def ajax_qsd(request):
""" Ajax function for in-line QSD editing. """
from django.utils import simplejson
from esp.lib.templatetags.markdown import markdown
result = {}
post_dict = request.POST.copy()
if (request.user.id is None):
return HttpResponse(
content=
'Oops! Your session expired!\nPlease open another window, log in, and try again.\nYour changes will not be lost if you keep this page open.',
status=500)
if post_dict['cmd'] == "update":
qsd = QuasiStaticData.objects.get(id=post_dict['id'])
if not Permission.user_can_edit_qsd(request.user, qsd.url):
return HttpResponse(
content='Sorry, you do not have permission to edit this page.',
status=500)
# Since QSD now uses reversion, we want to only modify the data if we've actually changed something
# The revision will automatically be created upon calling the save function of the model object
if qsd.content != post_dict['data']:
qsd.content = post_dict['data']
qsd.load_cur_user_time(request, )
qsd.save()
# We should also purge the cache
purge_page(qsd.url + ".html")
result['status'] = 1
result['content'] = markdown(qsd.content)
result['id'] = qsd.id
if post_dict['cmd'] == "create":
if not Permission.user_can_edit_qsd(request.user, post_dict['url']):
return HttpResponse(
content="Sorry, you do not have permission to edit this page.",
status=500)
qsd, created = QuasiStaticData.objects.get_or_create(
url=post_dict['url'], defaults={'author': request.user})
qsd.content = post_dict['data']
qsd.author = request.user
qsd.save()
result['status'] = 1
result['content'] = markdown(qsd.content)
result['id'] = qsd.id
return HttpResponse(simplejson.dumps(result))
def ajax_qsd(request):
""" Ajax function for in-line QSD editing. """
import json
from markdown import markdown
result = {}
post_dict = request.POST.copy()
if ( request.user.id is None ):
return HttpResponse(content='Oops! Your session expired!\nPlease open another window, log in, and try again.\nYour changes will not be lost if you keep this page open.', status=401)
if post_dict['cmd'] == "update":
if not Permission.user_can_edit_qsd(request.user, post_dict['url']):
return HttpResponse(content='Sorry, you do not have permission to edit this page.', status=403)
qsd, created = QuasiStaticData.objects.get_or_create(url=post_dict['url'], defaults={'author': request.user})
# Since QSD now uses reversion, we want to only modify the data if we've actually changed something
# The revision will automatically be created upon calling the save function of the model object
if qsd.content != post_dict['data']:
qsd.content = post_dict['data']
qsd.load_cur_user_time(request, )
qsd.save()
# We should also purge the cache
purge_page(qsd.url+".html")
result['status'] = 1
result['content'] = markdown(qsd.content)
result['url'] = qsd.url
return HttpResponse(json.dumps(result))
def render(self, context):
try:
user = self.user_variable.resolve(context) if self.user_variable is not None else None
except template.VariableDoesNotExist:
user = None
try:
program = self.program_variable.resolve(context) if self.program_variable is not None else None
except template.VariableDoesNotExist:
program = None
# Accept literal string url argument if it is quoted; otherwise expect a template variable.
if not self.url.startswith('"'):
url_resolved = template.Variable(self.url).resolve(context)
else:
url_resolved = self.url.strip('"')
if program is not None:
url = QuasiStaticData.prog_qsd_url(program,url_resolved)
else:
url = url_resolved
#probably should have an error message if variable was not None and prog was
edit_bits = Permission.user_can_edit_qsd(user, url)
qsd_obj = QuasiStaticData.objects.get_by_url(url)
if qsd_obj == None:
new_qsd = QuasiStaticData()
new_qsd.url = url
new_qsd.title = url
new_qsd.content = self.nodelist.render(context)
if getattr(user, 'id', False):
new_qsd.author = user
new_qsd.save()
qsd_obj = new_qsd
return render_to_response("inclusion/qsd/render_qsd_inline.html", {'qsdrec': qsd_obj, 'edit_bits': edit_bits}, context_instance=context).content
def qsd(request, url):
# Extract the 'action' from the supplied URL if there is one
url_parts = url.split('/')
page_name = url_parts[-1]
page_name_parts = page_name.split('.')
if len(page_name_parts) > 1:
action = page_name_parts[-1]
page_name_base = '.'.join(page_name_parts[:-1])
else:
action = 'read'
page_name_base = page_name
base_url = '/'.join(url_parts[:-1] + [page_name_base])
# Detect edit authorizations
have_read = True
if not have_read and action == 'read':
raise Http403, "You do not have permission to access this page."
# Fetch the QSD object
try:
qsd_rec = QuasiStaticData.objects.get_by_url(base_url)
if qsd_rec == None:
raise QuasiStaticData.DoesNotExist
if qsd_rec.disabled:
raise QuasiStaticData.DoesNotExist
except QuasiStaticData.DoesNotExist:
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
if have_edit:
if action in (
'edit',
'create',
):
qsd_rec = QuasiStaticData()
qsd_rec.url = base_url
qsd_rec.nav_category = NavBarCategory.default()
qsd_rec.title = 'New Page'
qsd_rec.content = 'Please insert your text here'
qsd_rec.create_date = datetime.now()
qsd_rec.keywords = ''
qsd_rec.description = ''
action = 'edit'
if (action == 'read'):
edit_link = '/' + base_url + '.edit.html'
return render_to_response('qsd/nopage_create.html',
request, {'edit_link': edit_link},
use_request_context=False)
else:
if action == 'read':
raise Http404, 'This page does not exist.'
else:
raise Http403, 'Sorry, you can not modify <tt>%s</tt>.' % request.path
if action == 'create':
action = 'edit'
# Detect the standard read verb
if action == 'read':
if not have_read:
raise Http403, 'You do not have permission to read this page.'
# Render response
response = render_to_response(
'qsd/qsd.html',
request,
{
'title': qsd_rec.title,
'nav_category': qsd_rec.nav_category,
'content': qsd_rec.html(),
'settings': settings,
'qsdrec': qsd_rec,
'have_edit':
True, ## Edit-ness is determined client-side these days
'edit_url': '/' + base_url + ".edit.html"
},
use_request_context=False)
# patch_vary_headers(response, ['Cookie'])
# if have_edit:
# add_never_cache_headers(response)
# patch_cache_control(response, no_cache=True, no_store=True)
# else:
patch_cache_control(response, max_age=3600, public=True)
return response
# Detect POST
if request.POST.has_key('post_edit'):
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
if not have_edit:
raise Http403, "Sorry, you do not have permission to edit this page."
nav_category_target = NavBarCategory.objects.get(
id=request.POST['nav_category'])
# Since QSD now uses reversion, we want to only modify the data if we've actually changed something
# The revision will automatically be created upon calling the save function of the model object
if qsd_rec.url != base_url or qsd_rec.nav_category != nav_category_target or qsd_rec.content != request.POST[
'content'] or qsd_rec.description != request.POST[
'description'] or qsd_rec.keywords != request.POST[
'keywords']:
qsd_rec.url = base_url
qsd_rec.nav_category = NavBarCategory.objects.get(
id=request.POST['nav_category'])
qsd_rec.content = request.POST['content']
qsd_rec.title = request.POST['title']
qsd_rec.description = request.POST['description']
qsd_rec.keywords = request.POST['keywords']
qsd_rec.load_cur_user_time(request)
qsd_rec.save()
# We should also purge the cache
purge_page(qsd_rec.url + ".html")
# If any files were uploaded, save them
for name, file in request.FILES.iteritems():
m = Media()
# Strip "media/" from FILE, and strip the file name; just return the path
path = dirname(name[9:])
# Do we want a better/manual mechanism for setting friendly_name?
m.friendly_name = basename(name)
m.format = ''
local_filename = name
if name[:9] == 'qsdmedia/':
local_filename = name[9:]
m.handle_file(file, local_filename)
m.save()
# Detect the edit verb
if action == 'edit':
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
# Enforce authorizations (FIXME: SHOW A REAL ERROR!)
if not have_edit:
raise ESPError(
False), "You don't have permission to edit this page."
m = ESPMarkdown(qsd_rec.content, media={})
m.toString()
# assert False, m.BrokenLinks()
# Render an edit form
return render_to_response(
'qsd/qsd_edit.html',
request, {
'title': qsd_rec.title,
'content': qsd_rec.content,
'keywords': qsd_rec.keywords,
'description': qsd_rec.description,
'nav_category': qsd_rec.nav_category,
'nav_categories': NavBarCategory.objects.all(),
'qsdrec': qsd_rec,
'qsd': True,
'missing_files': m.BrokenLinks(),
'target_url': base_url.split("/")[-1] + ".edit.html",
'return_to_view': base_url.split("/")[-1] + ".html#refresh"
},
use_request_context=False)
# Operation Complete!
raise Http404('Unexpected QSD operation')
def qsd(request, url):
# Extract the 'action' from the supplied URL if there is one
url_parts = url.split('/')
page_name = url_parts[-1]
page_name_parts = page_name.split('.')
if len(page_name_parts) > 1:
action = page_name_parts[-1]
page_name_base = '.'.join(page_name_parts[:-1])
else:
action = 'read'
page_name_base = page_name
base_url = '/'.join(url_parts[:-1] + [page_name_base])
# Detect edit authorizations
have_read = True
if not have_read and action == 'read':
raise Http403, "You do not have permission to access this page."
# Fetch the QSD object
try:
qsd_rec = QuasiStaticData.objects.get_by_url(base_url)
if qsd_rec == None:
raise QuasiStaticData.DoesNotExist
if qsd_rec.disabled:
raise QuasiStaticData.DoesNotExist
except QuasiStaticData.DoesNotExist:
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
if have_edit:
if action in ('edit','create',):
qsd_rec = QuasiStaticData()
qsd_rec.url = base_url
qsd_rec.nav_category = default_navbarcategory()
qsd_rec.title = 'New Page'
qsd_rec.content = 'Please insert your text here'
qsd_rec.create_date = datetime.now()
qsd_rec.keywords = ''
qsd_rec.description = ''
action = 'edit'
if (action == 'read'):
edit_link = '/' + base_url + '.edit.html'
response = render_to_response('qsd/nopage_create.html', request, {'edit_link': edit_link}, use_request_context=False)
response.status_code = 404 # Make sure we actually 404, so that if there is a redirect the middleware can catch it.
return response
else:
if action == 'read':
raise Http404, 'This page does not exist.'
else:
raise Http403, 'Sorry, you can not modify <tt>%s</tt>.' % request.path
if action == 'create':
action = 'edit'
# Detect the standard read verb
if action == 'read':
if not have_read:
raise Http403, 'You do not have permission to read this page.'
# Render response
response = render_to_response('qsd/qsd.html', request, {
'title': qsd_rec.title,
'nav_category': qsd_rec.nav_category,
'content': qsd_rec.html(),
'settings': settings,
'qsdrec': qsd_rec,
'have_edit': True, ## Edit-ness is determined client-side these days
'edit_url': '/' + base_url + ".edit.html" }, use_request_context=False)
# patch_vary_headers(response, ['Cookie'])
# if have_edit:
# add_never_cache_headers(response)
# patch_cache_control(response, no_cache=True, no_store=True)
# else:
patch_cache_control(response, max_age=3600, public=True)
return response
# Detect POST
if 'post_edit' in request.POST:
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
if not have_edit:
raise Http403, "Sorry, you do not have permission to edit this page."
nav_category_target = NavBarCategory.objects.get(id=request.POST['nav_category'])
# Since QSD now uses reversion, we want to only modify the data if we've actually changed something
# The revision will automatically be created upon calling the save function of the model object
copy_map = {
'url': base_url,
'nav_category': nav_category_target,
'content': request.POST['content'],
'title': request.POST['title'],
'description': request.POST['description'],
'keywords': request.POST['keywords'],
}
diff_found = False
for field, new_value in copy_map.items():
if getattr(qsd_rec, field) != new_value:
setattr(qsd_rec, field, new_value)
diff_found = True
if diff_found:
qsd_rec.load_cur_user_time(request)
qsd_rec.save()
# We should also purge the cache
purge_page(qsd_rec.url+".html")
# Detect the edit verb
if action == 'edit':
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
# Enforce authorizations (FIXME: SHOW A REAL ERROR!)
if not have_edit:
raise Http403, "You don't have permission to edit this page."
# Render an edit form
return render_to_response('qsd/qsd_edit.html', request, {
'title' : qsd_rec.title,
'content' : qsd_rec.content,
'keywords' : qsd_rec.keywords,
'description' : qsd_rec.description,
'nav_category' : qsd_rec.nav_category,
'nav_categories': NavBarCategory.objects.all(),
'qsdrec' : qsd_rec,
'qsd' : True,
'target_url' : base_url.split("/")[-1] + ".edit.html",
'return_to_view': base_url.split("/")[-1] + ".html#refresh" },
use_request_context=False)
# Operation Complete!
raise Http404('Unexpected QSD operation')
def qsd(request, url):
# Extract the 'action' from the supplied URL if there is one
url_parts = url.split('/')
page_name = url_parts[-1]
page_name_parts = page_name.split('.')
if len(page_name_parts) > 1:
action = page_name_parts[-1]
page_name_base = '.'.join(page_name_parts[:-1])
else:
action = 'read'
page_name_base = page_name
base_url = '/'.join(url_parts[:-1] + [page_name_base])
# Detect edit authorizations
have_read = True
if not have_read and action == 'read':
raise Http403, "You do not have permission to access this page."
# Fetch the QSD object
try:
qsd_rec = QuasiStaticData.objects.get_by_url(base_url)
if qsd_rec == None:
raise QuasiStaticData.DoesNotExist
if qsd_rec.disabled:
raise QuasiStaticData.DoesNotExist
except QuasiStaticData.DoesNotExist:
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
if have_edit:
if action in ('edit','create',):
qsd_rec = QuasiStaticData()
qsd_rec.url = base_url
qsd_rec.nav_category = default_navbarcategory()
qsd_rec.title = 'New Page'
qsd_rec.content = 'Please insert your text here'
qsd_rec.create_date = datetime.now()
qsd_rec.keywords = ''
qsd_rec.description = ''
action = 'edit'
if (action == 'read'):
edit_link = '/' + base_url + '.edit.html'
response = render_to_response('qsd/nopage_create.html', request, {'edit_link': edit_link}, use_request_context=False)
response.status_code = 404 # Make sure we actually 404, so that if there is a redirect the middleware can catch it.
return response
else:
if action == 'read':
raise Http404, 'This page does not exist.'
else:
raise Http403, 'Sorry, you can not modify <tt>%s</tt>.' % request.path
if action == 'create':
action = 'edit'
# Detect the standard read verb
if action == 'read':
if not have_read:
raise Http403, 'You do not have permission to read this page.'
# Render response
response = render_to_response('qsd/qsd.html', request, {
'title': qsd_rec.title,
'nav_category': qsd_rec.nav_category,
'content': qsd_rec.html(),
'settings': settings,
'qsdrec': qsd_rec,
'have_edit': True, ## Edit-ness is determined client-side these days
'edit_url': '/' + base_url + ".edit.html" }, use_request_context=False)
# patch_vary_headers(response, ['Cookie'])
# if have_edit:
# add_never_cache_headers(response)
# patch_cache_control(response, no_cache=True, no_store=True)
# else:
patch_cache_control(response, max_age=3600, public=True)
return response
# Detect POST
if 'post_edit' in request.POST:
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
if not have_edit:
raise Http403, "Sorry, you do not have permission to edit this page."
nav_category_target = NavBarCategory.objects.get(id=request.POST['nav_category'])
# Since QSD now uses reversion, we want to only modify the data if we've actually changed something
# The revision will automatically be created upon calling the save function of the model object
copy_map = {
'url': base_url,
'nav_category': nav_category_target,
'content': request.POST['content'],
'title': request.POST['title'],
'description': request.POST['description'],
'keywords': request.POST['keywords'],
}
diff_found = False
for field, new_value in copy_map.items():
if getattr(qsd_rec, field) != new_value:
setattr(qsd_rec, field, new_value)
diff_found = True
if diff_found:
qsd_rec.load_cur_user_time(request)
qsd_rec.save()
# We should also purge the cache
purge_page(qsd_rec.url+".html")
# Detect the edit verb
if action == 'edit':
have_edit = Permission.user_can_edit_qsd(request.user, base_url)
# Enforce authorizations (FIXME: SHOW A REAL ERROR!)
if not have_edit:
raise Http403, "You don't have permission to edit this page."
# Render an edit form
return render_to_response('qsd/qsd_edit.html', request, {
'title' : qsd_rec.title,
'content' : qsd_rec.content,
'keywords' : qsd_rec.keywords,
'description' : qsd_rec.description,
'nav_category' : qsd_rec.nav_category,
'nav_categories': NavBarCategory.objects.all(),
'qsdrec' : qsd_rec,
'qsd' : True,
'target_url' : base_url.split("/")[-1] + ".edit.html",
'return_to_view': base_url.split("/")[-1] + ".html#refresh" },
use_request_context=False)
# Operation Complete!
raise Http404('Unexpected QSD operation')