def create_post(title, body, author_id):
"""
Créer un post
"""
user = db_session.query(models.User).get(author_id)
if user.is_admin:
post = models.Post.create_new_post(title, body, user)
db_session.add(post)
db_session.commit()
return post
else:
raise UnauthorizedUser("User is not admin")
def register(username, password):
"""
Création d'un utilisateur
"""
user = models.User.create_new_user(username, password)
db_session.add(user)
db_session.commit()
access_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
return {'access_token': access_token, 'refresh_token': refresh_token}
def create_comment(body, user_id, post_id):
"""
Créer un nouveau commentaire
"""
post = db_session.query(models.Post).get(post_id)
if post is None:
raise ResourceNotFound("Resource not found")
user = db_session.query(models.User).get(user_id)
if user.is_banned:
raise UnauthorizedUser("User is not authorized")
comment = models.Comment.create_new_comment(body, user, post)
db_session.add(comment)
db_session.commit()
return comment
def delete_post(id, user_id):
"""
Supprimer un post à partir de son identifiant
"""
post = db_session.query(models.Post).get(id)
if post is not None:
user = db_session.query(models.User).get(user_id)
if user.is_admin == False:
raise UnauthorizedUser("User not authorized")
for comment in post.comments:
db_session.delete(comment)
db_session.delete(post)
db_session.commit()
return True
else:
raise ResourceNotFound("Resource not found")
def update_post_by_id(new_title, new_body, id, user_id):
"""
Mettre à jour un post du blog
"""
user = db_session.query(models.User).get(user_id)
if user.is_admin:
post = db_session.query(models.Post).get(id)
if post is not None:
post.title = new_title
post.body = new_body
db_session.commit()
return post
else:
raise ResourceNotFound("Resource not found")
else:
raise UnauthorizedUser("User is not authorized")
def update_comment(new_body, post_id, comment_id, user_id):
"""
Mettre à jour un commentaire à partir de son identifiant.
"""
try:
comments = db_session.query(models.Comment).filter(
models.Comment.post_id == post_id,
models.Comment.id == comment_id).all()
comment = comments[0]
except:
comment = None
if comment is not None:
user = db_session.query(models.User).get(user_id)
if user.is_banned and user.id == user_id:
raise UnauthorizedUser("User is not authorized")
else:
comment.body = new_body
db_session.commit()
return comment
else:
raise ResourceNotFound("Resource not found")
def update_user(connected_user_id, user_id, json_patch):
"""
Mettre à jour un utilisateur
"""
connected_user = UserService.get_user_by_id(connected_user_id)
user = UserService.get_user_by_id(user_id)
if 'username' in json_patch:
user.username = json_patch['username']
if 'password' in json_patch:
user.password = json_patch['password']
if 'is_admin' in json_patch or 'is_banned' in json_patch:
if connected_user.is_admin == False:
raise UnauthorizedUser('User is not admin')
else:
if 'is_admin' in json_patch:
user.is_admin = json_patch['is_admin']
if 'is_banned' in json_patch:
user.is_banned = json_patch['is_banned']
db_session.commit()
return user
def delete_comment(post_id, comment_id, user_id):
"""
Supprimer un commentaire à partir de son identifiant.
"""
try:
comments = db_session.query(models.Comment).filter(
models.Comment.post_id == post_id,
models.Comment.id == comment_id).all()
comment = comments[0]
except:
comment = None
if comment is not None:
user = db_session.query(models.User).get(user_id)
if comment.author.id == user.id or user.is_admin:
db_session.delete(comment)
db_session.commit()
return True
else:
raise UnauthorizedUser("User is not authorized")
else:
raise ResourceNotFound("Resource not found")