Beispiel #1
0
 def post(self, data):
     comment = Comment(author=g.current_user)
     for attr, value in data.items():
         if attr == "reply_id":
             comment.replied = Comment.query.get_or_404(value)
         elif attr == "post_id":
             post = Post.query.get_or_404(value)
             if post.private:
                 abort(400, "the post is private")
             comment.post = post
             if data.get("reply_id"):
                 comment.replied = Comment.query.get_or_404(
                     data["reply_id"])
                 if comment.replied not in comment.post.comments:
                     abort(
                         400,
                         "the comment you want to reply does not belongs to the post",
                     )
         elif attr == "body":
             comment.body = clean_html(value)
         else:
             comment.__setattr__(attr, value)
     db.session.add(comment)
     db.session.commit()
     return comment
Beispiel #2
0
 def put(self, post_id, data):
     post = Post.query.get(post_id)
     for attr, value in data.items():
         if attr == "content":
             post.content = clean_html(value)
         else:
             post.__setattr__(attr, value)
     db.session.commit()
     return post
Beispiel #3
0
 def post(self) -> "201":
     data = request.get_json()
     body = clean_html(data.get("body").strip())
     post_id = data.get("post_id")
     if not (isinstance(body, str) and body != "" and isinstance(post_id, int)):
         return bad_request("Invalid input")
     post = Post.query.get_or_404(post_id)
     comment = Comment(author=g.current_user, body=body, post=post)
     db.session.add(comment)
     db.session.commit()
     return jsonify(comment_schema(comment))
Beispiel #4
0
 def put(self, post_id: int) -> "204" or "403" or "404":
     """Edit Post"""
     post = Post.query.get_or_404(post_id)
     if not can_edit_post(post):
         return forbidden("You cannot edit this post.")
     data = request.get_json()
     title, content, private = get_post_data(data, ValidationError)
     cleaned_content = clean_html(content)
     post.title, post.content, post.private = title, cleaned_content, private
     db.session.commit()
     return "", 204
Beispiel #5
0
 def put(self, comment_id: int, data):
     comment = Comment.query.get(comment_id)
     for attr, value in data.items():
         if attr == "reply_id":
             comment.replied = Comment.query.get_or_404(value)
         elif attr == "post_id":
             post = Post.query.get_or_404(value)
             if post.private:
                 abort(400, "the post is private")
             comment.post = post
         elif attr == "body":
             comment.body = clean_html(value)
     db.session.commit()
     return comment
Beispiel #6
0
 def post(self, data):
     post = Post(author=g.current_user)
     for attr, value in data.items():
         if attr == "content":
             post.content = clean_html(value)
         elif attr == "column_ids":
             for column_id in data[attr]:
                 column = Column.query.get_or_404(column_id)
                 post.columns.append(column)
         else:
             post.__setattr__(attr, value)
     db.session.add(post)
     db.session.commit()
     return post
Beispiel #7
0
 def post(self) -> "201":
     """Create a post"""
     data = request.get_json()
     title, content, private = get_post_data(data, ValidationError)
     cleaned_content = clean_html(content)
     post = Post(
         author=g.current_user,
         title=title,
         content=cleaned_content,
         private=private,
     )
     db.session.add(post)
     try:
         db.session.commit()
     except Exception as e:
         return bad_request(e)
     return jsonify(post_schema(post))