def projects(self): """Get list of project for the user""" # Find node_type project id (this could become static) node_type = NodeType.find_first({ 'where': '{"name" : "project"}', }, api=self.api) if not node_type: return abort(404) # Define key for querying for the project if self.is_organization: user_path = 'properties.organization' else: user_path = 'user' # Query for the project # TODO currently, this system is weak since we rely on the user property # of a node when searching for a project using the user it. This allows # us to find a project that belongs to an organization also by requesting # the user that originally created the node. This can be fixed by # introducing a 'user' property in the project node type. projects = Node.all({ 'where': '{"node_type" : "%s", "%s": "%s"}'\ % (node_type._id, user_path, self._id), }, api=self.api) for project in projects._items: attach_project_pictures(project, self.api) return projects
def edit(project_url): api = system_util.pillar_api() # Fetch the Node or 404 try: project = Project.find_one({'where': {'url': project_url}}, api=api) # project = Project.find(project_url, api=api) except ResourceNotFound: abort(404) attach_project_pictures(project, api) form = ProjectForm( project_id=project._id, name=project.name, url=project.url, summary=project.summary, description=project.description, is_private=u'GET' not in project.permissions.world, category=project.category, status=project.status, ) if form.validate_on_submit(): project = Project.find(project._id, api=api) project.name = form.name.data project.url = form.url.data project.summary = form.summary.data project.description = form.description.data project.category = form.category.data project.status = form.status.data if form.picture_square.data: project.picture_square = form.picture_square.data if form.picture_header.data: project.picture_header = form.picture_header.data # Update world permissions from is_private checkbox if form.is_private.data: project.permissions.world = [] else: project.permissions.world = [u'GET'] project.update(api=api) # Reattach the pictures attach_project_pictures(project, api) else: if project.picture_square: form.picture_square.data = project.picture_square._id if project.picture_header: form.picture_header.data = project.picture_header._id # List of fields from the form that should be hidden to regular users if current_user.has_role('admin'): hidden_fields = [] else: hidden_fields = ['url', 'status', 'is_private', 'category'] return render_template('projects/edit.html', form=form, hidden_fields=hidden_fields, project=project, title="edit", api=api)
def sharing(project_url): api = system_util.pillar_api() # Fetch the project or 404 try: project = Project.find_one({ 'where': '{"url" : "%s"}' % (project_url)}, api=api) except ResourceNotFound: return abort(404) # Fetch users that are part of the admin group users = project.get_users(api=api) for user in users['_items']: user['avatar'] = gravatar(user['email']) if request.method == 'POST': user_id = request.form['user_id'] action = request.form['action'] if action == 'add': user = project.add_user(user_id, api=api) elif action == 'remove': user = project.remove_user(user_id, api=api) # Add gravatar to user user['avatar'] = gravatar(user['email']) return jsonify(user) attach_project_pictures(project, api) return render_template('projects/sharing.html', api=api, title="sharing", project=project, users=users['_items'])
def index(): api = system_util.pillar_api() projects_user = Project.all({ 'where': {'user': current_user.objectid}, 'sort': '-_created' }, api=api) projects_shared = Project.all({ 'where': {'user': {'$ne': current_user.objectid}, 'permissions.groups.group': {'$in': current_user.groups}, 'is_private': True}, 'sort': '-_created', 'embedded': {'user': 1}, }, api=api) # Attach project images for project in projects_user['_items']: attach_project_pictures(project, api) for project in projects_shared['_items']: attach_project_pictures(project, api) return render_template( 'projects/index_dashboard.html', gravatar=gravatar(current_user.email, size=128), title='dashboard', projects_user=projects_user['_items'], projects_shared=projects_shared['_items'], api=system_util.pillar_api())
def sharing(project_url): api = system_util.pillar_api() # Fetch the project or 404 try: project = Project.find_one({'where': '{"url" : "%s"}' % (project_url)}, api=api) except ResourceNotFound: return abort(404) # Fetch users that are part of the admin group users = project.get_users(api=api) for user in users['_items']: user['avatar'] = gravatar(user['email']) if request.method == 'POST': user_id = request.form['user_id'] action = request.form['action'] if action == 'add': user = project.add_user(user_id, api=api) elif action == 'remove': user = project.remove_user(user_id, api=api) # Add gravatar to user user['avatar'] = gravatar(user['email']) return jsonify(user) attach_project_pictures(project, api) return render_template('projects/sharing.html', api=api, title="sharing", project=project, users=users['_items'])
def get_projects(category): """Utility to get projects based on category. Should be moved on the API and improved with more extensive filtering capabilities. """ api = system_util.pillar_api() projects = Project.all({ 'where': { 'category': category, 'is_private': False}, 'sort': '-_created', }, api=api) for project in projects._items: attach_project_pictures(project, api) return projects
def edit_node_types(project_url): api = system_util.pillar_api() # Fetch the project or 404 try: project = Project.find_one({ 'where': '{"url" : "%s"}' % (project_url)}, api=api) except ResourceNotFound: return abort(404) attach_project_pictures(project, api) return render_template('projects/edit_node_types.html', api=api, title="edit_node_types", project=project)
def edit_node_types(project_url): api = system_util.pillar_api() # Fetch the project or 404 try: project = Project.find_one({'where': '{"url" : "%s"}' % (project_url)}, api=api) except ResourceNotFound: return abort(404) attach_project_pictures(project, api) return render_template('projects/edit_node_types.html', api=api, title="edit_node_types", project=project)
def get_projects(category): """Utility to get projects based on category. Should be moved on the API and improved with more extensive filtering capabilities. """ api = system_util.pillar_api() projects = Project.all( { 'where': { 'category': category, 'is_private': False }, 'sort': '-_created', }, api=api) for project in projects._items: attach_project_pictures(project, api) return projects
def get_projects(category): """Utility to get projects based on category. Should be moved on the API and improved with more extensive filtering capabilities. """ api = SystemUtility.attract_api() node_type = NodeType.find_first({ 'where': '{"name" : "project"}', 'projection': '{"name": 1}' }, api=api) projects = Node.all({ 'where': '{"node_type" : "%s", \ "properties.category": "%s"}' % (node_type._id, category), 'embedded': '{"picture":1}', }, api=api) for project in projects._items: attach_project_pictures(project, api) return projects
def posts_create(project_id): api = system_util.pillar_api() try: project = Project.find(project_id, api=api) except ResourceNotFound: return abort(404) attach_project_pictures(project, api) blog = Node.find_one( {'where': { 'node_type': 'blog', 'project': project_id }}, api=api) node_type = project.get_node_type('post') # Check if user is allowed to create a post in the blog if not project.node_type_has_method('post', 'POST', api=api): return abort(403) form = get_node_form(node_type) if form.validate_on_submit(): # Create new post object from scratch post_props = dict(node_type='post', name=form.name.data, picture=form.picture.data, user=current_user.objectid, parent=blog._id, project=project._id, properties=dict(content=form.content.data, status=form.status.data, url=form.url.data)) if form.picture.data == '': post_props['picture'] = None post = Node(post_props) post.create(api=api) # Only if the node is set as published, push it to the list if post.properties.status == 'published': project_update_nodes_list(post, project_id=project._id, list_name='blog') return redirect(url_for_node(node=post)) form.parent.data = blog._id return render_template('nodes/custom/post/create.html', node_type=node_type, form=form, project=project, api=api)
def posts_edit(post_id): api = system_util.pillar_api() try: post = Node.find(post_id, {'embedded': '{"user": 1}'}, api=api) except ResourceNotFound: return abort(404) # Check if user is allowed to edit the post if not post.has_method('PUT'): return abort(403) project = Project.find(post.project, api=api) attach_project_pictures(project, api) node_type = project.get_node_type(post.node_type) form = get_node_form(node_type) if form.validate_on_submit(): if process_node_form(form, node_id=post_id, node_type=node_type, user=current_user.objectid): # The the post is published, add it to the list if form.status.data == 'published': project_update_nodes_list(post, project_id=project._id, list_name='blog') return redirect(url_for_node(node=post)) form.parent.data = post.parent form.name.data = post.name form.content.data = post.properties.content form.status.data = post.properties.status form.url.data = post.properties.url if post.picture: form.picture.data = post.picture # Embed picture file post.picture = get_file(post.picture, api=api) if post.properties.picture_square: form.picture_square.data = post.properties.picture_square return render_template('nodes/custom/post/edit.html', node_type=node_type, post=post, form=form, project=project, api=api)
def edit_node_type(project_url, node_type_name): api = system_util.pillar_api() # Fetch the Node or 404 try: project = Project.find_one({ 'where': '{"url" : "%s"}' % (project_url)}, api=api) except ResourceNotFound: return abort(404) attach_project_pictures(project, api) node_type = project.get_node_type(node_type_name) form = NodeTypeForm() if form.validate_on_submit(): # Update dynamic & form schemas dyn_schema = json.loads(form.dyn_schema.data) node_type.dyn_schema = dyn_schema form_schema = json.loads(form.form_schema.data) node_type.form_schema = form_schema # Update permissions permissions = json.loads(form.permissions.data) node_type.permissions = permissions project.update(api=api) else: form.project_id.data = project._id form.name.data = node_type.name form.description.data = node_type.description form.parent.data = node_type.parent form.dyn_schema.data = json.dumps( node_type.dyn_schema.to_dict(), indent=4) form.form_schema.data = json.dumps( node_type.form_schema.to_dict(), indent=4) if 'permissions' in node_type: permissions = node_type.permissions.to_dict() else: permissions = {} form.permissions.data = json.dumps(permissions, indent=4) return render_template('projects/edit_node_type.html', form=form, project=project, api=api, node_type=node_type)
def index(): api = system_util.pillar_api() projects_user = Project.all( { 'where': { 'user': current_user.objectid }, 'sort': '-_created' }, api=api) projects_shared = Project.all( { 'where': { 'user': { '$ne': current_user.objectid }, 'permissions.groups.group': { '$in': current_user.groups }, 'is_private': True }, 'sort': '-_created', 'embedded': { 'user': 1 }, }, api=api) # Attach project images for project in projects_user['_items']: attach_project_pictures(project, api) for project in projects_shared['_items']: attach_project_pictures(project, api) return render_template('projects/index_dashboard.html', gravatar=gravatar(current_user.email, size=128), title='dashboard', projects_user=projects_user['_items'], projects_shared=projects_shared['_items'], api=system_util.pillar_api())
def edit_node_type(project_url, node_type_name): api = system_util.pillar_api() # Fetch the Node or 404 try: project = Project.find_one({'where': '{"url" : "%s"}' % (project_url)}, api=api) except ResourceNotFound: return abort(404) attach_project_pictures(project, api) node_type = project.get_node_type(node_type_name) form = NodeTypeForm() if form.validate_on_submit(): # Update dynamic & form schemas dyn_schema = json.loads(form.dyn_schema.data) node_type.dyn_schema = dyn_schema form_schema = json.loads(form.form_schema.data) node_type.form_schema = form_schema # Update permissions permissions = json.loads(form.permissions.data) node_type.permissions = permissions project.update(api=api) else: form.project_id.data = project._id form.name.data = node_type.name form.description.data = node_type.description form.parent.data = node_type.parent form.dyn_schema.data = json.dumps(node_type.dyn_schema.to_dict(), indent=4) form.form_schema.data = json.dumps(node_type.form_schema.to_dict(), indent=4) if 'permissions' in node_type: permissions = node_type.permissions.to_dict() else: permissions = {} form.permissions.data = json.dumps(permissions, indent=4) return render_template('projects/edit_node_type.html', form=form, project=project, api=api, node_type=node_type)
def get_projects(category): """Utility to get projects based on category. Should be moved on the API and improved with more extensive filtering capabilities. """ api = SystemUtility.attract_api() node_type = NodeType.find_first( { 'where': '{"name" : "project"}', 'projection': '{"name": 1}' }, api=api) projects = Node.all( { 'where': '{"node_type" : "%s", \ "properties.category": "%s"}' % (node_type._id, category), 'embedded': '{"picture":1}', }, api=api) for project in projects._items: attach_project_pictures(project, api) return projects
def posts_view(project_id, url=None): """View individual blogpost""" api = system_util.pillar_api() # Fetch project (for backgroud images and links generation) project = Project.find(project_id, api=api) attach_project_pictures(project, api) try: blog = Node.find_one( { 'where': { 'node_type': 'blog', 'project': project_id }, }, api=api) except ResourceNotFound: abort(404) if url: try: post = Node.find_one( { 'where': '{"parent": "%s", "properties.url": "%s"}' % (blog._id, url), 'embedded': '{"node_type": 1, "user": 1}', }, api=api) if post.picture: post.picture = get_file(post.picture, api=api) except ResourceNotFound: return abort(404) # If post is not published, check that the user is also the author of # the post. If not, return 404. if post.properties.status != "published": if current_user.is_authenticated(): if not post.has_method('PUT'): abort(403) else: abort(403) return render_template('nodes/custom/post/view.html', blog=blog, node=post, project=project, title='blog', api=api) else: node_type_post = project.get_node_type('post') status_query = "" if blog.has_method( 'PUT') else ', "properties.status": "published"' posts = Node.all( { 'where': '{"parent": "%s" %s}' % (blog._id, status_query), 'embedded': '{"user": 1}', 'sort': '-_created' }, api=api) for post in posts._items: post.picture = get_file(post.picture, api=api) return render_template('nodes/custom/blog/index.html', node_type_post=node_type_post, posts=posts._items, project=project, title='blog', api=api)