Permalink
Browse files

File submission and user management works. Holy cow\!

  • Loading branch information...
1 parent e6cc7ea commit f0133dc8b2cee870d1b862b3a86738685a164866 @pflarr committed Sep 2, 2011
View
@@ -1,2 +1,3 @@
*.pyc
*.swp
+basic_site.db
View
@@ -31,5 +31,15 @@ def main(global_config, **settings):
config.add_view('basic_site.views.home',
route_name='home',
renderer='basic_site:templates/main.mako')
+ config.add_route('users', '/users')
+ config.add_view('basic_site.views.users', route_name='users',
+ renderer='basic_site:templates/users.mako')
+ config.add_route('file', '/file/{name}*rev')
+ config.add_view('basic_site.views.file', route_name='file')
+ config.add_route('files', '/files/')
+ config.add_view('basic_site.views.files', route_name='files',
+ renderer='basic_site:templates/files.mako')
+ config.add_route('logout', '/logout/')
+ config.add_view('basic_site.views.logout', route_name='logout')
return config.make_wsgi_app()
View
@@ -1,25 +1,36 @@
+import datetime
+
from sqlalchemy import create_engine, Column, ForeignKey
-from sqlalchemy.orm import sessionmaker, scoped_session
from sqlalchemy.ext.declarative import declarative_base
+import sqlalchemy.orm
+from sqlalchemy.orm import sessionmaker, scoped_session
from sqlalchemy.types import String, DateTime, Integer, Boolean
+from pyramid.security import Allow, Everyone
+import transaction
+
from zope.sqlalchemy import ZopeTransactionExtension
from z3c.bcrypt import BcryptPasswordManager
manager = BcryptPasswordManager()
-from pyramid.security import Allow, Everyone
-
-import sqlalchemy.orm
-
DBSession = scoped_session(sessionmaker(extension=ZopeTransactionExtension()))
Base = declarative_base()
+DEFAULT_ADMIN_PW = 'change_this!'
def initialize_sql(engine):
DBSession.configure(bind=engine)
Base.metadata.bind = engine
Base.metadata.create_all(engine)
+ session = DBSession()
+ admin = session.query(User).get('admin')
+ if not admin:
+ admin = User('admin', DEFAULT_ADMIN_PW, True, 'Admin')
+ session.add(admin)
+ session.flush()
+ transaction.commit()
+
class RootFactory(object):
__acl__ = [ (Allow, Everyone, 'view'),
(Allow, 'group:editors', 'edit'),
@@ -28,7 +39,7 @@ def __init__(self, request):
pass
class User(Base):
- __tablename__ = 'Users'
+ __tablename__ = 'users'
uid = Column(String(10), primary_key=True)
pw_hash = Column(String(), nullable=False)
admin = Column(Boolean(), nullable=False)
@@ -49,12 +60,10 @@ def check_pw(self, passwd):
return manager.checkPassword(self.pw_hash, passwd)
def change_pw(self, new):
- """Verifies the old pw before changing it to new. Returns True if
- successful."""
- self.pw_hash = manager.encodePassword(pw)
+ self.pw_hash = manager.encodePassword(new)
class Post(Base):
- __tablename__ = 'Post'
+ __tablename__ = 'posts'
id = Column(Integer(), primary_key=True)
created = Column(DateTime(), nullable=False)
creator = Column(String(10), nullable=False)
@@ -113,7 +122,7 @@ def restore(self, user):
session.flush()
class Page(Base):
- __tablename__ = 'Page'
+ __tablename__ = 'pages'
id = Column(Integer(), primary_key=True)
name = Column(String(15), unique=True)
created = Column(DateTime(), nullable=False)
@@ -170,3 +179,16 @@ def restore(self, user):
page = Page(user, self.name, self.contents, self.created)
session.add(page)
session.flush()
+
+class File(Base):
+ __tablename__ = 'files';
+ id = Column(Integer, primary_key=True)
+ name = Column(String, nullable=False)
+ submitter = Column(String, nullable=False)
+ changed = Column(DateTime, nullable=False)
+ size = Column(Integer)
+
+ def __init__(self, name, submitter):
+ self.name = name
+ self.submitter = submitter
+ self.changed = datetime.datetime.now()
@@ -0,0 +1,12 @@
+<%include file="head.mako" />
+
+<DIV id="main">
+ <FORM method="POST" action="${request.route_url('files')}"
+ enctype="multipart/form-data">
+ <INPUT type="file" name="data">
+ <BUTTON type="submit">Submit File</BUTTON>
+ <FORM>
+
+</DIV>
+
+<%include file="foot.mako" />
@@ -1,23 +1,23 @@
<HTML>
<HEAD>
- <TITLE>${request.registry.settings['site_name'] + page.subtitle|h}</TITLE>
+ <TITLE>${request.registry.settings['site_name'] + page_subtitle|h}</TITLE>
<LINK type="text/css" rel="stylesheet"
href="${request.static_url('basic_site:static/base.css')}">
</HEAD>
<DIV id="head">
- <IMG src="files/logo.png">
+ <IMG src="${request.route_url('file',name='logo.png',rev='')}">
<DIV id="login">
- % if uid == None:
+ % if user == None:
<FORM action='' method="POST">
- Login:
<LABEL target="user">User</LABEL>
<INPUT type="text" name="user">
<LABEL target="passwd">Password</LABEL>
<INPUT type="password" name="passwd">
+ <BUTTON type="submit">Login</BUTTON>
</FORM>
% else:
- Logged in as <STRONG>${uid}</STRONG>
- (<A href="${request.application_url}/logout">logout</A>)
+ Logged in as <STRONG>${user.uid}</STRONG>
+ (<A href="${request.route_url('logout')}">logout</A>)
% endif
</DIV>
</DIV>
@@ -30,15 +30,20 @@
return ''
%>
<DIV id=pages>
- <ul>
- <LI><A href="news.cgi" ${cur_class('*Main')}>Main</A>
+ <UL>
+ <LI><A href="${request.route_url('home')}" ${cur_class('*Main')}>Main</A>
+ % if user:
+ <LI><A href="${request.route_url('users')}"
+ ${cur_class('*Users')}>Users</A>
+ <LI><A href="${request.route_url('files')}"
+ ${cur_class('*Files')}>Files</A>
+ % endif
% for page in menu_pages:
- <LI><A href="${request.route_url('page', id=page.id)}"
+ <LI><A href="${request.route_url('page', id=page.id)}">grarg</A>
% endfor
+ </UL>
</DIV>
-% if 'message' in request.params:
- <DIV class="message">${request.params['message']|h}</DIV>
-% elif message:
- <DIV class="message">${message|h}</DIV>
+% if message:
+ <DIV class="message">${message|h}</DIV>
% endif
@@ -1,12 +1,12 @@
<%include file="head.mako" />
<DIV id="main">
-% for item in news:
+% for post in posts:
<DIV class="news">
- ${item.content}
+ ${post.content}
<DIV class="news_footer">
- <SPAN class="creator">${item.creator|h}</SPAN>
- <SPAN class="created">${item.created|h}</SPAN>
+ <SPAN class="creator">${post.creator|h}</SPAN>
+ <SPAN class="created">${post.created|h}</SPAN>
</DIV>
</DIV>
% endfor
@@ -2,11 +2,10 @@
<DIV id="main">
-% if current_user.admin:
+% if user.admin:
<DIV id="add_user">
<H3>Add User:</H3>
- <FORM method="POST"
- action="${request.route_url('mod_users', action='add')}">
+ <FORM method="POST" action="${request.route_url('users')}">
<LABEL for="uid">User Name:</LABEL>
<INPUT type="text" maxlength="10" size="10" name="uid">
<LABEL for="fullname">Full Name:</LABEL>
@@ -17,46 +16,49 @@
<INPUT type="password" size="20" name="repeat">
<LABEL for="admin">Admin:</LABEL>
<INPUT type="checkbox" name="admin">
- <BUTTON type="submit">Add User</BUTTON>
+ <BUTTON type="submit" name="action" value="add">Add User</BUTTON>
</FORM>
</DIV>
%endif
<DIV id="change_pw">
<H3>Change your password:</H3>
- <FORM method="POST"
- action="${request.route_url('change_pw', c_uid=uid)}">
+ <FORM method="POST" action="${request.route_url('users')}">
<LABEL for="old">Current Password:</LABEL>
<INPUT type="password" size="20" name="old">
<LABEL for="passwd">New Password:</LABEL>
<INPUT type="password" size="20" name="new">
<LABEL for="repeat">New Password (again):</LABEL>
<INPUT type="password" size="20" name="repeat">
- <BUTTON type="submit">Change Password</BUTTON>
+ <BUTTON type="submit" name="action"
+ value="change_pw">Change Password</BUTTON>
</FORM>
</DIV>
<DIV id="users">
- <TABLE>
- <TR><TH>User<TH>Full Name<TH>Admin
- % for user in users:
- <TR><TD>${user.uid}<TD>${user.fullname}
- % if current_user.admin:
- <%
- toggle_href = request.route_url('mod_user', action='toggle_admin',
- uid=user.uid)
- delete_href = request.route_url('mod_user', action='delete',
- uid=user.uid)
- is_admin = 'Yes' if user.admin else 'No'
- %>
- <TD><A href="${toggle_href}"
- title="Toggle admin rights for this user.">${is_admin}</A>
- <TD><A href="${delete_href}" title="Delete this user">delete</A>
- % else:
- <TD>${'Yes' if user.admin else 'No'}
- % endif
- % endfor
- </TABLE>
+% if user.admin:
+ <FORM method="POST" action="${request.route_url('users')}">
+% endif
+ <TABLE>
+ <TR>${'<TH>' if user.admin else ''|n}<TH>User<TH>Full Name<TH>Admin
+ % for e_user in users:
+ <TR>
+ % if user.admin:
+ <TD><INPUT type="radio" name="e_uid" value="${e_user.uid}">
+ % endif
+ <TD>${e_user.uid}<TD>${e_user.fullname}
+ <TD>${'yes' if e_user.admin else 'no'}
+ % endfor
+ % if user.admin:
+ <TR><TD colspan=4>For selected user:
+ <BUTTON type="submit" name="action"
+ value="toggle_admin">Toggle Admin</BUTTON>
+ <BUTTON type="submit" name="action" value="delete">Delete</BUTTON>
+ % endif
+ </TABLE>
+% if user.admin:
+ </FORM>
+% endif
</DIV>
</DIV>
Oops, something went wrong.

0 comments on commit f0133dc

Please sign in to comment.