def edit_comment_in_entry(url, entry_url, comment_id):
"""Редактировать комментарий"""
jam = Jam.get_or_none(Jam.url == url)
if jam is None:
return errors.not_found()
entry = JamEntry.get_or_none(JamEntry.url == entry_url)
if entry is None:
return errors.not_found()
user = get_user_from_request()
if user is None:
return errors.not_authorized()
json = request.get_json()
text = None
if "text" in json:
text = sanitize(json.get("text"))
else:
return errors.wrong_payload("text")
comment = _edit_comment(comment_id, user, text)
return jsonify({"success": 1, "comment": comment.to_json()})
def decorated_function(**kwargs):
if "Authorization" not in request.headers:
return errors.not_authorized()
else:
is_valid = False
actual_token = get_token_from_request()
if actual_token:
if actual_token.valid_until > datetime.datetime.now():
is_valid = True
if not is_valid:
return errors.token_invalid()
return f(**kwargs)
def join(url):
"""Присоеденится к блогу. Работает только с открытми блогами"""
blog = Blog.get_or_none(Blog.url == url)
if blog is None:
return errors.not_found()
if blog.blog_type != 1:
return errors.no_access()
user = get_user_from_request()
if user is None:
return errors.not_authorized()
if BlogParticipiation.get_or_none(blog=blog, user=user) is None:
BlogParticipiation.create(blog=blog, user=user, role=3)
return jsonify({"success": 1})
def login():
"""Авторизация"""
json = request.get_json()
has_login = "******" in json or "email" in json
has_password = "******" in json
if not has_login:
return errors.wrong_payload("username", "email")
if not has_password:
return errors.wrong_payload("password")
user = None
if "username" in json:
username = json["username"]
user = User.get_or_none(User.username == username)
if user is None:
user = User.get_or_none(User.email == username)
elif "email" in json:
email = json["email"]
user = User.get_or_none(User.username == email)
if user is None:
user = User.get_or_none(User.email == email)
password = json["password"]
if user is not None and authorize(user, password):
token = Token.generate_access_token(user)
refresh_token = Token.generate_refresh_token(user)
return jsonify({
"success": 1,
"access_token": {
"token": token.token,
"valid_until": token.valid_until.timestamp(),
},
"refresh_token": {
"token": refresh_token.token,
"valid_until": refresh_token.valid_until.timestamp(),
},
})
return errors.not_authorized()
def comments(url):
"""Получить список комментариев для поста или добавить новый комментарий"""
post = Post.get_or_none(Post.url == url)
if post is None:
return errors.not_found()
if request.method == "GET":
user = get_user_from_request()
if post.is_draft:
if user is None:
return errors.no_access()
if post.creator != user:
return errors.no_access()
return _get_comments("post", post.id, user)
elif request.method == "POST":
user = get_user_from_request()
if user is None:
return errors.not_authorized()
json = request.get_json()
if "text" in json:
text = sanitize(json.get("text"))
else:
return errors.wrong_payload("text")
parent_id = None
if "parent" in json:
parent_id = json["parent"]
parent = None
if parent_id:
parent = Comment.get_or_none(Comment.id == parent_id)
comment = _add_comment("post", post.id, user, text, parent_id)
if user.id != post.creator.id:
t = "Пользователь {0} оставил комментарий к вашему посту {1}: {2}"
notification_text = t.format(user.visible_name, post.title, text)
Notification.create(
user=post.creator,
created_date=datetime.datetime.now(),
text=notification_text,
object_type="comment",
object_id=comment.id,
)
if parent is not None:
if user.id != parent.creator.id:
t = "Пользователь {0} ответил на ваш комментарий {1}: {2}"
notification_text = t.format(user.visible_name, parent.text,
text)
Notification.create(
user=parent.creator,
created_date=datetime.datetime.now(),
text=notification_text,
object_type="comment",
object_id=comment.id,
)
return jsonify({"success": 1, "comment": comment.to_json()})