static/js/petition.js templates/confirm_deletion.html templates/confirm_unsign.html @@ -35,7 +35,7 @@ def gmailLoginURL(email): class importcontacts: def GET(self): - msg = helpers.get_delete_msg() + msg, msg_type = helpers.get_delete_msg() return render.import_contacts(msg) def POST(self): contacts.py @@ -23,7 +23,7 @@ def load_wyr(): 'captcha': data['captcha'] } - db.insert('wyr3', seqname=False, **d) + db.insert('wyr', seqname=False, **d) if __name__ == "__main__": load_wyr() import/load/wyr.py @@ -38,7 +38,7 @@ class index: return render.petition_list(petitions) def save_petition(p): - p.id = p.id.replace(' ', '_') + p.pid = p.pid.replace(' ', '_') with db.transaction(): try: owner = db.select('users', where='email=$p.email', vars=locals())[0] @@ -48,10 +48,10 @@ def save_petition(p): if not owner.verified: db.update('users', where='email=$p.email', verified=True, vars=locals()) owner_id = owner.id - db.insert('petition', seqname=False, id=p.id, title=p.title, description=p.description, + db.insert('petition', seqname=False, id=p.pid, title=p.ptitle, description=p.pdescription, owner_id=owner_id) #make the owner of the petition sign for it (??) - db.insert('signatory', seqname=False, user_id=owner_id, share_with='E', petition_id=p.id) + db.insert('signatory', seqname=False, user_id=owner_id, share_with='E', petition_id=p.pid) def fill_user_details(form, fillings): details = {} @@ -86,7 +86,7 @@ class new: msg = """Congratulations, you've created your petition. Now sign and share it with all your friends.""" helpers.set_msg(msg) - return web.seeother('/%s' % p.id) + return web.seeother('/%s' % p.pid) else: return render.petitionform(pform) @@ -124,7 +124,8 @@ def save_signature(forminput, pid): def sendmail_to_signatory(user, pid): p = db.select('petition', where='id=$pid', vars=locals())[0] p.url = 'http//watchdog.net/c/%s' % (pid) - msg = render_plain.signatory_mailer(user.name, p) + token = auth.get_secret_token(user.email) + msg = render_plain.signatory_mailer(user, p, token) #@@@ shouldn't this web.utf8 stuff taken care by in web.py? web.sendmail(web.utf8(config.from_address), web.utf8(user.email), web.utf8(msg.subject.strip()), web.utf8(msg)) @@ -142,10 +143,12 @@ def is_author(email, pid): class petition: def GET(self, pid, signform=None, passwordform=None): i = web.input() - if ('m' in i): - if i.m == 'edit': return self.GET_edit(pid) - elif i.m == 'signatories': return self.GET_signatories(pid) + options = ['signatories', 'unsign', 'edit', 'delete'] + if i.get('m', None) in options: + handler = getattr(self, 'GET_'+i.m) + return handler(pid) + try: p = db.select('petition', where='id=$pid', vars=locals())[0] except: @@ -159,24 +162,42 @@ class petition: fill_user_details(signform, ['name', 'email']) if askforpasswd(p.owner_id) and not passwordform: passwordform = forms.passwordform() - msg = helpers.get_delete_msg() + msg, msg_type = helpers.get_delete_msg() return render.petition(p, signform, passwordform, msg) def GET_edit(self, pid): user_email = helpers.get_loggedin_email() if is_author(user_email, pid): p = db.select('petition', where='id=$pid', vars=locals())[0] - p.email = user_email pform = forms.petitionform() - pform.fill(**p) + pform.fill(email=user_email, pid=p.id, ptitle=p.title, pdescription=p.description) for i in pform.inputs: - if i.id in ['id', 'email']: i.attrs['readonly'] = 'true' + if i.id in ['pid', 'email']: i.attrs['readonly'] = 'true' title = "Edit petition" return render.petitionform(pform, title, target='/c/%s?m=edit' % (pid)) else: - helpers.set_msg('Only author of this petition can edit it.') + login_link = '<a href="/login">Login</a>' + helpers.set_msg('Only author of this petition can edit it. %s if you are.' % login_link, msg_type='error') raise web.seeother('/%s' % pid) + + + def GET_unsign(self, pid): + i = web.input() + user = helpers.get_user_by_email(i.email) + + if user: + signatory = db.select('signatory', where='petition_id=$pid and user_id=$user.id', vars=locals()) + + if not (user and signatory and auth.check_secret_token(i.email, i.token)): + msg = "Invalid token or there is no signature for this petition with this email." + msg_type = 'error' + else: + msg = render_plain.confirm_unsign(pid, user.id) + msg_type = '' + helpers.set_msg(msg, msg_type) + raise web.seeother('/%s' % pid) + def GET_signatories(self, pid): user_email = helpers.get_loggedin_email() ptitle = db.select('petition', what='title', where='id=$pid', vars=locals())[0].title @@ -188,10 +209,20 @@ class petition: vars=locals()).list() return render.signature_list(pid, ptitle, signs, is_author(user_email, pid)) + def GET_delete(self, pid): + user_email = helpers.get_loggedin_email() + if is_author(user_email, pid): + msg = render_plain.confirm_deletion(pid) + helpers.set_msg(msg) + else: + login_link = '<a href="/login">Login</a>' + helpers.set_msg('Only author of this petition can delete it. %s if you are.' % login_link, msg_type='error') + + raise web.seeother('/%s' % pid) def POST(self, pid): i = web.input('m', _method='GET') - options = ['sign', 'unisign', 'edit', 'password'] + options = ['sign', 'unsign', 'edit', 'password', 'delete'] if i.m in options: handler = getattr(self, 'POST_'+i.m) return handler(pid) @@ -219,11 +250,23 @@ class petition: def POST_edit(self, pid): i = web.input() - db.update('petition', where='id=$pid', title=i.title, description=i.description, vars=locals()) - raise web.seeother('/%s' % (pid)) + db.update('petition', where='id=$pid', title=i.ptitle, description=i.pdescription, vars=locals()) + raise web.seeother('/%s' % pid) def POST_unsign(self, pid): - pass #@@@for now + i = web.input() + db.delete('signatory', where='petition_id=$pid and user_id=$i.user_id', vars=locals()) + msg = 'Your signature has been removed for this petition.' + helpers.set_msg(msg) + raise web.seeother('/%s' % pid) + + def POST_delete(self, pid): + with db.transaction(): + title = db.select('petition', what='title', where='id=$pid', vars=locals())[0].title + db.delete('signatory', where='petition_id=$pid', vars=locals()) + db.delete('petition', where='id=$pid', vars=locals()) + helpers.set_msg('Petition "%s" deleted' % (title)) + raise web.seeother('/') def get_contacts(user_id): contacts = db.select('contacts', petition.py @@ -5,7 +5,11 @@ $var title: $p.title $if msg: $var msg: $:msg -<p style="float:right"><a href="#sign">Sign</a>&nbsp;<a href="/c/share?pid=$p.id">Share</a>&nbsp;<a href="?m=edit">Edit</a></p> +<p style="float:right"> + <a href="#sign">Sign</a>&nbsp; + <a href="/c/share?pid=$p.id">Share</a>&nbsp; + <a href="?m=edit">Edit</a> + <a href="?m=delete">Delete</a></p> $if passwordform: <div class="passbox"> templates/petition.html @@ -2,43 +2,7 @@ $def with (form, title="New Petition", target="/c/new") $var title: $title -<script type="text/javascript" src="/static/js/jquery.js"></script> -<script> - -\$(document).ready( function(){ - -strip = function(s) { return s.replace(/^\s+/, '').replace(/\s+$/, ''); } -remove_punctuation = function(s) { return s.replace(/[,.;]/g,''); } -petition_id = $('id'); -note_id = $('note_id'); -title_field = $('title') -\$(title_field).change(function fillURL(){ - if(! \$(petition_id).attr('readonly')){ - url = strip(this.value).toLowerCase().replace(/\s+/g, '-'); - url = remove_punctuation(url); - \$(petition_id).val(url); - } - return; -}); - -\$(petition_id).change( function checkID(){ - \$.post("/c/checkID", {pid: strip(this.value)}, - function(available){ - if (available == 'False'){ - msg = 'ID already exists, Choose a different one'; - \$(note_id).html('<strong style="color:red">' + msg + '</strong>'); - \$(petition_id).focus(); - return false; - } - else { - \$(note_id).html(''); - return true; - } - }); - }); -}); -</script> - +<script type="text/javascript" src="/static/js/petition.js"></script> <form name="petition" method="POST" action="$target"> $if not form.valid: <p class="error">Please try again after fixing the errors highlighted below:</p> templates/petitionform.html @@ -1,12 +1,12 @@ -$def with (user_name, petition) +$def with (user, petition, token) $var title: $var subject: Thanks for signing petition -Hi $user_name, +Hi $user.name, Thanks for signing the petition $:petition.title! (If you didn't -mean to sign this petition, visit $:petition.url?m=unsign .) +mean to sign this petition, visit $:petition.url?m=unsign&token=$token&email=$user.email .) It would help even more if you could encourage your friends to sign as well. Here's a message you can copy-and-paste: templates/signatory_mailer.html @@ -34,7 +34,7 @@ class login: i = web.input(redirect=referer) form = forms.loginform() form['redirect'].value = i.redirect - msg = helpers.get_delete_msg() + msg, msg_type = helpers.get_delete_msg() return render.login(form, msg) def POST(self): @@ -75,7 +75,7 @@ def set_password_url(email, token): class forgot_password: def GET(self, form=None): form = form or forms.forgot_password() - msg = helpers.get_delete_msg() + msg, msg_type = helpers.get_delete_msg() return render.forgot_password(form, msg) def POST(self): @@ -109,7 +109,7 @@ class set_password: form = form or forms.passwordform() return render.set_password(form, i.email) else: - helpers.set_msg('Invalid token') + helpers.set_msg('Invalid token', msg_type='error') raise web.seeother('/forgot_password') def POST(self): utils/auth.py @@ -17,14 +17,14 @@ petitionform = form.Form( form.regexp(email_regex, 'Please enter a valid email'), description="Your email:", size='30'), - form.Textbox('title', description="Title:", size='80'), - form.Textbox('id', + form.Textbox('ptitle', description="Title:", size='80'), + form.Textbox('pid', form.notnull, form.Validator('ID already exists, Choose a different one.', doesnotexist), pre='http://watchdog.net/c/', description='URL:', size='30'), - form.Textarea('description', form.notnull, description="Description:", rows='20', cols='80') + form.Textarea('pdescription', form.notnull, description="Description:", rows='20', cols='80') ) signform = form.Form( utils/forms.py @@ -22,13 +22,20 @@ def getcookie(name): def deletecookie(name): web.setcookie(name, expires=-1) -def set_msg(msg): +def set_msg(msg, msg_type=None): + if msg_type == 'error': + msg += '$ERR$' web.setcookie('wd_msg', msg) def get_delete_msg(): msg = web.cookies().get('wd_msg', None) web.setcookie('wd_msg', '', expires=-1) - return msg + + msg_type = None + if msg and msg.endswith('$ERR$'): + msg_type = 'error' + msg = msg[:-5] + return msg, msg_type def get_loggedin_email(): return getcookie('wd_login') utils/helpers.py @@ -503,7 +503,7 @@ def add_captcha(form, img_src): class write_your_rep: def GET(self, form=None): form = form or forms.writerep() - msg = helpers.get_delete_msg() + msg, msg_type = helpers.get_delete_msg() return render.writerep(form, msg=msg) def POST(self): webapp.py 8235c8d935d6102834a59f1f073764e8244ecb61 Devi asldevi@gmail.com http://github.com/dfdeshom/watchdog/commit/4bd272f3e00a55fef47245d2068d84c065a744a4 4bd272f3e00a55fef47245d2068d84c065a744a4 2008-08-18T05:15:38-07:00 2008-08-18T05:15:38-07:00 petitions - delete and unsign; msg_type to differentiate error msgs; bug fixes 3e47cd4d3badfabfb34b527f781fa5b420c2a265 Devi asldevi@gmail.com