1 files changed, 224 insertions, 0 deletions

diff --git a/mustash/mustash.py b/mustash/mustash.py
new file mode 100644
index 0000000..5113e30
--- /dev/null
+++ b/mustash/mustash.py
@@ -0,0 +1,224 @@
+#
+#  Copyright (C) 2013 Aaron Williamson <aaronw@softwarefreedom.org>
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU Affero General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU Affero General Public License for more details.
+#
+#  You should have received a copy of the GNU Affero General Public License
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import web
+import models
+
+### Url mappings
+
+urls = (
+    '/', 'Index',
+    '/admin/users/', 'AdminUsers',
+    '/folder/(\d+)/edit/', 'EditFolder',
+    '/folder/(\d+)/delete/', 'DeleteFolder',
+    '/user/(\d+)/delete/', 'DeleteUser',
+    '/user/(\d+)/edit/', 'EditUser',
+)
+
+### App, Session & Templates
+app = web.application(urls, globals())
+
+if web.config.get('_session') is None:
+    session = web.session.Session(app,web.session.DiskStore('sessions'), initializer={'messages': []})
+    web.config._session = session
+else:
+    session = web.config._session
+
+render = web.template.render('templates', globals={'context': session._initializer}, base='base')
+
+class Index:
+
+    users = models.get_users(as_list = True)
+
+    form = web.form.Form(
+        web.form.Textbox('name', web.form.notnull, description="Name"),
+        web.form.Dropdown('owner_id', users, description="Owner"),
+        web.form.Dropdown('users',
+                      users,
+                      description="Users",
+                      **{'multiple': 'multiple', 'size': 5}
+                      ),
+        web.form.Textbox('new_name', description="New user"),
+        web.form.Textbox('new_password', description="New user password"),
+        web.form.Button('Add stash'),
+        )
+
+    def GET(self):
+        """ Show page """
+        folders = models.get_folders()
+
+        form = self.form()
+        form['users'].args = form['owner_id'].args = models.get_users(as_list=True)
+        
+        return render.index(folders, form)
+
+    def POST(self):
+        """ Add new entry """
+        folders = models.get_folders()
+
+        form = self.form()
+
+        if not form.validates(web.input(users=[])):
+            return render.index(folders, form)
+
+        # Add the new folder
+        folder_id = models.add_folder(form.d.name, form.d.owner_id)
+        
+        if folder_id == False:
+            session._initializer['messages'].append('A folder called %s already exists!' % form.d.name)
+            return render.index(folders, self.form)
+
+        # Authorize all of the users on this folder
+        for user_id in form.d.users:
+            user = models.get_user(user_id)
+            folder = models.get_folder(folder_id)
+
+            if models.is_authorized(user_id, folder_id):
+                'User %s already authorized on folder %s' % (user.username, folder.name)
+            else:
+                models.authorize_user(user_id, folder_id)
+
+        if form.d.new_name:
+            new_user_id = models.add_user(form.d.new_name, form.d.new_password)
+            authorization = models.authorize_user(new_user_id, folder_id)
+
+            if authorization == False:
+                session._initializer['messages'].append('User already authorized on folder')
+    
+        raise web.seeother('/')
+        #return render.index(folders, self.form)
+
+class DeleteUser:
+    def POST(self, id):
+        """ Delete user based on ID """
+        id = int(id)
+        models.delete_user(id)
+        raise web.seeother('/admin/users/')
+
+class DeleteFolder:
+    def POST(self, id):
+        """ Delete folder based on ID """
+        id = int(id)
+        models.delete_folder(id)
+        raise web.seeother('/')
+
+class AdminUsers:
+    form = web.form.Form(
+        web.form.Textbox('username', web.form.notnull, description="Username:"),
+        web.form.Textbox('password', web.form.notnull, description="Password:"),
+        web.form.Button('Add user'),
+    )
+
+    def GET(self):
+        """ Show page """
+        users = models.get_users()
+        form = self.form()
+        return render.admin_users(users, form)
+
+    def POST(self):
+        """ Add new entry """
+        form = self.form()
+        if not form.validates():
+            users = models.get_users()
+            return render.index(users, form)
+        models.add_user(form.d.username, form.d.password)
+        raise web.seeother('/admin/users/')
+
+class EditFolder:
+    users = models.get_users(as_list = True)
+
+    form_update = web.form.Form(
+        web.form.Textbox('name', web.form.notnull, description="Name"),
+        web.form.Dropdown('owner_id', users, description="Owner"),
+        web.form.Dropdown('users',
+                      users,
+                      description="Users",
+                      **{'multiple': 'multiple', 'size': 5}
+                      ),
+        web.form.Button('Update')
+    )
+
+    def GET(self, id):
+        """ Show page """
+        form_update = self.form_update()
+
+        users = models.get_users(as_list = True)
+        folder = models.get_folder(id)
+        selected_users = models.get_folder_users(id)
+
+        update_values = {'name':folder["name"], 
+                         'owner_id':folder["owner_id"],
+                         'users':selected_users}
+
+        form_update.fill(update_values)
+
+        return render.folder_edit(users, form_update)
+
+    def POST(self, id):
+        """ Update folder """
+        form_update = self.form_update()
+
+        if not form_update.validates(web.input(users=[])):
+            users = models.get_users()
+            return render.index(users, form_update)
+
+        update_values = {'id':id,
+                         'name': form_update.d.name,
+                         'owner_id': form_update.d.owner_id,
+                         'users': form_update.d.users}
+
+        models.update_folder(update_values)
+
+        session._initializer['messages'].append('Updated folder %s' % form_update.d.name)        
+
+        raise web.seeother('/folder/%s/edit/' % id)
+
+class EditUser:
+    form = web.form.Form(
+        web.form.Hidden('id', description="ID"),
+        web.form.Textbox('username', description="Username"),
+        web.form.Textbox('password', description="Password"),
+        web.form.Button('Save'),
+    )
+
+    def GET(self, id):
+        """ Show page """
+        form = self.form()
+
+        user = models.get_user(id)
+        form.fill(user)
+
+        return render.user_edit(form)
+
+    def POST(self, id):
+        """ Update folder """
+        form = self.form()
+
+        if not form.validates():
+            user = models.get_user(id)
+            form_update.fill(user)
+            return render.index(form)
+
+        models.update_user(id, form.d.username, form.d.password)
+
+        session._initializer['messages'].append('Updated user %s' % form.d.username)
+
+        raise web.seeother('/user/%s/edit/' % id)
+
+app = web.application(urls, globals())
+
+if __name__ == '__main__':
+    app.run()