def edit_post(post_id, slug=None):
post = Post.query.filter_by(id=post_id).first()
# abort if no post is found
if not post:
abort(404)
# check if the user has the right permissions to edit this post
if not can_modify(post, current_user):
flash(_("You are not allowed to delete this post."), "danger")
return redirect(url_for("blog.index"))
form = PostForm()
if form.validate_on_submit():
# this will update the changed attributes
form.populate_obj(post)
post.save()
flash(_("This post has been edited"), "success")
return redirect(url_for("blog.view_post", post_id=post.id,
slug=post.slug))
else:
form.title.data = post.title
form.content.data = post.content
return render_template("blog/post_form.html", post=post, form=form,
mode="edit")
def new_post():
form = PostForm()
if form.validate_on_submit():
post = form.save(current_user)
flash(_("Your post has been saved!"), "success")
return redirect(url_for("blog.view_post", post_id=post.id))
return render_template("blog/post_form.html", form=form, mode="new")
