def unjoin_group(gid):
group = get_group(gid)
if not group:
flash('Group does not exist')
return redirect(url_for('error'))
if not in_group(session['userid'], gid):
flash("You can't leave a group you're not in.")
return redirect(url_for('error'))
delete_from_group(gid, session['userid'])
flash("Unjoined group " + get_group(gid).groupname + ".")
return redirect(url_for('my_groups'))
def rename_group(gid):
# Restrict access to this page to matching group owner.
group = get_group(gid)
if not group:
flash("Group does not exist.")
return redirect(url_for('error'))
if not is_group_owner(gid):
flash("You are not authorized to access this page.")
return redirect(url_for('error'))
form = RenameGroupForm(request.form)
if request.method == 'POST' and form.validate():
success = rename_group_controller(gid, form)
if success:
flash("Successfully renamed group to " + form.groupname.data + ".")
return redirect(url_for('my_groups'))
else:
flash("Group renaming failed; group name must be unique.")
return render_template('groups/renamegroup.html',
group=group,
form=form)
else:
return render_template('groups/renamegroup.html',
group=group,
form=form)
def group_page(groupid):
group = get_group(groupid)
if not group:
flash("Group does not exist.")
return redirect(url_for('error'))
owner = userid_to_object(group.groupownerid)
#todo: make sure in_group method works
if not in_group(session['userid'], groupid):
flash("You can't view this page without joining the group.")
return redirect(url_for('group_error', groupid=groupid))
post_form = PostForm(request.form)
pageid = get_pageid_group(groupid)
if post_form.validate() and request.method == 'POST':
post_on_page(pageid, session['userid'], post_form.content.data)
return redirect(url_for('group_page', groupid=groupid))
post_form = PostForm()
posts = get_posts(pageid)
return render_template('pages/grouppage.html',
form=post_form,
group=group,
owner=owner,
posts=posts,
page=pageid)
def group_members(gid):
if not in_group(session['userid'], gid):
flash("You can't view this page without joining the group.")
return redirect(url_for('group_error', groupid=gid))
group = get_group(gid)
members = get_group_members(gid)
return render_template('groups/groupmembers.html', group=group, members=members)
def retrieve_customer_groups_controller(userid):
conn = mysql.connect()
cursor = conn.cursor()
cursor.execute('select groupid from groupmembers where userid=%s', (userid))
group_ids = cursor.fetchall()
groups = []
for group_id in group_ids:
group = get_group(group_id)
groups.append(group)
return groups
def permission_to_edit_post(userid, postid):
page = get_page(postid)
post = get_post(postid)
if page.pagetype == 'Personal':
return page.ownerid == userid or post.authorid == userid
else:
group = get_group(page.groupid)
if group.groupownerid == userid or post.authorid == userid:
return True
else:
return False
def delete_members(gid):
group = get_group(gid)
if not group:
return redirect(url_for('error'))
# Restrict access to this page to matching group owner.
if not is_group_owner(gid):
flash("You are not authorized to access this page.")
return redirect(url_for('error'))
# get group members
group_members = get_group_members(gid)
return render_template('groups/deletemembers.html', group=group, group_members=group_members)
def add_member_search(gid):
group = get_group(gid)
if not group:
flash("Group does not exist.")
return redirect(url_for('error'))
# Restrict access to this page to matching group owner.
if not is_group_owner(gid):
flash("You are not authorized to access this page.")
return redirect(url_for('error'))
# reuse methods from finding friends:
form = SearchForm(request.form)
if request.method == 'POST':
search_results = user_search_controller(form)
invalid_reqs = get_invalid_group_add_reqs(gid)
# todo: directly add users who already requested to join group
return render_template('groups/addtogroup.html', group=group, form=form, search_results=search_results, invalid_reqs=invalid_reqs)
return render_template('groups/addtogroup.html', group=group, form=form)
def post_page(postid):
post = get_post(postid)
if not post:
flash("Post does not exist.")
return redirect(url_for('error'))
page = get_page(postid) # page post belongs to
# Check whether post/comment thread rooted off a personal page or group page.
if page.pagetype == 'Group':
if not in_group(session['userid'], page.groupid):
flash("You can't view this page without joining the group.")
return redirect(url_for('group_error', groupid=page.groupid))
group = get_group(page.groupid)
origin_type = 'group'
else:
user = userid_to_object(page.ownerid)
origin_type = 'user'
form = CommentForm(request.form)
# write a comment
if form.validate() and request.method == 'POST':
comment_on_post(postid, session['userid'], form.content.data)
redirect(url_for('post_page', postid=postid))
form = CommentForm()
post = get_post(postid)
#debug
for c in post.comments:
print(c.content, c.likes)
#
if origin_type == 'user':
return render_template('pages/post.html',
form=form,
post=post,
user=user,
group=None)
else:
return render_template('pages/post.html',
form=form,
post=post,
group=group,
user=None)
def group_error(groupid):
group = get_group(groupid)
return render_template('errors/groupprivacy.html', group=group)
def add_to_group(gid, userid):
insert_pending_group_member(gid, userid, 'owner')
groupname = get_group(gid).groupname
flash("Requested to join " + groupname + ".")
return redirect(url_for('find_group'))
def confirm_membership(gid, userid):
group = get_group(gid)
user = userid_to_object(userid)
group_accept_controller(gid, userid)
flash(user.username + " is now in " + group.groupname + ".")
return redirect(url_for('group_requests'))
