def add_comment(request, project_id, issue_id): form = CommentForm(**json.loads(request.body)) if not form.validate(): raise Http400 project = ProjectModel.get_by_id(long(project_id)) if project is None: raise Http404 if request.user.permission != UserPermission.root and request.user.key().id() not in project.member_ids: raise Http403 issue = IssueModel.get_by_id(long(issue_id)) if issue is None: raise Http404 if issue.project.key() != project.key(): raise Http403 comment = CommentModel( comment=bleach.clean( form.comment.data, tags=utils.get_bleach_allow_tags(), attributes=utils.get_bleach_allow_attributes(), styles=utils.get_bleach_allow_styles(), ), author=request.user, issue=issue, ) comment.put() return JsonResponse(comment)
def get_comments(request, project_id, issue_id): project = ProjectModel.get_by_id(long(project_id)) if project is None: raise Http404 if request.user.permission != UserPermission.root and request.user.key().id() not in project.member_ids: raise Http403 issue = IssueModel.get_by_id(long(issue_id)) if issue is None: raise Http404 if issue.project.key() != project.key(): raise Http403 comments = CommentModel.all().filter("issue =", issue.key()).order("create_time").fetch(1000) return JsonResponse([x.dict() for x in comments])
def update_issue(request, project_id, issue_id): form = IssueForm(**json.loads(request.body)) if not form.validate(): raise Http400 project = ProjectModel.get_by_id(long(project_id)) if project is None: raise Http404 if request.user.permission != UserPermission.root and request.user.key().id() not in project.member_ids: raise Http403 issue = IssueModel.get_by_id(long(issue_id)) if issue is None: raise Http404 if issue.project.key() != project.key(): raise Http404 if issue.is_close != form.is_close.data: # close/reopen the issue issue.is_close = form.is_close.data issue.put() else: # update the issue if ( request.user.permission != UserPermission.root and not request.user.key().id() in project.root_ids and request.user.key() != issue.author.key() ): raise Http403 issue.title = form.title.data issue.content = bleach.clean( form.content.data, tags=utils.get_bleach_allow_tags(), attributes=utils.get_bleach_allow_attributes(), styles=utils.get_bleach_allow_styles(), ) issue.floor = form.floor.data issue.label_ids = form.label_ids.data issue.put() return JsonResponse(issue)