def update_feedback(feedback_id):
feedback = Feedback.query.get(feedback_id)
if "username" not in session or feedback.username != session['username']:
raise Unauthorized()
form = FeedbackForm(obj=feedback)
if form.validate_on_submit():
form.populate_obj(feedback)
db.session.commit()
return redirect(url_for("users", username=session['username']))
return render_template("/feedback/edit.html", form=form, feedback=feedback)
def update_feedback(feedback_id):
if 'username' not in session:
flash('Please login first', 'warning')
return redirect('/')
feedback = Feedback.query.get_or_404(feedback_id)
form = FeedbackForm(obj=feedback)
if session['username'] == feedback.username:
if form.validate_on_submit():
form.populate_obj(feedback)
db.session.commit()
flash('Feedback Updated', 'success')
return redirect(f'/users/{session["username"]}')
return render_template('update-feedback.html', form=form)
flash("You don't have permission to do that", "warning")
return redirect('/')
def add_feedback(username):
if 'username' not in session:
flash('Please login first', 'warning')
return redirect('/')
user = User.query.filter_by(username=username).first_or_404()
feedback = Feedback()
form = FeedbackForm()
if session['username'] == user.username:
if form.validate_on_submit():
form.populate_obj(feedback)
feedback.username = session['username']
db.session.add(feedback)
db.session.commit()
flash("Feedback Created", 'success')
return redirect(f'/users/{session["username"]}')
return render_template('feedback-form.html', form=form)
flash("You don't have permission to do that", "warning")
return redirect('/')
