def post(self):
comment_id = self.request.get('comment_id')
comment_txt = self.request.get('comment')
comment = Comment.get_by_id(int(comment_id))
comment.comment = comment_txt
comment.put()
self.redirect('/blog/%s' % comment.post.key().id())
def delete(id):
image = request.form.get('image')
comment = Comment.get_by_id(id)
comment.delete_instance()
flash('Your comment has been removed', 'info')
return redirect(url_for('images.show', id=image))
def post(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
user = users.get_current_user()
if comment.author_email == user.email() or users.is_current_user_admin():
comment.deleted = True
comment.put()
return self.redirect_to("topic-details", topic_id=comment.topic_id)
def post(self, comment_id):
"""Edit comment. If content is empty, just return.
If logged out user attempt to access, redirect to login page.
Args:
comment_id (str): Comment's id to edit.
"""
comment = Comment.get_by_id(int(comment_id))
if not (comment and self.user.key().id() == comment.user.key().id()):
return self.redirect('/blog')
content = self.request.get('content-%s' % comment_id)
if content:
comment.content = content
comment.put()
# Delay for DB processing.
time.sleep(0.1)
return self.redirect('/blog/%s' % comment.post.key().id())
else:
return self.redirect('/blog/%s' % comment.post.key().id())
def is_comment_author(self, comment_id):
current_comment = Comment.get_by_id(int(comment_id))
if (current_comment.user_email == self.str_email):
return True
else:
return False
def comment_edit(comment_id):
comment = Comment.get_by_id(comment_id=comment_id)
# get current user
session_token = request.cookies.get("session_token")
user = User.get_by_session_token(session_token=session_token)
# check if user logged in & if user is author
if not user:
return redirect(url_for('auth.login'))
elif comment.author_id != user._id:
return "You can only edit your own comments!"
# GET request
if request.method == "GET":
csrf_token = set_csrf_token(username=user.username)
return render_template("comment/comment_edit.html", comment=comment, csrf_token=csrf_token)
# POST request
elif request.method == "POST":
text = request.form.get("text")
# check CSRF tokens
csrf = request.form.get("csrf")
redis_csrf = get_csrf_token(username=user.username)
# if they match, allow user to edit the comment
if csrf and csrf == redis_csrf:
Comment.edit_comment(comment_id=comment_id, updates_dict={"text": text})
return redirect(url_for('topic.topic_details', topic_id=comment.topic_id))
else:
return "CSRF error: tokens don't match!"
def post(self, comment_id):
user = users.get_current_user()
comment = Comment.get_by_id(int(comment_id))
if users.is_current_user_admin() or user.email() == comment.user_email:
Comment.delete(comment)
return self.redirect_to("main-page")
def post(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
comment.content = self.request.get("content")
comment.updated = datetime.datetime.now()
comment.updated_by = users.get_current_user().nickname()
comment.put()
self.redirect("/topic/" + str(comment.the_topic_id))
def wrapper(self, post_id, post):
comment_id = self.request.get('comment_id')
comment = Comment.get_by_id(int(comment_id), parent=comment_key())
if comment and post:
return function(self, post_id, post, comment)
else:
self.error(404)
return
def delete_post_comment(comment_id):
comment = Comment.get_by_id(comment_id)
origin_post = comment.post.get()
origin_post.num_comments -= 1
origin_post.put()
#will now display [deleted] to keep comment chain intact
comment.partial_delete()
return origin_post.key.id()
def get(self, post_id, comment_id):
post = Post.get_by_id(int(post_id), parent=blog_key())
comment = Comment.get_by_id(int(comment_id), parent=self.user.key())
if comment.parent().key().id() == self.user.key().id():
comment.delete()
self.redirect('/blog/%s' % str(post_id))
else:
self.redirect('/commenterror')
def post(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
user = users.get_current_user()
if comment.author_email == user.email() or users.is_current_user_admin(
):
Comment.delete(comment)
return self.write("Comment deleted successfully.")
def get(self, post_id, comment_id):
# Checking to make sure current user has permission
c = Comment.get_by_id(int(comment_id))
if not self.get_username():
self.redirect('/%s' % post_id)
elif not c or not (self.get_username() == c.username):
self.redirect('/%s' % post_id)
else:
self.render('edit_comment.html', comment=c, error='')
def post(self, comment_id):
""" Destroy comment delete comment completely from datastore """
comment = Comment.get_by_id(int(comment_id))
user = User.logged_in_user()
if User.is_admin(user):
Comment.destroy(comment)
return self.redirect_to("deleted-comments-list")
else:
return self.render_template("error.html", params={"message": ADMIN_ACCESS})
def post(self, comment_id):
""" comment reload hahdler only by admin """
comment = Comment.get_by_id(int(comment_id))
user = User.logged_in_user()
if User.is_admin(user):
Comment.reload(comment)
return self.redirect_to('topic-details', topic_id=int(comment.topic_id))
else:
return self.render_template("error.html", params={"message": ADMIN_RELOAD})
def delete_post_comment(comment_id):
comment = Comment.get_by_id(comment_id)
origin_post = comment.post.get()
origin_post.num_comments -= 1
origin_post.put()
#will now display [deleted] to keep comment chain intact
comment.partial_delete()
return origin_post.key.id()
def get(self):
if self.authenticated():
comment_id = self.request.get('comment_id')
comment = Comment.get_by_id(int(comment_id))
if comment.commenter.username == self.user.username:
self.render("edit_comment.html",comment = comment)
else:
self.render_homepage("You can not edit others comment !")
else:
self.login_redirect()
def post(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
comment.deleted = True
comment.put()
topic = Topic.get_by_id(comment.the_topic_id)
topic.num_comments -= 1
topic.put()
self.redirect("/topic/" + str(comment.the_topic_id))
def post(self, post_id, comment_id):
comment = Comment.get_by_id(int(comment_id), parent=self.user.key())
if comment.parent().key().id() == self.user.key().id():
comment.comment = self.request.get('comment')
comment.put()
else:
if not comment:
self.write("This comment no longer exists")
self.redirect('/blog/%s' % str(post_id))
def post(self, comment_id):
current_comment = Comment.get_by_id(int(comment_id))
current_comment.deleted = True
current_comment.put()
topic_id = current_comment.topic_id
if is_local():
time.sleep(0.1)
return self.redirect_to("topic-details", topic_id=int(topic_id))
def post(self):
user = User.get_by_id(int(self.user.key.id()), parent=users_key())
#delete all associated posts
p_query = Post.query(Post.author == self.user.key)
if p_query:
for p in p_query:
Post.get_by_id(int(p.key.id()), parent=blog_key()).key.delete()
#delete all associated comments
c_query = Comment.query(Comment.comment_author == self.user.key)
if c_query:
for c in c_query:
Comment.get_by_id(int(c.key.id()),
parent=comment_key()).key.delete()
# delete user
user.key.delete()
self.redirect('/login')
def post(self, comment_id):
""" soft delete for comments only by author or admin """
comment = Comment.get_by_id(int(comment_id))
user = User.logged_in_user()
if User.is_admin(user) or User.is_author(user, comment):
Comment.delete(comment)
return self.redirect_to("topic-details", topic_id=comment.topic_id)
else:
return self.render_template("error.html", params={"message": COMMENT_AUTHOR})
def get(self, post_id, comment_id):
# Check user permissions
comment = Comment.get_by_id(int(comment_id))
if not comment:
self.redirect('/%s' % post_id)
elif comment.username != self.get_username():
self.redirect('/login')
# Delete the comment if everything checks out
else:
db.delete(comment)
self.redirect('/%s' % post_id)
def post(self, comment_id):
""" Edit comment by author or forum administrator """
commment = Comment.get_by_id(int(comment_id))
user = User.logged_in_user()
if User.is_admin(user) or User.is_author(user, commment):
content = self.request.get("content")
Comment.update(commment, content)
return self.redirect_to("topic-details", topic_id=int(commment.topic_id))
else:
return self.render_template("error.html", params={"message": COMMENT_AUTHOR})
def post(self, comment_id):
user = users.get_current_user()
comment = Comment.get_by_id(int(comment_id))
if comment.author_email == user.email() or users.is_current_user_admin(
):
content = self.request.get("content")
comment.content = content
comment.put()
return self.redirect_to("topic-details", topic_id=comment.topic_id)
def post(self):
comment_id = self.request.get('comment_id')
comment = Comment.get_by_id(int(comment_id))
if self.authenticated():
if comment.commenter.username == self.user.username:
comment.delete()
else:
self.render_homepage("You cant delete others comment")
self.redirect('/blog/%s' % comment.post.key().id())
else:
self.login_redirect()
def get(self, comment_id):
user = users.get_current_user()
comment = Comment.get_by_id(int(comment_id))
if user.nickname() in ADMINS or user.nickname() == comment.author:
args = {}
args["comment_content"] = comment.content
self.base_args(user, args)
self.render_template("edit-comment.html", args)
else:
self.redirect("/topic/" + str(comment.the_topic_id))
def delete(id):
comment = Comment.get_by_id(id)
if comment.delete_instance(recursive=True):
return jsonify({
'message': "comment deleted"
}), 200
else:
return jsonify({'message': "delete comment failed"}), 400
def get(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
topic = Topic.get_by_id(comment.topic_id)
context = {
"comment": comment,
"topic": topic,
}
return self.render_template_with_csrf("list_comment.html",
params=context)
def get(self, post_id, comment_id):
comment = Comment.get_by_id(int(comment_id))
if comment and self.user:
if comment.user.name == self.user.name:
db.delete(comment)
time.sleep(0.1)
self.redirect('/post/%s' % str(post_id))
else:
self.write("To delete a comment you must be the author")
else:
self.write("This comment no longer exists")
def get(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
topic = Topic.get_by_id(comment.topic_id)
context = {
"comment": comment,
"topic": topic,
}
return self.render_template("comment_delete.html",
params=context,
generate_csrf_token=True)
def post(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
topic = Topic.query(Topic.title == comment.topic_title).get()
user = users.get_current_user()
if user.email() == comment.author_email or users.is_current_user_admin(
):
Comment.delete_comment(comment=comment)
Topic.comment_sum_minus_one(topic=topic)
return self.redirect_to("topic", topic_id=comment.topic_id)
def get(self, post_id, comment_id):
post = Post.get_by_id(int(post_id), parent=blog_key())
comment = Comment.get_by_id(int(comment_id), parent=self.user.key())
if comment:
self.render("updatecomment.html",
subject=post.subject,
content=post.content,
comment=comment.comment)
else:
self.redirect('/commenterror')
def like_comment(id):
identity = get_jwt_identity()
user = User.get(username=identity)
comment = Comment.get_by_id(id)
if user:
comment_like = CommentLike(user=user.id,
comment=comment.id,
is_like=True)
if comment_like.save():
return jsonify({'message': 'success'})
else:
return jsonify({'message': 'failed'})
else:
return jsonify({'message': 'User Not Found'})
def get(self, id):
comment = Comment.get_by_id(int(id))
if(comment):
author_key = Comment.author.get_value_for_datastore(comment)
author = User.get(author_key)
values = {
"comment": comment,
"author": author,
}
path = "comment/reply.html"
self.render(path, values)
else:
raise GetpitchdError("Comment does not exist.")
def add_comment(post_id, comment_body, user, parent_id=None):
post = Post.get_by_id(post_id)
if parent_id is not None:
parent = Comment.get_by_id(parent_id).key
comment = Comment()
comment.add(
text=comment_body,
author=user,
post=post.key,
parent=None if parent_id is None else parent)
if post.num_comments is None:
post.num_comments = 0
post.num_comments += 1
post.put()
def post(self, id):
comment = Comment.get_by_id(int(id))
if(comment):
text = self.request.get("text")
if(text is not ""):
idea_key = Comment.idea.get_value_for_datastore(comment)
idea = Idea.get(idea_key)
reply = Comment(
idea = idea_key,
author = self.current_user.key(),
reply_to = comment.key(),
text = text,
)
reply.put()
idea.comments += 1
idea.put()
event = CommentReplyEvent(self.current_user, reply, comment)
values = {
"response" : "Reply sent",
"next":{
"content": "Back",
"url": "/idea/"+str(idea.key().id())
}
}
path = "feedback.html"
self.render(path, values)
else:
raise GetpitchdError("Comment text is empty")
else:
raise GetpitchdError("Comment does not exist.")
def get(self, comment_id):
user = users.get_current_user().nickname()
if user in ADMINS or user == Comment.get_by_id(int(comment_id)).author:
self.render_template("delete.html")
def delete_comment_by_id(id):
c = Comment.get_by_id(id)
if c:
c.delete()
def get_single_comment(comment_id):
comment = Comment.get_by_id(comment_id)
return comment
def edit_comment(comment_id, new_text):
comment = Comment.get_by_id(comment_id)
comment.comment_text = new_text
comment.put()
