings:
        raise ValueError(warnings)
    
    article = AlineaArticle(title=title, format=format, data=data,
                            html=html, #alineaSection=section,
                            alineaUser=alineaUser)
    rgt = AlineaNode.openHole(section)
    article.set(lft=rgt, rgt=rgt+1)

    
    userRoles = [ r.label for r in alineaUser.roles ]
    if 'publisher' in userRoles and published:
        article.published = True
    return article
Exemplo n.º 2
0
    def postComment(self,request,forReal=True):
        " comment saving for real or not (preview) "

        # spam protection
        if self.requestValue('obscuratedID',0) != self.getObscuratedID() :
            # if the id isn't the same as in session someone try f**k me
            # we should place a better Error message here ?
            print "SPAM Protection:"
            print " request value: %s" % self.requestValue('obscuratedID',0)
            print " cookie  value: %s" % self.getObscuratedID()

            self.setMessage("You are not allowed to post here since you don't seems to try to hack / or don't accept cookies")
            self.delEditingComment()
            return self.redirect()

        comment = self.getEditingComment()
        comment.url = self.requestValue('url')
        comment.author  = self.requestValue('name')
        comment.email = self.requestValue('email')
        comment.format = self.requestValue('format')
        comment.ip = self.request.environ['REMOTE_ADDR']

        data  = self.requestValue('comment')
        comment.comment = data
        date = time.localtime()[0:6]
        comment.date = mx.DateTime.ISO.Date(*date)
        warnings = ''

        if comment.format == 'Raw':
            # cosmetic processings on raw data
            data  = Tools.beautyfullText( data )
        elif comment.format == 'ReST':
            # ReST publishing
            data  = publisher.publish(data)
            warnings = publisher.getWarnings()

        commentable = self.getObject()
        
        if warnings:
            self.setMessage('ReST Error:'+warnings)
            comment.html = ''
        else:
            if not commentable.allowComments():
                return self.redirect()
            
            # XXX: big security hole here ? Tag Injection
            comment.html = data
            if forReal:
                comment.comment = comment.html
                # deletion of non available fields in table schema
                del comment['html']
                del comment['format']
                
                comment = comment.insertAndGetRow()                
                rgt = AlineaNode.openHole(commentable)
                comment.set(lft=rgt, rgt=rgt+1)
                AlineaNode.clearCache()
                
                self.delEditingComment()
            else:
                self.setEditingComment(comment)

        if forReal:
            self.setHtmlPreview('')
            self.delEditingComment()
            
            self.refreshPageCache('Welcome','Welcome_content')
            print '>>> REFRESH <<<'
            articleId = None
            for obj in comment.path():
                objId = obj.publicID
                try:
                    objType = obj.getTypeAsString()
                except:
                    continue
                if objType == 'Article':
                    articleId = objId
                self.refreshPageCache(objType, '%s_content' % objType, objId)

            if articleId:
                # TODO: refresh cache on Feeds
                #pass
                #import pdb; pdb.set_trace()
                self.refreshPageCache('Article','comment_content', articleId)
                
            print '>>> REFRESH <<<'
            
            # TODO: depending on whatever redirect to anywhere else
            return self.redirect()
Exemplo n.º 3
0
    def save(self, request, forReal=True):
        """ update the article w/ the current value from the request """
        article = self.getArticle()

        article.title = self.requestValue('title')
        article.data = self.requestValue('data')
        article.format = f = self.requestValue('format')
        article.language = self.requestValue('language')
        
        warnings = ''
        ok = True

        if f == 'Raw':
            # cosmetic processings on raw data
            article.html  = Tools.beautyfullText( article.data )
        elif f == 'ReST':
            # ReST publishing
            article.html  = publisher.publish(article.data)
            warnings = publisher.getWarnings()
        else:
            # HTML data
            # XXX: big security hole here ? Tag Injection
            article.html = article.data

        if warnings != '':
            self.setMessage("Error: %s" % warnings)
            ok = False
        
        if forReal and ok:
            section = None

            # enable section stuff only if saving article for real
            if self.requestValue('section'):
                from Alinea.Sections.AlineaSection import AlineaSection

                sectionId = int(self.requestValue('section'))
                section = AlineaSection.get(sectionId)
                if not isinstance(article, VirtualRow) and article.getParent().publicID != section.publicID:
                    article.moveTo(section)

            if section is None:
                raise ValueError("You need to put the Article in a Section ...")

            if isinstance(article, VirtualRow):
                del article['alineaComments']
                del article['publicID']
                del article['alineaSection']
                del article['alineaSectionID']

                self.delArticleFromSession(article)
                article.alineaUser = self.getLoggedUser()
                article = article.insertAndGetRow()

                rgt = AlineaNode.openHole(section)
                article.set(lft=rgt, rgt=rgt+1)
                AlineaNode.clearCache()

            article.published = False
            article.touch()
            self.setSaved(True)
            self.setMessage("Article '%s' saved" % article.title)
            self.storeArticle(article)
                
        if forReal:
            if ok:
                #self.refreshPageCache('Welcome',
                return request.response.redirect(article.admin_url())
            else:
                return self.render()
        else:
            self.storeArticle(article)
            return ok