def post(self, topic_id):
topic = Topic.get_by_id(int(topic_id))
user = users.get_current_user()
if topic.author_email == user.email() or users.is_current_user_admin():
topic.deleted = True
topic.put()
return self.redirect_to("main-page")
def get(self, topic_id):
csrf_token = str(uuid.uuid4())
memcache.add(key=csrf_token, value=True, time=600)
topic = Topic.get_by_id(int(topic_id))
comment = Comment.query(Comment.topic_id == topic.key.id()).order(
Comment.created).fetch()
params = {"topic": topic, "comment": comment, "csrf_token": csrf_token}
return self.render_template("topic_details.html", params=params)
def get(self, topic_id):
topic = Topic.get_by_id(int(topic_id))
comments = comments = Comment.query(Comment.topic_id == topic.key.id(),
Comment.deleted == False).order(
Comment.created).fetch()
csrf_token = str(uuid.uuid4()) # convert UUID to string
memcache.add(key=csrf_token, value=True, time=600)
params = {
"topic": topic,
"comments": comments,
"csrf_token": csrf_token
}
return self.render_template("topic_details.html", params=params)
def post(self, topic_id):
user = users.get_current_user()
time = datetime.datetime.now()
csrf_token = self.request.get("csrf_token")
mem_token = memcache.get(key=csrf_token)
if mem_token:
return self.write("Hacker at the doors")
comment = self.request.get("comment")
topic = Topic.get_by_id(int(topic_id))
new_comment = Comment(content=comment,
topic_id=topic.key.id(),
author_email=user.email(),
topic_title=topic.title,
created=time)
new_comment.put()
return self.redirect_to("topic-details", topic_id=topic.key.id())
def post(self, topic_id):
csrf_token = self.request.get("csrf_token")
mem_token = memcache.get(
key=csrf_token) # find if this CSRF exists in memcache
if not mem_token: # if token does not exist in memcache, write the following message
return self.write("Attack attempt detected...")
user = users.get_current_user()
if not user:
return self.write(
"Please login before you're allowed to post a topic.")
topic = Topic.get_by_id(int(topic_id))
text = self.request.get("comment")
Comment.create(content=text, user=user, topic=topic)
return self.redirect_to("topic_details", topic_id=topic.key.id())
def get(self, topic_id):
topic = Topic.get_by_id(int(topic_id))
# get comments
comments = (Comment.query(
Comment.topic_id == topic_id,
Comment.deleted == False).order(-Comment.create_time).fetch()
)
params = {
"topic": topic,
"comments": comments
}
user = users.get_current_user()
if user:
subscribed = Subscription.query(
Subscription.user_id == user.email(),
Subscription.topic_id == topic_id).fetch()
if subscribed:
params["subscribed"] = True
return self.render_template_with_csrf("topic_details.html", params)
def get(self, topic_id):
detail = Topic.get_by_id(int(topic_id))
params = {"details": detail}
return self.render_template("topic_podrobnosti.html", params=params)
def get(self, topic_id):
topic = Topic.get_by_id(int(topic_id))
params = {"topic": topic}
return self.render_template("topic_details.html", params=params)