def delete_category(category_id): if category_id == 1: flash('Can not delete default category.', 'warning') return redirect_back() category = Category.query.get_or_404(category_id) category.delete() flash('Category deleted.', 'success') return redirect_back(url_for('.manage_category'))
def change_theme(theme_name): if theme_name not in current_app.config['BLOG_THEMES'].keys(): abort('404') response = make_response(redirect_back()) response.set_cookie('theme', theme_name, max_age=30 * 24 * 60 * 60) return response
def edit_profile_admin(user_id): user = User.query.get_or_404(user_id) form = EditProfileAdminForm(user=user) if form.validate_on_submit(): user.name = form.name.data role = Role.query.get(form.role.data) if role.name == 'Locked': user.lock() user.role = role user.bio = form.bio.data user.website = form.website.data user.confirmed = form.confirmed.data user.active = form.active.data user.location = form.location.data user.username = form.username.data user.email = form.email.data db.session.commit() flash('Profile updated.', 'success') return redirect_back() form.name.data = user.name form.role.data = user.role_id form.bio.data = user.bio form.website.data = user.website form.location.data = user.location form.username.data = user.username form.email.data = user.email form.confirmed.data = user.confirmed form.active.data = user.active return render_template('admin/edit_profile.html', form=form, user=user)
def block_user(user_id): user = User.query.get_or_404(user_id) if user.role.name in ['Administrator', 'Moderator']: flash('Permission denied.', 'warning') else: user.block() flash('Account blocked.', 'info') return redirect_back()
def delete_post(post_id): post = Post.query.get_or_404(post_id) if current_user != post.author and not current_user.can('MODERATE'): abort(403) db.session.delete(post) db.session.commit() flash('Post deleted.', 'success') return redirect_back()
def unfollow(username): user = User.query.filter_by(username=username).first_or_404() if not current_user.is_following(user): flash('Not follow yet.', 'info') return redirect(url_for('.index', username=username)) current_user.unfollow(user) flash('User unfollowed.', 'info') return redirect_back()
def delete_article(username, article_id): user = User.query.filter_by(username=username).first_or_404() if user != current_user: abort(403) article = Article.query.get_or_404(article_id) db.session.delete(article) db.session.commit() flash('Article deleted.', 'success') return redirect_back()
def re_authenticate(): if login_fresh(): return redirect(url_for('main.index')) form = LoginForm() if form.validate_on_submit() and current_user.validate_password( form.password.data): confirm_login() return redirect_back() return render_template('auth/login.html', form=form)
def set_comment(post_id): post = Post.query.get_or_404(post_id) if post.can_comment: post.can_comment = False flash('Comment disabled.', 'success') else: post.can_comment = True flash('Comment enabled.', 'success') db.session.commit() return redirect_back()
def follow(username): user = User.query.filter_by(username=username).first_or_404() if current_user.is_following(user): flash('Already followed.', 'info') return redirect(url_for('.index', username=username)) current_user.follow(user) flash('User followed.', 'success') if user.receive_follow_notification: push_follow_notification(follower=current_user, receiver=user) return redirect_back()
def edit_category(category_id): if category_id == 1: flash(u'禁止修改默认分类', 'warning') category = Category.query.get_or_404(category_id) form = CategoryForm() if form.validate_on_submit(): category.name = form.name.data db.session.commit() flash('Category updated.', 'success') return redirect_back() form.name.data = category.name return render_template('admin/edit_category.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data.lower()).first() if user is not None and user.validate_password(form.password.data): login_user(user, form.remember_me.data) flash('Login success.', 'info') return redirect_back() flash('Invalid email or password.', 'warning') return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('blog.index')) form = LoginForm() if form.validate_on_submit(): username = form['username'].data password = form['password'].data remember = form['remember'].data admin = Admin.query.first() if admin: if admin.username == username and admin.check_password(password): flash('Login successfully', 'info') login_user(user=admin, remember=remember) return redirect_back() else: flash('Invalid username or password.', 'warning') else: flash('No account.', 'warning') return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('blog.index')) form = LoginForm() if form.validate_on_submit(): username = form.username.data password = form.password.data remember = form.remember.data admin = Admin.query.first() if admin: if username == admin.username and admin.validate_password( password): login_user(admin, remember) flash('欢迎回来', 'info') return redirect_back() flash('用户名或密码错误', 'warning') else: flash('没有用户', 'warning') return render_template('auth/login.html', form=form)
def set_comment(post_id): return redirect_back()
def delete_post(post_id): post = Post.query.get_or_404(post_id) db.session.delete(post) db.session.commit() flash('Post deleted.', 'success') return redirect_back()
def delete_comment(comment_id): comment = Comment.query.get_or_404(comment_id) db.session.delete(comment) db.session.commit() flash('Comment deleted.', 'success') return redirect_back()
def approve_comment(comment_id): comment = Comment.query.get_or_404(comment_id) comment.reviewed = True db.session.commit() flash('Comment published.', 'success') return redirect_back()
def logout(): logout_user() flash('Logout success.', 'info') return redirect_back()
def logout(): logout_user() flash('登出成功', 'info') return redirect_back()
def unblock_user(user_id): user = User.query.get_or_404(user_id) user.unblock() flash('Block canceled.', 'info') return redirect_back()
def delete_tag(tag_id): tag = Tag.query.get_or_404(tag_id) db.session.delete(tag) db.session.commit() flash('Tag deleted.', 'info') return redirect_back()
def lock_user(user_id): user = User.query.get_or_404(user_id) user.lock() flash('Account locked.', 'info') return redirect_back()