def post(post_id): # form for deleting posts and one for adding comments delete_form = DeletePostForm() comment_form = CommentForm() post = Post.objects().get_or_404(id=post_id) comments = Comment.objects(post=post) # finds the amount of likes for the post likes = len(post.user_likes) is_liked = False comments = Comment.objects(post=post) # if user has liked post is_liked is true if post in current_user.liked_posts: is_liked = True if comment_form.validate_on_submit(): comment = Comment(comment=comment_form.comment.data, comment_author=current_user.id, post=post) comment.save() flash("Comment posted.", "success") return redirect( url_for("posts.post", post_id=post.id, title=post.title)) return render_template("posts/post.html", title=post.title, post=post, delete_form=delete_form, comments=comments, comment_form=comment_form, likes=likes, is_liked=is_liked)
def update_post(post_id): post = Post.objects().get_or_404(id=post_id) # throw a 403 error if a user has managed to get to this # page and they weren't the posts author. if post.author.id != current_user.id: abort(403) form = PostForm() categories = [(cat.category_name) for cat in Categories.objects] form.category.choices = categories # saves post to the database on form submition if form.validate_on_submit(): category = Categories.objects(category_name=form.category.data).first() post.title = form.title.data post.content = form.content.data post.category = category.id post.save() flash("Your post has been updated", "success") return redirect(url_for("posts.post", post_id=post.id)) # fills the form with the details from the database elif request.method == "GET": form.title.data = post.title form.content.data = post.content form.category.data = post.category.category_name return render_template("posts/update_post.html", title="Update Post", form=form)
def update_comment(post_id, comment_id): delete_form = DeletePostForm() comment_form = UpdateCommentForm() post = Post.objects().get_or_404(id=post_id) comments = Comment.objects(post=post) comment = Comment.objects.get_or_404(id=comment_id) likes = len(post.user_likes) is_liked = False if post in current_user.liked_posts: is_liked = True if request.method == "GET": comment_form.comment.data = comment.comment print(request.endpoint) if comment_form.validate_on_submit(): comment.comment = comment_form.comment.data comment.save() flash("Comment has been updated", "success") return redirect( url_for("posts.post", post_id=post_id, likes=likes, is_like=is_liked)) return render_template("posts/post.html", title="Update Comment", post=post, delete_form=delete_form, comments=comments, comment_form=comment_form, likes=likes, is_liked=is_liked)
def add_post(): form = PostForm() # get categorie names for select input and loop thorough them categories = [(category.category_name) for category in Categories.objects] form.category.choices = categories # add the post to the database on form submit if form.validate_on_submit(): category = Categories.objects(category_name=form.category.data).first() post = Post(title=form.title.data, content=form.content.data, author=current_user.id, category=category.id) post.save() flash("post has been posted successfully", "success") return redirect(url_for("posts.all_posts")) return render_template("posts/new_post.html", title="New Post", form=form)
def dashboard(): if current_user.username != "admin": abort(403) users = User.objects() posts = Post.objects() categories = Categories.objects() return render_template("admin/dashboard.html", title="Dashboard", users=users, posts=posts, categories=categories,)
def liked_post(post_id): post = Post.objects().get_or_404(id=post_id) # adds liked post to the users liked post array and the user details to the # posts liked array if post not in current_user.liked_posts: current_user.liked_posts.append(post.id) current_user.save() post.user_likes.append(current_user.id) post.save() flash("Post liked") return redirect(url_for("posts.post", post_id=post.id))
def all_posts(): form = SearchForm() categories = Categories.objects() # Paginates the results setting 4 posts per page page = request.args.get("page", 1, type=int) posts = Post.objects().order_by("-date_posted").paginate(page=page, per_page=4) return render_template("posts/all_posts.html", title="Latest Posts", posts=posts, heading="Recent Posts", form=form, categories=categories)
def delete_category(category_id): if current_user.username != "admin": abort(403) form = DeleteCategoryForm() if request.method == "POST": category = Categories.objects().get_or_404(id=category_id) posts = Post.objects(category=category) category.delete() posts.delete() flash("Category has been deleted", "success") return redirect(url_for("admin.dashboard")) return render_template("admin/delete_category.html", title="Delete Category", form=form)
def category_posts(category_id): form = SearchForm() categories = Categories.objects() page = request.args.get('page', 1, type=int) category = Categories.objects(id=category_id).first_or_404() posts = Post.objects(category=category).order_by("-date_posted").paginate( page=page, per_page=4) return render_template("posts/posts_categories.html", title=f"{category.category_name} Posts", posts=posts, heading=f"{category.category_name} Posts", form=form, category=category, categories=categories)
def users_posts(username): categories = Categories.objects() form = SearchForm() page = request.args.get('page', 1, type=int) user = User.objects(username=username).first_or_404() posts = Post.objects(author=user.id).order_by("-date_posted").paginate( page=page, per_page=4) return render_template("users/users_posts.html", title=f"{user.username}'s Posts", posts=posts, heading=f"{user.username}'s Posts", form=form, categories=categories, user=user)
def delete_account(username): if request.method == "POST": # find user in database and delete their details user = User.objects(username=username).first() posts = Post.objects(author=user) comments = Comment.objects(comment_author=user) user.delete() posts.delete() comments.delete() flash("Account deleted successfully", "success") return redirect(url_for("main.home")) # if the users types this route into the url it will # give an error so the account can only be deleted from the modal form # on the users account page. return abort(403)
def home(): if current_user.is_authenticated: return redirect(url_for("posts.all_posts")) posts = Post.objects().order_by("-date_posted") return render_template("main/home.html", posts=posts)