def put(self, user_id):
parser.add_argument('password')
parser.add_argument('position', required=True)
parser.add_argument('old_password')
parser.add_argument('password_again')
parser.add_argument('new_password')
args = parser.parse_args()
if get_user_by_email(args['email']) != get_user_by_id(user_id):
return jsonify({'error': 'Bad user'})
if args['password']:
er = some_decode_errors(args)
if er is not True:
return er
user = get_user_by_email(args['email'])
news = user.news
if not user.check_password(args['password']):
return jsonify({'error': 'Bad password'})
if 'success' in self.delete(user_id).json:
new_session = create_session()
user = User(
surname=args['surname'],
name=args['name'],
age=args['age'],
email=args['email'],
address=args['address'],
position=args['position'],
id=user_id
)
new_session.add(user)
user.set_password(args['password'])
for n in news:
news = new_session.query(News).get(n.id)
user.news.append(news)
new_session.merge(user)
new_session.commit()
if not any([args['old_password'], args['new_password'], args['password_again']]):
return jsonify({'success': 'OK'})
if args['old_password'] and args['new_password'] and args['password_again']:
try:
a = make_new_password(args['old_password'], args['new_password'], args['password_again'],
user=get_user_by_email(args['email']))
if a is not True:
return a
except AuthError:
return jsonify({'error': 'Bad old password'})
except NotEqualError:
return jsonify({'error': 'Not equal new and again'})
new_session = create_session()
user = get_user_by_id(user_id)
user.set_password(args['new_password'])
new_session.merge(user)
new_session.commit()
return jsonify({'success': 'OK'})
if (any([args['old_password'], args['new_password'], args['password_again']]) and args['password']) and not all(
[args['old_password'], args['new_password'], args['password_again']]):
return jsonify({'error': 'Not all new password'})
return jsonify({'error': 'Empty passwords'})
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('author', required=True, type=str)
parser.add_argument('header', required=True)
parser.add_argument('category_string_list', required=True, type=str)
parser.add_argument('preview', required=True, type=str)
parser.add_argument('text', required=True, type=str)
parser.add_argument('password', required=True)
args = parser.parse_args()
new_session = create_session()
user = get_user_by_email(args['author'], new_session)
if not check_user(user, args['password']):
return jsonify({'error': 'Bad user'})
text_address = ''
for i in range(5):
a = args['header'] + str(user.id) + str(random.randint(
1, 2**14)) + '.txt'
n = new_session.query(News).filter(News.text_address == a).first()
if not n:
text_address = a
break
if not text_address:
return jsonify({'error': 'not_unique_header'})
result = ''
for i in text_address:
if i.isdigit() or i.isalpha() or i == '.':
result += i
news = News(author=user.id, header=args['header'], text_address=result)
sp = args['category_string_list'].split(',')
try:
check_cat_string_list(sp)
except EmptyParamsError:
return jsonify({'error': 'Empty category'})
except BadCategoryError:
return jsonify({'error': 'Bad categories'})
except BigLenCategoryError:
return jsonify({'error': 'Big length of category'})
except NotUniqueCategoryError:
return jsonify({'error': 'Not unique categories'})
for i in sp:
cat = get_category_by_name(i.strip(), new_session)
if cat:
news.category.append(cat)
else:
news.category.append(Category(name=i.strip()))
user = get_user_by_email(args['author'], new_session)
user.news.append(news)
new_session.merge(user)
new_session.commit()
with open(os.path.join('news/' + result), encoding='utf-8',
mode='w') as text_file:
text_file.write(args['preview'] + SEPARATOR + args['text'])
return jsonify({'success': 'OK'})
def add_news():
news_form = NewsForm()
if news_form.validate_on_submit():
try:
cat_str_list = get_string_list_by_data(news_form.politic.data, news_form.technology.data,
news_form.health.data)
except EmptyParamsError:
return render_template('add_news.html', title='Добавление новости', form=news_form,
current_user=current_user, action_header='Добавление новости',
message="Пожалуйста, выберете категорию новости.")
if current_user.is_authenticated:
resp = requests.post(ADDRESS + '/api/v2/news', json={
'author': current_user.email,
'header': news_form.header.data,
'category_string_list': cat_str_list,
'preview': news_form.preview.data,
'text': news_form.text.data,
'password': news_form.password.data
}).json()
user = current_user
else:
resp = requests.post(ADDRESS + '/api/v2/news', json={
'author': news_form.author.data,
'header': news_form.header.data,
'category_string_list': cat_str_list,
'preview': news_form.preview.data,
'text': news_form.text.data,
'password': news_form.password.data
}).json()
user = get_user_by_email(news_form.author.data)
if 'success' in resp and user.position == 3:
p = requests.put(ADDRESS + '/api/v2/users/{}'.format(user.id), json={
'id': user.id,
'name': user.name,
'surname': user.surname,
'email': user.email,
'position': 2,
'age': user.age,
'address': user.address,
'password': news_form.password.data
})
if 'success' in p.json():
return redirect('/news')
elif 'error' in resp:
if resp['error'] == 'not_unique_header':
news_form.header.errors = ['Пожалуйста, выберете другой заголовок. Этот уже занят.']
elif resp['error'] == 'Bad user':
news_form.password.errors = ['Неверный пароль.']
elif 'success' in resp and user.position != 3:
return redirect('/news')
else:
return render_template('add_news.html', title='Добавление новости', form=news_form,
current_user=current_user, action_header='Добавление новости',
message='Произошла непредвиденная ошибка, пожалуйста попробуйте позже.')
return render_template('add_news.html', title='Добавление новости', action_header='Добавление новости',
form=news_form, current_user=current_user)
def login():
login_form = LoginForm()
if login_form.validate_on_submit():
try:
user = get_user_by_email(login_form.email.data)
except AuthError:
login_form.email.errors = ['Не найден такой пользователь']
return render_template('login.html', title='Вход', form=login_form)
if user and user.check_password(login_form.password.data):
login_user(user, remember=login_form.remember_me.data)
return redirect("/")
login_form.password.errors = ["Неправильный логин или пароль"]
return render_template('login.html',
form=login_form)
return render_template('login.html', title='Вход', form=login_form)
def put(self, news_id):
parser = reqparse.RequestParser()
parser.add_argument('password', required=True)
parser.add_argument('author', required=True, type=str)
parser.add_argument('header', required=True)
parser.add_argument('category_string_list', required=True, type=str)
parser.add_argument('preview', required=True, type=str)
parser.add_argument('text', required=True, type=str)
args = parser.parse_args()
if not check_user(get_user_by_email(args['author']), args['password']):
return jsonify({'error': 'Bad user'})
abort_if_news_not_found(news_id)
new_session = create_session()
user = new_session.query(User).filter(
User.email == args['author']).first()
news = new_session.query(News).get(news_id)
if not check_author_by_news_id(user, news):
return jsonify({'error': 'Bad user'})
user.news.remove(news)
news.header = args['header']
news.preview = args['preview']
sp = args['category_string_list'].split(',')
try:
check_cat_string_list(sp)
except EmptyParamsError:
return jsonify({'error': 'Empty category'})
except BadCategoryError:
return jsonify({'error': 'Bad categories'})
except BigLenCategoryError:
return jsonify({'error': 'Big length of category'})
except NotUniqueCategoryError:
return jsonify({'error': 'Not unique categories'})
news.category = []
for i in sp:
cat = get_category_by_name(i.strip(), new_session)
if cat:
news.category.append(cat)
else:
news.category.append(Category(name=i.strip()))
user.news.append(news)
new_session.merge(user)
new_session.commit()
with open(os.path.join('news/' + news.text_address),
encoding='utf-8',
mode='w') as text_file:
text_file.write(args['preview'] + SEPARATOR + args['text'])
return jsonify({'success': 'OK'})
def delete(self, user_id):
args_parser = reqparse.RequestParser()
args_parser.add_argument('email', required=True)
args_parser.add_argument('password', required=True)
args = args_parser.parse_args()
try:
user = get_user_by_email(args['email'])
except AuthError:
return jsonify({'error': 'Bad user'})
if not user.check_password(args['password']):
return jsonify({'error': 'Bad password'})
abort_if_user_not_found(user_id)
new_session = create_session()
user = new_session.query(User).get(user_id)
new_session.delete(user)
new_session.commit()
return jsonify({'success': 'OK'})
def delete(self, news_id):
parser = reqparse.RequestParser()
parser.add_argument('email', required=True)
parser.add_argument('password', required=True)
args = parser.parse_args()
new_session = create_session()
try:
user = get_user_by_email(args['email'], new_session)
except AuthError:
return jsonify({'error': 'Bad user'})
if not user.check_password(args['password']):
return jsonify({'error': 'Bad password'})
abort_if_news_not_found(news_id)
news = new_session.query(News).get(news_id)
if not check_author_by_news_id(user, news):
return jsonify({'error': 'No rights'})
os.remove(os.path.join('news/' + news.text_address))
new_session.delete(news)
new_session.commit()
return jsonify({'success': 'OK'})