def post(self): comment_id = self.request.get('comment_id') comment_txt = self.request.get('comment') comment = Comment.get_by_id(int(comment_id)) comment.comment = comment_txt comment.put() self.redirect('/blog/%s' % comment.post.key().id())
def delete(id): image = request.form.get('image') comment = Comment.get_by_id(id) comment.delete_instance() flash('Your comment has been removed', 'info') return redirect(url_for('images.show', id=image))
def post(self, comment_id): comment = Comment.get_by_id(int(comment_id)) user = users.get_current_user() if comment.author_email == user.email() or users.is_current_user_admin(): comment.deleted = True comment.put() return self.redirect_to("topic-details", topic_id=comment.topic_id)
def post(self, comment_id): """Edit comment. If content is empty, just return. If logged out user attempt to access, redirect to login page. Args: comment_id (str): Comment's id to edit. """ comment = Comment.get_by_id(int(comment_id)) if not (comment and self.user.key().id() == comment.user.key().id()): return self.redirect('/blog') content = self.request.get('content-%s' % comment_id) if content: comment.content = content comment.put() # Delay for DB processing. time.sleep(0.1) return self.redirect('/blog/%s' % comment.post.key().id()) else: return self.redirect('/blog/%s' % comment.post.key().id())
def is_comment_author(self, comment_id): current_comment = Comment.get_by_id(int(comment_id)) if (current_comment.user_email == self.str_email): return True else: return False
def comment_edit(comment_id): comment = Comment.get_by_id(comment_id=comment_id) # get current user session_token = request.cookies.get("session_token") user = User.get_by_session_token(session_token=session_token) # check if user logged in & if user is author if not user: return redirect(url_for('auth.login')) elif comment.author_id != user._id: return "You can only edit your own comments!" # GET request if request.method == "GET": csrf_token = set_csrf_token(username=user.username) return render_template("comment/comment_edit.html", comment=comment, csrf_token=csrf_token) # POST request elif request.method == "POST": text = request.form.get("text") # check CSRF tokens csrf = request.form.get("csrf") redis_csrf = get_csrf_token(username=user.username) # if they match, allow user to edit the comment if csrf and csrf == redis_csrf: Comment.edit_comment(comment_id=comment_id, updates_dict={"text": text}) return redirect(url_for('topic.topic_details', topic_id=comment.topic_id)) else: return "CSRF error: tokens don't match!"
def post(self, comment_id): user = users.get_current_user() comment = Comment.get_by_id(int(comment_id)) if users.is_current_user_admin() or user.email() == comment.user_email: Comment.delete(comment) return self.redirect_to("main-page")
def post(self, comment_id): comment = Comment.get_by_id(int(comment_id)) comment.content = self.request.get("content") comment.updated = datetime.datetime.now() comment.updated_by = users.get_current_user().nickname() comment.put() self.redirect("/topic/" + str(comment.the_topic_id))
def wrapper(self, post_id, post): comment_id = self.request.get('comment_id') comment = Comment.get_by_id(int(comment_id), parent=comment_key()) if comment and post: return function(self, post_id, post, comment) else: self.error(404) return
def delete_post_comment(comment_id): comment = Comment.get_by_id(comment_id) origin_post = comment.post.get() origin_post.num_comments -= 1 origin_post.put() #will now display [deleted] to keep comment chain intact comment.partial_delete() return origin_post.key.id()
def get(self, post_id, comment_id): post = Post.get_by_id(int(post_id), parent=blog_key()) comment = Comment.get_by_id(int(comment_id), parent=self.user.key()) if comment.parent().key().id() == self.user.key().id(): comment.delete() self.redirect('/blog/%s' % str(post_id)) else: self.redirect('/commenterror')
def post(self, comment_id): comment = Comment.get_by_id(int(comment_id)) user = users.get_current_user() if comment.author_email == user.email() or users.is_current_user_admin( ): Comment.delete(comment) return self.write("Comment deleted successfully.")
def get(self, post_id, comment_id): # Checking to make sure current user has permission c = Comment.get_by_id(int(comment_id)) if not self.get_username(): self.redirect('/%s' % post_id) elif not c or not (self.get_username() == c.username): self.redirect('/%s' % post_id) else: self.render('edit_comment.html', comment=c, error='')
def post(self, comment_id): """ Destroy comment delete comment completely from datastore """ comment = Comment.get_by_id(int(comment_id)) user = User.logged_in_user() if User.is_admin(user): Comment.destroy(comment) return self.redirect_to("deleted-comments-list") else: return self.render_template("error.html", params={"message": ADMIN_ACCESS})
def post(self, comment_id): """ comment reload hahdler only by admin """ comment = Comment.get_by_id(int(comment_id)) user = User.logged_in_user() if User.is_admin(user): Comment.reload(comment) return self.redirect_to('topic-details', topic_id=int(comment.topic_id)) else: return self.render_template("error.html", params={"message": ADMIN_RELOAD})
def get(self): if self.authenticated(): comment_id = self.request.get('comment_id') comment = Comment.get_by_id(int(comment_id)) if comment.commenter.username == self.user.username: self.render("edit_comment.html",comment = comment) else: self.render_homepage("You can not edit others comment !") else: self.login_redirect()
def post(self, comment_id): comment = Comment.get_by_id(int(comment_id)) comment.deleted = True comment.put() topic = Topic.get_by_id(comment.the_topic_id) topic.num_comments -= 1 topic.put() self.redirect("/topic/" + str(comment.the_topic_id))
def post(self, post_id, comment_id): comment = Comment.get_by_id(int(comment_id), parent=self.user.key()) if comment.parent().key().id() == self.user.key().id(): comment.comment = self.request.get('comment') comment.put() else: if not comment: self.write("This comment no longer exists") self.redirect('/blog/%s' % str(post_id))
def post(self, comment_id): current_comment = Comment.get_by_id(int(comment_id)) current_comment.deleted = True current_comment.put() topic_id = current_comment.topic_id if is_local(): time.sleep(0.1) return self.redirect_to("topic-details", topic_id=int(topic_id))
def post(self): user = User.get_by_id(int(self.user.key.id()), parent=users_key()) #delete all associated posts p_query = Post.query(Post.author == self.user.key) if p_query: for p in p_query: Post.get_by_id(int(p.key.id()), parent=blog_key()).key.delete() #delete all associated comments c_query = Comment.query(Comment.comment_author == self.user.key) if c_query: for c in c_query: Comment.get_by_id(int(c.key.id()), parent=comment_key()).key.delete() # delete user user.key.delete() self.redirect('/login')
def post(self, comment_id): """ soft delete for comments only by author or admin """ comment = Comment.get_by_id(int(comment_id)) user = User.logged_in_user() if User.is_admin(user) or User.is_author(user, comment): Comment.delete(comment) return self.redirect_to("topic-details", topic_id=comment.topic_id) else: return self.render_template("error.html", params={"message": COMMENT_AUTHOR})
def get(self, post_id, comment_id): # Check user permissions comment = Comment.get_by_id(int(comment_id)) if not comment: self.redirect('/%s' % post_id) elif comment.username != self.get_username(): self.redirect('/login') # Delete the comment if everything checks out else: db.delete(comment) self.redirect('/%s' % post_id)
def post(self, comment_id): """ Edit comment by author or forum administrator """ commment = Comment.get_by_id(int(comment_id)) user = User.logged_in_user() if User.is_admin(user) or User.is_author(user, commment): content = self.request.get("content") Comment.update(commment, content) return self.redirect_to("topic-details", topic_id=int(commment.topic_id)) else: return self.render_template("error.html", params={"message": COMMENT_AUTHOR})
def post(self, comment_id): user = users.get_current_user() comment = Comment.get_by_id(int(comment_id)) if comment.author_email == user.email() or users.is_current_user_admin( ): content = self.request.get("content") comment.content = content comment.put() return self.redirect_to("topic-details", topic_id=comment.topic_id)
def post(self): comment_id = self.request.get('comment_id') comment = Comment.get_by_id(int(comment_id)) if self.authenticated(): if comment.commenter.username == self.user.username: comment.delete() else: self.render_homepage("You cant delete others comment") self.redirect('/blog/%s' % comment.post.key().id()) else: self.login_redirect()
def get(self, comment_id): user = users.get_current_user() comment = Comment.get_by_id(int(comment_id)) if user.nickname() in ADMINS or user.nickname() == comment.author: args = {} args["comment_content"] = comment.content self.base_args(user, args) self.render_template("edit-comment.html", args) else: self.redirect("/topic/" + str(comment.the_topic_id))
def delete(id): comment = Comment.get_by_id(id) if comment.delete_instance(recursive=True): return jsonify({ 'message': "comment deleted" }), 200 else: return jsonify({'message': "delete comment failed"}), 400
def get(self, comment_id): comment = Comment.get_by_id(int(comment_id)) topic = Topic.get_by_id(comment.topic_id) context = { "comment": comment, "topic": topic, } return self.render_template_with_csrf("list_comment.html", params=context)
def get(self, post_id, comment_id): comment = Comment.get_by_id(int(comment_id)) if comment and self.user: if comment.user.name == self.user.name: db.delete(comment) time.sleep(0.1) self.redirect('/post/%s' % str(post_id)) else: self.write("To delete a comment you must be the author") else: self.write("This comment no longer exists")
def get(self, comment_id): comment = Comment.get_by_id(int(comment_id)) topic = Topic.get_by_id(comment.topic_id) context = { "comment": comment, "topic": topic, } return self.render_template("comment_delete.html", params=context, generate_csrf_token=True)
def post(self, comment_id): comment = Comment.get_by_id(int(comment_id)) topic = Topic.query(Topic.title == comment.topic_title).get() user = users.get_current_user() if user.email() == comment.author_email or users.is_current_user_admin( ): Comment.delete_comment(comment=comment) Topic.comment_sum_minus_one(topic=topic) return self.redirect_to("topic", topic_id=comment.topic_id)
def get(self, post_id, comment_id): post = Post.get_by_id(int(post_id), parent=blog_key()) comment = Comment.get_by_id(int(comment_id), parent=self.user.key()) if comment: self.render("updatecomment.html", subject=post.subject, content=post.content, comment=comment.comment) else: self.redirect('/commenterror')
def like_comment(id): identity = get_jwt_identity() user = User.get(username=identity) comment = Comment.get_by_id(id) if user: comment_like = CommentLike(user=user.id, comment=comment.id, is_like=True) if comment_like.save(): return jsonify({'message': 'success'}) else: return jsonify({'message': 'failed'}) else: return jsonify({'message': 'User Not Found'})
def get(self, id): comment = Comment.get_by_id(int(id)) if(comment): author_key = Comment.author.get_value_for_datastore(comment) author = User.get(author_key) values = { "comment": comment, "author": author, } path = "comment/reply.html" self.render(path, values) else: raise GetpitchdError("Comment does not exist.")
def add_comment(post_id, comment_body, user, parent_id=None): post = Post.get_by_id(post_id) if parent_id is not None: parent = Comment.get_by_id(parent_id).key comment = Comment() comment.add( text=comment_body, author=user, post=post.key, parent=None if parent_id is None else parent) if post.num_comments is None: post.num_comments = 0 post.num_comments += 1 post.put()
def post(self, id): comment = Comment.get_by_id(int(id)) if(comment): text = self.request.get("text") if(text is not ""): idea_key = Comment.idea.get_value_for_datastore(comment) idea = Idea.get(idea_key) reply = Comment( idea = idea_key, author = self.current_user.key(), reply_to = comment.key(), text = text, ) reply.put() idea.comments += 1 idea.put() event = CommentReplyEvent(self.current_user, reply, comment) values = { "response" : "Reply sent", "next":{ "content": "Back", "url": "/idea/"+str(idea.key().id()) } } path = "feedback.html" self.render(path, values) else: raise GetpitchdError("Comment text is empty") else: raise GetpitchdError("Comment does not exist.")
def get(self, comment_id): user = users.get_current_user().nickname() if user in ADMINS or user == Comment.get_by_id(int(comment_id)).author: self.render_template("delete.html")
def delete_comment_by_id(id): c = Comment.get_by_id(id) if c: c.delete()
def get_single_comment(comment_id): comment = Comment.get_by_id(comment_id) return comment
def edit_comment(comment_id, new_text): comment = Comment.get_by_id(comment_id) comment.comment_text = new_text comment.put()