Skip to content
Permalink
Browse files

[#17] Post Item API

  • Loading branch information...
JoMingyu committed Mar 13, 2019
1 parent 11f5366 commit 531f27c9a04945aed0f15a1aa6339ab1d8f39943
Showing with 91 additions and 0 deletions.
  1. +42 −0 app/models/post.py
  2. +1 −0 app/views/__init__.py
  3. +48 −0 app/views/board/post.py
@@ -1,7 +1,9 @@
from flask import abort
from sqlalchemy import Column, Integer, String, ForeignKey
from sqlalchemy.orm import relationship

from app.models import Base
from app.models.user import TblUsers


class TblPosts(Base):
@@ -23,3 +25,43 @@ def json_for_list(self):
'title': self.title,
'ownerNickname': self.owner.nickname
}

@property
def json_for_detail(self):
return {
'content': self.content
}

@classmethod
def get_post_object_through_id(cls, read_session, id: int) -> 'TblPosts':
post = cls.get_first_or_abort_on_none(read_session, cls.id == id)

return post

@classmethod
def get_post_object_through_id_with_permission_check(
cls, read_session, id: int, requested_user: TblUsers
) -> 'TblPosts':
post = cls.get_post_object_through_id(read_session, id)

if post.owner_id != requested_user.id:
abort(403)

return post

@classmethod
def update_post_with_permission_check(cls, write_session, id: int, requested_user: TblUsers, title, content):
post = cls.get_post_object_through_id_with_permission_check(write_session, id, requested_user)

post.title = title
post.content = content

write_session.add(post)
write_session.commit()

@classmethod
def delete_post_with_permission_check(cls, write_session, id: int, requested_user: TblUsers):
post = cls.get_post_object_through_id_with_permission_check(write_session, id, requested_user)

write_session.delete(post)
write_session.commit()
@@ -25,6 +25,7 @@ def route(flask_app: Flask):

api_user__board.add_resource(category.CategoryAPI, '/categories')
api_user__board.add_resource(post.PostAPI, '/posts')
api_user__board.add_resource(post.PostItemAPI, '/posts/<int:post_id>')

# - register blueprint
flask_app.register_blueprint(api_v1_blueprint)
@@ -80,3 +80,51 @@ def get(self):
post.json_for_list for post in TblPosts.get_all(session, TblPosts.category_id == payload.category_id)
]
}


class PostItemAPI(BaseResource):
class Schema:
class Patch(BaseModel):
title = PostAPI.Schema.Post.title
content = PostAPI.Schema.Post.content

def get(self, post_id):
"""
게시글 내용 조회 API
"""

session = main_db.session

post = TblPosts.get_post_object_through_id(session, post_id)

return {
'data': post.json_for_detail
}

@validate_with_schematics(PayloadLocation.JSON, Schema.Patch)
@jwt_required
def patch(self, post_id):
"""
게시글 수정 API
"""

payload: self.Schema.Patch = context_property.request_payload_object
session = main_db.session
user = context_property.requested_user

TblPosts.update_post_with_permission_check(session, post_id, user, payload.title, payload.content)

return {}

@jwt_required
def delete(self, post_id):
"""
게시글 삭제 API
"""

session = main_db.session
user = context_property.requested_user

TblPosts.delete_post_with_permission_check(session, post_id, user)

return {}

0 comments on commit 531f27c

Please sign in to comment.
You can’t perform that action at this time.