def get(self, topic_id): topic = Topic.get_by_id(int(topic_id)) comments = Comment.filter_by_topic(int(topic_id)).order( Comment.created).fetch() logged_user = users.get_current_user() is_subscribed = logged_user and topic.author_email == logged_user.email( ) if logged_user and not is_subscribed: # check if user asked to be subscribed is_subscribed = TopicSubscription.is_user_subscribed( logged_user, topic) context = { "topic": topic, "comments": comments, "can_delete": users.is_current_user_admin() or (logged_user and topic.author_email == logged_user.email()), "is_subscribed": is_subscribed, "user": logged_user, } return self.render_template("topic_details.html", params=context, generate_csrf_token=True)
def post(self, topic_id): logged_user = users.get_current_user() topic = Topic.get_by_id(int(topic_id)) if topic.author_email == logged_user.email( ) or users.is_current_user_admin(): topic.deleted = True else: return self.response.write( 'only the topic author or Ninja Tech Forum admin can delete the topic!' ) topic.delete() comments = Comment.filter_by_topic(int(topic_id)).fetch() for comment in comments: comment.delete() return self.redirect_to("main-page")
def post(self, comment_id): logged_user = users.get_current_user() comment = Comment.get_by_id(int(comment_id)) if comment.author_email == logged_user.email( ) or users.is_current_user_admin(): comment.deleted = True else: return self.response.write( 'only the topic author or Ninja Tech Forum admin can delete the comment!' ) comment.delete() comments = Comment.filter_by_topic(int(comment_id)).fetch() for comment in comments: comment.delete() return self.redirect_to("comment-delete", comment_id=comment.key.id())
def get(self, topic_id): is_authorized = False is_admin = users.is_current_user_admin() logged_user = users.get_current_user() if not logged_user: return self.write('Error\nYou must login to see this topic.') user_email = normalize_email(logged_user.email()) int_topic_id = int(topic_id) topic = Topic.get_by_id(int_topic_id) is_same_author = topic.author_email == user_email if is_same_author or is_admin: is_authorized = True is_subscribed = logged_user and is_same_author if logged_user and not is_subscribed: # check if user asked to be subscribed is_subscribed = TopicSubscription.is_user_subscribed( logged_user, topic) query = Comment.filter_by_topic(topic) comments = query.order(Comment.created).fetch() context = { 'topic': topic, 'comments': comments, 'can_make_changes': is_authorized, 'is_subscribed': is_subscribed, 'flash_message': self.request.get('flash_message'), 'flash_class': self.request.get('flash_class'), } return self.render_template_with_csrf('topic_details.html', params=context)
def post(self, topic_id): logged_user = users.get_current_user() if not logged_user: return self.write( "Please login before you're allowed to delete a topic.") topic = Topic.get_by_id(int(topic_id)) is_admin = users.is_current_user_admin() is_author = topic.author_email == logged_user.email() if not is_admin and not is_author: return self.write( "Only topic author or admin user can delete a Topic") topic.delete() comments = Comment.filter_by_topic(int(topic_id)).fetch() for comment in comments: comment.delete() return self.redirect_to("main-page")