def delete_article(article_id):
"""
Allows the user to delete an article
* The user must be logged in to view this page
* If not logged in, they should be redirected to the login page
"""
article = session.query(Article).filter_by(id=article_id).first()
if is_authenticated():
if request.method == 'GET':
print("Article id: {}, User id: {}".format(
article.owner_id, login_session['user_id']))
if article.owner_id == str(login_session['user_id']):
return render_template('delete_article.html')
else:
flash('You are not authorised to delete that article.')
logger.warning('{} tried unsuccessfully to delete article'.format(login_session['user_id']))
return redirect('/', code=302)
elif request.method == 'POST':
# Delete the specified article
delete_article = session.query(Article).filter_by(
id=article_id).first()
session.delete(delete_article)
session.commit()
flash('Article has been succsefully deleted')
logger.info('Article: {} was succesfully deleted'.format(article.title))
return redirect('/', code=302)
else:
return redirect('/login')
def catalog_json():
"""
Return all of the catalog and articles in json form
* The user must be logged in to view this page
* If not logged in, they should be redirected to the login page
"""
all_categories = session.query(Category).all()
all_articles = session.query(Article).all()
if is_authenticated():
Categories = {"Category": []}
for c in all_categories:
current_category = [c.id, c.category, []]
for a in all_articles:
if a.parent_id == c.id:
current_article = {
"id": a.id,
"parent_id": a.parent_id,
"title": a.title,
"article_text": a.article_text,
"owner": a.owner_id
}
current_category[2].append(current_article)
Categories['Category'].append(current_category)
return jsonify(Categories)
else:
flash('Please login to see the catalog endpoint')
return redirect('/login', code=302)
def add_article():
"""
Allows the user to create and save an article
* The user must be logged in to view this page
* If not logged in, they should be redirected to the login page
"""
if is_authenticated():
if request.method == 'GET':
# Get the list of categories so the user can select
categories = session.query(Category).all()
# Display the add_article page
return render_template('add_article.html', categories=categories)
elif request.method == 'POST':
# Get the request info and add the new request to the database
title = bleach.clean(request.form['title'])
description = bleach.clean(request.form['description'])
category = bleach.clean(request.form['category'])
owner = login_session['user_id']
new_article = Article(title=title,
article_text=description,
parent_id=category,
owner_id=owner)
session.add(new_article)
session.commit()
logger.info('Article: {} was succesfully created'.format(title))
flash('New article succesfully created')
return redirect('/', code=302)
else:
return redirect('/login')
def edit_article(article_id):
"""
Allows the user to edit and save an article
* The user must be logged in to view this page
* If not logged in, they should be redirected to the login page
* The user should only be allowed to edit if they are the owner.
- If unauthorised, they should be redirected to add and article
"""
if is_authenticated():
article = session.query(Article).filter_by(id=article_id).first()
categories = session.query(Category).filter_by(id=article.parent_id)
if request.method == 'GET':
# Check the user authored the article
if article.owner_id == str(login_session['user_id']):
return render_template('edit_article.html',
categories=categories,
article=article,)
else:
flash("""
* You are not authorised to edit that article.
Please feel free to add a new one instead.
""")
return render_template('add_article.html',
categories=categories)
elif request.method == 'POST':
title = bleach.clean(request.form['title'])
description = bleach.clean(request.form['my_article'])
category = bleach.clean(request.form['category'])
# Update any records that have been returned
if title:
article.title = title
if description:
article.article_text = description
if category:
article.parent_id = category
# Add and commit the record
session.add(article)
session.commit()
# Update the history for the article
username = login_session['username']
record = History(viewer=username,
action='edited',
viewed_article=article_id)
session.add(record)
session.commit()
logger.info('Article: {} was successfully editied by {}'.format(title, username))
flash('Article has been successfully edited')
return redirect('/', code=302)
else:
return redirect('/login')
def users_json():
"""Return all of the users in json form - should be logged in
* The user must be logged in to view this page
* If not logged in, they should be redirected to the login page
"""
if is_authenticated():
users = session.query(User).all()
return jsonify(User=[i.serialize for i in users])
else:
flash('Please login to see the users endpoint')
return redirect('/login', code=302)
def logout():
"""Logs the current user out of the application"""
if request.method == 'GET':
# Display the logout page
return render_template('logout.html')
elif request.method == 'POST':
# Log the current user out
log_user_out()
status = is_authenticated()
return redirect('/', code=302)
def show_homepage():
"""
Displays all the categories and the first ten articles
"""
categories = session.query(Category).all()
articles = session.query(Article).limit(10)
# Load and return the last five records from History (if logged in)
if is_authenticated():
history = session.query(History).filter_by(
viewer=login_session['username']).all()
history.reverse() # Get the most recent record first
return render_template('homepage.html',
categories=categories,
articles=articles,
history=history[:5],
status=is_authenticated())
else:
return render_template('homepage.html',
categories=categories,
articles=articles,
status=is_authenticated())
def categories_json():
"""
Returns a json object of the current catalog Categories
* The user must be logged in to see the catalog
* If not, they should be directed to the home page
"""
if is_authenticated():
catalog = session.query(Category).all()
return jsonify(Category=[i.serialize for i in catalog])
else:
flash('Please login to see the catalog endpoint')
return redirect('/login', code=302)
def article_json(article_id):
"""
* User must me logged in.
* If not, they are returned to the login page
:param article_id:
:return: A single article in the json format
"""
if is_authenticated():
article = session.query(Article).filter_by(id=article_id)
return jsonify(Article=[i.serialize for i in article])
else:
flash('Please login to see the article endpoint')
return redirect('/login', code=302)
def category_articles_json(category_id):
"""
* User must me logged in.
* If not, they are returned to the login page
:param catalog_id: integer related to a specific article
:return: A list of articles for a category in the JSON format
"""
if is_authenticated():
articles = session.query(Article).filter_by(parent_id=category_id)
return jsonify(Article=[i.serialize for i in articles])
else:
flash('Please login to see the articles endpoint')
return redirect('/login', code=302)
def show_articles_by_category(catalog_id):
"""
Displays all the articles associated with a specific category
"""
# Get the category title and related articles
categories = session.query(Category).all()
category = session.query(Category).filter_by(id=catalog_id)
articles = session.query(Article).filter_by(parent_id=catalog_id)
status = is_authenticated()
return render_template('articles_by_category.html',
category=category,
categories=categories,
articles=articles,
status=status,)
def show_article(catalog_id, article_id):
"""Displays a specific article - if logged in you can edit the article"""
# Get the details of the article to be displayed
article = session.query(Article).filter_by(id=article_id).first()
status = is_authenticated()
# Add the viewing history to the database if the user is logged in
if status:
username = login_session['username']
record = History(viewer=username,
action='viewed',
viewed_article=article_id)
session.add(record)
session.commit()
logger.info('Successfully updated history')
line_text = "\n" + format_text(article.article_text)
return render_template('article.html',
article=article,
text=line_text,
status=status,)
def add_category():
"""
Allows the user to create a new category
* The user must be logged in to view this page
* If not logged in, they should be redirected to the login page
"""
if is_authenticated():
if request.method == 'GET':
return render_template('add_category.html')
if request.method == 'POST':
# Get the request info and add the new request to the database
category = bleach.clean(request.form['category'])
# Create the new record and add to the database
new_category = Category(category=category)
session.add(new_category)
session.commit()
flash('New category created')
logging.info(
'Category {} was succesfully created'.format(category))
return redirect('/', code=302)
else:
return redirect('/login')
