Exemple #1
0
    def post(self):
        user = users.get_current_user()

        if not user:
            return self.write("Please login before you're allowed to post a topic.")

        title = self.request.get("title")
        text = self.request.get("text")

        new_topic = Topic(title=title, content=text, author_email=user.email())
        new_topic.put()  # put() saves the object in Datastore

        return self.write("Topic successfully created!")
Exemple #2
0
    def post(self):
        email = users.get_current_user().email()
        # cgi disables option to post html or javascript in form fields
        title = cgi.escape(self.request.get("title"))
        content = cgi.escape(self.request.get("content"))

        # user_id can't be retrived from google.appengine.api
        new_topic = Topic(user_id=email, title=title, content=content)
        # save topic to database
        new_topic.put()

        new_topic_id = new_topic.key.id()

        return self.redirect_to("topic-details", topic_id=new_topic.key.id())
    def post(self):
        user = users.get_current_user()

        if not user:
            return self.write(
                "Please login before you're allowed to post a topic.")

        title = self.request.get("title")
        text = self.request.get("text")

        new_topic = Topic(title=title, content=text, author_email=user.email())
        new_topic.put()  # put() saves the object in Datastore

        return self.redirect_to("topic-details", topic_id=new_topic.key.id())
Exemple #4
0
    def post(self):
        user = users.get_current_user()

        csrf_token = self.request.get("csrf_token")
        mem_token = memcache.get(key=csrf_token)

        if not mem_token:
            return self.write("Hacker at the doors")

        title = self.request.get("title")
        text = self.request.get("text")

        new_topic = Topic(title=title, content=text, author_email=user.email())
        new_topic.put()

        return self.redirect_to("topic-details", topic_id=new_topic.key.id())
Exemple #5
0
    def test_topic_details_handler(self):
        # Create test topic
        title = "Some new topic"
        content = "This is a new topic. Just for testing purposes."

        topic = Topic(user_id=os.environ['USER_EMAIL'],
                      title=title,
                      content=content)
        topic.put()

        # GET
        topic = Topic.query().get()
        get = self.testapp.get('/topic/details/' + str(topic.key.id()))
        self.assertEqual(get.status_int, 200)
        self.assertEqual(topic.title, title)

        # POST
        # 1. POST test comment via '/topic/details/<topic_id>'
        csrf_token = str(uuid.uuid4())
        memcache.add(key=csrf_token, value=True, time=600)
        content = "This is a new comment. Just for testing purposes."

        params = {"content": content, "csrf_token": csrf_token}

        # topic_id is extracted from request when creating comment via TopicDetails handler
        # Comment.save_comment(topic_id, content)
        post = self.testapp.post('/topic/details/' + str(topic.key.id()),
                                 params)
        self.assertEqual(post.status_int, 302)

        comment = Comment.query().get()
        self.assertEqual(comment.content, content)

        # 2. POST test subscription via '/topic/details/<topic_id>'
        params = {"csrf_token": csrf_token}

        # topic_id is extracted from request when creating comment via TopicDetails handler
        # Subscription.save_comment(topic_id, user_id)
        post = self.testapp.post('/topic/details/' + str(topic.key.id()),
                                 params)
        self.assertEqual(post.status_int, 302)

        subscription = Subscription.query().get()
        self.assertEqual(subscription.user_id, os.environ['USER_EMAIL'])
Exemple #6
0
    def post(self):
        user = users.get_current_user()

        if not user:
            return self.write(
                "Please login before you're allowed to post a topic.")

        csrf_token = self.request.get("csrf_token")
        mem_token = memchace.get(key=csrf_token)

        if not mem_token:
            return self.write("You are evil attacker...")

        title = self.request.get("title")
        text = self.request.get("text")

        new_topic = Topic(title=title, content=text, author_email=user.email())
        new_topic.put()  # put() saves the object in Datastore

        return self.redirect_to("topic_details", topic_id=new_topic.key.id())
Exemple #7
0
    def test_topic_delete_handler(self):
        # Create test topic
        title = "Some new topic"
        content = "This is a new topic. Just for testing purposes."

        topic = Topic(user_id=os.environ['USER_EMAIL'],
                      title=title,
                      content=content)
        topic.put()

        # Delete test topic via '/topic/delete/<topic_id>'
        csrf_token = str(uuid.uuid4())
        memcache.add(key=csrf_token, value=True, time=600)
        topic = Topic.query().get()

        params = {"csrf_token": csrf_token}

        post = self.testapp.post('/topic/delete/' + str(topic.key.id()),
                                 params)
        self.assertEqual(post.status_int, 302)
        # check if topic.deleted field was set to True
        self.assertEqual(topic.deleted, True)