def delete_article(article_id): """ Allows the user to delete an article * The user must be logged in to view this page * If not logged in, they should be redirected to the login page """ article = session.query(Article).filter_by(id=article_id).first() if is_authenticated(): if request.method == 'GET': print("Article id: {}, User id: {}".format( article.owner_id, login_session['user_id'])) if article.owner_id == str(login_session['user_id']): return render_template('delete_article.html') else: flash('You are not authorised to delete that article.') logger.warning('{} tried unsuccessfully to delete article'.format(login_session['user_id'])) return redirect('/', code=302) elif request.method == 'POST': # Delete the specified article delete_article = session.query(Article).filter_by( id=article_id).first() session.delete(delete_article) session.commit() flash('Article has been succsefully deleted') logger.info('Article: {} was succesfully deleted'.format(article.title)) return redirect('/', code=302) else: return redirect('/login')
def catalog_json(): """ Return all of the catalog and articles in json form * The user must be logged in to view this page * If not logged in, they should be redirected to the login page """ all_categories = session.query(Category).all() all_articles = session.query(Article).all() if is_authenticated(): Categories = {"Category": []} for c in all_categories: current_category = [c.id, c.category, []] for a in all_articles: if a.parent_id == c.id: current_article = { "id": a.id, "parent_id": a.parent_id, "title": a.title, "article_text": a.article_text, "owner": a.owner_id } current_category[2].append(current_article) Categories['Category'].append(current_category) return jsonify(Categories) else: flash('Please login to see the catalog endpoint') return redirect('/login', code=302)
def add_article(): """ Allows the user to create and save an article * The user must be logged in to view this page * If not logged in, they should be redirected to the login page """ if is_authenticated(): if request.method == 'GET': # Get the list of categories so the user can select categories = session.query(Category).all() # Display the add_article page return render_template('add_article.html', categories=categories) elif request.method == 'POST': # Get the request info and add the new request to the database title = bleach.clean(request.form['title']) description = bleach.clean(request.form['description']) category = bleach.clean(request.form['category']) owner = login_session['user_id'] new_article = Article(title=title, article_text=description, parent_id=category, owner_id=owner) session.add(new_article) session.commit() logger.info('Article: {} was succesfully created'.format(title)) flash('New article succesfully created') return redirect('/', code=302) else: return redirect('/login')
def edit_article(article_id): """ Allows the user to edit and save an article * The user must be logged in to view this page * If not logged in, they should be redirected to the login page * The user should only be allowed to edit if they are the owner. - If unauthorised, they should be redirected to add and article """ if is_authenticated(): article = session.query(Article).filter_by(id=article_id).first() categories = session.query(Category).filter_by(id=article.parent_id) if request.method == 'GET': # Check the user authored the article if article.owner_id == str(login_session['user_id']): return render_template('edit_article.html', categories=categories, article=article,) else: flash(""" * You are not authorised to edit that article. Please feel free to add a new one instead. """) return render_template('add_article.html', categories=categories) elif request.method == 'POST': title = bleach.clean(request.form['title']) description = bleach.clean(request.form['my_article']) category = bleach.clean(request.form['category']) # Update any records that have been returned if title: article.title = title if description: article.article_text = description if category: article.parent_id = category # Add and commit the record session.add(article) session.commit() # Update the history for the article username = login_session['username'] record = History(viewer=username, action='edited', viewed_article=article_id) session.add(record) session.commit() logger.info('Article: {} was successfully editied by {}'.format(title, username)) flash('Article has been successfully edited') return redirect('/', code=302) else: return redirect('/login')
def users_json(): """Return all of the users in json form - should be logged in * The user must be logged in to view this page * If not logged in, they should be redirected to the login page """ if is_authenticated(): users = session.query(User).all() return jsonify(User=[i.serialize for i in users]) else: flash('Please login to see the users endpoint') return redirect('/login', code=302)
def logout(): """Logs the current user out of the application""" if request.method == 'GET': # Display the logout page return render_template('logout.html') elif request.method == 'POST': # Log the current user out log_user_out() status = is_authenticated() return redirect('/', code=302)
def show_homepage(): """ Displays all the categories and the first ten articles """ categories = session.query(Category).all() articles = session.query(Article).limit(10) # Load and return the last five records from History (if logged in) if is_authenticated(): history = session.query(History).filter_by( viewer=login_session['username']).all() history.reverse() # Get the most recent record first return render_template('homepage.html', categories=categories, articles=articles, history=history[:5], status=is_authenticated()) else: return render_template('homepage.html', categories=categories, articles=articles, status=is_authenticated())
def categories_json(): """ Returns a json object of the current catalog Categories * The user must be logged in to see the catalog * If not, they should be directed to the home page """ if is_authenticated(): catalog = session.query(Category).all() return jsonify(Category=[i.serialize for i in catalog]) else: flash('Please login to see the catalog endpoint') return redirect('/login', code=302)
def article_json(article_id): """ * User must me logged in. * If not, they are returned to the login page :param article_id: :return: A single article in the json format """ if is_authenticated(): article = session.query(Article).filter_by(id=article_id) return jsonify(Article=[i.serialize for i in article]) else: flash('Please login to see the article endpoint') return redirect('/login', code=302)
def category_articles_json(category_id): """ * User must me logged in. * If not, they are returned to the login page :param catalog_id: integer related to a specific article :return: A list of articles for a category in the JSON format """ if is_authenticated(): articles = session.query(Article).filter_by(parent_id=category_id) return jsonify(Article=[i.serialize for i in articles]) else: flash('Please login to see the articles endpoint') return redirect('/login', code=302)
def show_articles_by_category(catalog_id): """ Displays all the articles associated with a specific category """ # Get the category title and related articles categories = session.query(Category).all() category = session.query(Category).filter_by(id=catalog_id) articles = session.query(Article).filter_by(parent_id=catalog_id) status = is_authenticated() return render_template('articles_by_category.html', category=category, categories=categories, articles=articles, status=status,)
def show_article(catalog_id, article_id): """Displays a specific article - if logged in you can edit the article""" # Get the details of the article to be displayed article = session.query(Article).filter_by(id=article_id).first() status = is_authenticated() # Add the viewing history to the database if the user is logged in if status: username = login_session['username'] record = History(viewer=username, action='viewed', viewed_article=article_id) session.add(record) session.commit() logger.info('Successfully updated history') line_text = "\n" + format_text(article.article_text) return render_template('article.html', article=article, text=line_text, status=status,)
def add_category(): """ Allows the user to create a new category * The user must be logged in to view this page * If not logged in, they should be redirected to the login page """ if is_authenticated(): if request.method == 'GET': return render_template('add_category.html') if request.method == 'POST': # Get the request info and add the new request to the database category = bleach.clean(request.form['category']) # Create the new record and add to the database new_category = Category(category=category) session.add(new_category) session.commit() flash('New category created') logging.info( 'Category {} was succesfully created'.format(category)) return redirect('/', code=302) else: return redirect('/login')