def showPosts(): # If the user is not logged in show a message and redirect him to a non-admin site. if not controller.user.isAuthorized(): flash('You are not authorized to access this site.') return redirect(url_for('blog.default')) # Render the admin page and display all posts. return render_template("admin.html", posts=database.getDbConn('blog').posts.find())
def deletePost(): # If the user is not logged in show a message and redirect him to a non-admin site. if not controller.user.isAuthorized(): flash('You are not authorized to access this site.') return redirect(url_for('showPosts')) # Get a db connection. db = database.getDbConn('blog') collection = db.posts # Remove the post with the id given as parameter from the collection. collection.remove({'_id' : ObjectId(request.args.get('id', ''))}) # Flash a message of success and redirect to the admin panel. flash('The post was successfully removed.') return redirect(url_for('admin.default'))
def modifyPost(): # If the user is not logged in show a message and redirect him to a non-admin site. if not controller.user.isAuthorized(): flash('You are not authorized to access this site.') return redirect(url_for('blog.default')) # Request a database connection. db = database.getDbConn('blog') if db == None: flash('A connection to the database could not be established.') return redirect(url_for('admin.default')) collection = db.posts # If the form was already submitted, validate it and then insert it. if request.method == 'POST': error = "" if not request.form['title']: error += "The title field may not be empty." if not request.form['author']: error += "The author field may not be empty." if not request.form['content']: error += "The content field may not be empty." if error: post = {'title' : request.form['title'], 'author' : request.form['author'], 'content' : request.form['content']} return render_template('posts/modify.html', post=post, error=error) # Insert the modified post into the collection. post = {'title' : request.form['title'], 'author' : request.form['author'], 'content' : request.form['content']} collection.update_one({'_id' : ObjectId(request.form['id'])}, { '$set' : post}, upsert = False) flash('The post was successfully changed.') return redirect(url_for('admin.default')) else: # If the form was not yet submitted, retrieve the original post and fill the form with it. post = collection.find_one({'_id' : ObjectId(request.args.get('id', ''))}) if post == None: flash('No post with the specified id found.') return redirect(url_for('admin.default')) return render_template('posts/modify.html', post=post, error=None)
def addPost(): # If the user is not logged in show a message and redirect him to a non-admin site. if not controller.user.isAuthorized(): flash('You are not authorized to access this site.') return redirect(url_for('blog.default')) # If the form was already submitted, validate it and, if valid, submit it. if request.method == "POST": # Validate the form. If there happens to be an error, the string 'error' will not be empty. #TODO: Validate this further. error = "" if not request.form['title']: error = "The title field may not be empty.\n" if not request.form['author']: error += "The author field may not be empty.\n" if not request.form['content']: error += "The content field may not be empty.\n" # If the validation fails we display the same template with the generated errors. if error: return render_template('posts/new.html', error=error) # Request a database connection and insert the validated post into the collection. db = database.getDbConn('blog') if db == None: flash('A connection to the database could not be established.') return render_template(url_for('admin.default')) collection = db.posts post = {'title' : request.form['title'], 'author' : request.form['author'], 'content' : request.form['content']} collection.insert_one(post) #TODO: Check if this never fails? flash('The post was added successfully.') return redirect(url_for('admin.default')) else: # If the form is not yet submitted, show the form and show no errors. return render_template('posts/new.html', error=None)
def showPosts(): # Request a database connection and get all posts to display them. db = database.getDbConn('blog') if db == None: return render_template("posts.html", posts=None) return render_template("posts.html", posts=db.posts.find())