def post(self): # Retrieve posted data body = self.request.get('body') comment = Comment.get_by_id((self.request.get('commentid'))) if comment is None: return self.respond_with_404() if (self.user is None or self.user.username != comment.author_username): return self.redirect(comment.parent_post.permalink) # Verify data if not body: error = 'Your comment cannot be empty!' else: error = None # Handle invalid edit if error: self.response.out.write(self.template.render( user=self.user, body=body, error=error)) else: comment.body = body comment.last_edited = datetime.datetime.utcnow() comment.put() return self.redirect(comment.parent_post.permalink)
def delete(self, post_id): blog = Blog.get_by_id(int(post_id)) comment = Comment.get_by_id(int(self.request.get("id"))) cookie_val = self.request.cookies.get("user_id") if not self.blog_exists(blog): message = "Invalid. The blog page does not exist." self.send_response(404, message) return if not self.comment_exists(comment): message = "Invalid. The comment does not exist." self.send_response(400, message) return if not self.is_signed_in(cookie_val): message = "Invalid. Must be signed in to edit comment." self.send_response(401, message) return if not self.is_author(cookie_val, comment): message = "Invalid. Must be its author to edit this." self.send_response(403, message) return comment.delete() message = json.dumps( {"success": "The comment has been deleted successfully."}) self.send_response(200, message)
def get(self): comment = Comment.get_by_id(self.request.get('commentid')) if comment is None: return self.respond_with_404() if (self.user is None or self.user.username != comment.author_username): return self.redirect(comment.parent_post.permalink) self.response.out.write(self.template.render(user=self.user, editingcomment=comment))
def post(self): # Ensure that the comment exists, and the user owns the comment comment = Comment.get_by_id(self.request.get('commentid')) if comment is None: return self.respond_with_404() if (self.user is None or self.user.username != comment.author_username): return self.redirect(comment.parent_post.permalink) # Grab the parent post permalink before deleting redirect_location = comment.parent_post.permalink # Delete comment.key.delete() # Redirect back to parent post permalink return self.redirect(redirect_location)
def get(self, post_id): cookie_val = self.request.cookies.get("user_id") comment = Comment.get_by_id(int(self.request.get("id"))) if not self.is_signed_in(cookie_val): message = "Invalid. User must be signed-in to edit this comment." self.send_response(401, message) return if not self.is_author(cookie_val, comment): message = "Invalid. Only its author is allowed to edit." self.send_response(403, message) return message = json.dumps({"success": "Allowed"}) self.send_response(200, message)