def create_comment(request, pk=None):
post = get_object_or_404(Posts, pk=pk)
is_server = ServerUtil.is_server(request.user)
if (not is_server and not can_user_view(request.user, post)):
return Response(status=status.HTTP_403_FORBIDDEN)
if post:
data = request.data
comment = data.get("comment", None)
if (isinstance(comment, str)):
comment = json.loads(comment)
author = comment.get('author', None)
author_id = author['id']
try:
su = ServerUtil(authorUrl=author_id)
if (is_server
and not (su.is_valid() and su.should_share_posts()
and can_external_user_view(author_id, post))):
return Response(
{
"query": "addComment",
"success": False,
"message": POST_NOT_VISIBLE,
},
status=status.HTTP_403_FORBIDDEN)
except Exception as e:
print(e)
return Response(
{
"query": "addComment",
"success": False,
"message": POST_NOT_VISIBLE,
},
status=status.HTTP_403_FORBIDDEN)
comment['author'] = author_id
serializer = CommentsSerializer(data=comment)
if serializer.is_valid():
post.comments.create(**serializer.validated_data)
return Response(
{
"query": "addComment",
"success": True,
"message": COMMENT_ADDED
},
status=status.HTTP_200_OK)
else:
return Response(
{
"query": "addComment",
"success": False,
"message": COMMENT_NOT_ALLOWED,
},
status=status.HTTP_403_FORBIDDEN)
else:
return Response(status=status.HTTP_404_NOT_FOUND)
def __do_a_get_post(self, user, data, pk):
try:
post = Posts.objects.get(pk=pk)
except:
return Response(
{
"success": False,
"message": "No post was found with that ID",
"query": "getPost"
},
status=404)
visibility = post.visibility
requestingAuthorUrl = data.get("author", {}).get("url", None)
if not requestingAuthorUrl:
return Response(
"You must specify the URL of the author who is requesting the post.",
status=400)
postAuthorUrl = get_author_url(str(post.author.pk))
sUtil = ServerUtil(authorUrl=requestingAuthorUrl)
if not sUtil.is_valid():
return Response(
"Could not find a foreign node matching the reqesting author's url.",
status=400)
# TODO block pictures or posts based on content type
if not sUtil.should_share_posts():
return Response(
"This node is currently not sharing posts with the requesting foreign node.",
status=400)
if visibility == "PUBLIC":
serializer = PostsSerializer(post)
return Response({
"query": "posts",
"count": 1,
"size": 1,
"posts": [serializer.data]
})
# If they are direct friends they can still see a FOAF post
if visibility == "FRIENDS" or visibility == "FOAF":
local, remote_follow = are_friends(postAuthorUrl,
requestingAuthorUrl)
success, remote = sUtil.check_direct_friendship(
requestingAuthorUrl, postAuthorUrl)
if not success:
return Response(
"Failed to communicate with external server to check friendship.",
status=500)
if not remote:
remote_follow.delete()
elif local: # remote = true, local = true, can respond with post
return Response({
"query": "posts",
"count": 1,
"size": 1,
"posts": [serializer.data]
})
# If we reach here, we know that they are not direct friends
# We need to find all the friends of the post writer
# and then ask the remote server if any of those friends are friends with the requesting author
if visibility == "FOAF":
postAuthorFriends = get_friends(postAuthorUrl)
success, foafs = sUtil.check_at_least_one_friend(
requestingAuthorUrl, postAuthorFriends)
if not success:
return Response(
"Failed to communicate with external server to check foaf-ship.",
status=500)
if foafs:
return Response({
"query": "posts",
"count": 1,
"size": 1,
"posts": [serializer.data]
})
if visibility == "PRIVATE":
print("UGHHH")
return Response({"query": "posts", "count": 0, "size": 1, "posts": []})