def post(self):
# Retrieve posted data
body = self.request.get('body')
comment = Comment.get_by_id((self.request.get('commentid')))
if comment is None:
return self.respond_with_404()
if (self.user is None or
self.user.username != comment.author_username):
return self.redirect(comment.parent_post.permalink)
# Verify data
if not body:
error = 'Your comment cannot be empty!'
else:
error = None
# Handle invalid edit
if error:
self.response.out.write(self.template.render(
user=self.user,
body=body,
error=error))
else:
comment.body = body
comment.last_edited = datetime.datetime.utcnow()
comment.put()
return self.redirect(comment.parent_post.permalink)
def delete(self, post_id):
blog = Blog.get_by_id(int(post_id))
comment = Comment.get_by_id(int(self.request.get("id")))
cookie_val = self.request.cookies.get("user_id")
if not self.blog_exists(blog):
message = "Invalid. The blog page does not exist."
self.send_response(404, message)
return
if not self.comment_exists(comment):
message = "Invalid. The comment does not exist."
self.send_response(400, message)
return
if not self.is_signed_in(cookie_val):
message = "Invalid. Must be signed in to edit comment."
self.send_response(401, message)
return
if not self.is_author(cookie_val, comment):
message = "Invalid. Must be its author to edit this."
self.send_response(403, message)
return
comment.delete()
message = json.dumps(
{"success": "The comment has been deleted successfully."})
self.send_response(200, message)
def get(self):
comment = Comment.get_by_id(self.request.get('commentid'))
if comment is None:
return self.respond_with_404()
if (self.user is None or
self.user.username != comment.author_username):
return self.redirect(comment.parent_post.permalink)
self.response.out.write(self.template.render(user=self.user,
editingcomment=comment))
def post(self):
# Ensure that the comment exists, and the user owns the comment
comment = Comment.get_by_id(self.request.get('commentid'))
if comment is None:
return self.respond_with_404()
if (self.user is None or
self.user.username != comment.author_username):
return self.redirect(comment.parent_post.permalink)
# Grab the parent post permalink before deleting
redirect_location = comment.parent_post.permalink
# Delete
comment.key.delete()
# Redirect back to parent post permalink
return self.redirect(redirect_location)
def get(self, post_id):
cookie_val = self.request.cookies.get("user_id")
comment = Comment.get_by_id(int(self.request.get("id")))
if not self.is_signed_in(cookie_val):
message = "Invalid. User must be signed-in to edit this comment."
self.send_response(401, message)
return
if not self.is_author(cookie_val, comment):
message = "Invalid. Only its author is allowed to edit."
self.send_response(403, message)
return
message = json.dumps({"success": "Allowed"})
self.send_response(200, message)
