def audit_blog(): can_publish = request.json.get('can_publish', None) blog_id = request.json.get('blog_id', None) if can_publish is None or blog_id is None: return jsonify(dict(success=False, message=u'操作有误,不要乱搞哦')) blog = api_blog.get_or_404(blog_id) api_blog.update(blog, can_publish=can_publish) return jsonify(dict(success=True))
def change_blog(blog_id, category): """Edit the blog. :param id: blog id. """ blog = api_blog.get(blog_id) if blog.user != current_user: flash(gettext('This is not your blog'), category='error') abort(403) blog_form = BlogForm(obj=blog) if blog_form.validate_on_submit(): flash(u'更新成功') api_blog.update(blog, **blog_form.data) return redirect(url_for('.detail_blog', blog_id=blog_id, category=category)) if request.method == 'POST': flash(u'更新失败,请检查', category='danger') return render_template('blog/create.html', blog_form=blog_form, category=category, action_url=url_for('.change_blog', blog_id=blog_id, category=category))
def change_blog(blog_id): """Edit the blog. :param id: blog id. """ blog = api_blog.get(blog_id) if blog.user != current_user: return jsonres(rv=None, metacode=403, msg=u'这不是您的,你不能修改', code=403) blog_form = BlogUpdateForm() #json方式,不能验证csrf_token blog_form.csrf_enabled = False if blog_form.validate_on_submit(): api_blog.update(blog, **blog_form.data) return jsonres() #构造表单验证错误,返回 return jsonres(msg=blog_form.errors, metacode=400, code=400)
def detail_blog(blog_id, category): blog = api_blog.get_or_404(blog_id) api_blog.update(blog, read_count=blog.read_count + 1) return render_template('blog/detail.html', blog=blog, category=category)