From 5db9cb47bade896d3afa8b9d3cbee9af8e11afef Mon Sep 17 00:00:00 2001
From: Sander Ferdinand <sa.ferdinand@gmail.com>
Date: Sun, 1 Jul 2018 01:38:13 +0200
Subject: [PATCH] Comments database schema

---
 wowfunding/orm/orm.py | 48 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/wowfunding/orm/orm.py b/wowfunding/orm/orm.py
index e4fc966..8173b8f 100644
--- a/wowfunding/orm/orm.py
+++ b/wowfunding/orm/orm.py
@@ -18,6 +18,8 @@ class User(base):
     admin = sa.Column(sa.Boolean, default=False)
     proposals = relationship('Proposal', back_populates="user")
 
+    comments = relationship("Comment", back_populates="user")
+
     def __init__(self, username, password, email):
         from wowfunding.factory import bcrypt
         self.username = username
@@ -66,6 +68,7 @@ class User(base):
             db_session.rollback()
             raise
 
+
 class Proposal(base):
     __tablename__ = "proposals"
     id = sa.Column(sa.Integer, primary_key=True)
@@ -265,3 +268,48 @@ class Payout(base):
     @staticmethod
     def get_payouts(proposal_id):
         return db_session.query(Payout).filter(Payout.proposal_id == proposal_id).all()
+
+
+class Comment(base):
+    __tablename__ = "comments"
+    id = sa.Column(sa.Integer, primary_key=True)
+
+    user_id = sa.Column(sa.Integer, sa.ForeignKey('users.user_id'), nullable=False)
+    user = relationship("User", back_populates="comments")
+
+    message = sa.Column(sa.VARCHAR, nullable=False)
+    locked = sa.Column(sa.Boolean, default=False)
+
+    @classmethod
+    def add_comment(cls, user_id: int, message: str, message_id: int = None):
+        from flask.ext.login import current_user
+        from wowfunding.factory import db_session
+        if not message:
+            raise Exception("empty message")
+
+        if current_user.id != user_id and not current_user.admin:
+            raise Exception("no rights to add or modify this comment")
+
+        if not message_id:
+            comment = Comment(user_id=self.id)
+        else:
+            try:
+                user = db_session.query(User).filter(User.id == user_id).first()
+                if not user:
+                    raise Exception("no user by that id")
+                comment = next(c for c in self.comments if c.id == message_id)
+                if comment.locked and not current_user.admin:
+                    raise Exception("your comment has been locked/removed")
+            except StopIteration:
+                raise Exception("no message by that id")
+            except:
+                raise Exception("unknown error")
+        try:
+            comment.message = message
+            db_session.add(comment)
+            db_session.commit()
+            db_session.flush()
+        except:
+            db_session.rollback()
+            raise Exception("could not add comment")
+        return comment