コード例 #1
0
def delete_thread(request):
    """Delete thread."""
    if not (valid_permission(request, 'forum_delete')
            and valid_permission(request, 'forum_mod_edit')):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    thread_id = request.params["thread_id"]
    bb.delete_thread(thread_id)
    return {"status": "success"}
コード例 #2
0
def delete_post(request):
    """Delete post."""
    post_obj = bb.get_post(request.params["post_id"])
    if not (valid_permission(request, 'forum_delete')
            and valid_permission(request, 'forum_mod_edit')):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    what_id = bb.delete_post(post_obj)
    if what_id == 1:
        what = "post"
    else:
        what = "thread"
    return {"status": "deleted", "what": what, "what_id": what_id}
コード例 #3
0
def check_owner(request, page_id):
    page = c.show_page(page_id)
    if (valid_permission(request, 'article_mod')
            or page.user == request.validated['user_db']):
        return True
    else:
        request.errors.add('body', 'access_denied', 'Access denied')
    return False
コード例 #4
0
def update_post(request):
    """Update post."""
    user = request.validated['user_db']
    post_obj = bb.get_post(request.params["post_id"])
    if not valid_permission(request, 'forum_edit'):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    if not (valid_permission(request, 'forum_mod_edit')
            or post_obj.user == user):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    post_obj.name = request.json_body['title']
    post_obj.article = request.json_body['body']
    return {
        "status": "updated",
        "post_name": post_obj.name,
        "post_content": post_obj.article,
        "post_time": str(post_obj.time),
        "post_username": post_obj.user.name,
        "post_id": post_obj.id
    }
コード例 #5
0
def update_thread(request):
    """Update thread."""
    user = request.validated['user_db']
    thread = bb.get_thread(request.params["thread_id"])
    if not valid_permission(request, 'forum_edit'):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    if (valid_permission(request, 'forum_mod_edit')
            or thread.posts[0].user == user):
        thread.name = request.json_body['title']
        thread.description = request.json_body['description']
    else:
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    return {
        "status": "success",
        "thread_id": thread.id,
        "thread_name": thread.name,
        "thread_desc": thread.description,
        "thread_total_posts": thread.total_posts()
    }
コード例 #6
0
def api_article_delete(request):
    if not valid_permission(request, "article_delete"):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    page_id = request.matchdict.get('page_id')
    if not check_owner(request, page_id):
        return
    try:
        c.delete(request, c.show_page(page_id))
        return {"status": "deleted"}
    except PageNotFound:
        request.errors.add('querystring', 'not_found', 'Page Not Found')
コード例 #7
0
def api_article_create(request):
    """
    Creates an article.
    Accepts: display_name, article, summary, tags
    """
    if not valid_permission(request, "article_create"):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    page_id, display_name, article, summary, tags = quick_get_matchdict(
        request)
    user = request.validated['user_db']
    try:
        c.create(request, page_id, display_name, article, summary, user, tags)
        return {"status": "created"}
    except PageFound:
        request.errors.add('querystring', 'found', 'A page already exists')
コード例 #8
0
def create_thread(request):
    """Create thread."""
    if not valid_permission(request, 'forum_reply'):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    user = request.validated['user_db']
    forum = bb.get_forum(request.params.get('forum_id'))
    thread = bb.add_thread(request.json_body.get("title"),
                           request.json_body.get("description"),
                           request.json_body.get("body"), user, forum)
    return {
        "status": "success",
        "thread_id": thread.id,
        "thread_name": thread.name,
        "thread_desc": thread.description,
        "thread_total_posts": thread.total_posts()
    }
コード例 #9
0
def create_post(request):
    """Create post."""
    name = request.json_body['title']
    article = request.json_body['body']
    user = request.validated['user_db']
    thread_obj = bb.get_thread(request.params["thread_id"])
    if not valid_permission(request, 'forum_reply'):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    post_obj = bb.add_post(thread_obj, name, article, user)
    return {
        "status": "created",
        "post_name": post_obj.name,
        "post_content": post_obj.article,
        "post_time": str(post_obj.time),
        "post_username": post_obj.user.name,
        "post_id": post_obj.id
    }
コード例 #10
0
def api_article_update(request):
    """
    Updates an article.
    Accepts: display_name, article, summary, tags
    """
    if not valid_permission(request, "article_update"):
        request.errors.add('body', 'access_denied', 'Access denied')
        return
    page_id, display_name, article, summary, tags = quick_get_matchdict(
        request)
    if not check_owner(request, page_id):
        return
    user = request.validated['user_db']
    try:
        page = c.show_page(page_id)
        page.display_name = display_name
        c.update(request, page, article, summary, user, tags)
        return {"status": "updated"}
    except PageNotFound:
        request.errors.add('querystring', 'not_found', 'Page not found')
コード例 #11
0
def edit_board_permission(request, **kwargs):
    if not valid_permission(request, 'edit_board'):
        request.errors.add('body', 'access_denied', 'Access denied')
        return