diff --git a/modules/admin.py b/modules/admin.py
index 851384101784f275a2e6ee7becb2ae8ecc615e66..4af0cf49a5e4d1fa37eabda0cec56702008ce6d5 100644
--- a/modules/admin.py
+++ b/modules/admin.py
@@ -15,7 +15,7 @@ def add_page():
data = request.get_json()
admin = db.User.objects.with_id(data.get("admin_id"))
- admin.page_list.append(db.Page.objects.with_id(data.get("page_id")))
+ admin.page_list.append(db.VizData.objects.with_id(data.get("page_id")))
admin.save()
return jsonify({
"status":200,
@@ -29,7 +29,7 @@ def remove_page():
data = request.get_json()
admin = db.User.objects.with_id(data.get("admin_id"))
- admin.update(pull__page_list = db.Page.objects.with_id(data.get("page_id")))
+ admin.update(pull__page_list = db.VizData.objects.with_id(data.get("page_id")))
return jsonify({
"status":200,
diff --git a/modules/comment.py b/modules/comment.py
index 90a7063bb48eaad26c6a4095b0432935cea73b8a..d03e9cb03cb32e186322568bc85a0363c20fa625 100644
--- a/modules/comment.py
+++ b/modules/comment.py
@@ -37,7 +37,7 @@ def add_comment(user):
text = req.get("text")
try:
page = db.VizData.objects.with_id(page_id)
- new_comment = db.Comment(commenter_id = user.id, comment_text=text, page=page)
+ new_comment = db.Comment(commenter_id = user.id, comment_text=text, page = page)
new_comment.save()
return jsonify({
"status":200,
@@ -48,3 +48,22 @@ def add_comment(user):
"status":500,
"message":str(e)
})
+
+@comment_route.route("/api/comment/add-reply", methods=["POST"])
+@validate_login_token(min_access_level=Roles.ADMIN, pass_user=True)
+def add_reply(user):
+ req = request.get_json()
+ comment_id = req.get("comment_id")
+ reply_text = req.get("text")
+
+ comment = db.Comment.objects.with_id(comment_id)
+ if comment.page not in user.page_list:
+ return jsonify({
+ "status":401,
+ "message":"Unauthorized reply"
+ })
+ comment.update(reply=db.Reply(replier_id = user.id, reply_text=reply_text))
+ return jsonify({
+ "status":200,
+ "message":"Reply added successfully"
+ })
\ No newline at end of file
diff --git a/modules/login.py b/modules/login.py
index e34b4574c092e33087ccea0f350604f3d20e845e..18c49719b44f38bcf882cb25b298de2c5360bf83 100644
--- a/modules/login.py
+++ b/modules/login.py
@@ -75,6 +75,7 @@ def get_user_from_id():
del user.password
del user.username
del user.page_list
+ del user.role
return jsonify({
"status":200,
"data": user
diff --git a/modules/page.py b/modules/page.py
index 01703095bdeba2579b9d3d29b4dd6f730254dcac..ca7092fbf73b7eb18737edc7c4d4704bd907f079 100644
--- a/modules/page.py
+++ b/modules/page.py
@@ -26,7 +26,7 @@ def get_top_page():
@page_route.route("/api/page/get", methods=["POST"])
def get_page():
- data_id = request.get_json().get("data_id")
+ data_id = request.get_json().get("page_id")
try:
vdata = db.VizData.objects.with_id(data_id)
if vdata is not None:
@@ -35,6 +35,11 @@ def get_page():
"data":vdata,
"subdata":[child for child in vdata.subdata]
})
+ else:
+ return jsonify({
+ "status":404,
+ "message":"page not found"
+ })
except Exception as e:
return jsonify({
"status": 500,
diff --git a/modules/register.py b/modules/register.py
index 151b0f6cdd8faaba06c48689be3ef071125f952d..aa30c164daa15dc962d73e93db850497d21f3631 100644
--- a/modules/register.py
+++ b/modules/register.py
@@ -1,6 +1,6 @@
from flask import Blueprint, jsonify, request, current_app
from database import database as db
-from modules.tools.token import Token
+from modules.tools.token import Token, validate_login_token
from modules.tools.roles import Roles
register_route = Blueprint('register', __name__, template_folder="templates")