def update_feedback(feedback_id): feedback = Feedback.query.get(feedback_id) if "username" not in session or feedback.username != session['username']: raise Unauthorized() form = FeedbackForm(obj=feedback) if form.validate_on_submit(): form.populate_obj(feedback) db.session.commit() return redirect(url_for("users", username=session['username'])) return render_template("/feedback/edit.html", form=form, feedback=feedback)
def update_feedback(feedback_id): if 'username' not in session: flash('Please login first', 'warning') return redirect('/') feedback = Feedback.query.get_or_404(feedback_id) form = FeedbackForm(obj=feedback) if session['username'] == feedback.username: if form.validate_on_submit(): form.populate_obj(feedback) db.session.commit() flash('Feedback Updated', 'success') return redirect(f'/users/{session["username"]}') return render_template('update-feedback.html', form=form) flash("You don't have permission to do that", "warning") return redirect('/')
def add_feedback(username): if 'username' not in session: flash('Please login first', 'warning') return redirect('/') user = User.query.filter_by(username=username).first_or_404() feedback = Feedback() form = FeedbackForm() if session['username'] == user.username: if form.validate_on_submit(): form.populate_obj(feedback) feedback.username = session['username'] db.session.add(feedback) db.session.commit() flash("Feedback Created", 'success') return redirect(f'/users/{session["username"]}') return render_template('feedback-form.html', form=form) flash("You don't have permission to do that", "warning") return redirect('/')