def delete_post(post_id):
post = Post.objects(id=post_id).first()
if not post:
abort(404)
user = User.objects(id=current_user.id).first()
if post.author != user:
abort(403)
post.delete()
flash('Your post has been deleted!', 'success')
return redirect(url_for('home'))
def get(self, page=1):
query = request.args.get('q')
if query == None:
return redirect(url_for('posts.list'))
search_posts = Post.objects(title__icontains=query)
posts = search_posts.paginate(page=page, per_page=config.per_page)
return render_template('posts/search.html',
posts=posts,
pagination=posts,
query=query,
disqus_shortname=config.disqus_shortname
)
def update_post(post_id):
post = Post.objects(id=post_id).first()
if not post:
abort(404)
user = User.objects(id=current_user.id).first()
if post.author != user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.update(title=form.title.data, content=form.content.data)
flash('Your post has been updated!', 'success')
return redirect(url_for('post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title="Update Post",
form=form,
legend="Update Post")
def post(post_id):
post = Post.objects(id=post_id).first()
if not post:
abort(404)
return render_template('post.html', title=post.title, post=post)
