def update_post(id):
if not current_user.is_authenticated:
return redirect(url_for("login", next=url_for("update_post", id=id)))
if (current_user.id is not Post.get_post(id).user_id
or not current_user.poster or not current_user.admin):
return "Not Authorized!"
try:
post_to_update = Post.query.get_or_404(id)
except:
db.session.rollback()
post_to_update = Post.query.get_or_404(id)
form = UpdateForm()
time = datetime.utcnow()
if form.validate_on_submit():
try:
post_to_update = Post.query.get_or_404(id)
Post.update(post_to_update.id, form.url.data, form.body.data)
except:
db.session.rollback()
Post.update(post_to_update.id, form.url.data, form.body.data)
return redirect(url_for("feed"))
elif request.method == "GET":
form.body.data = post_to_update.body
form.url.data = post_to_update.url
return render_template("update.html",
title="Update Post",
form=form,
post=post_to_update)
def delete_posts():
if not current_user.is_authenticated:
return redirect(url_for("login", next=url_for("delete_posts")))
if not current_user.admin:
return "Not Authorized!"
try:
Post.delete_all()
except:
db.session.rollback()
Post.delete_all()
return redirect(url_for("admin"))
def delete_post(id):
if not current_user.is_authenticated:
return redirect(url_for("login", next=url_for("delete_post", id=id)))
if current_user.id is not Post.get_post(
id).user_id or not current_user.admin:
return "Not Authorized!"
try:
Post.delete(id)
except:
db.session.rollback()
Post.delete(id)
return redirect(url_for("feed"))
def admin():
if not current_user.is_authenticated:
return redirect(url_for("login", next=url_for("admin")))
if not current_user.admin:
return "Not Authorized!"
try:
users = User.get_users()
posts = Post.get_posts()
except:
db.session.rollback()
users = User.get_users()
posts = Post.get_posts()
return render_template("admin.html", users=users, posts=posts)
def show_post(id):
post = Post.get_post(id)
return render_template(
"post.html",
title=post.body,
post=post,
)
def create_post():
if not current_user.is_authenticated:
return redirect(url_for("login", next=url_for("create_post")))
if not current_user.poster:
return "Not Authorized!"
form = PostForm()
time = datetime.utcnow()
if form.validate_on_submit():
try:
Post.create(url=form.url.data, body=form.body.data)
flash("Congratulations, You Have Successfully Created A Post!")
return redirect(url_for("feed"))
except:
db.session.rollback()
Post.create(url=form.url.data, body=form.body.data)
flash("Congratulations, You Have Successfully Created A Post!")
return redirect(url_for("feed"))
return render_template("create.html", title="Create Post", form=form)
def test_follow_posts(self):
# create four users
u1 = User(username="******", email="*****@*****.**")
u2 = User(username="******", email="*****@*****.**")
u3 = User(username="******", email="*****@*****.**")
u4 = User(username="******", email="*****@*****.**")
db.session.add_all([u1, u2, u3, u4])
# create four posts
now = datetime.utcnow()
p1 = Post(body="post from john",
author=u1,
timestamp=now + timedelta(seconds=1))
p2 = Post(body="post from susan",
author=u2,
timestamp=now + timedelta(seconds=4))
p3 = Post(body="post from mary",
author=u3,
timestamp=now + timedelta(seconds=3))
p4 = Post(body="post from david",
author=u4,
timestamp=now + timedelta(seconds=2))
db.session.add_all([p1, p2, p3, p4])
db.session.commit()
# setup the followers
u1.follow(u2) # john follows susan
u1.follow(u4) # john follows david
u2.follow(u3) # susan follows mary
u3.follow(u4) # mary follows david
db.session.commit()
# check the followed posts of each user
f1 = u1.followed_posts().all()
f2 = u2.followed_posts().all()
f3 = u3.followed_posts().all()
f4 = u4.followed_posts().all()
self.assertEqual(f1, [p2, p4, p1])
self.assertEqual(f2, [p2, p3])
self.assertEqual(f3, [p3, p4])
self.assertEqual(f4, [p4])
def post_add():
# text editor head & content
head = request.form.get('head')
content = request.form.get('content')
# author = session['loginUser']['id']
author = 1
post = Post(head, content, author)
try:
db_session.add(post)
db_session.commit()
return jsonify(
{"result": {
"code": 200,
"message": "post successfully added."
}})
except SQLAlchemyError as sqlerr:
db_session.rollback()
return jsonify(
{"result": {
"code": 500,
"message": "post is failed to add."
}})
def create_post():
""" The controller to handle incoming GET and POST requests to the `/create` URL of the Flask web server.
1. Makes the `PostForm()` created using Flask-WTF available to the `templates/create` view by passing the view and the form as parameters to Flask's built-in `render_template()` function.
- Results from a GET request from an authenticated user.
2. If data validation occurs, then an HTTP request is made to the remote SQL database requesting that a new row is inserted into the Posts table in the SQL database.
- There is a `one-to-many relationship` between `Users` and `Posts` because the foreign key of every row in the Post table is a `user_id` of a row from the Users table. Each user can have many posts but each post has only one user.
3. The user is redirected to the `index` view.
Parameters
----------
param1 : string
The first parameter is the URL being requested by the client.
Returns
-------
str
The create page generated by the Jinja2 template.
"""
form = PostForm()
time = datetime.utcnow()
if form.validate_on_submit():
try:
post = Post(user_id=current_user.id,
url=form.url.data,
body=form.body.data)
db.session.add(post)
db.session.commit()
flash("Congratulations, you have successfully created a post!")
return redirect(url_for("index"))
except:
flash("Sorry, there was an error creating your post!")
return redirect(url_for("index"))
return render_template("create.html", title="Create Post", form=form)