def view_handler(h, p=None):
global opts
# Удаление комментария
if h.method != 'GET':
if db.delete_comment(h.id) is True:
msg = "Комментарий успешно удален"
else:
msg = "При удалении комментария произошла ошибка"
# Таблица с комментариями
comments = db.select_comment()
table = ''
for comment in comments:
table += "<tr>\r\n"
for item in comment:
table += "<td>%s</td>\r\n" % (item if item is not None else '-')
table += "<td onclick=\"javascript:remove_comment(%s)\"><span>x</span></td>\r\n" % comment[
0]
table += "</tr>\r\n"
headers = [
'#', 'Фамилия', 'Имя', 'Отчество', 'Телефон', 'E-mail', 'Город',
'Регион', 'Комментарий', 'Удалить', table
]
html = view.HTMLObject('Комментарии')
html.Script(func=view.view_script)
html.Style(func=view.main_css, param=dict(filename=opts.css_file))
html.Body(func=view.view_table, content=headers)
return str(html)
def moderate_comment():
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
comment_id = request.form["comment_id"]
if request.form["delete"] == "3":
db.delete_report(comment_id, "comment")
if request.form["delete"] == "2":
user_id = db.find_comment_author(comment_id)
db.delete_user(user_id)
if request.form["delete"] == "1":
db.delete_comment(comment_id)
return redirect("/reports")
def delete_comment():
"""Deletes comment identified by id in post data. Requires login. Called via ajax."""
username = session["username"]
user = db.get_user_by_username(username)
if not user:
app.logger.warning("comment without user")
abort(500)
comment_id = request.form.get("comment_id", None)
comment = db.get_comment(comment_id)
if not comment:
app.logger.warning("no comment for given id %s" % comment_id)
abort(500)
can_delete_comment = comment.is_owner(user)
if not can_delete_comment:
app.logger.warning("User %s tried to delete comment %s without permissions." % (user["_id"], comment["_id"]))
abort(500)
db.delete_comment(comment_id)
return jsonify(err=None, comment_id = comment_id)
def edit_own_comment():
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
comment_id = request.form["comment_id"]
review_id = request.form["review_id"]
page = "/review/" + str(review_id)
if request.form["delete"] == "3":
db.delete_report(comment_id, "comment")
if request.form["delete"] == "1":
db.delete_comment(comment_id)
return redirect(page)
writing = request.form["writing"]
if writing:
db.update_comment(comment_id, writing)
return redirect(page)
def delete_comment(commentID): # noqa: E501
"""delete a comment and make it [deleted]
# noqa: E501
:param commentID: ID of comment
:type commentID: str
:rtype: None
"""
if db.delete_comment(commentID).deleted_count == 1:
return {"status": "ok"}
return get_error("could not delete comment"), 404
def delete_comment():
data = request.get_json()
c_id = data.get('c_id')
p_id = data.get('p_id')
db.delete_comment(c_id, p_id)
return jsonify({'status': 0})