def comment(recipe_id=None): if recipe_id != None and 'comment_text' in request.form and len(request.form['comment_text'].strip()) > 0: Comment.create_comment(g.current_user, recipe_id, request.form['comment_text'].strip()) comment = Comment.load_last_comment(recipe_id) return render_template('comment.html', comment=comment) else: return ''
def post(self, topic_id): content = cgi.escape(self.request.get("content")) topic = Topic.get_by_id(int(topic_id)) Comment.create_comment(topic_id, content) return self.redirect_to("topic-details", topic_id=topic.key.id())
def post(self, topic_id): csrf_token = self.request.get('csrf-token') if not memcache.get(csrf_token): return self.write("CSRF NAPAD") text = cgi.escape(self.request.get('text')) Comment.create_comment(topic_id, text) return self.redirect('/')
def post(self, topic_id): # Check if an user is logged in user = CustomUser.get_current_user(self) if not user or not user.is_active: return self.write("Please login before you're allowed to post a comment.") # Escape the comment, strip whitespace comment_content = cgi.escape(self.request.get("comment_content")).strip() # Check if comment is empty if comment_content == "": return self.write("Please fill out all fields.") # Validate CSRF token if not CSRF.validate_token(self.request.get('csrf_token')): return self.write("CSRF fail") # Create new comment Comment.create_comment(user=user, topic_id=int(topic_id), comment_content=comment_content) # Redirect back to current topic return self.redirect("/topic/view/" + str(topic_id))
def test_add_comment_1(self): """ Test create_comment: user and event exists, comment length good """ user = "******" content = "this is a comment" event_id = self.event_id time = datetime.strptime("2020-01-01 12:12:30", "%Y-%m-%d %H:%M:%S") comment = Comment(user=user, content=content, comment_time=time, event=event_id) comment_id = Comment.create_comment(comment) comments = Comment.get_comment_by_event(event_id) self.assertEqual(len(comments), 1) self.assertIn(comment_id, comments[0].comment_id) Comment.delete_comment(comment_id)
def test_delete_comment_1(self): """ Test delete_comment: comment exists """ user = "******" event_id = self.event_id content = "this is a comment" time = datetime.strptime("2020-01-01 12:12:30", "%Y-%m-%d %H:%M:%S") comment = Comment(user=user, content=content, comment_time=time, event=event_id) comment_id = Comment.create_comment(comment) comments = Comment.get_comment_by_event(event_id) self.assertEqual(len(comments), 1) Comment.delete_comment(comment_id) comments = Comment.get_comment_by_event(event_id) self.assertEqual(len(comments), 0)