def view_note(note_id):
""" Render individual note page. """
note = get_note(g.session, note_id, current_user)
note.views += 1
g.session.commit()
rating = get_rating(g.session, current_user, note)
return render_template(
"note.html",
note=get_note(g.session, note_id, current_user),
admin=has_permission(
g.session,
PermissionType.ADMIN,
current_user,
note=note,
),
can_edit=has_permission(g.session,
PermissionType.EDIT,
current_user,
note=note),
can_comment=has_permission(g.session,
PermissionType.COMMENT,
current_user,
note=note),
rating=rating,
)
def update_note(uuid):
"""
Api.update_note method
arguments: [title, text]
returns: [uuid, user, ctime, atime, title, text]
200 -- note updated
400 -- wrong arguments
403 -- wrong authorization
404 -- note not found
500 -- internal error
"""
conn = conn_get()
note = database.get_note(conn, uuid)
if note is None:
abort(404)
if AUTH.username() != note["user"]:
abort(403)
if not request.json or not 'text' in request.json or not 'title' in request.json:
abort(400)
note["atime"] = int(time())
note["title"] = request.json["title"]
note["text"] = request.json["text"]
database.update_note(conn, note)
conn.commit()
return jsonify(note)
def delete_file(note_id, attachment_id):
""" Controller for delete an attachment """
note = get_note(g.session, note_id, current_user)
attachment = get_attachment(g.session, attachment_id, note, current_user)
os.remove(attachment.file_name)
delete_attachment(g.session, attachment_id, note, current_user)
return redirect(url_for("view_note", note_id=note_id))
def test_get_note(session, user, note):
retrieved_note = get_note(session, note.id, user)
assert retrieved_note.id == note.id, "Note retrieved should match one created"
assert retrieved_note.title == note.title, "Note retrieved should match one created"
assert retrieved_note.text == note.text, "Note retrieved should match one created"
assert retrieved_note.owner == note.owner, "Note retrieved should match one created"
def create_comment(note_id):
""" Controller for adding comments """
note = get_note(g.session, note_id, current_user)
form = request.form
body = form["body"]
add_comment(g.session, body, note, current_user)
return redirect(url_for("view_note", note_id=note_id))
def download(note_id, attachment_id):
""" Controller for download an attachment """
note = get_note(g.session, note_id, current_user)
attachment = get_attachment(g.session, attachment_id, note, current_user)
return send_file(
attachment.file_name,
attachment_filename=attachment.display_name,
as_attachment=True,
)
def rate_note(note_id):
""" Controller for adding and editing ratings """
note = get_note(g.session, note_id, current_user)
rating = request.form["rate"]
if get_rating(g.session, current_user, note) is None:
create_rating(g.session, current_user, note, rating)
else:
get_rating(g.session, current_user, note).value = rating
return redirect(url_for("view_note", note_id=note_id))
def note_edit(note_id):
""" Edit note view controller """
if request.method == "GET":
return render_template("edit_note.html",
note=get_note(g.session, note_id, current_user))
title = request.form["title"]
text = request.form["note_text"]
edit_note(g.session, title, text, note_id, current_user)
return redirect(url_for("view_note", note_id=note_id))
def upload_file(note_id):
""" Controller for upload an attachment """
if request.method == "POST":
note = get_note(g.session, note_id, current_user)
file = request.files["file"]
if file.filename == "":
flash("No selected file")
return redirect(url_for("view_note", note_id=note_id))
if file and allowed_file(file.filename):
add_attachment(g.session, file, note, current_user)
flash("File successsfully uploaded")
else:
flash("ERROR: File extension not allowed")
return redirect(url_for("view_note", note_id=note_id))
def test_edit_note(session, user, note):
edtitle = "This has been edited"
edtext = "This has \n been edited"
sections_before = len(note.sections)
before_edit = session.query(Note).filter(Note.owner_id == user.id).count()
edit_note(session, edtitle, edtext, note.id, user)
after_edit = session.query(Note).filter(Note.owner_id == user.id).count()
editednote = get_note(session, note.id, user)
sections_after = len(editednote.sections)
assert (
before_edit == after_edit
), "Editing should not change number of notes in database"
assert editednote.title == edtitle, "Editing note should change the title"
assert editednote.text == edtext, "Editing note should change the text"
assert sections_before == 2
assert sections_after == 2
def get_note(uuid):
"""
Api.get_note method
returns: [uuid, user, ctime, atime, title, text]
200 -- ok
403 -- wrong authorization
404 -- note not found
500 -- internal error
"""
conn = conn_get()
note = database.get_note(conn, uuid)
if note is None:
abort(404)
if AUTH.username() != note["user"]:
abort(403)
return jsonify(note)
def note_check(update, context):
global notes_data
res = update.message.text
try:
if res.startswith("#") == True:
chat_id = str(update.effective_chat.id)
text = ""
shrt = res[1:]
chat_idd = chat_id[1:]
n = get_note(chat_id=chat_idd, note_name=shrt)
if n != -1:
text = str(n[0])
update.message.reply_text(text, disable_web_page_preview=True)
return
else:
return
except:
return
def delete_note(uuid):
"""
Api.update_note method
returns: empty body
204 -- note deleted
403 -- wrong authorization
404 -- note not found
500 -- internal error
"""
conn = conn_get()
note = database.get_note(conn, uuid)
if note is None:
abort(404)
if AUTH.username() != note["user"]:
abort(403)
database.delete_note(conn, note["uuid"])
conn.commit()
return "", 204
def notes(update, context):
global notes_data
msg = update.message
res = update.message.text.split(None, 3)
chat_id = update.effective_chat.id
text_1 = text_3 = text = ""
try:
text_1 = res[1]
except:
try:
chat_idd = str(chat_id)[1:]
user_id = str(msg.from_user.id)
u = get_note(chat_id=chat_idd, all_name=1)
if u == -1:
raise
text = "Available notes -\n\n"
for i in u:
text = text + "• <code>" + i[0] + "</code>\n"
text = text + "\nUse #notename to view the note"
update.message.reply_text(text=text,
parse_mode="HTML",
disable_web_page_preview=True)
return
except:
update.message.reply_text(text="Notes not available..",
parse_mode="HTML",
disable_web_page_preview=True)
return
try:
text_2 = res[2]
except:
text_2 = ""
m = extract.sudocheck(update, context)
if m == 2:
return
# ss
if text_1 == 'remove':
if text_2 != "":
chat_idd = str(chat_id)[1:]
user_id = str(msg.from_user.id)
u = push_note(chat_id=chat_idd, note_name=text_2, pop=1)
if u == 1:
text = "Note #" + text_2 + " deleted !"
elif u == -2:
text = "Noet #" + text_2 + " does not exist !"
else:
text = "Error !"
elif text_1 == 'set':
try:
text_2 = res[2]
except:
update.message.reply_text("Note Name & Content not provided !")
return
try:
text_3 = res[3]
except:
update.message.reply_text("Note content not provided !")
return
chat_idd = str(chat_id)
chat_idd = chat_idd[1:]
user_id = str(msg.from_user.id)
push_note(chat_id=chat_idd,
note_name=text_2,
note=text_3,
set_by=user_id)
text = 'Note #' + str(text_2) + ' - \n"' + str(text_3) + '"'
else:
text = "Wrong format !"
update.message.reply_text(text)
def set_permissions(note_id):
""" Permissions table view controller """
note = get_note(g.session, note_id, current_user)
permissions = {}
for permission in note.permissions:
if permission.user_id == current_user.id:
continue
permissions.setdefault(permission.user, {})[permission.type] = "true"
if request.method == "POST":
form = request.form
i = 0
# Update permissions for existing users
while f"user_{i}" in form:
user_id = form[f"user_{i}"]
user = get_user(g.session, user_id=user_id)
user_permissions = []
for permission_type in PermissionType:
if form.get(f"{permission_type.value}_{i}") is not None:
user_permissions.append(permission_type)
new_permissions = update_permissions(g.session,
user_permissions,
user,
note,
triggered_by=current_user)
permissions[user] = {
permission.type: "true"
for permission in new_permissions
}
i += 1
# Process new user entry
new_user_name = form["new_user"]
if new_user_name:
user = get_user(g.session, name=new_user_name)
user_permissions = []
for permission_type in PermissionType:
if form.get(f"new_{permission_type.value}") is not None:
user_permissions.append(permission_type)
new_permissions = update_permissions(g.session,
user_permissions,
user,
note,
triggered_by=current_user)
permissions[user] = {
permission.type: "true"
for permission in new_permissions
}
return render_template(
"permission_table.html",
note=note,
permissions=permissions,
permission_types=list(PermissionType),
)
def remove_comment(comment_id, note_id):
""" Controller for removing comments """
note = get_note(g.session, note_id, current_user)
delete_comment(g.session, comment_id, note, current_user)
return redirect(url_for("view_note", note_id=note_id))