def set_blog(post, json, user): if json is not None: if "blog" in json: blog = Blog.get_or_none(Blog.id == json["blog"]) if blog is not None: # admin can save to any blog if user.is_admin: post.blog = blog return role = Blog.get_user_role(blog, user) # if user not in blog - then he can't save post here if role is None: return BlogError.NoAccess # if blog is open - anyone can post here if blog.blog_type == 1: post.blog = blog # if blog is closed or hidden - only writers and admins can # save posts here elif blog.blog_type == 2 or blog.blog_type == 3: if role < 3: post.blog = blog else: return BlogError.NoAccess else: return BlogError.NoBlog
def posts(url): """Получить список постов для блога""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_found() user = get_user_from_request() has_access = Blog.has_access(blog, user) if not has_access: return errors.no_access() query = Post.get_posts_for_blog(blog) limit = max(1, min(int(request.args.get("limit") or 20), 100)) paginated_query = PaginatedQuery(query, paginate_by=limit) posts = [p.to_json() for p in paginated_query.get_object_list()] posts = [Vote.add_votes_info(p, 3, user) for p in posts] return jsonify( { "success": 1, "posts": posts, "meta": {"page_count": paginated_query.get_page_count()}, } )
def invites(url): """Пригласить пользователя или принять инвайт""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_found() user = get_user_from_request() json = request.get_json() if "invite" in json: invite = BlogInvite.get_or_none(BlogInvite.id == json["invite"]) if invite is None: return errors.invite_not_found() if invite.user_to.id != user.id: return errors.no_access() invite.is_accepted = True invite.save() BlogParticipiation.create(blog=invite.blog, user=user, role=invite.role) return jsonify({"success": 1}) elif "user" in json and "role" in json: user_to = User.get_or_none(User.id == json["user"]) if user_to is None: return errors.not_found() role = Blog.get_user_role(blog, user) if role is None: return errors.no_access() role_to = json["role"] roles = {"owner": 1, "writer": 2, "reader": 3} if role_to not in roles: return errors.invite_wrong_role() role_to = roles[role_to] if role > role_to: return errors.no_access() invite = BlogInvite.create( blog=blog, user_from=user, user_to=user_to, role=role_to ) Notification.create( user=user, created_date=datetime.datetime.now(), text='Вас пригласили в блог "{0}"'.format(blog.title), object_type="invite", object_id=invite.id, ) return jsonify({"success": 1, "invite": invite.id})
def test_edit_blog_reader(client, blog, reader_token): rv = client.put( "/blogs/" + str(blog.url) + "/", json={"title": "new title"}, headers={"Authorization": reader_token[1].token}, ) assert rv.json["success"] == 0 assert rv.json["error"]["code"] == 3 assert Blog.get().title == blog.title, "Blog title changed" assert Blog.get().title != "new title"
def blogs(user): for i in range(30): Blog.create( title="test_blog" + str(i), url="test_blog" + str(i), creator=user, created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), ) from src.model import db db.db_wrapper.database.close()
def delete_blog(url): """Удалить блог""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_found() user = get_user_from_request() role = Blog.get_user_role(blog, user) if role != 1: return errors.no_access() blog.delete_instance() return jsonify({"success": 1})
def get_single_blog(url): """Получить блог по указанному url""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_found() user = get_user_from_request() has_access = Blog.has_access(blog, user) if not has_access: return errors.no_access() blog_dict = blog.to_json() blog_dict = Vote.add_votes_info(blog_dict, 2, user) return jsonify({"success": 1, "blog": blog_dict})
def blog(user, reader_token): blog = Blog.create( title="test_blog", url="test_blog", creator=user, created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), ) BlogParticipiation.create(blog=blog, user=user, role=1) writer = User.create( username="******", password="******", email="asd", registration_date=datetime.datetime.now(), last_active_date=datetime.datetime.now(), ) BlogParticipiation.create(blog=blog, user=writer, role=2) BlogParticipiation.create(blog=blog, user=reader_token[0], role=3) from src.model import db db.db_wrapper.database.close() return blog
def test_create_jam(client, user_token): rv = client.post( "/jams/", headers={"Authorization": user_token[1].token}, json={ "title": "test title for jam", "url": "test-jam", "description": "description", "short_description": "short", "start_date": datetime.datetime.now().timestamp() + 5, "end_date": datetime.datetime.now().timestamp() + 10, }, ) assert rv.json["success"] == 1 assert "jam" in rv.json blog = Blog.get() assert blog.creator == user_token[0], "Wrong creator" assert blog.description == 'Это блог для джема "test title for jam"' participiation = BlogParticipiation.get() assert participiation.user == user_token[0] assert participiation.role == 1, "Not owner on creation" jam = Jam.get() assert jam.creator == user_token[0], "Wrong creator" assert jam.title == "test title for jam" assert jam.url == "test-jam" assert jam.description == "description" assert jam.short_description == "short" assert int(jam.start_date) > int(datetime.datetime.now().timestamp()) assert int(jam.start_date) == int(jam.end_date - 5)
def test_delete_blog(client, blog, user_token): rv = client.delete( "/blogs/" + str(blog.url) + "/", headers={"Authorization": user_token[1].token} ) assert rv.json["success"] == 1 assert Blog.select().count() == 0, "Blog not deleted"
def _delete_post(post): if post is None: return errors.not_found() user = get_user_from_request() if post.creator == user or user.is_admin: Comment.delete().where((Comment.object_type == "post") & (Comment.object_id == post.id)).execute() TagMark.delete().where(TagMark.post == post).execute() post.delete_instance() return jsonify({"success": 1}) if post.blog is None: return errors.no_access() role = Blog.get_user_role(post.blog, user) # only blog owner can delete posts if role != 1: return errors.no_access() Comment.delete().where((Comment.object_type == "post") & (Comment.object_id == post.id)).execute() TagMark.delete().where(TagMark.post == post).execute() post.delete_instance() return jsonify({"success": 1})
def _get_post(post): if post is None: return errors.not_found() if post.is_draft: user = get_user_from_request() if user is None: return errors.no_access() if post.creator != user: return errors.no_access() user = get_user_from_request() if post.blog is not None: # workaround, delete later. Sometime in the past you can save post # without blog, so this check will fail. has_access = Blog.has_access(post.blog, user) if not has_access: return errors.no_access() post_dict = post.to_json() post_dict = Vote.add_votes_info(post_dict, 3, user) entries = JamEntry.get_entries_for_post(post) post_dict["jam_entries"] = [e.to_json() for e in entries] return jsonify({"success": 1, "post": post_dict})
def _edit_post(post): if post is None: return errors.not_found() user = get_user_from_request() role = Blog.get_user_role(post.blog, user) if post.creator == user or role == 1 or user.is_admin: json = request.get_json() error = set_blog(post, json, user) if error is not None: error_response = { BlogError.NoBlog: errors.blog_not_found(), BlogError.NoAccess: errors.blog_no_access(), }[error] return error_response fill_post_from_json(post, json) if not validate_url(post): return errors.post_url_already_taken() post.save() set_tags_for_post(post, json) manage_jam_entries(post, json) return jsonify({"success": 1, "post": post.to_json()}) else: return errors.no_access()
def test_edit_blog(client, blog, user_token): rv = client.put( "/blogs/" + str(blog.url) + "/", json={"title": "new title"}, headers={"Authorization": user_token[1].token}, ) assert rv.json["success"] == 1 assert Blog.get().title == "new title", "Blog title not chaged"
def validate_url(blog): new_url = blog.url print(new_url) blogs_with_url = Blog.select().where(Blog.url == new_url) for b in blogs_with_url: if b.url == new_url and b.id != blog.id: return False return True
def test_delete_blog_reader(client, blog, reader_token): rv = client.delete( "/blogs/" + str(blog.url) + "/", headers={"Authorization": reader_token[1].token}, ) assert rv.json["success"] == 0 assert rv.json["error"]["code"] == 3 assert Blog.select().count() == 1, "Blog was deleted"
def edit_blog(url): """Изменить блог""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_found() user = get_user_from_request() role = Blog.get_user_role(blog, user) if role != 1: return errors.no_access() fill_blog_from_json(blog, request.get_json()) if not validate_url(blog): return errors.blog_url_already_taken() blog.save() return jsonify({"success": 1, "blog": blog.to_json()})
def create_blog(): """Создать блог""" user = get_user_from_request() url = request.get_json()["url"] if Blog.get_or_none(Blog.url == url) is not None: return errors.blog_url_already_taken() blog = Blog.create( created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), creator=user, ) BlogParticipiation.create(blog=blog, user=user, role=1) fill_blog_from_json(blog, request.get_json()) blog.save() return jsonify({"success": 1, "blog": blog.to_json()})
def readers(url): """Получить список читателей блога""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_foun user = get_user_from_request() has_access = Blog.has_access(blog, user) if not has_access: return errors.no_access() query = Blog.get_readers(blog) limit = max(1, min(int(request.args.get("limit") or 20), 100)) paginated_query = PaginatedQuery(query, paginate_by=limit) return jsonify( { "success": 1, "readers": [u.to_json() for u in paginated_query.get_object_list()], "meta": {"page_count": paginated_query.get_page_count()}, } )
def join(url): """Присоеденится к блогу. Работает только с открытми блогами""" blog = Blog.get_or_none(Blog.url == url) if blog is None: return errors.not_found() if blog.blog_type != 1: return errors.no_access() user = get_user_from_request() if user is None: return errors.not_authorized() if BlogParticipiation.get_or_none(blog=blog, user=user) is None: BlogParticipiation.create(blog=blog, user=user, role=3) return jsonify({"success": 1})
def blog(user): blog = Blog.create( title="test_blog", url="test_blog", creator=user, created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), ) BlogParticipiation.create(blog=blog, user=user, role=1) from src.model import db db.db_wrapper.database.close() return blog
def get_blogs(): """Получить список публичных блогов""" query = Blog.get_public_blogs() limit = max(1, min(int(request.args.get("limit") or 20), 100)) paginated_query = PaginatedQuery(query, paginate_by=limit) blogs = [b.to_json() for b in paginated_query.get_object_list()] blogs = [Vote.add_votes_info(b, 2, get_user_from_request()) for b in blogs] return jsonify( { "success": 1, "blogs": blogs, "meta": {"page_count": paginated_query.get_page_count()}, } )
def test_create_blog(client, user_token): rv = client.post( "/blogs/", headers={"Authorization": user_token[1].token}, json={"url": "blog-url"}, ) assert rv.json["success"] == 1 assert "blog" in rv.json, "No blog in response" blog = Blog.get() assert blog.creator == user_token[0], "Wrong creator" assert blog.id == rv.json["blog"]["id"] participiation = BlogParticipiation.get() assert participiation.blog.id == rv.json["blog"]["id"] assert participiation.user == user_token[0] assert participiation.role == 1, "Not owner on creation"
def convert(): create_app() for t in TuTopic.select(): creator = User.get_or_none(User.id == t.user) if not creator: print("Skipped post. Owner:" + TuUser.get(TuUser.user == t.user).user_login) continue updated = t.topic_date_edit if not updated: updated = t.topic_date_add topic_content = TuTopicContent.get(TuTopicContent.topic == t.topic) text = topic_content.topic_text_source text = content.replace_uploads_in_text(creator, text) # TODO convert questions and photosets cut = text.split("<cut>")[0] post = Post.create( id=t.topic, blog=Blog.get(Blog.id == t.blog), creator=creator, created_date=t.topic_date_add, updated_date=updated, title=t.topic_title, cut_text=cut, has_cut="<cut>" in text, text=text, rating=0, is_draft=t.topic_publish == 0, is_on_main=t.topic_publish_index == 1, reads=0, url=t.topic_url, ) tags = t.topic_tags.split(",") for tag in tags: tag_obj = Tag.get_or_none(title=tag) if tag_obj is None: tag_obj = Tag.create(title=tag, created_date=t.topic_date_add) TagMark.create(tag=tag_obj, post=post)
def create_blog_for_jam(user, title, url, image=None): blog = Blog.create( created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), creator=user, ) BlogParticipiation.create(blog=blog, user=user, role=1) blog.title = title blog.description = f'Это блог для джема "{title}"' blog.url = url blog.blog_type = 1 if image: blog.image = Content.get_or_none(Content.id == image) blog.updated_date = datetime.datetime.now() blog.save() return blog
def get(): search_type = request.args.get("type") search_query = request.args.get("q") limit = max(1, min(int(request.args.get("limit") or 20), 100)) type = 0 if not search_query or len(search_query) == 0: return errors.wrong_payload("q") if search_type == "post": query = Post.get_public_posts().where( Post.title.contains(search_query) | Post.text.contains(search_query)) type = 3 elif search_type == "blog": query = Blog.get_public_blogs().where( Blog.title.contains(search_query) | Blog.description.contains(search_query)) type = 2 elif search_type == "user": query = User.select().where( User.username.contains(search_query) | User.name.contains(search_query)) type = 1 else: return errors.wrong_payload("type") paginated_query = PaginatedQuery(query, paginate_by=limit) items = [item.to_json() for item in paginated_query.get_object_list()] items = [ Vote.add_votes_info(i, type, get_user_from_request()) for i in items ] return jsonify({ "success": 1, "result": items, "meta": { "page_count": paginated_query.get_page_count() }, })
def user_blogs(username): """Получить список блогов пользователя""" user = User.get_or_none(User.username == username) if user is None: return errors.not_found() query = Blog.get_blogs_for_user(user) limit = max(1, min(int(request.args.get("limit") or 20), 100)) paginated_query = PaginatedQuery(query, paginate_by=limit) blogs = [b.to_json() for b in paginated_query.get_object_list()] blogs = [Vote.add_votes_info(b, 2, get_user_from_request()) for b in blogs] return jsonify({ "success": 1, "blogs": blogs, "meta": { "page_count": paginated_query.get_page_count() }, })
def test_edit_jam(client, user_token, jam): rv = client.post( f"/jams/{jam.url}/", headers={"Authorization": user_token[1].token}, json={"title": "new title"}, ) assert rv.json["success"] == 1 assert "jam" in rv.json blog = Blog.get() assert blog.creator == user_token[0], "Wrong creator" assert blog.description == 'Это блог для джема "new title"' participiation = BlogParticipiation.get() assert participiation.user == user_token[0] assert participiation.role == 1, "Not owner on creation" jam = Jam.get() assert jam.creator == user_token[0], "Wrong creator" assert jam.title == "new title" assert jam.url == jam.url assert jam.description == jam.description assert jam.short_description == jam.short_description
def jam(user, reader_token): jam_title = "test jam" jam_url = "test-jam" blog = Blog.create( title="test_blog", url="test_blog", creator=user, created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), ) BlogParticipiation.create(blog=blog, user=user, role=1) blog.title = jam_title blog.description = f'Это блог для джема "{jam_title}"' blog.url = jam_url blog.blog_type = 1 blog.save() jam = Jam.create( created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), creator=user, blog=blog, title=jam_title, url=jam_url, description="some description without tags", short_description="short description", start_date=datetime.datetime.now() + timedelta(seconds=1), end_date=datetime.datetime.now() + timedelta(seconds=5), ) from src.model import db db.db_wrapper.database.close() return jam
def vote(): """ Добавить голос. """ user = get_user_from_request() json = request.get_json() t_id = json["target_id"] t_type = 0 notification_str_type = "" notification_to_whom = None notification_object_type = "" if json["target_type"] == "user": user_to = User.get_or_none(User.id == t_id) if user_to is None: return errors.vote_no_target() t_type = 1 notification_str_type = "профиль" notification_to_whom = user_to notification_object_type = "user" elif json["target_type"] == "blog": blog = Blog.get_or_none(Blog.id == t_id) if blog is None: return errors.vote_no_target() t_type = 2 notification_str_type = "блог" notification_to_whom = blog.creator notification_object_type = "blog" elif json["target_type"] == "post": post = Post.get_or_none(Post.id == t_id) if post is None: return errors.vote_no_target() t_type = 3 notification_str_type = "пост" notification_to_whom = post.creator notification_object_type = "post" elif json["target_type"] == "comment": comment = Comment.get_or_none(Comment.id == t_id) if comment is None: return errors.vote_no_target() t_type = 4 notification_str_type = "комментарий" notification_to_whom = comment.creator notification_object_type = "comment" else: return errors.vote_no_target_type() value = json["value"] if value > 0: value = 1 elif value < 0: value = -1 else: value = 0 vote = Vote.get_or_none(Vote.voter == user, target_id=t_id, target_type=t_type) if vote: vote.vote_value = value vote.updated_date = datetime.datetime.now() else: vote = Vote( created_date=datetime.datetime.now(), updated_date=datetime.datetime.now(), voter=user, target_id=t_id, target_type=t_type, vote_value=value, ) notification_str_val = "+1" if value > 0 else "-1" notification_text = "{0}: Пользователь {1} оценил ваш {2}".format( notification_str_val, user.visible_name, notification_str_type) Notification.create( user=notification_to_whom, created_date=datetime.datetime.now(), text=notification_text, object_type=notification_object_type, object_id=t_id, ) vote.save() return jsonify({"success": 1, "vote": vote.to_json()})