Example #1
0
def add_post(request):

    if not utils.user_has_admin_rights(request.user):
        raise PermissionDenied

    if request.method == "POST":
        # Create a form instance and populate it with data from the request:
        form = BlogPostForm(request.POST)

        if form.is_valid():

            newPost = form.save(commit=False)
            newPost.author_user_id = request.user.username
            newPost.author_email = request.user.email
            newPost.save()
            pk = newPost._get_pk_val()

            # Go back to the admin page, but pas back the primary key of the
            # new object so that we can find it
            response = redirect("blog.views.admin")
            response["Location"] += "?pk=" + str(pk)
            return response

    else:
        # Create a blank form
        form = BlogPostForm()

    templateDict = get_template_dict("Admin", request.user)
    templateDict["form"] = form

    return render(request, "blog/add_edit_post.html", templateDict)
Example #2
0
def edit_post(request, slug):

    if not utils.user_has_admin_rights(request.user):
        raise PermissionDenied

    blog_post = get_object_or_404(BlogPost, slug=slug)

    if blog_post.author_user_id != request.user.username:
        raise PermissionDenied

    if request.method == "POST":
        # Create a form instance and populate it with data from the request:
        form = BlogPostForm(request.POST, instance=blog_post)

        if form.is_valid():

            form.save()

            # Go back to the admin page
            return redirect("blog.views.admin")

    else:
        # Create a form from the existing blog post
        form = BlogPostForm(instance=blog_post)

    templateDict = get_template_dict("Admin", request.user)
    templateDict["form"] = form
    templateDict["editing_post"] = True
    templateDict["edit_link"] = blog_post.get_absolute_edit_url()

    return render(request, "blog/add_edit_post.html", templateDict)
Example #3
0
def admin_view_post(request, slug):

    if not utils.user_has_admin_rights(request.user):
        raise PermissionDenied

    templateDict = get_template_dict("Home", request.user)
    templateDict["post"] = get_object_or_404(BlogPost, slug=slug)
    templateDict["post_formatted_text"] = format_text(templateDict["post"].text)

    return render_to_response("blog/admin_view_post.html", templateDict)
Example #4
0
def delete_post(request, slug):

    if not utils.user_has_admin_rights(request.user):
        raise PermissionDenied

    blog_post = get_object_or_404(BlogPost, slug=slug)
    if blog_post.author_user_id != request.user.username:
        raise PermissionDenied

    blog_post.delete()

    return redirect("blog.views.admin")
Example #5
0
def admin(request):

    if not utils.user_has_admin_rights(request.user):
        raise PermissionDenied

    # As we're using the GAE datastore objects.all() may not return consistent results
    # especially if a post has just been added. Having an optional primary key parameter
    # allows us to enforce strong consistency by performing a get for that object
    pk = request.GET.get("pk", None)
    blogPosts = list(BlogPost.objects.all())

    if pk != None:

        pkFound = False
        for post in blogPosts:
            if unicode(post._get_pk_val()) == pk:
                pkFound = True
                break

        if not pkFound:
            blogPost = BlogPost.objects.get(pk=pk)
            if blogPost != None:
                blogPosts.append(blogPost)

    blogPosts = sorted(
        blogPosts, reverse=True, key=lambda x: x.posted_date_time if x.posted_date_time != None else timezone.now()
    )

    # Mark all blog posts which the current user owns
    for post in blogPosts:
        if unicode(post.author_user_id) == request.user.username:
            post.cur_user_is_owner = True
        else:
            post.cur_user_is_owner = False

    templateDict = get_template_dict("Admin", request.user)
    templateDict["posts"] = blogPosts

    return render_to_response("blog/admin.html", templateDict)