예제 #1
0
def delete(comment_id):
    # comment_id = int(request.args.get('id'))
    t = Comment.find_by(id=comment_id)
    Comment.check_id(id=comment_id)
    Comment.remove(comment_id)
    # 不管如何,都需要返回json的数据,为了触发ajax中回调函数
    return jsonify(t.json())
예제 #2
0
def comment_delete(request):
    u = current_user(request)
    comment_id = int(request.query.get('id', -1))
    comment = Comment.find_by(id=comment_id)
    weibo = Weibo.find_by(id=comment.weibo_id)
    # 若当前用户为 comment 作者 或 相应的微博作者,允许删除
    if u.id in (comment.user_id, weibo.user_id):
        comment.delete(comment.id)
        return redirect('/weibo/index?user_id={}'.format(u.id))
    # 否则直接重定向到当前用户微博页面
    else:
        return redirect('/weibo/index?user_id={}'.format(u.id))
예제 #3
0
def comment_update(request):
    u = current_user(request)
    comment_id = int(request.form().get('id', -1))
    comment = Comment.find_by(id=comment_id)
    # 若当前用户为 comment 作者,允许更新
    if comment.user_id == u.id:
        comment.content = request.form().get('content')
        comment.save()
        return redirect('/weibo/index?user_id={}'.format(comment.user_id))
    # 否则返回 404 错误
    else:
        return error(request)
예제 #4
0
 def f(request):
     u = current_user(request)
     if 'id' in request.query:
         weibo_id = request.query['id']
     else:
         weibo_id = request.json()['id']
     c = Comment.find_by(id=int(weibo_id))
     if c.user_id == u.id:
         return route_function(request)
     else:
         result = dict(message="fail")
         return json_response(result)
예제 #5
0
 def f(request):
     log('comment_owner_required')
     u = current_user(request)
     comment = request.json()
     w = Weibo.find_by(id=int(comment['weibo_id']))
     c = Comment.find_by(id=int(comment['id']))
     if u.id != w.user_id and u.id != c.user_id:
         d = dict(message="无权操作")
         return json_response(d)
     else:
         log('评论更新', route_function)
         return route_function(request)
예제 #6
0
def comment_edit(request):
    u = current_user(request)
    comment_id = int(request.query.get('id', -1))
    comment = Comment.find_by(id=comment_id)
    # 若当前用户为 comment 的作者,允许修改
    if comment.user_id == u.id:
        body = template('comment_edit.html',
                        id=comment.id,
                        content=comment.content)
        return http_response(body)
    # 否则重定向到用户微博的主页
    else:
        return redirect('/weibo/index?user_id={}'.format(comment.user_id))
예제 #7
0
    def f(request):
        u = current_user(request)
        if 'id' in request.query:
            comment_id = request.query['id']
        else:
            comment_id = request.json()['id']
        c = Comment.find_by(id=int(comment_id))

        if c.user_id == u.id:
            return route_function(request)
        else:
            d = dict(message="403")
            return json_response(d)
예제 #8
0
    def f(request):
        log('same_user_required_update')
        u = current_user(request)
        if 'id' in request.query:
            comment_id = request.query['id']
        else:
            comment_id = request.form()['id']
        c = Comment.find_by(id=int(comment_id))

        # 只有comment的拥有者可修改
        if c.user_id == u.id:
            return route_function(request)
        else:
            return redirect('/weibo/index')
예제 #9
0
 def wrapper(request):
     u = current_user(request)
     if 'weibo_id' in request.query and 'comment_id' in request.query:
         weibo_id = request.query['weibo_id']
         comment_id = request.query['comment_id']
     else:
         weibo_id = request.form()['weibo_id']
         comment_id = request.form()['comment_id']
     w = Weibo.one(id=int(weibo_id))
     c = Comment.find_by(id=int(comment_id))
     if w.user_id == u.id or c.user_id == u.id:
         return route_function(request)
     else:
         return redirect('/weibo/index')
예제 #10
0
    def f(request):
        if 'id' in request.query:
            comment_id = int(request.query['id'])
        else:
            form = request.json()
            comment_id = int(form['id'])
        comment = Comment.find_by(id=comment_id)
        u = current_user(request)

        if u.id == comment.user_id:
            return api_function(request)
        else:
            d = dict(status=410, message="权限不足,请求无法执行")
            return json_response(d)
예제 #11
0
 def f():
     log('same_user_required')
     u = current_user()
     if 'id' in request.args:
         comment_id = request.args['id']
     else:
         comment_id = request.get_json()['id']
     c = Comment.find_by(id=int(comment_id))
     w = Weibo.find_by(id=int(c.weibo_id))
     log(comment_id, u.id, c.user_id)
     if c.user_id == u.id or w.user_id == u.id:
         return route_function()
     else:
         return redirect(url_for('weibo.index'))
예제 #12
0
    def f(request):
        log('same_user_required_update')
        u = current_user(request)
        if 'id' in request.query:
            comment_id = request.query['id']
        else:
            comment_id = request.form()['id']
        c = Comment.find_by(id=int(comment_id))
        w = Weibo.find_by(id=c.weibo_id)

        # comment的拥有者或者comment所属weibo的发布者可删
        if u.id in [c.user_id, w.user_id]:
            return route_function(request)
        else:
            return redirect('/weibo/index')
예제 #13
0
    def f(request):
        u = current_user(request)
        if 'id' in request.query:
            comment_id = request.query['id']
        else:
            form = request.json()
            comment_id = form['id']
        c = Comment.find_by(id=int(comment_id))
        w = Weibo.find_by(id=c.weibo_id)

        if c.user_id == u.id or w.user_id == u.id:
            return route_function(request)
        else:
            d = dict(message="权限不足")
            return json_response(d)
예제 #14
0
 def f():
     u = current_user()
     if 'id' in request.args:
         comment_id = request.args['id']
     else:
         comment_id = request.get_json()['id']
     c = Comment.find_by(id=int(comment_id))
     w = Weibo.find_by(id=c.weibo_id)
     if c.user_id == u.id:
         return route_function()
     elif w.user_id == u.id:
         return route_function()
     else:
         d = dict(message="用户无权限")
         return jsonify(d)
예제 #15
0
 def f():
     if 'id' in request.args:
         log('if true', request.args)
         comment_id = int(request.args['id'])
     else:
         log('if false')
         form: dict = request.json
         comment_id = int(form.get('id'))
     u = current_user()
     c = Comment.find_by(id=comment_id)
     w = Weibo.find_by(id=c.weibo_id)
     if c.user_id == u.id or w.user_id == u.id:
         return route_function()
     else:
         d = dict(remove=False, message="权限不足")
         return jsonify(d)
예제 #16
0
    def f(request):
        u = current_user(request)
        if 'id' in request.query:
            comment_id = request.query['id']
        else:
            comment_id = request.json()['id']
        c = Comment.find_by(id=int(comment_id))

        weibo_id = c.weibo_id
        weibo = Weibo.find_by(id=int(weibo_id))
        weibo_user_id = weibo.user_id
        error = {}
        if (c.user_id == u.id) or (weibo_user_id == u.id):
            return route_function(request)
        else:
            error['error_message'] = "权限不足:不是此微博或此评论用户"
            return json_response(error)
예제 #17
0
    def f(request):
        log('comment_owner_required')
        u = current_user(request)
        if 'id' in request.query:
            comment_id = request.query['id']
        else:
            comment_id = request.json()['id']

        c = Comment.find_by(id=int(comment_id))
        w = Weibo.find_by(id=int(c.weibo_id))

        if c.user_id == u.id:
            return route_function(request)
        elif w.user_id == u.id:
            return route_function(request)
        else:
            return error(request)
예제 #18
0
    def f(request):
        log('comment_owner_required')
        u = current_user(request)
        if 'id' in request.query:
            comment_id = int(request.query['id'])
        else:
            form = request.json()
            comment_id = int(form['id'])

        t = Comment.find_by(id=comment_id)
        weibo_id = t.weibo_id
        w = Weibo.find_by(id=weibo_id)

        if t.user_id == u.id or w.user_id == u.id:
            return route_function(request)
        else:
            d = dict(message="还想改别人的评论?")
            return json_response(d)
예제 #19
0
    def f(request):
        # log('weibo_owner_required')
        # 获取评论id
        form = request.form()
        if 'cid' in request.query:
            c_id = request.query['cid']
        elif 'cid' in form:
            c_id = form['cid']
        else:
            return redirect('/weibo/index')

        # 比对user id
        c = Comment.find_by(id=int(c_id))
        u = current_user(request)
        if c.user_id == u.id:
            return route_function(request)
        else:
            return redirect('/weibo/index')
예제 #20
0
    def f():
        u = current_user()
        if 'id' in request.args:
            comment_id = request.args['id']
        else:
            form = request.get_json()
            log('comment form', form)
            comment_id = form['id']

        c = Comment.find_by(id=int(comment_id))
        weibo_id = c.weibo_id
        w = Weibo.find_by(id=int(weibo_id))
        # 用户id和评论用户id一致或与微博所有者id一致则可执行
        if c.user_id == u.id or w.user_id == u.id:
            return route_function()
        else:
            d = dict(
                message="您没有此操作的权限!"
            )
            return jsonify(d)
예제 #21
0
def comment_edit(request):
    c_id = int(request.query['cid'])
    c = Comment.find_by(id=c_id)
    return html_response('comment_edit.html', comment=c)
예제 #22
0
def edit(request):
    comment_id = int(request.query['id'])
    c = Comment.find_by(id=comment_id)
    body = RenderTemplate.render('comment_edit.html', comment=c)
    return html_response(body)