def handle_add_notes(username): """ Display form to add notes for the logged in user. Add new note and redirect to user detail. """ if session.get('user_id') != username: flash("You are not authorized to add notes to this user!") return redirect('/') form = NoteForm() if form.validate_on_submit(): new_note = Note() form.populate_obj(new_note) new_note.owner = username db.session.add(new_note) db.session.commit() flash("Note has been added") return redirect(f"/users/{username}") else: return render_template("add_notes.html", form=form)
def edit(self, note_id): if not users.get_current_user(): webapp2.abort(401) note = db.get(db.Key.from_path('Note', int(note_id))) form = NoteForm(self.get_locale(), self.request.POST, note) if self.request.POST and form.validate(): form.populate_obj(note) note.date = datetime.now() note.put() return self.redirect('/note/list') self.render_template('form.html', {'title': _('Note'), 'form': form, 'name': 'note', 'id': note.key().id()})
def handle_update_note(note_id): """ Display form to update notes for the logged in user. Update note and redirect to user detail. """ note = Note.query.get_or_404(note_id) if session.get('user_id') != note.owner: flash("You are not authorized to update this note!") return redirect('/') form = NoteForm(obj=note) if form.validate_on_submit(): form.populate_obj(note) db.session.commit() flash("Note has been updated!") return redirect(f"/users/{note.owner}") else: return render_template("update_notes.html", form=form)