Пример #1
0
def add_comment(request, project_id, issue_id):
    form = CommentForm(**json.loads(request.body))
    if not form.validate():
        raise Http400
    project = ProjectModel.get_by_id(long(project_id))
    if project is None:
        raise Http404
    if request.user.permission != UserPermission.root and request.user.key().id() not in project.member_ids:
        raise Http403
    issue = IssueModel.get_by_id(long(issue_id))
    if issue is None:
        raise Http404
    if issue.project.key() != project.key():
        raise Http403

    comment = CommentModel(
        comment=bleach.clean(
            form.comment.data,
            tags=utils.get_bleach_allow_tags(),
            attributes=utils.get_bleach_allow_attributes(),
            styles=utils.get_bleach_allow_styles(),
        ),
        author=request.user,
        issue=issue,
    )
    comment.put()
    return JsonResponse(comment)
Пример #2
0
def get_comments(request, project_id, issue_id):
    project = ProjectModel.get_by_id(long(project_id))
    if project is None:
        raise Http404
    if request.user.permission != UserPermission.root and request.user.key().id() not in project.member_ids:
        raise Http403
    issue = IssueModel.get_by_id(long(issue_id))
    if issue is None:
        raise Http404
    if issue.project.key() != project.key():
        raise Http403

    comments = CommentModel.all().filter("issue =", issue.key()).order("create_time").fetch(1000)
    return JsonResponse([x.dict() for x in comments])
Пример #3
0
def update_issue(request, project_id, issue_id):
    form = IssueForm(**json.loads(request.body))
    if not form.validate():
        raise Http400
    project = ProjectModel.get_by_id(long(project_id))
    if project is None:
        raise Http404
    if request.user.permission != UserPermission.root and request.user.key().id() not in project.member_ids:
        raise Http403
    issue = IssueModel.get_by_id(long(issue_id))
    if issue is None:
        raise Http404
    if issue.project.key() != project.key():
        raise Http404

    if issue.is_close != form.is_close.data:
        # close/reopen the issue
        issue.is_close = form.is_close.data
        issue.put()
    else:
        # update the issue
        if (
            request.user.permission != UserPermission.root
            and not request.user.key().id() in project.root_ids
            and request.user.key() != issue.author.key()
        ):
            raise Http403
        issue.title = form.title.data
        issue.content = bleach.clean(
            form.content.data,
            tags=utils.get_bleach_allow_tags(),
            attributes=utils.get_bleach_allow_attributes(),
            styles=utils.get_bleach_allow_styles(),
        )
        issue.floor = form.floor.data
        issue.label_ids = form.label_ids.data
        issue.put()
    return JsonResponse(issue)