def delete(self, todo_item_id, *args, **kwargs):
todo_item = TodoItem.get_todo_item_by_id(todo_item_id)
if not todo_item:
return self.error(MESSAGES[404], status_code=404)
todo_item.deleted_at = generate_timestamp()
db_session.add(todo_item)
db_session.commit()
return self.data(todo_item.to_dict())
def delete(self, post_id, *args, **kwargs):
post = Post.find_post_by_id(post_id)
if not post:
return self.error(MESSAGES[404], status_code=404)
post.deleted_at = generate_timestamp()
db_session.add(post)
db_session.commit()
return self.data(post.to_dict())
def put(self, post_id, *args, **kwargs):
post = Post.find_post_by_id(post_id)
if not post:
return self.error(MESSAGES[404], status_code=404)
if post.user.id != self.current_user.id:
return self.error(MESSAGES[403], status_code=403)
data = self.get_json_body()
post.title = data.get("title", "")
post.content = data.get("content", "")
post.update_count += 1
db_session.add(post)
db_session.commit()
return self.data(post.to_dict())
def put(self, todo_id, *args, **kwargs):
todo = Todo.get_todo_by_id(todo_id)
if not todo:
return self.error(MESSAGES[404], status_code=404)
if todo.user_id != self.current_user.id:
return self.error(MESSAGES[403], status_code=403)
content = self.get_json_body().get("content")
if not content:
return self.error(MESSAGES[400], status_code=400)
todo_item = TodoItem(content=content)
todo_item.todo = todo
db_session.add(todo_item)
db_session.commit()
return self.data(todo.to_dict())
def post(self, *args, **kwargs):
data = self.get_json_body()
date = data.get("date")
if not date:
return self.error(MESSAGES[400], status_code=400)
todo = Todo()
todo.user = self.current_user
try:
todo.date = datetime.strptime(date, "%Y%m%d").date()
except ValueError as e:
return self.error(MESSAGES[400], status_code=400)
db_session.add(todo)
db_session.commit()
return self.data(todo.to_dict())
def post(self, *args, **kwargs):
data = self.get_json_body()
title = data.get("title")
content = data.get("content")
post_type = data.get("post_type", Post.POST)
if not title or not content:
return self.error(MESSAGES[400], status_code=400)
post = Post()
post.user_id = self.current_user.id
post.title = title
post.content = content
post.post_type = post_type
db_session.add(post)
db_session.commit()
return self.data(post.to_dict())
def get(self, post_id, *args, **kwargs):
post = Post.find_post_by_id(post_id)
if post.deleted_at != 0 and not self.is_admin():
return self.error(MESSAGES[403], status_code=403)
if not user_visit_auth.visit_auth_check(self, post.user.id):
return self.error(MESSAGES[403], status_code=403)
if not post:
return self.error(MESSAGES[404], status_code=404)
if post.post_type == Post.DIARY and post.user_id != self.current_user.id:
return self.error(MESSAGES[403], status_code=403)
db_session.execute(
"UPDATE post SET read_count = read_count + 1 WHERE id = :post_id;",
{"post_id": post_id})
db_session.commit()
return self.data(post.to_dict())
def delete(self, user_id, *args, **kwargs):
"""
TODO 删除一个用户需要删除其 posts, todos, todo_items
TODO 都是软删除,即将deleted_at置为当前时间戳
:param user_id:
:param args:
:param kwargs:
:return:
"""
query_user = User.find_by_id(user_id)
if not query_user:
return self.error(MESSAGES[404], status_code=404)
db_session.query(User).update({User.deleted_at: generate_timestamp()})
db_session.commit()
return self.data(query_user.to_dict())
def put(self, todo_item_id, *args, **kwargs):
todo_item = TodoItem.get_todo_item_by_id(todo_item_id)
if not todo_item:
return self.error(MESSAGES[404], status_code=404)
if self.current_user.id != todo_item.todo.user_id:
return self.error(MESSAGES[403], status_code=403)
data = self.get_json_body()
status = data.get("status", 0)
if status not in (TodoItem.STATUS_CREATED, TodoItem.STATUS_FINISHED):
return self.error(MESSAGES[400], status_code=400)
content = data.get("content")
if not content:
return self.error(MESSAGES[400], status_code=400)
todo_item.status = status
todo_item.content = content
db_session.add(todo_item)
db_session.commit()
return self.data(todo_item.to_dict())
def put(self, user_id, *args, **kwargs):
query_user = User.find_by_id(user_id)
if not query_user:
return self.error(MESSAGES[404], status_code=404)
data = self.get_json_body()
password = data.pop("password")
if password:
query_user.set_password(password)
try:
for key, value in data.items():
if hasattr(query_user, key):
setattr(query_user, key, value)
db_session.add(query_user)
db_session.commit()
except Exception as e:
logging.exception(e)
return self.error(str(e), status_code=400)
return self.data(query_user.to_dict())
def post(self, *args, **kwargs):
data = self.get_json_body()
username = data.get("username")
password = data.pop("password")
password2 = data.pop("password2")
if not (username and password and password2) or password != password2:
self.error(MESSAGES[400], status_code=400)
user = User.find_by_name(username)
if user is not None:
return self.error("Bad username", status_code=400)
try:
new_user = User(**data)
new_user.set_password(password)
db_session.add(new_user)
db_session.commit()
except Exception as e:
logging.exception(e)
return self.error(str(e), status_code=400)
return self.data(new_user.to_dict())
def on_finish(self):
db_session.commit()
