def delete_competition_api(id_):
competition = Competition.get_by_id(id_)
if competition is None:
raise NotFound('Competition not found')
competition.delete()
raise DeleteSuccess('Competition has been deleted')
def super_delete_posts():
form = PostIdForm().validate_for_api()
with db.auto_commit():
posts = Posts.query.filter_original(
id=form.post_id.data).first_or_404()
posts.delete()
return DeleteSuccess(msg='随记已删除!')
def delete_problem_set_api(id_):
problem_set = ProblemSet.get_by_id(id_)
if problem_set is None:
raise NotFound('Problem set not found')
problem_set.delete()
raise DeleteSuccess('Problem set has been deleted')
def delete_user():
# g变量是线程隔离的
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete():
form = ImageForm().validate_for_api()
host = form.host.data
image = form.image.data
certification = get_certification(host)
# 判断是否鉴权
if certification:
cert, key = cert_file_path(host)
tls_config = docker.tls.TLSConfig(client_cert=(cert, key),
verify=False)
client = docker.DockerClient(base_url='tcp://' + host + ':2376',
tls=tls_config)
else:
client = docker.DockerClient(base_url='tcp://' + host + ':2375')
try:
client.images.remove(image)
except ImageNotFound:
client.close()
return NotFound()
except APIError:
client.close()
return ImageUsed()
# client.images.remove(image)
client.close()
return DeleteSuccess(msg='镜像删除成功')
def delete_user():
uid = g.user.uid # g变量是「线程隔离」的
with db.auto_commit():
# 取代user = User.query.get_or_404(uid),即使删除了还是能查到
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
# uid 应该通过解析 token 得到用户信息
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def super_delete_user(uid):
is_admin = g.user.is_admin
if not is_admin:
raise AuthFailed(msg='You are not admin!')
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def unfollower_user():
form = UserIdForm().validate_for_api()
user_id = g.user.uid
with db.auto_commit():
follower = Followers.query.filter_original(
user_id=user_id, follower_id=form.user_id.data).first_or_404()
follower.delete()
return DeleteSuccess(msg='取消关注')
def delete_user():
# 哪怕同一时刻有两个用户访问g变量也不会出现数据混淆,g变量时线程隔离的
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
# 调用的base基类下的方法软删除
user.delete()
return DeleteSuccess()
def unlike_posts():
form = PostIdForm().validate_for_api()
user_id = g.user.uid
with db.auto_commit():
like = Likes.query.filter_original(
user_id=user_id, post_id=form.post_id.data).first_or_404()
like.delete()
return DeleteSuccess(msg='取消喜欢')
def delete_user():
# g(基变量是线程隔离的)
# 但是必须要@auth.login_required
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def revoke_toke():
# 解析token获取用户信息
if g.admin:
redis = Redis()
redis_name = current_app.config['REDIS_KEY_PREFIX'] + 'admin_token'
redis.hdel(redis_name, g.admin_token)
return DeleteSuccess(msg='注销成功')
def super_delete_user(uid):
# 管理员删除账户
with db.auto_commit():
# 不能采用这种方式,因为一旦软删除了还可以查询到用户
# user = User.query.get_or_404(uid)
user = User.query.filter_by(id=uid).first_or_4o4()
user.delete()
return DeleteSuccess()
def uncollection_posts():
form = PostIdForm().validate_for_api()
user_id = g.user.uid
with db.auto_commit():
collections = Collections.query.filter_original(
user_id=user_id, post_id=form.post_id.data).first_or_404()
collections.delete()
return DeleteSuccess(msg='取消收藏')
def delete_user():
# 超权禁止
# g -> 线程隔离
# namedtuple
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def filedelete():
if request.method == 'POST':
queryName = request.json['fileName']
query = {'filename': queryName + '.pdf'}
gfs = GFS('mongotest', 'file')
(file_db, fileTable) = gfs.createDB()
id = gfs.getID(file_db, query)
gfs.remove(file_db, id)
return DeleteSuccess()
def delete_user():
# 超权问题,普通权限的用户可以获取token直接删除其他用户
# 通过用户使用的token中携带的uid来进行删除,不可以随意设置uid
uid = g.user.uid
# g变量是线程隔离的,两个用户同时删除,不会出现线程错乱的问题
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
# 防止超权,用户只能删除自己
# g变量是线程隔离的,不会发生数据错乱
uid = g.user.uid
with db.auto_commit():
# 使用自定义的filter_by,可以加入状态码值的判断条件
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
#用户只能注销自己的账户
#g 线程隔离
#uid 号在用户的令牌里
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def super_delete_user(uid):
# # 权限的本质 0 1
# is_admin = g.user.is_admin
# if not is_admin:
# raise AuthFailed()
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
# 2个用户同时调用山粗接口,会有问题吗?
# 不会, 因为g是线程隔离
# g.user.uid 为什么可以这样用? 因为验证token通过,
# 把userinfo 存成了namedtuple结构, 可以通过.来访问属性
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
# 通过g变量来获取,g变量是线程隔离的
uid = g.user.uid
with db.auto_commit():
# 直接调用get_or_404会能反复查询到想要的数据
# user = User.query.get_or_404(uid)
# filter_by方法会添加status=1的条件
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def super_delete_user(uid):
"""
删除指定用户 - 管理员接口
:param uid: 用户 id
:return:
"""
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
"""
删除当前用户
:return:
"""
uid = g.user.uid
with db.auto_commit():
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user(gid):
# gid = g.user['gid']
with db.auto_commit():
user = User.query.filter_by(gid=gid).first_or_404()
# todo: use bottom layer join to implement
delete_q = Enroll.__table__.delete().where(
Enroll.user_gid == gid)
db.session.execute(delete_q)
db.session.delete(user)
return DeleteSuccess()
def delete_user():
# 不从用户参数 获得uid,避免超权,从token获得。但是管理员就要有超权行为
# nametuple,key用字典访问
# g变量线程隔离,不会出现数据错乱问题
uid = g.user.uid
with db.auto_commit():
# 首选查询,然后删除(定义在base里面)
# query,filter_by已经该写过,查询states状态为0的
user = User.query.filter_by(id=uid).first_or_404()
user.delete()
return DeleteSuccess()
def delete_user():
# 用户主动注销账号
# 考虑超权的问题,不能直接传递uid
# 由于g是线程隔离的,所以用户的同步请求也不会发生数据错乱
uid = g.user.uid
with db.auto_commit():
# 不能采用这种方式,因为一旦软删除了还可以查询到用户
# user = User.query.get_or_404(uid)
user = User.query.filter_by(id=uid).first_or_4o4()
user.delete()
return DeleteSuccess()
def delete_submenu():
data = request.get_json('id')
submenu = Submenu.query.get(data['id'])
if request.method == 'POST':
with db.auto_commit():
submenu.status = 0
if request.method == 'DELETE':
with db.auto_commit():
db.session.delete(submenu)
return DeleteSuccess()
def delete_article():
data = request.get_json('id')
article = Article.query.filter_by(id=data['id']).first_or_404()
if request.method == 'POST':
with db.auto_commit():
article.status = 0
if request.method == 'DELETE':
with db.auto_commit():
db.session.delete(article)
return DeleteSuccess()
