import logging
from pylons import request, response, session, tmpl_context as c, url, app_globals as g
from pylons.controllers.util import abort, redirect
from pylons_app.lib.base import BaseController, render
from formencode import htmlfill
from pylons_app.model import meta
from pylons_app.model.db import Users, UserLogs
from pylons_app.lib.auth import authenticate
import crypt
log = logging.getLogger(__name__)
class UsersController(BaseController):
"""REST Controller styled on the Atom Publishing Protocol"""
# To properly map this controller, ensure your config/routing.py
# file has a resource setup:
# map.resource('user', 'users')
@authenticate
def __before__(self):
c.staticurl = g.statics
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
self.sa = meta.Session
def index(self, format='html'):
"""GET /users: All items in the collection"""
# url('users')
c.users_list = self.sa.query(Users).all()
return render('/users.html')
def create(self):
"""POST /users: Create a new item"""
# url('users')
params = dict(request.params)
try:
new_user = Users()
new_user.active = params.get('active', False)
new_user.username = params.get('username')
new_user.password = crypt.crypt(params.get('password'), '6a')
new_user.admin = False
self.sa.add(new_user)
self.sa.commit()
except:
self.sa.rollback()
raise
return redirect(url('users'))
def new(self, format='html'):
"""GET /users/new: Form to create a new item"""
# url('new_user')
return render('/user_add.html')
def update(self, id):
"""PUT /users/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
#
# Or using helpers:
# h.form(url('user', id=ID),
# method='put')
# url('user', id=ID)
params = dict(request.params)
try:
new_user = self.sa.query(Users).get(id)
new_user.active = params.get('active', False)
new_user.username = params.get('username')
if params.get('new_password'):
new_user.password = crypt.crypt(params.get('new_password'), '6a')
self.sa.add(new_user)
self.sa.commit()
except:
self.sa.rollback()
raise
return redirect(url('users'))
def delete(self, id):
"""DELETE /users/id: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
#
# Or using helpers:
# h.form(url('user', id=ID),
# method='delete')
# url('user', id=ID)
try:
self.sa.delete(self.sa.query(Users).get(id))
self.sa.commit()
except:
self.sa.rollback()
raise
return redirect(url('users'))
def show(self, id, format='html'):
"""GET /users/id: Show a specific item"""
# url('user', id=ID)
def edit(self, id, format='html'):
"""GET /users/id/edit: Form to edit an existing item"""
# url('edit_user', id=ID)
c.user = self.sa.query(Users).get(id)
defaults = c.user.__dict__
return htmlfill.render(
render('/user_edit.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=False
)