def openGroup(groupId):
group = Group.query.filter_by(id=groupId).first()
if not group:
return homeController.homeWithCustomError("Group doesn't exist or you don't have access to it")
groupuser = Groupuser.query.filter_by(user_id=current_user.id, group_id=group.id).first()
if not groupuser and not current_user.admin:
return homeController.homeWithCustomError("Group doesn't exist or you don't have access to it")
return render_template("group/index.html", group = group, posts=Post.query.filter(Post.group_id == group.id), postForm = PostForm(), AddUserToGroupForm = AddUserToGroupForm(), users = Group.getUsers(groupId))
def openPost(postId):
post = Post.query.filter_by(id=postId).first()
if (post.group_id is not None):
if not groupController.canSeeGroupPost(post.group_id, current_user.id):
return homeController.homeWithCustomError("Unauthorized")
if not post:
return homeController.homeWithCustomError("Post not found")
return render_template("area/post.html",
post=post,
answers=Post.getRelatedAnswers(postId),
answerForm=AnswerForm(),
editForm=EditForm())
def deletePost(postId):
if not current_user.is_admin():
return homeController.homeWithCustomError("You are missing user rights required for this operation")
Post.query.filter_by(id=postId).delete()
db.session().commit()
return homeController.homeWithCustomMessage("Post removed successfully")
def addUserToGroup(groupId):
if not canSeeGroupPost(groupId, current_user.id):
return homeController.homeWithCustomError("You need to be a member in the group to complete this operation")
form = AddUserToGroupForm(request.form)
if not form.validate():
return homeController.home()
username = form.username.data
user = User.query.filter_by(username=username).first()
if not user:
return homeController.homeWithCustomError("user not found")
groupUser = Groupuser(user.id, groupId)
db.session().add(groupUser)
db.session().commit()
return openGroup(groupId)
def deleteGroup(groupId):
if not current_user.is_admin():
return homeController.homeWithCustomError("You are missing user rights required for this operation")
Group.query.filter_by(id=groupId).delete()
Groupuser.query.filter_by(group_id=groupId).delete()
Post.deleteGroupPosts(groupId)
db.session().commit()
return homeController.homeWithCustomMessage("Group removed successfully")
def removeUserFromGroup(groupId, userId):
if not canSeeGroupPost(groupId, current_user.id) and not current_user.admin:
return homeController.homeWithCustomError("You need to be a member in the group to complete this operation")
Groupuser.query.filter_by(user_id=userId, group_id=groupId).delete()
db.session.commit()
#Empty groups will be automatically deleted
if Group.isEmpty(groupId):
deleteGroup(groupId)
return openGroup(groupId)
def createArea():
form = AreaForm(request.form)
if not form.validate():
return homeController.home()
name = form.name.data
area = Area.query.filter_by(name=name).first()
if area:
return homeController.homeWithCustomError("Area name must be unique")
area = Area(name)
db.session().add(area)
db.session().commit()
return homeController.homeWithCustomMessage("Area created successfully")
def deletePost(postId):
if not current_user.is_admin():
return homeController.homeWithCustomError(
"You are missing user rights required for this operation")
post = Post.query.filter_by(id=postId).first()
if post.area_id:
updatePostCounts(post.area_id)
else:
updatePostCounts(-1)
Post.query.filter_by(id=postId).delete()
db.session().commit()
Answer.deleteUnconnectedAnswers()
return homeController.homeWithCustomMessage("Post removed successfully")
def createGroup():
form = GroupForm(request.form)
if not form.validate():
return homeController.home()
name = form.name.data
group = Group.query.filter_by(name=name).first()
if group:
return homeController.homeWithCustomError("Group name must be unique")
group = Group(name)
db.session().add(group)
db.session().commit()
groupUser = Groupuser(current_user.id, group.id)
db.session().add(groupUser)
db.session().commit()
return homeController.homeWithCustomMessage("Group created successfully")
def administration():
if (current_user.is_admin()):
return render_template("administration/index.html",
users=User.query.all())
return homeController.homeWithCustomError("This page is restricted")
def openArea(areaId):
area = Area.query.filter_by(id=areaId).first()
if not area:
return homeController.homeWithCustomError("Area not found")
return render_template("area/index.html", areaId = areaId, posts=Post.query.filter(Post.area_id == areaId), postForm = PostForm())