def edit_post(id):
if not current_user:
return redirect(url_for('main.login'))
post = Post.query.get_or_404(id)
if current_user != post.user:
abort(403)
permission = Permission(UserNeed(post.user.id))
if permission.can() or admin_permission.can():
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
abort(403)
def new(type):
form = PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.cover = form.cover.data
new_post.publish_date = datetime.now()
new_post.update_date = new_post.publish_date
new_post.user_id = current_user.id
new_post.type = type
new_post.summary = form.summary.data
new_post.video = form.video.data
tagStrList = form.tags.data.split(',')
for tagStr in tagStrList:
tagStr = tagStr.strip()
tag = Tag.query.filter_by(title=tagStr).first()
if not tag:
tag = Tag(tagStr)
new_post.tags.append(tag)
for photo_url in form.photos.data:
if photo_url != '':
photo = Photo(photo_url)
new_post.photos.append(photo)
db.session.add(new_post)
db.session.commit()
return redirect(url_for('blog.post', post_id=new_post.id))
form.type.data = type
return render_template("edit_{}.html".format(type), form=form, type=type)
def new_post():
form = PostForm()
if form.validate_on_submit():
if form.type.data == "blog":
new_post = BlogPost()
new_post.text = form.text.data
elif form.type.data == "image":
new_post = ImagePost()
new_post.image_url = form.image.data
elif form.type.data == "video":
new_post = VideoPost()
new_post.video_object = form.video.data
elif form.type.data == "quote":
new_post = QuotePost()
new_post.text = form.text.data
new_post.author = form.author.data
new_post.title = form.title.data
new_post.user = User.objects(
username=current_user.username
).one()
new_post.save()
return render_template('new.html', form=form)
def edit_post(id):
post = Post.query.get_or_404(id)
permission = Permission(UserNeed(post.user.id))
print permission.can()
# We want admins to be able to edit any post
if permission.can() or admin_permission.can():
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
abort(403)
def index():
form = PostForm()
if form.validate_on_submit():
language = guess_language(form.post.data)
if language == 'UNKNOWN' or len(language) > 5:
language = ''
post = Post(body=form.post.data,
author=current_user,
language=language)
db.session.add(post)
db.session.commit()
flash(_('Your post is now live!'))
return redirect(url_for('index'))
#分页
page = request.args.get('page', 1, type=int)
posts = current_user.followed_posts().paginate(
page, app.config['POSTS_PER_PAGE'], False)
next_url = url_for('index',
page=posts.next_num if posts.has_next else None)
prev_url = url_for('index',
page=posts.prev_num if posts.has_prev else None)
return render_template('index.html',
title=_('Home'),
form=form,
posts=posts.items,
next_url=next_url,
prev_url=prev_url)
def edit_post(id):
# 此处验证用login_required装饰器代替
"""
if not g.current_user:
return redirect(url_for('main.login'))
"""
post = Post.query.get_or_404(id)
# 此处使用用户权限进行限制访问
"""
if current_user != post.user:
abort(403)
"""
permission = Permission(UserNeed(post.user.id))
if permission.can() or admin_permission.can():
form = PostForm()
if form.validate_on_submit():
if form.title.data == post.title and form.text.data == post.text:
flash('no changes detected!', category='message')
else:
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
abort(403)
def new_post():
form = PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
db.session.add(new_post)
db.session.commit()
return render_template('new.html', form=form)
def new_post():
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
author=current_user)
db.session.add(post)
db.session.commit()
flash('Your post has been created!', 'success')
return redirect(url_for('home'))
return render_template('create_post.html', title='New Post', form=form)
def new_post():
form = PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
new_post.user = User.query.filter_by(
username=current_user.username).one()
db.session.add(new_post)
db.session.commit()
return render_template('new.html', form=form)
def new_post():
form=PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
db.session.add(new_post)
db.session.commit()
return render_template('new.html', form=form)
def new_post():
form = PostForm()
print("new_post")
if form.validate_on_submit():
new_post = Post()
new_post.title = form.title.data
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
user = User.objects(id=current_user.id).first()
new_post.user = user
new_post.save()
return render_template('new.html', form=form)
def new_post():
form = PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
new_post.user = User.query.filter_by(
username=current_user.username
).one()
db.session.add(new_post)
db.session.commit()
return render_template('new.html', form=form)
def new_post():
form = PostForm()
if not current_user:
return redirect(url_for('main.login'))
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
db.session.add(new_post)
db.session.commit()
return render_template('new.html', form=form)
def edit_post(id):
post = Post.query.get_or_404(id)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
def add_post():
if not g.current_user:
flash('发表新想法前请先登录!', category='error')
return redirect(url_for('main.login'))
form = PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data, form.content.data)
new_post.publish_date = datetime.datetime.now()
new_post.user = g.current_user
new_post.category = PostCategory(form.category.data)
db.session.add(new_post)
db.session.commit()
return redirect(url_for('.get_post', post_id=new_post.id))
return render_template('add.html', form=form)
def edit(id):
post = Post.query.get_or_404(id)
permission = Permission(UserNeed(post.user.id))
if permission.can() or admin_permission.can():
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.cover = form.cover.data
post.video = form.video.data
post.summary = form.summary.data
post.text = form.text.data
post.update_date = datetime.now()
del post.tags[:] # 删除所有标签
del post.photos[:] # 删除所有图片
if form.tags.data.strip():
tagStrList = form.tags.data.split(',')
for tagStr in tagStrList: # 对标签循环
tagStr = tagStr.strip()
tag = Tag.query.filter_by(title=tagStr).first()
if not tag: # 标签不存在时新增
tag = Tag(tagStr)
post.tags.append(tag)
for photo_url in form.photos.data:
if photo_url != '':
photo = Photo(photo_url)
post.photos.append(photo)
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
type = post.type
form.cover.data = post.cover
form.text.data = post.text
form.title.data = post.title
form.summary.data = post.summary
form.type.data = type
photos = [photo.url for photo in post.photos]
form.summary.data = post.summary
tags = []
for tag in post.tags:
tags.append(tag.title)
form.tags.data = ','.join(tags)
return render_template("edit_{}.html".format(type), form=form, post=post, photos=photos)
abort(403)
def edit_post(id):
post=Post.query.get_or_404(id)
form=PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
def new_post():
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
post_image_file=form.picture_file.data,
author=current_user)
if form.picture_file.data:
post_image_file = save_picture_post(form.picture_file.data)
current_user.image_file = post_image_file
db.session.add(post)
db.session.commit()
flash('Your post has been created', 'success')
return redirect(url_for('home'))
return render_template('create_post.html',
title='New Post',
form=form,
legend='New Post')
def new_post():
form = PostForm()
if form.validate_on_submit():
new_post = Post()
new_post.title = form.title.data
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
db.session.add(new_post)
db.session.commit()
return redirect(url_for('blog.post', post_id=new_post.id))
recent, top_tags = sidebar_data()
return render_template('new.html',
form=form,
recent=recent,
top_tags=top_tags)
def new_post():
# 此处验证用login_required装饰器代替
'''
if not g.current_user:
return redirect(url_for('main.login'))
'''
form = PostForm()
if form.validate_on_submit():
new_post = Post(form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
new_post.user = current_user
db.session.add(new_post)
db.session.commit()
return redirect(url_for('.post', post_id=new_post.id))
return render_template('new.html', form=form)
def update_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash('Your post has been updated!', 'success')
return redirect(url_for('post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend='Update Post')
def new_post():
## image1_file = url_for('static',filename='uploaded_pics/'+current_user.image1_file)
## flash('Your picture is uploaded')
## return redirect(url_for('home'))
## return render_template('trial.html', title='New Post', image1_file = image1_file, form = form, legend='Authentify Product')
form = PostForm()
if form.validate_on_submit():
if form.picture.data:
picture1_file = save_picture(form.picture1.data)
post.image1_file = picture1_file
db.session.add(picture1_file)
db.session.commit()
flash('Your picture is uploaded')
return redirect(url_for('home'))
image_file = url_for('static', filename='profile_pics/' + post.image1_file)
return render_template('trial.html',
title='New Post',
form=form,
legend='Authentify Product')
def edit_post(id):
post = Post.objects(id=id).get_or_404()
permission = Permission(UserNeed(post.user.id))
if (permission.can() or admin_permission.can()):
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
post.save()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
abort(403)
def update_post(post_id):
post = Post.query.get_or_404(post_id)
#we validate that only the owner can update this. We will use this conditon for now to confirm only admin can upload/update posts
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash('Your post has benn updated', 'success')
return redirect(url_for('post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend='Update Post')
def index():
form = PostForm()
if form.validate_on_submit():
post = Post(body=form.post.data, author=current_user)
db.session.add(post)
db.session.commit()
flash('Your post is now live!')
return redirect(url_for('index'))
page = request.args.get('page', 1, type=int)
posts = current_user.followed_posts().paginate(
page, app.config['POSTS_PER_PAGE'], False)
next_url = url_for('index',
page=posts.next_num) if posts.has_next else None
prev_url = url_for('index',
page=posts.prev_num) if posts.has_prev else None
return render_template("index.html",
title='Home Page',
form=form,
posts=posts.items,
next_url=next_url,
prev_url=prev_url)
def edit_post(id):
post = Post.query.get_or_404(id)
permission = Permission(UserNeed(post.user.id))
# We want admins to be able to edit any post
if permission.can() or admin_permission.can():
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
db.session.add(post)
db.session.commit()
return redirect(url_for('.post', post_id=post.id))
form.text.data = post.text
return render_template('edit.html', form=form, post=post)
abort(403)