forked from davidedc/sketchPatch
/
edit_blog.py
232 lines (187 loc) · 9.1 KB
/
edit_blog.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
from base_request_handler import BaseRequestHandler
import util
from admin import UserInfo
from model import Sketcher,Weblog,WeblogReactions,Sketch,GallerySketch,MySketchesSketch,\
AuthorSketchesSketch,SketchComment,DeletedSketch
from functions import clean_sourcecode, is_suspicious, sourcecode_for_text_area
import logging
class EditBlog(BaseRequestHandler):
template_path = 'newSketchTemplate.html'
def get(self,randomID):
util.insertUsersideCookies(self)
randomID = randomID.replace("/","")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
sketch.sourceCodeForTextArea = sourcecode_for_text_area(sketch.sourceCode)
if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)):
template_values = {
'sketch': sketch,
'published': sketch.published,
'action': "editBlog",
'headerTitle':"Edit sketch",
}
self.generate(self.template_path,template_values)
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def post(self,randomID):
logging.info('editing the sketch')
randomID = randomID.replace("/","")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)):
if(sketch is None):
self.redirect('/index.html')
################################################################################
################################################################################
# and now for some serious tiptapping. On top of the sketch table, there are other
# tables to change.
# first, if the published flag changes, then the entries in the gallery and in the by_author
# table need to either be inserted or be deleted
# that said, also if the title or the tags change, then you need to modify the entries
# in all the three tables (unless you just deleted or added them)
AuthorSketchesSketch_add = False
AuthorSketchesSketch_change = False
AuthorSketchesSketch_delete = False
GallerySketch_add = False
GallerySketch_change = False
GallerySketch_delete = False
if 'published' in self.request.arguments():
logging.info('editing a sketch and the published field has been sent')
# check if the edited sketch has become suspicious
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title,sketch_tags_commas):
suspiciousContent = True
if util.doesItContainProfanity(sketch_title):
suspiciousContent = True
logging.info('this sketch is dirrrrrrrty')
# Anonymous users can't create unpublished sketches,
# so we override the flag of the form if the case
if suspiciousContent == True:
logging.info('forcing the sketch to unpublishing because it is so dirty')
shouldItBePublished = False
elif user.user:
shouldItBePublished = ('published' in self.request.arguments())
else:
shouldItBePublished = True
# first, check if the title or the tags changed
# if so, then you modify the MySketchesSketch table right away
# and you mark the AuthorSketchesSketch and the GallerySketch table as
# *potentially* to be modified ( *potentially* because you might have to just add those
# entries anew or delete them, depending on whether the published flag has changed)
if ((sketch.title != sketch_title) or (sketch.tags_commas != self.request.get('tags'))):
q0 = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1)
q0[0].title = sketch_title
q0[0].tags_commas = self.request.get('tags')
q0[0].published = (shouldItBePublished)
q0[0].put()
#
AuthorSketchesSketch_change = True
GallerySketch_change = True
# now you check how the published flag changes to see if the entries
# in the other two tables need to be added or deleted
if ((sketch.published == True) and (shouldItBePublished==False)):
logging.info('unpublishing a sketch')
AuthorSketchesSketch_delete = True
GallerySketch_delete = True
if ((sketch.published == False) and (shouldItBePublished==True)):
logging.info('making a sketch public')
AuthorSketchesSketch_add = True
GallerySketch_add = True
# if you have to add, add, and set the "change" flag to false so that
# you don't blindly change this record soon after you've added it
if AuthorSketchesSketch_add :
authorSketchesSketch = AuthorSketchesSketch(key_name = '-%023d' % int(user.user_id) + sketch.key().name())
authorSketchesSketch.title = self.request.get('title_input')
authorSketchesSketch.published = shouldItBePublished
authorSketchesSketch.randomID = sketch.randomID
authorSketchesSketch.tags_commas = self.request.get('tags')
authorSketchesSketch.put()
AuthorSketchesSketch_change = False
if GallerySketch_add :
gallerySketch = GallerySketch(key_name = sketch.key().name())
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
gallerySketch.title = self.request.get('title_input')
gallerySketch.published = shouldItBePublished
gallerySketch.randomID = sketch.randomID
gallerySketch.tags_commas = self.request.get('tags')
gallerySketch.put()
GallerySketch_change = False
# if you have to delete, delete, and set the "change" flag to false so that
# you don't blindly change those entries soon after you've added
if AuthorSketchesSketch_delete :
q1 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1)
q1[0].delete()
AuthorSketchesSketch_change = False
if GallerySketch_delete :
q2 = GallerySketch.get_by_key_name(sketch.key().name())
q2.delete()
GallerySketch_change = False
# any change to the AuthorSketches or GallerySketch tables only happens if the sketch is public,
# cause otherwise those two sketch records aren't just going to be there in the first place!
if (sketch.published) :
# ok now check the "change" flags. If they are still on, it means that the title or
# tag have changed, and the published flag hasn't changed (so it's not like you just
# added or deleted the records), so you have to effectively
# go and fish the records out of the database and change them
if AuthorSketchesSketch_change :
# need to fetch the other tables (gallery, my page and by author) and change them
q3 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1)
q3[0].title = self.request.get('title_input')
q3[0].tags_commas = self.request.get('tags')
q3[0].put()
if GallerySketch_change :
q4 = GallerySketch.get_by_key_name(sketch.key().name())
q4.title = self.request.get('title_input')
q4.tags_commas = self.request.get('tags')
q4.put()
################################################################################
################################################################################
sketch.set_title(self.request.get('title_input'))
sketch.description = util.Sanitize(self.request.get('text_input'))
sketch.published = (shouldItBePublished)
sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip()
sketch.sourceCode = sketch.sourceCode.replace('&','&')
sketch.sourceCode = sketch.sourceCode.replace('<','<')
sketch.sourceCode = sketch.sourceCode.replace(' ',' ')
sketch.sourceCode = sketch.sourceCode.replace('\r\n','<br>')
sketch.sourceCode = sketch.sourceCode.replace('\n','<br>')
sketch.sourceCode = sketch.sourceCode.replace('\r','<br>')
sketch.sourceCode = sketch.sourceCode.replace('\t',' ')
sketch.sourceCode = sketch.sourceCode.replace('"','"')
sketch.sourceCode = sketch.sourceCode.replace("'", ''')
sketch.tags_commas = self.request.get('tags')
sketch.update()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info('thumbnail data not empty - adding/overwriting thumbnail')
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID,thumbnailData)
else:
logging.info('no thumbnail data')
# note that we don't tell anonymous users what happened - this is to make
# bots' life a tiny little bit more complicated
if user.user and suspiciousContent and ('published' in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID="+sketch.randomID)
else:
self.redirect(sketch.full_permalink())
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.