def edit_post(id):
post = Post.query.get_or_404(id)
if not current_user:
return redirect(url_for('main.login'))
if current_user != post.users:
return redirect(url_for('blog.post', post_id=id))
# 当 user 是 poster 或者 admin 时, 才能够编辑文章
permission = Permission(UserNeed(post.users.id))
if permission.can() or admin_permission.can():
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.text = form.text.data
post.publish_date = datetime.datetime.now()
# Update the post
db.session.add(post)
db.session.commit()
return redirect(url_for('blog.post', post_id=post.id))
# Still retain the original content, if validate is false.
form.title.data = post.title
form.text.data = post.text
return render_template('edit_post.html', form=form, post=post)
else:
abort(403)
def test_post_form_invalid(self):
form = PostForm(data={
'title': '',
'content': '',
'tags': '',
'category': 0
})
self.assertFalse(form.is_valid())
def test_post_form_valid(self):
form = PostForm(
data={
'title': 'Hi there',
'content': 'This is content',
'tags': 'tag1, tag2',
'category': 1
})
self.assertTrue(form.is_valid())
def new_post():
form = PostForm()
if form.validate_on_submit():
title = form.title.data
body = form.body.data
category = Category.query.get(form.category.data)
post = Post(title=title, body=body, category=category, author=current_user)
db.session.add(post)
db.session.commit()
flash('博文已创建.', 'success')
return redirect(url_for('blog.show_post', post_id=post.id))
return render_template('admin/new_post.html', form=form)
def edit_post(post_id):
form = PostForm()
post = Post.query.get_or_404(post_id)
if form.validate_on_submit():
post.title = form.title.data
post.body = form.body.data
post.category = Category.query.get(form.category.data)
db.session.commit()
flash('博文已更新.', 'success')
return redirect(url_for('blog.show_post', post_id=post.id))
form.title.data = post.title
form.body.data = post.body
form.category.data = post.category_id
return render_template('admin/edit_post.html', form=form)
def new_post():
form = PostForm()
if form.validate_on_submit():
title = form.title.data
content = form.content.data
timestamp = form.timestamp.data
body = form.body.data
category = Category.query.get(form.category.data)
post = Post(title=title, body=body, category=category, content=content, timestamp=timestamp)
db.session.add(post)
db.session.commit()
flash('新文章创建成功!', 'success')
return redirect(url_for('blog.show_post', post_id=post.id))
return render_template('admin/new_post.html', form=form)
def new_post():
form = PostForm()
#Flask-Login 提供了一个代理对象 current_user 来访问和表示当前登录的对象, 这个对象在视图或模板中都是能够被访问的.
# 所以我们常在需要判断用户是否为当前用户时使用(EG. 用户登录后希望修改自己创建的文章).
if not current_user:
return redirect(url_for('main.login'))
if form.validate_on_submit():
new_post = Post(id=str(uuid4()), title=form.title.data)
new_post.text = form.text.data
new_post.publish_date = datetime.datetime.now()
db.session.add(new_post)
db.session.commit()
return redirect(url_for('blog.home'))
return render_template('new_post.html', form=form)