async def update(self, uid, user, avatar, password):
if uid == self.__root_id and user is not None:
raise InvalidRequest('Permission denied')
user_pre = await self.db.find_one({'_id': ObjectId(uid)})
if user_pre is None:
raise InvalidRequest('User does not exist')
if user is None:
user = user_pre.get('user')
if avatar is None:
avatar = user_pre.get('avatar')
if password is None:
hashed = user_pre.get('password')
else:
password = password.encode('utf-8')
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
await self.db.find_one_and_update({'_id': ObjectId(uid)}, {
'$set': {
'user': user,
'password': hashed,
**({
'avatar': avatar
} if avatar is not None else {})
}
})
self.event.emit('user-update', {'id': uid, 'user': user})
async def remove(self, uid):
if uid == self.__root_id:
raise InvalidRequest('Root cannot be removed')
result = await self.db.find_one_and_delete({'_id': ObjectId(uid)},
projection={'user': True})
if result is None:
raise InvalidRequest('User does not exist')
self.event.emit('user-remove', {'id': uid, 'user': result['user']})
async def __check_change_name(self, cid, new_name):
if cid == self.root_id:
raise InvalidRequest('Permission denied')
if await self.db.find_one({'_id': ObjectId(cid)}) is None:
raise InvalidRequest('Category does not exist')
if await self.db.find_one({'name': new_name}) is not None:
raise InvalidRequest(new_name + ' already exists')
return True
async def set_role(self, uid, role):
if uid == self.__root_id:
raise InvalidRequest('Permission denied')
result = await self.db.find_one_and_update({'_id': ObjectId(uid)},
{'$set': {
'role': role
}})
if result is None:
raise InvalidRequest('User does not exist')
self.event.emit('user-update', {'id': uid, 'user': result['user']})
async def check_user(self, username, password):
result = await self.db.find_one({'user': username},
projection={
'password': True,
'_id': True
})
if result is None:
raise InvalidRequest('User does not exist')
password = password.encode('utf-8')
if not bcrypt.checkpw(password, result['password']):
raise InvalidRequest('Wrong password')
return str(result['_id'])
async def __check_change_parent(self, cid, new_parent):
if cid == self.root_id:
raise InvalidRequest('Permission denied')
if await self.db.find_one({'_id': ObjectId(cid)}) is None:
raise InvalidRequest('Category does not exist')
if await self.db.find_one({'_id': ObjectId(new_parent)}) is None:
raise InvalidRequest('New parent does not exist')
circle = new_parent
while circle != self.root_id:
if circle == cid:
raise InvalidRequest('Permission denied')
circle = (await self.db.find_one({'_id':
ObjectId(circle)}))['parent']
return True
async def update(self, data):
ls = [
'title', 'path', 'absolute_path', 'categories', 'tags', 'image',
'excerpt', 'content'
]
data_pre = await self._db.find_one({'_id': ObjectId(data['id'])})
if data_pre is None:
raise InvalidRequest('Post does not exist')
for x in ls:
if data.get(x) is not None:
# TODO: check the data
data_pre[x] = data[x]
await self._db.find_one_and_update({'_id': ObjectId(data['id'])}, {
'$set': {
'title': data_pre['title'],
'path': data_pre['path'],
'absolute_path': data_pre['absolute_path'],
'date': time(),
'categories': data_pre['categories'],
'tags': data_pre['tags'],
'image': data_pre['image'],
'excerpt': data_pre['excerpt'],
'content': data_pre['content']
}
})
self.event.emit('post-update', {'id': data['id']})
async def set_settings(self, uid, settings):
result = await self.db.find_one_and_update(
{'_id': ObjectId(uid)}, {'$set': {
'settings': settings
}})
if result is None:
raise InvalidRequest('User does not exist')
self.event.emit('user-update', {'id': uid, 'user': result['user']})
async def remove(self, cid):
if cid == self.root_id:
raise InvalidRequest('Permission denied')
result = await self.db.find_one({'_id': ObjectId(cid)})
if result is None:
raise InvalidRequest('Category does not exist')
children = result.get('children')
if children is not None:
for x in children:
await self.remove_children(x)
await self.db.find_one_and_delete({'_id': ObjectId(cid)})
self.event.emit('category-remove', {'id': str(result['_id'])})
parent = await self.db.find_one_and_update(
{'_id': ObjectId(result['parent'])},
{'$pullAll': {
'children': [cid]
}})
self.event.emit('category-update', {'id': str(parent['_id'])})
def resolve(self, p, user=None, mode=None):
# Remove /file
pathes = [i for i in p.split('/') if i][1:]
if mode is None:
if len(pathes) == 0:
raise InvalidRequest('Not found')
if pathes[0] == 'site' or pathes[0] == 'share':
return path.join(self.upload_path, *pathes)
else:
return path.join(self.upload_path, 'private', pathes[0],
'public', *pathes[1:])
elif mode == 'private':
if user is None:
raise InvalidRequest('Login required')
else:
return path.join(self.upload_path, 'private', user, *pathes)
elif mode == 'site' or mode == 'share':
return path.join(self.upload_path, mode, *pathes)
else:
raise InvalidRequest('Unknown path')
async def add(self, name, parent):
if await self.db.find_one({'name': name}) is not None:
raise InvalidRequest('Category already exists')
if parent is None:
parent = self.root_id
if await self.db.find_one({'_id': ObjectId(parent)}) is None:
raise InvalidRequest('Parent does not exists')
result = await self.db.insert_one({
'name': name,
'parent': parent,
'children': []
})
self.event.emit('category-add', {'id': str(result.inserted_id)})
self.db.find_one_and_update(
{'_id': ObjectId(parent)},
{'$addToSet': {
'children': str(result.inserted_id)
}})
self.event.emit('category-update', {'id': parent})
return str(result.inserted_id)
def send(p, type=None):
if path.isdir(p) and (type is None or type == 'dir'):
result = {}
for k in listdir(p):
if not k.startswith('.'):
result[k] = path.isdir(path.join(p, k))
return result
elif path.isfile(p) and (type is None or type == 'file'):
return web.FileResponse(p, chunk_size=256 * 1024)
else:
raise InvalidRequest('Not found', status_code=404)
async def add(self, username, password, role):
if await self.db.find_one({'user': username}) is not None:
raise InvalidRequest('User already exists')
password = password.encode('utf-8')
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
result = await self.db.insert_one({
'user': username,
'password': hashed,
'role': role
})
self.event.emit('user-add', {
'id': str(result.inserted_id),
'user': username
})
return str(result.inserted_id)
async def info(self, uid, projection=None):
if projection is None:
projection = {
'_id': False,
'user': True,
'avatar': True,
'role': True
}
result = await self.db.find_one({'_id': ObjectId(uid)},
projection=projection)
if result is None:
raise InvalidRequest('User does not exist')
if '_id' in result:
result['_id'] = str(result['_id'])
return result
async def info(self, pid, projection=None):
if projection is None:
projection = {
'_id': False,
'title': True,
'owner': True,
'path': True,
'date': True,
'categories': True,
'tags': True,
'image': True,
'excerpt': True,
}
result = await self._db.find_one({'_id': ObjectId(pid)},
projection=projection)
if result is None:
raise InvalidRequest('Post does not exist')
if '_id' in result:
result['_id'] = str(result['_id'])
return result
async def get_settings(self, uid):
result = await self.db.find_one({'_id': ObjectId(uid)})
if result is None:
raise InvalidRequest('User does not exist')
return result.get('settings')
async def role(self, uid):
result = await self.db.find_one({'_id': ObjectId(uid)},
projection={'role': True})
if result is None:
raise InvalidRequest('User does not exist')
return result['role']
async def info(self, cid):
result = await self.db.find_one({'_id': ObjectId(cid)},
projection={'_id': False})
if result is None:
raise InvalidRequest("Category does not exist")
return result
async def get_id(self, name):
result = await self.db.find_one({'name': name})
if result is None:
raise InvalidRequest('Category does not exist')
return str(result['_id'])
async def unpublish(self, pid):
if await self._db.find_one_and_delete({'_id': ObjectId(pid)}) is None:
raise InvalidRequest('Post does not exist')
self.event.emit('post-remove', {'id': pid})
async def get_id(self, username):
result = await self.db.find_one({'user': username})
if result is None:
raise InvalidRequest('User does not exist')
return str(result['_id'])