def get_users_post(user_id, post_id):
user = user_exists(user_id, return_user=True)
if not user:
return error('User does not exist.', 404)
post = user.posts.where(Post.id == post_id).first()
if post is not None:
return jsonify(post.to_dict()), 200
return error('Selected user does not have the post.', 404)
def delete_users_post(user_id, post_id):
user = user_exists(user_id, return_user=True)
if not user:
return error('User does not exist.', 404)
post = user.posts.where(Post.id == post_id).first()
if post is not None:
post.delete_instance()
return message('Deleted.', 200)
return error('Selected user does not have the post.', 404)
def edit_users_post(user_id, post_id):
user = user_exists(user_id, return_user=True)
if not user:
return error('User does not exist.', 404)
if user.posts.where(Post.id == post_id).first() is None:
return error('Selected user does not have the post.', 404)
data = request.get_json()
post_data = {field: data[field] for field in Post._meta.allowed_fields
if data.get(field) is not None}
Post.update(post_data).where(Post.id == post_id).execute()
post = Post.get_by_id(post_id)
return jsonify(post.to_dict()), 200
def add_post(current_user):
data = request.get_json()
if None in (data.get('title'), data.get('text')):
return error('Both title and text are required.', 403)
data['author'] = current_user
post = Post.from_dict(data)
return jsonify(post.to_dict()), 201
def get_others_posts(current_user):
posts = [
post.to_dict()
for post in Post.select().where(Post.author != current_user)
]
if not posts:
return error('No posts from other users.', 404)
return jsonify(posts), 200
def delete_user(user_id):
data = request.get_json() or {}
user = user_exists(user_id, return_user=True)
if not user:
return error('User does not exist.', 404)
if data.get('delete_posts'):
for post in user.posts:
post.delete_instance()
user.delete_instance()
return message('Deleted.', 200)
def edit_post(post_id):
if not post_exists(post_id):
return error('Post does not exist.', 404)
data = request.get_json()
post_data = {
field: data[field]
for field in Post._meta.allowed_fields if data.get(field) is not None
}
Post.update(post_data).where(Post.id == post_id).execute()
return jsonify(Post.get_by_id(post_id).to_dict()), 200
def search_posts(current_user):
select_query = current_user.posts
query = request.args.get('query')
if query is not None:
select_query = select_query.where((Post.title.contains(query))
| (Post.text.contains(query)))
try:
posts = [post.to_dict() for post in select_query]
except AttributeError:
return error('No such posts.', 404)
return jsonify(posts), 200
def auth_login():
data = request.get_json()
email, username = data.get('email'), data.get('username')
password = data.get('password')
if not any((email, username)) or password is None:
return error('Both email/username and password are required.', 401)
user = User.select().where((User.email == email)
| (User.username == username)).first()
if user is None:
return error('User does not exist.', 403)
if not user.check_password(password):
return error('Wrong password.', 403)
token = jwt.encode(
{
'id': user.get_id(),
'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=2)
},
current_app.config['SECRET_KEY'],
algorithm='HS256')
data = user.to_dict()
data['token'] = token.decode('UTF-8')
return jsonify(data), 200
def get_users_posts(user_id):
user = user_exists(user_id, return_user=True)
if not user:
return error('User does not exist.', 404)
posts = [post.to_dict() for post in user.posts]
return jsonify(posts), 200
def get_user(user_id):
user = user_exists(user_id, return_user=True)
if not user:
return error('User does not exist.', 404)
return jsonify(user.to_dict()), 200
def delete_post(post_id):
if not post_exists(post_id):
return error('Post does not exist.', 404)
Post.delete_by_id(post_id)
return message('Deleted.', 200)
def get_post(post_id):
post = post_exists(post_id, return_post=True)
if not post:
return error('Post does not exist.', 404)
return jsonify(post.to_dict()), 200
