X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=roundup%2Fcgi_client.py;h=c978b3d94fcd147abdbb582819b0b793b9fba0d7;hb=73bf8694bae43f859622944a706dc4dd441eae44;hp=3f7b4ccc7c0592fd127be12fc644241e50b938f7;hpb=e6b2d01532dae54f8e832a63f4c92a12caa5a344;p=roundup.git
diff --git a/roundup/cgi_client.py b/roundup/cgi_client.py
index 3f7b4cc..c978b3d 100644
--- a/roundup/cgi_client.py
+++ b/roundup/cgi_client.py
@@ -15,7 +15,7 @@
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: cgi_client.py,v 1.37 2001-10-21 07:26:35 richard Exp $
+# $Id: cgi_client.py,v 1.40 2001-10-23 23:06:39 richard Exp $
import os, cgi, pprint, StringIO, urlparse, re, traceback, mimetypes
import base64, Cookie, time
@@ -39,7 +39,18 @@ class Client:
'anonymous' user exists, the user is logged in using that user (though
there is no cookie). This allows them to modify the database, and all
modifications are attributed to the 'anonymous' user.
+
+
+ Customisation
+ -------------
+ FILTER_POSITION - one of 'top', 'bottom', 'top and bottom'
+ ANONYMOUS_ACCESS - one of 'deny', 'allow'
+ ANONYMOUS_REGISTER - one of 'deny', 'allow'
+
'''
+ FILTER_POSITION = 'bottom' # one of 'top', 'bottom', 'top and bottom'
+ ANONYMOUS_ACCESS = 'deny' # one of 'deny', 'allow'
+ ANONYMOUS_REGISTER = 'deny' # one of 'deny', 'allow'
def __init__(self, instance, out, env):
self.instance = instance
@@ -229,8 +240,8 @@ class Client:
if show_customization is None:
show_customization = self.customization_widget()
- htmltemplate.index(self, self.TEMPLATES, self.db, cn, filterspec,
- filter, columns, sort, group,
+ index = htmltemplate.IndexTemplate(self, self.TEMPLATES, cn)
+ index.render(filterspec, filter, columns, sort, group,
show_customization=show_customization)
self.pagefoot()
@@ -265,7 +276,9 @@ class Client:
nodeid = self.nodeid
# use the template to display the item
- htmltemplate.item(self, self.TEMPLATES, self.db, self.classname, nodeid)
+ item = htmltemplate.ItemTemplate(self, self.TEMPLATES, self.classname)
+ item.render(nodeid)
+
self.pagefoot()
showissue = shownode
showmsg = shownode
@@ -422,8 +435,12 @@ class Client:
traceback.print_exc(None, s)
message = '
-
+''')
+ if self.user is None and not self.ANONYMOUS_REGISTER == 'deny':
+ self.write('
New User Registration
marked items are optional...
@@ -526,6 +548,7 @@ class Client:
password = self.form['__login_password'].value
else:
password = ''
+ print self.user, password
# make sure the user exists
try:
uid = self.db.user.lookup(self.user)
@@ -570,6 +593,10 @@ class Client:
''' create a new user based on the contents of the form and then
set the cookie
'''
+ # re-open the database as "admin"
+ self.db.close()
+ self.db = self.instance.open('admin')
+
# TODO: pre-check the required fields and username key property
cl = self.db.classes['user']
props, dummy = parsePropsFromForm(self.db, cl, self.form)
@@ -617,7 +644,7 @@ class Client:
# now figure which function to call
path = self.split_path
if not path or path[0] in ('', 'index'):
- self.index()
+ return self.index()
elif not path:
raise 'ValueError', 'Path not understood'
@@ -628,21 +655,26 @@ class Client:
# appends the name of the file to the URL so the download file name
# is correct, but doesn't actually use it.
action = path[0]
- if action == 'list_classes':
- self.classes()
- return
- if action == 'login':
- self.login()
- return
if action == 'login_action':
- self.login_action()
- return
+ return self.login_action()
+
+ # make sure anonymous are allowed to register
+ if self.ANONYMOUS_REGISTER == 'deny' and self.user is None:
+ return self.login()
+
if action == 'newuser_action':
- self.newuser_action()
- return
+ return self.newuser_action()
+
+ # make sure totally anonymous access is OK
+ if self.ANONYMOUS_ACCESS == 'deny' and self.user is None:
+ return self.login()
+
+ if action == 'list_classes':
+ return self.classes()
+ if action == 'login':
+ return self.login()
if action == 'logout':
- self.logout()
- return
+ return self.logout()
m = dre.match(action)
if m:
self.classname = m.group(1)
@@ -659,8 +691,7 @@ class Client:
func = getattr(self, 'show%s'%self.classname)
except AttributeError:
raise NotFound
- func()
- return
+ return func()
m = nre.match(action)
if m:
self.classname = m.group(1)
@@ -668,8 +699,7 @@ class Client:
func = getattr(self, 'new%s'%self.classname)
except AttributeError:
raise NotFound
- func()
- return
+ return func()
self.classname = action
try:
self.db.getclass(self.classname)
@@ -815,6 +845,24 @@ def parsePropsFromForm(db, cl, form, nodeid=0):
#
# $Log: not supported by cvs2svn $
+# Revision 1.39 2001/10/23 01:00:18 richard
+# Re-enabled login and registration access after lopping them off via
+# disabling access for anonymous users.
+# Major re-org of the htmltemplate code, cleaning it up significantly. Fixed
+# a couple of bugs while I was there. Probably introduced a couple, but
+# things seem to work OK at the moment.
+#
+# Revision 1.38 2001/10/22 03:25:01 richard
+# Added configuration for:
+# . anonymous user access and registration (deny/allow)
+# . filter "widget" location on index page (top, bottom, both)
+# Updated some documentation.
+#
+# Revision 1.37 2001/10/21 07:26:35 richard
+# feature #473127: Filenames. I modified the file.index and htmltemplate
+# source so that the filename is used in the link and the creation
+# information is displayed.
+#
# Revision 1.36 2001/10/21 04:44:50 richard
# bug #473124: UI inconsistency with Link fields.
# This also prompted me to fix a fairly long-standing usability issue -