def post(self, group_content_id):
parser = RequestParser()
parser.add_argument("token",
type=str,
location="headers",
required=True)
args = parser.parse_args(strict=True)
token = args["token"]
user_id = verify_token(token)
if user_id is None:
return {'message': 'Illegal token.'}, 403
cursor.execute(
"SELECT * FROM Group_Contents WHERE Group_content_id like '%s' " %
(group_content_id, ))
result = cursor.fetchone()
connection.commit()
if result is None:
abort_if_doesnt_exist("Group_content_id")
group_id = result['Group_id']
cursor.execute("SELECT * FROM Groups WHERE Group_id like '%s' " %
(group_id, ))
result = cursor.fetchone()
if result['User_id'] != user_id:
return {'message': 'Unauthorized.'}, 401
cursor.execute("UPDATE Group_Contents SET Is_pinned=1 \
WHERE Group_content_id like '%s' " % (group_content_id, ))
connection.commit()
cursor.execute(
"SELECT * FROM Group_Contents WHERE Group_content_id like '%s' " %
(group_content_id, ))
result = cursor.fetchone()
connection.commit()
result['Create_time'] = str(result['Create_time'])
return {'result': result}
def get(self, pic_name):
try:
file = open('../pic/' + pic_name, 'rb')
img = file.read()
resp = Response(img, mimetype="image")
return resp
except FileNotFoundError:
abort_if_doesnt_exist("pictrue")
def get(self, topic_id):
cursor.execute("SELECT * FROM Topics WHERE Topic_id LIKE '%s'" %
(topic_id))
result = cursor.fetchone()
if result is None:
abort_if_doesnt_exist("Topic_id")
cursor.execute(
"SELECT Topic_content_id,Topic_content_content,Topic_content_image,Topic_id,Create_time,`User`.User_id,`User`.User_name FROM Topic_Contents,`User`\
WHERE Topic_id = %d AND Topic_Contents.User_id=`User`.User_id" %
(topic_id))
content = cursor.fetchall()
connection.commit()
for i in content:
i['Create_time'] = str(i['Create_time'])
return {
'result': {
'info': result,
'contents': content,
}
}
def get(self, group_id):
cursor.execute("SELECT * FROM Groups WHERE Group_id LIKE '%s'" %
(group_id))
result = cursor.fetchone()
if result is None:
abort_if_doesnt_exist("Group_id")
cursor.execute(
"SELECT Group_content_id,Group_content_content,Group_content_title,Group_id,Group_content_image,Create_time,\
Is_highlighted,Is_pinned,`User`.User_id,`User`.User_name FROM Group_Contents,`User`\
WHERE Group_id=%d and Group_Contents.User_id=User.User_id ORDER BY Is_pinned DESC"
% (group_id))
content = cursor.fetchall()
connection.commit()
for i in content:
i['Create_time'] = str(i['Create_time'])
return {
'result': {
'info': result,
'contents': content,
}
}
def get(self, book_id):
cursor.execute("SELECT * FROM Books WHERE Book_id LIKE '%s'" %
(book_id))
result = cursor.fetchone()
if result is None:
abort_if_doesnt_exist("Book_id")
cursor.execute(
"SELECT Book_comment_id,Book_comment_title,Book_comment_approve,Book_comment_disapprove,Book_comment_content,\
Book_id,Create_time,`User`.User_id,`User`.User_name FROM Book_Comments,`User`\
WHERE Book_id= %d and Book_Comments.User_id=User.User_id" %
(book_id))
content = cursor.fetchall()
connection.commit()
for i in content:
i['Create_time'] = str(i['Create_time'])
return {
'result': {
'info': result,
'comments': content,
}
}
def delete(self, book_comment_id):
parser = RequestParser()
parser.add_argument('token',
type=str,
location='headers',
required=True)
args = parser.parse_args()
token = args["token"]
user_id = verify_token(token)
if user_id is None:
return {'message': 'Illegal token.'}, 403
cursor.execute(
"SELECT Type FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d"
% (book_comment_id, user_id))
result = cursor.fetchone()
if result == None:
connection.commit()
abort_if_doesnt_exist("book_comment_id")
approve_type = result['Type']
cursor.execute(
"DELETE FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d "
% (book_comment_id, user_id))
if approve_type == 1:
temp_str = "Book_comment_approve"
else:
temp_str = "Book_comment_disapprove"
cursor.execute("UPDATE Book_Comments \
SET %s = %s - 1 \
WHERE Book_comment_id = %d" %
(temp_str, temp_str, book_comment_id))
connection.commit()
cursor.execute(
"SELECT * FROM Book_Comments WHERE Book_comment_id = %d " %
(book_comment_id))
result = cursor.fetchone()
result['Create_time'] = str(result['Create_time'])
connection.commit()
return {'result': result}
