Пример #1
0
    def display(self, req, form):
        """Display search history page.  A misnomer."""

        argd = wash_urlargd(form, {'p': (str, "n")
                                   })

        uid = getUid(req)

        # load the right language
        _ = gettext_set_language(argd['ln'])

        if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req, "%s/youralerts/display" % \
                                             (CFG_SITE_SECURE_URL,),
                                       navmenuid="youralerts")
        elif uid == -1 or isGuestUser(uid):
            return redirect_to_url(req, "%s/youraccount/login%s" % (
                CFG_SITE_SECURE_URL,
                make_canonical_urlargd({
                    'referer' : "%s/youralerts/display%s" % (
                        CFG_SITE_SECURE_URL,
                        make_canonical_urlargd(argd, {})),
                    "ln" : argd['ln']}, {})))

        user_info = collect_user_info(req)
        if not user_info['precached_usealerts']:
            return page_not_authorized(req, "../", \
                                       text = _("You are not authorized to use alerts."))

        if argd['p'] == 'y':
            _title = _("Popular Searches")
        else:
            _title = _("Your Searches")

        # register event in webstat
        if user_info['email']:
            user_str = "%s (%d)" % (user_info['email'], user_info['uid'])
        else:
            user_str = ""
        try:
            register_customevent("alerts", ["display", "", user_str])
        except:
            register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'")

        return page(title=_title,
                    body=webalert.perform_display(argd['p'], uid, ln=argd['ln']),
                    navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {
                                 'sitesecureurl' : CFG_SITE_SECURE_URL,
                                 'ln': argd['ln'],
                                 'account' : _("Your Account"),
                              },
                    description=_("%(sitename)s Personalize, Display searches", sitename=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    keywords=_("%(sitename)s, personalize", sitename=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    uid=uid,
                    language=argd['ln'],
                    req=req,
                    lastupdated=__lastupdated__,
                    navmenuid='youralerts',
                    secure_page_p=1)
Пример #2
0
    def display(self, req, form):
        """Display search history page.  A misnomer."""

        argd = wash_urlargd(form, {'p': (str, "n")
                                   })

        uid = getUid(req)

        # load the right language
        _ = gettext_set_language(argd['ln'])

        if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req, "%s/youralerts/display" % \
                                             (CFG_SITE_SECURE_URL,),
                                       navmenuid="youralerts")
        elif uid == -1 or isGuestUser(uid):
            return redirect_to_url(req, "%s/youraccount/login%s" % (
                CFG_SITE_SECURE_URL,
                make_canonical_urlargd({
                    'referer' : "%s/youralerts/display%s" % (
                        CFG_SITE_SECURE_URL,
                        make_canonical_urlargd(argd, {})),
                    "ln" : argd['ln']}, {})))

        user_info = collect_user_info(req)
        if not user_info['precached_usealerts']:
            return page_not_authorized(req, "../", \
                                       text = _("You are not authorized to use alerts."))

        if argd['p'] == 'y':
            _title = _("Popular Searches")
        else:
            _title = _("Your Searches")

        # register event in webstat
        if user_info['email']:
            user_str = "%s (%d)" % (user_info['email'], user_info['uid'])
        else:
            user_str = ""
        try:
            register_customevent("alerts", ["display", "", user_str])
        except:
            register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'")

        return page(title=_title,
                    body=webalert.perform_display(argd['p'], uid, ln=argd['ln']),
                    navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {
                                 'sitesecureurl' : CFG_SITE_SECURE_URL,
                                 'ln': argd['ln'],
                                 'account' : _("Your Account"),
                              },
                    description=_("%(sitename)s Personalize, Display searches", sitename=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    keywords=_("%(sitename)s, personalize", sitename=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    uid=uid,
                    language=argd['ln'],
                    req=req,
                    lastupdated=__lastupdated__,
                    navmenuid='youralerts',
                    secure_page_p=1)
Пример #3
0
    def acc_get_uid_from_request(cls):
        """
        Looks in the data base for the secret that matches with the API key in the
        request. If the REST API key is found and if the signature is correct
        returns the user's id.

        @return: If everything goes well it returns the user's uid, if not -1
        """

        from invenio.legacy.webstat.api import register_customevent
        from flask import request
        api_key = signature = timestamp = None

        # Get the params from the GET/POST request
        if 'apikey' in request.values:
            api_key = request.values['apikey']

        if cfg.get('CFG_WEB_API_KEY_ENABLE_SIGNATURE'):
            if 'signature' in request.values:
                signature = request.values['signature']

        if 'signature' in request.values:
            signature = request.values['signature']

        if 'timestamp' in request.values:
            timestamp = request.values['timestamp']

        # Check if the request is well built
        if api_key is None or (signature is None and
           cfg.get('CFG_WEB_API_KEY_ENABLE_SIGNATURE')):
            return -1

        # Remove signature from the url params
        path = request.base_url
        url_req = request.url
        parsed_url = urlparse(url_req)
        params = parse_qs(parsed_url.query)
        params = dict([(i, j[0]) for i, j in list(params.items())])

        try:
            del params['signature']
        except KeyError:  # maybe signature was in post params
            pass

        # Reconstruct the url
        query = urlencode(sorted(params.items(), key=lambda x: x[0]))
        url_req = urlunparse((parsed_url.scheme,
                              parsed_url.netloc,
                              parsed_url.path,
                              parsed_url.params,
                              query,
                              parsed_url.fragment))

        authorized_time = None
        need_timestamp = False
        for url, authorized_time, need_timestamp in allowed_urls():
            if url.match(url_req) is not None:
                break

        if need_timestamp and timestamp is None:
            return -1

        if authorized_time is None:
            return -1

        if authorized_time != 0 and need_timestamp:
            time_lapse = time.time() - float(timestamp)
            if time_lapse > authorized_time or time_lapse < 0:
                return -1

        keys = cls.get_available(apikey=api_key)
        if not len(keys):
            return -1
        key = keys[0]

        uid = key.id_user
        if cfg.get('CFG_WEB_API_KEY_ENABLE_SIGNATURE'):
            secret_key = key.secret
            server_signature = cls.get_server_signature(secret_key, url_req)
            if signature != server_signature:
                return -1

        #If the signature is fine, log the key activity and return the UID
        register_customevent("apikeyusage", [uid, api_key, path, url_req])
        return uid
Пример #4
0
    def remove(self, req, form):

        argd = wash_urlargd(form, {'name': (str, None),
                                   'idq': (int, None),
                                   'idb': (int, None),
                                   })

        uid = getUid(req)

        if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req, "%s/youralerts/remove" % \
                                             (CFG_SITE_SECURE_URL,),
                                       navmenuid="youralerts")
        elif uid == -1 or isGuestUser(uid):
            return redirect_to_url(req, "%s/youraccount/login%s" % (
                CFG_SITE_SECURE_URL,
                make_canonical_urlargd({
                    'referer' : "%s/youralerts/remove%s" % (
                        CFG_SITE_SECURE_URL,
                        make_canonical_urlargd(argd, {})),
                    "ln" : argd['ln']}, {})))

        # load the right language
        _ = gettext_set_language(argd['ln'])
        user_info = collect_user_info(req)
        if not user_info['precached_usealerts']:
            return page_not_authorized(req, "../", \
                                       text = _("You are not authorized to use alerts."))

        try:
            html = webalert.perform_remove_alert(argd['name'], argd['idq'],
                                                 argd['idb'], uid, ln=argd['ln'])
        except webalert.AlertError as msg:
            return page(title=_("Error"),
                        body=webalert_templates.tmpl_errorMsg(ln=argd['ln'], error_msg=msg),
                        navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {
                                     'sitesecureurl' : CFG_SITE_SECURE_URL,
                                     'ln': argd['ln'],
                                     'account' : _("Your Account"),
                                  },
                        description=_("%(x_name)s Personalize, Set a new alert", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                        keywords=_("%(x_name)s, personalize", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                        uid=uid,
                        language=argd['ln'],
                        req=req,
                        lastupdated=__lastupdated__,
                        navmenuid='youralerts')


        # register event in webstat
        alert_str = "%s (%d)" % (argd['name'], argd['idq'])
        if user_info['email']:
            user_str = "%s (%d)" % (user_info['email'], user_info['uid'])
        else:
            user_str = ""
        try:
            register_customevent("alerts", ["remove", alert_str, user_str])
        except:
            register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'")

        # display success
        return page(title=_("Display alerts"),
                    body=html,
                    navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {
                                 'sitesecureurl' : CFG_SITE_SECURE_URL,
                                 'ln': argd['ln'],
                                 'account' : _("Your Account"),
                              },
                    description=_("%(x_name)s Personalize, Display alerts", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    keywords=_("%(x_name)s, personalize", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    uid=uid,
                    language=argd['ln'],
                    req=req,
                    lastupdated=__lastupdated__,
                    navmenuid='youralerts')
Пример #5
0
    def remove(self, req, form):

        argd = wash_urlargd(form, {'name': (str, None),
                                   'idq': (int, None),
                                   'idb': (int, None),
                                   })

        uid = getUid(req)

        if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req, "%s/youralerts/remove" % \
                                             (CFG_SITE_SECURE_URL,),
                                       navmenuid="youralerts")
        elif uid == -1 or isGuestUser(uid):
            return redirect_to_url(req, "%s/youraccount/login%s" % (
                CFG_SITE_SECURE_URL,
                make_canonical_urlargd({
                    'referer' : "%s/youralerts/remove%s" % (
                        CFG_SITE_SECURE_URL,
                        make_canonical_urlargd(argd, {})),
                    "ln" : argd['ln']}, {})))

        # load the right language
        _ = gettext_set_language(argd['ln'])
        user_info = collect_user_info(req)
        if not user_info['precached_usealerts']:
            return page_not_authorized(req, "../", \
                                       text = _("You are not authorized to use alerts."))

        try:
            html = webalert.perform_remove_alert(argd['name'], argd['idq'],
                                                 argd['idb'], uid, ln=argd['ln'])
        except webalert.AlertError as msg:
            return page(title=_("Error"),
                        body=webalert_templates.tmpl_errorMsg(ln=argd['ln'], error_msg=msg),
                        navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {
                                     'sitesecureurl' : CFG_SITE_SECURE_URL,
                                     'ln': argd['ln'],
                                     'account' : _("Your Account"),
                                  },
                        description=_("%(x_name)s Personalize, Set a new alert", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                        keywords=_("%(x_name)s, personalize", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                        uid=uid,
                        language=argd['ln'],
                        req=req,
                        lastupdated=__lastupdated__,
                        navmenuid='youralerts')


        # register event in webstat
        alert_str = "%s (%d)" % (argd['name'], argd['idq'])
        if user_info['email']:
            user_str = "%s (%d)" % (user_info['email'], user_info['uid'])
        else:
            user_str = ""
        try:
            register_customevent("alerts", ["remove", alert_str, user_str])
        except:
            register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'")

        # display success
        return page(title=_("Display alerts"),
                    body=html,
                    navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {
                                 'sitesecureurl' : CFG_SITE_SECURE_URL,
                                 'ln': argd['ln'],
                                 'account' : _("Your Account"),
                              },
                    description=_("%(x_name)s Personalize, Display alerts", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    keywords=_("%(x_name)s, personalize", x_name=CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME)),
                    uid=uid,
                    language=argd['ln'],
                    req=req,
                    lastupdated=__lastupdated__,
                    navmenuid='youralerts')
Пример #6
0
    def __call__(self, req, form):
        """ Maybe resolve the final / of a directory """
        path = req.uri[1:].split("/")
        journal_name = None
        journal_issue_year = None
        journal_issue_number = None
        specific_category = None
        category = None
        article_id = None
        if len(path) > 1:
            journal_name = path[1]
        if len(path) > 2 and path[2].isdigit():
            journal_issue_year = path[2]
        elif len(path) > 2 and not path[2].isdigit():
            specific_category = urllib.unquote(path[2])
        if len(path) > 3 and path[3].isdigit():
            journal_issue_number = path[3]
        if len(path) > 4:
            category = urllib.unquote(path[4])
        if len(path) > 5 and path[5].isdigit():
            article_id = int(path[5])

        ## Support for legacy journal/[empty]?(args*) urls. There are
        ## these parameters only in that case
        argd = wash_urlargd(
            form,
            {
                "name": (str, ""),
                "issue": (str, ""),
                "category": (str, ""),
                "ln": (str, CFG_SITE_LANG),
                "number": (int, None),
                "verbose": (int, 0),
            },
        )

        if "name" in form.keys() or "issue" in form.keys() or "category" in form.keys():
            ln = wash_journal_language(argd["ln"])
            try:
                journal_name = wash_journal_name(ln, argd["name"])
            except InvenioWebJournalNoJournalOnServerError as e:
                register_exception(req=req)
                return e.user_box(req)
            except InvenioWebJournalNoNameError as e:
                return e.user_box(req)
            try:
                issue = wash_issue_number(ln, journal_name, argd["issue"])
                issue_year = issue.split("/")[1]
                issue_number = issue.split("/")[0]
            except InvenioWebJournalIssueNumberBadlyFormedError as e:
                register_exception(req=req)
                return e.user_box(req)
            except InvenioWebJournalJournalIdNotFoundDBError as e:
                register_exception(req=req)
                return e.user_box(req)
            category = wash_category(ln, argd["category"], journal_name, issue).replace(" ", "%20")
            redirect_to_url(
                req,
                CFG_SITE_URL
                + "/journal/%(name)s/%(issue_year)s/%(issue_number)s/%(category)s/?ln=%(ln)s"
                % {
                    "name": journal_name,
                    "issue_year": issue_year,
                    "issue_number": issue_number,
                    "category": category,
                    "ln": ln,
                },
            )

        ## End support for legacy urls

        # Check that given journal name exists and that it is written
        # with correct casing.
        redirect_p = False
        try:
            washed_journal_name = wash_journal_name(argd["ln"], journal_name)
            if washed_journal_name != journal_name:
                redirect_p = True
        except InvenioWebJournalNoNameError as e:
            return e.user_box(req)
        except InvenioWebJournalNoJournalOnServerError as e:
            register_exception(req=req)
            return e.user_box(req)

        # If some parameters are missing, deduce them and
        # redirect
        if not journal_issue_year or not journal_issue_number or not category or redirect_p or specific_category:
            if not journal_issue_year or not journal_issue_number:
                journal_issue = get_current_issue(argd["ln"], washed_journal_name)
                journal_issue_year = journal_issue.split("/")[1]
                journal_issue_number = journal_issue.split("/")[0]
            if not category or specific_category:
                categories = get_journal_categories(
                    washed_journal_name, journal_issue_number + "/" + journal_issue_year
                )
                if not categories:
                    # Mmh, it seems that this issue has no
                    # category. Ok get all of them regardless of the
                    # issue
                    categories = get_journal_categories(washed_journal_name)
                    if not categories:
                        # Mmh we really have no category!
                        try:
                            raise InvenioWebJournalIssueNotFoundDBError(argd["ln"], journal_name, "")
                        except InvenioWebJournalIssueNotFoundDBError as e:
                            register_exception(req=req)
                            return e.user_box(req)
                if not category:
                    category = categories[0].replace(" ", "%20")
                if specific_category:
                    category = specific_category.replace(" ", "%20")
            redirect_to_url(
                req,
                CFG_SITE_URL
                + "/journal/%(name)s/%(issue_year)s/%(issue_number)s/%(category)s/?ln=%(ln)s"
                % {
                    "name": washed_journal_name,
                    "issue_year": journal_issue_year,
                    "issue_number": journal_issue_number,
                    "category": category,
                    "ln": argd["ln"],
                },
            )

        journal_issue = ""
        if journal_issue_year is not None and journal_issue_number is not None:
            journal_issue = journal_issue_number + "/" + journal_issue_year

        try:
            journal_name = washed_journal_name
            issue = wash_issue_number(argd["ln"], journal_name, journal_issue)
            category = wash_category(argd["ln"], category, journal_name, issue)
        except InvenioWebJournalNoJournalOnServerError as e:
            register_exception(req=req)
            return e.user_box(req)
        except InvenioWebJournalNoNameError as e:
            return e.user_box(req)
        except InvenioWebJournalIssueNumberBadlyFormedError as e:
            register_exception(req=req)
            return e.user_box(req)
        except InvenioWebJournalNoCategoryError as e:
            register_exception(req=req)
            return e.user_box(req)
        except InvenioWebJournalJournalIdNotFoundDBError as e:
            register_exception(req=req)
            return e.user_box(req)

        editor = False
        if acc_authorize_action(getUid(req), "cfgwebjournal", name="%s" % journal_name)[0] == 0:
            editor = True

        if article_id is None:
            html = perform_request_index(
                req, journal_name, journal_issue, argd["ln"], category, editor, verbose=argd["verbose"]
            )
        else:
            html = perform_request_article(
                req, journal_name, journal_issue, argd["ln"], category, article_id, editor, verbose=argd["verbose"]
            )
            # register event in webstat
            try:
                register_customevent(
                    "journals", ["display", journal_name, journal_issue, category, argd["ln"], article_id]
                )
            except:
                register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'")
        return html
Пример #7
0
    def __call__(self, req, form):
        """ Maybe resolve the final / of a directory """
        path = req.uri[1:].split('/')
        journal_name = None
        journal_issue_year = None
        journal_issue_number = None
        specific_category = None
        category = None
        article_id = None
        if len(path) > 1:
            journal_name = path[1]
        if len(path) > 2 and path[2].isdigit():
            journal_issue_year = path[2]
        elif len(path) > 2 and not path[2].isdigit():
            specific_category = urllib.unquote(path[2])
        if len(path) > 3 and path[3].isdigit():
            journal_issue_number = path[3]
        if len(path) > 4:
            category = urllib.unquote(path[4])
        if len(path) > 5 and path[5].isdigit():
            article_id = int(path[5])

        ## Support for legacy journal/[empty]?(args*) urls. There are
        ## these parameters only in that case
        argd = wash_urlargd(form, {'name': (str, ""),
                                   'issue': (str, ""),
                                   'category': (str, ""),
                                   'ln': (str, CFG_SITE_LANG),
                                   'number': (int, None),
                                   'verbose': (int, 0)}
                            )

        if 'name' in form.keys() or \
            'issue' in form.keys() or \
            'category' in form.keys():
            ln = wash_journal_language(argd['ln'])
            try:
                journal_name = wash_journal_name(ln, argd['name'])
            except InvenioWebJournalNoJournalOnServerError as e:
                register_exception(req=req)
                return e.user_box(req)
            except InvenioWebJournalNoNameError as e:
                return e.user_box(req)
            try:
                issue = wash_issue_number(ln, journal_name,
                                          argd['issue'])
                issue_year = issue.split('/')[1]
                issue_number = issue.split('/')[0]
            except InvenioWebJournalIssueNumberBadlyFormedError as e:
                register_exception(req=req)
                return e.user_box(req)
            except InvenioWebJournalJournalIdNotFoundDBError as e:
                register_exception(req=req)
                return e.user_box(req)
            category = wash_category(ln, argd['category'], journal_name, issue).replace(' ', '%20')
            redirect_to_url(req, CFG_SITE_URL + '/journal/%(name)s/%(issue_year)s/%(issue_number)s/%(category)s/?ln=%(ln)s' % \
                            {'name': journal_name,
                             'issue_year': issue_year,
                             'issue_number': issue_number,
                             'category': category,
                             'ln': ln})

        ## End support for legacy urls

        # Check that given journal name exists and that it is written
        # with correct casing.
        redirect_p = False
        try:
            washed_journal_name = wash_journal_name(argd['ln'], journal_name)
            if washed_journal_name != journal_name:
                redirect_p = True
        except InvenioWebJournalNoNameError as e:
            return e.user_box(req)
        except InvenioWebJournalNoJournalOnServerError as e:
            register_exception(req=req)
            return e.user_box(req)

        # If some parameters are missing, deduce them and
        # redirect
        if not journal_issue_year or \
           not journal_issue_number or \
           not category or \
           redirect_p or \
           specific_category:
            if not journal_issue_year or not journal_issue_number:
                journal_issue = get_current_issue(argd['ln'], washed_journal_name)
                journal_issue_year = journal_issue.split('/')[1]
                journal_issue_number = journal_issue.split('/')[0]
            if not category or specific_category:
                categories = get_journal_categories(washed_journal_name,
                                                    journal_issue_number + \
                                                    '/' + journal_issue_year)
                if not categories:
                    # Mmh, it seems that this issue has no
                    # category. Ok get all of them regardless of the
                    # issue
                    categories = get_journal_categories(washed_journal_name)
                    if not categories:
                        # Mmh we really have no category!
                        try:
                            raise InvenioWebJournalIssueNotFoundDBError(argd['ln'],
                                                                        journal_name,
                                                                        '')
                        except InvenioWebJournalIssueNotFoundDBError as e:
                            register_exception(req=req)
                            return e.user_box(req)
                if not category:
                    category = categories[0].replace(' ', '%20')
                if specific_category:
                    category = specific_category.replace(' ', '%20')
            redirect_to_url(req, CFG_SITE_URL + '/journal/%(name)s/%(issue_year)s/%(issue_number)s/%(category)s/?ln=%(ln)s' % \
                            {'name': washed_journal_name,
                             'issue_year': journal_issue_year,
                             'issue_number': journal_issue_number,
                             'category': category,
                             'ln': argd['ln']})

        journal_issue = ""
        if journal_issue_year is not None and \
           journal_issue_number is not None:
            journal_issue = journal_issue_number + '/' + \
                            journal_issue_year

        try:
            journal_name = washed_journal_name
            issue = wash_issue_number(argd['ln'], journal_name, journal_issue)
            category = wash_category(argd['ln'], category, journal_name, issue)
        except InvenioWebJournalNoJournalOnServerError as e:
            register_exception(req=req)
            return e.user_box(req)
        except InvenioWebJournalNoNameError as e:
            return e.user_box(req)
        except InvenioWebJournalIssueNumberBadlyFormedError as e:
            register_exception(req=req)
            return e.user_box(req)
        except InvenioWebJournalNoCategoryError as e:
            register_exception(req=req)
            return e.user_box(req)
        except InvenioWebJournalJournalIdNotFoundDBError as e:
            register_exception(req=req)
            return e.user_box(req)

        editor = False
        if acc_authorize_action(getUid(req), 'cfgwebjournal',
                                name="%s" % journal_name)[0] == 0:
            editor = True

        if article_id is None:
            html = perform_request_index(req,
                                         journal_name,
                                         journal_issue,
                                         argd['ln'],
                                         category,
                                         editor,
                                         verbose=argd['verbose'])
        else:
            html = perform_request_article(req,
                                           journal_name,
                                           journal_issue,
                                           argd['ln'],
                                           category,
                                           article_id,
                                           editor,
                                           verbose=argd['verbose'])
            # register event in webstat
            try:
                register_customevent("journals", ["display", journal_name, journal_issue, category, argd['ln'], article_id])
            except:
                register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'")
        return html