1- # $Id: client.py,v 1.52 2002-10-09 01:00:40 richard Exp $
1+ # $Id: client.py,v 1.53 2002-10-15 06:37:21 richard Exp $
22
33__doc__ = """
44WWW request handler (also used in the stand-alone server).
@@ -375,6 +375,7 @@ def renderContext(self):
375375 ('login' , 'loginAction' ),
376376 ('logout' , 'logout_action' ),
377377 ('search' , 'searchAction' ),
378+ ('retire' , 'retireAction' ),
378379 )
379380 def handle_action (self ):
380381 ''' Determine whether there should be an _action called.
@@ -388,7 +389,7 @@ def handle_action(self):
388389 "login" -> self.loginAction
389390 "logout" -> self.logout_action
390391 "search" -> self.searchAction
391-
392+ "retire" -> self.retireAction
392393 '''
393394 if not self .form .has_key (':action' ):
394395 return None
@@ -949,33 +950,46 @@ def searchPermission(self):
949950 return 0
950951 return 1
951952
952- def remove_action (self , dre = re .compile (r'([^\d]+)(\d+)' )):
953- # XXX I believe this could be handled by a regular edit action that
954- # just sets the multilink...
955- target = self .index_arg (':target' )[0 ]
956- m = dre .match (target )
957- if m :
958- classname = m .group (1 )
959- nodeid = m .group (2 )
960- cl = self .db .getclass (classname )
961- cl .retire (nodeid )
962- # now take care of the reference
963- parentref = self .index_arg (':multilink' )[0 ]
964- parent , prop = parentref .split (':' )
965- m = dre .match (parent )
966- if m :
967- self .classname = m .group (1 )
968- self .nodeid = m .group (2 )
969- cl = self .db .getclass (self .classname )
970- value = cl .get (self .nodeid , prop )
971- value .remove (nodeid )
972- cl .set (self .nodeid , ** {prop :value })
973- func = getattr (self , 'show%s' % self .classname )
974- return func ()
975- else :
976- raise NotFound , parent
977- else :
978- raise NotFound , target
953+ def retireAction (self ):
954+ ''' Retire the context item.
955+ '''
956+ # if we want to view the index template now, then unset the nodeid
957+ # context info (a special-case for retire actions on the index page)
958+ nodeid = self .nodeid
959+ if self .template == 'index' :
960+ self .nodeid = None
961+
962+ # generic edit is per-class only
963+ if not self .retirePermission ():
964+ self .error_message .append (
965+ _ ('You do not have permission to retire %s' % self .classname ))
966+ return
967+
968+ # make sure we don't try to retire admin or anonymous
969+ if self .classname == 'user' and \
970+ self .db .user .get (nodeid , 'username' ) in ('admin' , 'anonymous' ):
971+ self .error_message .append (
972+ _ ('You may not retire the admin or anonymous user' ))
973+ return
974+
975+ # do the retire
976+ self .db .getclass (self .classname ).retire (nodeid )
977+ self .db .commit ()
978+
979+ self .ok_message .append (
980+ _ ('%(classname)s %(itemid)s has been retired' )% {
981+ 'classname' : self .classname .capitalize (), 'itemid' : nodeid })
982+
983+ def retirePermission (self ):
984+ ''' Determine whether the user has permission to retire this class.
985+
986+ Base behaviour is to check the user can edit this class.
987+ '''
988+ if not self .db .security .hasPermission ('Edit' , self .userid ,
989+ self .classname ):
990+ return 0
991+ return 1
992+
979993
980994 #
981995 # Utility methods for editing
0 commit comments