def view(id=0):
label = db.query(Label).get(id)
if not label:
flash("Label {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(label) < access.VIEW:
return access.forbidden_page()
# TODO: SQL filtering
labeled = [i for i in label.labeling if access.access(i) >= access.VIEW]
bms = [i for i in labeled if i.type == "bookmark"]
lbls = [i for i in labeled if i.type == "label"]
bms.sort(key=lambda x: x.created_timestamp)
lbls.sort(key=lambda x: x.created_timestamp)
return render_template(
"bm_results.html",
bookmarks=bms,
label=label,
labels=lbls, #VIEW RIGHTS
backs=label.labels, #VIEW RIGHTS
signed=signed)
def edit_post(id=0):
bm = db.query(Bookmark).get(id)
if not bm:
flash("Bookmark {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(bm) < access.EDIT:
return access.forbidden_page()
try:
action = get_arg("action")
if action == "set_name":
bm.name = get_arg("name")
db.commit()
return "success: name set"
elif action == "set_url":
bm.url = get_arg("url")
db.commit()
return "success: url set"
elif action == "delete":
bm.labels.clear()
db.delete(bm)
db.commit()
return "success: deleted"
else:
return "nothing done"
except Exception as e:
print("===== bookmarks =====")
print(e)
print("==================")
db.rollback()
return str(e)
def edit(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.EDIT:
return access.forbidden_page()
if request.args.get("action") == "view":
note.text = request.args.get("text")
note.name = request.args.get("name")
db.commit()
flash("{} saved.".format(note.name))
return redirect(url_for("notes.view", id=id))
elif request.args.get("action") == "save":
note.text = request.args.get("text")
note.name = request.args.get("name")
db.commit()
flash("{} saved.".format(note.name))
return redirect(url_for("notes.edit", id=id))
elif request.args.get("action") == "delete":
note.labels.clear()
db.delete(note)
db.commit()
flash("{} deleted.".format(note.name))
return redirect(url_for('notes.index'))
else:
return render_template(
'edit_note.html',
note=note,
)
def edit_get(id=0):
bm = db.query(Bookmark).get(id)
if not bm:
flash("Bookmark {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(bm) < access.EDIT:
return access.forbidden_page()
return render_template("edit_bookmark.html", bm=bm)
def edit_get(id=0):
label = db.query(Label).get(id)
if not label:
flash("Label {} not found.".format(id))
return redirect(url_for('labels.index'))
if access.access(label) < access.EDIT:
return access.forbidden_page()
return render_template("edit_label.html", label=label)
def view(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.VIEW:
return access.forbidden_page()
rendered = markdown(note.text, extensions=["tables"])
return render_template('view_note.html',
note=note,
rendered=rendered,
user_can_edit=access.access(note) >= access.EDIT)
def append(id=0):
note = db.query(Note).get(id)
if not note:
flash("Note {} not found.".format(id))
return redirect(url_for('notes.index'))
if access.access(note) < access.EDIT:
return access.forbidden_page()
line = request.args.get('line')
if line == None:
flash("`line` arg required.")
return redirect(url_for('notes.index'))
note.text += " \n" + line
db.commit()
flash("<i>{}</i> appended to {}.".format(line, note.name))
return redirect(url_for("notes.view", id=id))