niming_backend/blueprints/article.py

180 lines
5.8 KiB
Python
Raw Normal View History

2024-11-13 03:23:11 +08:00
import time
2024-11-19 21:22:01 +08:00
import hashlib
2024-11-26 09:17:44 +08:00
import secrets
2024-11-19 21:22:01 +08:00
import magic
2024-11-19 22:58:15 +08:00
from flask import Blueprint, request, jsonify
2024-11-19 21:22:01 +08:00
from google.protobuf.message import DecodeError
2024-11-14 13:03:00 +08:00
from utils import logger, pgclass, setting_loader
2024-11-19 21:22:01 +08:00
from utils.dbhelper import db, solo_article_fetcher, multi_article_fetcher, solo_file_fetcher, solo_article_remover
2024-11-25 21:51:50 +08:00
from utils.misc import error, error_proto, internal_json2protobuf
from protobuf_files import niming_pb2
2024-11-13 03:23:11 +08:00
"""
TODO:
2024-11-19 02:19:25 +08:00
- IG post ( Po文刪文只PO本體文章 )
2024-11-14 13:03:00 +08:00
2024-11-18 02:47:25 +08:00
- log 的方式之後要重新設計 > 正規化
2024-11-14 13:03:00 +08:00
- IP Record (deploy之前配合rev proxy)
2024-11-19 02:19:25 +08:00
- gunicorn
- 檔案完成但是再看看要不要讓發文者持sha256存取自己發的文的檔案
2024-11-13 03:23:11 +08:00
"""
article = Blueprint('article', __name__)
# 匿名文列表
@article.route('/list', methods = ["GET"])
def listing():
2024-11-25 21:51:50 +08:00
res, code = multi_article_fetcher("general", request.args.get("page"), 30)
2024-11-19 21:22:01 +08:00
return res, code
2024-11-26 09:17:44 +08:00
2024-11-19 21:22:01 +08:00
# 獲取匿名文附檔
@article.route("/file/<int:id>", methods=["GET"])
def getfile(id:int):
resp, code = solo_file_fetcher("general", id)
return resp, code
2024-11-13 03:23:11 +08:00
2024-11-26 09:17:44 +08:00
2024-11-19 21:22:01 +08:00
# 只有發文者可以看到的獲取指定文章
# 只有發文者可以做到的刪除文章
2024-11-26 09:17:44 +08:00
@article.route("/own/<int:id>", methods = ["GET", "DELETE"])
def owner_getarticle(id:int):
# arguments
sha256 = request.args.get("hash", None)
if not sha256:
return error("Arguments error"), 400
sha256 = str(sha256)
2024-11-19 21:22:01 +08:00
# 獲取指定文章
if request.method == "GET":
2024-11-26 09:17:44 +08:00
resfn, code = solo_article_fetcher("owner", key=(sha256, id))
if code == 200:
return internal_json2protobuf(resfn), code
return resfn, code
2024-11-19 21:22:01 +08:00
# 刪除指定文章跟他們的留言、檔案
elif request.method == "DELETE":
2024-11-26 09:17:44 +08:00
result, code = solo_article_remover("owner", hash=sha256, id=id)
if not code == 200:
return result, code
logger.logger("delpost", "Delete post (id=%d): last_status=%s"
%(result["id"], str(result["mark"])))
return niming_pb2.FetchResponse(
status = niming_pb2.Status.Success,
posts = [ niming_pb2.FetchResponse.Message(id = result["id"], mark = result["mark"]) ]
).SerializeToString(), 200
2024-11-13 03:23:11 +08:00
# 獲取指定文章
2024-11-19 21:22:01 +08:00
@article.route("/<int:id>", methods = ["GET"])
2024-11-13 03:23:11 +08:00
def getarticle(id:int):
2024-11-19 21:22:01 +08:00
resfn, code = solo_article_fetcher("general", key=id)
2024-11-26 09:17:44 +08:00
if code == 200:
return internal_json2protobuf(resfn), code
return resfn, code
2024-11-13 03:23:11 +08:00
2024-11-14 13:03:00 +08:00
# 上傳文章 / 留言
2024-11-19 21:22:01 +08:00
@article.route("/", methods = ["POST"])
2024-11-13 03:23:11 +08:00
def posting():
2024-11-18 02:47:25 +08:00
# flow:
# ctx -> hash -> reference -> file -> IP -> IG -> mark -> post | -> log
2024-11-14 13:03:00 +08:00
# loadset
opt = setting_loader.loadset()
chk_before_post = opt["Check_Before_Post"]
maxword = opt["Niming_Max_Word"]
2024-11-19 21:22:01 +08:00
# protobuf parse
2024-11-25 21:51:50 +08:00
recv = niming_pb2.Post()
2024-11-19 02:19:25 +08:00
try: recv.ParseFromString(request.data)
2024-11-26 09:17:44 +08:00
except DecodeError: return error_proto("post", "Protobuf decode error"), 400
2024-11-13 03:23:11 +08:00
2024-11-26 09:17:44 +08:00
# content and check
2024-11-25 21:51:50 +08:00
ctx = str(recv.content)
2024-11-19 21:22:01 +08:00
if len(ctx) == 0 or len(ctx) > maxword: # length check
2024-11-26 09:17:44 +08:00
return error_proto("post", "no content or too many words"), 400
2024-11-13 03:23:11 +08:00
# hash
2024-11-26 09:17:44 +08:00
seed = ctx + str(time.time()) + str(secrets.token_urlsafe(nbytes=16))
2024-11-13 03:23:11 +08:00
hash = hashlib.sha256(seed.encode()).hexdigest()
2024-11-26 09:17:44 +08:00
# reference and check
ref = int(recv.ref)
if ref != 0:
# 檢查指向的文章是否也是留言
reftg, code = solo_article_fetcher(role="general", key=ref)
if code != 200 or reftg["reference"]:
return error_proto("post", "Invalid Reference"), 400
else:
ref = None
2024-11-26 09:17:44 +08:00
# file processing and check
files = recv.files
# check - size
atts = opt["Attachment_Count"]
sizelimit = opt["Attachment_Size"]
if len(files) > atts: return error_proto("post", "Too many files"), 400
for f in files:
if len(f) <= 0 or len(f) > sizelimit: return error_proto("post", "File size error"), 400
# check - mimetype
allowed_mime = opt["Allowed_MIME"]
fmimes = []
for f in files:
mime = magic.Magic(mime=True)
type = mime.from_buffer(f)
if not(type in allowed_mime): return error_proto("post", "File format error"), 400
fmimes.append(type)
# IP
ip = request.remote_addr
# ig posting
if chk_before_post:
2024-11-19 02:19:25 +08:00
igid = None
2024-11-26 09:17:44 +08:00
# Go posting
igid = None
# Coming Soon...
2024-11-13 03:23:11 +08:00
2024-11-26 09:17:44 +08:00
# mark
if chk_before_post: mark = "pending"
else: mark = "visible"
2024-11-13 21:20:21 +08:00
2024-11-26 09:17:44 +08:00
# posting
table = pgclass.SQLarticle
ftab = pgclass.SQLfile
try:
with db.getsession() as session:
# post
data = table(hash = hash, content = ctx, igid = igid, mark = mark, reference = ref, ip = ip)
session.add(data)
# file processor
fmidx = 0
fidarr = []
for f in files:
fsql = ftab(reference = hash, binary = f, type = fmimes[fmidx])
fidarr.append(fsql)
session.add(fsql)
fmidx += 1
# first commit
session.commit()
# set file list
data.file_list = [ fid.id for fid in fidarr ]
session.commit() # second commit
result_id = data.id
except:
return error_proto("post", "Create new post failed"), 400
2024-11-25 21:51:50 +08:00
2024-11-26 09:17:44 +08:00
# logger
logger.logger("newpost", "New post (id=%d point to %s): %s"%(result_id, ref, mark))
2024-11-25 21:51:50 +08:00
2024-11-26 09:17:44 +08:00
# to protobuf & return
proto_stres = niming_pb2.PostResponse(
status = niming_pb2.Status.Success,
hash = hash,
id = int(result_id)
).SerializeToString()
return proto_stres, 200
2024-11-25 21:51:50 +08:00
# 介面全部改成protobuf傳輸
# 檔案傳輸加低畫質版本(縮圖)