def check_post(post_id, username) -> bool:
"""
:param post_id: id поста
:param username: username текущего пользователя
:return: является ли пользователь автором поста (bool)
"""
if post_id is None or username is None:
return False
id_user = db_session.query(User).filter_by(
username=username).first().id
if db_session.query(Posts).filter_by(
id=post_id).first().author_id == id_user:
return True
return False
def check_comment(comment_id, username) -> bool:
"""
:param comment_id: id коммента
:param username: username текущего пользователя
:return: является ли пользователь автором комментария (bool)
"""
if comment_id is None or username is None:
return False
id_user = db_session.query(User).filter_by(
username=username).first().id
if db_session.query(Comments).filter_by(
id=comment_id).first().author_id == id_user:
return True
return False
def delete_list(id):
data = db_session.query(List).get(id)
for task in data.tasks:
db_session.delete(task)
db_session.delete(data)
db_session.commit()
return redirect(url_for('home'))
def get(self, *args, **kwargs):
"""
:return: Все комментарии
"""
# добаить фильтрацию по посту или юзеру
return jsonify(self.comment_serialize(
db_session.query(Comments).all()))
def update_list():
form = ListForm(request.form)
if request.method == 'POST':
list = db_session.query(List).get(request.form.get('id'))
list.name = form.name.data
db_session.add(task)
db_session.commit()
return redirect(url_for('home'))
def home():
list = db_session.query(List).all()
list_form = ListForm(request.form)
task_form = TaskForm(request.form)
return render_template("public/home.html",
list=list,
list_form=list_form,
task_form=task_form)
def delete_task(id):
print("Delete method called as get")
if request.method == 'POST':
print("Delete Task Post Method")
data = db_session.query(Task).get(id)
print("Deleting ", data)
db_session.delete(data)
db_session.commit()
return redirect(url_for('home'))
class TaskForm(FlaskForm):
id = HiddenField('id')
subject = StringField('Subject', validators=[DataRequired()])
description = StringField('Description')
status = BooleanField('Completed', default=False)
assigned_to = StringField('Assign to')
list = QuerySelectField(query_factory=lambda: db_session.query(List).all(),
allow_blank=False,
get_label='name')
submit = SubmitField('Submit')
def delete(self, *args, **kwargs):
"""
:return: ошибку или подтверждение о удалении комментария
QueryString параметры - comment_id
"""
comment_id = int(request.args.get('comment_id', None))
if self.check_comment(comment_id, auth.username()):
data = db_session.query(Comments).filter_by(id=comment_id).first()
db_session.delete(data)
db_session.commit()
return {'delete': 'True'}, 200
return {'error': 'permission denied'}, 404
def update_task():
form = TaskForm(request.form)
if request.method == 'POST':
task = db_session.query(Task).get(request.form.get('id'))
task.subject = form.subject.data
task.description = form.description.data
task.assigned_to = form.assigned_to.data
task.status = form.status.data
print(task)
db_session.add(task)
db_session.commit()
return redirect(url_for('home'))
def check_data(self, *args, **kwargs):
"""
:return: Ошибку или готовые данные - майл и имя пользователя
Проверяет валидность майла и имя пользователя
"""
email, us = request.args.get('email',
None), request.args.get('username', None)
if None in [email, us]:
return {'error': 'null email or username'}, None
if validate_email(email):
if db_session.query(User).filter_by(email=email).first():
return {
'error': 'user with such mail is already registered'
}, None
else:
return {'error': 'invalid email address'}, None
if db_session.query(User).filter_by(username=us).first():
return None, {
'error': 'user with such username is already registered'
}
return email, us
def verify_password(username, password):
"""
:param username: имя пользователя
:param password: пароль пользователя
:return: есть такой пользователь или нет (bool)
проверка авторизации пользователя (используется Basic Auth)
"""
us = db_session.query(User).filter_by(username=username).first()
if us and check_password_hash(us.password, password):
print(username, password)
return True
return False
def put(self, *args, **kwargs):
"""
:return: ошибку или подтверждение о изменении комментария
QueryString параметры - comment_id, title, content
"""
comment_id = int(request.args.get('comment_id', None))
title = request.args.get('title', None)
content = request.args.get('content', None)
if self.check_post(comment_id,
auth.username()) and None not in [title, content]:
data = db_session.query(Comments).filter_by(id=comment_id).first()
data.title = title
data.content = content
db_session.commit()
return {'update_data': 'True'}, 200
return {'error': 'permission denied'}, 404
def post(self, *args, **kwargs):
"""
:return: Ошибку или подтверждение добавления поста
QueryString параметры - title, content
"""
author_id = db_session.query(User).filter_by(
username=auth.username()).first().id
title = request.args.get('title', None)
content = request.args.get('content', None)
if author_id is None:
return {'error': 'authorisation error'}, 404
if None in [title, content]:
return {
'error': 'title and content should not have null values'
}, 404
p = Posts(author_id, title, content)
db_session.add(p)
db_session.commit()
return {'post_create': 'True'}, 200
def post(self, *args, **kwargs):
"""
:return: ошибку или подтверждение создания комментария
QueryString параметры - post_id, title, content
"""
post_id = int(request.args.get('post_id', None))
author_id = db_session.query(User).filter_by(
username=auth.username()).first().id
title = request.args.get('title', None)
content = request.args.get('content', None)
if post_id is None:
return {'error': 'post not found'}, 404
if author_id is None:
return {'error': 'authorisation error'}, 404
if None in [title, content]:
return {
'error': 'title and content should not have null values'
}, 404
p = Comments(post_id, author_id, title, content)
db_session.add(p)
db_session.commit()
return {'comment_create': 'True'}, 200
def view_tasks():
list = db_session.query(List).all()
print(list)
tasks = db_session.query(Task).order_by(Task.date_created.asc())
form = TaskForm(request.form)
return render_template("public/viewTasks.html", tasks=tasks, form=form)
def get(self, *args, **kwargs):
"""
:return: Все посты из БД
"""
# добавить сортировку по юзеру
return jsonify(self.post_serialize(db_session.query(Posts).all()))
