def add_book():
if not current_user.is_authenticated:
return redirect('/library/login')
# не работает
if not current_user.admin:
access_error('Добавление книги')
form = BooksForm()
if form.validate_on_submit():
db_sess = db_session.create_session()
book = Book()
book.title = form.title.data
book.author = form.author.data
book.year = form.year.data
book.genre = form.genre.data
book.description = form.description.data
book.text = form.text.data
db_sess.add(book)
db_sess.merge(current_user)
db_sess.commit()
return redirect('/library')
return render_template('add_book_page.html',
title='Добавление книги',
ddescription='YLibrary',
form=form)
def add_job():
try:
if not current_user.is_authenticated:
return redirect('/library/login')
if not current_user.admin:
return AccessError
form = BooksForm()
if form.validate_on_submit():
db_sess = create_session()
book = Book()
book.title = form.title.data
book.author = form.author.data
book.year = form.year.data
book.genre = form.genre.data
book.description = form.description.data
db_sess.add(book)
db_sess.merge(current_user)
db_sess.commit()
return redirect('/library')
except AccessError:
return # ругается на отсутствие прав доступа
return render_template('books.html', title='Добавление книги',
form=form)