#!/usr/bin/python
import datetime
+import dateutil
import email.utils
import tornado.web
class FeedHandler(base.BaseHandler):
def get(self):
- posts = self.backend.blog.get_newest(limit=50)
+ posts = self.backend.blog.get_newest(limit=10)
# Render the feed
feed = self.render_string("blog/feed.xml", posts=posts,
class PublishHandler(auth.CacheMixin, base.BaseHandler):
+ @tornado.web.authenticated
+ def get(self, slug):
+ post = self.backend.blog.get_by_slug(slug, published=False)
+ if not post:
+ raise tornado.web.HTTPError(404)
+
+ # Check if current_user is allowed to edit the post
+ if not post.is_editable(self.current_user):
+ raise tornado.web.HTTPError(403)
+
+ # Is the post already published?
+ if post.is_published():
+ raise tornado.web.HTTPError(400, "Post is already published")
+
+ self.render("blog/publish.html", post=post)
+
@tornado.web.authenticated
def post(self, slug):
- post = self.backend.blog.get_by_slug(slug, published=not self.current_user)
+ post = self.backend.blog.get_by_slug(slug, published=False)
if not post:
raise tornado.web.HTTPError(404)
+ # Check if current_user is allowed to edit the post
+ if not post.is_editable(self.current_user):
+ raise tornado.web.HTTPError(403)
+
# Is the post already published?
if post.is_published():
raise tornado.web.HTTPError(400, "Post is already published")
- # XXX Check that we are only publishing our own posts
+ when = self.get_argument("when", None)
+ if when:
+ when = dateutil.parser.parse(when)
# Publish the post
with self.db.transaction():
- post.publish()
+ post.publish(when)
self.redirect("/post/%s" % post.slug)
def post(self):
title = self.get_argument("title")
text = self.get_argument("text")
- tags = self.get_argument("tags", None)
+ tags = self.get_argument("tags", "").split(" ")
with self.db.transaction():
post = self.backend.blog.create_post(title, text,
post.update(
title = self.get_argument("title"),
text = self.get_argument("text"),
- tags = self.get_argument("tags").split(),
+ tags = self.get_argument("tags", "").split(" "),
)
# Return to blog if the post is already published
self.redirect("/drafts")
+class DeleteHandler(auth.CacheMixin, base.BaseHandler):
+ @tornado.web.authenticated
+ def get(self, slug):
+ post = self.backend.blog.get_by_slug(slug, published=False)
+ if not post:
+ raise tornado.web.HTTPError(404)
+
+ # Check if post is editable
+ if not post.is_editable(self.current_user):
+ raise tornado.web.HTTPError(403, "%s cannot edit %s" % (self.current_user, post))
+
+ self.render("blog/delete.html", post=post)
+
+ @tornado.web.authenticated
+ def post(self, slug):
+ post = self.backend.blog.get_by_slug(slug, published=False)
+ if not post:
+ raise tornado.web.HTTPError(404)
+
+ # Check if post is editable
+ if not post.is_editable(self.current_user):
+ raise tornado.web.HTTPError(403, "%s cannot edit %s" % (self.current_user, post))
+
+ with self.db.transaction():
+ post.delete()
+
+ # Return to drafts
+ self.redirect("/drafts")
+
+
class HistoryNavigationModule(ui_modules.UIModule):
def render(self):
return self.render_string("blog/modules/history-navigation.html",
projects / ipfire.org.git / blobdiff