def post(self, comment_id):
text = self.request.get('comment-text')
params = dict(comment_text=text)
comment = Comment.get_by_id(int(comment_id))
if not comment:
return self.abort(404, "No comment associated with request")
post_id = comment.post.id()
params['post_id'] = post_id
if text:
comment.content = text
comment.put()
self.redirect_to_uri("permalink", post_id=post_id)
else:
params['comment_error'] = "Comment cannot be empty"
self.render_page(**params)
def make_comment_change(self, comment_id, edit, delete):
"""Checks permissions and allows to edit/delete comment"""
if edit and delete:
log_request(self, "Request with edit & delete comment")
return self.abort(400, "Edit and delete simultaneosly forbidden")
if not self.user:
return self.redirect_to_uri("signup")
comment = Comment.get_by_id(int(comment_id))
if not comment:
return self.abort(404, "No comment associated with request")
key = comment.key
if comment.user.id() == self.user.key.id():
if edit:
return self.redirect_to_uri("comment_edit", comment_id=key.id())
elif delete:
comment.key.delete()
return self.redirect_to_uri("permalink", post_id=comment.post.id())
log_request(self, "User tried to change comment of another user")
return self.abort(403, "You cannot change other user comments")
def get(self, comment_id):
comment = Comment.get_by_id(int(comment_id))
if not comment:
return self.abort(404, "No comment associated with request")
self.render_page(post_id=comment.post.id(), content=comment.content)