Ejemplo n.º 1
0
def get_post(id):
    if users.is_current_user_admin():
        asked_post = BlogPost.get(id)

        return jsonify(asked_post.to_json())  # dangerous
    else:
        return jsonify({})
Ejemplo n.º 2
0
def edit_post(id):

    form = PostForm()
    if users.is_current_user_admin() and form.validate_on_submit():
        try:
            tags = Tags()

            categories = Categories()

            updating_post = BlogPost.get(int(id))

            title = request.json['title']
            body = request.json['body']
            raw_category = request.json['category']
            editing_tags = request.json['tags']
            raw_summary = request.json['summary']

            tags_keys = tags.update(editing_tags, updating_post)

            category_key = categories.update(raw_category,
                                             updating_post.category)

            updating_post.edit(title,
                               body,
                               datetime.now(),
                               tags_keys,
                               category_key,
                               raw_summary,
                               raw_answers=request.json['answers'])
        except AttributeError:
            abort(500)

        return jsonify(updating_post.to_json())  # dangerous
Ejemplo n.º 3
0
def edit_post(id):

    form = PostForm()
    if users.is_current_user_admin() and form.validate_on_submit():

        tags = Tags()

        categories = Categories()

        updating_post = BlogPost.get(int(id))

        title = request.json['title']
        body = request.json['body']
        raw_category = request.json['category']
        editing_tags = request.json['tags']
        raw_summary = request.json['summary']

        tags_keys = tags.update(editing_tags, updating_post)

        category_key = categories.update(raw_category, updating_post.category)

        updating_post.edit(title, body, datetime.now(), tags_keys,
                           category_key, raw_summary, raw_answers=request.json['answers'])

        return jsonify(updating_post.to_json())  # dangerous
Ejemplo n.º 4
0
def get_post(id):
    if users.is_current_user_admin():
        asked_post = BlogPost.get(id)

        return jsonify(asked_post.to_json())  # dangerous
    else:
        return jsonify({})
Ejemplo n.º 5
0
def delete_post(post_id):
    if authenticate():
        try:
            post = BlogPost.get(BlogPost.id == post_id)
            return render_template('blog/delete.html',post=post)
        except BlogPost.DoesNotExist:
            return redirect(url_for('blog'))
    else:
        flash('Not authorized to do that')
        return redirect(url_for('blog'))
Ejemplo n.º 6
0
def delete_post_images(id, filename):
    """get images from a post with id"""
    if users.is_current_user_admin():
        asked_post = BlogPost.get(id)

        if filename == '':
            flash('No selected file')
            abort(500)
        if file and allowed_file(filename):
            image_filename = secure_filename(filename)

            asked_post.delete_blob_from_post(image_filename)
            return jsonify(msg="file deleted")
Ejemplo n.º 7
0
def main():

    if users.is_current_user_admin():
        if request.method == 'GET':  #all entitites
            posts = Posts()

            return jsonify(posts.to_json())

        elif request.method == "POST":

            form = PostForm()
            if form.validate_on_submit():  #new entity
                posts = Posts()
                categories = Categories()
                tags = Tags()

                raw_post = request.get_json()
                raw_category = raw_post["category"]
                editing_tags = raw_post["tags"]
                raw_summary = raw_post["summary"]

                tag_keys = tags.update(editing_tags)
                category_key = categories.update(raw_category)

                post_id = posts.add(raw_title=raw_post["title"],
                                    raw_body=raw_post["body"],
                                    category_key=category_key,
                                    tags_ids=tag_keys,
                                    summary=raw_summary,
                                    answers=raw_post["answers"]).id()
                post = BlogPost.get(post_id)
                if "images" in raw_post.keys() and raw_post["images"]:
                    for img in raw_post["images"]:
                        image_base64 = img["url"].split("base64,")[-1]
                        mime_type = img["url"].split("base64,")[0].replace(
                            'data:', '').replace(';', '')
                        image_filename = img["filename"].split("\\")[-1]

                        if allowed_file(image_filename):
                            image_filename = secure_filename(image_filename)
                            post.add_blob(base64.b64decode(image_base64),
                                          image_filename, mime_type)

                return jsonify(post.to_json())  #  Needs check
            else:
                return jsonify(msg="missing token")
    else:
        return jsonify({})
Ejemplo n.º 8
0
def delete_post(id):

    if users.is_current_user_admin():
        posts = Posts()

        tags = Tags()

        categories = Categories()

        updating_post = BlogPost.get(int(id))

        categories.delete(updating_post.category)

        posts.delete(updating_post.key)

        tags.update([])

    return jsonify(msg="OK")
Ejemplo n.º 9
0
def delete_post(id):

    if users.is_current_user_admin():
        posts = Posts()

        tags = Tags()

        categories = Categories()

        updating_post = BlogPost.get(int(id))

        categories.delete(updating_post.category)

        posts.delete(updating_post.key)

        tags.update(updating_post.get_tag_names())

    return jsonify(msg="OK")
Ejemplo n.º 10
0
def get_post_images(id):
    """get images from a post with id"""
    if users.is_current_user_admin():
        asked_post = BlogPost.get(id)

        if 'image' not in request.files:
            abort(500)

        file = request.files['image']
        if file.filename == '':
            flash('No selected file')
            abort(500)
        if file and allowed_file(file.filename):
            image_filename = secure_filename(file.filename)
            mime_type = file.content_type

            image_key = asked_post.add_blob(file.read(), image_filename,
                                            mime_type)
            return jsonify(image_key=image_key)
Ejemplo n.º 11
0
def main():

    if users.is_current_user_admin():
        if request.method=='GET':  #all entitites
            posts = Posts()

            return jsonify(posts.to_json())

        elif request.method == "POST":

            form = PostForm()
            if form.validate_on_submit():  #new entity
                posts = Posts()
                categories = Categories()
                tags = Tags()

                raw_post = request.get_json()
                raw_category = raw_post["category"]
                editing_tags = raw_post["tags"]
                raw_summary = raw_post["summary"]


                tag_keys = tags.update(editing_tags)
                category_key = categories.update(raw_category)

                post_id = posts.add(raw_title=raw_post["title"],
                            raw_body=raw_post["body"],
                            category_key=category_key,
                            tags_ids=tag_keys,
                            summary=raw_summary,
                            answers=raw_post["answers"]).id()
                post = BlogPost.get(post_id)
                return jsonify(post.to_json()) #  Needs check
            else:
                return jsonify(msg="missing token")
    else:
        return jsonify({})
Ejemplo n.º 12
0
def single_post(post_id):
    if request.method == "POST" and request.form and request.form['_method']:
        if authenticate():
            if request.form['_method'] == "PUT" or request.form['_method'] == "PATCH":
                post = request.form
                error = False
                title = request.form['title'].strip() if request.form['title'] != None else None
                if title:
                    if re.search("^[ a-zA-Z0-9\,\?\!]+$", title) == None:
                        flash('Invalid characters detected in title')
                        error = True
                else:
                    flash('Title cannot be empty')
                    error = True
                content = request.form['content'].strip()
                if content:
                    regex = re.compile('^[ a-zA-Z0-9\.\?\,\!\"\(\)]+$', re.MULTILINE)
                    content = content.replace("\r","")
                    num_matches = len(regex.findall(content))
                    num_lines = len(list(filter(remove_blanks,content.split("\n"))))
                    if num_matches != num_lines:
                        flash('Invalid characters detected in article body')
                        error = True
                    if not error:
                        try:
                            q = BlogPost.update(
                                title=request.form['title'],
                                content=request.form['content']
                            ).where(BlogPost.id == post_id)
                            q.execute()
                        except IntegrityError:
                            flash('That title is already taken')
                            error = True
                        except BlogPost.DoesNotExist:
                            return redirect(url_for('blog'))
                else:
                    flash('Article body cannot be empty')
                    error = True
    
                if error:
                    return render_template('blog/edit.html', post=post)
                else:
                    return redirect(url_for('single_post', post_id=post_id))
            elif request.form['_method'] == "DELETE":
                try:
                    post = BlogPost.get(BlogPost.id == post_id)
                    post.delete_instance()
                    flash('Successfully deleted the blog post')
                    return redirect(url_for('blog'))
                except BlogPost.DoesNotExist:
                    return redirect(url_for('blog'))
    
            else:
                abort(405)
        else:
            flash('Not authorized to do that')
            return redirect(url_for('blog'))
    else:
        try:
            post = BlogPost.get(BlogPost.id == post_id)
            if post.tags:
                tags = post.tags.split(',')
            return render_template('blog/show.html', post=post, tags=tags)
        except BlogPost.DoesNotExist:
            return redirect(url_for('blog'))