def preprocess(comment, post, edit=False, delete=False):
if request.method == 'GET':
create_token()
if delete:
return render_template('comments/delete.html', comment=comment)
return render_template('comments/edit.html', comment=comment,
post=post, edit=edit)
if not delete:
if not request.form['content']:
if g.json:
return jsonify(status='error',
message='You need to add some content.',
token=create_token())
flash('You need to add some content.', 'error')
return render_template('comments/edit.html', comment=comment,
post=post, edit=edit)
if not validate_token():
if g.json:
return jsonify(status='error', message='Tokens did not match. ' +
'Try again.', token=create_token())
flash('Tokens did not match. Try again.', 'error')
if delete:
return redirect(url_for('comments.delete', id=comment.id))
create_token()
return render_template('comments/edit.html', comment=comment,
post=post, edit=edit)
return None
def preprocess(post, edit):
if request.method == 'GET':
session['token'] = create_token()
return render_template('posts/edit.html', post=post, edit=edit), None
req_tags = request.form['tags']
req_tags = map(prepare_tag_name, req_tags.split())
tags = get_tags(req_tags)
req_tags = ' '.join(req_tags)
if request.form['action'] == 'preview':
p = Post(request.form['title'], request.form['content'], g.user)
p.id = post.id if post else -1
return render_template('posts/edit.html', post=p, preview=True,
edit=edit, tags=req_tags), None
if tags is None:
return render_template('posts/edit.html', post=post, edit=edit,
tags=req_tags), None
if not validate_token():
flash('Tokens did not match. Try again.', 'error')
if edit:
return redirect(url_for('posts.edit', id=post.id)), None
else:
return redirect(url_for('posts.create')), None
return None, tags
def delete(id):
if not g.user:
abort(403)
post = get_post(id)
if request.method == 'GET':
session['token'] = create_token()
return render_template('posts/delete.html', post=post)
if not validate_token():
return redirect(url_for('posts.delete', id=post.id))
if request.form['action'] != 'delete':
return redirect(url_for('posts.show', id=post.id))
app.logger.info('Deleting post %d', post.id)
for comment in post.comments:
db.session.delete(comment)
db.session.delete(post)
db.session.commit()
flash('Post deleted!', 'success')
return redirect(url_for('index'))
def preprocess(tag, edit):
if request.method == 'GET':
session['token'] = create_token()
return render_template('tags/edit.html', tag=tag, edit=edit)
if not validate_token():
flash('Tokens did not match. Try again.', 'error')
if edit:
return redirect(url_for('tags.edit', id=tag.id))
else:
return redirect(url_for('tags.create'))
return None
def delete(id):
if not g.user:
abort(403)
tag = get_tag(id)
if request.method == 'GET':
session['token'] = create_token()
return render_template('tags/delete.html', tag=tag)
if not validate_token():
return redirect(url_for('tags.delete', id=tag.id))
if request.form['action'] != 'delete':
return redirect(url_for('tags.show', id=tag.id))
app.logger.info('Deleting tag %d', tag.id)
db.session.delete(tag)
db.session.commit()
flash('Tag deleted!', 'success')
return redirect(url_for('index'))