Mercurial > p > roundup > code

comparison roundup/cgi/actions.py @ 4118:878767b75e1d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix the fix for ensuring POST
author Richard Jones <richard@users.sourceforge.net>
date Sat, 21 Mar 2009 21:58:49 +0000
parents 6441ffe588f7
children e67379669e11 4ce043e9d43a
comparison
equal deleted inserted replaced
4117:4d1fa6e1fe8c 4118:878767b75e1d
103 103
104 def handle(self): 104 def handle(self):
105 """Retire the context item.""" 105 """Retire the context item."""
106 # ensure modification comes via POST 106 # ensure modification comes via POST
107 if self.client.env['REQUEST_METHOD'] != 'POST': 107 if self.client.env['REQUEST_METHOD'] != 'POST':
108 self.client.error_message.append(self._('Invalid request')) 108 raise roundup.exceptions.Reject(self._('Invalid request'))
109 109
110 # if we want to view the index template now, then unset the itemid 110 # if we want to view the index template now, then unset the itemid
111 # context info (a special-case for retire actions on the index page) 111 # context info (a special-case for retire actions on the index page)
112 itemid = self.nodeid 112 itemid = self.nodeid
113 if self.template == 'index': 113 if self.template == 'index':
282 nodes are identified by the ID 'X' (or any other non-existent ID) and 282 nodes are identified by the ID 'X' (or any other non-existent ID) and
283 removed lines are retired. 283 removed lines are retired.
284 """ 284 """
285 # ensure modification comes via POST 285 # ensure modification comes via POST
286 if self.client.env['REQUEST_METHOD'] != 'POST': 286 if self.client.env['REQUEST_METHOD'] != 'POST':
287 self.client.error_message.append(self._('Invalid request')) 287 raise roundup.exceptions.Reject(self._('Invalid request'))
288 288
289 # figure the properties list for the class 289 # figure the properties list for the class
290 cl = self.db.classes[self.classname] 290 cl = self.db.classes[self.classname]
291 props_without_id = cl.getprops(protected=0).keys() 291 props_without_id = cl.getprops(protected=0).keys()
292 292
585 See parsePropsFromForm and _editnodes for special variables. 585 See parsePropsFromForm and _editnodes for special variables.
586 586
587 """ 587 """
588 # ensure modification comes via POST 588 # ensure modification comes via POST
589 if self.client.env['REQUEST_METHOD'] != 'POST': 589 if self.client.env['REQUEST_METHOD'] != 'POST':
590 self.client.error_message.append(self._('Invalid request')) 590 raise roundup.exceptions.Reject(self._('Invalid request'))
591 591
592 user_activity = self.lastUserActivity() 592 user_activity = self.lastUserActivity()
593 if user_activity: 593 if user_activity:
594 props = self.detectCollision(user_activity, self.lastNodeActivity()) 594 props = self.detectCollision(user_activity, self.lastNodeActivity())
595 if props: 595 if props:
631 This follows the same form as the EditItemAction, with the same 631 This follows the same form as the EditItemAction, with the same
632 special form values. 632 special form values.
633 ''' 633 '''
634 # ensure modification comes via POST 634 # ensure modification comes via POST
635 if self.client.env['REQUEST_METHOD'] != 'POST': 635 if self.client.env['REQUEST_METHOD'] != 'POST':
636 self.client.error_message.append(self._('Invalid request')) 636 raise roundup.exceptions.Reject(self._('Invalid request'))
637 637
638 # parse the props from the form 638 # parse the props from the form
639 try: 639 try:
640 props, links = self.client.parsePropsFromForm(create=1) 640 props, links = self.client.parsePropsFromForm(create=1)
641 except (ValueError, KeyError), message: 641 except (ValueError, KeyError), message:
817 817
818 Return 1 on successful login. 818 Return 1 on successful login.
819 """ 819 """
820 # ensure modification comes via POST 820 # ensure modification comes via POST
821 if self.client.env['REQUEST_METHOD'] != 'POST': 821 if self.client.env['REQUEST_METHOD'] != 'POST':
822 self.client.error_message.append(self._('Invalid request')) 822 raise roundup.exceptions.Reject(self._('Invalid request'))
823 823
824 # parse the props from the form 824 # parse the props from the form
825 try: 825 try:
826 props, links = self.client.parsePropsFromForm(create=1) 826 props, links = self.client.parsePropsFromForm(create=1)
827 except (ValueError, KeyError), message: 827 except (ValueError, KeyError), message:
935 Sets up a session for the user which contains the login credentials. 935 Sets up a session for the user which contains the login credentials.
936 936
937 """ 937 """
938 # ensure modification comes via POST 938 # ensure modification comes via POST
939 if self.client.env['REQUEST_METHOD'] != 'POST': 939 if self.client.env['REQUEST_METHOD'] != 'POST':
940 self.client.error_message.append(self._('Invalid request')) 940 raise roundup.exceptions.Reject(self._('Invalid request'))
941 941
942 # we need the username at a minimum 942 # we need the username at a minimum
943 if not self.form.has_key('__login_name'): 943 if not self.form.has_key('__login_name'):
944 self.client.error_message.append(self._('Username required')) 944 self.client.error_message.append(self._('Username required'))
945 return 945 return
1084 return self.handle(args) 1084 return self.handle(args)
1085 1085
1086 def permission(self, args): 1086 def permission(self, args):
1087 """Raise Unauthorised if the current user is not allowed to execute 1087 """Raise Unauthorised if the current user is not allowed to execute
1088 this action. Users may override this method.""" 1088 this action. Users may override this method."""
1089 1089
1090 pass 1090 pass
1091 1091
1092 def handle(self, args): 1092 def handle(self, args):
1093 1093
1094 raise NotImplementedError 1094 raise NotImplementedError
1095 1095
1096 # vim: set filetype=python sts=4 sw=4 et si : 1096 # vim: set filetype=python sts=4 sw=4 et si :
Roundup Issue Tracker: http://roundup-tracker.org/