def get(self, gid, pid):
user = request.authorization # this gives dict
uid = User.objects.get(username=user['username']) # this gives user object
group = Group.objects.get(id=gid)
post = Post.objects.get(id=pid)
if gid in post.group_id:
if post.approval:
comments = Comment.objects(post_id=pid).to_json()
return Response(comments, mimetype="application/json", status=200)
else:
return "You do not have the required access", 200
def get(self, cid, gid):
user = request.authorization
uid = User.objects.get(username=user['username'])
uid = str(uid.id)
try:
group = Group.objects.get(id=gid)
if uid in group.role_dict:
comment = Comment.objects(id=cid).to_json()
return Response(comment,
mimetype="application/json",
status=200)
else:
return "You are not member of the group", 500
except:
return "Invalid group or comment id", 500
def delete(self, gid, cid):
user = request.authorization # this gives dict
uid = User.objects.get(
username=user['username']) # this gives user object
user_id = str(uid.id) # this gives the user id in string format
comment = Comment.objects.get(id=cid)
group = Group.objects.get(id=gid)
try:
role = group.role_dict[user_id]
comments = Comment.objects(user_id=user_id)
if comment in comments or role == A or role == MD:
comment.delete()
return "Comment deleted", 200
else:
return "You don't have the permission required", 200
except:
return "You ain't a member of the group", 200
