From 33d847988e30eb1490dd464cb9fb40dba504cbdd Mon Sep 17 00:00:00 2001 From: businkv Date: Thu, 23 Apr 2026 19:16:32 +0300 Subject: [PATCH 1/4] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?= =?UTF-8?q?=D0=B5=D0=BD=D0=BE:=20=D0=94=D0=BB=D1=8F=20=D0=BD=D0=B5=D0=B0?= =?UTF-8?q?=D0=BD=D0=BE=D0=BD=D0=B8=D0=BC=D0=BD=D1=8B=D1=85=20=D0=BE=D1=82?= =?UTF-8?q?=D0=B7=D1=8B=D0=B2=D0=BE=D0=B2=20=D0=B8=D0=BC=D1=8F=20=D0=BF?= =?UTF-8?q?=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB?= =?UTF-8?q?=D1=8F=20=D0=B7=D0=B0=D0=BF=D1=80=D0=B0=D1=88=D0=B8=D0=B2=D0=B0?= =?UTF-8?q?=D0=B5=D1=82=D1=81=D1=8F=20=D1=87=D0=B5=D1=80=D0=B5=D0=B7=20Uni?= =?UTF-8?q?onAuth.=5Fget=5Fuserdata.=20=D0=95=D1=81=D0=BB=D0=B8=20=D0=B2?= =?UTF-8?q?=20=D0=BF=D1=80=D0=BE=D1=84=D0=B8=D0=BB=D0=B5=20=D0=BD=D0=B5=20?= =?UTF-8?q?=D0=B7=D0=B0=D0=B4=D0=B0=D0=BD=D0=BE=20=D0=B8=D0=BC=D1=8F,=20?= =?UTF-8?q?=D1=82=D0=BE=20=D0=B2=D0=BE=D0=B7=D0=B2=D1=80=D0=B0=D1=89=D0=B0?= =?UTF-8?q?=D0=B5=D1=82=D1=81=D1=8F=20=D0=BE=D1=88=D0=B8=D0=B1=D0=BA=D0=B0?= =?UTF-8?q?,=20=D0=BE=D1=82=D0=B7=D1=8B=D0=B2=20=D0=BD=D0=B5=20=D1=81?= =?UTF-8?q?=D0=BE=D0=B7=D0=B4=D0=B0=D1=91=D1=82=D1=81=D1=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- rating_api/routes/comment.py | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/rating_api/routes/comment.py b/rating_api/routes/comment.py index 8cea2ad..8571a30 100644 --- a/rating_api/routes/comment.py +++ b/rating_api/routes/comment.py @@ -7,6 +7,7 @@ from auth_lib.fastapi import UnionAuth from fastapi import APIRouter, Depends, Query from fastapi_sqlalchemy import db +from starlette.requests import Request from rating_api.exceptions import ( CommentTooLong, @@ -37,7 +38,7 @@ @comment.post("", response_model=CommentGet) -async def create_comment(lecturer_id: int, comment_info: CommentPost, user=Depends(UnionAuth())) -> CommentGet: +async def create_comment(lecturer_id: int, comment_info: CommentPost, request: Request, user=Depends(UnionAuth())) -> CommentGet: """ Scopes: `["rating.comment.create"]` @@ -115,9 +116,23 @@ async def create_comment(lecturer_id: int, comment_info: CommentPost, user=Depen fullname = None if not comment_info.is_anonymous: - userdata_info = user.get("userdata", []) - fullname_info = list(filter(lambda x: "Полное имя" == x['param'], userdata_info)) - fullname = fullname_info[0]["value"] if len(fullname_info) != 0 else None + token = request.headers.get("Authorization") + if token: + try: + auth = UnionAuth() + user_data = auth._get_userdata(token, user_id) + + if user_data and "items" in user_data: + for item in user_data["items"]: + if "Полное имя" in item: + fullname = item["Полное имя"] + break + except Exception: + pass + + if not fullname: + raise ForbiddenAction(Comment) + new_comment = Comment.create( session=db.session, @@ -448,4 +463,4 @@ async def like_comment( comment.is_disliked = False comment.is_liked = False CommentReaction.delete(session=db.session, id=existing_reaction.uuid) - return CommentGet.model_validate(comment) + return CommentGet.model_validate(comment) \ No newline at end of file From e4b955e37bffbfbc611d0f8806cc01a61c2e00b4 Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Thu, 23 Apr 2026 22:58:09 +0300 Subject: [PATCH 2/4] fixes --- rating_api/routes/comment.py | 31 +++++++++---------------------- 1 file changed, 9 insertions(+), 22 deletions(-) diff --git a/rating_api/routes/comment.py b/rating_api/routes/comment.py index 8571a30..8bd7736 100644 --- a/rating_api/routes/comment.py +++ b/rating_api/routes/comment.py @@ -38,7 +38,9 @@ @comment.post("", response_model=CommentGet) -async def create_comment(lecturer_id: int, comment_info: CommentPost, request: Request, user=Depends(UnionAuth())) -> CommentGet: +async def create_comment( + lecturer_id: int, comment_info: CommentPost, request: Request, user=Depends(UnionAuth(enable_userdata=True)) +) -> CommentGet: """ Scopes: `["rating.comment.create"]` @@ -113,33 +115,18 @@ async def create_comment(lecturer_id: int, comment_info: CommentPost, request: R ) # Обрабатываем анонимность комментария, и удаляем этот флаг чтобы добавить запись в БД user_id = None if comment_info.is_anonymous else user.get('id') - - fullname = None + full_name = None if not comment_info.is_anonymous: - token = request.headers.get("Authorization") - if token: - try: - auth = UnionAuth() - user_data = auth._get_userdata(token, user_id) - - if user_data and "items" in user_data: - for item in user_data["items"]: - if "Полное имя" in item: - fullname = item["Полное имя"] - break - except Exception: - pass - - if not fullname: - raise ForbiddenAction(Comment) - + userdata_info = user.get("userdata") + full_name_info = list(filter(lambda x: "Полное имя" == x['param'], userdata_info)) + full_name = full_name_info[0]["value"] if len(full_name_info) != 0 else None new_comment = Comment.create( session=db.session, **comment_info.model_dump(exclude={"is_anonymous"}), lecturer_id=lecturer_id, user_id=user_id, - user_fullname=fullname, + user_fullname=full_name, review_status=ReviewStatus.PENDING, ) @@ -463,4 +450,4 @@ async def like_comment( comment.is_disliked = False comment.is_liked = False CommentReaction.delete(session=db.session, id=existing_reaction.uuid) - return CommentGet.model_validate(comment) \ No newline at end of file + return CommentGet.model_validate(comment) From a1d17e992ae8d875e965b861ae9f9e7dd0d127ef Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Thu, 23 Apr 2026 22:59:52 +0300 Subject: [PATCH 3/4] fix --- rating_api/routes/comment.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/rating_api/routes/comment.py b/rating_api/routes/comment.py index 8bd7736..3bc362f 100644 --- a/rating_api/routes/comment.py +++ b/rating_api/routes/comment.py @@ -7,7 +7,6 @@ from auth_lib.fastapi import UnionAuth from fastapi import APIRouter, Depends, Query from fastapi_sqlalchemy import db -from starlette.requests import Request from rating_api.exceptions import ( CommentTooLong, @@ -39,7 +38,7 @@ @comment.post("", response_model=CommentGet) async def create_comment( - lecturer_id: int, comment_info: CommentPost, request: Request, user=Depends(UnionAuth(enable_userdata=True)) + lecturer_id: int, comment_info: CommentPost, user=Depends(UnionAuth(enable_userdata=True)) ) -> CommentGet: """ Scopes: `["rating.comment.create"]` @@ -115,18 +114,19 @@ async def create_comment( ) # Обрабатываем анонимность комментария, и удаляем этот флаг чтобы добавить запись в БД user_id = None if comment_info.is_anonymous else user.get('id') + full_name = None if not comment_info.is_anonymous: userdata_info = user.get("userdata") - full_name_info = list(filter(lambda x: "Полное имя" == x['param'], userdata_info)) - full_name = full_name_info[0]["value"] if len(full_name_info) != 0 else None + fullname_info = list(filter(lambda x: "Полное имя" == x['param'], userdata_info)) + fullname = fullname_info[0]["value"] if len(fullname_info) != 0 else None new_comment = Comment.create( session=db.session, **comment_info.model_dump(exclude={"is_anonymous"}), lecturer_id=lecturer_id, user_id=user_id, - user_fullname=full_name, + user_fullname=fullname, review_status=ReviewStatus.PENDING, ) From cff23ebed7158120fe86cb243c551c1ddd7ad1c9 Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Thu, 23 Apr 2026 23:01:06 +0300 Subject: [PATCH 4/4] format --- rating_api/routes/comment.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rating_api/routes/comment.py b/rating_api/routes/comment.py index 3bc362f..3c5b535 100644 --- a/rating_api/routes/comment.py +++ b/rating_api/routes/comment.py @@ -115,7 +115,7 @@ async def create_comment( # Обрабатываем анонимность комментария, и удаляем этот флаг чтобы добавить запись в БД user_id = None if comment_info.is_anonymous else user.get('id') - full_name = None + fullname = None if not comment_info.is_anonymous: userdata_info = user.get("userdata") fullname_info = list(filter(lambda x: "Полное имя" == x['param'], userdata_info))