yannweb
/
lodel2_mirror
mirror of https://github.com/yweber/lodel2.git
Watch 1
Star 0
Fork 0
Code Releases 0 Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2041 Commits
27 Branches
Tree: ec1e531aa2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ec1e531aa2'
${ noResults }
lodel2_mirror/lodel/plugins/webui/interface/controllers/admin.py

admin.py 13KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352 
  1. # 

  2. # This file is part of Lodel 2 (https://github.com/OpenEdition)

  3. #

  4. # Copyright (C) 2015-2017 Cléo UMS-3287

  5. #

  6. # This program is free software: you can redistribute it and/or modify

  7. # it under the terms of the GNU Affero General Public License as published

  8. # by the Free Software Foundation, either version 3 of the License, or

  9. # (at your option) any later version.

  10. #

  11. # This program is distributed in the hope that it will be useful,

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  14. # GNU Affero General Public License for more details.

  15. #

  16. # You should have received a copy of the GNU Affero General Public License

  17. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  18. #

  19. 

  20. 

  21. from ...exceptions import *

  22. from .base import get_response

  23. 

  24. from lodel.context import LodelContext

  25. LodelContext.expose_modules(globals(), {

  26.     'lodel.leapi.exceptions': [],

  27.     'lodel.logger': 'logger',

  28.     'lodel.leapi.datahandlers.base_classes': ['MultipleRef'],

  29.     'lodel.leapi.exceptions': ['LeApiDataCheckErrors'],

  30.     'lodel.exceptions': ['LodelExceptions']})

  31. LodelContext.expose_dyncode(globals(), 'dyncode')

  32. 

  33. from ...client import WebUiClient

  34. import warnings

  35. 

  36. LIST_SEPARATOR = ','

  37. 

  38. ##@brief These functions are called by the rules defined in ../urls.py

  39. ## To administrate the instance of the editorial model

  40. 

  41. ##@brief Controller's function to redirect on the home page of the admin

  42. # @param request : the request (get or post)

  43. # @note the response is given in a html page called in get_response_function

  44. def index_admin(request):

  45.     # We have to be identified to admin the instance

  46.     # temporary, the acl will be more restrictive

  47.     #if WebUiClient.is_anonymous():

  48.     #    return get_response('users/signin.html')

  49.     return get_response('admin/admin.html')

  50. 

  51. ##@brief Controller's function to update an object of the editorial model

  52. # @param request : the request (get or post)

  53. # @note the response is given in a html page (in templates/admin) called in get_response_function

  54. def admin_update(request):

  55.     # We have to be identified to admin the instance

  56.     # temporary, the acl will be more restrictive

  57.     #if WebUiClient.is_anonymous():

  58.     #    return get_response('users/signin.html')

  59.     msg=''

  60. 

  61.     data = process_form(request)

  62.     if not(data is False):

  63.         if 'lodel_id' not in data:

  64.             raise HttpException(400)

  65.         target_leo = dyncode.Object.name2class(data['classname'])

  66.         leo = target_leo.get_from_uid(data['lodel_id'])

  67.         if leo is None:

  68.             raise HttpException(404,

  69.                 custom = 'No %s with id %s' % (

  70.                     target_leo.__name__, data['lodel_id']))

  71.         try:

  72.             leo.update(

  73.                 { f:data[f] for f in data if f not in ('classname', 'lodel_id')})

  74.         except LeApiDataCheckErrors as e:

  75.             raise HttpErrors(

  76.                 title='Form validation errors', errors = e._exceptions)

  77. 

  78. 

  79. 

  80.     # Display of the form with the object's values to be updated

  81.     if 'classname' in request.GET:

  82.         # We need the class of the object to update

  83.         classname = request.GET['classname']

  84.         if len(classname) > 1:

  85.             raise HttpException(400)

  86.         classname = classname[0]

  87.         try:

  88.             target_leo = dyncode.Object.name2class(classname)

  89.         except LeApiError:

  90.             # classname = None

  91.             raise HttpException(400)

  92.         logger.warning('Composed uids broken here')

  93.         uid_field = target_leo.uid_fieldname()[0]

  94. 

  95.     # We need the uid of the object

  96.     test_valid = 'lodel_id' in request.GET \

  97.         and len(request.GET['lodel_id']) == 1

  98. 

  99.     if test_valid:

  100.         try:

  101.             dh = target_leo.field(uid_field)

  102.             # we cast the uid extrated form the request to the adequate type

  103.             # given by the datahandler of the uidfield's datahandler

  104.             lodel_id = dh.cast_type(request.GET['lodel_id'][0])

  105.         except (ValueError, TypeError):

  106.             test_valid = False

  107. 

  108.     if not test_valid:

  109.         raise HttpException(400)

  110.     else:

  111.         # Check if the object actually exists

  112.         # We get it from the database

  113.         query_filters = list()

  114.         query_filters.append((uid_field,'=',lodel_id))

  115.         obj = target_leo.get(query_filters)

  116.         if len(obj) == 0:

  117.             raise HttpException(404)

  118.     return get_response('admin/admin_edit.html', target=target_leo, lodel_id =lodel_id)

  119. 

  120. ##@brief Controller's function to create an object of the editorial model

  121. # @param request : the request (get or post)

  122. # @note the response is given in a html page (in templates/admin) called in get_response_function

  123. def admin_create(request):

  124.     # We have to be identified to admin the instance

  125.     # temporary, the acl will be more restrictive

  126.     #if WebUiClient.is_anonymous():

  127.     #    return get_response('users/signin.html')

  128. 

  129.     data = process_form(request)

  130.     if not(data is False):

  131.         target_leo = dyncode.Object.name2class(data['classname'])

  132.         if 'lodel_id' in data:

  133.             raise HttpException(400)

  134.         try:

  135.             new_uid = target_leo.insert(

  136.                 { f:data[f] for f in data if f != 'classname'})

  137.         except LeApiDataCheckErrors as e:

  138.             raise HttpErrors(

  139.                 title='Form validation errors', errors = e._exceptions)

  140.         if new_uid is None:

  141.             raise HttpException(400, "Creation fails")

  142.         else:

  143.             return get_response(

  144.                 'admin/admin_create.html', target=target_leo,

  145.                 msg = "Created with uid %s" % new_uid)

  146. 

  147.     # Display of an empty form

  148.     if 'classname' in request.GET:

  149.         # We need the class to create an object in

  150.         classname = request.GET['classname']

  151.         if len(classname) > 1:

  152.             raise HttpException(400)

  153.         classname = classname[0]

  154.         try:

  155.             target_leo = dyncode.Object.name2class(classname)

  156.         except LeApiError:

  157.             classname = None

  158. 

  159.     if classname is None or target_leo.is_abstract():

  160.         raise HttpException(400)

  161.     return get_response('admin/admin_create.html', target=target_leo)

  162. 

  163. ##@brief Controller's function to delete an object of the editorial model

  164. # @param request : the request (get)

  165. # @note the response is given in a html page (in templates/admin) called in get_response_function

  166. def admin_delete(request):

  167.     # We have to be identified to admin the instance

  168.     # temporary, the acl will be more restrictive

  169.     #if WebUiClient.is_anonymous():

  170.     #    return get_response('users/signin.html')

  171.     classname = None

  172. 

  173.     if 'classname' in request.GET:

  174.         # We need the class to delete an object in

  175.         classname = request.GET['classname']

  176.         if len(classname) > 1:

  177.             raise HttpException(400)

  178.         classname = classname[0]

  179.         try:

  180.             target_leo = dyncode.Object.name2class(classname)

  181.         except LeApiError:

  182.             # classname = None

  183.             raise HttpException(400)

  184.         logger.warning('Composed uids broken here')

  185.         uid_field = target_leo.uid_fieldname()[0]

  186. 

  187.     # We also need the uid of the object to delete

  188.     test_valid = 'lodel_id' in request.GET \

  189.         and len(request.GET['lodel_id']) == 1

  190. 

  191.     if test_valid:

  192.         try:

  193.             dh = target_leo.field(uid_field)

  194.             # we cast the uid extrated form the request to the adequate type

  195.             # given by the datahandler of the uidfield's datahandler

  196.             lodel_id = dh.cast_type(request.GET['lodel_id'][0])

  197.         except (ValueError, TypeError):

  198.             test_valid = False

  199. 

  200.     if not test_valid:

  201.         raise HttpException(400)

  202.     else:

  203.         query_filters = list()

  204.         query_filters.append((uid_field,'=',lodel_id))

  205.         nb_deleted = target_leo.delete_bundle(query_filters)

  206. 

  207.     if nb_deleted == 1:

  208.             msg = 'Object successfully deleted';

  209.     else:

  210.             msg = 'Oops something wrong happened...object still here'

  211. 

  212.     return get_response('admin/admin_delete.html', target=target_leo, lodel_id =lodel_id, msg = msg)

  213. 

  214. 

  215. 

  216. def admin_classes(request):

  217.     # We have to be identified to admin the instance

  218.     # temporary, the acl will be more restrictive

  219.     #if WebUiClient.is_anonymous():

  220.     #    return get_response('users/signin.html')

  221.     return get_response('admin/list_classes_admin.html', my_classes = dyncode.dynclasses)

  222. 

  223. def create_object(request):

  224.     # We have to be identified to admin the instance

  225.     # temporary, the acl will be more restrictive

  226.     #if WebUiClient.is_anonymous():

  227.     #    return get_response('users/signin.html')

  228.     return get_response('admin/list_classes_create.html', my_classes = dyncode.dynclasses)

  229. 

  230. def delete_object(request):

  231.     # We have to be identified to admin the instance

  232.     # temporary, the acl will be more restrictive

  233.     #if WebUiClient.is_anonymous():

  234.     #    return get_response('users/signin.html')

  235.     return get_response('admin/list_classes_delete.html', my_classes = dyncode.dynclasses)

  236. 

  237. def admin_class(request):

  238.     # We have to be identified to admin the instance

  239.     # temporary, the acl will be more restrictive

  240.     #if WebUiClient.is_anonymous():

  241.     #    return get_response('users/signin.html')

  242.     # We need the class we'll list to select the object to edit

  243.     if 'classname' in request.GET:

  244.         classname = request.GET['classname']

  245.         if len(classname) > 1:

  246.             raise HttpException(400)

  247.         classname = classname[0]

  248.         try:

  249.             target_leo = dyncode.Object.name2class(classname)

  250.         except LeApiError:

  251.             classname = None

  252.     if classname is None or target_leo.is_abstract():

  253.         raise HttpException(400)

  254.     return get_response('admin/show_class_admin.html', target=target_leo)

  255. 

  256. def delete_in_class(request):

  257.     # We have to be identified to admin the instance

  258.     # temporary, the acl will be more restrictive

  259.     #if WebUiClient.is_anonymous():

  260.     #    return get_response('users/signin.html')

  261.     # We need the class we'll list to select the object to delete

  262.     if 'classname' in request.GET:

  263.         classname = request.GET['classname']

  264.         if len(classname) > 1:

  265.             raise HttpException(400)

  266.         classname = classname[0]

  267.         try:

  268.             target_leo = dyncode.Object.name2class(classname)

  269.         except LeApiError:

  270.             classname = None

  271.     if classname is None or target_leo.is_abstract():

  272.         raise HttpException(400)

  273.     return get_response('admin/show_class_delete.html', target=target_leo)

  274. 

  275. def admin(request):

  276.     # We have to be identified to admin the instance

  277.     # temporary, the acl will be more restrictive

  278.     #if WebUiClient.is_anonymous():

  279.     #    return get_response('users/signin.html')

  280.     return get_response('admin/admin.html')

  281. 

  282. 

  283. def search_object(request):

  284.     if request.method == 'POST':

  285.         classname = request.POST['classname']

  286.         searchstring = request.POST['searchstring']

  287.         try:

  288.             target_leo = dyncode.Object.name2class(classname)

  289.         except LeApiError:

  290.             raise HttpException(400)

  291.         # TODO The get method must be implemented here

  292.     return get_response('admin/admin_search.html', my_classes = dyncode.dynclasses)

  293. 

  294. ##@brief Process a form POST and return the posted data

  295. #@param request : the request object

  296. #@return a dict with data as value and fieldname as key

  297. def process_form(request):

  298.     if request.method != 'POST':

  299.         return False

  300.     res = dict()

  301.     errors = dict()

  302.     #Fetch concerned LeObject

  303.     if 'classname' not in request.form:

  304.         logger.error("Received a form without classname !")

  305.         raise HttpException(400)

  306.     res['classname'] = classname = request.form['classname']

  307.     try:

  308.         target_leo = dyncode.Object.name2class(classname)

  309.     except LeApiError:

  310.         logger.error(

  311.             "Received a form with an invalid leo name : '%s'" % classname)

  312.         raise HttpException(400, "No leobject named '%s'" % classname)

  313.     if target_leo.is_abstract():

  314.         logger.error(

  315.             "Received a form with an abstract leo : '%s'" % classname)

  316.         raise HttpException(400, '%s is abstract' % classname)

  317.     #Process input fields

  318.     for fieldname, value in request.form.items():

  319.         if fieldname == 'classname':

  320.             continue

  321.         elif fieldname == 'uid':

  322.             fieldname = 'lodel_id' #wow

  323.         elif fieldname.startswith('field_input_'):

  324.             fieldname = fieldname[12:]

  325.         try:

  326.             dh = target_leo.data_handler(fieldname)

  327.         except NameError as e:

  328.             errors[fieldname] = e

  329.             continue

  330.         if dh.is_reference() and not dh.is_singlereference():

  331.             #Converting multiple references fields

  332.             value = value.strip()

  333.             if len(value) == 0:

  334.                 #handling default value for empty string

  335.                 if hasattr(dh, 'default'):

  336.                     value = dh.default

  337.                 else:

  338.                     #if not explicit default value, enforcing default as

  339.                     #an empty list

  340.                     value = []

  341.             else:

  342.                 value = [ v.strip() for v in value.split(LIST_SEPARATOR) ]

  343.                 value = [ v for v in value if len(v) > 0]

  344.         else:

  345.             #Handling default value for empty string

  346.             if len(value.strip()) == 0 and hasattr(dh, 'default'):

  347.                 value = dh.default

  348.         res[fieldname] = value

  349.     if len(errors) > 0:

  350.         del(res)

  351.         raise HttpErrors(errors, title="Form validation error")

  352.     return res