def add_post_comment(post_id, form_data):
"""Add a comment to a post in the database."""
time_stamp = datetime.now()
comment_body = form_data.get("comment")
user_type = get_user_type_from_session()
if user_type == "patient":
author_type = "pat"
patient = get_current_patient()
author_id = patient.patient_id
else:
author_type = "diet"
dietitian = get_current_dietitian()
author_id = dietitian.dietitian_id
new_comment = Comment(post_id=post_id,
author_type=author_type,
author_id=author_id,
time_stamp=time_stamp,
comment_body=comment_body)
db.session.add(new_comment)
db.session.commit()
return (new_comment)
def reset_dietitian_password(dietitian_id):
"""Process reset of a dietitian's password."""
password = request.form.get("password")
dietitian = get_current_dietitian()
reset = reset_password(password, dietitian)
flash("Password successfully reset.")
return redirect(f"/dietitian/{dietitian_id}/account")
def decorated_view(*args, **kwargs):
user_type = get_user_type_from_session()
if user_type == "patient":
patient = get_current_patient()
return render_template("unauthorized.html", patient=patient)
dietitian_id = kwargs["dietitian_id"]
if not check_dietitian_authorization(dietitian_id):
dietitian = get_current_dietitian()
return render_template("unauthorized.html", dietitian=dietitian)
return fn(*args, **kwargs)
def decorated_view(*args, **kwargs):
user_type = get_user_type_from_session()
if user_type == "patient":
patient = get_current_patient()
return render_template("unauthorized.html", patient=patient)
patient_id = kwargs["patient_id"]
patient = Patient.query.get(patient_id)
if not patient or (patient.dietitian_id !=
session.get("dietitian_id")):
dietitian = get_current_dietitian()
return render_template("unauthorized.html", dietitian=dietitian)
return fn(*args, **kwargs)