def put(self, request, id, **kwargs):
coerce_put_post(request)
comment = Comment.get(id)
if comment:
comment.name = request.PUT.get('name', '')
comment.url = request.PUT.get('url', '')
comment.email = request.PUT.get('email', '')
comment.body = request.PUT.get('body', '')
comment.put()
return HttpResponse(json.dumps({'status': 'OK', 'message': 'Comment Updated'}))
return HttpResponse(json.dumps({'status': 'Error', 'message': 'Post not foud'}))
def review_comment(aid, cid):
'''``PATCH`` |API_URL_BASE|/article/:aid/comment/:cid
Review a comment. The author is the only one having permission.
Response JSON:
.. code-block:: javascript
// success
{
$errors: null,
comment: {
id: integer,
nickname: string,
content: string,
time: datetime,
reply_to: integer // maybe null if no references.
}
}
// failed
{$errors: {reply_to: 'the comment you reply to doesn't not exist.'}}
Permission required: ``REVIEW_COMMENT``
'''
try:
author_id = (Article.select(Article.author)
.where(Article.id == aid).get()).author_id
comment = Comment.get((Comment.id == cid) & (Comment.article == aid))
if not author_id == current_user.get_id():
raise Comment.DoesNotExist()
except (Article.DoesNotExist, Comment.DoesNotExist):
return {'comment_id': '欲回复的评论不存在'}
comment.reviewed = True
comment.save()
event_emitted.send(
current_app._get_current_object(),
type='Comment: Review',
description='comment(%d) has been reviewed by %s.' %
(comment.id, current_user.get_id())
)
return None, {'comment': comment.to_dict()}
def delete_comment(aid, cid):
'''``DELETE`` |API_URL_BASE|/article/:aid/comment/:cid
Delete a comment. The author is the only one having permission.
Response JSON:
.. code-block:: javascript
// success
{$errors: null}
// failed
{
$errors: {
comment_id: 'the comment you reply to doesn't not exist.'
permission: 'you are not allowed to delete this comment.'
}
}
Permission required: ``REVIEW_COMMENT``
'''
try:
author_id = (Article.select(Article.author)
.where(Article.id == aid).get()).author_id
comment = Comment.get((Comment.id == cid) & (Comment.article == aid))
except (Article.DoesNotExist, Comment.DoesNotExist):
return {'comment_id': '该评论不存在'}
is_author = author_id == current_user.get_id()
if not is_author:
return {'permission': '你无权删除该条评论'}
comment.delete_instance()
event_emitted.send(
current_app._get_current_object(),
type='Comment: Delete',
description='comment(%d) has been deleted by %s.' %
(comment.id, current_user.get_id())
)
def get_a_comment(aid, cid):
'''``GET`` |API_URL_BASE|/article/:aid/comment/:cid
Get a comment to an article
Response JSON:
.. code-block:: javascript
// success
{
$errors: null,
comment: {
id: integer,
nickname: string,
content: string,
time: datetime,
reply_to: integer // maybe null if no references.
}
}
// failed
{$errors: {comment_id: 'this comment does not exist.'}}
Permission required: ``READ_COMMENT``
'''
try:
author_id = (Article.select(Article.author)
.where(Article.id == aid).get()).author_id
comment = Comment.get((Comment.id == cid) & (Comment.article == aid))
if comment.reviewed is False and current_user.get_id() != author_id:
raise Comment.DoesNotExist()
except (Article.DoesNotExist, Comment.DoesNotExist):
return {'comment_id': '该评论不存在'}
return None, {'comment': comment.to_dict()}
