def topics(request, author_id): #127.0.0.1:8000/v1/topics/<author_id>?category=[tec|no-tec] if request.method == 'GET': #獲取用戶博客數據 #前端地址 -> http:127.0.0.1:5000/<username>/topics #author_id 被訪問的博客的博主用戶名 #visitor 訪客 1.登入 2.遊客 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 308, 'error': 'no author'} return JsonResponse(result) #取出結果中的博主 author = authors[0] #visitor? visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username t_id = request.GET.get('t_id') #獲取 t_id if t_id: #當前是否為博主訪問自己的博客 is_self = False #根據t_id進行查詢 t_id = int(t_id) if author_id == visitor_name: is_self = True #博主訪問自己 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {'code': 312, 'error': 'no topic'} return JsonResponse(result) #拼前端返回值 else: #訪客訪問博主的博客 try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: result = {'code': 313, 'error': 'no topic'} return JsonResponse(result) res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: #127.0.0.1:8000/v1/topics/<author_id>?category=[tec|no-tec] category = request.GET.get('category') if category in ['tec', 'no-tec']: #v1/topics/<author_id>?category=[tec|no-tec] if author_id == visitor_name: #博主訪問自己的博客 topics = Topic.objects.filter(author_id=author_id, category=category) else: #訪客來了 topics = Topic.objects.filter(author_id=author_id, category=category, limit='public') else: #v1/topics/<author_id> if author_id == visitor_name: #博主訪問自己的博客 獲取全部數據 topics = Topic.objects.filter(author_id=author_id) else: #訪客,非博主本人 topics = Topic.objects.filter(author_id=author_id, limit='public') result = make_topics_res(author, topics) return JsonResponse(result) #v1/topics elif request.method == "POST": json_str = request.body.decode() if not json_str: result = {'code': 301, 'error': 'Please give me json'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') #xss注入 import html title = html.escape(title) if not title: result = {'code': 302, 'error': 'Please give me title'} return JsonResponse(result) content = json_obj.get('content') if not content: result = {'code': 303, 'error': 'Please give me content'} return JsonResponse(result) content_text = json_obj.get('content_text') if not content_text: result = {'code': 304, 'error': 'Please give me content_text'} return JsonResponse(result) introduce = content_text[:30] limit = json_obj.get('limit') if limit not in ['public', 'private']: result = {'code': 305, 'error': 'Please give me limit'} return JsonResponse(result) category = json_obj.get('category') #TODO 檢查 sam to 'limit' #創建數據 Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author=request.user) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'DELETE': #博主删除自己的文章 #/v1/topics/<author_id> # token存储的用户 author = request.user token_author_id = author.username #url中传过来的author_id 必须与token中的用户名相等 if author_id != token_author_id: result = {'code': 309, 'error': 'You can not do it '} return JsonResponse(result) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except: result = {'code': 310, 'error': 'You can not do it !'} return JsonResponse(result) #删除 if topic.author.username != author_id: result = {'code': 311, 'error': 'You can not do it !! '} return JsonResponse(result) topic.delete() res = {'code': 200} return JsonResponse(res)
def topics(request, author_id): # 127.0.0.1:8000/v1/topics/<author_id>?category=[tec|no-tec] if request.method == 'GET': # 获取用户博客数据 # 前端地址 -> http://127.0.0.1:5000/<username>/topics # author_id 被访问的博客的博主用户名 # visitor 访客 【1,登陆了 2,游客(未登录)】 # author 博主 当前被访问博客的博主 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 308, 'error': 'no author'} return JsonResponse(result) # 取出结果中的博主 author = authors[0] # visitor ? visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username t_id = request.GET.get('t_id') # 获取 t_id if t_id: # 当前是否为 博主访问自己的博客 is_self = False # 根据t_id进行查询 t_id = int(t_id) if author_id == visitor_name: is_self = True # 博主访问自己的博客 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {'code': 312, 'error': 'no topic'} return JsonResponse(result) else: # 访客访问博主的博客 try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: result = {'code': 313, 'error': 'no topic !'} return JsonResponse(result) # 拼前端返回值 res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: # 127.0.0.1:8000/v1/topics/<author_id>?category=[tec|no-tec] category = request.GET.get('category') if category in ['tec', 'no-tec']: # /v1/topics/<author_id>?category=[tec|no-tec] if author_id == visitor_name: # 博主访问自己的博客 topics = Topic.objects.filter(author_id=author_id, category=category) else: # 访客来了 topics = Topic.objects.filter(author_id=author_id, category=category, limit='public') else: # /v1/topics/<author_id> 用户全量数据 if author_id == visitor_name: # 博主访问自己的博客 获取全部博客数据 topics = Topic.objects.filter(author_id=author_id) else: # 访客来了, 非博主本人 只获取public数据 topics = Topic.objects.filter(author_id=author_id, limit='public') # 返回 res = make_topics_res(author, topics) return JsonResponse(res) elif request.method == 'POST': # 创建用户博客数据 json_str = request.body if not json_str: result = {'code': 301, 'error': 'Please give me json'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') # xss注入 import html # 进行转义 title = html.escape(title) if not title: result = {'code': 302, 'error': 'Please give me title'} return JsonResponse(result) content = json_obj.get('content') if not content: result = {'code': 303, 'error': 'Please give me content'} return JsonResponse(result) # 获取纯文本内容 - 用于切割文章简介 content_text = json_obj.get('content_text') if not content_text: result = {'code': 304, 'error': 'Please give me content_text'} return JsonResponse(result) # 切割简介 introduce = content_text[:30] limit = json_obj.get('limit') if limit not in ['public', 'private']: result = {'code': 305, 'error': 'Your limit is wrong'} return JsonResponse(result) category = json_obj.get('category') # Todo 检查 same to 'limit' # 创建数据 Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author=request.user) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'DELETE': # 博主删除自己的文章 # /v1/topics/<author_id> # token存储的用户 author = request.user token_author_id = author.username # url中传过来的author_id 必须与token中的用户名相等 if author_id != token_author_id: result = {'code': 309, 'error': 'You can not do it '} return JsonResponse(result) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except: result = {'code': 310, 'error': 'You can not do it !'} return JsonResponse(result) # 删除 if topic.author.username != author_id: result = {'code': 311, 'error': 'You can not do it !! '} return JsonResponse(result) topic.delete() res = {'code': 200} return JsonResponse(res) return JsonResponse({'code': 200, 'error': 'this is test'})
def topic_view(request, author_id): if request.method == "POST": json_str = request.body if not json_str: result = {'code': 302, 'error': 'Please give me data !!'} return JsonResponse(result) data = json.loads(json_str.decode()) title = data.get('title') # 博 客 内 容 带 HTML 格式 content = data.get('content') # 截取的30个字符字符 content_text = data.get('content_text') limit = data.get('limit') category = data.get('category') if not title: result = {'code': 303, 'error': 'Please give me title !!'} return JsonResponse(result) ####csrf ####xss cross site script 防止xss攻击 ####sql注入 title = html.escape(title) if not content: result = {'code': 304, 'error': 'Please give me content !!'} return JsonResponse(result) if not content_text: result = {'code': 305, 'error': 'Please give me content_text !!'} return JsonResponse(result) if not limit: result = {'code': 306, 'error': 'Please give me limit!!'} return JsonResponse(result) if not category: result = {'code': 307, 'error': 'Please give me category !!'} return JsonResponse(result) introduce = content_text[:30] if request.user.username != author_id: result = {'code': 308, 'error': 'Can not touch me !!'} return JsonResponse(result) try: models.Topic.objects.create(title=title, limit=limit, content=content, introduce=introduce, category=category, author_id=author_id) except Exception as e: print(e) result = {'code': 309, 'error': 'Databases is connected error !!'} return JsonResponse(result) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == "GET": # vistor 访问者 # author 作者 # 查找作者 authors = models.u_model.UserProfile.objects.filter(username=author_id) if not authors: request = {'code': 310, 'error': 'The author is not existed'} return JsonResponse(request) author = authors[0] # 查找访问者 vistor = get_user_by_request(request) vistor_username = None if vistor: vistor_username = vistor.username # 获取t_id t_id = request.GET.get('t_id') if t_id: t_id = int(t_id) ##查询指定文章 is_self = False if vistor_username != author.username: #author.username author_topics = models.Topic.objects.filter(id=t_id, limit='public') author_topic = author_topics[0] if not author_topic: request = { 'code': 312, 'error': 'The topic is not existed' } return JsonResponse(request) else: is_self = True author_topics = models.Topic.objects.filter(id=t_id) author_topic = author_topics[0] if not author_topic: result = {'code': 311, 'error': 'No Topic !!'} return JsonResponse(result) result = make_topic_res1(author, author_topic, is_self) # print(result) return JsonResponse(result) ##查询全部文章 else: # 判断是否有查询字符串[category] category = request.GET.get('category') if category in ['tec', 'no-tec']: if vistor_username == author.username: author_topics = models.Topic.objects.filter( author_id=author.username, category=category) else: author_topics = models.Topic.objects.filter( author_id=author.username, limit='public', category=category) else: if vistor_username == author.username: author_topics = models.Topic.objects.filter( author_id=author.username) else: author_topics = models.Topic.objects.filter( author_id=author.username, limit='public') res = make_topics_res(author, author_topics) return JsonResponse(res) elif request.method == 'DELETE': users = get_user_by_request(request) if not users: result = {'code': 311, 'error': '未登录'} return JsonResponse(result) if users.username != author_id: result = {'code': 312, 'error': 'URL 中欲删除的用户和登陆用户不一致'} return JsonResponse(result) topic_id = request.GET.get('topic_id') if not topic_id: result = {'code': 313, 'error': 'Please give me the id'} return JsonResponse(result) author_topic = models.Topic.objects.filter(id=topic_id) if not author_topic: result = {'code': 314, 'error': '想删除的 topic 不存在'} return JsonResponse(result) author_topic.delete() result = {'code': 200} return JsonResponse(result)
def topics(request, author_id): #http://127.0.0.1:5000/<username>/topic/release if request.method == 'POST': #发布博客 json_str = request.body if not json_str: result = {'code': 302, 'error': 'Please POST data!!!'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') #带html标签样式的文章内容 [颜色...] content = json_obj.get('content') #纯文本的文章内容 用于截取简介 content_text = json_obj.get('content_text') limit = json_obj.get('limit') category = json_obj.get('category') if not title: result = {'code': 303, 'error': 'Please give me title!!!'} return JsonResponse(result) #防止xss cross site script攻击 title = html.escape(title) if not content: result = {'code': 304, 'error': 'Please give me content!!!'} return JsonResponse(result) if not content_text: result = {'code': 305, 'error': 'Please give me content_text!!!'} return JsonResponse(result) if not limit: result = {'code': 306, 'error': 'Please give me limit!!!'} return JsonResponse(result) if not category: result = {'code': 307, 'error': 'Please give me category!!!'} return JsonResponse(result) introduce = content_text[:30] if request.user.username != author_id: result = {'code': 308, 'error': 'Can not touch me!!!'} return JsonResponse(result) #创建数据 try: Topic.objects.create(title=title, limit=limit, content=content, category=category, introduce=introduce, author_id=author_id) except Exception as e: print(e) result = {'code': 309, 'error': 'Topic is busy!!!'} return JsonResponse(result) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'GET': #获取author_id的文章 #后端地址/v1/topics/<username>?category[tec/notec] #前端地址http://127.0.0.1:5000/<username>/topics #1,访问者 visitor #2,博主/作者 author #查找我们的大博主 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 310, 'error': 'The user is not existed!!'} return JsonResponse(result) author = authors[0] # print(author) # print(author.username) #查询我们的访问者 visitor = get_user_by_request(request) # print(visitor) # print(visitor.username) visitor_username = None if visitor: visitor_username = visitor.username #判断查询字符串是否有t_id t_id = request.GET.get('t_id') print(type(t_id)) print(t_id) if t_id: #查询用户的指定文章数据 t_id = int(t_id) #是否为博主访问自己 is_self = False if visitor_username == author_id: is_self = True # 博主访问自己的博客 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {'code': 311, 'error': 'No topic!'} return JsonResponse(result) else: #陌生人访问博主的博客 try: author_topic = Topic.objects.get(id=t_id, limit='public') except: result = {'code': 312, 'error': 'No public topic!!'} return JsonResponse(result) res = make_topic_res(author, author_topic, is_self) #http://127.0.0.1:5000/<username>/topics return JsonResponse(res) else: #查询用户的全部文章 pass #判断是否有查询字符串【category】 category = request.GET.get('category') if category in ['tec', 'no-tec']: if visitor_username == author.username: # 博主访问自己的博客 author_topics = Topic.objects.filter(author_id=author.username, category=category) else: # 陌生的访问者, 访问author的博客 author_topics = Topic.objects.filter(author_id=author.username, limit='public', category=category) else: if visitor_username == author.username: #博主访问自己的博客 author_topics = Topic.objects.filter(author_id=author.username) else: #陌生的访问者, 访问author的博客 author_topics = Topic.objects.filter(author_id=author.username, limit='public') res = make_topics_res(author, author_topics) return JsonResponse(res) elif request.method == 'DELETE': #删除博客 #查询字符串中包含topic_id topic_id = request.GET.get('topic_id') print(topic_id) if not topic_id: result = {'code': 201, 'error': "未知错误!"} return JsonResponse(result) try: topic_obj = Topic.objects.get(topic_id) topic_obj.delete() except: print("删除失败!") pass
def topics(request, author_id): if request.method == "GET": # 獲取用戶部落格數據 # http://127.0.0.1:5000/<username>/topics # author_id 被訪問的部落客的版主用戶名 # visitor 訪客『1.登錄了 2.未登入』 # author 版主 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {"code": 308, "error": "no author"} return JsonResponse(result) author = authors[0] # visitor 訪客 visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username t_id = request.GET.get("t_id") if t_id: # 是否為自己訪問自己 is_self = False t_id = int(t_id) if author_id == visitor_name: is_self = True print(is_self) # 版主訪問自己 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {"code": 312, "error": "no topic"} return JsonResponse(result) else: try: author_topic = Topic.objects.get(id=t_id, limit="public") except Exception as e: result = {"code": 313, "error": "no topic!"} return JsonResponse(result) res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: category = request.GET.get("category") if category in ["tec", "no-tec"]: # /v1/topics/<author_id>?category=[tec|no-tec] if author_id == visitor_name: topics = Topic.objects.filter(author_id=author_id, category=category) else: topics = Topic.objects.filter(author_id=author_id, category=category, limit="public") else: # /v1/topics/<author_id>用戶全量數據 if author_id == visitor_name: # 當前版主訪問自己的部落客 獲取全部數據 topics = Topic.objects.filter(author_id=author_id) else: # 訪客訪問部落格 指獲取public數據 topics = Topic.objects.filter(author_id=author_id, category="tec") res = make_topics_res(author, topics) return JsonResponse(res) elif request.method == "POST": # 創建用戶部落格 json_str = request.body if not json_str: result = {"code": 301, "error": "Give me json"} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get("title") # xss注入防止對方使用javasprict輸入盜取東西 import html # 使用轉義 title = html.escape(title) if not title: result = {"code": 302, "error": "Give me title"} return JsonResponse(result) content = json_obj.get("content") if not content: result = {"code": 303, "error": "Give me content"} return JsonResponse(result) # 獲取純文本內容-用於切割文章作為簡介 content_text = json_obj.get("content_text") if not content_text: result = {"code": 304, "error": "Give me content_text"} return JsonResponse(result) # 切割簡介 introduce = content_text[:30] limit = json_obj.get("limit") if limit not in ["public", "private"]: result = {"code": 305, "error": "Your limit is wrong"} return JsonResponse(result) category = json_obj.get("category") if category not in ["tec", "No-tec"]: result = {"code": 306, "error": "Your limit is category"} return JsonResponse(result) # 創建數據 Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author=request.user) result = {"code": 200, "username": request.user.username} return JsonResponse(result) elif request.method == "DELETE": # token裡存儲的用戶 author = request.user token_author_id = author.username # url中傳過來的authorid 必須與token中用戶名相等 if token_author_id != author_id: result = {"code": 309, "error": "you can not do it"} return JsonResponse(result) delete_id = request.GET.get("topic_id") try: topic = Topic.objects.get(id=delete_id) except: result = {"code": 310, "error": "you can not do it!"} return JsonResponse(result) if topic.author.username != author_id: result = {"code": 311, "error": "you can not do it !!"} return JsonResponse(result) topic.delete() res = {"code": 200} return JsonResponse(res) # delete_id = request.GET["topic_id"] # authors = UserProfile.objects.filter(username=author_id) # if not authors: # result = {"code": 308, "error": "no author"} # return JsonResponse(result) # delete_target = Topic.objects.get(id=delete_id) # delete_target.delete() return JsonResponse({"code": 200, "error": "this is a test"})
def topics(request, author_id): if request.method == 'GET': # 获取用户博客数据 # http://127.0.0.1:5000/<username>/topics # author_id被访问的博客的博主用户民 # visitor 访客[1. 登陆了 2. 游客(未登录)] # author 博主 当前被博客的博主 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 308, 'error': 'no authhor'} return JsonResponse(result) # 取出结果中的博主 author = authors[0] # visitor visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username category = request.GET.get('category') if category in ['tec', 'no-tec']: # /v1/topics/<author_id>?category=[tec|no-tec] 用户全量数据 if author_id == visitor_name: # 博主访问自己的博客 topics = Topic.objects.filter(author_id=author_id, category=category) else: # 访客来了 topics = Topic.objects.filter(author_id=author_id, category=category, limit='public') else: # /v1/topics/<author_id>?category=[tec|no-tec] 用户全量数据 if author_id == visitor_name: # 博主访问自己的博客 获取全部博客数据 topics = Topic.objects.filter(author_id=author_id) else: # 方可访问博客,非博主本人 topics = Topic.objects.filter(author_id, author_id, limit='public') # 返回 res = make_topics_res(author, topics) return JsonResponse(res) elif request.method == 'POST': # 创建用户博客数据 json_str = request.body if not json_str: result = {'code': 301, 'error': 'Please give me json'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') # xss注入 # 进行转义 title = html.escape(title) if not title: result = {'code': 302, 'error': 'Please give me title'} return JsonResponse(result) content = json_obj.get('content') if not content: result = {'code': 303, 'error': 'Please give me content'} return JsonResponse(result) # 获取纯文本内容 - 用于切割文章简介 content_text = json_obj.get('content_text') if not content_text: result = {'code': 304, 'error': 'Please give me content_text'} return JsonResponse(result) # 切割文章简介 introduce = content_text[:30] limit = json_obj.get('limit') if limit not in ['public', 'private']: result = {'code': 305, 'error': 'Your limit is wrong'} return JsonResponse(result) category = json_obj.get('category') # 创建数据 Topic.objects.create(title=title, category=category, limit=limit, introduce=introduce, author=request.user) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'DELETE': # 博主删除自己的文章 # /v1/topics/<author_id> # token存储的用户 author = request.user token_author_id = author.username # url中传过来的author_id必须与token中的用户名相等 if author_id != token_author_id: result = {'code': 309, 'error': 'You can not do it'} return JsonResponse(result) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except: result = {'code': 310, 'error': 'You can not do it !'} return JsonResponse(result) # 删除 if topic.author.username != author_id: result = {'code': 311, 'error': 'You can not do it !!'} return JsonResponse(result) topic.delete() res = {'code': 200} return JsonResponse(res)
def topics(request, author_id): if request.method == 'GET': # get user's blog data # get the author authors = user_profile.objects.filter(username=author_id) if not authors: result = {'code': 308, 'error': 'do not have any author'} return JsonResponse(result) author = authors[0] # get visitor visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username # get details t_id = request.GET.get('t_id') if t_id: # to check if is author self is_self = False t_id = int(t_id) if author_id == visitor_name: is_self = True try: topic = Topic.objects.get(id=t_id) except Exception as e: result = { 'code': 312, 'error': 'Sorry, the topic is not existing' } return JsonResponse(result) else: try: topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: result = { 'code': 313, 'error': 'Sorry, the topic is not existing!' } return JsonResponse(result) result = get_topic_details(author, topic, is_self) return JsonResponse(result) #topics page else: category = request.GET.get('category') if category in ['tec', 'no-tec']: # /v1/topics/<author_id>?category=[tec/no-tec] if author_id == visitor_name: # if the visitor is author topics = Topic.objects.filter(author=author_id, category=category) else: # if the visitor is not author topics = Topic.objects.filter(author=author_id, limit='public', category=category) else: # /v1/topics/<author_id> if author_id == visitor_name: # if the visitor is author topics = Topic.objects.filter(author=author_id) else: # if the visitor is not author topics = Topic.objects.filter(author=author_id, limit='public') result = make_topics_result(author, topics) return JsonResponse(result) elif request.method == 'POST': # create new article json_str = request.body if not json_str: result = {'code': 301, 'error': 'can not find any data'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') # xss transferred title = html.escape(title) # judge title if not title: result = { 'code': 302, 'error': 'Please input the title of article' } return JsonResponse(result) category = json_obj.get('category') if category not in ['tec', 'no-tec']: result = { 'code': 303, 'error': 'Please choose the category of article' } return JsonResponse(result) limit = json_obj.get('limit') if limit not in ['public', 'private']: result = { 'code': 304, 'error': 'Please choose the limit of article' } return JsonResponse(result) content = json_obj.get('content') if not content: result = { 'code': 305, 'error': 'Please input the content of article' } return JsonResponse(result) content_text = json_obj.get('content_text') if not content_text: result = { 'code': 306, 'error': 'Please input the content_text of article' } return JsonResponse(result) introduce = content_text[:30] try: Topic.objects.create(title=title, category=category, limit=limit, introduce=introduce, content=content, author=request.user) except Exception as e: result = {'code': 307, 'error': 'Sorry, server is busy'} return JsonResponse(result) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) # delete specified topic elif request.method == 'DELETE': # get the user from token author = request.user token_author_id = author.username # user shold same as author if author_id != token_author_id: result = { 'code': 309, 'error': 'Please confirm if it is your blog' } return JsonResponse(result) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except Exception as e: result = {'code': 310, 'error': 'You can not do it'} return JsonResponse(result) if topic.author.username != author_id: result = {'code': 311, 'error': 'You can not do it!'} return JsonResponse(result) topic.delete() return JsonResponse({'code': 200}) # other request else: result = {'code': 312, 'error': 'method of request is wrong'} return JsonResponse(result)
def topics(request, author_id): if request.method == 'POST': # 发表博客 author = request.user if author.username != author_id: result = {'code': 30101, 'error': 'The author is error!'} return JsonResponse(result) json_str = request.body json_obj = json.loads(json_str) title = json_obj.get('title') # 注意xss攻击 import html title = html.escape(title) category = json_obj.get('category') if category not in ['tec', 'no-tec']: result = { 'code': 30102, 'error': 'Thanks, your category is error~' } return JsonResponse(result) limit = json_obj.get('limit') if limit not in ['private', 'public']: result = {'code': 30103, 'error': 'Thanks, your limit is error!!'} return JsonResponse(result) # 带样式的文章内容 content = json_obj.get('content') # 纯文本的 文章内容 - 用于做文章简介的切片 content_text = json_obj.get('content_text') introduce = content_text[:30] # 创建topic Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author=author) result = {'code': 200, 'username': author.username} return JsonResponse(result) if request.method == 'GET': # 获取用户文章数据 # /v1/topics/tony - tony的所有文章 # /v1/topics/tony?category=tec # /v1/topics/tony?t_id=33查看具体文章 # 1.访问当前博客的访问者 visitor # 2.被访问的博客的博主 author author = UserProfile.objects.filter(username=author_id) if not author: result = {'code': 30104, 'error': 'The author is not existed!'} return JsonResponse(result) author = author[0] # 访问者 visitor = get_user_by_request(request) visitor_username = None if visitor: visitor_username = visitor.username t_id = request.GET.get('t_id') if t_id: # 获取指定文章的详情页 t_id = int(t_id) # 生成标记为 True 为博主自己访问自己, False 为陌生人访问博主 is_self = False if author_id == visitor_username: is_self = True try: author_topic = Topic.objects.get( id=t_id, author_id=visitor_username) except Exception as e: result = {'code': 400, 'error': 'No topic'} return JsonResponse(result) else: try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: result = {'code': 400, 'error': 'No topic'} return JsonResponse(result) # 生成具体返回值 result = make_topic_res(author, author_topic, is_self) return JsonResponse(result) else: # 列表页 category = request.GET.get('category') if category in ['tec', 'no-tec']: # 按种类筛选 if author_id == visitor_username: author_topics = Topic.objects.filter(author_id=author_id, category=category) else: author_topics = Topic.objects.filter(author_id=author_id, limit='public', category=category) else: # 不分种类 if author_id == visitor_username: # 博主访问自己的博客,作者文章全部都返回 author_topics = Topic.objects.filter(author_id=author_id) else: # 陌生人访问他人博客, 只返回公开权限的 author_topics = Topic.objects.filter(author_id=author_id, limit='public') res = make_topics_res(author, author_topics) return JsonResponse(res) if request.method == 'DELETE': # 删除博客文章, 真删除 # 请求中携带查询字符串 ?topic_id=3 # 响应{'code':200} user = request.user if user.username != author_id: print(user.username, author_id) result = {'code': 30105, 'error': 'Your id is error'} return JsonResponse(result) topic_id = request.GET.get('topic_id') if not topic_id: result = {'code': 30106, 'error': 'Must be give me topic_id!'} return JsonResponse(result) topic_id = int(topic_id) try: topic = Topic.objects.get(id=topic_id, author_id=author_id) print(topic) topic.delete() result = {'code': 200} except Exception as e: print('--topic-delete-error--') print(e) result = {'code': 30107, 'error': 'The topic is not exist'} return JsonResponse(result)
def topics(request, author_id): #http://127.0.0.1:5000/<username>/topic/release if request.method == 'POST': # 发布博客 json_str = request.body if not json_str: result = {'code': 302, 'error': 'Please give me data'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') #带html标签样式的文章内容 [颜色啊,..] content = json_obj.get('content') #纯文本的文章内容 用于截取简介 content_text = json_obj.get('content_text') limit = json_obj.get('limit') category = json_obj.get('category') if not title: result = {'code': 303, 'error': 'Please give me title !!'} return JsonResponse(result) #防止xss cross site script 攻击 title = html.escape(title) if not content: result = {'code': 304, 'error': 'Please give me content !!'} return JsonResponse(result) if not content_text: result = {'code': 305, 'error': 'Please give me content text !!'} return JsonResponse(result) if not limit: result = {'code': 306, 'error': 'Please give me limit !!'} return JsonResponse(result) if not category: result = {'code': 307, 'error': 'Please give me category'} return JsonResponse(result) introduce = content_text[:30] if request.user.username != author_id: result = {'code': 308, 'error': 'Can not touch me !!'} return JsonResponse(result) #创建数据 try: Topic.objects.create(title=title, limit=limit, content=content, introduce=introduce, category=category, author_id=author_id) except Exception as e: print(11111111111) print(e) result = {'code': 309, 'error': 'Topic is busy'} return JsonResponse(result) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'GET': #获取author_id的文章 #后端地址: /v1/topcis/<username>?category=tec|no-tec #前端地址: http://127.0.0.1:5000/<username>/topics #文档地址: 第二部分 # 1, 访问者 visitor # 2, 博主/作者 author #查找我们的大博主 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 310, 'error': 'The user is not existed !'} return JsonResponse(result) author = authors[0] #查找我们的访问者 visitor = get_user_by_request(request) visitor_username = None if visitor: visitor_username = visitor.username #获取t_id t_id = request.GET.get('t_id') if t_id: #查询用户指定文章 t_id = int(t_id) #是否为 博主访问自己的博客 is_self = False if visitor_username == author_id: is_self = True #博主访问自己的博客 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {'code': 311, 'error': 'no topic'} return JsonResponse(result) else: #陌生人访问博主的博客 try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: result = {'code': 312, 'error': 'no topic ! '} return JsonResponse(result) res = make_topic_res(author, author_topic, is_self) #http://127.0.0.1:5000/<username>/topics return JsonResponse(res) else: #查询用户的全部文章 #判断是否有查询字符串[category] category = request.GET.get('category') if category in ['tec', 'no-tec']: if visitor_username == author.username: # 博主访问自己的博客 author_topics = Topic.objects.filter( author_id=author.username, category=category) else: # 陌生的访问者 访问 author 的博客 author_topics = Topic.objects.filter( author_id=author.username, limit='public', category=category) else: if visitor_username == author.username: #博主访问自己的博客 author_topics = Topic.objects.filter( author_id=author.username) else: #陌生的访问者 访问 author 的博客 author_topics = Topic.objects.filter( author_id=author.username, limit='public') #生成返回值 res = make_topics_res(author, author_topics) return JsonResponse(res) elif request.method == 'DELETE': #删除博客 [真删除] #查询字符串中 包含 topic_id -> #res返回值 {'code':200} topic_id = request.GET.get('topic_id') pass
def topics(request, author_id): if request.method == 'GET': #获取用户数据 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 308, 'error': 'no author'} return JsonResponse(result) #取出结果中的博主 author = authors[0] #visitor visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username #用户全量数据 category = request.GET.get('category') if category in ['tec', 'no-tec']: if author_id == visitor_name: #博主访问自己的博客 topics = Topic.objects.filter(author_id=author_id, category=category) else: #访客来了 topics = Topic.objects.filter(author_id=author_id, category=category, limit='public') else: #用户全量数据 if author_id == visitor_name: #博主访问自己的博客 获取全部数据 topics = Topic.objects.filter(author_id=author_id) else: #访客来了,非博主本人 public topics = Topic.objects.filter(author_id=author_id, limit='public') #返回 res = make_topics_res(author, topics) return JsonResponse(res) elif request.method == 'POST': #创建用户数据 json_str = request.body if not json_str: result = {'code': 301, 'error': 'give json'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') #xss注入脚本 import html #进行转义 title = html.escape(title) if not title: result = {'code': 302, 'error': 'g v title'} return JsonResponse(result) content = json_obj.get('content') if not content: result = {'code': 303, 'error': 'g v content'} return JsonResponse(result) #获取纯文本内容,用于切割文章简介 content_text = json_obj.get('content_text') if not content_text: result = {'code': 304, 'error': 'p g v content_text'} return JsonResponse(result) #切割简介 introduce = content_text[:30] limit = json_obj.get('limit') if limit not in ['public', 'private']: result = {'code': 305, 'error': 'limit is wrong'} return JsonResponse(result) category = json_obj.get('category') #TODO 检查 same to limit #创建数据 Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author=request.user) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'DELETE': #博主删除自己的文章 #token存储的用户 author = request.user token_author_id = author.username #url中传过来的author——id 必须与token中的用户名相等 if author_id != token_author_id: result = {'code': 309, 'error': 'u can not do it'} return JsonResponse(result) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except: result = {'code': 310, 'error': 'can not do it!'} return JsonResponse(result) #删除 if topic.author.username != author_id: result = {'code': 311, 'error': 'u can not do it !!'} return JsonResponse(result) topic.delete() res = {'code': 200} return JsonResponse(res) return JsonResponse({'code': 200, 'error': 'test!'})
def topics(request,author_id): if request.method=="GET": #http://127.0.0.1:5000/<username>/topics #获取用户数据 authors=UserProfile.objects.filter(username=author_id) if not authors: result={'code':308,'error':'no author'} return JsonResponse(result) author=authors[0] visitor=get_user_by_request(request) visitor_name=None if visitor: visitor_name=visitor.username t_id=request.GET.get('t_id') if t_id: #是否为自己访问自己 is_self=False #根据t_id 进行查询 t_id=int(t_id) if author_id==visitor_name: is_self = True try: author_topic=Topic.objects.get(id=t_id) except Exception as e: result = {'code': 312, 'error': 'no topic'} return JsonResponse(result) else: #访客访问 try: author_topic = Topic.objects.get(id=t_id,limit='public') except Exception as e: result = {'code': 313, 'error': 'no topic !'} return JsonResponse(result) res=make_topic_res(author,author_topic,is_self) return JsonResponse(res) else: category=request.GET.get('category') if category in ['tec','no-tec']: # /v1/topics/<author_id>? category=[tec|no-tec] if author_id==visitor_name: topics=Topic.objects.filter(author_id=author_id,categrory=category) else: topics=Topic.objects.filter(author_id=author_id,categrory=category,limit='public') else: # /v1/topics/<author_id> if author_id==visitor_name: #博主访问自己的博客,获取全部的数据 topics=Topic.objects.filter(author_id=author_id) else: #访客来了,非博主本人 topics=Topic.objects.filter(author_id=author_id,limit ='public') result=make_topics_res(author,topics) return JsonResponse(result) elif request.method=="POST": json_str = request.body if not json_str: result={'code':301,'error':'Please give me json'} return JsonResponse(result) json_obj=json.loads(json_str) title=json_obj.get('title') #xss注入,进行转义 import html title=html.escape(title) if not title: result={'code':302,'error':"Please give me title"} return JsonResponse(result) content=json_obj.get('content') if not content: result = {'code': 303, 'error': "Please give me content"} return JsonResponse(result) #获取纯文本内容, content_text=json_obj.get('content_text') if not content_text: result = {'code': 304, 'error': "Please give me content_text"} return JsonResponse(result) introduce=content_text[:30] limit=json_obj.get('limit') if limit not in ['public','private']: result = {'code': 305, 'error': "You limit is wrong"} return JsonResponse(result) categrory = json_obj.get('category') if categrory not in ['tec','no-tec']: result = {'code': 306, 'error': "You categrory is wrong"} return JsonResponse(result) Topic.objects.create(title=title,categrory=categrory,limit=limit,content=content,introduce=introduce, author=request.user) result={'code':200,'username':request.user.username} return JsonResponse(result) # elif request.method=="" elif request.method=="DELETE": #博主删除自己的博客 #vi/topics/<author_id> # #token存储的用户 author=request.user token_author_id=author.username if author_id!=token_author_id: result={'code':309,'error':'You can not do it '} return JsonResponse(result) topic_id=request.GET.get('topic_id') try: topic=Topic.objects.get(id=topic_id) except: result={'code':310,'error':'You can not do it !'} return JsonResponse(result) if topic.author.username!=author_id: result = {'code': 311, 'error': 'You can not do it !!'} return JsonResponse(result) topic.delete() res={'code':200} return JsonResponse(res)
def topics(request, author_id): #因为数据库username为主键,author_id为username if request.method == "POST": user = request.user if user.username != author_id: result = {"code": 301, "error": "wrong!"} return JsonResponse(result) json_str = request.body if not json_str: result = {"code": 302, "error": "please give me data!"} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get("title") category = json_obj.get("category") limit = json_obj.get("limit") content = json_obj.get("content") content_text = json_obj.get("content_text") if not title: result = {"code": 303, "error": "please give me title!"} return JsonResponse(result) #防止xss cross site script攻击 title = html.escape(title) if not category: result = {"code": 304, "error": "please give me category!"} return JsonResponse(result) if not limit: result = {"code": 305, "error": "please give me limit!"} return JsonResponse(result) if not content: result = {"code": 306, "error": "please give me content!"} return JsonResponse(result) if not content_text: result = {"code": 307, "error": "please give me content_text!"} return JsonResponse(result) introduce = content_text[:30] try: Topic.objects.create(title=title, category=category, limit=limit, introduce=introduce, content=content, author_id=author_id) except Exception as e: print("The error is %s" % e) result = {"code": 222, "error": "topic is busy"} return JsonResponse(result) result = {"code": 200, "username": user.username} return JsonResponse(result) elif request.method == "GET": authors = Userprofile.objects.filter(username=author_id) if not authors: result = {"code": 301, "error": "author is not existed"} return JsonResponse(result) author = authors[0] category = request.GET.get("category") t_id = request.GET.get("t_id") #查找访问者 visitor = get_user_by_request(request) visitor_username = None if visitor: visitor_username = visitor.username if t_id: #查询用户的指定文章 t_id = int(t_id) is_self = False if visitor_username == author_id: is_self = True # 博主访问自己的博客 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {"code": 311, "error": "no topic"} return JsonResponse(result) else: # 陌生人访问博主的博客 try: author_topic = Topic.objects.get(id=t_id, limit="public") except Exception as e: result = {"code": 312, "error": "no topic!"} return JsonResponse(result) res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: if category in ["tec", "no-tec"]: if visitor_username == author.username: #博主访问自己的博客 author_topics = Topic.objects.filter( author_id=author.username, category=category) else: #陌生人访问博主的博客 author_topics = Topic.objects.filter( author_id=author.username, limit="public", category=category) else: if visitor_username == author.username: #博主访问自己的博客 author_topics = Topic.objects.filter( author_id=author.username) else: #陌生人访问博主的博客 author_topics = Topic.objects.filter( author_id=author.username, limit="public") res = make_topics_res(author, author_topics) return JsonResponse(res) elif request.method == "DELETE": user = request.user if user.username != author_id: result = {"code": 404, "error": "wrong!"} return JsonResponse(result) topic_id = request.GET.get("topic_id") if not topic_id: result = {"code": 405, "error": "please give me topic_id!"} return JsonResponse(result) topics = Topic.objects.filter(id=topic_id, author_id=author_id) if not topics: result = {"code": 405, "error": "the topic is not existed!"} return JsonResponse(result) topic = topics[0] topic.delete() result = {"code": 200} return JsonResponse(result)
def topics(request, author_id): # 127.0.0.1:8000/v1/topics/<author_id>?category=[tec|no-tec] if request.method == 'GET': # 獲取用戶數據 # http://127.0.0.1:5000/<username>/topics # author_id 被訪問的部落格博主用戶名 # visitor 訪客 「1.登入了 2.遊客(未登入)」 # author 博主 當前被訪問博客的博主 authors = UserProfile.objects.filter(username=author_id) # 判斷是否有這個博主 if not authors: result = {'code': 308, 'error': 'No author!'} return JsonResponse(result) # 取出結果中的博主 author = authors[0] # visitor 怎麼確定? visitor = get_user_by_request(request) visitor_name = None if visitor: visitor_name = visitor.username # 有t_id就是詳情頁,沒有就是列表頁 t_id = request.GET.get('t_id') if t_id: # 當前是否為 博主訪問自己的文章 is_self = False # 獲取詳情 t_id = int(t_id) if author_id == visitor_name: is_self = True # 博主訪問自己 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {'code': 312, 'error': 'No topic!'} return JsonResponse(result) else: # 訪客訪問博主文章 try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: result = {'code': 313, 'error': 'No topic!!'} return JsonResponse(result) # 拼前端返回值 res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: # 獲取用戶所有博客 category = request.GET.get('category') if category in ['tec', 'no-tec']: # /v1/topics/<author_id>?category=[tec|no-tec] if author_id == visitor_name: # 博主訪問自己 topics = Topic.objects.filter(author_id=author_id, category=category) else: # 訪客來了 訪客只能 topics = Topic.objects.filter(author_id=author_id, category=category, limit='public') else: # /v1/topics/<author_id> 用戶全量數據 if author_id == visitor_name: # 當前為博主訪問自己的博客 獲取全部數據 topics = Topic.objects.filter(author_id=author_id) else: # 訪客 非博主本人 只獲取public數據 topics = Topic.objects.filter(author_id=author_id, limit='public') res = make_topics_res(author, topics) return JsonResponse(res) elif request.method == 'POST': # 創建用戶部落格數據 json_str = request.body if not json_str: result = {'code': 301, 'error': 'Please give me json!'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') # 防止xss注入 使用html轉譯 import html title = html.escape(title) if not title: result = {'code': 302, 'error': 'Please give me title!'} return JsonResponse(result) content = json_obj.get('content') if not content: result = {'code': 303, 'error': 'Please give me content!'} return JsonResponse(result) # 獲取純文本文件,用於切割文章簡介 content_text = json_obj.get('content_text') if not content_text: result = {'code': 304, 'error': 'Please give me content_text!'} return JsonResponse(result) # 切割簡介 introduce = content_text[:30] limit = json_obj.get('limit') if limit not in ['public', 'private']: result = {'code': 305, 'error': 'Your limit is wrong!'} return JsonResponse(result) category = json_obj.get('category') # TODO 檢查 same to 'limit' # 創建數據 Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author=request.user) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) elif request.method == 'DELETE': # 博主刪除自己的文章 # /v1/topics/<author_id> # token存儲的用戶 author = request.user token_author_id = author.username # url中傳過來的author_id必須和token中的用戶名相等 if author_id != token_author_id: result = {'code': 309, 'error': 'You can not di it!'} return JsonResponse(result) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except: result = {'code': 310, 'error': 'You can not di it!!'} return JsonResponse(result) # if topic.author.username != author_id: result = {'code': 311, 'error': 'You can not di it!!!'} return JsonResponse(result) topic.delete() res = {'code': 200} return JsonResponse(res) return JsonResponse({'code': 200, 'error': 'This is a test!'})
def topics(request, author_id): if request.method == 'GET': # 获取用户数据 # author_id 被访问的博客的博主用户名 # visitor 访客 authors = UserProfile.objects.filter(username=author_id) # print(author_id) if not authors: result = {'code': 308, 'error': '?no author'} return JsonResponse(result) # 取出结果中的博主 author = authors[0] # visitor visitor = get_user_by_request(request) visitor_name = None if visitor: # 是登陆用户 visitor_name = visitor.username t_id = request.GET.get('t_id') if t_id: # 当前是否为 博主访问自己的博客 is_self = False # 获取详情页 t_id = int(t_id) if author_id == visitor_name: is_self = True # 博主访问自己的博客详情页 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: result = {'code': 312, 'error': 'no topic'} return JsonResponse(result) else: # 访客访问博主博客详情页 try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: return JsonResponse({'code': 313, 'error': 'no topic!'}) res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: category = request.GET.get('category') if category in ['tec', 'no-tec']: # / v1/topics/<author_id>?category=[tec|no-yec] if author_id == visitor_name: # 博主访问自己 topics = Topic.objects.filter(author_id=author_id, category=category) else: # 访客 topics = Topic.objects.filter(author_id=author_id, category=category, limit='public') else: if author_id == visitor_name: # 博主 topics = Topic.objects.filter(author_id=author_id) else: # 登陆访客 topics = Topic.objects.filter(author_id=author_id, limit='public') # 返回 author为 UserProfile对象 topics 为Topic对象 res = make_topics_res(author, topics) return JsonResponse(res) elif request.method == 'DELETE': author = request.user token_author_id = author.username # url 传入的author_id 必须与token中的用户名相等 if token_author_id != author_id: return JsonResponse({'code': 404, 'error': '用户不一致'}) topic_id = request.GET.get('topic_id') try: topic = Topic.objects.get(id=topic_id) except: result = {'code': 405, 'error': 'you can not do it'} return JsonResponse(result) if topic.author.username != author_id: return JsonResponse({'code': 406, 'error': 'you can do yit'}) topic.delete() res = {'code': 200} return JsonResponse(res) elif request.method == 'POST': # 创建用户博客数据 # token = request.META.get('HTTP_AUTHORIZATION') # if not token: # return JsonResponse({'code':403,'error':'用户未登陆'}) req = request.body req_dic = json.loads(req) if not req_dic: return JsonResponse({'code': 401, 'error': '没有JSON数据'}) title = req_dic.get('title') # xss 注入 import html title = html.escape(title) if not title: return JsonResponse({'code': 402, 'error': '没有用户名'}) category = req_dic.get('category') if category not in ['tec', 'no-tec']: return JsonResponse({'code': 403, 'error': 'category不正确'}) content = req_dic.get('content') if not content: return JsonResponse({'code': 405, 'error': 'content 不正确'}) content_text = req_dic.get('content_text') if not content_text: return JsonResponse({'code': 406, 'error': 'content_text 不正确'}) introduce = content_text[:30] limit = req_dic.get('limit') if limit not in ['public', 'private']: return JsonResponse({'code': 407, 'error': 'gei wo limit'}) Topic.objects.create(title=title, category=category, limit=limit, content=content_text, introduce=introduce, author=request.user) user = request.user username = user.username return JsonResponse({'code': 200, 'username': username})
def topics(request, author_id): if request.method == 'POST': json_str = request.body if not json_str: result = {'code': 302, 'error': 'Please give me data'} return JsonResponse(result) json_obj = json.loads(json_str) title = json_obj.get('title') if not title: result = {'code': 218, 'error': 'the title is wrong'} return JsonResponse(result) #防止xss cross site script攻击 title = html.escape(title) category = json_obj.get('category') if not category: result = {'code': 219, 'error': 'the category is wrong'} return JsonResponse(result) limit = json_obj.get('limit') if not limit: result = {'code': 220, 'error': 'the limit is wrong'} return JsonResponse(result) content_text = json_obj.get('content_text') if not content_text: result = {'code': 226, 'error': 'the content_text is wrong'} return JsonResponse(result) introduce = content_text[:30] if not introduce: result = {'code': 221, 'error': 'the introduce is wrong'} return JsonResponse(result) # 带html标签样式的文章内容[color] content = json_obj.get('content') if not content: result = {'code': 222, 'error': 'the content is wrong'} return JsonResponse(result) if request.user.username != author_id: result = {'code': 230, 'error': 'the username is wrong'} return JsonResponse(result) # 创建数据 try: Topic.objects.create(title=title, category=category, limit=limit, content=content, introduce=introduce, author_id=author_id) except Exception as e: print(e) result = {'code': 309, 'error': 'Topic is busy'} return JsonResponse(result) result = {'code': 200, 'username': request.user.username} return JsonResponse(result) # 获取author_id文章 elif request.method == 'GET': #1.访问者 visitor 2.博主 author #查找博主 authors = UserProfile.objects.filter(username=author_id) if not authors: result = {'code': 310, 'error': 'the user is not existed'} return JsonResponse(result) author = authors[0] #查找我们访问者 visitor = get_user_by_request(request) visitor_username = None if visitor: visitor_username = visitor.username #获取topic_id t_id = request.GET.get('t_id') type(t_id) if t_id: #查询指定文章数据 t_id = int(t_id) #是否博主访问自己博客 is_self = False if visitor_username == author_id: is_self = True #博主访问自己博客 try: author_topic = Topic.objects.get(id=t_id) except Exception as e: print(e) result = {'code': 311, 'error': 'have not topic'} return JsonResponse(result) else: #陌生人访问博主博客 try: author_topic = Topic.objects.get(id=t_id, limit='public') except Exception as e: print(e) result = {'code': 312, 'error': 'have not topic!!!'} return JsonResponse(result) res = make_topic_res(author, author_topic, is_self) return JsonResponse(res) else: #查询用户全部文章 #判断是否有查询字符串[category] category = request.GET.get('category') if category in ['tec', 'no-tec']: if visitor_username == author.username: #博主访问自己博客 author_topics = Topic.objects.filter( author_id=author.username, category=category) else: #非博主访问博主博客 author_topics = Topic.objects.filter( author_id=author.username, limit='public', category=category) else: if visitor_username == author.username: # 博主访问与技术无关的博客 author_topics = Topic.objects.filter( author_id=author.username) else: # 非博主访问与技术无关的博客 author_topics = Topic.objects.filter( author_id=author.username, limit='public') # #生成返回值 res = make_topics_res(author, author_topics) return JsonResponse(res) elif request.method == 'DELETE': #删除博客 #查询字符串包含topic_id #获取Topic 的 id topic_id = request.GET.get('topic_id') try: #根据id获取topic topic = Topic.objects.get(id=topic_id) except: result = {'code': 405, 'error': 'the topic_id is existed'} return JsonResponse(result) #判断是否登录 user = request.user if not user: result = {'code': 403, 'error': 'the topic_id have not login'} return JsonResponse(result) #判断删除的文章的用户是否是登录的用户 if topic.author != user: result = {'code': 404, 'error': 'the topic_id permission denied'} return JsonResponse(result) #删除 topic.delete() #返回status 200 return JsonResponse({"code": 200})