diff --git a/app/controllers/blog_posts.py b/app/controllers/blog_posts.py index f93a27d..36a6acc 100644 --- a/app/controllers/blog_posts.py +++ b/app/controllers/blog_posts.py @@ -1,4 +1,5 @@ import time +import json from pony.orm import * from core.utils.ids import generate_url from app.controllers.users import UsersController @@ -36,12 +37,26 @@ def filter_by_category(posts, category): def filter_by_type(posts, type): return posts.where(type=type) + @staticmethod + @db_session + def filter_by_search(posts, search): + query = search.lower() + return posts.filter( + lambda post: query in post.title.lower() or query in post.description.lower() + ) + @staticmethod @db_session def get_last(): posts = BlogPostsController.fetch_all() return BlogPostsController.fill_information(posts.first(), include_content=True) + @staticmethod + @db_session + def get_random(): + post = BlogPost.select().random(1)[0] + return BlogPostsController.fill_information(post, include_content=True) + @staticmethod @db_session def get_one(url): diff --git a/app/middlewares/auth.py b/app/middlewares/auth.py index b2da444..46f6620 100644 --- a/app/middlewares/auth.py +++ b/app/middlewares/auth.py @@ -4,7 +4,8 @@ class CheckAuth: - def __init__(self, request): + @staticmethod + def call(request): try: token = request.headers.get('Authorization') if token is None: diff --git a/app/middlewares/permissions.py b/app/middlewares/permissions.py index 17d44bb..d746cff 100644 --- a/app/middlewares/permissions.py +++ b/app/middlewares/permissions.py @@ -6,8 +6,9 @@ class CheckPermissions: - def __init__(self, request, permissions): - CheckAuth(request) + @staticmethod + def call(request, permissions): + CheckAuth.call(request) user = UsersController.get_one_by_token(request.headers.get('Authorization')) for permission in permissions: if permission not in user['permissions']: diff --git a/app/views/auth.py b/app/views/auth.py index cdb2154..cd9d274 100644 --- a/app/views/auth.py +++ b/app/views/auth.py @@ -28,5 +28,5 @@ def create_session(): @app.route('/v1/auth/data', methods=['GET']) def get_information(): - CheckAuth(request) + CheckAuth.call(request) return responses.success(UsersController.get_one_by_token(request.headers.get('Authorization'))) diff --git a/app/views/blog_posts.py b/app/views/blog_posts.py index eac34a7..8d8ac0d 100644 --- a/app/views/blog_posts.py +++ b/app/views/blog_posts.py @@ -21,6 +21,10 @@ def get_all_blog_posts(): if type is not None: posts = BlogPostsController.filter_by_type(posts, type) + search = request.args.get('search', None) + if search is not None: + posts = BlogPostsController.filter_by_search(posts, search) + posts, pages = paginate(request, posts) posts = BlogPostsController.multi_fill_information(posts) @@ -32,6 +36,11 @@ def get_last_blog_post(): return responses.success(BlogPostsController.get_last()) +@app.route('/v1/blog-posts/random', methods=['GET']) +def get_random_blog_post(): + return responses.success(BlogPostsController.get_random()) + + @app.route('/v1/blog-posts', methods=['POST']) def create_blog_post(): required_data = { @@ -69,7 +78,7 @@ def create_blog_post(): } } data = CheckBody.call(request, required_data=required_data, optional_data=optional_data) - CheckPermissions(request, permissions=['BLOG_WRITE']) + CheckPermissions.call(request, permissions=['BLOG_WRITE']) author = UsersController.get_one_by_token(request.headers.get('Authorization')) data['author_username'] = author['username'] BlogPostsController.create_one(params=data, @@ -115,7 +124,7 @@ def edit_blog_post(url): } post = BlogPostsController.get_one(url) data = CheckBody.call(request, optional_data=optional_data) - CheckPermissions(request, permissions=['BLOG_WRITE']) + CheckPermissions.call(request, permissions=['BLOG_WRITE']) BlogPostsController.update_one(url=url, params=data['optional'], optional_data=optional_data) @@ -125,6 +134,6 @@ def edit_blog_post(url): @app.route('/v1/blog-posts/', methods=['DELETE']) def delete_blog_post(url): post = BlogPostsController.get_one(url) - CheckPermissions(request, permissions=['BLOG_WRITE']) + CheckPermissions.call(request, permissions=['BLOG_WRITE']) BlogPostsController.delete_one(url) return responses.no_content() diff --git a/app/views/posts.py b/app/views/posts.py index e3d88e7..942de01 100644 --- a/app/views/posts.py +++ b/app/views/posts.py @@ -47,7 +47,7 @@ def create_post(): } } data = CheckBody.call(request, required_data=required_data) - CheckPermissions(request, permissions=['POST_WRITE']) + CheckPermissions.call(request, permissions=['POST_WRITE']) author = UsersController.get_one_by_token(request.headers.get('Authorization')) data['author_username'] = author['username'] PostsController.create_one(data) @@ -76,7 +76,7 @@ def edit_post(url): } PostsController.get_one(url) data = CheckBody.call(request, optional_data=optional_data) - CheckPermissions(request, permissions=['POST_WRITE']) + CheckPermissions.call(request, permissions=['POST_WRITE']) PostsController.update_one(url=url, params=data['optional'], optional_data=optional_data) @@ -85,6 +85,6 @@ def edit_post(url): @app.route('/v1/posts/', methods=['DELETE']) def delete_post(url): - CheckPermissions(request, permissions=['POST_WRITE']) + CheckPermissions.call(request, permissions=['POST_WRITE']) PostsController.delete_one(url) return responses.no_content() diff --git a/app/views/users.py b/app/views/users.py index a2756b2..4d83fa6 100644 --- a/app/views/users.py +++ b/app/views/users.py @@ -11,7 +11,7 @@ @app.route('/v1/users', methods=['GET']) def get_all_users(): - CheckPermissions(request, ['USER_WRITE']) + CheckPermissions.call(request, ['USER_WRITE']) return responses.success(UsersController.get_all()) @@ -22,7 +22,7 @@ def get_one_user(username): @app.route('/v1/users//permissions', methods=['GET']) def get_user_permissions(username): - CheckPermissions(request, ['USER_WRITE']) + CheckPermissions.call(request, ['USER_WRITE']) return responses.success(UsersController.get_user_permissions(username)) @@ -77,7 +77,7 @@ def update_profile(username): } } data = CheckBody.call(request, optional_data=optional_data) - CheckAuth(request) + CheckAuth.call(request) token = request.headers.get('Authorization') if UsersController.get_one_by_token(token)['username'] != username: raise NotFound @@ -118,7 +118,7 @@ def update_permissions(username): 'type': 'list' } } - CheckPermissions(request, permissions=['USER_WRITE']) + CheckPermissions.call(request, permissions=['USER_WRITE']) request_data = request.json UsersController.update_permissions(username, request_data['permissions']) return responses.no_content()