diasporadiaries

a platform for writing stories with personal accounts and messages
git clone git://parazyd.org/diasporadiaries.git
Log | Files | Refs | Submodules | README | LICENSE

commit e345d743e09c7b5cf76a42c414fa9510eb400e5a
parent 2079adf5af2d6c935fd9d931625d9c62d5358500
Author: parazyd <parazyd@dyne.org>
Date:   Wed, 16 Jan 2019 17:02:22 +0100

Add support for story deletions.

Diffstat:
Mdiaspora.py | 51+++++++++++++++++++++++++++++++++++++++++++++++----
Atemplates/deleted.html | 17+++++++++++++++++
Atemplates/deletefail.html | 17+++++++++++++++++
Mtemplates/submitted.html | 4++++
4 files changed, 85 insertions(+), 4 deletions(-)

diff --git a/diaspora.py b/diaspora.py @@ -19,7 +19,8 @@ Main diasporadiaries module """ from argparse import ArgumentParser -from random import randint, shuffle +from random import randint, shuffle, SystemRandom +from string import ascii_uppercase, digits from time import gmtime, strftime, time import json import sqlite3 @@ -59,7 +60,8 @@ def initdb(dbpath): contact text, story text NOT NULL, timestamp integer NOT NULL, - visible integer NOT NULL + visible integer NOT NULL, + deletekey text NOT NULL ); """ @@ -69,6 +71,14 @@ def initdb(dbpath): return _dbctx, _db +def randomascii(length): + """ + Returns a random uppercase string of given length. + """ + return ''.join(SystemRandom().choice(ascii_uppercase + digits) \ + for _ in range(length)) + + def getcountryname(cc): """ Returns a country name which matches the given country code. @@ -100,6 +110,18 @@ def query_col(col): return db.fetchall() +def delete_row_where(col, val): + """ + Executes a DELETE query. + """ + db.execute(""" + DELETE + FROM stories + WHERE %s = '%s'; + """ % (col, val)) + dbctx.commit() + + def approvestory(storyid): """ Makes a story visible on the index. @@ -129,6 +151,7 @@ def fillstory(row): 'date': strftime('%d.%m.%Y.', gmtime(row[7])), 'time': strftime('%H:%M UTC', gmtime(row[7])), 'visible': row[8], + 'deletekey': row[9], } @@ -205,6 +228,7 @@ def submit(): Route for submitting a story. """ if request.method == 'POST': + delkey = randomascii(32) db.execute(""" INSERT INTO stories VALUES ( ?, @@ -215,6 +239,7 @@ def submit(): ?, ?, ?, + ?, ?); """, (None, request.form['Name'], @@ -224,13 +249,31 @@ def submit(): request.form['Contact'], request.form['Story'], int(time()), - 0)), + 0, + delkey)) dbctx.commit() - return render_template('submitted.html', navlist=makenav()) + return render_template('submitted.html', navlist=makenav(), + delkey=delkey) return render_template('submit.html', navlist=makenav()) +@app.route('/delete') +def delete(): + """ + Route for deleting a story. + """ + delkey = request.args.get('key') + if delkey: + storyid = query_col_where('id', 'deletekey', delkey) + if storyid: + storyid = storyid[0][0] + delete_row_where('id', storyid) + return render_template('deleted.html', navlist=makenav()) + + return render_template('deletefail.html', navlist=makenav()) + + @app.route('/country', methods=['GET']) def country(): """ diff --git a/templates/deleted.html b/templates/deleted.html @@ -0,0 +1,17 @@ +{% include 'header.html' %} + + <title>Deleted | Diaspora Diaries</title> + +{% include 'nav.html' %} + + <main role="main" class="container cover"> + + <h1 class="cover-heading">Story deleted!</h1> + + <p class="lead">We're sorry you deleted your story.</p> + + <p class="lead">You can return to the <a href="/">homepage</a> now.</p> + + </main> + +{% include 'footer.html' %} diff --git a/templates/deletefail.html b/templates/deletefail.html @@ -0,0 +1,17 @@ +{% include 'header.html' %} + + <title>Deletion fail | Diaspora Diaries</title> + +{% include 'nav.html' %} + + <main role="main" class="container cover"> + + <h1 class="cover-heading">Error!</h1> + + <p class="lead">No story is linked to your delete key.</p> + + <p class="lead">You can return to the <a href="/">homepage</a> now.</p> + + </main> + +{% include 'footer.html' %} diff --git a/templates/submitted.html b/templates/submitted.html @@ -10,6 +10,10 @@ <p class="lead">Thank you for submitting your story!</p> + <p class="lead">Bookmark the following link if you ever wish to delete + your post: <a href="/delete?key={{ delkey }}">delete link</a> + </p> + <p class="lead">You can return to the <a href="/">homepage</a> now.</p> </main>