def edit_single(id):
message = Message.query.filter_by(id=id).first()
form = MessageForm()
if 'email' not in session:
flash('Login to Modify this Note', 'danger')
return redirect('/login')
usr_in_ses = User.query.filter_by(email=session['email']).first()
if not usr_in_ses.admin:
if usr_in_ses.email != message.owner.email:
flash('Unauthorized to Edit this Note', 'danger')
return redirect(f'/messages/single/{message.id}')
if form.validate_on_submit():
message.title = form.title.data
message.content = form.content.data
message.category = form.category.data
message.shift = form.shift.data
message.pub_date = datetime.utcnow()
message.status = 0
db.session.commit()
flash('Successfully updated note', 'success')
return redirect('/messages')
return render_template('messages/edit.html',
title="Edit",
form=form,
message=message)
def newpost():
if 'email' not in session:
flash('Login to Leave a Note', 'danger')
return redirect('/login')
form = MessageForm()
owner = User.query.filter_by(email=session['email']).first()
if form.validate_on_submit():
message = Message(title=form.title.data,
content=form.content.data,
category=form.category.data,
shift=form.shift.data,
owner=owner)
db.session.add(message)
db.session.commit()
flash("Posted Note Successfully", 'success')
return redirect('/messages')
def messages_add():
"""Add a message:
Show form if GET. If valid, update message and redirect to user page.
"""
if not g.user:
flash("Access unauthorized.", "danger")
return redirect("/")
form = MessageForm()
if form.validate_on_submit():
msg = Message(text=form.text.data)
g.user.messages.append(msg)
db.session.commit()
return redirect(f"/users/{g.user.id}")
return render_template('messages/new.html', form=form)