Mercurial > kallithea
diff pylons_app/controllers/admin.py @ 191:b68b2246e5a6
Authenticated controller with LoginRequired decorator, and cleaned __before__ (used in baseController now). fixed User for clone url with logged in session user.
Removed login form from admin.
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Sat, 22 May 2010 01:47:07 +0200 |
parents | 52bbeb1e813f |
children | c8162373f214 |
line wrap: on
line diff
--- a/pylons_app/controllers/admin.py Sat May 22 01:43:42 2010 +0200 +++ b/pylons_app/controllers/admin.py Sat May 22 01:47:07 2010 +0200 @@ -4,70 +4,36 @@ from pylons import request, response, session, tmpl_context as c, url, app_globals as g from pylons.controllers.util import abort, redirect from pylons_app.lib.base import BaseController, render -from pylons_app.lib import auth -from pylons_app.model.forms import LoginForm -import formencode -import formencode.htmlfill as htmlfill from pylons_app.model import meta -from pylons_app.model.db import Users, UserLogs +from pylons_app.model.db import UserLogs from webhelpers.paginate import Page from pylons_app.lib.utils import check_repo, invalidate_cache +from pylons_app.lib.auth import LoginRequired log = logging.getLogger(__name__) class AdminController(BaseController): - + + @LoginRequired() def __before__(self): - c.admin_user = session.get('admin_user', False) - c.admin_username = session.get('admin_username') + user = session['hg_app_user'] + c.admin_user = user.is_admin + c.admin_username = user.username + super(AdminController, self).__before__() def index(self): - # Return a rendered template - if request.POST: - #import Login Form validator class - login_form = LoginForm() - - try: - c.form_result = login_form.to_python(dict(request.params)) - if auth.admin_auth(c.form_result['username'], c.form_result['password']): - session['admin_user'] = True - session['admin_username'] = c.form_result['username'] - session.save() - return redirect(url('admin_home')) - else: - raise formencode.Invalid('Login Error', None, None, - error_dict={'username':'invalid login', - 'password':'invalid password'}) - - except formencode.Invalid, error: - c.form_result = error.value - c.form_errors = error.error_dict or {} - html = render('admin/admin.html') - - return htmlfill.render( - html, - defaults=c.form_result, - encoding="UTF-8" - ) - if c.admin_user: - sa = meta.Session - - users_log = sa.query(UserLogs)\ - .order_by(UserLogs.action_date.desc()) - p = int(request.params.get('page', 1)) - c.users_log = Page(users_log, page=p, items_per_page=10) - c.log_data = render('admin/admin_log.html') - if request.params.get('partial'): - return c.log_data + sa = meta.Session + + users_log = sa.query(UserLogs)\ + .order_by(UserLogs.action_date.desc()) + p = int(request.params.get('page', 1)) + c.users_log = Page(users_log, page=p, items_per_page=10) + c.log_data = render('admin/admin_log.html') + if request.params.get('partial'): + return c.log_data return render('admin/admin.html') - def hgrc(self, dirname): - filename = os.path.join(dirname, '.hg', 'hgrc') - return filename - def add_repo(self, new_repo): - - #extra check it can be add since it's the command if new_repo == '_admin': c.msg = 'DENIED'