def add_post(request):
if not utils.user_has_admin_rights(request.user):
raise PermissionDenied
if request.method == "POST":
# Create a form instance and populate it with data from the request:
form = BlogPostForm(request.POST)
if form.is_valid():
newPost = form.save(commit=False)
newPost.author_user_id = request.user.username
newPost.author_email = request.user.email
newPost.save()
pk = newPost._get_pk_val()
# Go back to the admin page, but pas back the primary key of the
# new object so that we can find it
response = redirect("blog.views.admin")
response["Location"] += "?pk=" + str(pk)
return response
else:
# Create a blank form
form = BlogPostForm()
templateDict = get_template_dict("Admin", request.user)
templateDict["form"] = form
return render(request, "blog/add_edit_post.html", templateDict)
def edit_post(request, slug):
if not utils.user_has_admin_rights(request.user):
raise PermissionDenied
blog_post = get_object_or_404(BlogPost, slug=slug)
if blog_post.author_user_id != request.user.username:
raise PermissionDenied
if request.method == "POST":
# Create a form instance and populate it with data from the request:
form = BlogPostForm(request.POST, instance=blog_post)
if form.is_valid():
form.save()
# Go back to the admin page
return redirect("blog.views.admin")
else:
# Create a form from the existing blog post
form = BlogPostForm(instance=blog_post)
templateDict = get_template_dict("Admin", request.user)
templateDict["form"] = form
templateDict["editing_post"] = True
templateDict["edit_link"] = blog_post.get_absolute_edit_url()
return render(request, "blog/add_edit_post.html", templateDict)
def admin_view_post(request, slug):
if not utils.user_has_admin_rights(request.user):
raise PermissionDenied
templateDict = get_template_dict("Home", request.user)
templateDict["post"] = get_object_or_404(BlogPost, slug=slug)
templateDict["post_formatted_text"] = format_text(templateDict["post"].text)
return render_to_response("blog/admin_view_post.html", templateDict)
def delete_post(request, slug):
if not utils.user_has_admin_rights(request.user):
raise PermissionDenied
blog_post = get_object_or_404(BlogPost, slug=slug)
if blog_post.author_user_id != request.user.username:
raise PermissionDenied
blog_post.delete()
return redirect("blog.views.admin")
def admin(request):
if not utils.user_has_admin_rights(request.user):
raise PermissionDenied
# As we're using the GAE datastore objects.all() may not return consistent results
# especially if a post has just been added. Having an optional primary key parameter
# allows us to enforce strong consistency by performing a get for that object
pk = request.GET.get("pk", None)
blogPosts = list(BlogPost.objects.all())
if pk != None:
pkFound = False
for post in blogPosts:
if unicode(post._get_pk_val()) == pk:
pkFound = True
break
if not pkFound:
blogPost = BlogPost.objects.get(pk=pk)
if blogPost != None:
blogPosts.append(blogPost)
blogPosts = sorted(
blogPosts, reverse=True, key=lambda x: x.posted_date_time if x.posted_date_time != None else timezone.now()
)
# Mark all blog posts which the current user owns
for post in blogPosts:
if unicode(post.author_user_id) == request.user.username:
post.cur_user_is_owner = True
else:
post.cur_user_is_owner = False
templateDict = get_template_dict("Admin", request.user)
templateDict["posts"] = blogPosts
return render_to_response("blog/admin.html", templateDict)