def get_post(id): if users.is_current_user_admin(): asked_post = BlogPost.get(id) return jsonify(asked_post.to_json()) # dangerous else: return jsonify({})
def edit_post(id): form = PostForm() if users.is_current_user_admin() and form.validate_on_submit(): try: tags = Tags() categories = Categories() updating_post = BlogPost.get(int(id)) title = request.json['title'] body = request.json['body'] raw_category = request.json['category'] editing_tags = request.json['tags'] raw_summary = request.json['summary'] tags_keys = tags.update(editing_tags, updating_post) category_key = categories.update(raw_category, updating_post.category) updating_post.edit(title, body, datetime.now(), tags_keys, category_key, raw_summary, raw_answers=request.json['answers']) except AttributeError: abort(500) return jsonify(updating_post.to_json()) # dangerous
def edit_post(id): form = PostForm() if users.is_current_user_admin() and form.validate_on_submit(): tags = Tags() categories = Categories() updating_post = BlogPost.get(int(id)) title = request.json['title'] body = request.json['body'] raw_category = request.json['category'] editing_tags = request.json['tags'] raw_summary = request.json['summary'] tags_keys = tags.update(editing_tags, updating_post) category_key = categories.update(raw_category, updating_post.category) updating_post.edit(title, body, datetime.now(), tags_keys, category_key, raw_summary, raw_answers=request.json['answers']) return jsonify(updating_post.to_json()) # dangerous
def get_post(id): if users.is_current_user_admin(): asked_post = BlogPost.get(id) return jsonify(asked_post.to_json()) # dangerous else: return jsonify({})
def delete_post(post_id): if authenticate(): try: post = BlogPost.get(BlogPost.id == post_id) return render_template('blog/delete.html',post=post) except BlogPost.DoesNotExist: return redirect(url_for('blog')) else: flash('Not authorized to do that') return redirect(url_for('blog'))
def delete_post_images(id, filename): """get images from a post with id""" if users.is_current_user_admin(): asked_post = BlogPost.get(id) if filename == '': flash('No selected file') abort(500) if file and allowed_file(filename): image_filename = secure_filename(filename) asked_post.delete_blob_from_post(image_filename) return jsonify(msg="file deleted")
def main(): if users.is_current_user_admin(): if request.method == 'GET': #all entitites posts = Posts() return jsonify(posts.to_json()) elif request.method == "POST": form = PostForm() if form.validate_on_submit(): #new entity posts = Posts() categories = Categories() tags = Tags() raw_post = request.get_json() raw_category = raw_post["category"] editing_tags = raw_post["tags"] raw_summary = raw_post["summary"] tag_keys = tags.update(editing_tags) category_key = categories.update(raw_category) post_id = posts.add(raw_title=raw_post["title"], raw_body=raw_post["body"], category_key=category_key, tags_ids=tag_keys, summary=raw_summary, answers=raw_post["answers"]).id() post = BlogPost.get(post_id) if "images" in raw_post.keys() and raw_post["images"]: for img in raw_post["images"]: image_base64 = img["url"].split("base64,")[-1] mime_type = img["url"].split("base64,")[0].replace( 'data:', '').replace(';', '') image_filename = img["filename"].split("\\")[-1] if allowed_file(image_filename): image_filename = secure_filename(image_filename) post.add_blob(base64.b64decode(image_base64), image_filename, mime_type) return jsonify(post.to_json()) # Needs check else: return jsonify(msg="missing token") else: return jsonify({})
def delete_post(id): if users.is_current_user_admin(): posts = Posts() tags = Tags() categories = Categories() updating_post = BlogPost.get(int(id)) categories.delete(updating_post.category) posts.delete(updating_post.key) tags.update([]) return jsonify(msg="OK")
def delete_post(id): if users.is_current_user_admin(): posts = Posts() tags = Tags() categories = Categories() updating_post = BlogPost.get(int(id)) categories.delete(updating_post.category) posts.delete(updating_post.key) tags.update(updating_post.get_tag_names()) return jsonify(msg="OK")
def get_post_images(id): """get images from a post with id""" if users.is_current_user_admin(): asked_post = BlogPost.get(id) if 'image' not in request.files: abort(500) file = request.files['image'] if file.filename == '': flash('No selected file') abort(500) if file and allowed_file(file.filename): image_filename = secure_filename(file.filename) mime_type = file.content_type image_key = asked_post.add_blob(file.read(), image_filename, mime_type) return jsonify(image_key=image_key)
def main(): if users.is_current_user_admin(): if request.method=='GET': #all entitites posts = Posts() return jsonify(posts.to_json()) elif request.method == "POST": form = PostForm() if form.validate_on_submit(): #new entity posts = Posts() categories = Categories() tags = Tags() raw_post = request.get_json() raw_category = raw_post["category"] editing_tags = raw_post["tags"] raw_summary = raw_post["summary"] tag_keys = tags.update(editing_tags) category_key = categories.update(raw_category) post_id = posts.add(raw_title=raw_post["title"], raw_body=raw_post["body"], category_key=category_key, tags_ids=tag_keys, summary=raw_summary, answers=raw_post["answers"]).id() post = BlogPost.get(post_id) return jsonify(post.to_json()) # Needs check else: return jsonify(msg="missing token") else: return jsonify({})
def single_post(post_id): if request.method == "POST" and request.form and request.form['_method']: if authenticate(): if request.form['_method'] == "PUT" or request.form['_method'] == "PATCH": post = request.form error = False title = request.form['title'].strip() if request.form['title'] != None else None if title: if re.search("^[ a-zA-Z0-9\,\?\!]+$", title) == None: flash('Invalid characters detected in title') error = True else: flash('Title cannot be empty') error = True content = request.form['content'].strip() if content: regex = re.compile('^[ a-zA-Z0-9\.\?\,\!\"\(\)]+$', re.MULTILINE) content = content.replace("\r","") num_matches = len(regex.findall(content)) num_lines = len(list(filter(remove_blanks,content.split("\n")))) if num_matches != num_lines: flash('Invalid characters detected in article body') error = True if not error: try: q = BlogPost.update( title=request.form['title'], content=request.form['content'] ).where(BlogPost.id == post_id) q.execute() except IntegrityError: flash('That title is already taken') error = True except BlogPost.DoesNotExist: return redirect(url_for('blog')) else: flash('Article body cannot be empty') error = True if error: return render_template('blog/edit.html', post=post) else: return redirect(url_for('single_post', post_id=post_id)) elif request.form['_method'] == "DELETE": try: post = BlogPost.get(BlogPost.id == post_id) post.delete_instance() flash('Successfully deleted the blog post') return redirect(url_for('blog')) except BlogPost.DoesNotExist: return redirect(url_for('blog')) else: abort(405) else: flash('Not authorized to do that') return redirect(url_for('blog')) else: try: post = BlogPost.get(BlogPost.id == post_id) if post.tags: tags = post.tags.split(',') return render_template('blog/show.html', post=post, tags=tags) except BlogPost.DoesNotExist: return redirect(url_for('blog'))