def delete(self, request): user_id = request.session.get("user_id") if user_id is None: return ErrorResponse(401, "Login first") form = JsonForm(request.json, ("article_id", )) if not form.is_valid(): return form.error_resp() session = Session() article = get_by_pk(session, Article, form.article_id) if article is None: return ErrorResponse(404, "Article not found.") if article.author_id != user_id: return ErrorResponse(403, "The article is not belong to you.") session.delete(article) session.commit() return JsonResponse({})
def post(self, request): username = request.session.get("username") if username is None: return redirect("login") title = request.POST.get("title") content = request.POST.get("content") author = request.session.get("user_id") if title and content: session = Session() article = Article(title=title, content=md2html(content), author_id=author) session.add(article) session.commit() return redirect("article-list") else: return
def post(self, request): print(request.json) form = JsonForm(request.json, ("username", "password"), username=lambda x: len(x) > 5, password=lambda x: len(x) > 5) if not form.is_valid(): return form.error_resp() session = Session() user = session.query(User).filter_by( username=form.username).one_or_none() if user is not None: return ErrorResponse(401, "Username already exist.") user = User(username=form.username, password=form.password) session.add(user) session.commit() return JsonResponse({})
def post(self, request): action = request.POST.get("action") article_id = request.POST.get("article_id") user_id = request.session.get("user_id") if action and article_id and user_id: session = Session() article = session.query(Article).filter_by( id=article_id).one_or_none() if article is None: return HttpResponse("article not exist") if article.author_id != user_id: return HttpResponse("article is not belong to you") if action == "DELETE": session.delete(article) session.commit() return redirect("article-list") else: pass else: return redirect('article-list')
def post(self, request): user_id = request.session.get("user_id") if user_id is None: return ErrorResponse(401, "Login first") form = JsonForm(request.json, ("title", "content")) if not form.is_valid(): return form.error_resp() title = form.title content = form.content author_id = user_id article = Article(title=title, content=md2html(content), author_id=author_id) session = Session() session.add(article) session.commit() return JsonResponse({})
def put(self, request): user_id = request.session.get("user_id") if user_id is None: return ErrorResponse(401, "Login first") form = JsonForm(request.json, ("id", "title", "content")) if not form.is_valid(): return form.error_resp() title = form.title content = form.content session = Session() article = get_by_pk(session, Article, form.id) if article is None: return ErrorResponse(404, "Article not found.") if article.author_id != user_id: return ErrorResponse(403, "The article is not belong to you.") session.add(article) article.title, article.content = title, content session.commit() return JsonResponse({})