MCPcopy
hub / github.com/isso-comments/isso / edit

Method edit

isso/views/comments.py:541–587  ·  view source on GitHub ↗
(self, environ, request, id)

Source from the content-addressed store, hash-verified

539
540 @xhr
541 def edit(self, environ, request, id):
542 try:
543 rv = self.isso.unsign(request.cookies.get(str(id), ""))
544 except (SignatureExpired, BadSignature):
545 raise Forbidden
546
547 if rv[0] != id:
548 raise Forbidden
549
550 # verify checksum, mallory might skip cookie deletion when he deletes a comment
551 if rv[1] != sha1(self.comments.get(id)["text"]):
552 raise Forbidden
553
554 data = request.json
555
556 for key in set(data.keys()) - set(["text", "author", "website"]):
557 data.pop(key)
558
559 valid, reason = API.verify(data)
560 if not valid:
561 return BadRequest(reason)
562
563 for field in ("author",):
564 if data.get(field) is not None:
565 data[field] = escape(data[field], quote=False)
566
567 if data.get("website") is not None:
568 data["website"] = escape(data["website"], quote=True)
569
570 data["modified"] = time.time()
571
572 with self.isso.lock:
573 rv = self.comments.update(id, data)
574
575 for key in set(rv.keys()) - API.FIELDS:
576 rv.pop(key)
577
578 self.signal("comments.edit", rv)
579
580 cookie = self.create_cookie(value=self.isso.sign([rv["id"], sha1(rv["text"])]), max_age=self.conf.getint("max-age"))
581
582 rv["text"] = self.isso.render(rv["text"])
583
584 resp = JSON(rv, 200)
585 resp.headers.add("Set-Cookie", cookie(str(rv["id"])))
586 resp.headers.add("X-Set-Cookie", cookie("isso-%i" % rv["id"]))
587 return resp
588
589 """
590 @api {delete} /id/:id delete

Callers

nothing calls this directly

Calls 11

create_cookieMethod · 0.95
setFunction · 0.85
cookieFunction · 0.85
unsignMethod · 0.80
signMethod · 0.80
getMethod · 0.45
verifyMethod · 0.45
updateMethod · 0.45
getintMethod · 0.45
renderMethod · 0.45
addMethod · 0.45

Tested by

no test coverage detected