Coverage for model/post.py: 100%

76 statements  

« prev     ^ index     » next       coverage.py v7.3.2, created at 2024-11-05 04:22 +0000

1from flask import Blueprint, request 

2from mongo import * 

3from mongo import engine 

4from .auth import * 

5from .utils import * 

6from mongo.utils import * 

7from mongo.post import * 

8from mongo.course import * 

9 

10__all__ = ['post_api'] 

11 

12post_api = Blueprint('post_api', __name__) 

13 

14 

15@post_api.route('/<course>', methods=['GET']) 

16@login_required 

17def get_post(user, course): 

18 target_course = Course(course) 

19 if not target_course: 

20 return HTTPError("Course not found.", 404) 

21 if not target_course.permission(user, Course.Permission.VIEW): 

22 return HTTPError('You are not in this course.', 403) 

23 data = Post.found_post(target_course) 

24 return HTTPResponse('Success.', data=data) 

25 

26 

27@post_api.route('/view/<course>/<target_thread_id>', methods=['GET']) 

28@login_required 

29def get_single_post(user, course, target_thread_id): 

30 target_course = Course(course) 

31 if not target_course: 

32 return HTTPError("Course not found.", 404) 

33 if not target_course.permission(user, Course.Permission.VIEW): 

34 return HTTPError('You are not in this course.', 403) 

35 data = Post.found_post(target_course, target_thread_id) 

36 return HTTPResponse('Success.', data=data) 

37 

38 

39@post_api.route('/', methods=['POST', 'PUT', 'DELETE']) 

40@Request.json('course', 'title', 'content', 'target_thread_id') 

41@login_required 

42def modify_post(user, course, title, content, target_thread_id): 

43 if course == 'Public': 

44 return HTTPError('You can not add post in system.', 403) 

45 

46 if course and target_thread_id: 

47 return HTTPError( 

48 'Request is fail,course or target_thread_id must be none.', 400) 

49 elif course: 

50 course_obj = Course(course) 

51 if not course_obj: 

52 return HTTPError('Course not exist.', 404) 

53 target_course = course_obj 

54 elif target_thread_id: 

55 try: 

56 target_thread = engine.PostThread.objects.get(id=target_thread_id) 

57 except engine.DoesNotExist: 

58 try: # to protect input post id 

59 target_post = engine.Post.objects.get(id=target_thread_id) 

60 except engine.DoesNotExist: 

61 return HTTPError('Post/reply not exist.', 404) 

62 target_thread = target_post.thread 

63 target_thread_id = target_thread.id 

64 if target_thread.status: # 1 is deleted 

65 return HTTPResponse('Forbidden,the post/reply is deleted.', 403) 

66 target_course = Course(target_thread.course_id) 

67 else: 

68 return HTTPError( 

69 'Request is fail,course and target_thread_id are both none.', 400) 

70 

71 capability = target_course.own_permission(user) 

72 if not (capability & Course.Permission.VIEW): 

73 return HTTPError('You are not in this course.', 403) 

74 if request.method == 'POST': 

75 # add reply 

76 if course: 

77 r = Post.add_post(course, user, content, title) 

78 # add course post 

79 elif target_thread_id: 

80 r = Post.add_reply(target_thread, user, content) 

81 if request.method == 'PUT': 

82 if course: 

83 return HTTPError( 

84 "Request is fail,you should provide target_thread_id replace course.", 

85 400) 

86 r = Post.edit_post(target_thread, user, content, title, capability) 

87 if request.method == 'DELETE': 

88 if course: 

89 return HTTPError( 

90 "Request is fail,you should provide target_thread_id replace course.", 

91 400) 

92 r = Post.delete_post(target_thread, user, capability) 

93 if r is not None: 

94 return HTTPError(r, 403) 

95 return HTTPResponse('success.')