def post(post_id):
# form for deleting posts and one for adding comments
delete_form = DeletePostForm()
comment_form = CommentForm()
post = Post.objects().get_or_404(id=post_id)
comments = Comment.objects(post=post)
# finds the amount of likes for the post
likes = len(post.user_likes)
is_liked = False
comments = Comment.objects(post=post)
# if user has liked post is_liked is true
if post in current_user.liked_posts:
is_liked = True
if comment_form.validate_on_submit():
comment = Comment(comment=comment_form.comment.data,
comment_author=current_user.id,
post=post)
comment.save()
flash("Comment posted.", "success")
return redirect(
url_for("posts.post", post_id=post.id, title=post.title))
return render_template("posts/post.html",
title=post.title,
post=post,
delete_form=delete_form,
comments=comments,
comment_form=comment_form,
likes=likes,
is_liked=is_liked)
def update_post(post_id):
post = Post.objects().get_or_404(id=post_id)
# throw a 403 error if a user has managed to get to this
# page and they weren't the posts author.
if post.author.id != current_user.id:
abort(403)
form = PostForm()
categories = [(cat.category_name) for cat in Categories.objects]
form.category.choices = categories
# saves post to the database on form submition
if form.validate_on_submit():
category = Categories.objects(category_name=form.category.data).first()
post.title = form.title.data
post.content = form.content.data
post.category = category.id
post.save()
flash("Your post has been updated", "success")
return redirect(url_for("posts.post", post_id=post.id))
# fills the form with the details from the database
elif request.method == "GET":
form.title.data = post.title
form.content.data = post.content
form.category.data = post.category.category_name
return render_template("posts/update_post.html",
title="Update Post",
form=form)
def update_comment(post_id, comment_id):
delete_form = DeletePostForm()
comment_form = UpdateCommentForm()
post = Post.objects().get_or_404(id=post_id)
comments = Comment.objects(post=post)
comment = Comment.objects.get_or_404(id=comment_id)
likes = len(post.user_likes)
is_liked = False
if post in current_user.liked_posts:
is_liked = True
if request.method == "GET":
comment_form.comment.data = comment.comment
print(request.endpoint)
if comment_form.validate_on_submit():
comment.comment = comment_form.comment.data
comment.save()
flash("Comment has been updated", "success")
return redirect(
url_for("posts.post",
post_id=post_id,
likes=likes,
is_like=is_liked))
return render_template("posts/post.html",
title="Update Comment",
post=post,
delete_form=delete_form,
comments=comments,
comment_form=comment_form,
likes=likes,
is_liked=is_liked)
def add_post():
form = PostForm()
# get categorie names for select input and loop thorough them
categories = [(category.category_name) for category in Categories.objects]
form.category.choices = categories
# add the post to the database on form submit
if form.validate_on_submit():
category = Categories.objects(category_name=form.category.data).first()
post = Post(title=form.title.data,
content=form.content.data,
author=current_user.id,
category=category.id)
post.save()
flash("post has been posted successfully", "success")
return redirect(url_for("posts.all_posts"))
return render_template("posts/new_post.html", title="New Post", form=form)
def dashboard():
if current_user.username != "admin":
abort(403)
users = User.objects()
posts = Post.objects()
categories = Categories.objects()
return render_template("admin/dashboard.html",
title="Dashboard",
users=users,
posts=posts,
categories=categories,)
def liked_post(post_id):
post = Post.objects().get_or_404(id=post_id)
# adds liked post to the users liked post array and the user details to the
# posts liked array
if post not in current_user.liked_posts:
current_user.liked_posts.append(post.id)
current_user.save()
post.user_likes.append(current_user.id)
post.save()
flash("Post liked")
return redirect(url_for("posts.post", post_id=post.id))
def all_posts():
form = SearchForm()
categories = Categories.objects()
# Paginates the results setting 4 posts per page
page = request.args.get("page", 1, type=int)
posts = Post.objects().order_by("-date_posted").paginate(page=page,
per_page=4)
return render_template("posts/all_posts.html",
title="Latest Posts",
posts=posts,
heading="Recent Posts",
form=form,
categories=categories)
def delete_category(category_id):
if current_user.username != "admin":
abort(403)
form = DeleteCategoryForm()
if request.method == "POST":
category = Categories.objects().get_or_404(id=category_id)
posts = Post.objects(category=category)
category.delete()
posts.delete()
flash("Category has been deleted", "success")
return redirect(url_for("admin.dashboard"))
return render_template("admin/delete_category.html",
title="Delete Category",
form=form)
def category_posts(category_id):
form = SearchForm()
categories = Categories.objects()
page = request.args.get('page', 1, type=int)
category = Categories.objects(id=category_id).first_or_404()
posts = Post.objects(category=category).order_by("-date_posted").paginate(
page=page, per_page=4)
return render_template("posts/posts_categories.html",
title=f"{category.category_name} Posts",
posts=posts,
heading=f"{category.category_name} Posts",
form=form,
category=category,
categories=categories)
def users_posts(username):
categories = Categories.objects()
form = SearchForm()
page = request.args.get('page', 1, type=int)
user = User.objects(username=username).first_or_404()
posts = Post.objects(author=user.id).order_by("-date_posted").paginate(
page=page, per_page=4)
return render_template("users/users_posts.html",
title=f"{user.username}'s Posts",
posts=posts,
heading=f"{user.username}'s Posts",
form=form,
categories=categories,
user=user)
def delete_account(username):
if request.method == "POST":
# find user in database and delete their details
user = User.objects(username=username).first()
posts = Post.objects(author=user)
comments = Comment.objects(comment_author=user)
user.delete()
posts.delete()
comments.delete()
flash("Account deleted successfully", "success")
return redirect(url_for("main.home"))
# if the users types this route into the url it will
# give an error so the account can only be deleted from the modal form
# on the users account page.
return abort(403)
def home():
if current_user.is_authenticated:
return redirect(url_for("posts.all_posts"))
posts = Post.objects().order_by("-date_posted")
return render_template("main/home.html", posts=posts)