From 9b83df49744eaccfd8eb8031aeea76ded6738f2c Mon Sep 17 00:00:00 2001 From: hole-thu Date: Sat, 5 Sep 2020 22:59:55 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E6=88=90tag=E5=8F=8Atag=E6=90=9C?= =?UTF-8?q?=E7=B4=A2=EF=BC=8C=E4=BC=98=E5=8C=96=E4=BB=A3=E7=A0=81=E7=BB=93?= =?UTF-8?q?=E6=9E=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hole.py | 87 +++++++++++++++++++++++++++---------------------------- models.py | 5 ++++ utils.py | 12 ++++++++ 3 files changed, 60 insertions(+), 44 deletions(-) diff --git a/hole.py b/hole.py index dbb91fd..e6a0e4a 100644 --- a/hole.py +++ b/hole.py @@ -6,8 +6,8 @@ from flask_limiter.util import get_remote_address from mastodon import Mastodon import re, random, string, datetime, hashlib -from models import db, User, Post, Comment, Attention, Syslog -from utils import require_token, map_post, map_comment, check_attention, hash_name, look +from models import db, User, Post, Comment, Attention, TagRecord, Syslog +from utils import require_token, map_post, map_comment, map_syslog, check_attention, hash_name, look, get_num app = Flask(__name__) app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///hole.db' @@ -70,9 +70,7 @@ def auth(): def get_list(): u = require_token() - p = request.args.get('p') - p = int(p) if p and p.isdigit() else -1 - + p = get_num(request.args.get('p')) posts = Post.query.filter_by(deleted=False) if 'no_cw' in request.args: @@ -90,8 +88,7 @@ def get_list(): def get_one(): u = require_token() - pid = request.args.get('pid') - pid = int(pid) if pid and pid.isdigit() else -1 + pid = get_num(request.args.get('pid')) post = Post.query.get(pid) if not post: abort(404) @@ -104,6 +101,27 @@ def get_one(): 'data': data } +@app.route('/_api/v1/search') +def search(): + u = require_token() + + page = get_num(request.args.get('page')) + pagesize = get_num(request.args.get('pagesize')) + keywords = request.args.get('keywords') + + pids = [tr.pid for tr in TagRecord.query.filter_by(tag=keywords).order_by(db.desc('pid')).paginate(page, pagesize).items] + + data = [ map_post(Post.query.get(pid), u.name) + for pid in pids if Post.query.get(pid) and not Post.query.get(pid).deleted + ] + + return { + 'code': 0, + 'count': len(data), + 'data': data + } + + @app.route('/_api/v1/dopost', methods=['POST']) def do_post(): @@ -126,7 +144,7 @@ def do_post(): likenum = 1, comments = [] ) - + if post_type == 'text': pass elif post_type == 'image': @@ -134,10 +152,17 @@ def do_post(): p.file_url = 'foo bar' else: abort(422) - + db.session.add(p) db.session.commit() - + + tags = re.findall('(^|\s)#([^#\s]{1,32})', content) + #print(tags) + for t in tags: + tag = t[1] + if not re.match('\d+', tag): + db.session.add(TagRecord(tag=tag, pid=p.id)) + db.session.add(Attention(name_hash=hash_name(u.name), pid=p.id)) db.session.commit() @@ -150,11 +175,7 @@ def do_post(): def get_comment(): u = require_token() - pid = request.args.get('pid') - if pid and pid.isdigit(): - p = int(pid) - else: - abort(422) + pid = get_num(request.args.get('pid')) post = Post.query.get(pid) if not post: abort(404) @@ -172,11 +193,7 @@ def get_comment(): def do_comment(): u = require_token() - pid = request.form.get('pid') - if pid and pid.isdigit(): - p = int(pid) - else: - abort(422) + pid = get_num(request.form.get('pid')) post = Post.query.get(pid) if not post: abort(404) @@ -205,11 +222,7 @@ def attention(): s = request.form.get('switch') if s not in ['0', '1']: abort(422) - pid = request.form.get('pid') - if pid and pid.isdigit(): - p = int(pid) - else: - abort(422) + pid = get_num(request.form.get('pid')) post = Post.query.get(pid) if not post: abort(404) @@ -230,7 +243,7 @@ def attention(): @app.route('/_api/v1/getattention') def get_attention(): u = require_token() - + ats = Attention.query.filter_by(name_hash=hash_name(u.name), disabled=False) posts = [Post.query.get(at.pid) for at in ats.all()] @@ -250,14 +263,9 @@ def delete(): u = require_token() obj_type = request.form.get('type') - obj_id = request.form.get('id') + obj_id = get_num(request.form.get('id')) note = request.form.get('note') - if obj_id and obj_id.isdigit(): - obj_id = int(obj_id) - else: - abort(422) - if note and len(note)>100: abort(422) obj = None @@ -298,24 +306,14 @@ def system_log(): return { 'start_time': app.config['START_TIME'], 'salt': look(app.config['SALT']), - 'data' : [{ - 'type': s.log_type, - 'detail': s.log_detail, - 'user': look(s.name_hash), - 'timestamp': s.timestamp - } for s in ss - ] + 'data' : list(map(map_syslog, ss)) } @app.route('/_api/v1/report', methods=['POST']) def report(): u = require_token() - pid = request.form.get('pid') - if pid and pid.isdigit(): - p = int(pid) - else: - abort(422) + pid = get_num(request.form.get('pid')) reason = request.form.get('reason', '') @@ -331,3 +329,4 @@ def report(): if __name__ == '__main__': app.run(debug=True) + diff --git a/models.py b/models.py index be57342..1950ffc 100644 --- a/models.py +++ b/models.py @@ -54,6 +54,11 @@ class Attention(db.Model): pid = db.Column(db.Integer) disabled = db.Column(db.Boolean, default=False) +class TagRecord(db.Model): + id = db.Column(db.Integer, primary_key=True) + tag = db.Column(db.String(32)) + pid = db.Column(db.Integer) + class Syslog(db.Model): id = db.Column(db.Integer, primary_key=True) log_type = db.Column(db.String(16)) diff --git a/utils.py b/utils.py index 19d47d4..86bdb8b 100644 --- a/utils.py +++ b/utils.py @@ -49,6 +49,14 @@ def map_comment(p, name): } for c in p.comments if not c.deleted ] +def map_syslog(s): + return { + 'type': s.log_type, + 'detail': s.log_detail, + 'user': look(s.name_hash), + 'timestamp': s.timestamp + } + def check_attention(name, pid): at = Attention.query.filter_by(name_hash=hash_name(name), pid=pid, disabled=False).first() return 1 if at else 0 @@ -58,3 +66,7 @@ def check_can_del(name, author_hash): def look(s): return s[:3] + '...' + s[-3:] + +def get_num(p): + if not (p and p.isdigit()): abort(422) + return int(p)