Exemple #1
0
    def post(self, topic_id):

        topic = Topic.get_by_id(int(topic_id))
        user = users.get_current_user()

        if topic.author_email == user.email() or users.is_current_user_admin():
            topic.deleted = True
            topic.put()

        return self.redirect_to("main-page")
Exemple #2
0
    def get(self, topic_id):
        csrf_token = str(uuid.uuid4())
        memcache.add(key=csrf_token, value=True, time=600)

        topic = Topic.get_by_id(int(topic_id))
        comment = Comment.query(Comment.topic_id == topic.key.id()).order(
            Comment.created).fetch()

        params = {"topic": topic, "comment": comment, "csrf_token": csrf_token}

        return self.render_template("topic_details.html", params=params)
Exemple #3
0
    def get(self, topic_id):
        topic = Topic.get_by_id(int(topic_id))
        comments = comments = Comment.query(Comment.topic_id == topic.key.id(),
                                            Comment.deleted == False).order(
                                                Comment.created).fetch()

        csrf_token = str(uuid.uuid4())  # convert UUID to string
        memcache.add(key=csrf_token, value=True, time=600)

        params = {
            "topic": topic,
            "comments": comments,
            "csrf_token": csrf_token
        }

        return self.render_template("topic_details.html", params=params)
Exemple #4
0
    def post(self, topic_id):
        user = users.get_current_user()
        time = datetime.datetime.now()

        csrf_token = self.request.get("csrf_token")
        mem_token = memcache.get(key=csrf_token)

        if mem_token:
            return self.write("Hacker at the doors")

        comment = self.request.get("comment")
        topic = Topic.get_by_id(int(topic_id))
        new_comment = Comment(content=comment,
                              topic_id=topic.key.id(),
                              author_email=user.email(),
                              topic_title=topic.title,
                              created=time)
        new_comment.put()

        return self.redirect_to("topic-details", topic_id=topic.key.id())
Exemple #5
0
    def post(self, topic_id):
        csrf_token = self.request.get("csrf_token")
        mem_token = memcache.get(
            key=csrf_token)  # find if this CSRF exists in memcache

        if not mem_token:  # if token does not exist in memcache, write the following message
            return self.write("Attack attempt detected...")

        user = users.get_current_user()

        if not user:
            return self.write(
                "Please login before you're allowed to post a topic.")

        topic = Topic.get_by_id(int(topic_id))
        text = self.request.get("comment")

        Comment.create(content=text, user=user, topic=topic)

        return self.redirect_to("topic_details", topic_id=topic.key.id())
Exemple #6
0
    def get(self, topic_id):
        topic = Topic.get_by_id(int(topic_id))
        # get comments
        comments = (Comment.query(
            Comment.topic_id == topic_id,
            Comment.deleted == False).order(-Comment.create_time).fetch()
        )

        params = {
            "topic": topic,
            "comments": comments
        }

        user = users.get_current_user()
        if user:
            subscribed = Subscription.query(
                Subscription.user_id == user.email(),
                Subscription.topic_id == topic_id).fetch()
            if subscribed:
                params["subscribed"] = True

        return self.render_template_with_csrf("topic_details.html", params)
Exemple #7
0
    def get(self, topic_id):
        detail = Topic.get_by_id(int(topic_id))
        params = {"details": detail}

        return self.render_template("topic_podrobnosti.html", params=params)
Exemple #8
0
    def get(self, topic_id):
        topic = Topic.get_by_id(int(topic_id))

        params = {"topic": topic}

        return self.render_template("topic_details.html", params=params)