![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/roundup/cgi_client.py b/roundup/cgi_client.py
index 3f7b4ccc7c0592fd127be12fc644241e50b938f7..c978b3d94fcd147abdbb582819b0b793b9fba0d7 100644 (file)
--- a/roundup/cgi_client.py
+++ b/roundup/cgi_client.py
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: cgi_client.py,v 1.37 2001-10-21 07:26:35 richard Exp $
+# $Id: cgi_client.py,v 1.40 2001-10-23 23:06:39 richard Exp $
import os, cgi, pprint, StringIO, urlparse, re, traceback, mimetypes
import base64, Cookie, time
'anonymous' user exists, the user is logged in using that user (though
there is no cookie). This allows them to modify the database, and all
modifications are attributed to the 'anonymous' user.
+
+
+ Customisation
+ -------------
+ FILTER_POSITION - one of 'top', 'bottom', 'top and bottom'
+ ANONYMOUS_ACCESS - one of 'deny', 'allow'
+ ANONYMOUS_REGISTER - one of 'deny', 'allow'
+
'''
+ FILTER_POSITION = 'bottom' # one of 'top', 'bottom', 'top and bottom'
+ ANONYMOUS_ACCESS = 'deny' # one of 'deny', 'allow'
+ ANONYMOUS_REGISTER = 'deny' # one of 'deny', 'allow'
def __init__(self, instance, out, env):
self.instance = instance
if show_customization is None:
show_customization = self.customization_widget()
- htmltemplate.index(self, self.TEMPLATES, self.db, cn, filterspec,
- filter, columns, sort, group,
+ index = htmltemplate.IndexTemplate(self, self.TEMPLATES, cn)
+ index.render(filterspec, filter, columns, sort, group,
show_customization=show_customization)
self.pagefoot()
nodeid = self.nodeid
# use the template to display the item
- htmltemplate.item(self, self.TEMPLATES, self.db, self.classname, nodeid)
+ item = htmltemplate.ItemTemplate(self, self.TEMPLATES, self.classname)
+ item.render(nodeid)
+
self.pagefoot()
showissue = shownode
showmsg = shownode
traceback.print_exc(None, s)
message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
self.pagehead('New %s'%self.classname.capitalize(), message)
- htmltemplate.newitem(self, self.TEMPLATES, self.db, self.classname,
- self.form)
+
+ # call the template
+ newitem = htmltemplate.NewItemTemplate(self, self.TEMPLATES,
+ self.classname)
+ newitem.render(self.form)
+
self.pagefoot()
newissue = newnode
newuser = newnode
message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
self.pagehead('New %s'%self.classname.capitalize(), message)
- htmltemplate.newitem(self, self.TEMPLATES, self.db, self.classname,
- self.form)
+ newitem = htmltemplate.NewItemTemplate(self, self.TEMPLATES,
+ self.classname)
+ newitem.render(self.form)
self.pagefoot()
def classes(self, message=None):
<tr><td></td>
<td><input type="submit" value="Log In"></td></tr>
</form>
-
+''')
+ if self.user is None and not self.ANONYMOUS_REGISTER == 'deny':
+ self.write('</table')
+ return
+ self.write('''
<p>
<tr><td colspan=2 class="strong-header">New User Registration</td></tr>
<tr><td colspan=2><em>marked items</em> are optional...</td></tr>
password = self.form['__login_password'].value
else:
password = ''
+ print self.user, password
# make sure the user exists
try:
uid = self.db.user.lookup(self.user)
''' create a new user based on the contents of the form and then
set the cookie
'''
+ # re-open the database as "admin"
+ self.db.close()
+ self.db = self.instance.open('admin')
+
# TODO: pre-check the required fields and username key property
cl = self.db.classes['user']
props, dummy = parsePropsFromForm(self.db, cl, self.form)
# now figure which function to call
path = self.split_path
if not path or path[0] in ('', 'index'):
- self.index()
+ return self.index()
elif not path:
raise 'ValueError', 'Path not understood'
# appends the name of the file to the URL so the download file name
# is correct, but doesn't actually use it.
action = path[0]
- if action == 'list_classes':
- self.classes()
- return
- if action == 'login':
- self.login()
- return
if action == 'login_action':
- self.login_action()
- return
+ return self.login_action()
+
+ # make sure anonymous are allowed to register
+ if self.ANONYMOUS_REGISTER == 'deny' and self.user is None:
+ return self.login()
+
if action == 'newuser_action':
- self.newuser_action()
- return
+ return self.newuser_action()
+
+ # make sure totally anonymous access is OK
+ if self.ANONYMOUS_ACCESS == 'deny' and self.user is None:
+ return self.login()
+
+ if action == 'list_classes':
+ return self.classes()
+ if action == 'login':
+ return self.login()
if action == 'logout':
- self.logout()
- return
+ return self.logout()
m = dre.match(action)
if m:
self.classname = m.group(1)
func = getattr(self, 'show%s'%self.classname)
except AttributeError:
raise NotFound
- func()
- return
+ return func()
m = nre.match(action)
if m:
self.classname = m.group(1)
func = getattr(self, 'new%s'%self.classname)
except AttributeError:
raise NotFound
- func()
- return
+ return func()
self.classname = action
try:
self.db.getclass(self.classname)
#
# $Log: not supported by cvs2svn $
+# Revision 1.39 2001/10/23 01:00:18 richard
+# Re-enabled login and registration access after lopping them off via
+# disabling access for anonymous users.
+# Major re-org of the htmltemplate code, cleaning it up significantly. Fixed
+# a couple of bugs while I was there. Probably introduced a couple, but
+# things seem to work OK at the moment.
+#
+# Revision 1.38 2001/10/22 03:25:01 richard
+# Added configuration for:
+# . anonymous user access and registration (deny/allow)
+# . filter "widget" location on index page (top, bottom, both)
+# Updated some documentation.
+#
+# Revision 1.37 2001/10/21 07:26:35 richard
+# feature #473127: Filenames. I modified the file.index and htmltemplate
+# source so that the filename is used in the link and the creation
+# information is displayed.
+#
# Revision 1.36 2001/10/21 04:44:50 richard
# bug #473124: UI inconsistency with Link fields.
# This also prompted me to fix a fairly long-standing usability issue -