def pages_delete(self, page, page_type='pages'): page = page[1:] if 'cancel' in p.toolkit.request.params: p.toolkit.redirect_to(controller=self.controller, action='%s_edit' % page_type, page='/' + page) try: if p.toolkit.request.method == 'POST': csrf_token.validate( p.toolkit.request.POST.get('csrf-token', '')) p.toolkit.get_action('ckanext_pages_delete')({}, { 'page': page }) p.toolkit.redirect_to('%s_index' % page_type) else: p.toolkit.abort(404, _('Page Not Found')) except p.toolkit.NotAuthorized: p.toolkit.abort(401, _('Unauthorized to delete page')) except p.toolkit.ObjectNotFound: p.toolkit.abort(404, _('Group not found')) except csrf_token.CsrfTokenValidationError: helpers.flash_error(_('Security token error, please try again')) p.toolkit.redirect_to(controller=self.controller, action='%s_edit' % page_type, page='/' + page) return p.toolkit.render('ckanext_pages/confirm_delete.html', {'page': page})
def _save_edit(self, id, context): try: data_dict = logic.clean_dict(unflatten( logic.tuplize_dict(logic.parse_params(request.params)))) context['message'] = data_dict.get('log_message', '') data_dict['id'] = id csrf_token.validate(data_dict.get('csrf-token', '')) # ONLY DIFFERENCE IS HERE if (data_dict['password1'] and data_dict['password2']) or data_dict['email']: identity = {'login': c.user, 'password': data_dict['old_password']} auth = authenticator.UsernamePasswordAuthenticator() if auth.authenticate(request.environ, identity) != c.user: raise UsernamePasswordError # MOAN: Do I really have to do this here? if 'activity_streams_email_notifications' not in data_dict: data_dict['activity_streams_email_notifications'] = False user = get_action('user_update')(context, data_dict) h.flash_success(_('Profile updated')) h.redirect_to(controller='user', action='read', id=user['name']) except NotAuthorized: abort(401, _('Unauthorized to edit user %s') % id) except NotFound, e: abort(404, _('User not found'))
def pages_edit(self, page=None, data=None, errors=None, error_summary=None, page_type='pages'): if page: page = page[1:] _page = p.toolkit.get_action('ckanext_pages_show')(data_dict={ 'org_id': None, 'page': page, }) if _page is None: _page = {} if p.toolkit.request.method == 'POST' and not data: data = dict(p.toolkit.request.POST) _page.update(data) _page['org_id'] = None _page['page'] = page _page['page_type'] = 'page' if page_type == 'pages' else page_type try: csrf_token.validate( p.toolkit.request.POST.get('csrf-token', '')) junk = p.toolkit.get_action('ckanext_pages_update')( data_dict=_page) except p.toolkit.ValidationError, e: errors = e.error_dict error_summary = e.error_summary return self.pages_edit('/' + page, data, errors, error_summary, page_type=page_type) except csrf_token.CsrfTokenValidationError: helpers.flash_error( _('Security token error, please try again')) form_snippet = config.get('ckanext.pages.form', 'ckanext_pages/base_form.html') vars = { 'data': data, 'errors': errors, 'error_summary': error_summary, 'page': page, 'form_snippet': form_snippet } return p.toolkit.render('ckanext_pages/%s_edit.html' % page_type, extra_vars=vars)
def pages_delete(self, page, page_type='pages'): page = page[1:] if 'cancel' in p.toolkit.request.params: p.toolkit.redirect_to(controller=self.controller, action='%s_edit' % page_type, page='/' + page) try: if p.toolkit.request.method == 'POST': csrf_token.validate(p.toolkit.request.POST.get('csrf-token', '')) p.toolkit.get_action('ckanext_pages_delete')({}, {'page': page}) p.toolkit.redirect_to('%s_index' % page_type) else: p.toolkit.abort(404, _('Page Not Found')) except p.toolkit.NotAuthorized: p.toolkit.abort(401, _('Unauthorized to delete page')) except p.toolkit.ObjectNotFound: p.toolkit.abort(404, _('Group not found')) except csrf_token.CsrfTokenValidationError: helpers.flash_error(_('Security token error, please try again')) p.toolkit.redirect_to(controller=self.controller, action='%s_edit' % page_type, page='/' + page) return p.toolkit.render('ckanext_pages/confirm_delete.html', {'page': page})
def _save_edit(self, id, context): try: if id in (c.userobj.id, c.userobj.name): current_user = True else: current_user = False old_username = c.userobj.name data_dict = logic.clean_dict(unflatten( logic.tuplize_dict(logic.parse_params(request.params)))) context['message'] = data_dict.get('log_message', '') data_dict['id'] = id csrf_token.validate(data_dict.get('csrf-token', '')) # ONLY DIFFERENCE IS HERE if (data_dict['password1'] and data_dict['password2']) or data_dict['email']: identity = {'login': c.user, 'password': data_dict['old_password']} auth = authenticator.UsernamePasswordAuthenticator() if auth.authenticate(request.environ, identity) != c.user: raise UsernamePasswordError # MOAN: Do I really have to do this here? if 'activity_streams_email_notifications' not in data_dict: data_dict['activity_streams_email_notifications'] = False user = get_action('user_update')(context, data_dict) h.flash_success(_('Profile updated')) if current_user and data_dict['name'] != old_username: # Changing currently logged in user's name. # Update repoze.who cookie to match set_repoze_user(data_dict['name']) h.redirect_to(controller='user', action='read', id=data_dict['name']) except NotAuthorized: abort(401, _('Unauthorized to edit user %s') % id) except NotFound, e: abort(404, _('User not found'))
def pages_edit(self, page=None, data=None, errors=None, error_summary=None, page_type='pages'): if page: page = page[1:] _page = p.toolkit.get_action('ckanext_pages_show')( data_dict={'org_id': None, 'page': page,} ) if _page is None: _page = {} if p.toolkit.request.method == 'POST' and not data: data = dict(p.toolkit.request.POST) _page.update(data) _page['org_id'] = None _page['page'] = page _page['page_type'] = 'page' if page_type == 'pages' else page_type try: csrf_token.validate(p.toolkit.request.POST.get('csrf-token', '')) junk = p.toolkit.get_action('ckanext_pages_update')( data_dict=_page ) except p.toolkit.ValidationError, e: errors = e.error_dict error_summary = e.error_summary return self.pages_edit('/' + page, data, errors, error_summary, page_type=page_type) except csrf_token.CsrfTokenValidationError: helpers.flash_error(_('Security token error, please try again')) form_snippet = config.get('ckanext.pages.form', 'ckanext_pages/base_form.html') vars = {'data': data, 'errors': errors, 'error_summary': error_summary, 'page': page, 'form_snippet': form_snippet} return p.toolkit.render('ckanext_pages/%s_edit.html' % page_type, extra_vars=vars)