244 lines
7.5 KiB
Python
244 lines
7.5 KiB
Python
from pyramid.view import (
|
|
forbidden_view_config,
|
|
view_config,
|
|
)
|
|
|
|
from pyramid.httpexceptions import HTTPFound
|
|
from pyramid.security import remember, forget
|
|
from pyramid_mailer.message import Message
|
|
|
|
from ..services.user import UserService
|
|
from ..services.blog_record import BlogRecordService
|
|
from ..forms import UserCreateForm, TopicForm
|
|
from ..models.user import User
|
|
from ..models.blog_record import Topics
|
|
|
|
|
|
@view_config(route_name='home',
|
|
renderer='cao_blogr:templates/home.jinja2')
|
|
def home(request):
|
|
# images list for the carousel
|
|
dir = request.static_url('cao_blogr:static/carousel')
|
|
car_images = [dir + '/S01.jpg',
|
|
dir + '/S02.jpg',
|
|
dir + '/S03.jpg',
|
|
dir + '/S06.jpg',
|
|
dir + '/S09.jpg',
|
|
dir + '/S12.jpg',
|
|
dir + '/S15.jpg',
|
|
dir + '/S18.jpg',
|
|
dir + '/S21.jpg',
|
|
dir + '/S25.jpg']
|
|
|
|
# get the 5 last modified posts
|
|
last_five = BlogRecordService.get_last_five(request)
|
|
name = ''
|
|
email = ''
|
|
comments = ''
|
|
ngot = ''
|
|
|
|
if 'form.submitted' in request.params :
|
|
name = request.params['name']
|
|
email = request.params['email']
|
|
comments = request.params['comments']
|
|
ngot = request.params['ngot']
|
|
|
|
# honeypot filled ?
|
|
if not ngot:
|
|
# no, message is not spam, send it
|
|
body = """
|
|
Bonjour,
|
|
|
|
L' expéditeur : {0} ( {1} )
|
|
a envoyé le message suivant via le formulaire de Contact du site :
|
|
|
|
----- Début du message -----
|
|
{2}
|
|
----- Fin du message -----
|
|
|
|
Le site "meditation-sunyata.paris"
|
|
|
|
""".format(name, email, comments)
|
|
|
|
message = Message(subject="[MSParis] Message de contact",
|
|
sender=request.registry.settings['cao_blogr.admin_email'],
|
|
body=body)
|
|
message.add_recipient('phuoc@caotek.fr')
|
|
mailer = request.registry['mailer']
|
|
mailer.send_immediately(message)
|
|
request.session.flash("Votre message a bien été envoyé au webmestre. Merci de votre intérêt pour notre site", "success")
|
|
|
|
return {
|
|
'page_title': "",
|
|
'last_five': last_five,
|
|
'car_images': car_images,
|
|
'name': name,
|
|
'email': email,
|
|
'comments': comments,
|
|
}
|
|
|
|
|
|
@view_config(route_name='settings', renderer='cao_blogr:templates/settings.jinja2', permission='manage')
|
|
def settings(request):
|
|
|
|
# lire toutes les docs du topic
|
|
topic = 'ADM'
|
|
items = BlogRecordService.by_topic(request, topic, '')
|
|
|
|
return {
|
|
'page_title': "Paramètres",
|
|
'topic': topic,
|
|
'items': items,
|
|
}
|
|
|
|
|
|
@view_config(route_name='apropos',
|
|
renderer='cao_blogr:templates/apropos.jinja2')
|
|
def apropos(request):
|
|
|
|
return {
|
|
'page_title': "A propos",
|
|
}
|
|
|
|
|
|
@view_config(route_name='login',
|
|
renderer='cao_blogr:templates/login.jinja2')
|
|
@forbidden_view_config(renderer='cao_blogr:templates/login.jinja2')
|
|
def login(request):
|
|
username = request.POST.get('username')
|
|
|
|
if username:
|
|
user = UserService.by_name(request, username)
|
|
if user and user.verify_password(request.POST.get('password')):
|
|
headers = remember(request, user.name)
|
|
request.session.flash("Bonjour %s, Bienvenue sur le site !" % username, 'success')
|
|
return HTTPFound(location=request.route_url('home'), headers=headers)
|
|
else:
|
|
headers = forget(request)
|
|
request.session.flash("Login et mot de passe invalides. La connexion a échoué.", "danger")
|
|
|
|
return {
|
|
'page_title': "",
|
|
}
|
|
|
|
|
|
@view_config(route_name='logout', renderer='string')
|
|
def logout(request):
|
|
headers = forget(request)
|
|
request.session.flash('Vous avez bien été déconnecté.', 'success')
|
|
return HTTPFound(location=request.route_url('home'), headers=headers)
|
|
|
|
|
|
@view_config(route_name='users',
|
|
renderer='cao_blogr:templates/users.jinja2', permission='manage')
|
|
def users(request):
|
|
# get all users
|
|
users = UserService.all(request)
|
|
return {
|
|
'page_title': "Liste des utilisateurs",
|
|
'users': users
|
|
}
|
|
|
|
|
|
@view_config(route_name='user_add',
|
|
renderer='cao_blogr:templates/user_add.jinja2', permission='manage')
|
|
def user_add(request):
|
|
name = request.matchdict['name']
|
|
|
|
# nouveau
|
|
form = UserCreateForm(request.POST)
|
|
|
|
if 'form.submitted' in request.params and form.validate():
|
|
# créer nouveau
|
|
new_user = User(name=form.username.data)
|
|
new_user.set_password(form.password.data.encode('utf8'))
|
|
request.dbsession.add(new_user)
|
|
return HTTPFound(location=request.route_url('users'))
|
|
|
|
return {
|
|
'page_title': 'Nouvel utilisateur',
|
|
'form': form,
|
|
'name': name,
|
|
}
|
|
|
|
|
|
@view_config(route_name='user_pwd',
|
|
renderer='cao_blogr:templates/user_pwd.jinja2', permission='manage')
|
|
def user_pwd(request):
|
|
# reset password or delete user
|
|
name = request.matchdict['name']
|
|
|
|
# lire la fiche du membre
|
|
entry = UserService.by_name(request, name)
|
|
if not entry:
|
|
request.session.flash(u"Utilisateur non trouvé : %s" % name, 'warning')
|
|
return HTTPFound(location=request.route_url('users'))
|
|
|
|
if 'form.submitted' in request.params:
|
|
mdp = request.params["new_password"]
|
|
entry.set_password(mdp.encode('utf8'))
|
|
return HTTPFound(location=request.route_url('users'))
|
|
|
|
if 'form.deleted' in request.params:
|
|
UserService.delete(request, entry.id)
|
|
request.session.flash("La fiche a été supprimée avec succès.", 'success')
|
|
return HTTPFound(location=request.route_url('users'))
|
|
|
|
|
|
return {
|
|
'page_title': "Utilisateur : %s" %(entry.name),
|
|
'entry': entry,
|
|
}
|
|
|
|
@view_config(route_name='topics',
|
|
renderer='cao_blogr:templates/topics.jinja2', permission='manage')
|
|
def topics(request):
|
|
# get all topics
|
|
topics = BlogRecordService.get_topics(request)
|
|
return {
|
|
'page_title': "Liste des topics",
|
|
'topics': topics
|
|
}
|
|
|
|
@view_config(route_name='topic_edit',
|
|
renderer='cao_blogr:templates/topic_edit.jinja2', permission='manage')
|
|
def topic_edit(request):
|
|
# get topic parameters from request
|
|
topic = request.matchdict['topic']
|
|
url = request.route_url('topic_edit',topic=topic)
|
|
|
|
# get the list of tags of this topic
|
|
tags = BlogRecordService.get_tags_byTopic(request, topic)
|
|
|
|
if topic == '0':
|
|
# create a new topic
|
|
entry = Topics()
|
|
form = TopicForm(request.POST, entry)
|
|
page_title = "Nouvelle rubrique"
|
|
|
|
else:
|
|
# modify post
|
|
entry = BlogRecordService.get_topic_byTopic(request, topic)
|
|
if not entry:
|
|
request.session.flash(u"Topic non trouvé : %s" % topic, 'warning')
|
|
return HTTPFound(location=request.route_url('topics'))
|
|
form = TopicForm(request.POST, entry)
|
|
page_title = entry.topic_name
|
|
|
|
if 'form.submitted' in request.params and form.validate():
|
|
if topic == '0':
|
|
form.populate_obj(entry)
|
|
request.dbsession.add(entry)
|
|
|
|
return HTTPFound(location=request.route_url('topic', topic=topic))
|
|
else:
|
|
del form.topic # SECURITY: prevent overwriting of primary key
|
|
form.populate_obj(entry)
|
|
return HTTPFound(location=request.route_url('topics'))
|
|
|
|
return {
|
|
'page_title': page_title,
|
|
'url': url,
|
|
'form': form,
|
|
}
|