def admin_dashboard():
if not request.is_secure and config.env != "debug":
return redirect(request.url.replace("http://", "https://"))
user = blog_backend.get_logged_user(request.cookies)
if user == None:
return blog_backend.render_template(
"index.html",
content=blog_backend.render_template("admin_dashboard.html",
logged=False),
title="Login required")
if user.level > 0:
return "Forbidden"
response = make_response(
blog_backend.render_template(
"index.html",
content=blog_backend.render_template(
"admin_dashboard.html",
logged=True,
posts_list=blog_backend.sort(blog_backend.get_posts_list(),
"date", True),
users_list=blog_backend.sort(blog_backend.get_users_list(),
"level", False),
),
title="Dashboard"))
user.update_session_id(response)
return response
def posts_list(page=0, tag=None, author=None):
page = int(page)
posts = blog_backend.sort(
blog_backend.query(blog_backend.get_posts_list(), "draft", "equal",
False), "date", True)
title = None
page_url = ""
if tag:
page_url = urljoin(config.url["tag_url"], tag)
posts = blog_backend.query(posts, "tags", "contains", tag)
if page > 0:
title = 'Tag "{}" - page {}'.format(tag, page)
else:
title = 'Tag "{}"'.format(tag)
elif author:
page_url = urljoin(config.url["author_url"], author)
author = blog_backend.User(author)
posts = blog_backend.query(posts, "author", "equal", author.username)
if page > 0:
title = 'Author: {} - page {}'.format(author.name, page)
else:
title = 'Author: {}'.format(author.name)
else:
page_url = config.url["page_url"]
posts = blog_backend.query(posts, "list_post", "equal", True)
if page > 0:
title = 'Page {}'.format(page)
else:
title = "Home Page"
prev_page = urljoin(page_url, str(page - 1))
next_page = urljoin(page_url, str(page + 1))
if (page == 0):
prev_page = None
if (len(posts) <= (page + 1) * config.posts_per_page):
next_page = None
i = page * config.posts_per_page
if i >= len(posts):
posts = []
prev_page = None
next_page = None
else:
posts = posts[i:i + config.posts_per_page]
return blog_backend.render_template("index.html",
content=blog_backend.render_template(
"page.html",
next_page_url=next_page,
prev_page_url=prev_page,
tag=tag,
author=author,
posts_list=posts),
title=title)
def post(post_id):
if not request.is_secure and config.env != "debug":
return redirect(request.url.replace("http://", "https://"))
post = blog_backend.Post(post_id)
if post.is_new_post:
post = None
user = blog_backend.get_logged_user(request.cookies)
title = "Not found"
if post != None:
title = post.title
if user:
post.logged_user = user.username
response = make_response(
blog_backend.render_template("index.html",
content=blog_backend.render_template(
"post.html", post=post, user=user),
title=title))
if user:
user.update_session_id(response)
return response
def static_page(page_name):
file_path = os.path.join(config.static_pages_dir, page_name + ".yaml")
if os.path.isfile(file_path):
page = blog_backend.load_yaml_file(file_path)
return blog_backend.render_template("index.html",
content=page["body"],
title=page["title"])
else:
return blog_backend.render_template("index.html",
content="Page not found.",
title="Not found")
def admin_post_actions(user, post_id=None):
if request.method == 'POST':
post = blog_backend.Post(post_id)
post.author = user.username
post.title = request.form["title"]
post.edit_body = request.form["body"]
post.tags = [
re.sub("\s\s+", " ", tag.strip())
for tag in request.form["tags"].split(";") if len(tag.strip()) > 0
]
post.draft = bool(request.form.get("draft"))
post.list_post = bool(request.form.get("list_post"))
post.allow_comments = bool(request.form.get("allow_comments"))
if "upload_file" in request.form:
#save post as draft, save uploaded file and redirect to edit page
post.draft = True
post.save()
if 'file' in request.files:
file = request.files['file']
if file.filename != '' and file:
post.save_static_file(file)
return redirect(urljoin(config.url["edit_post_url"], post.id),
code=302)
post.save()
return redirect(config.url["admin_dashboard_url"], code=302)
else:
post = blog_backend.Post(post_id)
title = "Edit post"
if not post_id:
title = "New post"
return make_response(
blog_backend.render_template(
"index.html",
content=blog_backend.render_template("admin_edit_post.html",
post=post),
title=title))
def edit_profile():
if not request.is_secure and config.env != "debug":
return redirect(request.url.replace("http://", "https://"))
user = blog_backend.get_logged_user(request.cookies)
if user == None:
return redirect(config.url["index_url"], code=302)
if request.method == 'POST':
if request.form["username"] != user.username:
return "Forbidden"
redirect_url = config.url["index_url"]
user.hide_picture = bool(request.form.get("hide_picture"))
if len(request.form["name"]) > 0:
user.name = request.form["name"]
if user.level < 1:
user.bio = request.form["bio"]
redirect_url = config.url["admin_dashboard_url"]
user.save()
response = redirect(redirect_url, code=302)
user.update_session_id(response)
return response
else:
response = make_response(
blog_backend.render_template("index.html",
content=blog_backend.render_template(
"edit_profile.html",
user=user,
allow_bio_edit=user.level < 1,
),
title="Edit Profile"))
user.update_session_id(response)
return response
def feed():
posts = blog_backend.sort(
blog_backend.query(blog_backend.get_posts_list(), "list_post", "equal",
True, "draft", "equal", False), "date", True)
posts = posts[0:config.atom_posts]
update_time = datetime.utcnow().strftime(config.date_format)
if len(posts) != 0:
update_time = posts[0].date
resp = make_response(
blog_backend.render_template("atom.xml",
update_time=update_time,
posts_list=posts))
resp.mimetype = "application/atom+xml"
return resp