def new_comment(photo_id):
photo = Photo.query.get_or_404(photo_id)
page = request.args.get('page', 1, type=int)
form = CommentForm()
if form.validate_on_submit():
body = form.body.data
author = current_user._get_current_object()
comment = Comment(body=body, author=author, photo=photo)
replied_id = request.args.get('reply')
if replied_id:
comment.replied = Comment.query.get_or_404(replied_id)
if comment.replied.author.receive_comment_notification:
push_comment_notification(photo_id=photo.id,
receiver=comment.replied.author)
db.session.add(comment)
db.session.commit()
flash('Comment published.', 'success')
if current_user != photo.author and photo.author.receive_comment_notification:
push_comment_notification(photo_id,
receiver=photo.author,
page=page)
flash_errors(form)
return redirect(url_for('.show_photo', photo_id=photo_id, page=page))
def mock_db():
""" Insert mock data into database """
init_db()
simon = Lecturer('*****@*****.**',
sha256('1234'.encode('utf-8')).hexdigest(), 'Simon',
'McCallum')
simon.admin = True
db.session.add(simon)
magnus = Lecturer('*****@*****.**',
sha256('12345'.encode('utf-8')).hexdigest(), 'Magnus',
'Vik')
db.session.add(magnus)
imt3601 = Course('IMT3601 - Game Programming', simon)
db.session.add(imt3601)
imt3601_l1 = Lecture('Lecture 1', imt3601)
db.session.add(imt3601_l1)
imt3601_l1_c1 = Comment('This is boring', datetime(2015, 11, 26, 10, 30),
imt3601_l1)
db.session.add(imt3601_l1_c1)
imt3601_l1_c2 = Comment('This is fun!', datetime(2015, 11, 26, 10, 40),
imt3601_l1)
db.session.add(imt3601_l1_c2)
imt3601_l1_c3 = Comment('Help?', datetime(2015, 11, 26, 10, 50),
imt3601_l1)
db.session.add(imt3601_l1_c3)
imt3601_l1_c4 = Comment('A bit longer comment for your convenience',
datetime(2015, 11, 26, 10, 10), imt3601_l1)
db.session.add(imt3601_l1_c4)
imt3601_l1_r1 = CommentRating(1, 1, imt3601_l1_c1, imt3601_l1)
db.session.add(imt3601_l1_r1)
imt3601_l1_r2 = CommentRating(1, 2, imt3601_l1_c1, imt3601_l1)
db.session.add(imt3601_l1_r2)
imt3601_l1_r3 = CommentRating(1, 3, imt3601_l1_c1, imt3601_l1)
db.session.add(imt3601_l1_r3)
imt3601_l1_r4 = CommentRating(-1, 1, imt3601_l1_c3, imt3601_l1)
db.session.add(imt3601_l1_r4)
imt3601_l1_r5 = CommentRating(1, 1, imt3601_l1_c4, imt3601_l1)
db.session.add(imt3601_l1_r5)
db.session.flush()
def post(self, band_id):
data = json.loads(request.data)
comment_text = data["comment"]
band = Band.query.get_or_404(band_id)
if band and 0 < len(comment_text) < 1001:
comment = Comment()
comment.author_id = self.user.id
comment.message = comment_text.strip()
comment.band_id = band_id
db.session.add(comment)
db.session.commit()
return jsonify(comment=comment2json(comment))
else:
return "{}", 400
def fake_comment(count=100):
for i in range(count):
comment = Comment(
author=User.query.get(random.randint(1, User.query.count())),
body=fake.sentence(),
timestamp=fake.date_time_this_year(),
photo=Photo.query.get(random.randint(1, Photo.query.count())))
db.session.add(comment)
db.session.commit()
def test_default_value(self):
comment = Comment('Awesome', datetime.utcnow(), self.lecture)
db.session.add(comment)
rv = self.client.get('/api/0/lectures/1/comments/2/rating')
assert rv.headers['Content-Type'] == 'application/json'
response = json.loads(rv.data.decode('utf-8'))
assert 'rating' in response
assert response['rating'] == 0
def post_comment():
if request.method == 'POST':
init_data = request.get_json(silent=True)
data = {'username': init_data.get('username'),'post_id': init_data.get('post_id')[4:], 'comment': init_data.get(
'comment')}
comment = Comment(id=uuid.uuid4().hex, content=data['comment'], comment_post=data['post_id'], comment_user=data['username'] )
db.session.add(comment)
db.session.commit()
post = Post.query.get(data['post_id'])
return jsonify({'post':post.to_json()})
def addComment(request, eventid):
# POST for comment
try:
user_id = request.POST['user_id']
content = request.POST['content']
except:
res = {'success': False, 'message': 'Invalid Request'}
return JsonResponse(res)
try:
user = User.objects.get(id = user_id)
except:
res = {'success': False, 'message': 'Invalid user_id'}
return JsonResponse(res)
try:
event = Event.objects.get(id = eventid)
except:
res = {'success': False, 'message': 'Invalid event_id'}
return JsonResponse(res)
comment = Comment(user = user, event = event, content = content, time = datetime.datetime.now())
comment.save()
return JsonResponse({'success': True, 'id': comment.id})
def setUp(self):
super(GetCommentsApiTest, self).setUp()
simon = Lecturer('simon', '1234', 'Simon', 'McCallum')
db.session.add(simon)
imt3601 = Course('IMT3601 - Game Programming', simon)
db.session.add(imt3601)
imt3601_l1 = Lecture('Lecture 1', imt3601)
db.session.add(imt3601_l1)
self.submissionTime = datetime.utcnow()
imt3601_l1_c1 = Comment('This is boring', self.submissionTime,
imt3601_l1)
imt3601_l1_c2 = Comment('This is fun!', self.submissionTime,
imt3601_l1)
db.session.add(imt3601_l1_c1)
db.session.add(imt3601_l1_c2)
db.session.flush()
def gen_comment(backup):
created = datetime.datetime.now() - datetime.timedelta(
minutes=random.randrange(100))
files = backup.files()
filename = random.choice(list(files))
length = len(files[filename].splitlines())
line = random.randrange(length) + 1
return Comment(created=created,
backup_id=backup.id,
author_id=backup.submitter.id,
filename=filename,
line=line,
message=gen_markdown())
def setUp(self):
super(SetCommentRatingApiTest, self).setUp()
simon = Lecturer('simon', '1234', 'Simon', 'McCallum')
db.session.add(simon)
imt3601 = Course('IMT3601 - Game Programming', simon)
db.session.add(imt3601)
imt3601_l1 = Lecture('Lecture 1', imt3601)
db.session.add(imt3601_l1)
imt3601_l1_c1 = Comment('This is boring', datetime.utcnow(),
imt3601_l1)
db.session.add(imt3601_l1_c1)
db.session.flush()
def test_one_user_two_ratings(self):
user_id = generate_client_id()
comment2 = Comment('Great!', datetime.utcnow(), self.lecture)
db.session.add(comment2)
db.session.add(CommentRating(1, user_id, self.comment, self.lecture))
db.session.flush()
db.session.add(CommentRating(-1, user_id, comment2, self.lecture))
db.session.flush()
self._set_client_id_cookie(user_id)
rv = self.client.get('/api/0/lectures/1/comments')
response = json.loads(rv.data.decode('utf-8'))
assert len(response['comments']) == 2
assert response['comments'][0]['rating'] == 1
assert response['comments'][1]['rating'] == -1
def post(self, lecture_id):
lecture = Lecture.query.filter(Lecture.id == lecture_id).first()
if not lecture:
abort(404, message="Lecture {} does not exist".format(lecture_id))
parser = reqparse.RequestParser()
parser.add_argument('data', help="Text content of comment")
args = parser.parse_args()
if not args.data:
abort(400, message="Comment has no data parameter")
content = args.data[:self.COMMENT_MAX_LENGTH]
comment = Comment(content, datetime.utcnow(), lecture)
db.session.add(comment)
db.session.flush()
return {'id': comment.id}
def setUp(self):
super(GetCommentRatingApiTest, self).setUp()
simon = Lecturer('simon', '1234', 'Simon', 'McCallum')
db.session.add(simon)
imt3601 = Course('IMT3601 - Game Programming', simon)
db.session.add(imt3601)
imt3601_l1 = Lecture('Lecture 1', imt3601)
db.session.add(imt3601_l1)
comment = Comment('This is boring', datetime.utcnow(), imt3601_l1)
db.session.add(comment)
db.session.flush()
self.lecture = imt3601_l1
# Using the POST API is required to make server use the correct
# client_id. See API doc for info about the client_id Cookie.
self.client.post('/api/0/lectures/1/comments/1/rating',
data=dict(rating=1))
def get_comments_by_article_id(article_id):
ret = Comment.get_by_article_id(article_id)
return ret
def store_comment(article_id, content, user):
return Comment.create_comment(article_id, user._id, content)
def store_sub_comment(article_id, content, user, parent_id):
return Comment.create_comment(article_id, user._id, content, True,
parent_id)
def delete_comment(comment):
return Comment.delete_comment(comment._id)
def populate(self, workspace, service, session, user,
vulnerability_factory, credential_factory,
empty_command_factory):
session.commit()
self.session = session
assert service.workspace_id == workspace.id
workspace.set_scope(['*.infobytesec.com', '192.168.1.0/24'])
self.user = user
self.workspace = workspace
self.permission = WorkspacePermission(user=user, workspace=workspace)
session.add(self.permission)
self.host = service.host
self.host.set_hostnames(['a.com', 'b.com'])
self.service = service
self.host_cred = credential_factory.create(
host=self.host,
service=None,
workspace=workspace,
creator=user,
)
self.service_cred = credential_factory.create(
host=None,
service=service,
workspace=workspace,
creator=user,
)
self.host_vuln = vulnerability_factory.create(
host=self.host,
service=None,
workspace=workspace,
creator=user,
)
self.service_vuln = vulnerability_factory.create(
host=None,
service=service,
workspace=workspace,
creator=user,
)
session.flush()
for vuln in [self.host_vuln, self.service_vuln]:
vuln.references = ['CVE-1234', 'CVE-4331']
vuln.policy_violations = ["PCI-DSS"]
self.attachment = File(
name='test.png',
filename='test.png',
content='test',
object_type='vulnerability',
object_id=self.service_vuln.id,
creator=user,
)
self.session.add(self.attachment)
self.host_attachment = File(
name='test.png',
filename='test.png',
content='test',
object_type='host',
object_id=self.host.id,
creator=user,
)
self.session.add(self.host_attachment)
self.comment = Comment(
text="test",
object_type='host',
object_id=self.host.id,
workspace=self.workspace,
creator=user,
)
self.session.add(self.comment)
self.reply_comment = Comment(
text="ok",
object_type='host',
object_id=self.host.id,
workspace=self.workspace,
reply_to=self.comment,
creator=user,
)
self.command = empty_command_factory.create(workspace=workspace,
creator=user)
CommandObject.create(self.host_vuln, self.command)
CommandObject.create(self.service_vuln, self.command)
self.methodology_template = MethodologyTemplate(name="test", )
session.add(self.methodology_template)
self.methodology_template_task = TaskTemplate(
name="aaaa", template=self.methodology_template)
session.add(self.methodology_template)
self.methodology = Methodology(name="test",
template=self.methodology_template,
workspace=self.workspace)
session.add(self.methodology)
self.methodology_task = Task(name="aaaa",
workspace=self.workspace,
template=self.methodology_template_task,
methodology=self.methodology)
session.add(self.methodology_template_task)
self.methodology_task_assigned = TaskAssignedTo(
task=self.methodology_task,
user=self.user,
)
session.add(self.methodology_task_assigned)
session.commit()
def get_comment_or_404(comment_id):
ret = Comment.get_by_id(comment_id)
if not ret:
abort(404)
return ret
