def get(self, gid, pid): user = request.authorization # this gives dict uid = User.objects.get(username=user['username']) # this gives user object group = Group.objects.get(id=gid) post = Post.objects.get(id=pid) if gid in post.group_id: if post.approval: comments = Comment.objects(post_id=pid).to_json() return Response(comments, mimetype="application/json", status=200) else: return "You do not have the required access", 200
def get(self, cid, gid): user = request.authorization uid = User.objects.get(username=user['username']) uid = str(uid.id) try: group = Group.objects.get(id=gid) if uid in group.role_dict: comment = Comment.objects(id=cid).to_json() return Response(comment, mimetype="application/json", status=200) else: return "You are not member of the group", 500 except: return "Invalid group or comment id", 500
def delete(self, gid, cid): user = request.authorization # this gives dict uid = User.objects.get( username=user['username']) # this gives user object user_id = str(uid.id) # this gives the user id in string format comment = Comment.objects.get(id=cid) group = Group.objects.get(id=gid) try: role = group.role_dict[user_id] comments = Comment.objects(user_id=user_id) if comment in comments or role == A or role == MD: comment.delete() return "Comment deleted", 200 else: return "You don't have the permission required", 200 except: return "You ain't a member of the group", 200