1. Blaise Laflamme
  2. PylonsWikiNG

Source

PylonsWikiNG / src / authorization / tutorial / views.py

import re

from docutils.core import publish_parts

from webob.exc import HTTPFound

from repoze.bfg.security import remember
from repoze.bfg.security import forget
from repoze.bfg.security import Allow
from repoze.bfg.security import Everyone
from repoze.bfg.security import authenticated_userid
from repoze.bfg.url import route_url
from repoze.bfg.view import bfg_view
from repoze.bfg.exceptions import Forbidden

from pylons.views import action
#from pylons import url
from tutorial.models import DBSession
from tutorial.models import Page
from tutorial.security import USERS

# regular expression used to find WikiWords
wikiwords = re.compile(r"\b([A-Z]\w+[A-Z]+\w+)")

class MyController(object):
    __acl__ = [ (Allow, Everyone, 'view'),
                (Allow, 'group:editors', 'edit') ]
                
    def __init__(self, request):
        self.request = request
        self.__dict__.update(self.request.matchdict)

    @action(renderer='mytemplate.mak')
    def index(self):
        return {'root':root, 'project':'tutorial'}
    
    @action(renderer='view.mak')
    def view_wiki(self):
        return HTTPFound(location=route_url('view_page', self.request, pagename='FrontPage'))
    
    @action(renderer='view.mak')
    def view_page(self):
        matchdict = self.request.matchdict
        session = DBSession()
        page = session.query(Page).filter_by(name=matchdict['pagename']).one()
        def check(match):
            word = match.group(1)
            exists = session.query(Page).filter_by(name=word).all()
            if exists:
                view_url = route_url('view_page', self.request, pagename=word)
                return '<a href="%s">%s</a>' % (view_url, word)
            else:
                add_url = route_url('add_page', self.request, pagename=word)
                return '<a href="%s">%s</a>' % (add_url, word)
    
        content = publish_parts(page.data, writer_name='html')['html_body']
        content = wikiwords.sub(check, content)
        edit_url = route_url('edit_page', self.request, pagename=matchdict['pagename'])
        logged_in = authenticated_userid(self.request)
        return dict(
            page=page,
            content=content,
            edit_url=edit_url,
            logged_in = logged_in
        )
    
    @action(renderer='edit.mak', permission="edit")
    def add_page(self):
        name = self.request.matchdict['pagename']
        if 'form.submitted' in self.request.params:
            session = DBSession()
            body = self.request.params['body']
            page = Page(name, body)
            session.add(page)
            return HTTPFound(location = route_url('view_page', self.request, pagename=name))
        save_url = route_url('add_page', request, pagename=name)
        page = Page('', '')
        logged_in = authenticated_userid(self.request)
        return dict(
            page=page,
            save_url=save_url,
            logged_in = logged_in
        )
    
    @action(renderer='edit.mak', permission="edit")    
    def edit_page(self):
        name = self.request.matchdict['pagename']
        session = DBSession()
        page = session.query(Page).filter_by(name=name).one()
        if 'form.submitted' in self.request.params:
            page.data = self.request.params['body']
            session.add(page)
            return HTTPFound(location=route_url('view_page', self.request, pagename=name))
        logged_in = authenticated_userid(self.request)
        return dict(
            page=page,
            save_url = route_url('edit_page', self.request, pagename=name),
            logged_in = logged_in,
        )
    
    @action(renderer='login.mak', context=Forbidden)
    def login(self):
        login_url = route_url('login', self.request)
        referrer = self.request.url
        if referrer == login_url:
            referrer = '/' # never use the login form itself as came_from
        came_from = self.request.params.get('came_from', referrer)
        message = ''
        login = ''
        password = ''
        if 'form.submitted' in self.request.params:
            login = self.request.params['login']
            password = self.request.params['password']
            if USERS.get(login) == password:
                headers = remember(self.request, login)
                return HTTPFound(location=came_from, headers=headers)
            message = 'Failed login'
    
        return dict(
            message = message,
            url = self.request.application_url + '/login',
            came_from = came_from,
            login = login,
            password = password,
        )
    
    @action()    
    def logout(self):
        headers = forget(self.request)
        return HTTPFound(location=route_url('view_wiki', self.request), headers=headers)