def delete(request): weibo_id = int(request.query['id']) weibo = Weibo.find_by(id=weibo_id) weibo.delete_weibo_comment() d = dict(message="成功删除 weibo") return json_response(d)
def comment_add(): log('添加评论') form = request.get_json() u = current_user() w = Weibo.find_by(id=int(form['weibo_id'])) c = Comment.add(form, u.id, u.username, w.id) # log('c---', c) return jsonify(c.json())
def replsce_weibo(request): """ 通过下面这样的链接来删除一个 weibo /edit?id=1 """ weibo_id = int(request.query.get('id')) model = Weibo.find_by(id=weibo_id) return json_response(model.json())
def index(request): weibo_id = int(request.query['id']) w = Weibo.find_by(id=weibo_id) log('api_comment_w', w) cs = w.comments() # 注意这里返回的不是cs对象,而是cs的数据,所以要进行转换。 log('api_comment_cs', cs) cs = [c.json() for c in cs] return json_response(cs)
def update(request): user = current_user(request) form = request.form() weibo = Weibo.find_by(id=int(form.get('id', None))) if user.id != weibo.user_id: return redirect('/login') weibo.content = form.get('content') weibo.save() return redirect('/weibo/index?user_id={}'.format(user.id))
def edit(request): """ 更新 weibo 的主页, 前往路径为 /weibo/edit?user_id=1 """ weibo_id = int(request.query.get('id', -1)) weibo = Weibo.find_by(id=weibo_id) # 找到 user 发布的所有 weibo body = j_template('weibo_edit.html', weibo=weibo) return http_response(body)
def comment_add(request): u = current_user(request) form = request.json() w = Weibo.find_by(id=int(form['weibo_id'])) comment = Comment.add(form, u.id, w.id) comment.username = u.username log('comment add', comment) return json_response(comment.json())
def comment_add(request): u = current_user(request) form = request.form() weibo = Weibo.find_by(id=int(form['weibo_id'])) user_id = weibo.user_id c = Comment(form) c.user_id = u.id c.weibo_id = weibo.id c.save() return redirect('/weibo/index?user_id={}'.format(user_id))
def f(request): u = current_user(request) if 'id' in request.query: weibo_id = request.query['id'] else: weibo_id = request.json()['id'] w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function(request) else: result = dict(message="fail") return json_response(result)
def f(request): log('comment_owner_required') u = current_user(request) comment = request.json() w = Weibo.find_by(id=int(comment['weibo_id'])) c = Comment.find_by(id=int(comment['id'])) if u.id != w.user_id and u.id != c.user_id: d = dict(message="无权操作") return json_response(d) else: log('评论更新', route_function) return route_function(request)
def comment_delete(request): u = current_user(request) comment_id = int(request.query.get('id', -1)) comment = Comment.find_by(id=comment_id) weibo = Weibo.find_by(id=comment.weibo_id) # 若当前用户为 comment 作者 或 相应的微博作者,允许删除 if u.id in (comment.user_id, weibo.user_id): comment.delete(comment.id) return redirect('/weibo/index?user_id={}'.format(u.id)) # 否则直接重定向到当前用户微博页面 else: return redirect('/weibo/index?user_id={}'.format(u.id))
def comment_add(request): u = current_user(request) form = request.form() weibo = Weibo.find_by(id=int(form['weibo_id'])) c = Comment(form) c.user_id = u.id c.weibo_id = weibo.id c.save() log('comment add', c, u, form) return redirect('/weibo/index')
def f(request): log('same_user_required') u = current_user(request) if 'id' in request.query: weibo_id = request.query['id'] else: weibo_id = request.form()['id'] w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function(request) else: return redirect('/weibo/index')
def f(request): log('weibo_update_required') u = current_user(request) weibo = request.json() w = Weibo.find_by(id=int(weibo['id'])) if u.id != w.user_id: d = dict( message="无权操作" ) return json_response(d) else: log('weibo更新', route_function) return route_function(request)
def f(): log('same_user_required') u = current_user() if 'id' in request.args: weibo_id = request.args['id'] else: weibo_id = request.get_json()['id'] w = Weibo.find_by(id=int(weibo_id)) log(weibo_id, u.id, w.user_id) if w.user_id == u.id: return route_function() else: return redirect(url_for('weibo.index'))
def f(request): log('weibo_owner_required') u = current_user(request) if 'id' in request.query: weibo_id = request.query['id'] else: weibo_id = request.json()['id'] w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function(request) else: return error(request)
def f(): log('same_user_required') u = current_user() if 'id' in request.args: weibo_id = request.args['id'] else: weibo_id = request.get_json()['id'] w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function() else: d = dict(message="用户无权限") return jsonify(d)
def f(request): u = current_user(request) if 'id' in request.query: weibo_id = request.query['id'] else: weibo_id = request.json()['id'] log('what weibo_id', weibo_id) w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function(request) else: d = dict(message="403") return json_response(d)
def f(request): u = current_user(request) if 'id' in request.query: weibo_id = request.query['id'] else: weibo_id = request.json()['id'] w = Weibo.find_by(id=int(weibo_id)) error = {} if w.user_id == u.id: return route_function(request) else: error['error_message'] = "权限不足:不是此微博用户" return json_response(error)
def f(): log('same_user_required') u = current_user() if 'id' in request.args: comment_id = request.args['id'] else: comment_id = request.get_json()['id'] c = Comment.find_by(id=int(comment_id)) w = Weibo.find_by(id=int(c.weibo_id)) log(comment_id, u.id, c.user_id) if c.user_id == u.id or w.user_id == u.id: return route_function() else: return redirect(url_for('weibo.index'))
def f(request): log('weibo_owner_required') u = current_user(request) id_key = 'weibo_id' if id_key in request.query: weibo_id = request.query[id_key] else: weibo_id = request.form()[id_key] w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function(request) else: return redirect('/weibo/index')
def f(request): # 从请求中获取comment和weibo的id form = request.form() if 'wid' in request.query and 'cid' in request.query: w_id = request.query['wid'] c_id = request.query['cid'] elif 'wid' in form and 'cid' in form: w_id = form['wid'] c_id = form['cid'] else: return redirect('/weibo/index') # 根据id找到对应的weibo和comment w = Weibo.find_by(id=int(w_id)) c = Weibo.find_by(id=int(c_id)) # 比较当前用户的id是否和comment或weibo的user id一致 # 如果一致,说明当前用户有权限 u = current_user(request) if w.user_id == u.id or c.user_id == u.id: return route_function(request) else: return redirect('/weibo/index')
def f(request): log('same_user_required_update') u = current_user(request) if 'id' in request.query: comment_id = request.query['id'] else: comment_id = request.form()['id'] c = Comment.find_by(id=int(comment_id)) w = Weibo.find_by(id=c.weibo_id) # comment的拥有者或者comment所属weibo的发布者可删 if u.id in [c.user_id, w.user_id]: return route_function(request) else: return redirect('/weibo/index')
def f(): u = current_user() if 'id' in request.args: comment_id = request.args['id'] else: comment_id = request.get_json()['id'] c = Comment.find_by(id=int(comment_id)) w = Weibo.find_by(id=c.weibo_id) if c.user_id == u.id: return route_function() elif w.user_id == u.id: return route_function() else: d = dict(message="用户无权限") return jsonify(d)
def comment_add(request): u = current_user(request) form = request.json() log('api comment_add form', form) w = Weibo.find_by(id=int(form['weibo_id'])) c = Comment(form) c.user_id = u.id c.weibo_id = w.id c.save() c = c.json() # 在comment数据里加上评论用户名 c['username'] = u.username return json_response(c)
def f(request): log('weibo_owner_required') u = current_user(request) if 'id' in request.query: weibo_id = int(request.query['id']) else: form = request.json() weibo_id = int(form['id']) t = Weibo.find_by(id=weibo_id) if t.user_id == u.id: return route_function(request) else: d = dict(message="还想改别人的微博?") return json_response(d)
def f(request): u = current_user(request) if 'id' in request.query: weibo_id = request.query['id'] else: # weibo_id = request.form()['id'] form = request.json() weibo_id = form['id'] w = Weibo.find_by(id=int(weibo_id)) if w.user_id == u.id: return route_function(request) else: d = dict(message="权限不足") return json_response(d)
def f(request): u = current_user(request) if 'id' in request.query: comment_id = request.query['id'] else: comment_id = request.json()['id'] c = Comment.find_by(id=int(comment_id)) weibo_id = c.weibo_id w = Weibo.find_by(id=int(weibo_id)) if c.user_id == u.id or w.user_id == u.id: return route_function(request) else: d = dict(message="403") return json_response(d)
def f(): if 'id' in request.args: log('if true', request.args) comment_id = int(request.args['id']) else: log('if false') form: dict = request.json comment_id = int(form.get('id')) u = current_user() c = Comment.find_by(id=comment_id) w = Weibo.find_by(id=c.weibo_id) if c.user_id == u.id or w.user_id == u.id: return route_function() else: d = dict(remove=False, message="权限不足") return jsonify(d)
def f(request): if 'id' in request.query: weibo_id = int(request.query['id']) else: form = request.json() weibo_id = int(form['id']) weibo = Weibo.find_by(id=weibo_id) u = current_user(request) if u.id == weibo.user_id: return api_function(request) else: d = dict( status=410, message="权限不足,请求无法执行", ) return json_response(d)