def vote(cls, question_id, user_email, score, **__): assert -1 <= score <= 1, "vote must be -1, 0 or 1" question = Question.get(question_id, user_email) assert question, "no question found that user has permission to access" vote = Question._update_vote(question_id, user_email, score) new_score = question['score'] + vote['delta'] new_upvotes = question['upvotes'] new_downvotes = question['downvotes'] if vote['delta'] == -2: new_upvotes -= 1 new_downvotes += 1 elif vote['delta'] == -1: new_downvotes += 1 elif vote['delta'] == 1: new_upvotes += 1 elif vote['delta'] == 2: new_upvotes += 1 new_downvotes -= 1 question_command = DB.questions.update( ).where( DB.questions.columns.id == question_id ).values( score=new_score, upvotes=new_upvotes, downvotes=new_downvotes ).returning(*DB.questions.columns) return r2d( DB.ex( question_command ).fetchone() )
def _update_vote(cls, question_id, user_email, score): vote_clause = ( (DB.question_votes.columns.q_id == question_id) & (DB.question_votes.columns.user_email == user_email) ) vote = r2d(DB.ex(DB.question_votes.select(vote_clause)).fetchone()) if vote: prev_score = vote.get("score", 0) vote_command = DB.question_votes.update( ).where( vote_clause ).values( score=score ) else: prev_score = 0 vote_command = DB.question_votes.insert(dict( q_id=question_id, user_email=user_email, score=score, )) DB.ex(vote_command) return { "prev_vote_score": prev_score, "new_vote_score": score, "delta": score - prev_score, }
def get(cls, question_id, user_email, **__): question = r2d(DB.ex(DB.questions.select( DB.questions.columns.id == question_id )).fetchone()) event = Event.get(question['e_id'], user_email) assert event, "this should be unreachable since Event.get throws a PermissionError" return Question._flag_filter(question)
def flag(cls, question_id, comment_id, user_email, comment, **__): comment = Comment.get(question_id, comment_id, user_email) comment_command = DB.comments.update().where( (DB.comments.columns.q_id == question_id) & (DB.comments.columns.id == comment_id)).values( flagged=True, flag_note=[comment]).returning(*DB.comments.columns) return r2d(DB.ex(comment_command).fetchone())
def get(cls, user_email, **__): assert "@" in user_email, "%s is not a valid email" % (user_email, ) get_query = DB.users.select(DB.users.columns.u_email == user_email) user = DB.ex(get_query).fetchone() user_domain = user.domain if user else user_email.split("@")[-1] user_domain = _DOMAIN_MAPS.get(user_domain, user_domain) if user: to_ret = r2d(user) to_ret['domain'] = user_domain return to_ret insert_command = DB.users.insert({ "u_email": user_email, "domain": user_domain, "info": {}, }) DB.ex(insert_command) to_ret = r2d(DB.ex(get_query).fetchone()) return to_ret
def lookup(cls, event_lookup_id, user_email=None, override_auth=False): query = DB.events.select( DB.events.columns.lookup_id==event_lookup_id ) event = DB.ex(query).fetchone() if not override_auth: if event.domain != User.get(user_email)['domain']: raise PermissionError("No event found in the set of events user has access to") return r2d(event)
def vote(cls, question_id, comment_id, user_email, score, **__): assert -1 <= score <= 1, "vote must be -1, 0 or 1" comment = Comment.get(question_id, comment_id, user_email) vote = Comment._update_vote(question_id, comment_id, user_email, score) new_score = comment['score'] + vote['delta'] comment_command = DB.comments.update().where( (DB.comments.columns.q_id == question_id) & (DB.comments.columns.id == comment_id)).values( score=new_score).returning(*DB.comments.columns) return r2d(DB.ex(comment_command).fetchone())
def get(cls, event_id, user_email, **__): user = User.get(user_email) query = DB.events.select( (DB.events.columns.id==event_id) & (DB.events.columns.domain==user['domain']) ) event = DB.ex(query).fetchone() if not event: raise PermissionError("No event found in the set of events user has access to") return r2d(event)
def get(cls, domain, user_email, **__): user = User.get(user_email) user_domain = _DOMAIN_MAPS.get(user['domain'], user['domain']) if user_domain != domain: raise PermissionError("%s does not have a %s email" % (user_email, domain)) org = DB.ex( DB.orgs.select(DB.orgs.columns.domain == domain)).fetchone() assert org, "There is no org for the @" + user[ 'domain'] + " domain yet! Are you signed in with your work account?" return r2d(org)
def create(cls, event_lookup_id, content, **__): event = Event.lookup(event_lookup_id, override_auth=True) command = DB.questions.insert(dict( e_id=event['id'], flagged=False, flag_note=[], content=content, score=0, upvotes=0, downvotes=0, comment_count=0, )).returning(*DB.questions.columns) return r2d(DB.ex(command).fetchone())
def create(cls, title, user_email, description=None, **__): title = title user = User.get(user_email) org = Org.get(user['domain'], user_email) unique_hash = "".join("%02x"%ord(b) for b in secrets.token_bytes(16)) new_event = dict( owner_email=user_email, domain=user['domain'], lookup_id=unique_hash, moderators=list(set(org['moderators'] + [user_email])), title=title, description=description or title, ) command = DB.events.insert(new_event).returning(*DB.events.columns) return r2d(DB.ex(command).fetchone())
def _flag_filter(cls, comment): comment = r2d(comment) or {} if comment.get("flagged", False): comment[ "content"] = "(this comment has been flagged as inappropriate and is being reviewed)" return comment
def get(cls, question_id, comment_id, user_email, **__): Question.get(question_id, user_email) # forces a permission check comment_command = DB.comments.select( (DB.comments.columns.id == comment_id) & (DB.comments.columns.q_id == question_id)) return r2d(DB.ex(comment_command).fetchone())
def _flag_filter(cls, question): question = r2d(question) or {} if question.get("flagged", False): question["content"] = "(this question has been flagged as inappropriate and is being reviewed)" return question