def post(self, blog_id): key = db.Key.from_path('Blog', int(blog_id), parent=helper.blog_key()) blog = db.get(key) user_id = self.read_secure_cookie('user_id') if blog.created_by != user_id: # user not allowed to Edit other user blogs self.render("not-allowed.html", subject=blog.subject, content=blog.content, user_logged_in=self.user, user_name=self.user.username) else: subject = self.request.get("subject") content = self.request.get("content") user_id = self.read_secure_cookie('user_id') if user_id: if content and subject: blog.subject = subject blog.content = content blog.put() self.redirect("/blog/%s" % blog_id) else: error = "we need both a subject and some content!" self.render_front(subject, content, error) else: self.redirect('/logout')
def get(self, blog_id): # check if user is logged in if self.user: # user logged in # get blog by given id in the url key = db.Key.from_path( 'Blog', int(blog_id), parent=helper.blog_key()) blog = db.get(key) # get all like for the given blog likes_query = "select * from like where post_id='" + \ blog_id + "'" likes = db.GqlQuery(likes_query) # get all comment for the given blog cmt_query = "select * from comment where post_id ='"+blog_id+"'"\ "order by created desc" comments = db.GqlQuery(cmt_query) # check if blog exist in the database if not blog: self.error(404) return self.render("blog.html", likes=likes.count(), comments=comments, blog=blog, user_logged_in=self.user, user_name=self.user.username) else: # user not looged in send user to signup page self.redirect("/signup")
def add_blog(cls, subject, content, created_by): """ Return Blog object with the given input """ return cls(parent=helper.blog_key(), subject=subject, content=content, created_by=created_by)
def post(self, blog_id): post_id = blog_id # get user input comments = self.request.get("comment") like_input = self.request.get("like") user_id = self.read_secure_cookie('user_id') # get old comments, likes and selected blog old_comments = db.GqlQuery("select * from comment " + "where post_id ='"+blog_id+"'" + "order by created desc") likes = db.GqlQuery("select * from like where post_id='"+blog_id+"'") key = db.Key.from_path('Blog', int(blog_id), parent=helper.blog_key()) blog = db.get(key) # check if user is logged in if user_id: if comments: new_comment = comment.comment.add_comment( comments, post_id, user_id) new_comment.put() if like_input: if user_id == blog.created_by: error = "you can not like your post!" self.render("blog.html", error=error, likes=likes.count(), comments=old_comments, blog=blog, user_logged_in=self.user, user_name=self.user.username) return else: # get likes for specific blog for the logged in user user_likes_query = "select * from like " +\ "where post_id='"+blog_id + \ "' and created_by='"+str(self.user.key().id()) + "'" check_user_likes = db.GqlQuery(user_likes_query) if check_user_likes.count() == 0: new_like = like.like.add_like(post_id, user_id) new_like.put() else: error = "you can like a post one time" self.render("blog.html", error=error, likes=likes.count(), comments=old_comments, blog=blog, user_logged_in=self.user, user_name=self.user.username) return self.redirect("/blog/%s" % blog_id) else: self.redirect('/signup')
def post(self, blog_id): key = db.Key.from_path('Blog', int(blog_id), parent=helper.blog_key()) blog = db.get(key) user_id = self.read_secure_cookie('user_id') if blog.created_by != user_id: # user not allowed to remove other user posts self.render("not-allowed.html", subject=blog.subject, content=blog.content, user_logged_in=self.user, user_name=self.user.username) else: # remove blog and redirect user to the success page blog.delete() self.redirect("/success?delete_blog=true")
def get(self, blog_id): if self.user: key = db.Key.from_path( 'Blog', int(blog_id), parent=helper.blog_key()) blog = db.get(key) user_id = self.read_secure_cookie('user_id') if blog.created_by == user_id: self.render("new-blog.html", subject=blog.subject, content=blog.content, user_logged_in=self.user, user_name=self.user.username) else: # user not allowed to Edit other user blogs self.render("not-allowed.html", not_allowed=True, base_page="blog", requested_id=blog_id, user_logged_in=self.user, user_name=self.user.username) else: self.redirect("/signup")
def get(self, blog_id): if self.user: key = db.Key.from_path('Blog', int(blog_id), parent=helper.blog_key()) blog = db.get(key) user_id = self.read_secure_cookie('user_id') if blog.created_by == user_id: self.render("new-blog.html", subject=blog.subject, content=blog.content, user_logged_in=self.user, user_name=self.user.username) else: # user not allowed to Edit other user blogs self.render("not-allowed.html", not_allowed=True, base_page="blog", requested_id=blog_id, user_logged_in=self.user, user_name=self.user.username) else: self.redirect("/signup")