Skip to content

Commit

Permalink
Merge pull request #2 from BecauseOfProg/develop
Browse files Browse the repository at this point in the history
Release v2.2.1
  • Loading branch information
Théo Vidal authored Jul 26, 2020
2 parents 98aecdc + 309771a commit 82dd13c
Show file tree
Hide file tree
Showing 7 changed files with 40 additions and 14 deletions.
15 changes: 15 additions & 0 deletions app/controllers/blog_posts.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import time
import json
from pony.orm import *
from core.utils.ids import generate_url
from app.controllers.users import UsersController
Expand Down Expand Up @@ -36,12 +37,26 @@ def filter_by_category(posts, category):
def filter_by_type(posts, type):
return posts.where(type=type)

@staticmethod
@db_session
def filter_by_search(posts, search):
query = search.lower()
return posts.filter(
lambda post: query in post.title.lower() or query in post.description.lower()
)

@staticmethod
@db_session
def get_last():
posts = BlogPostsController.fetch_all()
return BlogPostsController.fill_information(posts.first(), include_content=True)

@staticmethod
@db_session
def get_random():
post = BlogPost.select().random(1)[0]
return BlogPostsController.fill_information(post, include_content=True)

@staticmethod
@db_session
def get_one(url):
Expand Down
3 changes: 2 additions & 1 deletion app/middlewares/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@


class CheckAuth:
def __init__(self, request):
@staticmethod
def call(request):
try:
token = request.headers.get('Authorization')
if token is None:
Expand Down
5 changes: 3 additions & 2 deletions app/middlewares/permissions.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@


class CheckPermissions:
def __init__(self, request, permissions):
CheckAuth(request)
@staticmethod
def call(request, permissions):
CheckAuth.call(request)
user = UsersController.get_one_by_token(request.headers.get('Authorization'))
for permission in permissions:
if permission not in user['permissions']:
Expand Down
2 changes: 1 addition & 1 deletion app/views/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,5 @@ def create_session():

@app.route('/v1/auth/data', methods=['GET'])
def get_information():
CheckAuth(request)
CheckAuth.call(request)
return responses.success(UsersController.get_one_by_token(request.headers.get('Authorization')))
15 changes: 12 additions & 3 deletions app/views/blog_posts.py
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@ def get_all_blog_posts():
if type is not None:
posts = BlogPostsController.filter_by_type(posts, type)

search = request.args.get('search', None)
if search is not None:
posts = BlogPostsController.filter_by_search(posts, search)

posts, pages = paginate(request, posts)
posts = BlogPostsController.multi_fill_information(posts)

Expand All @@ -32,6 +36,11 @@ def get_last_blog_post():
return responses.success(BlogPostsController.get_last())


@app.route('/v1/blog-posts/random', methods=['GET'])
def get_random_blog_post():
return responses.success(BlogPostsController.get_random())


@app.route('/v1/blog-posts', methods=['POST'])
def create_blog_post():
required_data = {
Expand Down Expand Up @@ -69,7 +78,7 @@ def create_blog_post():
}
}
data = CheckBody.call(request, required_data=required_data, optional_data=optional_data)
CheckPermissions(request, permissions=['BLOG_WRITE'])
CheckPermissions.call(request, permissions=['BLOG_WRITE'])
author = UsersController.get_one_by_token(request.headers.get('Authorization'))
data['author_username'] = author['username']
BlogPostsController.create_one(params=data,
Expand Down Expand Up @@ -115,7 +124,7 @@ def edit_blog_post(url):
}
post = BlogPostsController.get_one(url)
data = CheckBody.call(request, optional_data=optional_data)
CheckPermissions(request, permissions=['BLOG_WRITE'])
CheckPermissions.call(request, permissions=['BLOG_WRITE'])
BlogPostsController.update_one(url=url,
params=data['optional'],
optional_data=optional_data)
Expand All @@ -125,6 +134,6 @@ def edit_blog_post(url):
@app.route('/v1/blog-posts/<string:url>', methods=['DELETE'])
def delete_blog_post(url):
post = BlogPostsController.get_one(url)
CheckPermissions(request, permissions=['BLOG_WRITE'])
CheckPermissions.call(request, permissions=['BLOG_WRITE'])
BlogPostsController.delete_one(url)
return responses.no_content()
6 changes: 3 additions & 3 deletions app/views/posts.py
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ def create_post():
}
}
data = CheckBody.call(request, required_data=required_data)
CheckPermissions(request, permissions=['POST_WRITE'])
CheckPermissions.call(request, permissions=['POST_WRITE'])
author = UsersController.get_one_by_token(request.headers.get('Authorization'))
data['author_username'] = author['username']
PostsController.create_one(data)
Expand Down Expand Up @@ -76,7 +76,7 @@ def edit_post(url):
}
PostsController.get_one(url)
data = CheckBody.call(request, optional_data=optional_data)
CheckPermissions(request, permissions=['POST_WRITE'])
CheckPermissions.call(request, permissions=['POST_WRITE'])
PostsController.update_one(url=url,
params=data['optional'],
optional_data=optional_data)
Expand All @@ -85,6 +85,6 @@ def edit_post(url):

@app.route('/v1/posts/<string:url>', methods=['DELETE'])
def delete_post(url):
CheckPermissions(request, permissions=['POST_WRITE'])
CheckPermissions.call(request, permissions=['POST_WRITE'])
PostsController.delete_one(url)
return responses.no_content()
8 changes: 4 additions & 4 deletions app/views/users.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@

@app.route('/v1/users', methods=['GET'])
def get_all_users():
CheckPermissions(request, ['USER_WRITE'])
CheckPermissions.call(request, ['USER_WRITE'])
return responses.success(UsersController.get_all())


Expand All @@ -22,7 +22,7 @@ def get_one_user(username):

@app.route('/v1/users/<string:username>/permissions', methods=['GET'])
def get_user_permissions(username):
CheckPermissions(request, ['USER_WRITE'])
CheckPermissions.call(request, ['USER_WRITE'])
return responses.success(UsersController.get_user_permissions(username))


Expand Down Expand Up @@ -77,7 +77,7 @@ def update_profile(username):
}
}
data = CheckBody.call(request, optional_data=optional_data)
CheckAuth(request)
CheckAuth.call(request)
token = request.headers.get('Authorization')
if UsersController.get_one_by_token(token)['username'] != username:
raise NotFound
Expand Down Expand Up @@ -118,7 +118,7 @@ def update_permissions(username):
'type': 'list'
}
}
CheckPermissions(request, permissions=['USER_WRITE'])
CheckPermissions.call(request, permissions=['USER_WRITE'])
request_data = request.json
UsersController.update_permissions(username, request_data['permissions'])
return responses.no_content()

0 comments on commit 82dd13c

Please sign in to comment.