def edit_post(post_id): post = dbOps.get_post(post_id=post_id) form = EditPostForm(request.form, obj=post) creator = post.creator user_id = session['user_id'] if not session.get('logged_in'): return "You are not logged in" if not creator.user_id == user_id: return "You do not have permission to edit this post" post = dbOps.get_post(post_id) if not post: return "This post does not exist" if request.method == 'GET': return render_template("edit_post_page.html", post_id=post_id, form=form) if request.method == 'POST' and form.validate(): new_title = form.textbook_title.data new_author = form.textbook_author.data if (not new_title) or (not new_author): errors = ['Please enter a title or author'] flash(errors[0]) return render_template("edit_post_page.html", post_id=post_id, form=form) dbOps.update_existing_post(post_id, new_title, new_author) flash('Post has been updated') return redirect(url_for('show_user_page', user_id=creator.user_id))
def contact_seller(): message = request.form['contact_message'] email = request.form['contact_recipient'] # Email of person that posted the textbook sender_email = request.form['contact_email'] # Email of person that is interested in textbook post_id = request.form['post_id'] user_id = session['user_id'] book_for_sale = dbOps.get_post(post_id) dbOps.send_contact_seller_email(email, sender_email, mail_manager, message, book_for_sale.textbook_title) return redirect(url_for("show_user_page", user_id=user_id))
def show_post(post_id): if not session.get('logged_in'): return 'You are not logged in' if request.method == 'GET': post = dbOps.get_post(post_id=post_id) if post: return render_template("post_page.html", post=post, user_id=session['user_id']) else: return "The post you are trying to access does not exist" if request.method == 'POST': creator = dbOps.get_post(post_id=post_id).creator if request.form['submit'] == 'Delete this post': dbOps.remove_post(post_id) flash("Post deleted successfully") return redirect(url_for("show_user_page", user_id=creator.user_id)) elif request.form['submit'] == 'Edit this post': return redirect(url_for("edit_post", post_id=post_id)) else: return 'No other options implemented yet'
def contact_seller(): message = request.form['contact_message'] email = request.form[ 'contact_recipient'] # Email of person that posted the textbook sender_email = request.form[ 'contact_email'] # Email of person that is interested in textbook post_id = request.form['post_id'] user_id = session['user_id'] book_for_sale = dbOps.get_post(post_id) dbOps.send_contact_seller_email(email, sender_email, mail_manager, message, book_for_sale.textbook_title) return redirect(url_for("show_user_page", user_id=user_id))
def edit_post(post_id): post = dbOps.get_post(post_id=post_id) form = EditPostForm(request.form, obj=post) creator = post.creator user_id = session['user_id'] if not session.get('logged_in'): return "You are not logged in" if not creator.user_id==user_id: return "You do not have permission to edit this post" post = dbOps.get_post(post_id) if not post: return "This post does not exist" if request.method == 'GET': return render_template("edit_post_page.html", post_id=post_id, form=form) if request.method == 'POST' and form.validate(): new_title = form.textbook_title.data new_author = form.textbook_author.data if (not new_title) or (not new_author): errors = ['Please enter a title or author'] flash(errors[0]) return render_template("edit_post_page.html", post_id=post_id, form=form) dbOps.update_existing_post(post_id, new_title, new_author) flash('Post has been updated') return redirect(url_for('show_user_page', user_id=creator.user_id))