def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.name = form.name.data
role = Role.query.get(form.role.data)
if role.name == 'Locked':
user.lock()
user.role = role
user.bio = form.bio.data
user.website = form.website.data
user.confirmed = form.confirmed.data
user.active = form.active.data
user.location = form.location.data
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash('信息已更改.', 'success')
return redirect_back()
form.name.data = user.name
form.role.data = user.role_id
form.bio.data = user.bio
form.website.data = user.site
form.location.data = user.location
form.username.data = user.username
form.email.data = user.email
form.confirmed.data = user.confirmed
form.active.data = user.active
return render_template('admin/edit_profile.html', form=form, user=user)
def set_comment(blog_id):
post = Blog.query.get_or_404(blog_id)
if post.can_comment:
post.can_comment = False
flash('评论已禁止', 'success')
else:
post.can_comment = True
flash('评论已开放', 'success')
db.session.commit()
return redirect_back()
def manage_post():
page = request.args.get('page', 1, type=int)
admin = User.query.get(current_user.id).admin
if admin is None:
flash('对不起,您还未能开通博客权限!', 'success')
return redirect_back()
pagination = Blog.query.with_parent(admin).order_by(
Blog.timestamp.desc()).paginate(page, per_page=current_app.config['BLUELOG_MANAGE_POST_PER_PAGE'])
posts = pagination.items
return render_template('admin/manage_post.html', pagination=pagination, posts=posts)
def re_authenticate():
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(
form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def search():
q = request.args.get('q', '')
if q == '':
flash('可搜索到的关键词包含文章,图文,分类,标签,以及用户', 'warning')
return redirect_back()
category = request.args.get('category', 'photo')
page = request.args.get('page', 1, type=int)
per_page = current_app.config['CLOWELOG_SEARCH_RESULT_PER_PAGE']
if category == 'user':
pagination = User.query.whooshee_search(q).paginate(page, per_page)
elif category == 'tag':
pagination = Tag.query.whooshee_search(q).paginate(page, per_page)
else:
pagination = Blog.query.whooshee_search(q).paginate(page, per_page)
results = pagination.items
return render_template('blog/search.html', q=q, results=results, pagination=pagination, category=category)
def login():
if current_user.is_authenticated:
return redirect(url_for('blog.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user:
if user is not None and user.validate_password(form.password.data):
if login_user(user, form.remember.data):
flash('欢迎回来~,' + user.name, 'info')
return redirect_back()
else:
flash('你的账户已经被锁定', 'warning')
return redirect(url_for('blog.index'))
flash('用户名与密码不匹配!', 'warning')
else:
flash('没有该账号!', 'warning')
return render_template('auth/login.html', form=form)
def manage_category():
admin = User.query.get(current_user.id).admin
if admin is None:
flash('对不起,您还未能开通博客权限!', 'success')
return redirect_back()
return render_template('admin/manage_category.html')
def approve_comment(comment_id):
comment = Comment.query.get_or_404(comment_id)
comment.reviewed = True
db.session.commit()
flash('评论已允许', 'success')
return redirect_back()
def approve_user(user_id):
user = User.query.get_or_404(user_id)
user.open_admin()
# db.session.commit()
flash('已为其开通博客', 'success')
return redirect_back()
def delete_user(user_id):
user = User.query.get_or_404(user_id)
db.session.delete(user)
db.session.commit()
flash('用户已删除!', 'success')
return redirect_back()
def delete_tag(tag_id):
tag = Tag.query.get_or_404(tag_id)
db.session.delete(tag)
db.session.commit()
flash('Tag deleted.', 'info')
return redirect_back()
def unlock_user(user_id):
user = User.query.get_or_404(user_id)
user.unlock()
flash('解锁.', 'info')
return redirect_back()
def block_user(user_id):
user = User.query.get_or_404(user_id)
user.block()
flash('该账户已封禁.', 'info')
return redirect_back()