def new(to_user_id): user = current_user() if Mail.check_token(): return render_template('mail/mail_new.html', token=gg.token[user.id], to_user_id=to_user_id, user=user)
def admin_add(): if Mail.check_token(): User.check_admin() form = request.form for u in User.find_all(): if u.id != 1: m = Mail.new(form, receiver_id=u.id) return redirect( url_for('user.admin', token=gg.token[current_user().id]))
def add(): if Mail.check_token(): form = request.form # form里面有title,content,sender_id,receiver_id m = Mail.new(form) # 管理员 回到管理员 界面 if current_user().id == 1: return redirect(url_for('user.admin')) return redirect(url_for('.index'))
def update(mail_id): if Mail.check_token(): form = request.form m = Mail.find(mail_id) if current_user().id in [m.receiver_id, m.sender_id]: Mail.update(form) # redirect有必要加query吗 return redirect(url_for('.index')) else: abort(401)
def edit(mail_id): user = current_user() if Mail.check_token(): # mail_id = int(request.args.get('id', -1)) m = Mail.find(mail_id) if current_user().id in [m.receiver_id, m.sender_id]: return render_template('mail/mail_edit.html', m=m, token=gg.token[user.id], user=user) else: abort(401)
def delete(mail_id): if Mail.check_token(): Mail.receiver_sender_delete(mail_id) return redirect(url_for('.index'))