def post_delete(id):
user = auth.service.get_user()
if user.is_authorized():
post = Post.get(id)
if post and (post.author == user or post.community.owner == user):
db.session.delete(post)
db.session.commit()
return jsonify({'status': 'ok', 'community': post.community.as_dict()})
return jsonify({'status': 'fail'})
def post_form(community_id, id=None):
user = auth.service.get_user()
community = Community.get(community_id)
post = Post.get(id) if id else Post()
if not community or not post:
abort(404)
if not community.has_member(user) and not (id and post.author == user):
abort(403)
return render_template('community/post_form.html', **{'community': community, 'post': post})
def post_save():
v = Validator(request.form)
v.fields('id').integer(nullable=True)
v.field('title').required()
v.field('text').required()
v.field('community_id').required().integer()
user = auth.service.get_user()
if not user.is_authorized():
abort(403)
if not v.is_valid():
return jsonify({
'status': 'fail',
'errors': v.errors
})
data = v.valid_data
if not data.id:
post = Post()
post.community_id = data.community_id
else:
post = Post.get(data.id)
if not post:
abort(400)
if post.author and post.author != user:
abort(403)
post.title = data.title
post.text = data.text
post.author = user
db.session.add(post)
db.session.commit()
return jsonify({
'status': 'ok',
'post': post.as_dict()
})
def post_page(community_id, id):
post = Post.get(id)
post.increment_views()
return render_template('community/post_one.html', **{'post': post})
