def post(self, comment_id): text = self.request.get('comment-text') params = dict(comment_text=text) comment = Comment.get_by_id(int(comment_id)) if not comment: return self.abort(404, "No comment associated with request") post_id = comment.post.id() params['post_id'] = post_id if text: comment.content = text comment.put() self.redirect_to_uri("permalink", post_id=post_id) else: params['comment_error'] = "Comment cannot be empty" self.render_page(**params)
def make_comment_change(self, comment_id, edit, delete): """Checks permissions and allows to edit/delete comment""" if edit and delete: log_request(self, "Request with edit & delete comment") return self.abort(400, "Edit and delete simultaneosly forbidden") if not self.user: return self.redirect_to_uri("signup") comment = Comment.get_by_id(int(comment_id)) if not comment: return self.abort(404, "No comment associated with request") key = comment.key if comment.user.id() == self.user.key.id(): if edit: return self.redirect_to_uri("comment_edit", comment_id=key.id()) elif delete: comment.key.delete() return self.redirect_to_uri("permalink", post_id=comment.post.id()) log_request(self, "User tried to change comment of another user") return self.abort(403, "You cannot change other user comments")
def get(self, comment_id): comment = Comment.get_by_id(int(comment_id)) if not comment: return self.abort(404, "No comment associated with request") self.render_page(post_id=comment.post.id(), content=comment.content)