def form_edit(title): action = request.forms["action"] message = request.forms["message"] page = request.forms["page"] form_token = request.forms["token"] token = request.get_cookie("token") if action == "Preview": class PreviewHTMLTranslator(HTMLTranslator): def __init__(self, document): super().__init__(document) self.body_prefix = [template("body_prefix.html", name=title)] self.body_suffix = [template("edit_suffix.html", content=page, token=form_token)] return render_html(title, page, PreviewHTMLTranslator) username = check_token(KEY, token) if check_token(KEY, form_token) != username + "-edit": return if not is_changed(title, page): redirect(request.url) edit(title, message, page, username) redirect('/nav/{}.html'.format(title))
def form_revert(revision): target = repo[revision] form_token = request.forms["token"] token = request.get_cookie("token") username = check_token(KEY, token) if check_token(KEY, form_token) != username + "-revert": return name = revert(username, target) redirect("/nav/{}.html".format(name))
def form_move(title): form_token = request.forms["token"] destination = request.forms["destination"] token = request.get_cookie("token") username = check_token(KEY, token) if check_token(KEY, form_token) != username + "-move": return move(title, destination, username) redirect('/nav/' + destination + '.html')
def json_move(title, new_title): token = request.json["token"] username = check_token(KEY, token) if username is None: return {"error": "invalid login token"} move(title, new_title, username)
def validate_login_cookie(): token = request.get_cookie("token") if token is None: login_redirect() username = check_token(KEY, token) if username is None: login_redirect() return username
def json_revert(revision): target = repo[revision] token = request.json["token"] username = check_token(KEY, token) if username is None: return {"error": "invalid login token"} try: revert(username, target) except Error as e: return {"error": e.args[0]}
def json_edit(title): message = request.json["message"] page = request.json["page"] token = request.json["token"] if not is_changed(title, page): return {"error": "an edit must make changes"} username = check_token(KEY, token) if username is None: return {"error": "invalid login token"} edit(title, message, page, username)