def post_form(community_id, id=None):
user = auth.service.get_user()
community = Community.get(community_id)
post = Post.get(id) if id else Post()
if not community or not post:
abort(404)
if not community.has_member(user) and not (id and post.author == user):
abort(403)
return render_template('community/post_form.html', **{'community': community, 'post': post})
def post_create():
current_admin = get_jwt_identity()
data = json.loads(request.data)
title = data['title']
content = data['content']
admin = Admin.find_admin_by_email(current_admin['email'])
try:
post = Post(title=title, content=content, admin_id=admin.id)
db.session.add(post)
db.session.commit()
post_schema = PostSchema()
post_result = post_schema.dump(post)
response_object = {
'status': 'success',
'message': 'Successfully created a Post',
'post': post_result[0]
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {
'status': 'fail',
'message': 'Could not create a Post',
'error': ','.join(e.args)
}
return make_response(jsonify(response_object)), 500
def post_delete(pk):
current_admin = get_jwt_identity()
try:
post = Post.find_post_by_id(pk)
if post:
if post.admin_id == current_admin['id']:
db.session.delete(post)
db.session.commit()
response_object = {
'status': 'success',
'message': 'Successfully deleted post',
}
return make_response(jsonify(response_object)), 200
else:
response_object = {
'status': 'fail',
'message': 'Not authorized to delete this post',
}
return make_response(jsonify(response_object)), 403
else:
response_object = {
'status': 'fail',
'message': 'Could not find post',
}
return make_response(jsonify(response_object)), 404
except Exception as e:
response_object = {
'status': 'fail',
'message': 'Could not delete post',
'error': ','.join(e.args)
}
return make_response(jsonify(response_object)), 500
def admin_post():
form = AdminPostForm(request.form)
if request.method == 'POST' and form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
author_id=current_user.id)
db.session.add(post)
db.session.commit()
return redirect(url_for('main.index'))
return render_template('admin/admin_post.html', form=form)
def test_create_post(self):
guser = users.get_current_user()
Post(title='fake post title').put()
new_post = Post.find_by_properties(title='fake post title')
self.assertIsNotNone(new_post.created)
self.assertEqual(new_post.created_by, guser)
self.assertIsNotNone(new_post.modified)
self.assertEqual(new_post.modified_by, guser)
def post_delete(id):
user = auth.service.get_user()
if user.is_authorized():
post = Post.get(id)
if post and (post.author == user or post.community.owner == user):
db.session.delete(post)
db.session.commit()
return jsonify({'status': 'ok', 'community': post.community.as_dict()})
return jsonify({'status': 'fail'})
def post_get(pk):
try:
post = Post.find_post_by_id(pk)
if post:
post_schema = PostSchema(many=True)
post_result = post_schema.dump(post)
return make_response(jsonify(post_result[0][0])), 200
else:
return make_response({'message': 'Post could not be found.'}), 404
except IntegrityError:
return make_response({'message': 'Post could not be found.'}), 404
def save_post():
guser = users.get_current_user()
if not guser:
return redirect(url_for('home'))
post = Post()
post.stub = sanitize_input(request.form['stub'])
post.title = sanitize_input(request.form['title'])
post.body = sanitize_input(request.form['body'])
post.publish_date = sanitize_input(request.form['publish_date'])
post.put()
def post_update(pk):
current_admin = get_jwt_identity()
try:
post = Post.find_post_by_id(pk)
if post:
if post.admin_id == current_admin['id']:
data = json.loads(request.data)
if data['title']:
title = data['title']
post.title = title
if data['content']:
content = data['content']
post.content = content
db.session.commit()
post_schema = PostSchema()
post_result = post_schema.dump(post)
response_object = {
'status': 'success',
'message': 'Successfully updated post',
'post': post_result[0]
}
return make_response(jsonify(response_object)), 200
else:
response_object = {
'status': 'fail',
'message': 'Not authorized to edit this post',
}
return make_response(jsonify(response_object)), 403
else:
response_object = {
'status': 'fail',
'message': 'Could not find post',
}
return make_response(jsonify(response_object)), 404
except Exception as e:
response_object = {
'status': 'fail',
'message': 'Could not update post',
'error': ','.join(e.args)
}
return make_response(jsonify(response_object)), 500
def post_save():
v = Validator(request.form)
v.fields('id').integer(nullable=True)
v.field('title').required()
v.field('text').required()
v.field('community_id').required().integer()
user = auth.service.get_user()
if not user.is_authorized():
abort(403)
if not v.is_valid():
return jsonify({
'status': 'fail',
'errors': v.errors
})
data = v.valid_data
if not data.id:
post = Post()
post.community_id = data.community_id
else:
post = Post.get(data.id)
if not post:
abort(400)
if post.author and post.author != user:
abort(403)
post.title = data.title
post.text = data.text
post.author = user
db.session.add(post)
db.session.commit()
return jsonify({
'status': 'ok',
'post': post.as_dict()
})
def post_page(community_id, id):
post = Post.get(id)
post.increment_views()
return render_template('community/post_one.html', **{'post': post})