def post(self): suggestion = Suggestion(title=self.request.get('title'), content=self.request.get('content')) suggestion.put() self.response.out.write( self._render_template('thank_you.html') )
def post(self): action = cgi.escape(self.request.get('action')) if action == 'add_suggestion': restaurant = cgi.escape(self.request.get('restaurant')) if restaurant == '': self.error(400) return sug = Suggestion(restaurant=db.get(restaurant), author=self.currentuser, group=self.currentgroup) sug.put() self.currentuser.lastposted = date.today() self.currentuser.put() notify_suggestion(sug) elif action == "remove_suggestion": suggestion = cgi.escape(self.request.get('suggestion')) suggestion = db.get(suggestion) if suggestion.author.user == self.currentuser.user: suggestion.delete() else: logging.error('user: %s tried to delete suggestion he doesn\'t own' % self.currentuser.nickname) elif action == "add_comment": text = cgi.escape(self.request.get('text')) suggestion = db.get(cgi.escape(self.request.get('suggestion'))) post_comment(text, self.currentuser, suggestion) elif action == "remove_comment": comment = cgi.escape(self.request.get('comment')) comment = db.get(comment) if comment.author.user == self.currentuser.user: comment.delete() else: logging.error('user: %s tried to delete comment he doesn\'t own' % self.currentuser.nickname) else: self.error(400) return self.get()