def put(current_user, self, post_id, comment_id=None):
if not isinstance(post_id, str) or len(post_id) != 24:
abort(400, message="{} is not a valid post id".format(post_id))
if comment_id is None:
abort(
405, message="Can't PUT to this endpoint. Try /post/<post id>/comment/<comment id>")
elif not isinstance(comment_id, str) or len(comment_id) != 24:
abort(400, message="{} is not a valid comment id".format(comment_id))
existing_post = Posts.objects(id=post_id).first()
if existing_post is None:
abort(404, message="Post with id '{}' doesn't exist".format(post_id))
existing_comment = [
comment for comment in existing_post.comments if str(comment.id) == comment_id]
if len(existing_comment) < 1:
abort(404, message="Comment with id '{}' doesn't exist".format(comment_id))
else:
existing_comment = existing_comment[0]
if current_user != existing_comment.author and not current_user.is_admin:
abort(401, message="Missing rights.")
received_json = request.get_json()
errors = validate_values_in_dictionary(received_json, Comments)
if errors:
abort(400, errors=errors)
if received_json.get('body') is not None:
existing_comment.body = received_json.get('body')
existing_post.save()
return {}, 204
def post(current_user, self, post_id, comment_id=None):
if not isinstance(post_id, str) or len(post_id) != 24:
abort(400, message="{} is not a valid post id".format(post_id))
if comment_id is not None:
abort(405, message="Can't POST to this endpoint. Try /post/<post id>/comment")
post_data = Posts.objects(id=post_id).first()
if post_data is None:
abort(404, message="Post with id '{}' doesn't exist".format(post_id))
received_json = request.get_json()
errors = validate_values_in_dictionary(
received_json, Comments, required_keys={'body'})
if errors:
abort(400, errors=errors)
try:
new_comment = Comments(
author=current_user,
body=received_json['body'],
rating=Ratings()
)
post_data.comments.append(new_comment)
post_data.save()
current_user.comments.append(new_comment)
# TODO fix saving comments to user
# current_user.save()
except Exception as e:
abort(400, errors=str(e))
return {'message': "Comment posted successfully", 'comment': new_comment.to_json()}, 201
def post(self, name=None):
if name is not None:
abort(405, message="Can't POST to this endpoint. Try /user")
received_json = request.get_json()
errors = validate_values_in_dictionary(
received_json,
Users,
required_keys={'name', 'email', 'password'},
sensitive_keys={'name'},
unique_keys={'name', 'email'})
if errors:
abort(400, errors=errors)
hashed_password = hash_string_with_salt(received_json['password'])
try:
new_user = Users(active=True,
is_admin=False,
name=received_json['name'],
email=received_json['email'],
password=hashed_password,
registered_datetime=datetime.utcnow(),
posts=[],
comments=[]).save()
except Exception as e:
abort(400, errors=str(e))
return {
'message':
"User '{}' registered successfully".format(new_user.name),
'user': new_user.to_json()
}, 201
def put(current_user, self, post_id=None):
if post_id is None:
abort(405,
message="Can't PUT to this endpoint. Try /post/<post id>")
elif not isinstance(post_id, str) or len(post_id) != 24:
abort(404,
message="{} is not a valid post post_id".format(post_id))
existing_post = Posts.objects(id=post_id).first()
if existing_post is None:
abort(
404,
message="Post with post_id '{}' doesn't exist".format(post_id))
if current_user != existing_post.author and not current_user.is_admin:
abort(401, message="Missing rights.")
received_json = request.get_json()
errors = validate_values_in_dictionary(received_json,
Posts,
sensitive_keys={'title'},
admin_keys={'image'},
admin=current_user.is_admin)
if errors:
abort(400, errors=errors)
if received_json.get('title') is not None:
existing_post.title = received_json.get('title')
if received_json.get('image') is not None:
image64 = received_json['image']
file_like = b64decode(image64)
bytes_image = bytearray(file_like)
with TemporaryFile() as f:
f.write(bytes_image)
f.flush()
f.seek(0)
existing_post.image.replace(f)
existing_post.save()
return {}, 204
def post(current_user, self, name, post_id=None):
if post_id is not None:
abort(405, message="Can't POST to this endpoint. Try /post")
if current_user.name != name and not current_user.is_admin:
abort(401, message="Missing rights.")
received_json = request.get_json()
errors = validate_values_in_dictionary(
received_json,
Posts,
required_keys={'title', 'image'},
sensitive_keys={'title'})
if errors:
abort(400, errors=errors)
try:
new_post = Posts(title=received_json['title'],
author=current_user,
comments=[],
rating=Ratings())
image64 = received_json['image']
file_like = b64decode(image64)
bytes_image = bytearray(file_like)
with TemporaryFile() as f:
f.write(bytes_image)
f.flush()
f.seek(0)
new_post.image.put(f)
new_post.save()
current_user.posts.append(new_post)
current_user.save()
except Exception as e:
abort(400, errors=str(e))
return {'message': "Post successful", 'post': new_post.to_json()}, 201
def put(current_user, self, name=None):
if name is None:
abort(405,
message="Can't PUT to this endpoint. Try /user/<username>")
if current_user.name != name and not current_user.is_admin:
abort(401, message="Missing rights.")
existing_user = Users.objects(name=name).first()
if existing_user is None:
abort(404, message="User '{}' doesn't exist".format(name))
received_json = request.get_json()
errors = validate_values_in_dictionary(
received_json,
Users,
sensitive_keys={'name'},
unique_keys={'name', 'email'},
admin=current_user.is_admin,
admin_keys={'active', 'is_admin', 'name'})
if errors:
abort(400, errors=errors)
if received_json.get('active') is not None:
existing_user.active = bool(received_json.get('active'))
if received_json.get('is_admin') is not None:
existing_user.is_admin = bool(received_json.get('is_admin'))
if received_json.get('name') is not None:
existing_user.name = received_json.get('name')
if received_json.get('email') is not None:
existing_user.email = received_json.get('email')
if received_json.get('password') is not None:
existing_user.password = hash_string_with_salt(
received_json.get('password'))
existing_user.save()
return {}, 204