def check_post(post_id, username) -> bool: """ :param post_id: id поста :param username: username текущего пользователя :return: является ли пользователь автором поста (bool) """ if post_id is None or username is None: return False id_user = db_session.query(User).filter_by( username=username).first().id if db_session.query(Posts).filter_by( id=post_id).first().author_id == id_user: return True return False
def check_comment(comment_id, username) -> bool: """ :param comment_id: id коммента :param username: username текущего пользователя :return: является ли пользователь автором комментария (bool) """ if comment_id is None or username is None: return False id_user = db_session.query(User).filter_by( username=username).first().id if db_session.query(Comments).filter_by( id=comment_id).first().author_id == id_user: return True return False
def delete_list(id): data = db_session.query(List).get(id) for task in data.tasks: db_session.delete(task) db_session.delete(data) db_session.commit() return redirect(url_for('home'))
def get(self, *args, **kwargs): """ :return: Все комментарии """ # добаить фильтрацию по посту или юзеру return jsonify(self.comment_serialize( db_session.query(Comments).all()))
def update_list(): form = ListForm(request.form) if request.method == 'POST': list = db_session.query(List).get(request.form.get('id')) list.name = form.name.data db_session.add(task) db_session.commit() return redirect(url_for('home'))
def home(): list = db_session.query(List).all() list_form = ListForm(request.form) task_form = TaskForm(request.form) return render_template("public/home.html", list=list, list_form=list_form, task_form=task_form)
def delete_task(id): print("Delete method called as get") if request.method == 'POST': print("Delete Task Post Method") data = db_session.query(Task).get(id) print("Deleting ", data) db_session.delete(data) db_session.commit() return redirect(url_for('home'))
class TaskForm(FlaskForm): id = HiddenField('id') subject = StringField('Subject', validators=[DataRequired()]) description = StringField('Description') status = BooleanField('Completed', default=False) assigned_to = StringField('Assign to') list = QuerySelectField(query_factory=lambda: db_session.query(List).all(), allow_blank=False, get_label='name') submit = SubmitField('Submit')
def delete(self, *args, **kwargs): """ :return: ошибку или подтверждение о удалении комментария QueryString параметры - comment_id """ comment_id = int(request.args.get('comment_id', None)) if self.check_comment(comment_id, auth.username()): data = db_session.query(Comments).filter_by(id=comment_id).first() db_session.delete(data) db_session.commit() return {'delete': 'True'}, 200 return {'error': 'permission denied'}, 404
def update_task(): form = TaskForm(request.form) if request.method == 'POST': task = db_session.query(Task).get(request.form.get('id')) task.subject = form.subject.data task.description = form.description.data task.assigned_to = form.assigned_to.data task.status = form.status.data print(task) db_session.add(task) db_session.commit() return redirect(url_for('home'))
def check_data(self, *args, **kwargs): """ :return: Ошибку или готовые данные - майл и имя пользователя Проверяет валидность майла и имя пользователя """ email, us = request.args.get('email', None), request.args.get('username', None) if None in [email, us]: return {'error': 'null email or username'}, None if validate_email(email): if db_session.query(User).filter_by(email=email).first(): return { 'error': 'user with such mail is already registered' }, None else: return {'error': 'invalid email address'}, None if db_session.query(User).filter_by(username=us).first(): return None, { 'error': 'user with such username is already registered' } return email, us
def verify_password(username, password): """ :param username: имя пользователя :param password: пароль пользователя :return: есть такой пользователь или нет (bool) проверка авторизации пользователя (используется Basic Auth) """ us = db_session.query(User).filter_by(username=username).first() if us and check_password_hash(us.password, password): print(username, password) return True return False
def put(self, *args, **kwargs): """ :return: ошибку или подтверждение о изменении комментария QueryString параметры - comment_id, title, content """ comment_id = int(request.args.get('comment_id', None)) title = request.args.get('title', None) content = request.args.get('content', None) if self.check_post(comment_id, auth.username()) and None not in [title, content]: data = db_session.query(Comments).filter_by(id=comment_id).first() data.title = title data.content = content db_session.commit() return {'update_data': 'True'}, 200 return {'error': 'permission denied'}, 404
def post(self, *args, **kwargs): """ :return: Ошибку или подтверждение добавления поста QueryString параметры - title, content """ author_id = db_session.query(User).filter_by( username=auth.username()).first().id title = request.args.get('title', None) content = request.args.get('content', None) if author_id is None: return {'error': 'authorisation error'}, 404 if None in [title, content]: return { 'error': 'title and content should not have null values' }, 404 p = Posts(author_id, title, content) db_session.add(p) db_session.commit() return {'post_create': 'True'}, 200
def post(self, *args, **kwargs): """ :return: ошибку или подтверждение создания комментария QueryString параметры - post_id, title, content """ post_id = int(request.args.get('post_id', None)) author_id = db_session.query(User).filter_by( username=auth.username()).first().id title = request.args.get('title', None) content = request.args.get('content', None) if post_id is None: return {'error': 'post not found'}, 404 if author_id is None: return {'error': 'authorisation error'}, 404 if None in [title, content]: return { 'error': 'title and content should not have null values' }, 404 p = Comments(post_id, author_id, title, content) db_session.add(p) db_session.commit() return {'comment_create': 'True'}, 200
def view_tasks(): list = db_session.query(List).all() print(list) tasks = db_session.query(Task).order_by(Task.date_created.asc()) form = TaskForm(request.form) return render_template("public/viewTasks.html", tasks=tasks, form=form)
def get(self, *args, **kwargs): """ :return: Все посты из БД """ # добавить сортировку по юзеру return jsonify(self.post_serialize(db_session.query(Posts).all()))