def admin_news(req):
check_login(req)
match_right(req, module_rights)
show = req.args.getfirst("show", "", uni)
pager = Pager(sort="desc")
pager.bind(req.args)
kwargs = {}
if show == "ready":
pager.set_params(show=show)
kwargs["state"] = 2
kwargs["public_date"] = 0
elif show == "drafts":
pager.set_params(show=show)
kwargs["state"] = 1
else:
show = None
if not do_check_right(req, "news_editor"):
kwargs["author_id"] = req.login.id
rows = New.list(req, pager, **kwargs)
return generate_page(req, "admin/news.html", pager=pager, rows=rows, show=show)
def admin_news_add(req):
check_login(req)
match_right(req, module_rights)
new = New()
if req.method == "POST":
new.bind(req.form, req.login.id)
error = new.add(req)
if error:
return generate_page(req, "admin/news_mod.html", new=new, error=error)
redirect(req, "/admin/news/%d" % new.id)
# end
new.state = 2 if do_check_right(req, "news_editor") else 1
return generate_page(req, "admin/news_mod.html", new=new)
def admin_news_enable(req, id):
check_login(req, "/log_in?referer=/admin/news")
match_right(req, module_rights)
check_referer(req, "/admin/news")
new = New(id)
if not new.get(req):
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
if (not do_check_right(req, "news_editor")) and (
not (new.author_id == req.login.id and new.public_date.year == 1970)
):
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
n_state = int(req.uri.endswith("/enable"))
n_state = (n_state * 2) if new.public_date.year > 1970 else n_state
new.set_state(req, n_state)
redirect(req, "/admin/news")
def admin_news_mod(req, id):
check_login(req)
match_right(req, module_rights)
new = New(id)
if not new.get(req):
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
if not do_check_right(req, "news_editor") and new.author_id != req.login.id:
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
if req.method == "POST":
new.bind(req.form)
error = new.mod(req)
if error != new:
return generate_page(req, "admin/news_mod.html", new=new, error=error)
if not new.get(req):
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
return generate_page(req, "admin/news_mod.html", new=new)