Beispiel #1
0
 async def post(self) -> json_response:
     try:
         form = await self.request.json()
         if form['title'] is None or 60 < len(form['title']) < 4:
             return failure_response(400, 'Invalid title')
         if form['text'] is None or len(form['text']) > 500:
             return failure_response(400, 'Invalid text')
         user = get_user_from_token(self.request.headers['Authorization'])
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(select_from_users_where_email(user['email']))
                 u = await c.fetchone()
                 if u is None:
                     return failure_response(401, 'No such user')
                 await c.execute(select_from_news_where_title(form['title']))
                 n = await c.fetchone()
                 if n is None:
                     return failure_response(400, f"No such post with title {form['title']}")
                 com = CommentModel(text=form['text'],
                                    title=form['title'],
                                    author=user['name'],
                                    email=user['email'])
                 await c.execute(insert_new_comment(com))
                 return success_response(201, f'New comment at {com.created}', data=com.to_json())
     except Exception as e:
         return server_error_response(e)
Beispiel #2
0
 async def delete(self) -> json_response:
     try:
         usr = get_user_from_token(self.request.headers['Authorization'])
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(select_from_users_where_email(usr['email']))
                 u = await c.fetchone()
                 if u is not None:
                     await c.execute(delete_user_by_email(usr['email']))
                     return success_response(200, f"Deleted user with email {usr['email']}")
                 return failure_response(400, 'Bad email')
     except Exception as e:
         return server_error_response(e)
Beispiel #3
0
 async def delete(self):
     try:
         deleted = int(self.request.rel_url.query['id'])
         if deleted is None:
             return failure_response(400, 'No id param')
         if deleted < 0:
             return failure_response(400, 'Invalid id')
         user = get_user_from_token(self.request.headers['Authorization'])
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(select_comment_by_id(deleted))
                 com = await c.fetchone()
                 if com is None:
                     return failure_response(400, 'Invalid id')
                 if user['email'] != to_json(com)['email']:
                     return failure_response(401, 'You are not an author')
                 await c.execute(delete_comment_by_id(deleted))
                 return success_response(200, f'Deleted comment by id {deleted}')
     except Exception as e:
         return server_error_response(e)
Beispiel #4
0
 async def put(self):
     try:
         form = await self.request.json()
         if int(form['id']) is None or int(form['id']) < 0:
             return failure_response(400, 'Invalid comment id')
         if form['text'] is None or not form['text']:
             return failure_response(400, 'Invalid comment text')
         user = get_user_from_token(self.request.headers['Authorization'])
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(select_comment_by_id(int(form['id'])))
                 com = await c.fetchone()
                 if com is None:
                     return failure_response(400, f"No comment with id {form['id']}")
                 if user['email'] != to_json(com)['email']:
                     return failure_response(401, 'You are not an author')
                 await c.execute(update_comment_by_id(form['text'], int(form['id'])))
                 return success_response(200, 'Updated!')
     except Exception as e:
         return server_error_response(e)
Beispiel #5
0
 async def delete(self) -> json_response:
     try:
         title = self.request.rel_url.query['title']
         if title is not None:
             if len(title) < 4:
                 return failure_response(400, 'Invalid title length')
             user = get_user_from_token(
                 self.request.headers['Authorization'])
             pool = self.request.app['pool']
             async with pool.acquire() as conn:
                 async with conn.cursor() as c:
                     await c.execute(find(user['email'], title))
                     n = await c.fetchone()
                     if n is not None:
                         await c.execute(delete_new_by_title(title))
                         return success_response(
                             200, f'NewPage {title} was deleted')
                     return failure_response(
                         400, f"No such post with title : {title}")
         return failure_response(400, 'No title parameter')
     except Exception as e:
         return server_error_response(e)
Beispiel #6
0
 async def post(self) -> json_response:
     try:
         form = await self.request.json()
         if form['title'] is None or 4 > len(form['title']) > 60:
             return failure_response(400, 'Invalid title length')
         if form['text'] is None or len(form['text']) < 15:
             return failure_response(400, 'Invalid text length')
         if form['url'] is None or 5 > len(form['url']) < 60:
             return failure_response(400, 'Invalid url')
         user = get_user_from_token(self.request.headers['Authorization'])
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(
                     select_from_users_where_email(user['email']))
                 u = await c.fetchone()
                 if u is not None:
                     await c.execute(
                         select_from_news_where_title(form['title']))
                     n = await c.fetchone()
                     if n is None:
                         post = New_Model(title=form['title'],
                                          text=form['text'],
                                          image_url=form['url'],
                                          name=user['name'],
                                          email=user['email'])
                         await c.execute(insert_new_post(post))
                         print(
                             f"New {post.title} was created by {user['email']}"
                         )
                         return success_response(
                             201, f'New {post.title} was created!')
                     return failure_response(
                         400,
                         f"New with title {form['title']} already exist")
                 return failure_response(401, 'No such user')
     except Exception as e:
         return server_error_response(e)
Beispiel #7
0
 async def put(self) -> json_response:
     try:
         form = await self.request.json()
         if len(form['obj'].items()) == 0:
             return failure_response(400, 'Nothing to edit')
         if form['old'] is None or 4 > len(form['old']) > 60:
             return failure_response(400, 'Error')
         user = get_user_from_token(self.request.headers['Authorization'])
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(find(user['email'], form['old']))
                 n = await c.fetchone()
                 if n is not None:
                     new_post = new_tuple_to_json(n)
                     new_post.update(form['obj'])
                     await c.execute(
                         update_news_where_title(new_post, form['old']))
                     return success_response(200, 'Updated!')
                 return failure_response(
                     400, f"No such post with title {form['old']}")
     except Exception as e:
         return server_error_response(e)
Beispiel #8
0
 async def put(self) -> json_response:
     try:
         form = await self.request.json()
         if len(form['obj'].items()) == 0:
             return failure_response(400, 'Nothing to edit')
         obj = form['obj']
         token = self.request.headers['Authorization']
         if 'password' in obj:
             if get_old_pass(token) == obj['password']:
                 if obj['newPassword'] is None or 20 < len(obj['newPassword']) < 8:
                     return failure_response(400, 'Invalid length of new password')
                 obj['password'] = crypt_password(obj['newPassword'])
             else:
                 return failure_response(401, 'Invalid password')
         usr = get_user_from_token(token)
         pool = self.request.app['pool']
         async with pool.acquire() as conn:
             async with conn.cursor() as c:
                 await c.execute(select_from_users_where_email(usr['email']))
                 u = await c.fetchone()
                 if u is not None:
                     new_user = user_tuple_to_json(u)
                     new_user.update(obj)
                     if 'password' not in obj:
                         new_user['password'] = u[3]
                     await c.execute(update_users_where_email(new_user, usr['email']))
                     updated = dict((i, new_user[i]) for i in new_user if i != 'password')
                     if 'password' in obj:
                         new_token = generate_token(dict(user=updated,
                                                         password=obj['newPassword']))
                     else:
                         new_token = generate_token(dict(user=updated,
                                                         password=get_old_pass(token)))
                     return success_response(200, 'OK', token=new_token)
                 return failure_response(400, f"No such user with email {usr['email']}")
     except Exception as e:
         return server_error_response(e)