def post(self, user_id: int):
"""
Add a post
1. User must be logged in to create a post
2. Your title should have between 10 and 70 characters
3. Your body should have between 40 and 500 characters
4. Duplicate posts will not be created
"""
check_id_availability(self, user_id, users_list, str(User.__name__))
if current_user.id != user_id:
users_ns.abort(403)
title, body = extract_post_data(self, str(self.post.__name__))
for a_post in posts_list:
if a_post.title == title and a_post.body == body:
users_ns.abort(400, 'post already exists')
post = current_user.create_post(title, body)
output = generate_post_output(self, post, 'post')
response = self.api.make_response(output, 201)
response.headers['location'] = url_for(
self.api.endpoint('users_single_user_single_post'),
user_id=post.user_id,
post_id=post.id)
return response
def delete(self, user_id: int, post_id: int):
"""
Delete a post
1. User needs to be logged in
2. This deletes the post whose ID is specified on the url
3. This process is irreversible
"""
check_id_availability(self, user_id, users_list, str(User.__name__))
this_post = check_id_availability(self, post_id, posts_list,
str(Post.__name__))
if current_user.id != user_id:
users_ns.abort(403)
for post in posts_list:
if post.user_id == user_id and post.id == post_id:
this_post = post
break
else:
users_ns.abort(400, 'the requested user does not own this post')
try:
current_user.delete_post(this_post)
except AssertionError as a:
users_ns.abort(400, a.args[0])
response = self.api.make_response(None, 204)
return response
def get(self, user_id: int):
"""
View all posts from a single user
"""
check_id_availability(self, user_id, users_list, str(User.__name__))
my_posts_list, my_posts_list_output = self.my_posts(user_id)
return dict(posts=my_posts_list_output)
def get(self, user_id: int, post_id: int):
"""
View a single post from a specific user
"""
check_id_availability(self, user_id, users_list, str(User.__name__))
check_id_availability(self, post_id, posts_list, str(Post.__name__))
for post in posts_list:
if post.user_id == user_id and post.id == post_id:
return redirect(self.api.url_for(SinglePost, post_id=post_id))
else:
users_ns.abort(400, 'the requested user does not own this post')
def patch(self, user_id: int, post_id: int):
"""
Modify a post
1. User should be logged in.
2. Your title should have between 10 and 70 characters
3. Your body should have between 40 and 500 characters
4. Duplicate posts will not be created
"""
check_id_availability(self, user_id, users_list, str(User.__name__))
this_post = check_id_availability(self, post_id, posts_list,
str(Post.__name__))
if current_user.id != user_id:
users_ns.abort(403)
for post in posts_list:
if post.user_id == user_id and post.id == post_id:
this_post = post
break
else:
users_ns.abort(400, 'the requested user does not own this post')
title, body = extract_post_data(self, str(self.patch.__name__))
for post in posts_list:
if post.title == title and post.body == body:
users_ns.abort(400, 'a similar post exists')
if body and body == post.body:
users_ns.abort(400, 'a similar post exists')
if title:
this_post = patch_post(self, (
'title',
title,
), current_user, this_post)
if body:
this_post = patch_post(self, (
'body',
body,
), current_user, this_post)
response = self.api.make_response(
generate_post_output(self, this_post, str(self.patch.__name__)),
200)
response.headers['location'] = self.api.url_for(SingleUserSinglePost,
user_id=user_id,
post_id=post_id)
return response
def get(self, user_id: int):
"""
View a single user
"""
return dict(user=safe_user_output(
self,
check_id_availability(self, user_id, users_list, str(
User.__name__))))
def delete(self, user_id: int):
"""
Batch delete all user's posts
1. User must be logged in to delete all their posts
2. This deletes all posts that a user has created
3. This process os of course irreversible
"""
check_id_availability(self, user_id, users_list, str(User.__name__))
if current_user.id != user_id:
users_ns.abort(403)
my_posts_list, my_posts_list_output = self.my_posts(user_id)
for a_post in my_posts_list:
try:
current_user.delete_post(a_post)
except AssertionError as a:
users_ns.abort(400, a.args[0])
return None, 204
def delete(self, user_id: int):
"""
Delete a user account
1. This deletes a user account. However it does not delete their posts.
Their posts remain and would no longer be editable or deletable.
2. The user must be logged into their account in order for them to delete it.
3. After deletion, the user will be logged out
4. If the user re-registers, a new ID will be given to them, hence they are unable to access their previous posts
5. This process is indeed irreversible
"""
if current_user.id != user_id:
users_ns.abort(403)
this_user = check_id_availability(self, user_id, users_list,
str(User.__name__))
users_list.remove(this_user)
return redirect(self.api.url_for(Logout), 204)
def get(self, post_id: int):
"""
View a single post
"""
return dict(post=safe_post_output(self, check_id_availability(self, post_id, posts_list, 'post')))