def post(self, entry_index=None): entry = Entry.get_entry(entry_index) if not entry or entry.is_removed: self.siteError( SiteErrorType.ERROR_ENTRY_NOT_EXIST ) return is_spam = self.request.get('is_spam') if is_spam: # block user siteUser = User.getSiteUser( entry.user ) siteUser.status = UserStatus.USER_BANED siteUser.put() site_user_id = siteUser.key().id() # delete user's comment Comment.delete_with_user_id(site_user_id) # delete user's entry Entry.delete_with_user_id(site_user_id) #delete comment for comment in entry.comments: comment.delete() Entry.delete_entry(entry_index) self.redirect( "/admin/entry" )
def wrapper(self, *args, **kw): user = users.get_current_user() if user: siteUser = User.getSiteUser(user) if siteUser and siteUser.status > UserStatus.USER_NORMAL: self.redirect("/error/user_banned") return func(self, *args, **kw)
def createCSRFToken(self): if not self.context['user'].get_current_user(): return siteUser = User.getSiteUser( self.context['user'].get_current_user() ) if not siteUser: siteUser = User.insertUser( self.context['user'].get_current_user(), self.request.remote_addr ) m = hashlib.md5() # prepare salt if siteUser.last_write_on: m.update( siteUser.last_write_on.strftime("%Y/%m/%d %H:%M:%S.%f") ) else: m.update( siteUser.join_on.strftime("%Y/%m/%d %H:%M:%S.%f") ) m.update( str( siteUser.key().id() ) ) self.context['csrf_token'] = m.hexdigest() cookies = Cookies( self ) cookies['csrf_token'] = self.context['csrf_token']
def get(self, cursor=None): siteUser = User.getSiteUser( self.context['user'].get_current_user() ) if not siteUser: siteUser = User.insertUser(self.context['user'].get_current_user(), self.request.remote_addr ) self.context['siteUser'] = siteUser LIST_NUMS = 10 query = Entry.all() query.filter("site_user_id", User.getSiteUserId( self.context['user'].get_current_user() ) ) query.filter("is_removed", False ) query.order("-created_on") paging = Paging( query ) paging.setCurrentCursor( cursor ) paging.setLimit( LIST_NUMS ) paging.execute() self.context['paging'] = paging self.render("user.html")
def post(self, comment_id=None): comment_id = int( comment_id ) comment = Comment.get_by_id( comment_id ) if not comment: self.siteError( SiteErrorType.ERROR_COMMENT_NOT_EXIST ) return siteUser = User.getSiteUser( comment.user ) Comment.delete_comment(comment) is_spam = self.request.get('is_spam') if is_spam: siteUser.status = UserStatus.USER_BANED siteUser.put() site_user_id = siteUser.key().id() # delete user's comment Comment.delete_with_user_id(site_user_id) # delete user's entry Entry.delete_with_user_id(site_user_id) self.redirect( '/admin/comment' )