def comment():
act = request.args.get('act') or request.json.get('act')
if request.method == 'POST':
file_id = int(request.json.get('fileId', 0))
else: # it's a GET
file_id = int(request.args.get('fileId', 0))
file = SolutionFile.get_or_none(file_id)
if file is None:
return fail(404, f'No such file {file_id}.')
solver_id = file.solution.solver.id
if solver_id != current_user.id and not current_user.role.is_manager:
return fail(403, "You aren't allowed to access this page.")
if act == 'fetch':
return jsonify(Comment.by_file(file_id))
if (
not webapp.config.get('USERS_COMMENTS', False)
and not current_user.role.is_manager
):
return fail(403, "You aren't allowed to access this page.")
if act == 'delete':
comment_id = int(request.args.get('commentId'))
comment_ = Comment.get_or_none(Comment.id == comment_id)
if (
comment_.commenter.id != current_user.id
and not current_user.role.is_manager
):
return fail(403, "You aren't allowed to access this page.")
if comment_ is not None:
comment_.delete_instance()
return jsonify({'success': 'true'})
if act == 'create':
kind = request.json.get('kind', '')
comment_id, comment_text = None, None
try:
line_number = int(request.json.get('line', 0))
except ValueError:
line_number = 0
if kind.lower() == 'id':
comment_id = int(request.json.get('comment', 0))
if kind.lower() == 'text':
comment_text = request.json.get('comment', '')
return comments._create_comment(
current_user.id,
file,
kind,
line_number,
comment_text,
comment_id,
)
return fail(400, f'Unknown or unset act value "{act}".')
def delete():
comment_id = int(request.args.get('commentId'))
comment_ = Comment.get_or_none(Comment.id == comment_id)
if (comment_.commenter.id != current_user.id
and not current_user.role.is_manager):
raise ForbiddenPermission(
"You aren't allowed to access this page.",
403,
)
if comment_ is not None:
comment_.delete_instance()
def comment():
act = request.args.get('act') or request.json.get('act')
if request.method == 'POST':
solution_id = int(request.json.get('solutionId', 0))
else: # it's a GET
solution_id = int(request.args.get('solutionId', 0))
solution = Solution.get_or_none(Solution.id == solution_id)
if solution is None:
return fail(404, f'No such solution {solution_id}')
solver_id = solution.solver.id
if solver_id != current_user.id and not current_user.role.is_manager:
return fail(401, "You aren't allowed to watch this page.")
if act == 'fetch':
return jsonify(Comment.get_solutions(solution_id))
if act == 'delete':
comment_id = int(request.args.get('commentId'))
comment_ = Comment.get_or_none(Comment.id == comment_id)
if comment_ is not None:
comment_.delete_instance()
return jsonify({'success': 'true'})
if act == 'create':
kind = request.json.get('kind', '')
comment_id, comment_text = None, None
try:
line_number = int(request.json.get('line', 0))
except ValueError:
line_number = 0
if kind.lower() == 'id':
comment_id = int(request.json.get('comment', 0))
if kind.lower() == 'text':
comment_text = request.json.get('comment', '')
return _create_comment(
current_user.id,
solution,
kind,
line_number,
comment_text,
comment_id,
)
return fail(400, f'Unknown or unset act value "{act}"')
