def admin_news_add(req): check_login(req) match_right(req, module_rights) new = New() if req.method == "POST": new.bind(req.form, req.login.id) error = new.add(req) if error: return generate_page(req, "admin/news_mod.html", new=new, error=error) redirect(req, "/admin/news/%d" % new.id) # end new.state = 2 if do_check_right(req, "news_editor") else 1 return generate_page(req, "admin/news_mod.html", new=new)
def admin_news_mod(req, id): check_login(req) match_right(req, module_rights) new = New(id) if not new.get(req): raise SERVER_RETURN(state.HTTP_NOT_FOUND) if not do_check_right(req, "news_editor") and new.author_id != req.login.id: raise SERVER_RETURN(state.HTTP_FORBIDDEN) if req.method == "POST": new.bind(req.form) error = new.mod(req) if error != new: return generate_page(req, "admin/news_mod.html", new=new, error=error) if not new.get(req): raise SERVER_RETURN(state.HTTP_NOT_FOUND) return generate_page(req, "admin/news_mod.html", new=new)