def preprocess(post, edit):
if request.method == 'GET':
session['token'] = create_token()
return render_template('posts/edit.html', post=post, edit=edit), None
req_tags = request.form['tags']
req_tags = map(prepare_tag_name, req_tags.split())
tags = get_tags(req_tags)
req_tags = ' '.join(req_tags)
if request.form['action'] == 'preview':
p = Post(request.form['title'], request.form['content'], g.user)
p.id = post.id if post else -1
return render_template('posts/edit.html', post=p, preview=True,
edit=edit, tags=req_tags), None
if tags is None:
return render_template('posts/edit.html', post=post, edit=edit,
tags=req_tags), None
if not validate_token():
flash('Tokens did not match. Try again.', 'error')
if edit:
return redirect(url_for('posts.edit', id=post.id)), None
else:
return redirect(url_for('posts.create')), None
return None, tags
def delete(id):
if not g.user:
abort(403)
post = get_post(id)
if request.method == 'GET':
session['token'] = create_token()
return render_template('posts/delete.html', post=post)
if not validate_token():
return redirect(url_for('posts.delete', id=post.id))
if request.form['action'] != 'delete':
return redirect(url_for('posts.show', id=post.id))
app.logger.info('Deleting post %d', post.id)
for comment in post.comments:
db.session.delete(comment)
db.session.delete(post)
db.session.commit()
flash('Post deleted!', 'success')
return redirect(url_for('index'))
def preprocess(comment, post, edit=False, delete=False):
if request.method == 'GET':
create_token()
if delete:
return render_template('comments/delete.html', comment=comment)
return render_template('comments/edit.html', comment=comment,
post=post, edit=edit)
if not delete:
if not request.form['content']:
if g.json:
return jsonify(status='error',
message='You need to add some content.',
token=create_token())
flash('You need to add some content.', 'error')
return render_template('comments/edit.html', comment=comment,
post=post, edit=edit)
if not validate_token():
if g.json:
return jsonify(status='error', message='Tokens did not match. ' +
'Try again.', token=create_token())
flash('Tokens did not match. Try again.', 'error')
if delete:
return redirect(url_for('comments.delete', id=comment.id))
create_token()
return render_template('comments/edit.html', comment=comment,
post=post, edit=edit)
return None
def preprocess(tag, edit):
if request.method == 'GET':
session['token'] = create_token()
return render_template('tags/edit.html', tag=tag, edit=edit)
if not validate_token():
flash('Tokens did not match. Try again.', 'error')
if edit:
return redirect(url_for('tags.edit', id=tag.id))
else:
return redirect(url_for('tags.create'))
return None
def create():
try:
post_id = int(request.form['post_id'])
except ValueError:
abort(400)
post = get_post(post_id)
if g.user:
comment = Comment(request.form['content'], post, user=g.user)
else:
comment = Comment(request.form['content'], post,
username=request.form['username'])
if not request.form['username']:
if g.json:
return jsonify(status='error',
message='You have to add a name.',
token=create_token())
flash('You have to add a name.', 'error')
session['token'] = create_token()
return render_template('comments/edit.html', comment=comment,
post=post, edit=False)
res = preprocess(comment, post=post)
if res:
return res
db.session.add(comment)
db.session.commit()
app.logger.info('Created comment %d', comment.id)
if g.json:
return jsonify(status='success', message='Comment added.',
token=create_token(), id=comment.id)
flash('Comment created.', 'success')
return redirect(url_for('posts.show', id=post_id))
def delete(id):
if not g.user:
abort(403)
tag = get_tag(id)
if request.method == 'GET':
session['token'] = create_token()
return render_template('tags/delete.html', tag=tag)
if not validate_token():
return redirect(url_for('tags.delete', id=tag.id))
if request.form['action'] != 'delete':
return redirect(url_for('tags.show', id=tag.id))
app.logger.info('Deleting tag %d', tag.id)
db.session.delete(tag)
db.session.commit()
flash('Tag deleted!', 'success')
return redirect(url_for('index'))
def delete(id):
if not g.user:
abort(403)
comment = get_comment(id)
res = preprocess(comment, delete=True, post=comment.post)
if res:
return res
if request.form['action'] != 'delete':
return redirect(url_for('posts.show', id=comment.post.id))
post_id = comment.post.id
db.session.delete(comment)
db.session.commit()
if g.json:
return jsonify(status='success', message='Comment deleted',
token=create_token())
flash('Comment deleted!', 'success')
return redirect(url_for('posts.show', id=post_id))
def edit(id):
if not g.user:
abort(403)
comment = get_comment(id)
res = preprocess(comment, edit=True, post=comment.post)
if res:
return res
if 'username' in request.form and request.form['username']:
comment.username = request.form['username']
comment.content = request.form['content']
db.session.commit()
app.logger.info('Edited comment %d.', comment.id)
if g.json:
return jsonify(status='success', message='Comment edited',
token=create_token())
flash('Comment edited successfully.', 'success')
return redirect(url_for('posts.show', id=comment.post.id))
def show(id):
post = get_post(id)
session['token'] = create_token()
return render_template('posts/show.html', post=post)
