From b5686e5b26ce35d1f1febc266cd4f44e2b2bfd45 Mon Sep 17 00:00:00 2001
From: daphtya <davidpanjaitan1@gmail.com>
Date: Sat, 13 Apr 2019 18:50:01 +0700
Subject: [PATCH] add reply ke comment
---
modules/admin.py | 4 ++--
modules/comment.py | 21 ++++++++++++++++++++-
modules/login.py | 1 +
modules/page.py | 7 ++++++-
modules/register.py | 2 +-
5 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/modules/admin.py b/modules/admin.py
index 8513841..4af0cf4 100644
--- a/modules/admin.py
+++ b/modules/admin.py
@@ -15,7 +15,7 @@ def add_page():
data = request.get_json()
admin = db.User.objects.with_id(data.get("admin_id"))
- admin.page_list.append(db.Page.objects.with_id(data.get("page_id")))
+ admin.page_list.append(db.VizData.objects.with_id(data.get("page_id")))
admin.save()
return jsonify({
"status":200,
@@ -29,7 +29,7 @@ def remove_page():
data = request.get_json()
admin = db.User.objects.with_id(data.get("admin_id"))
- admin.update(pull__page_list = db.Page.objects.with_id(data.get("page_id")))
+ admin.update(pull__page_list = db.VizData.objects.with_id(data.get("page_id")))
return jsonify({
"status":200,
diff --git a/modules/comment.py b/modules/comment.py
index 90a7063..d03e9cb 100644
--- a/modules/comment.py
+++ b/modules/comment.py
@@ -37,7 +37,7 @@ def add_comment(user):
text = req.get("text")
try:
page = db.VizData.objects.with_id(page_id)
- new_comment = db.Comment(commenter_id = user.id, comment_text=text, page=page)
+ new_comment = db.Comment(commenter_id = user.id, comment_text=text, page = page)
new_comment.save()
return jsonify({
"status":200,
@@ -48,3 +48,22 @@ def add_comment(user):
"status":500,
"message":str(e)
})
+
+@comment_route.route("/api/comment/add-reply", methods=["POST"])
+@validate_login_token(min_access_level=Roles.ADMIN, pass_user=True)
+def add_reply(user):
+ req = request.get_json()
+ comment_id = req.get("comment_id")
+ reply_text = req.get("text")
+
+ comment = db.Comment.objects.with_id(comment_id)
+ if comment.page not in user.page_list:
+ return jsonify({
+ "status":401,
+ "message":"Unauthorized reply"
+ })
+ comment.update(reply=db.Reply(replier_id = user.id, reply_text=reply_text))
+ return jsonify({
+ "status":200,
+ "message":"Reply added successfully"
+ })
\ No newline at end of file
diff --git a/modules/login.py b/modules/login.py
index e34b457..18c4971 100644
--- a/modules/login.py
+++ b/modules/login.py
@@ -75,6 +75,7 @@ def get_user_from_id():
del user.password
del user.username
del user.page_list
+ del user.role
return jsonify({
"status":200,
"data": user
diff --git a/modules/page.py b/modules/page.py
index 0170309..ca7092f 100644
--- a/modules/page.py
+++ b/modules/page.py
@@ -26,7 +26,7 @@ def get_top_page():
@page_route.route("/api/page/get", methods=["POST"])
def get_page():
- data_id = request.get_json().get("data_id")
+ data_id = request.get_json().get("page_id")
try:
vdata = db.VizData.objects.with_id(data_id)
if vdata is not None:
@@ -35,6 +35,11 @@ def get_page():
"data":vdata,
"subdata":[child for child in vdata.subdata]
})
+ else:
+ return jsonify({
+ "status":404,
+ "message":"page not found"
+ })
except Exception as e:
return jsonify({
"status": 500,
diff --git a/modules/register.py b/modules/register.py
index 151b0f6..aa30c16 100644
--- a/modules/register.py
+++ b/modules/register.py
@@ -1,6 +1,6 @@
from flask import Blueprint, jsonify, request, current_app
from database import database as db
-from modules.tools.token import Token
+from modules.tools.token import Token, validate_login_token
from modules.tools.roles import Roles
register_route = Blueprint('register', __name__, template_folder="templates")
--
GitLab