def post(self): user_id = None commentId = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) commentId = self.request.get("commentId") comment = self.request.get("comment") postId = self.request.get("postId") q = BlogEntry.get_by_id(int(postId)) k = q.key() if user_id: commentId = int(commentId) comEntity = Comments.get_by_id(commentId, parent=k) if user_id == comEntity.author_id: q = BlogEntry.get_by_id(int(postId)) if q: k = q.key() c = Comments.get_by_id(int(commentId), parent=k) if c: c.comment = comment c.put() error = "" self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "You must be the author to edit the comment." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "You must be loggen in to edit the comment." self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def post(self): user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) postId = self.request.get("postId") # must be logged in if user_id: q = BlogEntry.get_by_id(int(postId)) title = q.title body = q.body created = q.created last_mod = q.last_mod author = q.author_id # ONLY AUTHOR CAN EDIT: check that user_id matches the AUTHOR if author == user_id: q = BlogEntry.get_by_id(int(postId)) q.delete() error = "Post deleted" self.redirect("/welcome?error=%s" % error) else: error = "Only the author can delete." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "Please signup and login to edit posts." self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def post(self, post_id): content = self.request.get("content") cookie = self.request.cookies.get('name') user = check_login(cookie) blog_post = BlogEntry.get_by_id(int(post_id)) comments = Comment.query(Comment.parent_post == post_id).fetch() if not user: self.redirect("/signup") elif content: comment = Comment(content=content, creator=user, parent_post=post_id) comment.put() self.redirect("/blog") # Could not figure out how to re-render the same page # while updating with the new post for some reason # so this is my work-around else: error = "You must include content" self.render("/permalink.html", blog_post=blog_post, post_id=post_id, comments=comments, content=content, error=error, user=user)
def get(self): user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) postId = self.request.get("postId") if user_id: q = BlogEntry.get_by_id(int(postId)) title = q.title body = q.body created = q.created last_mod = q.last_mod author = q.author_id logging.warning(author + " = " + user_id) # ONLY AUTHOR CAN EDIT: check that user_id matches the AUTHOR if author == user_id: self.render("delete.html", title=title, body=body, created=created, last_mod=last_mod, author=author, postId=postId) else: error = "Only the author can delete." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "Please signup and login to edit posts." self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def post(self): user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) postId = self.request.get("postId") if user_id: try: u = Users.get_by_id(int(user_id)) q = BlogEntry.get_by_id(int(postId)) except: pass if q: title = q.title body = q.body created = q.created last_mod = q.last_mod author = q.author_id k = q.key() try: comments = Comments.all().ancestor(k) except: pass # check again if user is the author.. if user_id == author: title = self.request.get("title") body = self.request.get("body") postId = self.request.get("postId") # if field is left empty if title == "": error = "You must enter a new title." self.redirect("/editpost?postId=%s&error=%s" % (postId, error)) if body == "": error = "You must enter new content." self.redirect("/editpost?postId=%s&error=%s" % (postId, error)) else: if q: q.title = title q.body = body q.put() error = "Updated post." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "error updating post" self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "You must be author to edit." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "Please signup and login to edit posts." self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def get(self, post_id): blog_post = BlogEntry.get_by_id(int(post_id)) comments = Comment.query(Comment.parent_post == post_id).fetch() user_name_cookie = self.request.cookies.get('name') user = check_login(user_name_cookie) if blog_post: self.render("permalink.html", blog_post=blog_post, post_id=post_id, comments=comments, user=user) else: self.error(404) return
def get(self, post_id): blog_post = BlogEntry.get_by_id(int(post_id)) if not blog_post: self.error(404) return user_name_cookie = self.request.cookies.get("name") user = check_login(user_name_cookie) if not user: self.redirect("/login") elif blog_post.creator != user: self.error(403) self.render("/blog.html", user=user, error="May only delete your own posts") else: blog_post.key.delete() self.render("/deleted.html")
def get(self): user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) # get the blog post id from the get request postId = self.request.get("postId") if user_id: q = BlogEntry.get_by_id(int(postId)) title = q.title body = q.body self.render("comment.html", title=title, body=body, postId=postId) else: error = "Please signup and login to edit comments." # if you are not logged in, you must sign up and login. self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def post(self, post_id): title = self.request.get("subject") content = self.request.get("content") cookie = self.request.cookies.get("name") user = check_login(cookie) if title and content and user: blog_post = BlogEntry.get_by_id(int(post_id)) blog_post.title = title blog_post.content = content blog_post.creator = user blog_post.put() self.redirect("/blog/%s" % post_id) else: error = "You must include both a title and content" self.render("/editpost.html", title=title, content=content, error=error)
def get(self, post_id): blog_post = BlogEntry.get_by_id(int(post_id)) if not blog_post: self.error(404) return title = blog_post.title content = blog_post.content user_name_cookie = self.request.cookies.get('name') user = check_login(user_name_cookie) if not user: self.error(401) self.redirect("/login") elif blog_post.creator != user: self.render("/blog.html", user=user, error="May only edit your own posts") else: self.render("/editpost.html", title=title, content=content)
def get(self): commentId = None user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) commentId = self.request.get("commentId") postId = self.request.get("postId") q = BlogEntry.get_by_id(int(postId)) k = q.key() # must be logged in if user_id: commentId = int(commentId) comment = Comments.get_by_id(commentId, parent=k) # must be the author to edit the comment if user_id == comment.author_id: c = Comments.get_by_id(commentId, parent=k) if c: comment = c.comment created = c.created author_id = c.author_id u = Users.get_by_id(int(author_id)) user_name = u.userName self.render("edit-comment.html", author=user_name, comment=comment, created=created, commentId=commentId, postId=postId) else: error = "error" self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "You must be the author to edit the comment." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "You must be loggen in to edit the comment." self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def get(self, post_id): blog_post = BlogEntry.get_by_id(int(post_id)) if not blog_post: self.error(404) return user_name_cookie = self.request.cookies.get("name") user = check_login(user_name_cookie) if not user: self.redirect("/login") elif blog_post.creator == user: self.error(403) self.render("/blog.html", user=user, error="Cannot like your own posts") elif user in blog_post.liked: self.render("/blog.html", user=user, error="May only like a post one time") else: blog_post.liked.append(user) blog_post.put() self.redirect("/blog/" + post_id)
def post(self): # AUTHENTICATE user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) u = Users.get_by_id(int(user_id)) user_name = u.userName if user_id: comment = None comment = self.request.get("comment") postId = self.request.get("postId") q = BlogEntry.get_by_id(int(postId)) if comment: if comment != "": c = Comments(parent=q, comment=comment, author_id=user_id, author_name=user_name) c.put() error = "Comment saved." self.redirect( "/focus?postId=%s&error=%s&user_name=%s" % (postId, error, user_name)) else: error = "Please add content for the comment or cancel." self.redirect( "/comment?postId=%s&error=%s&user_name=%s" % (postId, error, user_name)) else: error = "Please add a comment." # must include all the parameters below to preserve user # entered data self.redirect( "/comment?postId=%s&error=%s&user_name=%s" % (postId, error, user_name)) else: error = "Please signup and login to add a comment." self.redirect("/focus?postId=%s&error=%s&user_name=%s" % (postId, error, user_name))
def get(self): user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) postId = self.request.get("postId") if user_id: try: u = Users.get_by_id(int(user_id)) q = BlogEntry.get_by_id(int(postId)) except: pass if q: title = q.title body = q.body created = q.created last_mod = q.last_mod author = q.author_id k = q.key() try: comments = Comments.all().ancestor(k) except: pass # if user is the author then ok to edit if user_id == author: self.render("edit-post.html", body=body, title=title, postId=postId) else: error = "You must be author to edit." self.redirect("/focus?postId=%s&error=%s" % (postId, error)) else: error = "Please signup and login to edit posts." self.redirect("/focus?postId=%s&error=%s" % (postId, error))
def get(self): user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) if user_id: # get the logged in user try: u2 = Users.get_by_id(int(user_id)) except: pass if u2: # get the username NOT the id user_name = u2.userName postId = self.request.get("postId") error = self.request.get("error") q = None # querie BlogEntry for the blog entity filtered by title try: q = BlogEntry.get_by_id(int(postId)) title = q.title body = q.body created = q.created last_mod = q.last_mod author_id = q.author_id k = q.key() except: pass if q: # get the user who is the author of the blogpost try: u = Users.get_by_id(int(author_id)) except: pass if u: # get the authors username NOT id author = u.userName comments = None # get all comments for this blogpost try: comments = Comments.all().ancestor(k) except: pass # if there are no comments.... if not comments: commentError = "No comments" else: commentError = "" else: error = "Could not access the blog post." self.redirect("/welcome?error=%s" % error) # count likes in the database for display, all relevant likes are\ # ancestors of the blog post with title count = 0 likes = None try: likes = Likes.all().ancestor(k) except: pass if likes: # iterate through all likes for this post to count them for like in likes: if like.user_id: count += 1 self.render("focus.html", postId=postId, title=title, body=body, created=created, last_mod=last_mod, author=author, comments=comments, error=error, count=count, commentError=commentError, user_name=user_name) else: self.redirct("/login")
def post(self): def render_focus(title, body, created, last_mod, author, comments, count, error, postId, user_name): self.render("focus.html", title=title, body=body, created=created, last_mod=last_mod, author=author, comments=comments, count=count, error=error, postId=postId, user_name=user_name) postId = self.request.get("postId") user_id = None # AUTHENTICATE check for valid cookie user_id = auth(self.request.cookies.get('user_id')) # get the logged in user to get username if user_id: try: u = Users.get_by_id(int(user_id)) except: pass if u: user_name = u.userName # query for the usual blogPost entity properties try: q = BlogEntry.get_by_id(int(postId)) if q: title = q.title body = q.body created = q.created last_mod = q.last_mod author = u.userName author_id = q.author_id # k is the key to the blog post. k = q.key() except: pass try: # get all comments for for the blogpost - that means get # all comments who are ancestors of K (the blogpost). comments = Comments.all().ancestor(k) except: pass # check if user has already liked this post # all Likes have a user_id property which corresponds to the # User who LIKED the post, so query Likes filtered by user_id # to get ALL the likes for this user try: z = Likes.all().filter("user_id =", user_id) except: pass # then get the ONE (if theres is one) that is an ancestor # of the blog post if z: try: alreadyLiked = z.ancestor(k).get() except: pass # set flag default = go flag = "go" # if there are ZERO likes in the db, you'll get an error bc # the query gets nothing. To prevent the error, use try/except try: if alreadyLiked.user_id: flag = "nogo" except: pass # initialize the counter count = 0 # If the logged in user is the author then error if user_id == author_id: # repaint page likes = Likes.all().ancestor(k) count = 0 for like in likes: try: if like.user_id: count += 1 except: pass error = "You can't like your own posts." render_focus(title, body, created, last_mod, author, comments, count, error, postId, user_name) else: # if the logged in user has already liked this post then error if flag == "nogo": error = "Stop it....You already liked this post." likes = Likes.all().ancestor(k) count = 0 if likes: for like in likes: if like.user_id: count += 1 # repaint page render_focus(title, body, created, last_mod, author, comments, count, error, postId, user_name) else: # if tests are passed....record the LIKE; # record the userIDKEY in LIKES as a CHILD of the BLOGPOST # increment the like so it updates the display (not the db) # record like in the db - user_id is the only property and # it's ancestor is the blogpost k. try: l = Likes(parent=k, user_id=user_id) except: pass if l: l.put() error = "The Like was recorded." # count ALL the existing LIKES to update display \ # on VIEW post # filter by ancestor bc ALL likes are recorded as an \ # ancestor of ONE blogPost likes = Likes.all().ancestor(k) count = 0 if likes: for like in likes: if like.user_id: count += 1 # repaint page render_focus(title, body, created, last_mod, author, comments, count, error, postId, user_name) else: error = "Please signup and login to like a post." # if you are not logged in, you must sign up and login. self.redirect("/focus?postId=%s&error=%s" % (postId, error))