def create_comment(post_id):
comment_raw = request.get_json(force=True)
comment_cleaned, error = parse_validate_comment_raw(comment_raw)
if error:
return error_response(HTTP_400_BAD_REQUEST, error)
for_user_id = comment_cleaned['user_id']
post = Post.query.get(post_id)
if not post:
return error_response(HTTP_404_NOT_FOUND, 'Post does not exist')
for ban in post.banned_users:
if ban.user_id == for_user_id:
return error_response(
HTTP_403_FORBIDDEN,
'This user is not allowed to create comments')
comment = Comment(body=comment_cleaned['body'],
user_id=for_user_id,
post_id=post_id)
db.session.add(comment)
try:
db.session.commit()
db.session.flush()
except IntegrityError:
return error_response(HTTP_400_BAD_REQUEST,
'Post does not belong this user')
return success_response(HTTP_201_CREATED, {
'id': comment.id,
'pub_date': comment.pub_date
})
def create_ban(user_id, post_id):
user = User.query.get(user_id)
if not user:
return error_response(HTTP_404_NOT_FOUND, 'User does not exist')
post = Post.query.get(post_id)
if not post:
return error_response(HTTP_404_NOT_FOUND, 'Post does not exist')
ban_raw = request.get_json(force=True)
ban_cleaned, error = parse_validate_ban_raw(ban_raw)
if error:
return error_response(HTTP_400_BAD_REQUEST, error)
for_user_id = ban_cleaned['user_id']
for_user = User.query.get(for_user_id)
if not for_user:
return error_response(HTTP_404_NOT_FOUND, 'User does not exist')
ban = BanForComment.query.filter(
BanForComment.post_id == post_id,
BanForComment.user_id == for_user_id
).first()
if ban:
return error_response(HTTP_400_BAD_REQUEST, 'Ban for this user and post already exists')
else:
ban = BanForComment(post_id=post_id, user_id=for_user_id)
db.session.add(ban)
try:
db.session.commit()
db.session.flush()
except IntegrityError:
return error_response(HTTP_400_BAD_REQUEST, 'Post or user does not exist')
return success_response(HTTP_201_CREATED, {'id': ban.id,
'user_id': ban.user_id,
'post_id': ban.post_id})
def get_comments(post_id):
query = Comment.query.filter(Comment.post_id == post_id)
sort_arg = request.args.get('sort')
if sort_arg == 'pub_date':
query = query.order_by(Comment.pub_date)
elif sort_arg == '-pub_date':
query = query.order_by(Comment.pub_date.desc())
comments = [{
'id': comment.id,
'body': comment.body,
'pub_date': comment.pub_date,
} for comment in query.all()]
return success_response(HTTP_200_OK, comments)
def get_user_posts(user_id):
query = Post.query.filter(Post.user_id == user_id)
sort_arg = request.args.get('sort')
if sort_arg == 'pub_date':
query = query.order_by(Post.pub_date)
elif sort_arg == '-pub_date':
query = query.order_by(Post.pub_date.desc())
posts_res = [{
'id': post.id,
'title': post.title,
'body': post.body,
'pub_date': post.pub_date,
'tags': [t.name for t in post.tags],
} for post in query.all()]
return success_response(HTTP_200_OK, posts_res)
def create_user():
user_raw = request.get_json(force=True)
user_cleaned, error = parse_validate_user_raw(user_raw)
if error:
return error_response(HTTP_400_BAD_REQUEST, error)
user = User(username=user_cleaned['username'])
db.session.add(user)
try:
db.session.commit()
db.session.flush()
except IntegrityError:
return error_response(HTTP_400_BAD_REQUEST, 'User already exists')
return success_response(HTTP_201_CREATED, {
'id': user.id,
'username': user.username
})
def delete_ban(user_id, post_id, ban_id):
user = User.query.get(user_id)
if not user:
return error_response(HTTP_404_NOT_FOUND, 'User does not exist')
post = Post.query.get(post_id)
if not post:
return error_response(HTTP_404_NOT_FOUND, 'Post does not exist')
ban = BanForComment.query.get(ban_id)
if not ban:
return error_response(HTTP_404_NOT_FOUND, 'Ban does not exist')
else:
db.session.delete(ban)
try:
db.session.commit()
except IntegrityError:
return error_response(HTTP_400_BAD_REQUEST, 'Already deleted')
return success_response(HTTP_200_OK)
def create_post(user_id):
user = User.query.get(user_id)
if not user:
return error_response(HTTP_404_NOT_FOUND, 'User does not exist')
post_raw = request.get_json(force=True)
post_cleaned, error = parse_validate_post(post_raw)
if error:
return error_response(HTTP_400_BAD_REQUEST, error)
tags = []
tags_name = post_cleaned['tags']
for name in tags_name:
tag = Tag.query.filter(Tag.name == name).first()
if not tag:
# create tag
db.session.add(Tag(name=name))
try:
db.session.commit()
except IntegrityError:
# tag already exists
db.session.rollback()
finally:
tag = Tag.query.filter(Tag.name == name).first()
if tag:
tags.append(tag)
post = Post(title=post_cleaned['title'],
body=post_cleaned['body'],
user_id=user_id,
tags=tags)
db.session.add(post)
try:
db.session.commit()
db.session.flush()
except IntegrityError:
return error_response(HTTP_400_BAD_REQUEST, 'Could not create post')
return success_response(
HTTP_201_CREATED, {
'id': post.id,
'pub_date': post.pub_date,
'title': post.title,
'tags': [t.name for t in post.tags]
})
def search():
tags_arg = request.args.get('tags')
if tags_arg:
tags_name = tags_arg.split(',')
for tag in tags_name:
if not contains_only_letters_and_numbers(tag):
return error_response(HTTP_400_BAD_REQUEST, 'Bad param `tags`')
else:
tags_name = []
date_beg_arg = request.args.get('date_begin')
date_end_arg = request.args.get('date_end')
title_arg = request.args.get('title')
if not tags_arg and not date_beg_arg and not date_end_arg and not title_arg:
return success_response(HTTP_200_OK, [])
if not tags_arg:
sql_search_template = """
SELECT p.id, p.title, p.body, p.pub_date
FROM post p
WHERE
{search_date_begin}
AND {search_date_end}
AND {search_title}
"""
sql_search = sql_search_template.format(
search_date_begin='p.pub_date >= :date_begin'
if date_beg_arg else 1,
search_date_end='p.pub_date <= :date_end' if date_end_arg else 1,
search_title='p.title LIKE :title' if title_arg else 1)
else:
# Поиск в том числе по тегам
sql_search_template = """
WITH cte_tags as (
select t.id
from tag t
where t.name IN ({search_tags})
)
SELECT DISTINCT p.id, p.title, p.body, p.pub_date
FROM post p
join tag_post tp ON p.id = tp.post_id
join cte_tags c ON tp.tag_id = c.id
WHERE
{search_date_begin}
AND {search_date_end}
AND {search_title}
"""
sql_search = sql_search_template.format(
search_tags=str(tags_name)[1:-1],
search_date_begin='p.pub_date >= :date_begin'
if date_beg_arg else 1,
search_date_end='p.pub_date <= :date_end' if date_end_arg else 1,
search_title='p.title LIKE :title' if title_arg else 1)
stmt = text(sql_search)
conn = db.engine.connect()
args = {}
if title_arg:
args['title'] = '%' + title_arg + '%'
if date_beg_arg:
args['date_begin'] = date_beg_arg
if date_end_arg:
args['date_end'] = date_end_arg
cursor = conn.execute(stmt, **args)
res = []
for rec in cursor:
post_id, post_title, post_body, post_pub_date = rec
res.append({
'id': post_id,
'title': post_title,
'body': post_body,
'pub_date': post_pub_date
})
return success_response(HTTP_200_OK, res)
