def delete(id): if not g.user: abort(403) post = get_post(id) if request.method == 'GET': session['token'] = create_token() return render_template('posts/delete.html', post=post) if not validate_token(): return redirect(url_for('posts.delete', id=post.id)) if request.form['action'] != 'delete': return redirect(url_for('posts.show', id=post.id)) app.logger.info('Deleting post %d', post.id) for comment in post.comments: db.session.delete(comment) db.session.delete(post) db.session.commit() flash('Post deleted!', 'success') return redirect(url_for('index'))
def edit(id): if not g.user: abort(403) post = get_post(id) res, tags = preprocess(post, True) if res: return res post.title = request.form['title'] post.content = request.form['content'] post.tags = tags db.session.commit() app.logger.info('Edited post %d', post.id) flash('Post edited successfully.', 'success') return redirect(url_for('posts.show', id=post.id))
def create(): try: post_id = int(request.form['post_id']) except ValueError: abort(400) post = get_post(post_id) if g.user: comment = Comment(request.form['content'], post, user=g.user) else: comment = Comment(request.form['content'], post, username=request.form['username']) if not request.form['username']: if g.json: return jsonify(status='error', message='You have to add a name.', token=create_token()) flash('You have to add a name.', 'error') session['token'] = create_token() return render_template('comments/edit.html', comment=comment, post=post, edit=False) res = preprocess(comment, post=post) if res: return res db.session.add(comment) db.session.commit() app.logger.info('Created comment %d', comment.id) if g.json: return jsonify(status='success', message='Comment added.', token=create_token(), id=comment.id) flash('Comment created.', 'success') return redirect(url_for('posts.show', id=post_id))
def show(id): post = get_post(id) session['token'] = create_token() return render_template('posts/show.html', post=post)