def editReview(product_id, review_id):
currentUser = getCurrentUser()
product = session.query(Product).filter(Product.id == product_id).one()
review = session.query(Review).filter(Review.id == review_id).one()
# Only allow review edits if reviewer is the current user
if matchesLoginUser(review.user):
form = ReviewForm(request.form, review)
if form.validate_on_submit():
form.populate_obj(review)
session.add(review)
session.commit()
return redirect(url_for('product', product_id=product_id))
else:
return render_template('edit-review.html',
currentUser=currentUser,
form=form,
product=product,
review=review)
else:
return redirect(url_for('home'))
def addReview(product_id):
currentUser = getCurrentUser()
product = session.query(Product).filter(Product.id == product_id).one()
# Only allow logged in users to add a review
if currentUser is not None:
form = ReviewForm(request.form)
if form.validate_on_submit():
review = Review()
form.populate_obj(review)
review.user = currentUser
review.product = product
session.add(review)
session.commit()
return redirect(url_for('product', product_id=product_id))
else:
return render_template('add-review.html',
currentUser=currentUser,
form=form,
product=product)
else:
return redirect(url_for('product', product_id=product_id))
