diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/web/models/article.py | 2 | ||||
-rw-r--r-- | src/web/views/api/v3/article.py | 35 | ||||
-rw-r--r-- | src/web/views/api/v3/common.py | 6 |
3 files changed, 37 insertions, 6 deletions
diff --git a/src/web/models/article.py b/src/web/models/article.py index f4314d8b..0a2a082e 100644 --- a/src/web/models/article.py +++ b/src/web/models/article.py @@ -35,7 +35,7 @@ from web.models.right_mixin import RightMixin class Article(db.Model, RightMixin): "Represent an article from a feed." id = db.Column(db.Integer(), primary_key=True) - entry_id = db.Column(db.String()) + entry_id = db.Column(db.String(), nullable=False) link = db.Column(db.String()) title = db.Column(db.String()) content = db.Column(db.String()) diff --git a/src/web/views/api/v3/article.py b/src/web/views/api/v3/article.py index 1f6e757a..44c5fe45 100644 --- a/src/web/views/api/v3/article.py +++ b/src/web/views/api/v3/article.py @@ -1,7 +1,9 @@ from flask.ext.login import current_user +from werkzeug.exceptions import NotFound +from flask.ext.restless import ProcessingException from web import models from bootstrap import application, manager -from web.controllers import ArticleController +from web.controllers import ArticleController, FeedController from web.views.api.v3.common import AbstractProcessor from web.views.api.v3.common import url_prefix, auth_func @@ -14,6 +16,26 @@ class ArticleProcessor(AbstractProcessor): if not self.is_authorized_to_modify(current_user, article): raise ProcessingException(description='Not Authorized', code=401) + def post_put_preprocessor(self, data=None, **kw): + data["user_id"] = current_user.id + + fcontr = FeedController() + try: + feed = fcontr.get(id=data["feed_id"]) + except NotFound: + raise ProcessingException(description='No such feed.', code=404) + + data["category_id"] = feed.category_id + + def delete_preprocessor(self, instance_id=None, **kw): + contr = ArticleController() + try: + article = contr.get(id=instance_id) + except NotFound: + raise ProcessingException(description='No such article.', code=404) + if article.user_id != current_user.id: + raise ProcessingException(description='Not Authorized', code=401) + article_processor = ArticleProcessor() @@ -22,9 +44,12 @@ blueprint_article = manager.create_api_blueprint(models.Article, methods=['GET', 'POST', 'PUT', 'DELETE'], preprocessors=dict(GET_SINGLE=[auth_func, article_processor.get_single_preprocessor], - GET_MANY=[auth_func, + GET_MANY=[auth_func, article_processor.get_many_preprocessor], - PUT_SINGLE=[auth_func], - POST=[auth_func], - DELETE=[auth_func])) + POST=[auth_func, + article_processor.post_put_preprocessor], + PUT_SINGLE=[auth_func, + article_processor.post_put_preprocessor], + DELETE=[auth_func, + article_processor.delete_preprocessor])) application.register_blueprint(blueprint_article) diff --git a/src/web/views/api/v3/common.py b/src/web/views/api/v3/common.py index 4234a91a..f0dd45ab 100644 --- a/src/web/views/api/v3/common.py +++ b/src/web/views/api/v3/common.py @@ -47,3 +47,9 @@ class AbstractProcessor(): search_params["filters"] = [] search_params["filters"].append(filt) + + def post_put_preprocessor(self, data=None, **kw): + pass + + def delete_preprocessor(self, instance_id=None, **kw): + pass |