# HG changeset patch # User Marcin Kuzminski # Date 1275173085 -7200 # Node ID fcab58c43ea10e8c53a5e52c73503c0b2e1e12a7 # Parent a0116e944da1be8182c2b2548c2e189095f6a315 Fixed access to repos and users. diff -r a0116e944da1 -r fcab58c43ea1 pylons_app/controllers/admin.py --- a/pylons_app/controllers/admin.py Thu May 27 21:31:30 2010 +0200 +++ b/pylons_app/controllers/admin.py Sun May 30 00:44:45 2010 +0200 @@ -1,6 +1,4 @@ import logging -import os - from pylons import request, response, session, tmpl_context as c, url, app_globals as g from pylons.controllers.util import abort, redirect from pylons_app.lib.base import BaseController, render diff -r a0116e944da1 -r fcab58c43ea1 pylons_app/controllers/repos.py --- a/pylons_app/controllers/repos.py Thu May 27 21:31:30 2010 +0200 +++ b/pylons_app/controllers/repos.py Sun May 30 00:44:45 2010 +0200 @@ -1,12 +1,13 @@ from pylons import request, response, session, tmpl_context as c, url, \ app_globals as g from pylons.controllers.util import abort, redirect +from pylons_app.lib.auth import LoginRequired from pylons_app.lib.base import BaseController, render +from pylons_app.lib.filters import clean_repo from pylons_app.lib.utils import check_repo, invalidate_cache import logging import os import shutil -from pylons_app.lib.filters import clean_repo log = logging.getLogger(__name__) class ReposController(BaseController): @@ -14,7 +15,7 @@ # To properly map this controller, ensure your config/routing.py # file has a resource setup: # map.resource('repo', 'repos') - + @LoginRequired() def __before__(self): c.admin_user = session.get('admin_user') c.admin_username = session.get('admin_username') diff -r a0116e944da1 -r fcab58c43ea1 pylons_app/controllers/users.py --- a/pylons_app/controllers/users.py Thu May 27 21:31:30 2010 +0200 +++ b/pylons_app/controllers/users.py Sun May 30 00:44:45 2010 +0200 @@ -1,12 +1,16 @@ +from formencode import htmlfill +from pylons import request, response, session, tmpl_context as c, url, \ + app_globals as g +from pylons.controllers.util import abort, redirect +from pylons_app.lib.auth import LoginRequired +from pylons_app.lib.base import BaseController, render +from pylons_app.model.db import User, UserLog +from pylons_app.model.forms import UserForm +from pylons_app.model.user_model import UserModel +import formencode import logging -from pylons import request, response, session, tmpl_context as c, url, app_globals as g -from pylons.controllers.util import abort, redirect -from pylons_app.lib.base import BaseController, render -from formencode import htmlfill -from pylons_app.model.db import User, UserLog -import crypt log = logging.getLogger(__name__) @@ -15,7 +19,7 @@ # To properly map this controller, ensure your config/routing.py # file has a resource setup: # map.resource('user', 'users') - + @LoginRequired() def __before__(self): c.admin_user = session.get('admin_user') c.admin_username = session.get('admin_username') @@ -31,21 +35,20 @@ def create(self): """POST /users: Create a new item""" # url('users') - params = dict(request.params) - + + user_model = UserModel() + login_form = UserForm() try: - new_user = User() - new_user.active = params.get('active', False) - new_user.username = params.get('username') - new_user.password = crypt.crypt(params.get('password'), '6a') - new_user.admin = False - self.sa.add(new_user) - self.sa.commit() - except: - self.sa.rollback() - raise - - return redirect(url('users')) + form_result = login_form.to_python(dict(request.POST)) + user_model.create(form_result) + return redirect(url('users')) + + except formencode.Invalid as errors: + c.form_errors = errors.error_dict + return htmlfill.render( + render('admin/users/user_add.html'), + defaults=errors.value, + encoding="UTF-8") def new(self, format='html'): """GET /users/new: Form to create a new item""" @@ -60,21 +63,21 @@ # h.form(url('user', id=ID), # method='put') # url('user', id=ID) - params = dict(request.params) - + user_model = UserModel() + login_form = UserForm() try: - new_user = self.sa.query(User).get(id) - new_user.active = params.get('active', False) - new_user.username = params.get('username') - if params.get('new_password'): - new_user.password = crypt.crypt(params.get('new_password'), '6a') - self.sa.add(new_user) - self.sa.commit() - except: - self.sa.rollback() - raise - - return redirect(url('users')) + form_result = login_form.to_python(dict(request.POST)) + user_model.update(id, form_result) + return redirect(url('users')) + + except formencode.Invalid as errors: + errors.value + c.user = user_model.get_user(id) + c.form_errors = errors.error_dict + return htmlfill.render( + render('admin/users/user_edit.html'), + defaults=errors.value, + encoding="UTF-8") def delete(self, id): """DELETE /users/id: Delete an existing item"""