def updatePostCounts(postId): post = Post.query.filter_by(id=postId).first() post.messageCount = Post.getMessageCount(postId) user = User.query.filter_by(id=current_user.id).first() user.messageCount = User.getMessageCount(current_user.id) db.session().commit()
def deletePost(postId): if not current_user.is_admin(): return homeController.homeWithCustomError("You are missing user rights required for this operation") Post.query.filter_by(id=postId).delete() db.session().commit() return homeController.homeWithCustomMessage("Post removed successfully")
def deleteUser(userId): if (current_user.is_admin()): User.query.filter(User.id == userId).delete() db.session().commit() if (userId == current_user.id): logout_user() return redirect("/") return render_template("administration/index.html", users=User.query.all())
def updatePostCounts(areaId): if (areaId != -1): area = Area.query.filter_by(id=areaId).first() area.messageCount = Area.getMessageCount(areaId) user = User.query.filter_by(id=current_user.id).first() user.messageCount = User.getMessageCount(current_user.id) db.session().commit()
def editAnswer(answerId): form = EditForm(request.form) text = form.content.data answer = Answer.query.filter_by(id = answerId).first() answer.content = text db.session().commit() return postController.openPost(answer.post_id)
def createAnswer(postId): form = AnswerForm(request.form) text = form.content.data answer = Answer(text, current_user.id, postId) db.session().add(answer) db.session().commit() updatePostCounts(postId) return postController.openPost(postId)
def deleteGroup(groupId): if not current_user.is_admin(): return homeController.homeWithCustomError("You are missing user rights required for this operation") Group.query.filter_by(id=groupId).delete() Groupuser.query.filter_by(group_id=groupId).delete() Post.deleteGroupPosts(groupId) db.session().commit() return homeController.homeWithCustomMessage("Group removed successfully")
def newGroupPost(groupId): form = PostForm(request.form) if not form.validate(): return groupController.openGroup(groupId) name = form.name.data text = form.text.data post = Post(name, text, current_user.id, None, groupId) db.session().add(post) db.session().commit() return openPost(post.id)
def createArea(): form = AreaForm(request.form) if not form.validate(): return homeController.home() name = form.name.data area = Area.query.filter_by(name=name).first() if area: return homeController.homeWithCustomError("Area name must be unique") area = Area(name) db.session().add(area) db.session().commit() return homeController.homeWithCustomMessage("Area created successfully")
def changePassword(): form = ChangePasswordForm(request.form) if not form.validate(): return changePasswordPage() oldPassword = form.oldPassword.data newPassword = form.password.data if (current_user.password == oldPassword): current_user.password = newPassword db.session().commit() return render_template("home/index.html", message="Password changed successfully") return render_template("home/index.html", error="Password change failed")
def createPost(areaId): form = PostForm(request.form) if not form.validate(): return areaController.openArea(areaId) name = form.name.data text = form.text.data post = Post(name, text, current_user.id, areaId, None) db.session().add(post) db.session().commit() updatePostCounts(areaId) return openPost(post.id)
def deletePost(postId): if not current_user.is_admin(): return homeController.homeWithCustomError( "You are missing user rights required for this operation") post = Post.query.filter_by(id=postId).first() if post.area_id: updatePostCounts(post.area_id) else: updatePostCounts(-1) Post.query.filter_by(id=postId).delete() db.session().commit() Answer.deleteUnconnectedAnswers() return homeController.homeWithCustomMessage("Post removed successfully")
def register(): form = LoginForm(request.form) if not form.validate(): return registerIndex() username = form.username.data password = form.password.data user = User.query.filter_by(username=username).first() if user: return render_template("login/register.html", form=LoginForm() , error = "Username is already in use") else: user = User(username, password) db.session().add(user) db.session().commit() return render_template("login/index.html", form=LoginForm(), error = "Luonti onnistui")
def addUserToGroup(groupId): if not canSeeGroupPost(groupId, current_user.id): return homeController.homeWithCustomError("You need to be a member in the group to complete this operation") form = AddUserToGroupForm(request.form) if not form.validate(): return homeController.home() username = form.username.data user = User.query.filter_by(username=username).first() if not user: return homeController.homeWithCustomError("user not found") groupUser = Groupuser(user.id, groupId) db.session().add(groupUser) db.session().commit() return openGroup(groupId)
def createGroup(): form = GroupForm(request.form) if not form.validate(): return homeController.home() name = form.name.data group = Group.query.filter_by(name=name).first() if group: return homeController.homeWithCustomError("Group name must be unique") group = Group(name) db.session().add(group) db.session().commit() groupUser = Groupuser(current_user.id, group.id) db.session().add(groupUser) db.session().commit() return homeController.homeWithCustomMessage("Group created successfully")
def removeAdminRights(userId): if (current_user.is_admin()): User.query.filter(User.id == userId).first().admin = False db.session().commit() return render_template("administration/index.html", users=User.query.all())