kallithea Changeset - 61be6dcd49a0

Changeset - 61be6dcd49a0

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Marcin Kuzminski - 15 years ago 2010-06-28 23:28:31
marcin@python-works.com

protected admin controllers

3 files changed with 28 insertions and 15 deletions:

pylons_app/controllers/admin.py

pylons_app/controllers/permissions.py

pylons_app/controllers/users.py

0 comments (0 inline, 0 general)

pylons_app/controllers/admin.py

➞

Show inline comments

@@ @@ -25,25 +25,23 @@ admin controller for pylons @@
 import logging
 from pylons import request, response, session, tmpl_context as c
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model import meta
 from pylons_app.model.db import UserLog
 from webhelpers.paginate import Page
 from pylons_app.lib.auth import LoginRequired
+from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
 log = logging.getLogger(__name__)
 class AdminController(BaseController):
     @LoginRequired()
     def __before__(self):
         user = session['hg_app_user']
         c.admin_user = user.is_admin
         c.admin_username = user.username
         super(AdminController, self).__before__()
     @HasPermissionAllDecorator('hg.admin')
     def index(self):
         sa = meta.Session
         users_log = sa.query(UserLog).order_by(UserLog.action_date.desc())
         p = int(request.params.get('page', 1))
         c.users_log = Page(users_log, page=p, items_per_page=10)

pylons_app/controllers/permissions.py

➞

Show inline comments

@@ @@ -19,27 +19,40 @@ @@
 # MA  02110-1301, USA.
 """
 Created on April 27, 2010
 permissions controller for pylons
 @author: marcink
 """
 from formencode import htmlfill
 from pylons import request, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from pylons_app.lib import helpers as h
 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model.db import User, UserLog
 from pylons_app.model.forms import UserForm
 from pylons_app.model.user_model import UserModel
 import formencode
 import logging
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons_app.lib.base import BaseController, render
 log = logging.getLogger(__name__)
 class PermissionsController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('permission', 'permissions')
     @LoginRequired()
     @HasPermissionAllDecorator('hg.admin')
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(PermissionsController, self).__before__()
     def index(self, format='html'):
         """GET /permissions: All items in the collection"""
         # url('permissions')
         return render('admin/permissions/permissions.html')
     def create(self):

pylons_app/controllers/users.py

➞

Show inline comments

@@ @@ -19,33 +19,35 @@ @@
 # MA  02110-1301, USA.
 """
 Created on April 4, 2010
 users controller for pylons
 @author: marcink
 """
-import logging
+from formencode import htmlfill
 from pylons import request, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from pylons_app.lib import helpers as h
 from pylons_app.lib.auth import LoginRequired
+from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model.db import User, UserLog
 from pylons_app.model.forms import UserForm
 from pylons_app.model.user_model import UserModel
 import formencode
-from formencode import htmlfill
+import logging
 log = logging.getLogger(__name__)
 class UsersController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('user', 'users')
     @LoginRequired()
     @HasPermissionAllDecorator('hg.admin')
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(UsersController, self).__before__()
@@ @@ -107,13 +109,13 @@ class UsersController(BaseController): @@
                 encoding="UTF-8")
         except Exception:
             h.flash(_('error occured during update of user %s') \
                     % form_result['username'], category='error')
         return redirect(url('users'))
     def delete(self, id):
         """DELETE /users/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('user', id=ID),

0 comments (0 inline, 0 general)