def set_blog(post, json, user):
if json is not None:
if "blog" in json:
blog = Blog.get_or_none(Blog.id == json["blog"])
if blog is not None:
# admin can save to any blog
if user.is_admin:
post.blog = blog
return
role = Blog.get_user_role(blog, user)
# if user not in blog - then he can't save post here
if role is None:
return BlogError.NoAccess
# if blog is open - anyone can post here
if blog.blog_type == 1:
post.blog = blog
# if blog is closed or hidden - only writers and admins can
# save posts here
elif blog.blog_type == 2 or blog.blog_type == 3:
if role < 3:
post.blog = blog
else:
return BlogError.NoAccess
else:
return BlogError.NoBlog
def posts(url):
"""Получить список постов для блога"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
user = get_user_from_request()
has_access = Blog.has_access(blog, user)
if not has_access:
return errors.no_access()
query = Post.get_posts_for_blog(blog)
limit = max(1, min(int(request.args.get("limit") or 20), 100))
paginated_query = PaginatedQuery(query, paginate_by=limit)
posts = [p.to_json() for p in paginated_query.get_object_list()]
posts = [Vote.add_votes_info(p, 3, user) for p in posts]
return jsonify(
{
"success": 1,
"posts": posts,
"meta": {"page_count": paginated_query.get_page_count()},
}
)
def invites(url):
"""Пригласить пользователя или принять инвайт"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
user = get_user_from_request()
json = request.get_json()
if "invite" in json:
invite = BlogInvite.get_or_none(BlogInvite.id == json["invite"])
if invite is None:
return errors.invite_not_found()
if invite.user_to.id != user.id:
return errors.no_access()
invite.is_accepted = True
invite.save()
BlogParticipiation.create(blog=invite.blog, user=user, role=invite.role)
return jsonify({"success": 1})
elif "user" in json and "role" in json:
user_to = User.get_or_none(User.id == json["user"])
if user_to is None:
return errors.not_found()
role = Blog.get_user_role(blog, user)
if role is None:
return errors.no_access()
role_to = json["role"]
roles = {"owner": 1, "writer": 2, "reader": 3}
if role_to not in roles:
return errors.invite_wrong_role()
role_to = roles[role_to]
if role > role_to:
return errors.no_access()
invite = BlogInvite.create(
blog=blog, user_from=user, user_to=user_to, role=role_to
)
Notification.create(
user=user,
created_date=datetime.datetime.now(),
text='Вас пригласили в блог "{0}"'.format(blog.title),
object_type="invite",
object_id=invite.id,
)
return jsonify({"success": 1, "invite": invite.id})
def test_edit_blog_reader(client, blog, reader_token):
rv = client.put(
"/blogs/" + str(blog.url) + "/",
json={"title": "new title"},
headers={"Authorization": reader_token[1].token},
)
assert rv.json["success"] == 0
assert rv.json["error"]["code"] == 3
assert Blog.get().title == blog.title, "Blog title changed"
assert Blog.get().title != "new title"
def blogs(user):
for i in range(30):
Blog.create(
title="test_blog" + str(i),
url="test_blog" + str(i),
creator=user,
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
)
from src.model import db
db.db_wrapper.database.close()
def delete_blog(url):
"""Удалить блог"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
user = get_user_from_request()
role = Blog.get_user_role(blog, user)
if role != 1:
return errors.no_access()
blog.delete_instance()
return jsonify({"success": 1})
def get_single_blog(url):
"""Получить блог по указанному url"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
user = get_user_from_request()
has_access = Blog.has_access(blog, user)
if not has_access:
return errors.no_access()
blog_dict = blog.to_json()
blog_dict = Vote.add_votes_info(blog_dict, 2, user)
return jsonify({"success": 1, "blog": blog_dict})
def blog(user, reader_token):
blog = Blog.create(
title="test_blog",
url="test_blog",
creator=user,
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
)
BlogParticipiation.create(blog=blog, user=user, role=1)
writer = User.create(
username="******",
password="******",
email="asd",
registration_date=datetime.datetime.now(),
last_active_date=datetime.datetime.now(),
)
BlogParticipiation.create(blog=blog, user=writer, role=2)
BlogParticipiation.create(blog=blog, user=reader_token[0], role=3)
from src.model import db
db.db_wrapper.database.close()
return blog
def test_create_jam(client, user_token):
rv = client.post(
"/jams/",
headers={"Authorization": user_token[1].token},
json={
"title": "test title for jam",
"url": "test-jam",
"description": "description",
"short_description": "short",
"start_date": datetime.datetime.now().timestamp() + 5,
"end_date": datetime.datetime.now().timestamp() + 10,
},
)
assert rv.json["success"] == 1
assert "jam" in rv.json
blog = Blog.get()
assert blog.creator == user_token[0], "Wrong creator"
assert blog.description == 'Это блог для джема "test title for jam"'
participiation = BlogParticipiation.get()
assert participiation.user == user_token[0]
assert participiation.role == 1, "Not owner on creation"
jam = Jam.get()
assert jam.creator == user_token[0], "Wrong creator"
assert jam.title == "test title for jam"
assert jam.url == "test-jam"
assert jam.description == "description"
assert jam.short_description == "short"
assert int(jam.start_date) > int(datetime.datetime.now().timestamp())
assert int(jam.start_date) == int(jam.end_date - 5)
def test_delete_blog(client, blog, user_token):
rv = client.delete(
"/blogs/" + str(blog.url) + "/", headers={"Authorization": user_token[1].token}
)
assert rv.json["success"] == 1
assert Blog.select().count() == 0, "Blog not deleted"
def _delete_post(post):
if post is None:
return errors.not_found()
user = get_user_from_request()
if post.creator == user or user.is_admin:
Comment.delete().where((Comment.object_type == "post")
& (Comment.object_id == post.id)).execute()
TagMark.delete().where(TagMark.post == post).execute()
post.delete_instance()
return jsonify({"success": 1})
if post.blog is None:
return errors.no_access()
role = Blog.get_user_role(post.blog, user)
# only blog owner can delete posts
if role != 1:
return errors.no_access()
Comment.delete().where((Comment.object_type == "post")
& (Comment.object_id == post.id)).execute()
TagMark.delete().where(TagMark.post == post).execute()
post.delete_instance()
return jsonify({"success": 1})
def _get_post(post):
if post is None:
return errors.not_found()
if post.is_draft:
user = get_user_from_request()
if user is None:
return errors.no_access()
if post.creator != user:
return errors.no_access()
user = get_user_from_request()
if post.blog is not None:
# workaround, delete later. Sometime in the past you can save post
# without blog, so this check will fail.
has_access = Blog.has_access(post.blog, user)
if not has_access:
return errors.no_access()
post_dict = post.to_json()
post_dict = Vote.add_votes_info(post_dict, 3, user)
entries = JamEntry.get_entries_for_post(post)
post_dict["jam_entries"] = [e.to_json() for e in entries]
return jsonify({"success": 1, "post": post_dict})
def _edit_post(post):
if post is None:
return errors.not_found()
user = get_user_from_request()
role = Blog.get_user_role(post.blog, user)
if post.creator == user or role == 1 or user.is_admin:
json = request.get_json()
error = set_blog(post, json, user)
if error is not None:
error_response = {
BlogError.NoBlog: errors.blog_not_found(),
BlogError.NoAccess: errors.blog_no_access(),
}[error]
return error_response
fill_post_from_json(post, json)
if not validate_url(post):
return errors.post_url_already_taken()
post.save()
set_tags_for_post(post, json)
manage_jam_entries(post, json)
return jsonify({"success": 1, "post": post.to_json()})
else:
return errors.no_access()
def test_edit_blog(client, blog, user_token):
rv = client.put(
"/blogs/" + str(blog.url) + "/",
json={"title": "new title"},
headers={"Authorization": user_token[1].token},
)
assert rv.json["success"] == 1
assert Blog.get().title == "new title", "Blog title not chaged"
def validate_url(blog):
new_url = blog.url
print(new_url)
blogs_with_url = Blog.select().where(Blog.url == new_url)
for b in blogs_with_url:
if b.url == new_url and b.id != blog.id:
return False
return True
def test_delete_blog_reader(client, blog, reader_token):
rv = client.delete(
"/blogs/" + str(blog.url) + "/",
headers={"Authorization": reader_token[1].token},
)
assert rv.json["success"] == 0
assert rv.json["error"]["code"] == 3
assert Blog.select().count() == 1, "Blog was deleted"
def edit_blog(url):
"""Изменить блог"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
user = get_user_from_request()
role = Blog.get_user_role(blog, user)
if role != 1:
return errors.no_access()
fill_blog_from_json(blog, request.get_json())
if not validate_url(blog):
return errors.blog_url_already_taken()
blog.save()
return jsonify({"success": 1, "blog": blog.to_json()})
def create_blog():
"""Создать блог"""
user = get_user_from_request()
url = request.get_json()["url"]
if Blog.get_or_none(Blog.url == url) is not None:
return errors.blog_url_already_taken()
blog = Blog.create(
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
creator=user,
)
BlogParticipiation.create(blog=blog, user=user, role=1)
fill_blog_from_json(blog, request.get_json())
blog.save()
return jsonify({"success": 1, "blog": blog.to_json()})
def readers(url):
"""Получить список читателей блога"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_foun
user = get_user_from_request()
has_access = Blog.has_access(blog, user)
if not has_access:
return errors.no_access()
query = Blog.get_readers(blog)
limit = max(1, min(int(request.args.get("limit") or 20), 100))
paginated_query = PaginatedQuery(query, paginate_by=limit)
return jsonify(
{
"success": 1,
"readers": [u.to_json() for u in paginated_query.get_object_list()],
"meta": {"page_count": paginated_query.get_page_count()},
}
)
def join(url):
"""Присоеденится к блогу. Работает только с открытми блогами"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
if blog.blog_type != 1:
return errors.no_access()
user = get_user_from_request()
if user is None:
return errors.not_authorized()
if BlogParticipiation.get_or_none(blog=blog, user=user) is None:
BlogParticipiation.create(blog=blog, user=user, role=3)
return jsonify({"success": 1})
def blog(user):
blog = Blog.create(
title="test_blog",
url="test_blog",
creator=user,
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
)
BlogParticipiation.create(blog=blog, user=user, role=1)
from src.model import db
db.db_wrapper.database.close()
return blog
def get_blogs():
"""Получить список публичных блогов"""
query = Blog.get_public_blogs()
limit = max(1, min(int(request.args.get("limit") or 20), 100))
paginated_query = PaginatedQuery(query, paginate_by=limit)
blogs = [b.to_json() for b in paginated_query.get_object_list()]
blogs = [Vote.add_votes_info(b, 2, get_user_from_request()) for b in blogs]
return jsonify(
{
"success": 1,
"blogs": blogs,
"meta": {"page_count": paginated_query.get_page_count()},
}
)
def test_create_blog(client, user_token):
rv = client.post(
"/blogs/",
headers={"Authorization": user_token[1].token},
json={"url": "blog-url"},
)
assert rv.json["success"] == 1
assert "blog" in rv.json, "No blog in response"
blog = Blog.get()
assert blog.creator == user_token[0], "Wrong creator"
assert blog.id == rv.json["blog"]["id"]
participiation = BlogParticipiation.get()
assert participiation.blog.id == rv.json["blog"]["id"]
assert participiation.user == user_token[0]
assert participiation.role == 1, "Not owner on creation"
def convert():
create_app()
for t in TuTopic.select():
creator = User.get_or_none(User.id == t.user)
if not creator:
print("Skipped post. Owner:" +
TuUser.get(TuUser.user == t.user).user_login)
continue
updated = t.topic_date_edit
if not updated:
updated = t.topic_date_add
topic_content = TuTopicContent.get(TuTopicContent.topic == t.topic)
text = topic_content.topic_text_source
text = content.replace_uploads_in_text(creator, text)
# TODO convert questions and photosets
cut = text.split("<cut>")[0]
post = Post.create(
id=t.topic,
blog=Blog.get(Blog.id == t.blog),
creator=creator,
created_date=t.topic_date_add,
updated_date=updated,
title=t.topic_title,
cut_text=cut,
has_cut="<cut>" in text,
text=text,
rating=0,
is_draft=t.topic_publish == 0,
is_on_main=t.topic_publish_index == 1,
reads=0,
url=t.topic_url,
)
tags = t.topic_tags.split(",")
for tag in tags:
tag_obj = Tag.get_or_none(title=tag)
if tag_obj is None:
tag_obj = Tag.create(title=tag, created_date=t.topic_date_add)
TagMark.create(tag=tag_obj, post=post)
def create_blog_for_jam(user, title, url, image=None):
blog = Blog.create(
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
creator=user,
)
BlogParticipiation.create(blog=blog, user=user, role=1)
blog.title = title
blog.description = f'Это блог для джема "{title}"'
blog.url = url
blog.blog_type = 1
if image:
blog.image = Content.get_or_none(Content.id == image)
blog.updated_date = datetime.datetime.now()
blog.save()
return blog
def get():
search_type = request.args.get("type")
search_query = request.args.get("q")
limit = max(1, min(int(request.args.get("limit") or 20), 100))
type = 0
if not search_query or len(search_query) == 0:
return errors.wrong_payload("q")
if search_type == "post":
query = Post.get_public_posts().where(
Post.title.contains(search_query)
| Post.text.contains(search_query))
type = 3
elif search_type == "blog":
query = Blog.get_public_blogs().where(
Blog.title.contains(search_query)
| Blog.description.contains(search_query))
type = 2
elif search_type == "user":
query = User.select().where(
User.username.contains(search_query)
| User.name.contains(search_query))
type = 1
else:
return errors.wrong_payload("type")
paginated_query = PaginatedQuery(query, paginate_by=limit)
items = [item.to_json() for item in paginated_query.get_object_list()]
items = [
Vote.add_votes_info(i, type, get_user_from_request()) for i in items
]
return jsonify({
"success": 1,
"result": items,
"meta": {
"page_count": paginated_query.get_page_count()
},
})
def user_blogs(username):
"""Получить список блогов пользователя"""
user = User.get_or_none(User.username == username)
if user is None:
return errors.not_found()
query = Blog.get_blogs_for_user(user)
limit = max(1, min(int(request.args.get("limit") or 20), 100))
paginated_query = PaginatedQuery(query, paginate_by=limit)
blogs = [b.to_json() for b in paginated_query.get_object_list()]
blogs = [Vote.add_votes_info(b, 2, get_user_from_request()) for b in blogs]
return jsonify({
"success": 1,
"blogs": blogs,
"meta": {
"page_count": paginated_query.get_page_count()
},
})
def test_edit_jam(client, user_token, jam):
rv = client.post(
f"/jams/{jam.url}/",
headers={"Authorization": user_token[1].token},
json={"title": "new title"},
)
assert rv.json["success"] == 1
assert "jam" in rv.json
blog = Blog.get()
assert blog.creator == user_token[0], "Wrong creator"
assert blog.description == 'Это блог для джема "new title"'
participiation = BlogParticipiation.get()
assert participiation.user == user_token[0]
assert participiation.role == 1, "Not owner on creation"
jam = Jam.get()
assert jam.creator == user_token[0], "Wrong creator"
assert jam.title == "new title"
assert jam.url == jam.url
assert jam.description == jam.description
assert jam.short_description == jam.short_description
def jam(user, reader_token):
jam_title = "test jam"
jam_url = "test-jam"
blog = Blog.create(
title="test_blog",
url="test_blog",
creator=user,
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
)
BlogParticipiation.create(blog=blog, user=user, role=1)
blog.title = jam_title
blog.description = f'Это блог для джема "{jam_title}"'
blog.url = jam_url
blog.blog_type = 1
blog.save()
jam = Jam.create(
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
creator=user,
blog=blog,
title=jam_title,
url=jam_url,
description="some description without tags",
short_description="short description",
start_date=datetime.datetime.now() + timedelta(seconds=1),
end_date=datetime.datetime.now() + timedelta(seconds=5),
)
from src.model import db
db.db_wrapper.database.close()
return jam
def vote():
"""
Добавить голос.
"""
user = get_user_from_request()
json = request.get_json()
t_id = json["target_id"]
t_type = 0
notification_str_type = ""
notification_to_whom = None
notification_object_type = ""
if json["target_type"] == "user":
user_to = User.get_or_none(User.id == t_id)
if user_to is None:
return errors.vote_no_target()
t_type = 1
notification_str_type = "профиль"
notification_to_whom = user_to
notification_object_type = "user"
elif json["target_type"] == "blog":
blog = Blog.get_or_none(Blog.id == t_id)
if blog is None:
return errors.vote_no_target()
t_type = 2
notification_str_type = "блог"
notification_to_whom = blog.creator
notification_object_type = "blog"
elif json["target_type"] == "post":
post = Post.get_or_none(Post.id == t_id)
if post is None:
return errors.vote_no_target()
t_type = 3
notification_str_type = "пост"
notification_to_whom = post.creator
notification_object_type = "post"
elif json["target_type"] == "comment":
comment = Comment.get_or_none(Comment.id == t_id)
if comment is None:
return errors.vote_no_target()
t_type = 4
notification_str_type = "комментарий"
notification_to_whom = comment.creator
notification_object_type = "comment"
else:
return errors.vote_no_target_type()
value = json["value"]
if value > 0:
value = 1
elif value < 0:
value = -1
else:
value = 0
vote = Vote.get_or_none(Vote.voter == user,
target_id=t_id,
target_type=t_type)
if vote:
vote.vote_value = value
vote.updated_date = datetime.datetime.now()
else:
vote = Vote(
created_date=datetime.datetime.now(),
updated_date=datetime.datetime.now(),
voter=user,
target_id=t_id,
target_type=t_type,
vote_value=value,
)
notification_str_val = "+1" if value > 0 else "-1"
notification_text = "{0}: Пользователь {1} оценил ваш {2}".format(
notification_str_val, user.visible_name, notification_str_type)
Notification.create(
user=notification_to_whom,
created_date=datetime.datetime.now(),
text=notification_text,
object_type=notification_object_type,
object_id=t_id,
)
vote.save()
return jsonify({"success": 1, "vote": vote.to_json()})
