Exemple #1
0
async def api_delete_user(request, userid):
    check_permission(request)
    rs = await User.remove_by(id=userid)
    if rs != 1:
        logging.error('delete user error: %s rows affected.' % rs)
        raise ApiError('delete-user:failed', msg='comment does not exist!')
    return dict(userid=userid)
Exemple #2
0
async def api_delete_comment(request, commentid):
    """delete one comment by id"""
    check_permission(request)
    rs = await Comment.remove_by(id=commentid)
    if rs != 1:
        logging.error('delete comment error: %s rows affected.' % rs)
        raise ApiError('delete-comment:failed', msg='comment does not exist!')
    return dict(commentid=commentid)
Exemple #3
0
async def api_delete_blog(request, blogid):
    """ delete one article """
    check_permission(request)
    rs = await Blog.remove_by(id=blogid)
    if rs != 1:
        logging.error('delete blog error: %s rows affected.' % rs)
        raise ApiError('delete-blog:failed', msg='blog does not exist!')
    return dict(blogid=blogid)
Exemple #4
0
async def api_register(name, email, passwd):
    if not name or not name.strip():
        raise ApiValueError('username')
    if not _RE_EMAIL.match(email):
        raise ApiValueError('email')
    if not _RE_SHA1.match(passwd):
        raise ApiValueError('passwd')
    users = await User.find_by(email=email)
    if len(users) >= 1:
        raise ApiError('register:failed', 'email', 'email already used.')
    uid = generate_id()
    # salt: uid
    sh_pass = hashlib.sha1(('%s:%s' % (uid, passwd)).encode('utf-8')).hexdigest()
    img = 'https://www.gravatar.com/avatar/%s?d=wavatar&s=120' % (hashlib.md5(email.encode('utf-8')).hexdigest())
    user = User(id=uid, name=name.strip(), email=email, passwd=sh_pass, image=img)
    rs = await user.insert()
    if rs != 1:
        raise ApiError('register:failed', '', 'insert user failed.')
    return _user_response(user)
Exemple #5
0
async def api_update_blog(request, name, summary, content, id, **kwargs):
    """ update an article """
    check_permission(request)
    name, summary, content = check_blog_content(name, summary, content)
    # update
    rs = await Blog.update_by(set_dict=dict(name=name, summary=summary, content=content), where_dict=dict(id=id))
    if rs != 1:
        logging.error('update blog error: %s rows affected.' % rs)
        raise ApiError('update-blog:failed', msg='blog does not exist!')
    # return same blog
    blog = Blog(id=id, name=name, summary=summary, content=content, **kwargs)
    return dict(blog=blog)
Exemple #6
0
async def api_create_blog(request, name, summary, content):
    """ create an article"""
    _user = check_permission(request)
    name, summary, content = check_blog_content(name, summary, content)
    # insert new blog
    blog = Blog(user_id=_user.id, user_name=_user.name, user_image=_user.image, name=name, summary=summary,
                content=content)
    rs = await blog.insert()
    if rs != 1:
        logging.error('insert blog error: %s rows affected.' % rs)
        raise ApiError('create-blog:failed', msg='insert blog failed.')
    return dict(blog=blog)
Exemple #7
0
async def api_create_comment(request, blogid, content):
    """ create one comment for specified article """
    _user = request.__user__
    if not _user:
        raise ApiPermissionError('用户似乎不在登录状态.')
    content = content.strip()
    # comment禁用html标签,进行html escape, 为避免&重复转义,对&不进行转义
    content = content.replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace('\'', '&apos;')
    if not content:
        raise ApiValueError('content', 'content of comment is empty.')
    comment = Comment(blog_id=blogid, user_id=_user.id, user_name=_user.name, user_image=_user.image, content=content)
    rs = await comment.insert()
    if rs != 1:
        logging.error('insert comment error: %s rows affected.' % rs)
        raise ApiError('insert-comment:failed', msg='insert comment failed.')
    return dict(comment=comment)