def post(self, ctx): auth.verify_privilege(ctx.user, 'posts:create') content = ctx.get_file('content', required=True) tag_names = ctx.get_param_as_list('tags', required=True) safety = ctx.get_param_as_string('safety', required=True) source = ctx.get_param_as_string('source', required=False, default=None) if ctx.has_param('contentUrl') and not source: source = ctx.get_param_as_string('contentUrl') relations = ctx.get_param_as_list('relations', required=False) or [] notes = ctx.get_param_as_list('notes', required=False) or [] flags = ctx.get_param_as_list('flags', required=False) or [] post = posts.create_post(content, tag_names, ctx.user) posts.update_post_safety(post, safety) posts.update_post_source(post, source) posts.update_post_relations(post, relations) posts.update_post_notes(post, notes) posts.update_post_flags(post, flags) if ctx.has_file('thumbnail'): posts.update_post_thumbnail(post, ctx.get_file('thumbnail')) ctx.session.add(post) snapshots.save_entity_creation(post, ctx.user) ctx.session.commit() tags.export_to_json() return posts.serialize_post_with_details(post, ctx.user)
def delete(self, ctx, comment_id): comment = comments.get_comment_by_id(comment_id) infix = 'self' if ctx.user.user_id == comment.user_id else 'any' auth.verify_privilege(ctx.user, 'comments:delete:%s' % infix) ctx.session.delete(comment) ctx.session.commit() return {}
def delete_comment_score(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'comments:score') comment = _get_comment(params) scores.delete_score(comment, ctx.user) ctx.session.commit() return _serialize(ctx, comment)
def put(self, ctx, comment_id): auth.verify_privilege(ctx.user, 'comments:score') score = ctx.get_param_as_int('score', required=True) comment = comments.get_comment_by_id(comment_id) scores.set_score(comment, ctx.user, score) ctx.session.commit() return comments.serialize_comment_with_details(comment, ctx.user)
def set_post_score(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, "posts:score") post = _get_post(params) score = ctx.get_param_as_int("score") scores.set_score(post, ctx.user, score) ctx.session.commit() return _serialize_post(ctx, post)
def update_tag(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: tag = _get_tag(params) versions.verify_version(tag, ctx) versions.bump_version(tag) if ctx.has_param("names"): auth.verify_privilege(ctx.user, "tags:edit:names") tags.update_tag_names(tag, ctx.get_param_as_string_list("names")) if ctx.has_param("category"): auth.verify_privilege(ctx.user, "tags:edit:category") tags.update_tag_category_name(tag, ctx.get_param_as_string("category")) if ctx.has_param("description"): auth.verify_privilege(ctx.user, "tags:edit:description") tags.update_tag_description(tag, ctx.get_param_as_string("description")) if ctx.has_param("suggestions"): auth.verify_privilege(ctx.user, "tags:edit:suggestions") suggestions = ctx.get_param_as_string_list("suggestions") _create_if_needed(suggestions, ctx.user) tags.update_tag_suggestions(tag, suggestions) if ctx.has_param("implications"): auth.verify_privilege(ctx.user, "tags:edit:implications") implications = ctx.get_param_as_string_list("implications") _create_if_needed(implications, ctx.user) tags.update_tag_implications(tag, implications) tag.last_edit_time = datetime.utcnow() ctx.session.flush() snapshots.modify(tag, ctx.user) ctx.session.commit() return _serialize(ctx, tag)
def put(self, ctx, post_id): auth.verify_privilege(ctx.user, 'posts:score') post = posts.get_post_by_id(post_id) score = ctx.get_param_as_int('score', required=True) scores.set_score(post, ctx.user, score) ctx.session.commit() return posts.serialize_post_with_details(post, ctx.user)
def get_pool_categories(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: auth.verify_privilege(ctx.user, "pool_categories:list") categories = pool_categories.get_all_categories() return { "results": [_serialize(ctx, category) for category in categories], }
def delete_post_from_favorites(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:favorite') post = _get_post(params) favorites.unset_favorite(post, ctx.user) ctx.session.commit() return _serialize_post(ctx, post)
def delete_comment_score( ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'comments:score') comment = _get_comment(params) scores.delete_score(comment, ctx.user) ctx.session.commit() return _serialize(ctx, comment)
def get_user_tokens(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:list:%s" % infix) user_token_list = user_tokens.get_user_tokens(user) return {"results": [_serialize(ctx, token) for token in user_token_list]}
def get_posts_around(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:list') _search_executor_config.user = ctx.user post_id = _get_post_id(params) return _search_executor.get_around_and_serialize( ctx, post_id, lambda post: _serialize_post(ctx, post))
def get_tag_categories(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: auth.verify_privilege(ctx.user, 'tag_categories:list') categories = tag_categories.get_all_categories() return { 'results': [_serialize(ctx, category) for category in categories], }
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) if not user: raise users.UserNotFoundError('User %r not found.' % user_name) if ctx.user.user_id == user.user_id: infix = 'self' else: infix = 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_name(user, ctx.get_param_as_string('name'), ctx.user) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return {'user': _serialize_user(ctx.user, user)}
def delete(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def set_post_score(ctx, params): auth.verify_privilege(ctx.user, 'posts:score') post = posts.get_post_by_id(params['post_id']) score = ctx.get_param_as_int('score', required=True) scores.set_score(post, ctx.user, score) ctx.session.commit() return _serialize_post(ctx, post)
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def get_posts_around( ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:list') _search_executor_config.user = ctx.user post_id = _get_post_id(params) return _search_executor.get_around_and_serialize( ctx, post_id, lambda post: _serialize_post(ctx, post))
def delete_post_from_favorites( ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:favorite') post = _get_post(params) favorites.unset_favorite(post, ctx.user) ctx.session.commit() return _serialize_post(ctx, post)
def delete_post_score( ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:score') post = _get_post(params) scores.delete_score(post, ctx.user) ctx.session.commit() return _serialize_post(ctx, post)
def delete_post_score(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:score') post = _get_post(params) scores.delete_score(post, ctx.user) ctx.session.commit() return _serialize_post(ctx, post)
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params["user_name"]) versions.verify_version(user, ctx) versions.bump_version(user) infix = "self" if ctx.user.user_id == user.user_id else "any" if ctx.has_param("name"): auth.verify_privilege(ctx.user, "users:edit:%s:name" % infix) users.update_user_name(user, ctx.get_param_as_string("name")) if ctx.has_param("password"): auth.verify_privilege(ctx.user, "users:edit:%s:pass" % infix) users.update_user_password(user, ctx.get_param_as_string("password")) if ctx.has_param("email"): auth.verify_privilege(ctx.user, "users:edit:%s:email" % infix) users.update_user_email(user, ctx.get_param_as_string("email")) if ctx.has_param("rank"): auth.verify_privilege(ctx.user, "users:edit:%s:rank" % infix) users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user) if ctx.has_param("avatarStyle"): auth.verify_privilege(ctx.user, "users:edit:%s:avatar" % infix) users.update_user_avatar( user, ctx.get_param_as_string("avatarStyle"), ctx.get_file("avatar", default=b""), ) ctx.session.commit() return _serialize(ctx, user)
def update_tag(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: tag = _get_tag(params) versions.verify_version(tag, ctx) versions.bump_version(tag) if ctx.has_param('names'): auth.verify_privilege(ctx.user, 'tags:edit:names') tags.update_tag_names(tag, ctx.get_param_as_string_list('names')) if ctx.has_param('category'): auth.verify_privilege(ctx.user, 'tags:edit:category') tags.update_tag_category_name( tag, ctx.get_param_as_string('category')) if ctx.has_param('description'): auth.verify_privilege(ctx.user, 'tags:edit:description') tags.update_tag_description( tag, ctx.get_param_as_string('description')) if ctx.has_param('suggestions'): auth.verify_privilege(ctx.user, 'tags:edit:suggestions') suggestions = ctx.get_param_as_string_list('suggestions') _create_if_needed(suggestions, ctx.user) tags.update_tag_suggestions(tag, suggestions) if ctx.has_param('implications'): auth.verify_privilege(ctx.user, 'tags:edit:implications') implications = ctx.get_param_as_string_list('implications') _create_if_needed(implications, ctx.user) tags.update_tag_implications(tag, implications) tag.last_edit_time = datetime.utcnow() ctx.session.flush() snapshots.modify(tag, ctx.user) ctx.session.commit() return _serialize(ctx, tag)
def update_user(ctx, params): user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return _serialize(ctx, user)
def get(self, ctx): auth.verify_privilege(ctx.user, 'tag_categories:list') categories = tag_categories.get_all_categories() return { 'tagCategories': [ _serialize_category(category) for category in categories], }
def get(self, ctx, category_name): auth.verify_privilege(ctx.user, 'tag_categories:view') category = tag_categories.get_category_by_name(category_name) if not category: raise tag_categories.TagCategoryNotFoundError( 'Tag category %r not found.' % category_name) return _serialize_category_with_details(category)
def set_comment_score(ctx, params): auth.verify_privilege(ctx.user, 'comments:score') score = ctx.get_param_as_int('score', required=True) comment = comments.get_comment_by_id(params['comment_id']) scores.set_score(comment, ctx.user, score) ctx.session.commit() return _serialize(ctx, comment)
def get_tag_categories( ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: auth.verify_privilege(ctx.user, 'tag_categories:list') categories = tag_categories.get_all_categories() return { 'results': [_serialize(ctx, category) for category in categories], }
def update_tag(ctx, params): tag = tags.get_tag_by_name(params['tag_name']) versions.verify_version(tag, ctx) versions.bump_version(tag) if ctx.has_param('names'): auth.verify_privilege(ctx.user, 'tags:edit:names') tags.update_tag_names(tag, ctx.get_param_as_list('names')) if ctx.has_param('category'): auth.verify_privilege(ctx.user, 'tags:edit:category') tags.update_tag_category_name( tag, ctx.get_param_as_string('category')) if ctx.has_param('description'): auth.verify_privilege(ctx.user, 'tags:edit:description') tags.update_tag_description( tag, ctx.get_param_as_string('description', default=None)) if ctx.has_param('suggestions'): auth.verify_privilege(ctx.user, 'tags:edit:suggestions') suggestions = ctx.get_param_as_list('suggestions') _create_if_needed(suggestions, ctx.user) tags.update_tag_suggestions(tag, suggestions) if ctx.has_param('implications'): auth.verify_privilege(ctx.user, 'tags:edit:implications') implications = ctx.get_param_as_list('implications') _create_if_needed(implications, ctx.user) tags.update_tag_implications(tag, implications) tag.last_edit_time = datetime.datetime.utcnow() ctx.session.flush() snapshots.modify(tag, ctx.user) ctx.session.commit() tags.export_to_json() return _serialize(ctx, tag)
def get_user_tokens(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:list:%s' % infix) user_token_list = user_tokens.get_user_tokens(user) return {'results': [_serialize(ctx, token) for token in user_token_list]}
def delete_comment(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: comment = _get_comment(params) versions.verify_version(comment, ctx) infix = 'own' if ctx.user.user_id == comment.user_id else 'any' auth.verify_privilege(ctx.user, 'comments:delete:%s' % infix) ctx.session.delete(comment) ctx.session.commit() return {}
def delete_pool(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: pool = _get_pool(params) versions.verify_version(pool, ctx) auth.verify_privilege(ctx.user, "pools:delete") snapshots.delete(pool, ctx.user) pools.delete(pool) ctx.session.commit() return {}
def delete_post(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, 'posts:delete') post = _get_post(params) versions.verify_version(post, ctx) snapshots.delete(post, ctx.user) posts.delete(post) ctx.session.commit() return {}
def delete_tag(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: tag = _get_tag(params) versions.verify_version(tag, ctx) auth.verify_privilege(ctx.user, 'tags:delete') snapshots.delete(tag, ctx.user) tags.delete(tag) ctx.session.commit() return {}
def delete_tag(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: tag = _get_tag(params) versions.verify_version(tag, ctx) auth.verify_privilege(ctx.user, "tags:delete") snapshots.delete(tag, ctx.user) tags.delete(tag) ctx.session.commit() return {}
def delete(self, ctx, post_id): auth.verify_privilege(ctx.user, 'posts:delete') post = posts.get_post_by_id(post_id) snapshots.save_entity_deletion(post, ctx.user) ctx.session.delete(post) ctx.session.commit() tags.export_to_json() return {}
def get(self, ctx): auth.verify_privilege(ctx.user, 'tag_categories:list') categories = tag_categories.get_all_categories() return { 'results': [ tag_categories.serialize_category(category) \ for category in categories], }
def delete_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def delete_comment(ctx, params): comment = comments.get_comment_by_id(params['comment_id']) versions.verify_version(comment, ctx) infix = 'own' if ctx.user.user_id == comment.user_id else 'any' auth.verify_privilege(ctx.user, 'comments:delete:%s' % infix) ctx.session.delete(comment) ctx.session.commit() return {}
def delete_user(ctx, params): user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def create_temporary_file(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: auth.verify_privilege(ctx.user, 'uploads:create') content = ctx.get_file('content', allow_tokens=False, use_video_downloader=auth.has_privilege( ctx.user, 'uploads:use_downloader')) token = file_uploads.save(content) return {'token': token}
def _create_if_needed(tag_names: List[str], user: model.User) -> None: if not tag_names: return _existing_tags, new_tags = tags.get_or_create_tags_by_names(tag_names) if len(new_tags): auth.verify_privilege(user, "tags:create") db.session.flush() for tag in new_tags: snapshots.create(tag, user)
def put(self, ctx, comment_id): comment = comments.get_comment_by_id(comment_id) infix = 'self' if ctx.user.user_id == comment.user_id else 'any' text = ctx.get_param_as_string('text', required=True) auth.verify_privilege(ctx.user, 'comments:edit:%s' % infix) comment.last_edit_time = datetime.datetime.now() comments.update_comment_text(comment, text) ctx.session.commit() return comments.serialize_comment_with_details(comment, ctx.user)
def _create_if_needed(tag_names, user): if not tag_names: return _existing_tags, new_tags = tags.get_or_create_tags_by_names(tag_names) if len(new_tags): auth.verify_privilege(user, 'tags:create') db.session.flush() for tag in new_tags: snapshots.create(tag, user)
def delete_tag(ctx, params): tag = tags.get_tag_by_name(params['tag_name']) versions.verify_version(tag, ctx) auth.verify_privilege(ctx.user, 'tags:delete') snapshots.delete(tag, ctx.user) tags.delete(tag) ctx.session.commit() tags.export_to_json() return {}
def get_user_tokens( ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:list:%s' % infix) user_token_list = user_tokens.get_user_tokens(user) return { 'results': [_serialize(ctx, token) for token in user_token_list] }
def post(self, ctx): auth.verify_privilege(ctx.user, 'comments:create') text = ctx.get_param_as_string('text', required=True) post_id = ctx.get_param_as_int('postId', required=True) post = posts.get_post_by_id(post_id) comment = comments.create_comment(ctx.user, post, text) ctx.session.add(comment) ctx.session.commit() return comments.serialize_comment_with_details(comment, ctx.user)
def create_comment(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: auth.verify_privilege(ctx.user, 'comments:create') text = ctx.get_param_as_string('text') post_id = ctx.get_param_as_int('postId') post = posts.get_post_by_id(post_id) comment = comments.create_comment(ctx.user, post, text) ctx.session.add(comment) ctx.session.commit() return _serialize(ctx, comment)
def set_pool_category_as_default(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: auth.verify_privilege(ctx.user, "pool_categories:set_default") category = pool_categories.get_category_by_name(params["category_name"], lock=True) pool_categories.set_default_category(category) ctx.session.flush() snapshots.modify(category, ctx.user) ctx.session.commit() return _serialize(ctx, category)
def delete_pool_category(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: category = pool_categories.get_category_by_name(params["category_name"], lock=True) versions.verify_version(category, ctx) auth.verify_privilege(ctx.user, "pool_categories:delete") pool_categories.delete_category(category) snapshots.delete(category, ctx.user) ctx.session.commit() return {}