记录与查看非公开内容

3 years ago · b0c03a7383
--- a/app.py
+++ b/app.py
@ -30,7 +30,8 @@ db = SQLAlchemy(app)

 class Candidate(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    content = db.Column(db.String(400))
    content = db.Column(db.String(4000))
    private = db.Column(db.String(1000))
    url = db.Column(db.String(50))
    time = db.Column(db.DateTime)
    toot = db.Column(db.BigInteger)
@ -39,6 +40,7 @@ db.create_all()

@app.route('/ordinary/')
 def list():
    key = request.args.get('key')
    pag = Candidate.query.order_by(db.desc('id')).paginate(max_per_page=100)

    vs = [{
@ -48,28 +50,36 @@ def list():
        } for name, ques, hint, ans in C.verify
        ]

    return render_template('list.html', pagination=pag, vs=vs)
    return render_template('list.html', pagination=pag, vs=vs, showPrivate=(key==C.key))

@app.route('/ordinary/new', methods=['POST'])
@limiter.limit("5 / hour; 1 / 2 second")
 def new_one():

    content = request.form.get('text')
    private = request.form.get('privateText')
    url = request.form.get('url')

    for name, ques, hint, ans in C.verify:
        if request.form.get(name) != ans: abort(401)

    if not content or len(content)>400: abort(422)
    if not content or len(content)>4000: abort(422)
    if    private and len(private)>1000: abort(422)
    if url and not re.match('https://(cloud\.tsinghua\.edu\.cn/f/[0-9a-z]+/(\?dl=1)?)|(closed\.social/safeShare/\d([a-zA-Z]+)?)', url): abort(422)

    if not Candidate.query.filter_by(content=content).first():
        toot = th.status_post(
                f"叮~ 有新的自荐报名（大家可以直接在此处评论）：\n\n{content}",
                visibility='unlisted'
                )

        c = Candidate(content=content, url=url, toot=toot.id, time = datetime.now())
            )

        c = Candidate(
                content=content,
                private=private,
                url=url,
                toot=toot.id,
                time=datetime.now()
            )
        db.session.add(c)
        db.session.commit()

--- a/config.sample.py
+++ b/config.sample.py
@ -10,3 +10,4 @@ class C(object):
                ('test1', '1+1=?', '2', '2'),
                ('test2', '2+2=?', '5', '4')
            ]
    key = 'key'
--- a/templates/list.html
+++ b/templates/list.html
@ -80,9 +80,9 @@
        <form action="new" method="post">
          <div class="form-group qbox">
            <h4>自荐提名</h4>
            <textarea class="form-control"  name="text" rows="5" maxlength="400" placeholder="一段简单的自我陈述，向大家展示普通的自己。鼓励写写自己未被计入主流评价体系的闪光点，或是独特的经历与坚持。" required="required"></textarea>
            <textarea class="form-control"  name="text" rows="5" maxlength="4000" placeholder="一段简单的自我陈述，向大家展示普通的自己。鼓励写写自己未被计入主流评价体系的闪光点，或是独特的经历与坚持。" required="required"></textarea>
            <hr/>
            <textarea class="form-control"  name="privateText" rows="3" maxlength="400" placeholder="可以在这里写一些不想被公开的内容，只有评委们能看到。如果你希望留下联系方式，也可以写在这里。"></textarea>
            <textarea class="form-control"  name="privateText" rows="3" maxlength="1000" placeholder="可以在这里写一些不想被公开的内容，只有评委们能看到。如果你希望留下联系方式，也可以写在这里。"></textarea>
            <hr/>
            <div class="form-group row">
              <label for="url" class="col-sm-3 col-form-label">补充材料(可选)</label>
@ -134,6 +134,11 @@
      {% for c in pagination.items %}
      <div class="qbox">
        <pre class="inner">{{c.content}}</pre>
        {% if showPrivate %}
        <hr/>
        <pre class="inner">{{c.private}}</pre>
        <hr/>
        {% endif %}
        {% if c.url %}
        <p class="inner"><a href="{{c.url}}" target="_black">补充材料</a></p>
        {% endif %}