Commits

Anonymous committed 59d48b3

fixed : only admin allow to edit post
widget feature

Comments (0)

Files changed (6)

utilities/auth_helper.py

     def _wrapper(request, *args, **kw):
         user = users.get_current_user()
         if user:
-            return func(request, *args, **kw)
+            if users.is_current_user_admin():
+                return func(request, *args, **kw)
+            else:
+                return HttpResponseRedirect(users.create_login_url(request.get_full_path()))
         else:
             return HttpResponseRedirect(users.create_login_url(request.get_full_path()))
 
+import re
+
+def construct_keyname(param):
+    # clean non aplhanumeric 
+    param = re.sub('[^\w\s]', '', param)
+    
+    # replace space with dash
+    return param.replace(' ','-')

widgets/__init__.py

Empty file added.
+#    Copyright 2010 Hudarsono <http://blog.hudarsono.me>
+#
+#    This file is part of MeBlog.
+#
+#    MeBlog is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    MeBlog is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with MeBlog.  If not, see <http://www.gnu.org/licenses/>.
+
+from google.appengine.ext import db
+
+class Widget(db.Model):
+    title = db.StringProperty()
+    body = db.StringProperty()
+    enabled = db.BooleanProperty()
+    
+    def get_edit_url(self):
+        return '/widget/edit/%s' % str(self.key())
+    
+    def get_delete_url(self):
+        return '/widget/delete/%s' % str(self.key())
+from django.shortcuts import render_to_response
+from django.http import HttpResponseRedirect
+from django.core.context_processors import csrf
+from django.template import RequestContext
+
+
+from google.appengine.api import memcache
+from utilities.auth_helper import login_required
+
+
+from widgets import models
+import widgetform
+
+def listWidget(request):
+    widgets = models.Widget.all()
+    return render_to_response('admin/widgetlist.html', {'widgets':widgets})
+    
+
+def newWidget(request):
+    c = {}
+    c.update(csrf(request))
+    widgetForm = None
+    if request.method == 'POST':
+        newWidget = widgetform.WidgetForm(request.POST)
+        if newWidget.is_valid():
+            newWidget.save()
+            memcache.flush_all()
+            return HttpResponseRedirect('/widgets/')
+        else:
+            widgetForm = widgetform.WidgetForm(request.POST)
+    
+    if widgetForm is None:
+        widgetForm = widgetform.WidgetForm()
+        
+    return render_to_response('admin/widgetform.html', {'widgetForm':widgetForm},
+                                                    context_instance=RequestContext(request))
+                                                    
+
+def editWidget(request, key):
+    c = {}
+    c.update(csrf(request))
+    widgetForm = None
+    if request.method == 'POST':
+        form = widgetform.WidgetForm(request.POST)
+        widget = models.Widget.get(key)
+        if form.is_valid():
+            form.save(widget)
+            memcache.flush_all()
+            return HttpResponseRedirect('/widgets/')
+        else:
+            widgetForm = widgetform.WidgetForm(request.POST)
+    
+    if widgetForm is None:
+        widget = models.Widget.get(key)
+        if widget:
+            widgetForm = widgetform.WidgetForm(initial={'key':widget.key(),
+                                                        'title':widget.title,
+                                                        'body':widget.body,
+                                                        'enabled':widget.enabled})
+    return render_to_response('admin/widgetform.html', {'widgetForm':widgetForm,
+                                                        'action':widget.get_edit_url()},
+                                                        context_instance=RequestContext(request))
+                                                        
+def delWidget(request, key):
+    widget = models.Widget.get(key)
+    if widget:
+        widget.delete()
+        memcache.flush_all()
+    return HttpResponseRedirect('/widgets/')

widgets/widgetform.py

+#    Copyright 2010 Hudarsono <http://blog.hudarsono.me>
+#
+#    This file is part of MeBlog.
+#
+#    MeBlog is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    MeBlog is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with MeBlog.  If not, see <http://www.gnu.org/licenses/>.
+
+
+import models
+from django import forms
+
+class WidgetForm(forms.Form):
+    key = forms.CharField(required=False, max_length=30,widget=forms.HiddenInput())
+    title = forms.CharField(widget=forms.TextInput(attrs={'class':'TextInput'}))
+    body = forms.CharField(widget=forms.Textarea())
+    enabled = forms.BooleanField(required=False, widget=forms.Select(choices=(('True','True'),('False','False'))))
+
+    def save(self, widget=None, commit=True):
+        data = self.cleaned_data
+        if not widget: widget = models.Widget()
+        widget.title = data['title']
+        widget.body = data['body']
+        widget.enabled = data['enabled']
+        if commit: widget.put()
+        return widget